1 files changed, 85 insertions, 34 deletions
diff --git a/readconf.c b/readconf.c
index 091029a19..60befde59 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.190 2010/11/13 23:27:50 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.193 2011/05/24 07:15:47 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -136,7 +136,7 @@ typedef enum {
        oHashKnownHosts,
        oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
        oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
-        oKexAlgorithms, oIPQoS,
+        oKexAlgorithms, oIPQoS, oRequestTTY,
        oDeprecated, oUnsupported
 } OpCodes;
@@ -204,9 +204,9 @@ static struct {
        { "host", oHost },
        { "escapechar", oEscapeChar },
        { "globalknownhostsfile", oGlobalKnownHostsFile },
-        { "globalknownhostsfile2", oGlobalKnownHostsFile2 },    /* obsolete */
+        { "globalknownhostsfile2", oDeprecated },
        { "userknownhostsfile", oUserKnownHostsFile },
-        { "userknownhostsfile2", oUserKnownHostsFile2 },        /* obsolete */
+        { "userknownhostsfile2", oDeprecated }, 
        { "connectionattempts", oConnectionAttempts },
        { "batchmode", oBatchMode },
        { "checkhostip", oCheckHostIP },
@@ -256,6 +256,7 @@ static struct {
 #endif
        { "kexalgorithms", oKexAlgorithms },
        { "ipqos", oIPQoS },
+        { "requesttty", oRequestTTY },
        { NULL, oBadOption }
 };
@@ -364,8 +365,10 @@ process_config_line(Options *options, const char *host,
                    char *line, const char *filename, int linenum,
                    int *activep)
 {
-        char *s, **charptr, *endofnumber, *keyword, *arg, *arg2, fwdarg[256];
+        char *s, **charptr, *endofnumber, *keyword, *arg, *arg2;
-        int opcode, *intptr, value, value2, scale;
+        char **cpptr, fwdarg[256];
+        u_int *uintptr, max_entries = 0;
+        int negated, opcode, *intptr, value, value2, scale;
        LogLevel *log_level_ptr;
        long long orig, val64;
        size_t len;
@@ -628,26 +631,33 @@ parse_yesnoask:
 parse_string:
                arg = strdelim(&s);
                if (!arg || *arg == '\0')
-                        fatal("%.200s line %d: Missing argument.", filename, linenum);
+                        fatal("%.200s line %d: Missing argument.",
+                            filename, linenum);
                if (*activep && *charptr == NULL)
                        *charptr = xstrdup(arg);
                break;
        case oGlobalKnownHostsFile:
-                charptr = &options->system_hostfile;
+                cpptr = (char **)&options->system_hostfiles;
-                goto parse_string;
+                uintptr = &options->num_system_hostfiles;
+                max_entries = SSH_MAX_HOSTS_FILES;
+parse_char_array:
+                if (*activep && *uintptr == 0) {
+                        while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
+                                if ((*uintptr) >= max_entries)
+                                        fatal("%s line %d: "
+                                            "too many authorized keys files.",
+                                            filename, linenum);
+                                cpptr[(*uintptr)++] = xstrdup(arg);
+                        }
+                }
+                return 0;
        case oUserKnownHostsFile:
-                charptr = &options->user_hostfile;
+                cpptr = (char **)&options->user_hostfiles;
-                goto parse_string;
+                uintptr = &options->num_user_hostfiles;
+                max_entries = SSH_MAX_HOSTS_FILES;
-        case oGlobalKnownHostsFile2:
+                goto parse_char_array;
-                charptr = &options->system_hostfile2;
-                goto parse_string;
