summaryrefslogtreecommitdiff
path: root/readconf.c
diff options
context:
space:
mode:
Diffstat (limited to 'readconf.c')
-rw-r--r--readconf.c57
1 files changed, 40 insertions, 17 deletions
diff --git a/readconf.c b/readconf.c
index 13987ffa7..2591e0dba 100644
--- a/readconf.c
+++ b/readconf.c
@@ -12,7 +12,7 @@
12 */ 12 */
13 13
14#include "includes.h" 14#include "includes.h"
15RCSID("$OpenBSD: readconf.c,v 1.121 2003/09/01 18:15:50 markus Exp $"); 15RCSID("$OpenBSD: readconf.c,v 1.127 2003/12/16 15:49:51 markus Exp $");
16 16
17#include "ssh.h" 17#include "ssh.h"
18#include "xmalloc.h" 18#include "xmalloc.h"
@@ -78,7 +78,7 @@ RCSID("$OpenBSD: readconf.c,v 1.121 2003/09/01 18:15:50 markus Exp $");
78 RSAAuthentication yes 78 RSAAuthentication yes
79 RhostsRSAAuthentication yes 79 RhostsRSAAuthentication yes
80 StrictHostKeyChecking yes 80 StrictHostKeyChecking yes
81 KeepAlives no 81 TcpKeepAlive no
82 IdentityFile ~/.ssh/identity 82 IdentityFile ~/.ssh/identity
83 Port 22 83 Port 22
84 EscapeChar ~ 84 EscapeChar ~
@@ -89,14 +89,14 @@ RCSID("$OpenBSD: readconf.c,v 1.121 2003/09/01 18:15:50 markus Exp $");
89 89
90typedef enum { 90typedef enum {
91 oBadOption, 91 oBadOption,
92 oForwardAgent, oForwardX11, oGatewayPorts, 92 oForwardAgent, oForwardX11, oForwardX11Trusted, oGatewayPorts,
93 oPasswordAuthentication, oRSAAuthentication, 93 oPasswordAuthentication, oRSAAuthentication,
94 oChallengeResponseAuthentication, oXAuthLocation, 94 oChallengeResponseAuthentication, oXAuthLocation,
95 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, 95 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
96 oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, 96 oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
97 oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, 97 oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
98 oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, 98 oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
99 oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts, 99 oCompressionLevel, oTCPKeepAlive, oNumberOfPasswordPrompts,
100 oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs, 100 oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs,
101 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, 101 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
102 oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, 102 oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
@@ -105,6 +105,7 @@ typedef enum {
105 oClearAllForwardings, oNoHostAuthenticationForLocalhost, 105 oClearAllForwardings, oNoHostAuthenticationForLocalhost,
106 oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, 106 oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
107 oAddressFamily, oGssAuthentication, oGssDelegateCreds, 107 oAddressFamily, oGssAuthentication, oGssDelegateCreds,
108 oServerAliveInterval, oServerAliveCountMax,
108 oDeprecated, oUnsupported 109 oDeprecated, oUnsupported
109} OpCodes; 110} OpCodes;
110 111
@@ -116,6 +117,7 @@ static struct {
116} keywords[] = { 117} keywords[] = {
117 { "forwardagent", oForwardAgent }, 118 { "forwardagent", oForwardAgent },
118 { "forwardx11", oForwardX11 }, 119 { "forwardx11", oForwardX11 },
120 { "forwardx11trusted", oForwardX11Trusted },
119 { "xauthlocation", oXAuthLocation }, 121 { "xauthlocation", oXAuthLocation },
120 { "gatewayports", oGatewayPorts }, 122 { "gatewayports", oGatewayPorts },
121 { "useprivilegedport", oUsePrivilegedPort }, 123 { "useprivilegedport", oUsePrivilegedPort },
@@ -168,7 +170,8 @@ static struct {
168 { "stricthostkeychecking", oStrictHostKeyChecking }, 170 { "stricthostkeychecking", oStrictHostKeyChecking },
169 { "compression", oCompression }, 171 { "compression", oCompression },
170 { "compressionlevel", oCompressionLevel }, 172 { "compressionlevel", oCompressionLevel },
171 { "keepalive", oKeepAlives }, 173 { "tcpkeepalive", oTCPKeepAlive },
174 { "keepalive", oTCPKeepAlive }, /* obsolete */
172 { "numberofpasswordprompts", oNumberOfPasswordPrompts }, 175 { "numberofpasswordprompts", oNumberOfPasswordPrompts },
