summaryrefslogtreecommitdiff
path: root/other/ssharp/readconf.c
diff options
context:
space:
mode:
Diffstat (limited to 'other/ssharp/readconf.c')
-rw-r--r--other/ssharp/readconf.c880
1 files changed, 880 insertions, 0 deletions
diff --git a/other/ssharp/readconf.c b/other/ssharp/readconf.c
new file mode 100644
index 0000000..a43a56f
--- /dev/null
+++ b/other/ssharp/readconf.c
@@ -0,0 +1,880 @@
1/*
2 * Author: Tatu Ylonen <ylo@cs.hut.fi>
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved
5 * Functions for reading the configuration files.
6 *
7 * As far as I am concerned, the code I have written for this software
8 * can be used freely for any purpose. Any derived versions of this
9 * software must be clearly marked as such, and if the derived work is
10 * incompatible with the protocol description in the RFC file, it must be
11 * called by a name other than "ssh" or "Secure Shell".
12 */
13
14#include "includes.h"
15RCSID("$OpenBSD: readconf.c,v 1.76 2001/04/17 10:53:25 markus Exp $");
16
17#include "ssh.h"
18#include "xmalloc.h"
19#include "compat.h"
20#include "cipher.h"
21#include "pathnames.h"
22#include "log.h"
23#include "readconf.h"
24#include "match.h"
25#include "misc.h"
26#include "kex.h"
27#include "mac.h"
28
29/* Format of the configuration file:
30
31 # Configuration data is parsed as follows:
32 # 1. command line options
33 # 2. user-specific file
34 # 3. system-wide file
35 # Any configuration value is only changed the first time it is set.
36 # Thus, host-specific definitions should be at the beginning of the
37 # configuration file, and defaults at the end.
38
39 # Host-specific declarations. These may override anything above. A single
40 # host may match multiple declarations; these are processed in the order
41 # that they are given in.
42
43 Host *.ngs.fi ngs.fi
44 FallBackToRsh no
45
46 Host fake.com
47 HostName another.host.name.real.org
48 User blaah
49 Port 34289
50 ForwardX11 no
51 ForwardAgent no
52
53 Host books.com
54 RemoteForward 9999 shadows.cs.hut.fi:9999
55 Cipher 3des
56
57 Host fascist.blob.com
58 Port 23123
59 User tylonen
60 RhostsAuthentication no
61 PasswordAuthentication no
62
63 Host puukko.hut.fi
64 User t35124p
65 ProxyCommand ssh-proxy %h %p
66
67 Host *.fr
68 UseRsh yes
69
70 Host *.su
71 Cipher none
72 PasswordAuthentication no
73
74 # Defaults for various options
75 Host *
76 ForwardAgent no
77 ForwardX11 no
78 RhostsAuthentication yes
79 PasswordAuthentication yes
80 RSAAuthentication yes
81 RhostsRSAAuthentication yes
82 FallBackToRsh no
83 UseRsh no
84 StrictHostKeyChecking yes
85 KeepAlives no
86 IdentityFile ~/.ssh/identity
87 Port 22
88 EscapeChar ~
89
90*/
91
92/* Keyword tokens. */
93
94typedef enum {
95 oBadOption,
96 oForwardAgent, oForwardX11, oGatewayPorts, oRhostsAuthentication,
97 oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh,
98 oChallengeResponseAuthentication, oXAuthLocation,
99#ifdef KRB4
100 oKerberosAuthentication,
101#endif /* KRB4 */
102#ifdef AFS
103 oKerberosTgtPassing, oAFSTokenPassing,
104#endif
105 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
106 oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
107 oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
108 oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression,
109 oCompressionLevel, oKeepAlives, oNumberOfPasswordPrompts,
110 oUsePrivilegedPort, oLogLevel, oCiphers, oProtocol, oMacs,
111 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
