diff options
Diffstat (limited to 'readconf.c')
-rw-r--r-- | readconf.c | 71 |
1 files changed, 62 insertions, 9 deletions
diff --git a/readconf.c b/readconf.c index 9d1ee55fa..36750a843 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: readconf.c,v 1.183 2010/02/08 10:50:20 markus Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.187 2010/07/19 09:15:12 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -110,8 +110,8 @@ | |||
110 | 110 | ||
111 | typedef enum { | 111 | typedef enum { |
112 | oBadOption, | 112 | oBadOption, |
113 | oForwardAgent, oForwardX11, oForwardX11Trusted, oGatewayPorts, | 113 | oForwardAgent, oForwardX11, oForwardX11Trusted, oForwardX11Timeout, |
114 | oExitOnForwardFailure, | 114 | oGatewayPorts, oExitOnForwardFailure, |
115 | oPasswordAuthentication, oRSAAuthentication, | 115 | oPasswordAuthentication, oRSAAuthentication, |
116 | oChallengeResponseAuthentication, oXAuthLocation, | 116 | oChallengeResponseAuthentication, oXAuthLocation, |
117 | oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, | 117 | oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, |
@@ -129,7 +129,8 @@ typedef enum { | |||
129 | oAddressFamily, oGssAuthentication, oGssDelegateCreds, | 129 | oAddressFamily, oGssAuthentication, oGssDelegateCreds, |
130 | oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey, | 130 | oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey, |
131 | oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, | 131 | oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, |
132 | oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, | 132 | oSendEnv, oControlPath, oControlMaster, oControlPersist, |
133 | oHashKnownHosts, | ||
133 | oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, | 134 | oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, |
134 | oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication, | 135 | oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication, |
135 | oDeprecated, oUnsupported | 136 | oDeprecated, oUnsupported |
@@ -144,6 +145,7 @@ static struct { | |||
144 | { "forwardagent", oForwardAgent }, | 145 | { "forwardagent", oForwardAgent }, |
145 | { "forwardx11", oForwardX11 }, | 146 | { "forwardx11", oForwardX11 }, |
146 | { "forwardx11trusted", oForwardX11Trusted }, | 147 | { "forwardx11trusted", oForwardX11Trusted }, |
148 | { "forwardx11timeout", oForwardX11Timeout }, | ||
147 | { "exitonforwardfailure", oExitOnForwardFailure }, | 149 | { "exitonforwardfailure", oExitOnForwardFailure }, |
148 | { "xauthlocation", oXAuthLocation }, | 150 | { "xauthlocation", oXAuthLocation }, |
149 | { "gatewayports", oGatewayPorts }, | 151 | { "gatewayports", oGatewayPorts }, |
@@ -233,6 +235,7 @@ static struct { | |||
233 | { "sendenv", oSendEnv }, | 235 | { "sendenv", oSendEnv }, |
234 | { "controlpath", oControlPath }, | 236 | { "controlpath", oControlPath }, |
235 | { "controlmaster", oControlMaster }, | 237 | { "controlmaster", oControlMaster }, |
238 | { "controlpersist", oControlPersist }, | ||
236 | { "hashknownhosts", oHashKnownHosts }, | 239 | { "hashknownhosts", oHashKnownHosts }, |
237 | { "tunnel", oTunnel }, | 240 | { "tunnel", oTunnel }, |
238 | { "tunneldevice", oTunnelDevice }, | 241 | { "tunneldevice", oTunnelDevice }, |
@@ -264,8 +267,9 @@ add_local_forward(Options *options, const Forward *newfwd) | |||
264 | if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0) | 267 | if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0) |
265 | fatal("Privileged ports can only be forwarded by root."); | 268 | fatal("Privileged ports can only be forwarded by root."); |
266 | #endif | 269 | #endif |
267 | if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) | 270 | options->local_forwards = xrealloc(options->local_forwards, |
268 | fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); | 271 | options->num_local_forwards + 1, |
272 | sizeof(*options->local_forwards)); | ||
