summaryrefslogtreecommitdiff
path: root/readconf.c
diff options
context:
space:
mode:
Diffstat (limited to 'readconf.c')
-rw-r--r--readconf.c71
1 files changed, 62 insertions, 9 deletions
diff --git a/readconf.c b/readconf.c
index 2a5a706ab..0e83f5809 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: readconf.c,v 1.183 2010/02/08 10:50:20 markus Exp $ */ 1/* $OpenBSD: readconf.c,v 1.187 2010/07/19 09:15:12 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -112,8 +112,8 @@
112 112
113typedef enum { 113typedef enum {
114 oBadOption, 114 oBadOption,
115 oForwardAgent, oForwardX11, oForwardX11Trusted, oGatewayPorts, 115 oForwardAgent, oForwardX11, oForwardX11Trusted, oForwardX11Timeout,
116 oExitOnForwardFailure, 116 oGatewayPorts, oExitOnForwardFailure,
117 oPasswordAuthentication, oRSAAuthentication, 117 oPasswordAuthentication, oRSAAuthentication,
118 oChallengeResponseAuthentication, oXAuthLocation, 118 oChallengeResponseAuthentication, oXAuthLocation,
119 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, 119 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
@@ -132,7 +132,8 @@ typedef enum {
132 oAddressFamily, oGssAuthentication, oGssDelegateCreds, 132 oAddressFamily, oGssAuthentication, oGssDelegateCreds,
133 oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey, 133 oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey,
134 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, 134 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
135 oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, 135 oSendEnv, oControlPath, oControlMaster, oControlPersist,
136 oHashKnownHosts,
136 oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, 137 oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
137 oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication, 138 oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
138 oProtocolKeepAlives, oSetupTimeOut, 139 oProtocolKeepAlives, oSetupTimeOut,
@@ -148,6 +149,7 @@ static struct {
148 { "forwardagent", oForwardAgent }, 149 { "forwardagent", oForwardAgent },
149 { "forwardx11", oForwardX11 }, 150 { "forwardx11", oForwardX11 },
150 { "forwardx11trusted", oForwardX11Trusted }, 151 { "forwardx11trusted", oForwardX11Trusted },
152 { "forwardx11timeout", oForwardX11Timeout },
151 { "exitonforwardfailure", oExitOnForwardFailure }, 153 { "exitonforwardfailure", oExitOnForwardFailure },
152 { "xauthlocation", oXAuthLocation }, 154 { "xauthlocation", oXAuthLocation },
153 { "gatewayports", oGatewayPorts }, 155 { "gatewayports", oGatewayPorts },
@@ -238,6 +240,7 @@ static struct {
238 { "sendenv", oSendEnv }, 240 { "sendenv", oSendEnv },
239 { "controlpath", oControlPath }, 241 { "controlpath", oControlPath },
240 { "controlmaster", oControlMaster }, 242 { "controlmaster", oControlMaster },
243 { "controlpersist", oControlPersist },
241 { "hashknownhosts", oHashKnownHosts }, 244 { "hashknownhosts", oHashKnownHosts },
242 { "tunnel", oTunnel }, 245 { "tunnel", oTunnel },
243 { "tunneldevice", oTunnelDevice }, 246 { "tunneldevice", oTunnelDevice },
@@ -271,8 +274,9 @@ add_local_forward(Options *options, const Forward *newfwd)
271 if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0) 274 if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0)
272 fatal("Privileged ports can only be forwarded by root."); 275 fatal("Privileged ports can only be forwarded by root.");
273#endif 276#endif
274 if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) 277 options->local_forwards = xrealloc(options->local_forwards,
