1 files changed, 62 insertions, 9 deletions
diff --git a/readconf.c b/readconf.c
index 9d1ee55fa..36750a843 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.183 2010/02/08 10:50:20 markus Exp $ */
+/* $OpenBSD: readconf.c,v 1.187 2010/07/19 09:15:12 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -110,8 +110,8 @@
 typedef enum {
        oBadOption,
-        oForwardAgent, oForwardX11, oForwardX11Trusted, oGatewayPorts,
+        oForwardAgent, oForwardX11, oForwardX11Trusted, oForwardX11Timeout,
-        oExitOnForwardFailure,
+        oGatewayPorts, oExitOnForwardFailure,
        oPasswordAuthentication, oRSAAuthentication,
        oChallengeResponseAuthentication, oXAuthLocation,
        oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
@@ -129,7 +129,8 @@ typedef enum {
        oAddressFamily, oGssAuthentication, oGssDelegateCreds,
        oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey,
        oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
-        oSendEnv, oControlPath, oControlMaster, oHashKnownHosts,
+        oSendEnv, oControlPath, oControlMaster, oControlPersist,
+        oHashKnownHosts,
        oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
        oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
        oDeprecated, oUnsupported
@@ -144,6 +145,7 @@ static struct {
        { "forwardagent", oForwardAgent },
        { "forwardx11", oForwardX11 },
        { "forwardx11trusted", oForwardX11Trusted },
+        { "forwardx11timeout", oForwardX11Timeout },
        { "exitonforwardfailure", oExitOnForwardFailure },
        { "xauthlocation", oXAuthLocation },
        { "gatewayports", oGatewayPorts },
@@ -233,6 +235,7 @@ static struct {
        { "sendenv", oSendEnv },
        { "controlpath", oControlPath },
        { "controlmaster", oControlMaster },
+        { "controlpersist", oControlPersist },
        { "hashknownhosts", oHashKnownHosts },
        { "tunnel", oTunnel },
        { "tunneldevice", oTunnelDevice },
@@ -264,8 +267,9 @@ add_local_forward(Options *options, const Forward *newfwd)
        if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0)
                fatal("Privileged ports can only be forwarded by root.");
 #endif
-        if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
+        options->local_forwards = xrealloc(options->local_forwards,
-                fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION);
+            options->num_local_forwards + 1,
+            sizeof(*options->local_forwards));
        fwd = &options->local_forwards[options->num_local_forwards++];
        fwd->listen_host = newfwd->listen_host;
@@ -283,15 +287,17 @@ void
 add_remote_forward(Options *options, const Forward *newfwd)
 {
        Forward *fwd;
-        if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
-                fatal("Too many remote forwards (max %d).",
+        options->remote_forwards = xrealloc(options->remote_forwards,
-                    SSH_MAX_FORWARDS_PER_DIRECTION);
+            options->num_remote_forwards + 1,
+            sizeof(*options->remote_forwards));
        fwd = &options->remote_forwards[options->num_remote_forwards++];
        fwd->listen_host = newfwd->listen_host;
        fwd->listen_port = newfwd->listen_port;
        fwd->connect_host = newfwd->connect_host;
        fwd->connect_port = newfwd->connect_port;
+        fwd->allocated_port = 0;
 }
 static void
@@ -304,12 +310,20 @@ clear_forwardings(Options *options)
                        xfree(options->local_forwards[i].listen_host);
                xfree(options->local_forwards[i].connect_host);
        }
+        if (options->num_local_forwards > 0) {
+                xfree(options->local_forwards);
+                options->local_forwards = NULL;