-        case oUserKnownHostsFile2:
-                charptr = &options->user_hostfile2;
-                goto parse_string;
        case oHostName:
                charptr = &options->hostname;
@@ -824,12 +834,28 @@ parse_int:
        case oHost:
                *activep = 0;
-                while ((arg = strdelim(&s)) != NULL && *arg != '\0')
+                arg2 = NULL;
+                while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
+                        negated = *arg == '!';
+                        if (negated)
+                                arg++;
                        if (match_pattern(host, arg)) {
-                                debug("Applying options for %.100s", arg);
+                                if (negated) {
+                                        debug("%.200s line %d: Skipping Host "
+                                            "block because of negated match "
+                                            "for %.100s", filename, linenum,
+                                            arg);
+                                        *activep = 0;
+                                        break;
+                                }
+                                if (!*activep)
+                                        arg2 = arg; /* logged below */
                                *activep = 1;
-                                break;
                        }
+                }
+                if (*activep)
+                        debug("%.200s line %d: Applying options for %.100s",
+                            filename, linenum, arg2);
                /* Avoid garbage check below, as strdelim is done. */
                return 0;
@@ -1028,6 +1054,26 @@ parse_int:
                intptr = &options->use_roaming;
                goto parse_flag;
+        case oRequestTTY:
+                arg = strdelim(&s);
+                if (!arg || *arg == '\0')
+                        fatal("%s line %d: missing argument.",
+                            filename, linenum);
+                intptr = &options->request_tty;
+                if (strcasecmp(arg, "yes") == 0)
+                        value = REQUEST_TTY_YES;
+                else if (strcasecmp(arg, "no") == 0)
+                        value = REQUEST_TTY_NO;
+                else if (strcasecmp(arg, "force") == 0)
+                        value = REQUEST_TTY_FORCE;
+                else if (strcasecmp(arg, "auto") == 0)
+                        value = REQUEST_TTY_AUTO;
+                else
+                        fatal("Unsupported RequestTTY \"%s\"", arg);
+                if (*activep && *intptr == -1)
+                        *intptr = value;
+                break;
        case oDeprecated:
                debug("%s line %d: Deprecated option \"%s\"",
                    filename, linenum, keyword);
@@ -1157,10 +1203,8 @@ initialize_options(Options * options)
        options->proxy_command = NULL;
        options->user = NULL;
        options->escape_char = -1;
-        options->system_hostfile = NULL;
+        options->num_system_hostfiles = 0;
-        options->user_hostfile = NULL;
+        options->num_user_hostfiles = 0;
-        options->system_hostfile2 = NULL;
-        options->user_hostfile2 = NULL;
        options->local_forwards = NULL;
        options->num_local_forwards = 0;
        options->remote_forwards = NULL;
@@ -1193,6 +1237,7 @@ initialize_options(Options * options)
        options->zero_knowledge_password_authentication = -1;
        options->ip_qos_interactive = -1;
        options->ip_qos_bulk = -1;
+        options->request_tty = -1;
 }
 /*
@@ -1305,14 +1350,18 @@ fill_default_options(Options * options)
        }
        if (options->escape_char == -1)
                options->escape_char = '~';
-        if (options->system_hostfile == NULL)