269 | fwd = &options->local_forwards[options->num_local_forwards++]; | 273 | fwd = &options->local_forwards[options->num_local_forwards++]; |
270 | 274 | ||
271 | fwd->listen_host = newfwd->listen_host; | 275 | fwd->listen_host = newfwd->listen_host; |
@@ -283,15 +287,17 @@ void | |||
283 | add_remote_forward(Options *options, const Forward *newfwd) | 287 | add_remote_forward(Options *options, const Forward *newfwd) |
284 | { | 288 | { |
285 | Forward *fwd; | 289 | Forward *fwd; |
286 | if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) | 290 | |
287 | fatal("Too many remote forwards (max %d).", | 291 | options->remote_forwards = xrealloc(options->remote_forwards, |
288 | SSH_MAX_FORWARDS_PER_DIRECTION); | 292 | options->num_remote_forwards + 1, |
293 | sizeof(*options->remote_forwards)); | ||
289 | fwd = &options->remote_forwards[options->num_remote_forwards++]; | 294 | fwd = &options->remote_forwards[options->num_remote_forwards++]; |
290 | 295 | ||
291 | fwd->listen_host = newfwd->listen_host; | 296 | fwd->listen_host = newfwd->listen_host; |
292 | fwd->listen_port = newfwd->listen_port; | 297 | fwd->listen_port = newfwd->listen_port; |
293 | fwd->connect_host = newfwd->connect_host; | 298 | fwd->connect_host = newfwd->connect_host; |
294 | fwd->connect_port = newfwd->connect_port; | 299 | fwd->connect_port = newfwd->connect_port; |
300 | fwd->allocated_port = 0; | ||
295 | } | 301 | } |
296 | 302 | ||
297 | static void | 303 | static void |
@@ -304,12 +310,20 @@ clear_forwardings(Options *options) | |||
304 | xfree(options->local_forwards[i].listen_host); | 310 | xfree(options->local_forwards[i].listen_host); |
305 | xfree(options->local_forwards[i].connect_host); | 311 | xfree(options->local_forwards[i].connect_host); |
306 | } | 312 | } |
313 | if (options->num_local_forwards > 0) { | ||
314 | xfree(options->local_forwards); | ||
315 | options->local_forwards = NULL; | ||
316 | } | ||
307 | options->num_local_forwards = 0; | 317 | options->num_local_forwards = 0; |
308 | for (i = 0; i < options->num_remote_forwards; i++) { | 318 | for (i = 0; i < options->num_remote_forwards; i++) { |
309 | if (options->remote_forwards[i].listen_host != NULL) | 319 | if (options->remote_forwards[i].listen_host != NULL) |
310 | xfree(options->remote_forwards[i].listen_host); | 320 | xfree(options->remote_forwards[i].listen_host); |
311 | xfree(options->remote_forwards[i].connect_host); | 321 | xfree(options->remote_forwards[i].connect_host); |
312 | } | 322 | } |
323 | if (options->num_remote_forwards > 0) { | ||
324 | xfree(options->remote_forwards); | ||
325 | options->remote_forwards = NULL; | ||
326 | } | ||
313 | options->num_remote_forwards = 0; | 327 | options->num_remote_forwards = 0; |
314 | options->tun_open = SSH_TUNMODE_NO; | 328 | options->tun_open = SSH_TUNMODE_NO; |
315 | } | 329 | } |
@@ -412,6 +426,10 @@ parse_flag: | |||
412 | case oForwardX11Trusted: | 426 | case oForwardX11Trusted: |
413 | intptr = &options->forward_x11_trusted; | 427 | intptr = &options->forward_x11_trusted; |
414 | goto parse_flag; | 428 | goto parse_flag; |
429 | |||
430 | case oForwardX11Timeout: | ||
431 | intptr = &options->forward_x11_timeout; | ||
432 | goto parse_time; | ||
415 | 433 | ||
416 | case oGatewayPorts: | 434 | case oGatewayPorts: |
417 | intptr = &options->gateway_ports; | 435 | intptr = &options->gateway_ports; |
@@ -891,6 +909,30 @@ parse_int: | |||
891 | *intptr = value; | 909 | *intptr = value; |
892 | break; | 910 | break; |
893 | 911 | ||
912 | case oControlPersist: | ||
913 | /* no/false/yes/true, or a time spec */ | ||
914 | intptr = &options->control_persist; | ||
915 | arg = strdelim(&s); | ||
916 | if (!arg || *arg == '\0') | ||
917 | fatal("%.200s line %d: Missing ControlPersist" | ||
918 | " argument.", filename, linenum); | ||
919 | value = 0; | ||
920 | value2 = 0; /* timeout */ | ||
921 | if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0) | ||
922 | value = 0; | ||
923 | else if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) | ||
