1 files changed, 85 insertions, 34 deletions
diff --git a/readconf.c b/readconf.c
index eb4a8b9ee..91dfa566f 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.190 2010/11/13 23:27:50 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.193 2011/05/24 07:15:47 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -134,7 +134,7 @@ typedef enum {
        oHashKnownHosts,
        oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
        oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
-        oKexAlgorithms, oIPQoS,
+        oKexAlgorithms, oIPQoS, oRequestTTY,
        oDeprecated, oUnsupported
 } OpCodes;
@@ -193,9 +193,9 @@ static struct {
        { "host", oHost },
        { "escapechar", oEscapeChar },
        { "globalknownhostsfile", oGlobalKnownHostsFile },
-        { "globalknownhostsfile2", oGlobalKnownHostsFile2 },    /* obsolete */
+        { "globalknownhostsfile2", oDeprecated },
        { "userknownhostsfile", oUserKnownHostsFile },
-        { "userknownhostsfile2", oUserKnownHostsFile2 },        /* obsolete */
+        { "userknownhostsfile2", oDeprecated }, 
        { "connectionattempts", oConnectionAttempts },
        { "batchmode", oBatchMode },
        { "checkhostip", oCheckHostIP },
@@ -245,6 +245,7 @@ static struct {
 #endif
        { "kexalgorithms", oKexAlgorithms },
        { "ipqos", oIPQoS },
+        { "requesttty", oRequestTTY },
        { NULL, oBadOption }
 };
@@ -353,8 +354,10 @@ process_config_line(Options *options, const char *host,
                    char *line, const char *filename, int linenum,
                    int *activep)
 {
-        char *s, **charptr, *endofnumber, *keyword, *arg, *arg2, fwdarg[256];
+        char *s, **charptr, *endofnumber, *keyword, *arg, *arg2;
-        int opcode, *intptr, value, value2, scale;
+        char **cpptr, fwdarg[256];
+        u_int *uintptr, max_entries = 0;
+        int negated, opcode, *intptr, value, value2, scale;
        LogLevel *log_level_ptr;
        long long orig, val64;
        size_t len;
@@ -597,26 +600,33 @@ parse_yesnoask:
 parse_string:
                arg = strdelim(&s);
                if (!arg || *arg == '\0')
-                        fatal("%.200s line %d: Missing argument.", filename, linenum);
+                        fatal("%.200s line %d: Missing argument.",
+                            filename, linenum);
                if (*activep && *charptr == NULL)
                        *charptr = xstrdup(arg);
                break;
        case oGlobalKnownHostsFile:
-                charptr = &options->system_hostfile;
+                cpptr = (char **)&options->system_hostfiles;
-                goto parse_string;
+                uintptr = &options->num_system_hostfiles;
+                max_entries = SSH_MAX_HOSTS_FILES;
+parse_char_array:
+                if (*activep && *uintptr == 0) {
+                        while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
+                                if ((*uintptr) >= max_entries)
+                                        fatal("%s line %d: "
+                                            "too many authorized keys files.",
+                                            filename, linenum);
+                                cpptr[(*uintptr)++] = xstrdup(arg);
+                        }
+                }
+                return 0;
        case oUserKnownHostsFile:
-                charptr = &options->user_hostfile;
+                cpptr = (char **)&options->user_hostfiles;
-                goto parse_string;
+                uintptr = &options->num_user_hostfiles;
+                max_entries = SSH_MAX_HOSTS_FILES;
-        case oGlobalKnownHostsFile2:
+                goto parse_char_array;
-                charptr = &options->system_hostfile2;
-                goto parse_string;
