diff options
Diffstat (limited to 'readconf.c')
-rw-r--r-- | readconf.c | 71 |
1 files changed, 62 insertions, 9 deletions
diff --git a/readconf.c b/readconf.c index 2a5a706ab..0e83f5809 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readconf.c,v 1.183 2010/02/08 10:50:20 markus Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.187 2010/07/19 09:15:12 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -112,8 +112,8 @@ | |||
112 | 112 | ||
113 | typedef enum { | 113 | typedef enum { |
114 | oBadOption, | 114 | oBadOption, |
115 | oForwardAgent, oForwardX11, oForwardX11Trusted, oGatewayPorts, | 115 | oForwardAgent, oForwardX11, oForwardX11Trusted, oForwardX11Timeout, |
116 | oExitOnForwardFailure, | 116 | oGatewayPorts, oExitOnForwardFailure, |
117 | oPasswordAuthentication, oRSAAuthentication, | 117 | oPasswordAuthentication, oRSAAuthentication, |
118 | oChallengeResponseAuthentication, oXAuthLocation, | 118 | oChallengeResponseAuthentication, oXAuthLocation, |
119 | oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, | 119 | oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, |
@@ -132,7 +132,8 @@ typedef enum { | |||
132 | oAddressFamily, oGssAuthentication, oGssDelegateCreds, | 132 | oAddressFamily, oGssAuthentication, oGssDelegateCreds, |
133 | oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey, | 133 | oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey, |
134 | oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, | 134 | oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, |
135 | oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, | 135 | oSendEnv, oControlPath, oControlMaster, oControlPersist, |
136 | oHashKnownHosts, | ||
136 | oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, | 137 | oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, |
137 | oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication, | 138 | oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication, |
138 | oProtocolKeepAlives, oSetupTimeOut, | 139 | oProtocolKeepAlives, oSetupTimeOut, |
@@ -148,6 +149,7 @@ static struct { | |||
148 | { "forwardagent", oForwardAgent }, | 149 | { "forwardagent", oForwardAgent }, |
149 | { "forwardx11", oForwardX11 }, | 150 | { "forwardx11", oForwardX11 }, |
150 | { "forwardx11trusted", oForwardX11Trusted }, | 151 | { "forwardx11trusted", oForwardX11Trusted }, |
152 | { "forwardx11timeout", oForwardX11Timeout }, | ||
151 | { "exitonforwardfailure", oExitOnForwardFailure }, | 153 | { "exitonforwardfailure", oExitOnForwardFailure }, |
152 | { "xauthlocation", oXAuthLocation }, | 154 | { "xauthlocation", oXAuthLocation }, |
153 | { "gatewayports", oGatewayPorts }, | 155 | { "gatewayports", oGatewayPorts }, |
@@ -238,6 +240,7 @@ static struct { | |||
238 | { "sendenv", oSendEnv }, | 240 | { "sendenv", oSendEnv }, |
239 | { "controlpath", oControlPath }, | 241 | { "controlpath", oControlPath }, |
240 | { "controlmaster", oControlMaster }, | 242 | { "controlmaster", oControlMaster }, |
243 | { "controlpersist", oControlPersist }, | ||
241 | { "hashknownhosts", oHashKnownHosts }, | 244 | { "hashknownhosts", oHashKnownHosts }, |
242 | { "tunnel", oTunnel }, | 245 | { "tunnel", oTunnel }, |
243 | { "tunneldevice", oTunnelDevice }, | 246 | { "tunneldevice", oTunnelDevice }, |
@@ -271,8 +274,9 @@ add_local_forward(Options *options, const Forward *newfwd) | |||
271 | if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0) | 274 | if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0) |
272 | fatal("Privileged ports can only be forwarded by root."); | 275 | fatal("Privileged ports can only be forwarded by root."); |
273 | #endif | 276 | #endif |
274 | if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) | 277 | options->local_forwards = xrealloc(options->local_forwards, |
275 | fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); | 278 | options->num_local_forwards + 1, |
279 | sizeof(*options->local_forwards)); | ||