275 fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); 278 options->num_local_forwards + 1,
279 sizeof(*options->local_forwards));
276 fwd = &options->local_forwards[options->num_local_forwards++]; 280 fwd = &options->local_forwards[options->num_local_forwards++];
277 281
278 fwd->listen_host = newfwd->listen_host; 282 fwd->listen_host = newfwd->listen_host;
@@ -290,15 +294,17 @@ void
290add_remote_forward(Options *options, const Forward *newfwd) 294add_remote_forward(Options *options, const Forward *newfwd)
291{ 295{
292 Forward *fwd; 296 Forward *fwd;
293 if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) 297
294 fatal("Too many remote forwards (max %d).", 298 options->remote_forwards = xrealloc(options->remote_forwards,
295 SSH_MAX_FORWARDS_PER_DIRECTION); 299 options->num_remote_forwards + 1,
300 sizeof(*options->remote_forwards));
296 fwd = &options->remote_forwards[options->num_remote_forwards++]; 301 fwd = &options->remote_forwards[options->num_remote_forwards++];
297 302
298 fwd->listen_host = newfwd->listen_host; 303 fwd->listen_host = newfwd->listen_host;
299 fwd->listen_port = newfwd->listen_port; 304 fwd->listen_port = newfwd->listen_port;
300 fwd->connect_host = newfwd->connect_host; 305 fwd->connect_host = newfwd->connect_host;
301 fwd->connect_port = newfwd->connect_port; 306 fwd->connect_port = newfwd->connect_port;
307 fwd->allocated_port = 0;
302} 308}
303 309
304static void 310static void
@@ -311,12 +317,20 @@ clear_forwardings(Options *options)
311 xfree(options->local_forwards[i].listen_host); 317 xfree(options->local_forwards[i].listen_host);
312 xfree(options->local_forwards[i].connect_host); 318 xfree(options->local_forwards[i].connect_host);
313 } 319 }
320 if (options->num_local_forwards > 0) {
321 xfree(options->local_forwards);
322 options->local_forwards = NULL;
323 }
314 options->num_local_forwards = 0; 324 options->num_local_forwards = 0;
315 for (i = 0; i < options->num_remote_forwards; i++) { 325 for (i = 0; i < options->num_remote_forwards; i++) {
316 if (options->remote_forwards[i].listen_host != NULL) 326 if (options->remote_forwards[i].listen_host != NULL)
317 xfree(options->remote_forwards[i].listen_host); 327 xfree(options->remote_forwards[i].listen_host);
318 xfree(options->remote_forwards[i].connect_host); 328 xfree(options->remote_forwards[i].connect_host);
319 } 329 }
330 if (options->num_remote_forwards > 0) {
331 xfree(options->remote_forwards);
332 options->remote_forwards = NULL;
333 }
320 options->num_remote_forwards = 0; 334 options->num_remote_forwards = 0;
321 options->tun_open = SSH_TUNMODE_NO; 335 options->tun_open = SSH_TUNMODE_NO;
322} 336}
@@ -419,6 +433,10 @@ parse_flag:
419 case oForwardX11Trusted: 433 case oForwardX11Trusted:
420 intptr = &options->forward_x11_trusted; 434 intptr = &options->forward_x11_trusted;
421 goto parse_flag; 435 goto parse_flag;
436
437 case oForwardX11Timeout:
438 intptr = &options->forward_x11_timeout;
439 goto parse_time;
422 440
423 case oGatewayPorts: 441 case oGatewayPorts:
424 intptr = &options->gateway_ports; 442 intptr = &options->gateway_ports;
@@ -904,6 +922,30 @@ parse_int:
904 *intptr = value; 922 *intptr = value;
905 break; 923 break;
906 924
925 case oControlPersist:
926 /* no/false/yes/true, or a time spec */
927 intptr = &options->control_persist;
928 arg = strdelim(&s);
929 if (!arg || *arg == '\0')
930 fatal("%.200s line %d: Missing ControlPersist"
931 " argument.", filename, linenum);
932 value = 0;
933 value2 = 0; /* timeout */
934 if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
935 value = 0;