-        case oUserKnownHostsFile2:
-                charptr = &options->user_hostfile2;
-                goto parse_string;
        case oHostName:
                charptr = &options->hostname;
@@ -793,12 +803,28 @@ parse_int:
        case oHost:
                *activep = 0;
-                while ((arg = strdelim(&s)) != NULL && *arg != '\0')
+                arg2 = NULL;
+                while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
+                        negated = *arg == '!';
+                        if (negated)
+                                arg++;
                        if (match_pattern(host, arg)) {
-                                debug("Applying options for %.100s", arg);
+                                if (negated) {
+                                        debug("%.200s line %d: Skipping Host "
+                                            "block because of negated match "
+                                            "for %.100s", filename, linenum,
+                                            arg);
+                                        *activep = 0;
+                                        break;
+                                }
+                                if (!*activep)
+                                        arg2 = arg; /* logged below */
                                *activep = 1;
-                                break;
                        }
+                }
+                if (*activep)
+                        debug("%.200s line %d: Applying options for %.100s",
+                            filename, linenum, arg2);
                /* Avoid garbage check below, as strdelim is done. */
                return 0;
@@ -997,6 +1023,26 @@ parse_int:
                intptr = &options->use_roaming;
                goto parse_flag;
+        case oRequestTTY:
+                arg = strdelim(&s);
+                if (!arg || *arg == '\0')
+                        fatal("%s line %d: missing argument.",
+                            filename, linenum);
+                intptr = &options->request_tty;
+                if (strcasecmp(arg, "yes") == 0)
+                        value = REQUEST_TTY_YES;
+                else if (strcasecmp(arg, "no") == 0)
+                        value = REQUEST_TTY_NO;
+                else if (strcasecmp(arg, "force") == 0)
+                        value = REQUEST_TTY_FORCE;
+                else if (strcasecmp(arg, "auto") == 0)
+                        value = REQUEST_TTY_AUTO;
+                else
+                        fatal("Unsupported RequestTTY \"%s\"", arg);
+                if (*activep && *intptr == -1)
+                        *intptr = value;
+                break;
        case oDeprecated:
                debug("%s line %d: Deprecated option \"%s\"",
                    filename, linenum, keyword);
@@ -1121,10 +1167,8 @@ initialize_options(Options * options)
        options->proxy_command = NULL;
        options->user = NULL;
        options->escape_char = -1;
-        options->system_hostfile = NULL;
+        options->num_system_hostfiles = 0;
-        options->user_hostfile = NULL;
+        options->num_user_hostfiles = 0;
-        options->system_hostfile2 = NULL;
-        options->user_hostfile2 = NULL;
        options->local_forwards = NULL;
        options->num_local_forwards = 0;
        options->remote_forwards = NULL;
@@ -1157,6 +1201,7 @@ initialize_options(Options * options)
        options->zero_knowledge_password_authentication = -1;
        options->ip_qos_interactive = -1;
        options->ip_qos_bulk = -1;
+        options->request_tty = -1;
 }
 /*
@@ -1263,14 +1308,18 @@ fill_default_options(Options * options)
        }
        if (options->escape_char == -1)
                options->escape_char = '~';
-        if (options->system_hostfile == NULL)