+        }
        options->num_local_forwards = 0;
        for (i = 0; i < options->num_remote_forwards; i++) {
                if (options->remote_forwards[i].listen_host != NULL)
                        xfree(options->remote_forwards[i].listen_host);
                xfree(options->remote_forwards[i].connect_host);
        }
+        if (options->num_remote_forwards > 0) {
+                xfree(options->remote_forwards);
+                options->remote_forwards = NULL;
+        }
        options->num_remote_forwards = 0;
        options->tun_open = SSH_TUNMODE_NO;
 }
@@ -412,6 +426,10 @@ parse_flag:
        case oForwardX11Trusted:
                intptr = &options->forward_x11_trusted;
                goto parse_flag;
+        
+        case oForwardX11Timeout:
+                intptr = &options->forward_x11_timeout;
+                goto parse_time;
        case oGatewayPorts:
                intptr = &options->gateway_ports;
@@ -891,6 +909,30 @@ parse_int:
                        *intptr = value;
                break;
+        case oControlPersist:
+                /* no/false/yes/true, or a time spec */
+                intptr = &options->control_persist;
+                arg = strdelim(&s);
+                if (!arg || *arg == '\0')
+                        fatal("%.200s line %d: Missing ControlPersist"
+                            " argument.", filename, linenum);
+                value = 0;
+                value2 = 0;     /* timeout */
+                if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
+                        value = 0;
+                else if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
+                        value = 1;
+                else if ((value2 = convtime(arg)) >= 0)
+                        value = 1;
+                else
+                        fatal("%.200s line %d: Bad ControlPersist argument.",
+                            filename, linenum);
+                if (*activep && *intptr == -1) {
+                        *intptr = value;
+                        options->control_persist_timeout = value2;
+                }
+                break;
        case oHashKnownHosts:
                intptr = &options->hash_known_hosts;
                goto parse_flag;
@@ -1032,6 +1074,7 @@ initialize_options(Options * options)
        options->forward_agent = -1;
        options->forward_x11 = -1;
        options->forward_x11_trusted = -1;
+        options->forward_x11_timeout = -1;
        options->exit_on_forward_failure = -1;
        options->xauth_location = NULL;
        options->gateway_ports = -1;
@@ -1076,7 +1119,9 @@ initialize_options(Options * options)
        options->user_hostfile = NULL;
        options->system_hostfile2 = NULL;
        options->user_hostfile2 = NULL;
+        options->local_forwards = NULL;
        options->num_local_forwards = 0;
+        options->remote_forwards = NULL;
        options->num_remote_forwards = 0;
        options->clear_forwardings = -1;
        options->log_level = SYSLOG_LEVEL_NOT_SET;
@@ -1093,6 +1138,8 @@ initialize_options(Options * options)
        options->num_send_env = 0;
        options->control_path = NULL;
        options->control_master = -1;
+        options->control_persist = -1;
+        options->control_persist_timeout = 0;
        options->hash_known_hosts = -1;
        options->tun_open = -1;
        options->tun_local = -1;
@@ -1120,6 +1167,8 @@ fill_default_options(Options * options)
                options->forward_x11 = 0;
        if (options->forward_x11_trusted == -1)
                options->forward_x11_trusted = 0;
+        if (options->forward_x11_timeout == -1)
+                options->forward_x11_timeout = 1200;
        if (options->exit_on_forward_failure == -1)