112 oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
113 oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
114 oHostKeyAlgorithms
115} OpCodes;
116
117/* Textual representations of the tokens. */
118
119static struct {
120 const char *name;
121 OpCodes opcode;
122} keywords[] = {
123 { "forwardagent", oForwardAgent },
124 { "forwardx11", oForwardX11 },
125 { "xauthlocation", oXAuthLocation },
126 { "gatewayports", oGatewayPorts },
127 { "useprivilegedport", oUsePrivilegedPort },
128 { "rhostsauthentication", oRhostsAuthentication },
129 { "passwordauthentication", oPasswordAuthentication },
130 { "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
131 { "kbdinteractivedevices", oKbdInteractiveDevices },
132 { "rsaauthentication", oRSAAuthentication },
133 { "pubkeyauthentication", oPubkeyAuthentication },
134 { "dsaauthentication", oPubkeyAuthentication }, /* alias */
135 { "rhostsrsaauthentication", oRhostsRSAAuthentication },
136 { "hostbasedauthentication", oHostbasedAuthentication },
137 { "challengeresponseauthentication", oChallengeResponseAuthentication },
138 { "skeyauthentication", oChallengeResponseAuthentication }, /* alias */
139 { "tisauthentication", oChallengeResponseAuthentication }, /* alias */
140#ifdef KRB4
141 { "kerberosauthentication", oKerberosAuthentication },
142#endif /* KRB4 */
143#ifdef AFS
144 { "kerberostgtpassing", oKerberosTgtPassing },
145 { "afstokenpassing", oAFSTokenPassing },
146#endif
147 { "fallbacktorsh", oFallBackToRsh },
148 { "usersh", oUseRsh },
149 { "identityfile", oIdentityFile },
150 { "identityfile2", oIdentityFile }, /* alias */
151 { "hostname", oHostName },
152 { "hostkeyalias", oHostKeyAlias },
153 { "proxycommand", oProxyCommand },
154 { "port", oPort },
155 { "cipher", oCipher },
156 { "ciphers", oCiphers },
157 { "macs", oMacs },
158 { "protocol", oProtocol },
159 { "remoteforward", oRemoteForward },
160 { "localforward", oLocalForward },
161 { "user", oUser },
162 { "host", oHost },
163 { "escapechar", oEscapeChar },
164 { "globalknownhostsfile", oGlobalKnownHostsFile },
165 { "userknownhostsfile", oUserKnownHostsFile },
166 { "globalknownhostsfile2", oGlobalKnownHostsFile2 },
167 { "userknownhostsfile2", oUserKnownHostsFile2 },
168 { "connectionattempts", oConnectionAttempts },
169 { "batchmode", oBatchMode },
170 { "checkhostip", oCheckHostIP },
171 { "stricthostkeychecking", oStrictHostKeyChecking },
172 { "compression", oCompression },
173 { "compressionlevel", oCompressionLevel },
174 { "keepalive", oKeepAlives },
175 { "numberofpasswordprompts", oNumberOfPasswordPrompts },
176 { "loglevel", oLogLevel },
177 { "dynamicforward", oDynamicForward },
178 { "preferredauthentications", oPreferredAuthentications },
179 { "hostkeyalgorithms", oHostKeyAlgorithms },
180 { NULL, 0 }
181};
182
183/*
184 * Adds a local TCP/IP port forward to options. Never returns if there is an
185 * error.
186 */
187
188void
189add_local_forward(Options *options, u_short port, const char *host,
190 u_short host_port)
191{
192 Forward *fwd;
193 if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
194 fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION);
195 fwd = &options->local_forwards[options->num_local_forwards++];
196 fwd->port = port;
197 fwd->host = xstrdup(host);
198 fwd->host_port = host_port;
199}
200
201/*
202 * Adds a remote TCP/IP port forward to options. Never returns if there is
203 * an error.