+        if (options->num_system_hostfiles == 0) {
-                options->system_hostfile = _PATH_SSH_SYSTEM_HOSTFILE;
+                options->system_hostfiles[options->num_system_hostfiles++] =
-        if (options->user_hostfile == NULL)
+                    xstrdup(_PATH_SSH_SYSTEM_HOSTFILE);
-                options->user_hostfile = _PATH_SSH_USER_HOSTFILE;
+                options->system_hostfiles[options->num_system_hostfiles++] =
-        if (options->system_hostfile2 == NULL)
+                    xstrdup(_PATH_SSH_SYSTEM_HOSTFILE2);
-                options->system_hostfile2 = _PATH_SSH_SYSTEM_HOSTFILE2;
+        }
-        if (options->user_hostfile2 == NULL)
+        if (options->num_user_hostfiles == 0) {
-                options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2;
+                options->user_hostfiles[options->num_user_hostfiles++] =
+                    xstrdup(_PATH_SSH_USER_HOSTFILE);
+                options->user_hostfiles[options->num_user_hostfiles++] =
+                    xstrdup(_PATH_SSH_USER_HOSTFILE2);
+        }
        if (options->log_level == SYSLOG_LEVEL_NOT_SET)
                options->log_level = SYSLOG_LEVEL_INFO;
        if (options->clear_forwardings == 1)
@@ -1315,6 +1364,8 @@ fill_default_options(Options * options)
                options->ip_qos_interactive = IPTOS_LOWDELAY;
        if (options->ip_qos_bulk == -1)
                options->ip_qos_bulk = IPTOS_THROUGHPUT;
+        if (options->request_tty == -1)
+                options->request_tty = REQUEST_TTY_AUTO;
        /* options->local_command should not be set by default */
        /* options->proxy_command should not be set by default */
        /* options->user will be set in the main program if appropriate */

diff --git a/readconf.c b/readconf.c index eb4a8b9ee..91dfa566f 100644 --- a/readconf.c +++ b/readconf.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: readconf.c,v 1.190 2010/11/13 23:27:50 djm Exp $ */	1	/* $OpenBSD: readconf.c,v 1.193 2011/05/24 07:15:47 djm Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -134,7 +134,7 @@ typedef enum {
134	oHashKnownHosts,	134	oHashKnownHosts,
135	oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,	135	oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
136	oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,	136	oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
137	oKexAlgorithms, oIPQoS,	137	oKexAlgorithms, oIPQoS, oRequestTTY,
138	oDeprecated, oUnsupported	138	oDeprecated, oUnsupported
139	} OpCodes;	139	} OpCodes;
140		140
@@ -193,9 +193,9 @@ static struct {
193	{ "host", oHost },	193	{ "host", oHost },
194	{ "escapechar", oEscapeChar },	194	{ "escapechar", oEscapeChar },
195	{ "globalknownhostsfile", oGlobalKnownHostsFile },	195	{ "globalknownhostsfile", oGlobalKnownHostsFile },
196	{ "globalknownhostsfile2", oGlobalKnownHostsFile2 }, /* obsolete */	196	{ "globalknownhostsfile2", oDeprecated },
197	{ "userknownhostsfile", oUserKnownHostsFile },	197	{ "userknownhostsfile", oUserKnownHostsFile },
198	{ "userknownhostsfile2", oUserKnownHostsFile2 }, /* obsolete */	198	{ "userknownhostsfile2", oDeprecated },
199	{ "connectionattempts", oConnectionAttempts },	199	{ "connectionattempts", oConnectionAttempts },
200	{ "batchmode", oBatchMode },	200	{ "batchmode", oBatchMode },
201	{ "checkhostip", oCheckHostIP },	201	{ "checkhostip", oCheckHostIP },
@@ -245,6 +245,7 @@ static struct {
245	#endif	245	#endif
246	{ "kexalgorithms", oKexAlgorithms },	246	{ "kexalgorithms", oKexAlgorithms },
247	{ "ipqos", oIPQoS },	247	{ "ipqos", oIPQoS },
		248	{ "requesttty", oRequestTTY },
248		249
249	{ NULL, oBadOption }	250	{ NULL, oBadOption }
250	};	251	};
@@ -353,8 +354,10 @@ process_config_line(Options options, const char host,