+        if (options->num_system_hostfiles == 0) {
-                options->system_hostfile = _PATH_SSH_SYSTEM_HOSTFILE;
+                options->system_hostfiles[options->num_system_hostfiles++] =
-        if (options->user_hostfile == NULL)
+                    xstrdup(_PATH_SSH_SYSTEM_HOSTFILE);
-                options->user_hostfile = _PATH_SSH_USER_HOSTFILE;
+                options->system_hostfiles[options->num_system_hostfiles++] =
-        if (options->system_hostfile2 == NULL)
+                    xstrdup(_PATH_SSH_SYSTEM_HOSTFILE2);
-                options->system_hostfile2 = _PATH_SSH_SYSTEM_HOSTFILE2;
+        }
-        if (options->user_hostfile2 == NULL)
+        if (options->num_user_hostfiles == 0) {
-                options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2;
+                options->user_hostfiles[options->num_user_hostfiles++] =
+                    xstrdup(_PATH_SSH_USER_HOSTFILE);
+                options->user_hostfiles[options->num_user_hostfiles++] =
+                    xstrdup(_PATH_SSH_USER_HOSTFILE2);
+        }
        if (options->log_level == SYSLOG_LEVEL_NOT_SET)
                options->log_level = SYSLOG_LEVEL_INFO;
        if (options->clear_forwardings == 1)
@@ -1357,6 +1406,8 @@ fill_default_options(Options * options)
                options->ip_qos_interactive = IPTOS_LOWDELAY;
        if (options->ip_qos_bulk == -1)
                options->ip_qos_bulk = IPTOS_THROUGHPUT;
+        if (options->request_tty == -1)
+                options->request_tty = REQUEST_TTY_AUTO;
        /* options->local_command should not be set by default */
        /* options->proxy_command should not be set by default */
        /* options->user will be set in the main program if appropriate */

diff --git a/readconf.c b/readconf.c index 091029a19..60befde59 100644 --- a/readconf.c +++ b/readconf.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: readconf.c,v 1.190 2010/11/13 23:27:50 djm Exp $ */	1	/* $OpenBSD: readconf.c,v 1.193 2011/05/24 07:15:47 djm Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -136,7 +136,7 @@ typedef enum {
136	oHashKnownHosts,	136	oHashKnownHosts,
137	oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,	137	oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
138	oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,	138	oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
139	oKexAlgorithms, oIPQoS,	139	oKexAlgorithms, oIPQoS, oRequestTTY,
140	oDeprecated, oUnsupported	140	oDeprecated, oUnsupported
141	} OpCodes;	141	} OpCodes;
142		142
@@ -204,9 +204,9 @@ static struct {
204	{ "host", oHost },	204	{ "host", oHost },
205	{ "escapechar", oEscapeChar },	205	{ "escapechar", oEscapeChar },
206	{ "globalknownhostsfile", oGlobalKnownHostsFile },	206	{ "globalknownhostsfile", oGlobalKnownHostsFile },
207	{ "globalknownhostsfile2", oGlobalKnownHostsFile2 }, /* obsolete */	207	{ "globalknownhostsfile2", oDeprecated },
208	{ "userknownhostsfile", oUserKnownHostsFile },	208	{ "userknownhostsfile", oUserKnownHostsFile },
209	{ "userknownhostsfile2", oUserKnownHostsFile2 }, /* obsolete */	209	{ "userknownhostsfile2", oDeprecated },
210	{ "connectionattempts", oConnectionAttempts },	210	{ "connectionattempts", oConnectionAttempts },
211	{ "batchmode", oBatchMode },	211	{ "batchmode", oBatchMode },
212	{ "checkhostip", oCheckHostIP },	212	{ "checkhostip", oCheckHostIP },
@@ -256,6 +256,7 @@ static struct {
256	#endif	256	#endif
257	{ "kexalgorithms", oKexAlgorithms },	257	{ "kexalgorithms", oKexAlgorithms },
258	{ "ipqos", oIPQoS },	258	{ "ipqos", oIPQoS },
		259	{ "requesttty", oRequestTTY },
259		260
260	{ NULL, oBadOption }	261	{ NULL, oBadOption }
261	};	262	};
@@ -364,8 +365,10 @@ process_config_line(Options options, const char host,