936 else if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
937 value = 1;
938 else if ((value2 = convtime(arg)) >= 0)
939 value = 1;
940 else
941 fatal("%.200s line %d: Bad ControlPersist argument.",
942 filename, linenum);
943 if (*activep && *intptr == -1) {
944 *intptr = value;
945 options->control_persist_timeout = value2;
946 }
947 break;
948
907 case oHashKnownHosts: 949 case oHashKnownHosts:
908 intptr = &options->hash_known_hosts; 950 intptr = &options->hash_known_hosts;
909 goto parse_flag; 951 goto parse_flag;
@@ -1044,6 +1086,7 @@ initialize_options(Options * options)
1044 options->forward_agent = -1; 1086 options->forward_agent = -1;
1045 options->forward_x11 = -1; 1087 options->forward_x11 = -1;
1046 options->forward_x11_trusted = -1; 1088 options->forward_x11_trusted = -1;
1089 options->forward_x11_timeout = -1;
1047 options->exit_on_forward_failure = -1; 1090 options->exit_on_forward_failure = -1;
1048 options->xauth_location = NULL; 1091 options->xauth_location = NULL;
1049 options->gateway_ports = -1; 1092 options->gateway_ports = -1;
@@ -1089,7 +1132,9 @@ initialize_options(Options * options)
1089 options->user_hostfile = NULL; 1132 options->user_hostfile = NULL;
1090 options->system_hostfile2 = NULL; 1133 options->system_hostfile2 = NULL;
1091 options->user_hostfile2 = NULL; 1134 options->user_hostfile2 = NULL;
1135 options->local_forwards = NULL;
1092 options->num_local_forwards = 0; 1136 options->num_local_forwards = 0;
1137 options->remote_forwards = NULL;
1093 options->num_remote_forwards = 0; 1138 options->num_remote_forwards = 0;
1094 options->clear_forwardings = -1; 1139 options->clear_forwardings = -1;
1095 options->log_level = SYSLOG_LEVEL_NOT_SET; 1140 options->log_level = SYSLOG_LEVEL_NOT_SET;
@@ -1106,6 +1151,8 @@ initialize_options(Options * options)
1106 options->num_send_env = 0; 1151 options->num_send_env = 0;
1107 options->control_path = NULL; 1152 options->control_path = NULL;
1108 options->control_master = -1; 1153 options->control_master = -1;
1154 options->control_persist = -1;
1155 options->control_persist_timeout = 0;
1109 options->hash_known_hosts = -1; 1156 options->hash_known_hosts = -1;
1110 options->tun_open = -1; 1157 options->tun_open = -1;
1111 options->tun_local = -1; 1158 options->tun_local = -1;
@@ -1133,6 +1180,8 @@ fill_default_options(Options * options)
1133 options->forward_x11 = 0; 1180 options->forward_x11 = 0;
1134 if (options->forward_x11_trusted == -1) 1181 if (options->forward_x11_trusted == -1)
1135 options->forward_x11_trusted = 1; 1182 options->forward_x11_trusted = 1;
1183 if (options->forward_x11_timeout == -1)
1184 options->forward_x11_timeout = 1200;
1136 if (options->exit_on_forward_failure == -1) 1185 if (options->exit_on_forward_failure == -1)
1137 options->exit_on_forward_failure = 0; 1186 options->exit_on_forward_failure = 0;
1138 if (options->xauth_location == NULL) 1187 if (options->xauth_location == NULL)
@@ -1252,6 +1301,10 @@ fill_default_options(Options * options)
1252 options->server_alive_count_max = 3; 1301 options->server_alive_count_max = 3;
1253 if (options->control_master == -1) 1302 if (options->control_master == -1)
1254 options->control_master = 0; 1303 options->control_master = 0;
1304 if (options->control_persist == -1) {
1305 options->control_persist = 0;
1306 options->control_persist_timeout = 0;
1307 }
1255 if (options->hash_known_hosts == -1) 1308 if (options->hash_known_hosts == -1)
1256 options->hash_known_hosts = 0; 1309 options->hash_known_hosts = 0;
1257 if (options->tun_open == -1) 1310 if (options->tun_open == -1)