204 */
205
206void
207add_remote_forward(Options *options, u_short port, const char *host,
208 u_short host_port)
209{
210 Forward *fwd;
211 if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
212 fatal("Too many remote forwards (max %d).",
213 SSH_MAX_FORWARDS_PER_DIRECTION);
214 fwd = &options->remote_forwards[options->num_remote_forwards++];
215 fwd->port = port;
216 fwd->host = xstrdup(host);
217 fwd->host_port = host_port;
218}
219
220/*
221 * Returns the number of the token pointed to by cp or oBadOption.
222 */
223
224static OpCodes
225parse_token(const char *cp, const char *filename, int linenum)
226{
227 u_int i;
228
229 for (i = 0; keywords[i].name; i++)
230 if (strcasecmp(cp, keywords[i].name) == 0)
231 return keywords[i].opcode;
232
233 error("%s: line %d: Bad configuration option: %s",
234 filename, linenum, cp);
235 return oBadOption;
236}
237
238/*
239 * Processes a single option line as used in the configuration files. This
240 * only sets those values that have not already been set.
241 */
242
243int
244process_config_line(Options *options, const char *host,
245 char *line, const char *filename, int linenum,
246 int *activep)
247{
248 char buf[256], *s, *string, **charptr, *endofnumber, *keyword, *arg;
249 int opcode, *intptr, value;
250 u_short fwd_port, fwd_host_port;
251
252 s = line;
253 /* Get the keyword. (Each line is supposed to begin with a keyword). */
254 keyword = strdelim(&s);
255 /* Ignore leading whitespace. */
256 if (*keyword == '\0')
257 keyword = strdelim(&s);
258 if (keyword == NULL || !*keyword || *keyword == '\n' || *keyword == '#')
259 return 0;
260
261 opcode = parse_token(keyword, filename, linenum);
262
263 switch (opcode) {
264 case oBadOption:
265 /* don't panic, but count bad options */
266 return -1;
267 /* NOTREACHED */
268 case oForwardAgent:
269 intptr = &options->forward_agent;
270parse_flag:
271 arg = strdelim(&s);
272 if (!arg || *arg == '\0')
273 fatal("%.200s line %d: Missing yes/no argument.", filename, linenum);
274 value = 0; /* To avoid compiler warning... */
275 if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
276 value = 1;
277 else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
278 value = 0;
279 else
280 fatal("%.200s line %d: Bad yes/no argument.", filename, linenum);
281 if (*activep && *intptr == -1)
282 *intptr = value;
283 break;
284
285 case oForwardX11:
286 intptr = &options->forward_x11;
287 goto parse_flag;
288
289 case oGatewayPorts:
290 intptr = &options->gateway_ports;
291 goto parse_flag;
292
293 case oUsePrivilegedPort:
294 intptr = &options->use_privileged_port;
295 goto parse_flag;
296
297 case oRhostsAuthentication:
298 intptr = &options->rhosts_authentication;
299 goto parse_flag;
300
301 case oPasswordAuthentication:
302 intptr = &options->password_authentication;
303 goto parse_flag;
304
305 case oKbdInteractiveAuthentication:
306 intptr = &options->kbd_interactive_authentication;
307 goto parse_flag;
308
309 case oKbdInteractiveDevices:
310 charptr = &options->kbd_interactive_devices;
311 goto parse_string;
312
313 case oPubkeyAuthentication:
314 intptr = &options->pubkey_authentication;
315 goto parse_flag;
316
317 case oRSAAuthentication:
318 intptr = &options->rsa_authentication;
319 goto parse_flag;
320
321 case oRhostsRSAAuthentication:
322 intptr = &options->rhosts_rsa_authentication;
323 goto parse_flag;
324
325 case oHostbasedAuthentication:
