summaryrefslogtreecommitdiff
path: root/readconf.c
diff options
context:
space:
mode:
Diffstat (limited to 'readconf.c')
-rw-r--r--readconf.c50
1 files changed, 45 insertions, 5 deletions
diff --git a/readconf.c b/readconf.c
index cf27a9f41..d2c5a77f7 100644
--- a/readconf.c
+++ b/readconf.c
@@ -107,6 +107,7 @@ typedef enum {
107 oAddressFamily, oGssAuthentication, oGssDelegateCreds, 107 oAddressFamily, oGssAuthentication, oGssDelegateCreds,
108 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, 108 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
109 oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, 109 oSendEnv, oControlPath, oControlMaster, oHashKnownHosts,
110 oProtocolKeepAlives, oSetupTimeOut,
110 oDeprecated, oUnsupported 111 oDeprecated, oUnsupported
111} OpCodes; 112} OpCodes;
112 113
@@ -198,6 +199,8 @@ static struct {
198 { "controlpath", oControlPath }, 199 { "controlpath", oControlPath },
199 { "controlmaster", oControlMaster }, 200 { "controlmaster", oControlMaster },
200 { "hashknownhosts", oHashKnownHosts }, 201 { "hashknownhosts", oHashKnownHosts },
202 { "protocolkeepalives", oProtocolKeepAlives },
203 { "setuptimeout", oSetupTimeOut },
201 { NULL, oBadOption } 204 { NULL, oBadOption }
202}; 205};
203 206
@@ -768,6 +771,7 @@ parse_int:
768 goto parse_flag; 771 goto parse_flag;
769 772
770 case oServerAliveInterval: 773 case oServerAliveInterval:
774 case oProtocolKeepAlives: /* Debian-specific compatibility alias */
771 intptr = &options->server_alive_interval; 775 intptr = &options->server_alive_interval;
772 goto parse_time; 776 goto parse_time;
773 777
@@ -822,6 +826,10 @@ parse_int:
822 intptr = &options->hash_known_hosts; 826 intptr = &options->hash_known_hosts;
823 goto parse_flag; 827 goto parse_flag;
824 828
829 case oSetupTimeOut:
830 intptr = &options->setuptimeout;
831 goto parse_int;
832
825 case oDeprecated: 833 case oDeprecated:
826 debug("%s line %d: Deprecated option \"%s\"", 834 debug("%s line %d: Deprecated option \"%s\"",
827 filename, linenum, keyword); 835 filename, linenum, keyword);
@@ -866,11 +874,30 @@ read_config_file(const char *filename, const char *host, Options *options,
866 874
867 if (checkperm) { 875 if (checkperm) {
868 struct stat sb; 876 struct stat sb;
877 int bad_modes = 0;
869 878
870 if (fstat(fileno(f), &sb) == -1) 879 if (fstat(fileno(f), &sb) == -1)
871 fatal("fstat %s: %s", filename, strerror(errno)); 880 fatal("fstat %s: %s", filename, strerror(errno));
872 if (((sb.st_uid != 0 && sb.st_uid != getuid()) || 881 if (sb.st_uid != 0 && sb.st_uid != getuid())
873 (sb.st_mode & 022) != 0)) 882 bad_modes = 1;
883 if ((sb.st_mode & 020) != 0) {
884 /* If the file is group-writable, the group in
885 * question must have at most one member, namely the
886 * file's owner.
887 */
888 struct passwd *pw = getpwuid(sb.st_uid);
889 struct group *gr = getgrgid(sb.st_gid);
890 if (!pw || !gr)
891 bad_modes = 1;
892 else if (gr->gr_mem[0]) {
893 if (strcmp(pw->pw_name, gr->gr_mem[0]) ||
894 gr->gr_mem[1])
895 bad_modes = 1;
896 }
897 }
898 if ((sb.st_mode & 002) != 0)
899 bad_modes = 1;
900 if (bad_modes)
874 fatal("Bad owner or permissions on %s", filename); 901 fatal("Bad owner or permissions on %s", filename);
875 } 902 }
876 903
@@ -927,6 +954,7 @@ initialize_options(Options * options)
927 options->strict_host_key_checking = -1; 954 options->strict_host_key_checking = -1;
928 options->compression = -1; 955 options->compression = -1;
929 options->tcp_keep_alive = -1; 956 options->tcp_keep_alive = -1;
957 options->setuptimeout = -1;
930 options->compression_level = -1; 958 options->compression_level = -1;
931 options->port = -1; 959 options->port = -1;
932 options->address_family = -1; 960 options->address_family = -1;
@@ -983,7 +1011,7 @@ fill_default_options(Options * options)
983 if (options->forward_x11 == -1) 1011 if (options->forward_x11 == -1)
984 options->forward_x11 = 0; 1012 options->forward_x11 = 0;
985 if (options->forward_x11_trusted == -1) 1013 if (options->forward_x11_trusted == -1)
986 options->forward_x11_trusted = 0; 1014 options->forward_x11_trusted = 1;
987 if (options->xauth_location == NULL) 1015 if (options->xauth_location == NULL)
988 options->xauth_location = _PATH_XAUTH; 1016 options->xauth_location = _PATH_XAUTH;
989 if (options->gateway_ports == -1) 1017 if (options->gateway_ports == -1)
@@ -1082,14 +1110,26 @@ fill_default_options(Options * options)
1082 options->rekey_limit = 0; 1110 options->rekey_limit = 0;
1083 if (options->verify_host_key_dns == -1) 1111 if (options->verify_host_key_dns == -1)
1084 options->verify_host_key_dns = 0; 1112 options->verify_host_key_dns = 0;
1085 if (options->server_alive_interval == -1) 1113 if (options->server_alive_interval == -1) {
1086 options->server_alive_interval = 0; 1114 /* in batch mode, default is 5mins */
1115 if (options->batch_mode == 1)
1116 options->server_alive_interval = 300;
1117 else
1118 options->server_alive_interval = 0;
1119 }
1087 if (options->server_alive_count_max == -1) 1120 if (options->server_alive_count_max == -1)
1088 options->server_alive_count_max = 3; 1121 options->server_alive_count_max = 3;
1089 if (options->control_master == -1) 1122 if (options->control_master == -1)
1090 options->control_master = 0; 1123 options->control_master = 0;
1091 if (options->hash_known_hosts == -1) 1124 if (options->hash_known_hosts == -1)
1092 options->hash_known_hosts = 0; 1125 options->hash_known_hosts = 0;
1126 if (options->setuptimeout == -1) {
1127 /* in batch mode, default is 5mins */
1128 if (options->batch_mode == 1)
1129 options->setuptimeout = 300;
1130 else
1131 options->setuptimeout = 0;
1132 }
1093 /* options->proxy_command should not be set by default */ 1133 /* options->proxy_command should not be set by default */
1094 /* options->user will be set in the main program if appropriate */ 1134 /* options->user will be set in the main program if appropriate */
1095 /* options->hostname will be set in the main program if appropriate */ 1135 /* options->hostname will be set in the main program if appropriate */