                options->exit_on_forward_failure = 0;
        if (options->xauth_location == NULL)
@@ -1232,6 +1281,10 @@ fill_default_options(Options * options)
                options->server_alive_count_max = 3;
        if (options->control_master == -1)
                options->control_master = 0;
+        if (options->control_persist == -1) {
+                options->control_persist = 0;
+                options->control_persist_timeout = 0;
+        }
        if (options->hash_known_hosts == -1)
                options->hash_known_hosts = 0;
        if (options->tun_open == -1)

diff --git a/readconf.c b/readconf.c index 9d1ee55fa..36750a843 100644 --- a/readconf.c +++ b/readconf.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: readconf.c,v 1.183 2010/02/08 10:50:20 markus Exp $ */	1	/* $OpenBSD: readconf.c,v 1.187 2010/07/19 09:15:12 djm Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -110,8 +110,8 @@
110		110
111	typedef enum {	111	typedef enum {
112	oBadOption,	112	oBadOption,
113	oForwardAgent, oForwardX11, oForwardX11Trusted, oGatewayPorts,	113	oForwardAgent, oForwardX11, oForwardX11Trusted, oForwardX11Timeout,
114	oExitOnForwardFailure,	114	oGatewayPorts, oExitOnForwardFailure,
115	oPasswordAuthentication, oRSAAuthentication,	115	oPasswordAuthentication, oRSAAuthentication,
116	oChallengeResponseAuthentication, oXAuthLocation,	116	oChallengeResponseAuthentication, oXAuthLocation,
117	oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,	117	oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
@@ -129,7 +129,8 @@ typedef enum {
129	oAddressFamily, oGssAuthentication, oGssDelegateCreds,	129	oAddressFamily, oGssAuthentication, oGssDelegateCreds,
130	oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey,	130	oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey,
131	oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,	131	oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
132	oSendEnv, oControlPath, oControlMaster, oHashKnownHosts,	132	oSendEnv, oControlPath, oControlMaster, oControlPersist,
		133	oHashKnownHosts,
133	oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,	134	oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
134	oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,	135	oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
135	oDeprecated, oUnsupported	136	oDeprecated, oUnsupported
@@ -144,6 +145,7 @@ static struct {
144	{ "forwardagent", oForwardAgent },	145	{ "forwardagent", oForwardAgent },
145	{ "forwardx11", oForwardX11 },	146	{ "forwardx11", oForwardX11 },
146	{ "forwardx11trusted", oForwardX11Trusted },	147	{ "forwardx11trusted", oForwardX11Trusted },
		148	{ "forwardx11timeout", oForwardX11Timeout },
147	{ "exitonforwardfailure", oExitOnForwardFailure },	149	{ "exitonforwardfailure", oExitOnForwardFailure },
148	{ "xauthlocation", oXAuthLocation },	150	{ "xauthlocation", oXAuthLocation },
149	{ "gatewayports", oGatewayPorts },	151	{ "gatewayports", oGatewayPorts },
@@ -233,6 +235,7 @@ static struct {
233	{ "sendenv", oSendEnv },	235	{ "sendenv", oSendEnv },
234	{ "controlpath", oControlPath },	236	{ "controlpath", oControlPath },
235	{ "controlmaster", oControlMaster },	237	{ "controlmaster", oControlMaster },
		238	{ "controlpersist", oControlPersist },
236	{ "hashknownhosts", oHashKnownHosts },	239	{ "hashknownhosts", oHashKnownHosts },
237	{ "tunnel", oTunnel },	240	{ "tunnel", oTunnel },
238	{ "tunneldevice", oTunnelDevice },	241	{ "tunneldevice", oTunnelDevice },
@@ -264,8 +267,9 @@ add_local_forward(Options options, const Forward newfwd)
264	if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0)	267	if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0)