326 intptr = &options->hostbased_authentication;
327 goto parse_flag;
328
329 case oChallengeResponseAuthentication:
330 intptr = &options->challenge_reponse_authentication;
331 goto parse_flag;
332
333#ifdef KRB4
334 case oKerberosAuthentication:
335 intptr = &options->kerberos_authentication;
336 goto parse_flag;
337#endif /* KRB4 */
338
339#ifdef AFS
340 case oKerberosTgtPassing:
341 intptr = &options->kerberos_tgt_passing;
342 goto parse_flag;
343
344 case oAFSTokenPassing:
345 intptr = &options->afs_token_passing;
346 goto parse_flag;
347#endif
348
349 case oFallBackToRsh:
350 intptr = &options->fallback_to_rsh;
351 goto parse_flag;
352
353 case oUseRsh:
354 intptr = &options->use_rsh;
355 goto parse_flag;
356
357 case oBatchMode:
358 intptr = &options->batch_mode;
359 goto parse_flag;
360
361 case oCheckHostIP:
362 intptr = &options->check_host_ip;
363 goto parse_flag;
364
365 case oStrictHostKeyChecking:
366 intptr = &options->strict_host_key_checking;
367 arg = strdelim(&s);
368 if (!arg || *arg == '\0')
369 fatal("%.200s line %d: Missing yes/no/ask argument.",
370 filename, linenum);
371 value = 0; /* To avoid compiler warning... */
372 if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
373 value = 1;
374 else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
375 value = 0;
376 else if (strcmp(arg, "ask") == 0)
377 value = 2;
378 else
379 fatal("%.200s line %d: Bad yes/no/ask argument.", filename, linenum);
380 if (*activep && *intptr == -1)
381 *intptr = value;
382 break;
383
384 case oCompression:
385 intptr = &options->compression;
386 goto parse_flag;
387
388 case oKeepAlives:
389 intptr = &options->keepalives;
390 goto parse_flag;
391
392 case oNumberOfPasswordPrompts:
393 intptr = &options->number_of_password_prompts;
394 goto parse_int;
395
396 case oCompressionLevel:
397 intptr = &options->compression_level;
398 goto parse_int;
399
400 case oIdentityFile:
401 arg = strdelim(&s);
402 if (!arg || *arg == '\0')
403 fatal("%.200s line %d: Missing argument.", filename, linenum);
404 if (*activep) {
405 intptr = &options->num_identity_files;
406 if (*intptr >= SSH_MAX_IDENTITY_FILES)
407 fatal("%.200s line %d: Too many identity files specified (max %d).",
408 filename, linenum, SSH_MAX_IDENTITY_FILES);
409 charptr = &options->identity_files[*intptr];
410 *charptr = xstrdup(arg);
411 *intptr = *intptr + 1;
412 }
413 break;
414
415 case oXAuthLocation:
416 charptr=&options->xauth_location;
417 goto parse_string;
418
419 case oUser:
420 charptr = &options->user;
421parse_string:
422 arg = strdelim(&s);
423 if (!arg || *arg == '\0')
424 fatal("%.200s line %d: Missing argument.", filename, linenum);
425 if (*activep && *charptr == NULL)
426 *charptr = xstrdup(arg);
427 break;
428
429 case oGlobalKnownHostsFile:
430 charptr = &options->system_hostfile;
431 goto parse_string;
432
433 case oUserKnownHostsFile:
434 charptr = &options->user_hostfile;
435 goto parse_string;
436
437 case oGlobalKnownHostsFile2:
438 charptr = &options->system_hostfile2;
439 goto parse_string;
440
441 case oUserKnownHostsFile2:
442 charptr = &options->user_hostfile2;
443 goto parse_string;
444
445 case oHostName:
446 charptr = &options->hostname;
447 goto parse_string;
448
449 case oHostKeyAlias:
450 charptr = &options->host_key_alias;
451 goto parse_string;
452
453 case oPreferredAuthentications:
454 charptr = &options->preferred_authentications;