276 | fwd = &options->local_forwards[options->num_local_forwards++]; | 280 | fwd = &options->local_forwards[options->num_local_forwards++]; |
277 | 281 | ||
278 | fwd->listen_host = newfwd->listen_host; | 282 | fwd->listen_host = newfwd->listen_host; |
@@ -290,15 +294,17 @@ void | |||
290 | add_remote_forward(Options *options, const Forward *newfwd) | 294 | add_remote_forward(Options *options, const Forward *newfwd) |
291 | { | 295 | { |
292 | Forward *fwd; | 296 | Forward *fwd; |
293 | if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) | 297 | |
294 | fatal("Too many remote forwards (max %d).", | 298 | options->remote_forwards = xrealloc(options->remote_forwards, |
295 | SSH_MAX_FORWARDS_PER_DIRECTION); | 299 | options->num_remote_forwards + 1, |
300 | sizeof(*options->remote_forwards)); | ||
296 | fwd = &options->remote_forwards[options->num_remote_forwards++]; | 301 | fwd = &options->remote_forwards[options->num_remote_forwards++]; |
297 | 302 | ||
298 | fwd->listen_host = newfwd->listen_host; | 303 | fwd->listen_host = newfwd->listen_host; |
299 | fwd->listen_port = newfwd->listen_port; | 304 | fwd->listen_port = newfwd->listen_port; |
300 | fwd->connect_host = newfwd->connect_host; | 305 | fwd->connect_host = newfwd->connect_host; |
301 | fwd->connect_port = newfwd->connect_port; | 306 | fwd->connect_port = newfwd->connect_port; |
307 | fwd->allocated_port = 0; | ||
302 | } | 308 | } |
303 | 309 | ||
304 | static void | 310 | static void |
@@ -311,12 +317,20 @@ clear_forwardings(Options *options) | |||
311 | xfree(options->local_forwards[i].listen_host); | 317 | xfree(options->local_forwards[i].listen_host); |
312 | xfree(options->local_forwards[i].connect_host); | 318 | xfree(options->local_forwards[i].connect_host); |
313 | } | 319 | } |
320 | if (options->num_local_forwards > 0) { | ||
321 | xfree(options->local_forwards); | ||
322 | options->local_forwards = NULL; | ||
323 | } | ||
314 | options->num_local_forwards = 0; | 324 | options->num_local_forwards = 0; |
315 | for (i = 0; i < options->num_remote_forwards; i++) { | 325 | for (i = 0; i < options->num_remote_forwards; i++) { |
316 | if (options->remote_forwards[i].listen_host != NULL) | 326 | if (options->remote_forwards[i].listen_host != NULL) |
317 | xfree(options->remote_forwards[i].listen_host); | 327 | xfree(options->remote_forwards[i].listen_host); |
318 | xfree(options->remote_forwards[i].connect_host); | 328 | xfree(options->remote_forwards[i].connect_host); |
319 | } | 329 | } |
330 | if (options->num_remote_forwards > 0) { | ||
331 | xfree(options->remote_forwards); | ||
332 | options->remote_forwards = NULL; | ||
333 | } | ||
320 | options->num_remote_forwards = 0; | 334 | options->num_remote_forwards = 0; |
321 | options->tun_open = SSH_TUNMODE_NO; | 335 | options->tun_open = SSH_TUNMODE_NO; |
322 | } | 336 | } |
@@ -419,6 +433,10 @@ parse_flag: | |||
419 | case oForwardX11Trusted: | 433 | case oForwardX11Trusted: |
420 | intptr = &options->forward_x11_trusted; | 434 | intptr = &options->forward_x11_trusted; |
421 | goto parse_flag; | 435 | goto parse_flag; |
436 | |||
437 | case oForwardX11Timeout: | ||
438 | intptr = &options->forward_x11_timeout; | ||
439 | goto parse_time; | ||
422 | 440 | ||
423 | case oGatewayPorts: | 441 | case oGatewayPorts: |
424 | intptr = &options->gateway_ports; | 442 | intptr = &options->gateway_ports; |
@@ -904,6 +922,30 @@ parse_int: | |||
904 | *intptr = value; | 922 | *intptr = value; |
905 | break; | 923 | break; |
906 | 924 | ||
925 | case oControlPersist: | ||
926 | /* no/false/yes/true, or a time spec */ | ||
927 | intptr = &options->control_persist; | ||
928 | arg = strdelim(&s); | ||
929 | if (!arg || *arg == '\0') | ||
930 | fatal("%.200s line %d: Missing ControlPersist" | ||
931 | " argument.", filename, linenum); | ||
932 | value = 0; | ||
933 | value2 = 0; /* timeout */ | ||
934 | if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0) | ||
935 | value = 0; | ||
936 | else if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) | ||