924 | value = 1; | ||
925 | else if ((value2 = convtime(arg)) >= 0) | ||
926 | value = 1; | ||
927 | else | ||
928 | fatal("%.200s line %d: Bad ControlPersist argument.", | ||
929 | filename, linenum); | ||
930 | if (*activep && *intptr == -1) { | ||
931 | *intptr = value; | ||
932 | options->control_persist_timeout = value2; | ||
933 | } | ||
934 | break; | ||
935 | |||
894 | case oHashKnownHosts: | 936 | case oHashKnownHosts: |
895 | intptr = &options->hash_known_hosts; | 937 | intptr = &options->hash_known_hosts; |
896 | goto parse_flag; | 938 | goto parse_flag; |
@@ -1032,6 +1074,7 @@ initialize_options(Options * options) | |||
1032 | options->forward_agent = -1; | 1074 | options->forward_agent = -1; |
1033 | options->forward_x11 = -1; | 1075 | options->forward_x11 = -1; |
1034 | options->forward_x11_trusted = -1; | 1076 | options->forward_x11_trusted = -1; |
1077 | options->forward_x11_timeout = -1; | ||
1035 | options->exit_on_forward_failure = -1; | 1078 | options->exit_on_forward_failure = -1; |
1036 | options->xauth_location = NULL; | 1079 | options->xauth_location = NULL; |
1037 | options->gateway_ports = -1; | 1080 | options->gateway_ports = -1; |
@@ -1076,7 +1119,9 @@ initialize_options(Options * options) | |||
1076 | options->user_hostfile = NULL; | 1119 | options->user_hostfile = NULL; |
1077 | options->system_hostfile2 = NULL; | 1120 | options->system_hostfile2 = NULL; |
1078 | options->user_hostfile2 = NULL; | 1121 | options->user_hostfile2 = NULL; |
1122 | options->local_forwards = NULL; | ||
1079 | options->num_local_forwards = 0; | 1123 | options->num_local_forwards = 0; |
1124 | options->remote_forwards = NULL; | ||
1080 | options->num_remote_forwards = 0; | 1125 | options->num_remote_forwards = 0; |
1081 | options->clear_forwardings = -1; | 1126 | options->clear_forwardings = -1; |
1082 | options->log_level = SYSLOG_LEVEL_NOT_SET; | 1127 | options->log_level = SYSLOG_LEVEL_NOT_SET; |
@@ -1093,6 +1138,8 @@ initialize_options(Options * options) | |||
1093 | options->num_send_env = 0; | 1138 | options->num_send_env = 0; |
1094 | options->control_path = NULL; | 1139 | options->control_path = NULL; |
1095 | options->control_master = -1; | 1140 | options->control_master = -1; |
1141 | options->control_persist = -1; | ||
1142 | options->control_persist_timeout = 0; | ||
1096 | options->hash_known_hosts = -1; | 1143 | options->hash_known_hosts = -1; |
1097 | options->tun_open = -1; | 1144 | options->tun_open = -1; |
1098 | options->tun_local = -1; | 1145 | options->tun_local = -1; |
@@ -1120,6 +1167,8 @@ fill_default_options(Options * options) | |||
1120 | options->forward_x11 = 0; | 1167 | options->forward_x11 = 0; |
1121 | if (options->forward_x11_trusted == -1) | 1168 | if (options->forward_x11_trusted == -1) |
1122 | options->forward_x11_trusted = 0; | 1169 | options->forward_x11_trusted = 0; |
1170 | if (options->forward_x11_timeout == -1) | ||
1171 | options->forward_x11_timeout = 1200; | ||
1123 | if (options->exit_on_forward_failure == -1) | 1172 | if (options->exit_on_forward_failure == -1) |
1124 | options->exit_on_forward_failure = 0; | 1173 | options->exit_on_forward_failure = 0; |
1125 | if (options->xauth_location == NULL) | 1174 | if (options->xauth_location == NULL) |
@@ -1232,6 +1281,10 @@ fill_default_options(Options * options) | |||
1232 | options->server_alive_count_max = 3; | 1281 | options->server_alive_count_max = 3; |
1233 | if (options->control_master == -1) | 1282 | if (options->control_master == -1) |
1234 | options->control_master = 0; | 1283 | options->control_master = 0; |
1284 | if (options->control_persist == -1) { | ||
1285 | options->control_persist = 0; | ||
1286 | options->control_persist_timeout = 0; | ||
1287 | } | ||
1235 | if (options->hash_known_hosts == -1) | 1288 | if (options->hash_known_hosts == -1) |
1236 | options->hash_known_hosts = 0; | 1289 | options->hash_known_hosts = 0; |
1237 | if (options->tun_open == -1) | 1290 | if (options->tun_open == -1) |