173 { "loglevel", oLogLevel }, 176 { "loglevel", oLogLevel },
174 { "dynamicforward", oDynamicForward }, 177 { "dynamicforward", oDynamicForward },
@@ -182,15 +185,13 @@ static struct {
182#endif 185#endif
183 { "clearallforwardings", oClearAllForwardings }, 186 { "clearallforwardings", oClearAllForwardings },
184 { "enablesshkeysign", oEnableSSHKeysign }, 187 { "enablesshkeysign", oEnableSSHKeysign },
185#ifdef DNS
186 { "verifyhostkeydns", oVerifyHostKeyDNS }, 188 { "verifyhostkeydns", oVerifyHostKeyDNS },
187#else
188 { "verifyhostkeydns", oUnsupported },
189#endif
190 { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost }, 189 { "nohostauthenticationforlocalhost", oNoHostAuthenticationForLocalhost },
191 { "rekeylimit", oRekeyLimit }, 190 { "rekeylimit", oRekeyLimit },
192 { "connecttimeout", oConnectTimeout }, 191 { "connecttimeout", oConnectTimeout },
193 { "addressfamily", oAddressFamily }, 192 { "addressfamily", oAddressFamily },
193 { "serveraliveinterval", oServerAliveInterval },
194 { "serveralivecountmax", oServerAliveCountMax },
194 { NULL, oBadOption } 195 { NULL, oBadOption }
195}; 196};
196 197
@@ -309,7 +310,7 @@ process_config_line(Options *options, const char *host,
309 /* NOTREACHED */ 310 /* NOTREACHED */
310 case oConnectTimeout: 311 case oConnectTimeout:
311 intptr = &options->connection_timeout; 312 intptr = &options->connection_timeout;
312/* parse_time: */ 313parse_time:
313 arg = strdelim(&s); 314 arg = strdelim(&s);
314 if (!arg || *arg == '\0') 315 if (!arg || *arg == '\0')
315 fatal("%s line %d: missing time value.", 316 fatal("%s line %d: missing time value.",
@@ -342,6 +343,10 @@ parse_flag:
342 intptr = &options->forward_x11; 343 intptr = &options->forward_x11;
343 goto parse_flag; 344 goto parse_flag;
344 345
346 case oForwardX11Trusted:
347 intptr = &options->forward_x11_trusted;
348 goto parse_flag;
349
345 case oGatewayPorts: 350 case oGatewayPorts:
346 intptr = &options->gateway_ports; 351 intptr = &options->gateway_ports;
347 goto parse_flag; 352 goto parse_flag;
@@ -400,10 +405,11 @@ parse_flag:
400 405
401 case oVerifyHostKeyDNS: 406 case oVerifyHostKeyDNS:
402 intptr = &options->verify_host_key_dns; 407 intptr = &options->verify_host_key_dns;
403 goto parse_flag; 408 goto parse_yesnoask;
404 409
405 case oStrictHostKeyChecking: 410 case oStrictHostKeyChecking:
406 intptr = &options->strict_host_key_checking; 411 intptr = &options->strict_host_key_checking;
412parse_yesnoask:
407 arg = strdelim(&s); 413 arg = strdelim(&s);
408 if (!arg || *arg == '\0') 414 if (!arg || *arg == '\0')
409 fatal("%.200s line %d: Missing yes/no/ask argument.", 415 fatal("%.200s line %d: Missing yes/no/ask argument.",
@@ -425,8 +431,8 @@ parse_flag:
425 intptr = &options->compression; 431 intptr = &options->compression;
426 goto parse_flag; 432 goto parse_flag;
427 433
428 case oKeepAlives: 434 case oTCPKeepAlive:
429 intptr = &options->keepalives; 435 intptr = &options->tcp_keep_alive;
430 goto parse_flag; 436 goto parse_flag;
431 437
432 case oNoHostAuthenticationForLocalhost: 438 case oNoHostAuthenticationForLocalhost:
@@ -730,6 +736,14 @@ parse_int:
730 intptr = &options->enable_ssh_keysign; 736 intptr = &options->enable_ssh_keysign;
731 goto parse_flag; 737 goto parse_flag;
732 738
739 case oServerAliveInterval:
740 intptr = &options->server_alive_interval;
741 goto parse_time;
742
743 case oServerAliveCountMax:
744 intptr = &options->server_alive_count_max;
745 goto parse_int;
746
733 case oDeprecated: 747 case oDeprecated:
734 debug("%s line %d: Deprecated option \"%s\"", 748 debug("%s line %d: Deprecated option \"%s\"",
735 filename, linenum, keyword); 749 filename, linenum, keyword);
@@ -806,6 +820,7 @@ initialize_options(Options * options)
806 memset(options, 'X', sizeof(*options)); 820 memset(options, 'X', sizeof(*options));
807 options->forward_agent = -1; 821 options->forward_agent = -1;
808 options->forward_x11 = -1; 822 options->forward_x11 = -1;
823 options->forward_x11_trusted = -1;