353	char line, const char filename, int linenum,	354	char line, const char filename, int linenum,
354	int *activep)	355	int *activep)
355	{	356	{
356	char s, charptr, endofnumber, keyword, arg, *arg2, fwdarg[256];	357	char s, charptr, endofnumber, keyword, arg, *arg2;
357	int opcode, *intptr, value, value2, scale;	358	char **cpptr, fwdarg[256];
		359	u_int *uintptr, max_entries = 0;
		360	int negated, opcode, *intptr, value, value2, scale;
358	LogLevel *log_level_ptr;	361	LogLevel *log_level_ptr;
359	long long orig, val64;	362	long long orig, val64;
360	size_t len;	363	size_t len;
@@ -597,26 +600,33 @@ parse_yesnoask:
597	parse_string:	600	parse_string:
598	arg = strdelim(&s);	601	arg = strdelim(&s);
599	if (!arg \|\| *arg == '\0')	602	if (!arg \|\| *arg == '\0')
600	fatal("%.200s line %d: Missing argument.", filename, linenum);	603	fatal("%.200s line %d: Missing argument.",
		604	filename, linenum);
601	if (activep && charptr == NULL)	605	if (activep && charptr == NULL)
602	*charptr = xstrdup(arg);	606	*charptr = xstrdup(arg);
603	break;	607	break;
604		608
605	case oGlobalKnownHostsFile:	609	case oGlobalKnownHostsFile:
606	charptr = &options->system_hostfile;	610	cpptr = (char **)&options->system_hostfiles;
607	goto parse_string;	611	uintptr = &options->num_system_hostfiles;
		612	max_entries = SSH_MAX_HOSTS_FILES;
		613	parse_char_array:
		614	if (activep && uintptr == 0) {
		615	while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
		616	if ((*uintptr) >= max_entries)
		617	fatal("%s line %d: "
		618	"too many authorized keys files.",
		619	filename, linenum);
		620	cpptr[(*uintptr)++] = xstrdup(arg);
		621	}
		622	}
		623	return 0;
608		624
609	case oUserKnownHostsFile:	625	case oUserKnownHostsFile:
610	charptr = &options->user_hostfile;	626	cpptr = (char **)&options->user_hostfiles;
611	goto parse_string;	627	uintptr = &options->num_user_hostfiles;
612		628	max_entries = SSH_MAX_HOSTS_FILES;
613	case oGlobalKnownHostsFile2:	629	goto parse_char_array;
614	charptr = &options->system_hostfile2;
615	goto parse_string;
616
617	case oUserKnownHostsFile2:
618	charptr = &options->user_hostfile2;
619	goto parse_string;
620		630
621	case oHostName:	631	case oHostName:
622	charptr = &options->hostname;	632	charptr = &options->hostname;
@@ -793,12 +803,28 @@ parse_int:
793		803
794	case oHost:	804	case oHost:
795	*activep = 0;	805	*activep = 0;
796	while ((arg = strdelim(&s)) != NULL && *arg != '\0')	806	arg2 = NULL;
		807	while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
		808	negated = *arg == '!';
		809	if (negated)
		810	arg++;
797	if (match_pattern(host, arg)) {	811	if (match_pattern(host, arg)) {
798	debug("Applying options for %.100s", arg);	812	if (negated) {
		813	debug("%.200s line %d: Skipping Host "
		814	"block because of negated match "
		815	"for %.100s", filename, linenum,
		816	arg);
		817	*activep = 0;
		818	break;
		819	}
		820	if (!*activep)
		821	arg2 = arg; /* logged below */
799	*activep = 1;	822	*activep = 1;
800	break;
801	}	823	}
		824	}
		825	if (*activep)
		826	debug("%.200s line %d: Applying options for %.100s",
		827	filename, linenum, arg2);
802	/* Avoid garbage check below, as strdelim is done. */	828	/* Avoid garbage check below, as strdelim is done. */
803	return 0;	829	return 0;
804		830
@@ -997,6 +1023,26 @@ parse_int:
997	intptr = &options->use_roaming;	1023	intptr = &options->use_roaming;
998	goto parse_flag;	1024	goto parse_flag;
999		1025
		1026	case oRequestTTY:
		1027	arg = strdelim(&s);
		1028	if (!arg \|\| *arg == '\0')
		1029	fatal("%s line %d: missing argument.",
		1030	filename, linenum);
		1031	intptr = &options->request_tty;
		1032	if (strcasecmp(arg, "yes") == 0)
		1033	value = REQUEST_TTY_YES;
		1034	else if (strcasecmp(arg, "no") == 0)
		1035	value = REQUEST_TTY_NO;
		1036	else if (strcasecmp(arg, "force") == 0)