364	char line, const char filename, int linenum,	365	char line, const char filename, int linenum,
365	int *activep)	366	int *activep)
366	{	367	{
367	char s, charptr, endofnumber, keyword, arg, *arg2, fwdarg[256];	368	char s, charptr, endofnumber, keyword, arg, *arg2;
368	int opcode, *intptr, value, value2, scale;	369	char **cpptr, fwdarg[256];
		370	u_int *uintptr, max_entries = 0;
		371	int negated, opcode, *intptr, value, value2, scale;
369	LogLevel *log_level_ptr;	372	LogLevel *log_level_ptr;
370	long long orig, val64;	373	long long orig, val64;
371	size_t len;	374	size_t len;
@@ -628,26 +631,33 @@ parse_yesnoask:
628	parse_string:	631	parse_string:
629	arg = strdelim(&s);	632	arg = strdelim(&s);
630	if (!arg \|\| *arg == '\0')	633	if (!arg \|\| *arg == '\0')
631	fatal("%.200s line %d: Missing argument.", filename, linenum);	634	fatal("%.200s line %d: Missing argument.",
		635	filename, linenum);
632	if (activep && charptr == NULL)	636	if (activep && charptr == NULL)
633	*charptr = xstrdup(arg);	637	*charptr = xstrdup(arg);
634	break;	638	break;
635		639
636	case oGlobalKnownHostsFile:	640	case oGlobalKnownHostsFile:
637	charptr = &options->system_hostfile;	641	cpptr = (char **)&options->system_hostfiles;
638	goto parse_string;	642	uintptr = &options->num_system_hostfiles;
		643	max_entries = SSH_MAX_HOSTS_FILES;
		644	parse_char_array:
		645	if (activep && uintptr == 0) {
		646	while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
		647	if ((*uintptr) >= max_entries)
		648	fatal("%s line %d: "
		649	"too many authorized keys files.",
		650	filename, linenum);
		651	cpptr[(*uintptr)++] = xstrdup(arg);
		652	}
		653	}
		654	return 0;
639		655
640	case oUserKnownHostsFile:	656	case oUserKnownHostsFile:
641	charptr = &options->user_hostfile;	657	cpptr = (char **)&options->user_hostfiles;
642	goto parse_string;	658	uintptr = &options->num_user_hostfiles;
643		659	max_entries = SSH_MAX_HOSTS_FILES;
644	case oGlobalKnownHostsFile2:	660	goto parse_char_array;
645	charptr = &options->system_hostfile2;
646	goto parse_string;
647
648	case oUserKnownHostsFile2:
649	charptr = &options->user_hostfile2;
650	goto parse_string;
651		661
652	case oHostName:	662	case oHostName:
653	charptr = &options->hostname;	663	charptr = &options->hostname;
@@ -824,12 +834,28 @@ parse_int:
824		834
825	case oHost:	835	case oHost:
826	*activep = 0;	836	*activep = 0;
827	while ((arg = strdelim(&s)) != NULL && *arg != '\0')	837	arg2 = NULL;
		838	while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
		839	negated = *arg == '!';
		840	if (negated)
		841	arg++;
828	if (match_pattern(host, arg)) {	842	if (match_pattern(host, arg)) {
829	debug("Applying options for %.100s", arg);	843	if (negated) {
		844	debug("%.200s line %d: Skipping Host "
		845	"block because of negated match "
		846	"for %.100s", filename, linenum,
		847	arg);
		848	*activep = 0;
		849	break;
		850	}
		851	if (!*activep)
		852	arg2 = arg; /* logged below */
830	*activep = 1;	853	*activep = 1;
831	break;
832	}	854	}
		855	}
		856	if (*activep)
		857	debug("%.200s line %d: Applying options for %.100s",
		858	filename, linenum, arg2);
833	/* Avoid garbage check below, as strdelim is done. */	859	/* Avoid garbage check below, as strdelim is done. */
834	return 0;	860	return 0;
835		861
@@ -1028,6 +1054,26 @@ parse_int:
1028	intptr = &options->use_roaming;	1054	intptr = &options->use_roaming;
1029	goto parse_flag;	1055	goto parse_flag;
1030		1056
		1057	case oRequestTTY:
		1058	arg = strdelim(&s);
		1059	if (!arg \|\| *arg == '\0')
		1060	fatal("%s line %d: missing argument.",
		1061	filename, linenum);
		1062	intptr = &options->request_tty;
		1063	if (strcasecmp(arg, "yes") == 0)
		1064	value = REQUEST_TTY_YES;
		1065	else if (strcasecmp(arg, "no") == 0)
		1066	value = REQUEST_TTY_NO;
		1067	else if (strcasecmp(arg, "force") == 0)