809 options->xauth_location = NULL; 824 options->xauth_location = NULL;
810 options->gateway_ports = -1; 825 options->gateway_ports = -1;
811 options->use_privileged_port = -1; 826 options->use_privileged_port = -1;
@@ -823,7 +838,7 @@ initialize_options(Options * options)
823 options->check_host_ip = -1; 838 options->check_host_ip = -1;
824 options->strict_host_key_checking = -1; 839 options->strict_host_key_checking = -1;
825 options->compression = -1; 840 options->compression = -1;
826 options->keepalives = -1; 841 options->tcp_keep_alive = -1;
827 options->compression_level = -1; 842 options->compression_level = -1;
828 options->port = -1; 843 options->port = -1;
829 options->address_family = -1; 844 options->address_family = -1;
@@ -856,6 +871,8 @@ initialize_options(Options * options)
856 options->no_host_authentication_for_localhost = - 1; 871 options->no_host_authentication_for_localhost = - 1;
857 options->rekey_limit = - 1; 872 options->rekey_limit = - 1;
858 options->verify_host_key_dns = -1; 873 options->verify_host_key_dns = -1;
874 options->server_alive_interval = -1;
875 options->server_alive_count_max = -1;
859} 876}
860 877
861/* 878/*
@@ -872,6 +889,8 @@ fill_default_options(Options * options)
872 options->forward_agent = 0; 889 options->forward_agent = 0;
873 if (options->forward_x11 == -1) 890 if (options->forward_x11 == -1)
874 options->forward_x11 = 0; 891 options->forward_x11 = 0;
892 if (options->forward_x11_trusted == -1)
893 options->forward_x11_trusted = 0;
875 if (options->xauth_location == NULL) 894 if (options->xauth_location == NULL)
876 options->xauth_location = _PATH_XAUTH; 895 options->xauth_location = _PATH_XAUTH;
877 if (options->gateway_ports == -1) 896 if (options->gateway_ports == -1)
@@ -885,7 +904,7 @@ fill_default_options(Options * options)
885 if (options->challenge_response_authentication == -1) 904 if (options->challenge_response_authentication == -1)
886 options->challenge_response_authentication = 1; 905 options->challenge_response_authentication = 1;
887 if (options->gss_authentication == -1) 906 if (options->gss_authentication == -1)
888 options->gss_authentication = 1; 907 options->gss_authentication = 0;
889 if (options->gss_deleg_creds == -1) 908 if (options->gss_deleg_creds == -1)
890 options->gss_deleg_creds = 0; 909 options->gss_deleg_creds = 0;
891 if (options->password_authentication == -1) 910 if (options->password_authentication == -1)
@@ -904,8 +923,8 @@ fill_default_options(Options * options)
904 options->strict_host_key_checking = 2; /* 2 is default */ 923 options->strict_host_key_checking = 2; /* 2 is default */
905 if (options->compression == -1) 924 if (options->compression == -1)
906 options->compression = 0; 925 options->compression = 0;
907 if (options->keepalives == -1) 926 if (options->tcp_keep_alive == -1)
908 options->keepalives = 1; 927 options->tcp_keep_alive = 1;
909 if (options->compression_level == -1) 928 if (options->compression_level == -1)
910 options->compression_level = 6; 929 options->compression_level = 6;
911 if (options->port == -1) 930 if (options->port == -1)
@@ -968,6 +987,10 @@ fill_default_options(Options * options)
968 options->rekey_limit = 0; 987 options->rekey_limit = 0;
969 if (options->verify_host_key_dns == -1) 988 if (options->verify_host_key_dns == -1)
970 options->verify_host_key_dns = 0; 989 options->verify_host_key_dns = 0;
990 if (options->server_alive_interval == -1)
991 options->server_alive_interval = 0;
992 if (options->server_alive_count_max == -1)
993 options->server_alive_count_max = 3;
971 /* options->proxy_command should not be set by default */ 994 /* options->proxy_command should not be set by default */
972 /* options->user will be set in the main program if appropriate */ 995 /* options->user will be set in the main program if appropriate */
973 /* options->hostname will be set in the main program if appropriate */ 996 /* options->hostname will be set in the main program if appropriate */
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-28 12:38:06 +0000