265	fatal("Privileged ports can only be forwarded by root.");	268	fatal("Privileged ports can only be forwarded by root.");
266	#endif	269	#endif
267	if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)	270	options->local_forwards = xrealloc(options->local_forwards,
268	fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION);	271	options->num_local_forwards + 1,
		272	sizeof(*options->local_forwards));
269	fwd = &options->local_forwards[options->num_local_forwards++];	273	fwd = &options->local_forwards[options->num_local_forwards++];
270		274
271	fwd->listen_host = newfwd->listen_host;	275	fwd->listen_host = newfwd->listen_host;
@@ -283,15 +287,17 @@ void
283	add_remote_forward(Options options, const Forward newfwd)	287	add_remote_forward(Options options, const Forward newfwd)
284	{	288	{
285	Forward *fwd;	289	Forward *fwd;
286	if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)	290
287	fatal("Too many remote forwards (max %d).",	291	options->remote_forwards = xrealloc(options->remote_forwards,
288	SSH_MAX_FORWARDS_PER_DIRECTION);	292	options->num_remote_forwards + 1,
		293	sizeof(*options->remote_forwards));
289	fwd = &options->remote_forwards[options->num_remote_forwards++];	294	fwd = &options->remote_forwards[options->num_remote_forwards++];
290		295
291	fwd->listen_host = newfwd->listen_host;	296	fwd->listen_host = newfwd->listen_host;
292	fwd->listen_port = newfwd->listen_port;	297	fwd->listen_port = newfwd->listen_port;
293	fwd->connect_host = newfwd->connect_host;	298	fwd->connect_host = newfwd->connect_host;
294	fwd->connect_port = newfwd->connect_port;	299	fwd->connect_port = newfwd->connect_port;
		300	fwd->allocated_port = 0;
295	}	301	}
296		302
297	static void	303	static void
@@ -304,12 +310,20 @@ clear_forwardings(Options *options)
304	xfree(options->local_forwards[i].listen_host);	310	xfree(options->local_forwards[i].listen_host);
305	xfree(options->local_forwards[i].connect_host);	311	xfree(options->local_forwards[i].connect_host);
306	}	312	}
		313	if (options->num_local_forwards > 0) {
		314	xfree(options->local_forwards);
		315	options->local_forwards = NULL;
		316	}
307	options->num_local_forwards = 0;	317	options->num_local_forwards = 0;
308	for (i = 0; i < options->num_remote_forwards; i++) {	318	for (i = 0; i < options->num_remote_forwards; i++) {
309	if (options->remote_forwards[i].listen_host != NULL)	319	if (options->remote_forwards[i].listen_host != NULL)
310	xfree(options->remote_forwards[i].listen_host);	320	xfree(options->remote_forwards[i].listen_host);
311	xfree(options->remote_forwards[i].connect_host);	321	xfree(options->remote_forwards[i].connect_host);
312	}	322	}
		323	if (options->num_remote_forwards > 0) {
		324	xfree(options->remote_forwards);
		325	options->remote_forwards = NULL;
		326	}
313	options->num_remote_forwards = 0;	327	options->num_remote_forwards = 0;
314	options->tun_open = SSH_TUNMODE_NO;	328	options->tun_open = SSH_TUNMODE_NO;
315	}	329	}
@@ -412,6 +426,10 @@ parse_flag:
412	case oForwardX11Trusted:	426	case oForwardX11Trusted:
413	intptr = &options->forward_x11_trusted;	427	intptr = &options->forward_x11_trusted;
414	goto parse_flag;	428	goto parse_flag;
		429
		430	case oForwardX11Timeout:
		431	intptr = &options->forward_x11_timeout;
		432	goto parse_time;
415		433
416	case oGatewayPorts:	434	case oGatewayPorts:
417	intptr = &options->gateway_ports;	435	intptr = &options->gateway_ports;
@@ -891,6 +909,30 @@ parse_int:
891	*intptr = value;	909	*intptr = value;
892	break;	910	break;
893		911
		912	case oControlPersist:
		913	/* no/false/yes/true, or a time spec */
		914	intptr = &options->control_persist;
		915	arg = strdelim(&s);
		916	if (!arg \|\| *arg == '\0')
		917	fatal("%.200s line %d: Missing ControlPersist"
		918	" argument.", filename, linenum);