		1068	value = REQUEST_TTY_FORCE;
		1069	else if (strcasecmp(arg, "auto") == 0)
		1070	value = REQUEST_TTY_AUTO;
		1071	else
		1072	fatal("Unsupported RequestTTY \"%s\"", arg);
		1073	if (activep && intptr == -1)
		1074	*intptr = value;
		1075	break;
		1076
1031	case oDeprecated:	1077	case oDeprecated:
1032	debug("%s line %d: Deprecated option \"%s\"",	1078	debug("%s line %d: Deprecated option \"%s\"",
1033	filename, linenum, keyword);	1079	filename, linenum, keyword);
@@ -1157,10 +1203,8 @@ initialize_options(Options * options)
1157	options->proxy_command = NULL;	1203	options->proxy_command = NULL;
1158	options->user = NULL;	1204	options->user = NULL;
1159	options->escape_char = -1;	1205	options->escape_char = -1;
1160	options->system_hostfile = NULL;	1206	options->num_system_hostfiles = 0;
1161	options->user_hostfile = NULL;	1207	options->num_user_hostfiles = 0;
1162	options->system_hostfile2 = NULL;
1163	options->user_hostfile2 = NULL;
1164	options->local_forwards = NULL;	1208	options->local_forwards = NULL;
1165	options->num_local_forwards = 0;	1209	options->num_local_forwards = 0;
1166	options->remote_forwards = NULL;	1210	options->remote_forwards = NULL;
@@ -1193,6 +1237,7 @@ initialize_options(Options * options)
1193	options->zero_knowledge_password_authentication = -1;	1237	options->zero_knowledge_password_authentication = -1;
1194	options->ip_qos_interactive = -1;	1238	options->ip_qos_interactive = -1;
1195	options->ip_qos_bulk = -1;	1239	options->ip_qos_bulk = -1;
		1240	options->request_tty = -1;
1196	}	1241	}
1197		1242
1198	/*	1243	/*
@@ -1305,14 +1350,18 @@ fill_default_options(Options * options)
1305	}	1350	}
1306	if (options->escape_char == -1)	1351	if (options->escape_char == -1)
1307	options->escape_char = '~';	1352	options->escape_char = '~';
1308	if (options->system_hostfile == NULL)	1353	if (options->num_system_hostfiles == 0) {
1309	options->system_hostfile = _PATH_SSH_SYSTEM_HOSTFILE;	1354	options->system_hostfiles[options->num_system_hostfiles++] =
1310	if (options->user_hostfile == NULL)	1355	xstrdup(_PATH_SSH_SYSTEM_HOSTFILE);
1311	options->user_hostfile = _PATH_SSH_USER_HOSTFILE;	1356	options->system_hostfiles[options->num_system_hostfiles++] =
1312	if (options->system_hostfile2 == NULL)	1357	xstrdup(_PATH_SSH_SYSTEM_HOSTFILE2);
1313	options->system_hostfile2 = _PATH_SSH_SYSTEM_HOSTFILE2;	1358	}
1314	if (options->user_hostfile2 == NULL)	1359	if (options->num_user_hostfiles == 0) {
1315	options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2;	1360	options->user_hostfiles[options->num_user_hostfiles++] =
		1361	xstrdup(_PATH_SSH_USER_HOSTFILE);
		1362	options->user_hostfiles[options->num_user_hostfiles++] =
		1363	xstrdup(_PATH_SSH_USER_HOSTFILE2);
		1364	}
1316	if (options->log_level == SYSLOG_LEVEL_NOT_SET)	1365	if (options->log_level == SYSLOG_LEVEL_NOT_SET)
1317	options->log_level = SYSLOG_LEVEL_INFO;	1366	options->log_level = SYSLOG_LEVEL_INFO;
1318	if (options->clear_forwardings == 1)	1367	if (options->clear_forwardings == 1)
@@ -1357,6 +1406,8 @@ fill_default_options(Options * options)
1357	options->ip_qos_interactive = IPTOS_LOWDELAY;	1406	options->ip_qos_interactive = IPTOS_LOWDELAY;
1358	if (options->ip_qos_bulk == -1)	1407	if (options->ip_qos_bulk == -1)
1359	options->ip_qos_bulk = IPTOS_THROUGHPUT;	1408	options->ip_qos_bulk = IPTOS_THROUGHPUT;
		1409	if (options->request_tty == -1)
		1410	options->request_tty = REQUEST_TTY_AUTO;
1360	/* options->local_command should not be set by default */	1411	/* options->local_command should not be set by default */
1361	/* options->proxy_command should not be set by default */	1412	/* options->proxy_command should not be set by default */
1362	/* options->user will be set in the main program if appropriate */	1413	/* options->user will be set in the main program if appropriate */