937 | value = 1; | ||
938 | else if ((value2 = convtime(arg)) >= 0) | ||
939 | value = 1; | ||
940 | else | ||
941 | fatal("%.200s line %d: Bad ControlPersist argument.", | ||
942 | filename, linenum); | ||
943 | if (*activep && *intptr == -1) { | ||
944 | *intptr = value; | ||
945 | options->control_persist_timeout = value2; | ||
946 | } | ||
947 | break; | ||
948 | |||
907 | case oHashKnownHosts: | 949 | case oHashKnownHosts: |
908 | intptr = &options->hash_known_hosts; | 950 | intptr = &options->hash_known_hosts; |
909 | goto parse_flag; | 951 | goto parse_flag; |
@@ -1044,6 +1086,7 @@ initialize_options(Options * options) | |||
1044 | options->forward_agent = -1; | 1086 | options->forward_agent = -1; |
1045 | options->forward_x11 = -1; | 1087 | options->forward_x11 = -1; |
1046 | options->forward_x11_trusted = -1; | 1088 | options->forward_x11_trusted = -1; |
1089 | options->forward_x11_timeout = -1; | ||
1047 | options->exit_on_forward_failure = -1; | 1090 | options->exit_on_forward_failure = -1; |
1048 | options->xauth_location = NULL; | 1091 | options->xauth_location = NULL; |
1049 | options->gateway_ports = -1; | 1092 | options->gateway_ports = -1; |
@@ -1089,7 +1132,9 @@ initialize_options(Options * options) | |||
1089 | options->user_hostfile = NULL; | 1132 | options->user_hostfile = NULL; |
1090 | options->system_hostfile2 = NULL; | 1133 | options->system_hostfile2 = NULL; |
1091 | options->user_hostfile2 = NULL; | 1134 | options->user_hostfile2 = NULL; |
1135 | options->local_forwards = NULL; | ||
1092 | options->num_local_forwards = 0; | 1136 | options->num_local_forwards = 0; |
1137 | options->remote_forwards = NULL; | ||
1093 | options->num_remote_forwards = 0; | 1138 | options->num_remote_forwards = 0; |
1094 | options->clear_forwardings = -1; | 1139 | options->clear_forwardings = -1; |
1095 | options->log_level = SYSLOG_LEVEL_NOT_SET; | 1140 | options->log_level = SYSLOG_LEVEL_NOT_SET; |
@@ -1106,6 +1151,8 @@ initialize_options(Options * options) | |||
1106 | options->num_send_env = 0; | 1151 | options->num_send_env = 0; |
1107 | options->control_path = NULL; | 1152 | options->control_path = NULL; |
1108 | options->control_master = -1; | 1153 | options->control_master = -1; |
1154 | options->control_persist = -1; | ||
1155 | options->control_persist_timeout = 0; | ||
1109 | options->hash_known_hosts = -1; | 1156 | options->hash_known_hosts = -1; |
1110 | options->tun_open = -1; | 1157 | options->tun_open = -1; |
1111 | options->tun_local = -1; | 1158 | options->tun_local = -1; |
@@ -1133,6 +1180,8 @@ fill_default_options(Options * options) | |||
1133 | options->forward_x11 = 0; | 1180 | options->forward_x11 = 0; |
1134 | if (options->forward_x11_trusted == -1) | 1181 | if (options->forward_x11_trusted == -1) |
1135 | options->forward_x11_trusted = 1; | 1182 | options->forward_x11_trusted = 1; |
1183 | if (options->forward_x11_timeout == -1) | ||
1184 | options->forward_x11_timeout = 1200; | ||
1136 | if (options->exit_on_forward_failure == -1) | 1185 | if (options->exit_on_forward_failure == -1) |
1137 | options->exit_on_forward_failure = 0; | 1186 | options->exit_on_forward_failure = 0; |
1138 | if (options->xauth_location == NULL) | 1187 | if (options->xauth_location == NULL) |
@@ -1252,6 +1301,10 @@ fill_default_options(Options * options) | |||
1252 | options->server_alive_count_max = 3; | 1301 | options->server_alive_count_max = 3; |
1253 | if (options->control_master == -1) | 1302 | if (options->control_master == -1) |
1254 | options->control_master = 0; | 1303 | options->control_master = 0; |
1304 | if (options->control_persist == -1) { | ||
1305 | options->control_persist = 0; | ||
1306 | options->control_persist_timeout = 0; | ||
1307 | } | ||
1255 | if (options->hash_known_hosts == -1) | 1308 | if (options->hash_known_hosts == -1) |
1256 | options->hash_known_hosts = 0; | 1309 | options->hash_known_hosts = 0; |
1257 | if (options->tun_open == -1) | 1310 | if (options->tun_open == -1) |