		919	value = 0;
		920	value2 = 0; /* timeout */
		921	if (strcmp(arg, "no") == 0 \|\| strcmp(arg, "false") == 0)
		922	value = 0;
		923	else if (strcmp(arg, "yes") == 0 \|\| strcmp(arg, "true") == 0)
		924	value = 1;
		925	else if ((value2 = convtime(arg)) >= 0)
		926	value = 1;
		927	else
		928	fatal("%.200s line %d: Bad ControlPersist argument.",
		929	filename, linenum);
		930	if (activep && intptr == -1) {
		931	*intptr = value;
		932	options->control_persist_timeout = value2;
		933	}
		934	break;
		935
894	case oHashKnownHosts:	936	case oHashKnownHosts:
895	intptr = &options->hash_known_hosts;	937	intptr = &options->hash_known_hosts;
896	goto parse_flag;	938	goto parse_flag;
@@ -1032,6 +1074,7 @@ initialize_options(Options * options)
1032	options->forward_agent = -1;	1074	options->forward_agent = -1;
1033	options->forward_x11 = -1;	1075	options->forward_x11 = -1;
1034	options->forward_x11_trusted = -1;	1076	options->forward_x11_trusted = -1;
		1077	options->forward_x11_timeout = -1;
1035	options->exit_on_forward_failure = -1;	1078	options->exit_on_forward_failure = -1;
1036	options->xauth_location = NULL;	1079	options->xauth_location = NULL;
1037	options->gateway_ports = -1;	1080	options->gateway_ports = -1;
@@ -1076,7 +1119,9 @@ initialize_options(Options * options)
1076	options->user_hostfile = NULL;	1119	options->user_hostfile = NULL;
1077	options->system_hostfile2 = NULL;	1120	options->system_hostfile2 = NULL;
1078	options->user_hostfile2 = NULL;	1121	options->user_hostfile2 = NULL;
		1122	options->local_forwards = NULL;
1079	options->num_local_forwards = 0;	1123	options->num_local_forwards = 0;
		1124	options->remote_forwards = NULL;
1080	options->num_remote_forwards = 0;	1125	options->num_remote_forwards = 0;
1081	options->clear_forwardings = -1;	1126	options->clear_forwardings = -1;
1082	options->log_level = SYSLOG_LEVEL_NOT_SET;	1127	options->log_level = SYSLOG_LEVEL_NOT_SET;
@@ -1093,6 +1138,8 @@ initialize_options(Options * options)
1093	options->num_send_env = 0;	1138	options->num_send_env = 0;
1094	options->control_path = NULL;	1139	options->control_path = NULL;
1095	options->control_master = -1;	1140	options->control_master = -1;
		1141	options->control_persist = -1;
		1142	options->control_persist_timeout = 0;
1096	options->hash_known_hosts = -1;	1143	options->hash_known_hosts = -1;
1097	options->tun_open = -1;	1144	options->tun_open = -1;
1098	options->tun_local = -1;	1145	options->tun_local = -1;
@@ -1120,6 +1167,8 @@ fill_default_options(Options * options)
1120	options->forward_x11 = 0;	1167	options->forward_x11 = 0;
1121	if (options->forward_x11_trusted == -1)	1168	if (options->forward_x11_trusted == -1)
1122	options->forward_x11_trusted = 0;	1169	options->forward_x11_trusted = 0;
		1170	if (options->forward_x11_timeout == -1)
		1171	options->forward_x11_timeout = 1200;
1123	if (options->exit_on_forward_failure == -1)	1172	if (options->exit_on_forward_failure == -1)
1124	options->exit_on_forward_failure = 0;	1173	options->exit_on_forward_failure = 0;
1125	if (options->xauth_location == NULL)	1174	if (options->xauth_location == NULL)
@@ -1232,6 +1281,10 @@ fill_default_options(Options * options)
1232	options->server_alive_count_max = 3;	1281	options->server_alive_count_max = 3;
1233	if (options->control_master == -1)	1282	if (options->control_master == -1)
1234	options->control_master = 0;	1283	options->control_master = 0;
		1284	if (options->control_persist == -1) {
		1285	options->control_persist = 0;
		1286	options->control_persist_timeout = 0;
		1287	}
1235	if (options->hash_known_hosts == -1)	1288	if (options->hash_known_hosts == -1)
1236	options->hash_known_hosts = 0;	1289	options->hash_known_hosts = 0;
1237	if (options->tun_open == -1)	1290	if (options->tun_open == -1)