		1037	value = REQUEST_TTY_FORCE;
		1038	else if (strcasecmp(arg, "auto") == 0)
		1039	value = REQUEST_TTY_AUTO;
		1040	else
		1041	fatal("Unsupported RequestTTY \"%s\"", arg);
		1042	if (activep && intptr == -1)
		1043	*intptr = value;
		1044	break;
		1045
1000	case oDeprecated:	1046	case oDeprecated:
1001	debug("%s line %d: Deprecated option \"%s\"",	1047	debug("%s line %d: Deprecated option \"%s\"",
1002	filename, linenum, keyword);	1048	filename, linenum, keyword);
@@ -1121,10 +1167,8 @@ initialize_options(Options * options)
1121	options->proxy_command = NULL;	1167	options->proxy_command = NULL;
1122	options->user = NULL;	1168	options->user = NULL;
1123	options->escape_char = -1;	1169	options->escape_char = -1;
1124	options->system_hostfile = NULL;	1170	options->num_system_hostfiles = 0;
1125	options->user_hostfile = NULL;	1171	options->num_user_hostfiles = 0;
1126	options->system_hostfile2 = NULL;
1127	options->user_hostfile2 = NULL;
1128	options->local_forwards = NULL;	1172	options->local_forwards = NULL;
1129	options->num_local_forwards = 0;	1173	options->num_local_forwards = 0;
1130	options->remote_forwards = NULL;	1174	options->remote_forwards = NULL;
@@ -1157,6 +1201,7 @@ initialize_options(Options * options)
1157	options->zero_knowledge_password_authentication = -1;	1201	options->zero_knowledge_password_authentication = -1;
1158	options->ip_qos_interactive = -1;	1202	options->ip_qos_interactive = -1;
1159	options->ip_qos_bulk = -1;	1203	options->ip_qos_bulk = -1;
		1204	options->request_tty = -1;
1160	}	1205	}
1161		1206
1162	/*	1207	/*
@@ -1263,14 +1308,18 @@ fill_default_options(Options * options)
1263	}	1308	}
1264	if (options->escape_char == -1)	1309	if (options->escape_char == -1)
1265	options->escape_char = '~';	1310	options->escape_char = '~';
1266	if (options->system_hostfile == NULL)	1311	if (options->num_system_hostfiles == 0) {
1267	options->system_hostfile = _PATH_SSH_SYSTEM_HOSTFILE;	1312	options->system_hostfiles[options->num_system_hostfiles++] =
1268	if (options->user_hostfile == NULL)	1313	xstrdup(_PATH_SSH_SYSTEM_HOSTFILE);
1269	options->user_hostfile = _PATH_SSH_USER_HOSTFILE;	1314	options->system_hostfiles[options->num_system_hostfiles++] =
1270	if (options->system_hostfile2 == NULL)	1315	xstrdup(_PATH_SSH_SYSTEM_HOSTFILE2);
1271	options->system_hostfile2 = _PATH_SSH_SYSTEM_HOSTFILE2;	1316	}
1272	if (options->user_hostfile2 == NULL)	1317	if (options->num_user_hostfiles == 0) {
1273	options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2;	1318	options->user_hostfiles[options->num_user_hostfiles++] =
		1319	xstrdup(_PATH_SSH_USER_HOSTFILE);
		1320	options->user_hostfiles[options->num_user_hostfiles++] =
		1321	xstrdup(_PATH_SSH_USER_HOSTFILE2);
		1322	}
1274	if (options->log_level == SYSLOG_LEVEL_NOT_SET)	1323	if (options->log_level == SYSLOG_LEVEL_NOT_SET)
1275	options->log_level = SYSLOG_LEVEL_INFO;	1324	options->log_level = SYSLOG_LEVEL_INFO;
1276	if (options->clear_forwardings == 1)	1325	if (options->clear_forwardings == 1)
@@ -1315,6 +1364,8 @@ fill_default_options(Options * options)
1315	options->ip_qos_interactive = IPTOS_LOWDELAY;	1364	options->ip_qos_interactive = IPTOS_LOWDELAY;
1316	if (options->ip_qos_bulk == -1)	1365	if (options->ip_qos_bulk == -1)
1317	options->ip_qos_bulk = IPTOS_THROUGHPUT;	1366	options->ip_qos_bulk = IPTOS_THROUGHPUT;
		1367	if (options->request_tty == -1)
		1368	options->request_tty = REQUEST_TTY_AUTO;
1318	/* options->local_command should not be set by default */	1369	/* options->local_command should not be set by default */
1319	/* options->proxy_command should not be set by default */	1370	/* options->proxy_command should not be set by default */
1320	/* options->user will be set in the main program if appropriate */	1371	/* options->user will be set in the main program if appropriate */