455 goto parse_string;
456
457 case oProxyCommand:
458 charptr = &options->proxy_command;
459 string = xstrdup("");
460 while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
461 string = xrealloc(string, strlen(string) + strlen(arg) + 2);
462 strcat(string, " ");
463 strcat(string, arg);
464 }
465 if (*activep && *charptr == NULL)
466 *charptr = string;
467 else
468 xfree(string);
469 return 0;
470
471 case oPort:
472 intptr = &options->port;
473parse_int:
474 arg = strdelim(&s);
475 if (!arg || *arg == '\0')
476 fatal("%.200s line %d: Missing argument.", filename, linenum);
477 if (arg[0] < '0' || arg[0] > '9')
478 fatal("%.200s line %d: Bad number.", filename, linenum);
479
480 /* Octal, decimal, or hex format? */
481 value = strtol(arg, &endofnumber, 0);
482 if (arg == endofnumber)
483 fatal("%.200s line %d: Bad number.", filename, linenum);
484 if (*activep && *intptr == -1)
485 *intptr = value;
486 break;
487
488 case oConnectionAttempts:
489 intptr = &options->connection_attempts;
490 goto parse_int;
491
492 case oCipher:
493 intptr = &options->cipher;
494 arg = strdelim(&s);
495 if (!arg || *arg == '\0')
496 fatal("%.200s line %d: Missing argument.", filename, linenum);
497 value = cipher_number(arg);
498 if (value == -1)
499 fatal("%.200s line %d: Bad cipher '%s'.",
500 filename, linenum, arg ? arg : "<NONE>");
501 if (*activep && *intptr == -1)
502 *intptr = value;
503 break;
504
505 case oCiphers:
506 arg = strdelim(&s);
507 if (!arg || *arg == '\0')
508 fatal("%.200s line %d: Missing argument.", filename, linenum);
509 if (!ciphers_valid(arg))
510 fatal("%.200s line %d: Bad SSH2 cipher spec '%s'.",
511 filename, linenum, arg ? arg : "<NONE>");
512 if (*activep && options->ciphers == NULL)
513 options->ciphers = xstrdup(arg);
514 break;
515
516 case oMacs:
517 arg = strdelim(&s);
518 if (!arg || *arg == '\0')
519 fatal("%.200s line %d: Missing argument.", filename, linenum);
520 if (!mac_valid(arg))
521 fatal("%.200s line %d: Bad SSH2 Mac spec '%s'.",
522 filename, linenum, arg ? arg : "<NONE>");
523 if (*activep && options->macs == NULL)
524 options->macs = xstrdup(arg);
525 break;
526
527 case oHostKeyAlgorithms:
528 arg = strdelim(&s);
529 if (!arg || *arg == '\0')
530 fatal("%.200s line %d: Missing argument.", filename, linenum);
531 if (!key_names_valid2(arg))
532 fatal("%.200s line %d: Bad protocol 2 host key algorithms '%s'.",
533 filename, linenum, arg ? arg : "<NONE>");
534 if (*activep && options->hostkeyalgorithms == NULL)
535 options->hostkeyalgorithms = xstrdup(arg);
536 break;
537
538 case oProtocol:
539 intptr = &options->protocol;
540 arg = strdelim(&s);
541 if (!arg || *arg == '\0')
542 fatal("%.200s line %d: Missing argument.", filename, linenum);
543 value = proto_spec(arg);
544 if (value == SSH_PROTO_UNKNOWN)
545 fatal("%.200s line %d: Bad protocol spec '%s'.",
546 filename, linenum, arg ? arg : "<NONE>");
547 if (*activep && *intptr == SSH_PROTO_UNKNOWN)
548 *intptr = value;
549 break;
550
551 case oLogLevel:
552 intptr = (int *) &options->log_level;
553 arg = strdelim(&s);
554 value = log_level_number(arg);
555 if (value == (LogLevel) - 1)
556 fatal("%.200s line %d: unsupported log level '%s'",
557 filename, linenum, arg ? arg : "<NONE>");
558 if (*activep && (LogLevel) * intptr == -1)
559 *intptr = (LogLevel) value;
560 break;
561
562 case oRemoteForward:
563 arg = strdelim(&s);
564 if (!arg || *arg == '\0')
565 fatal("%.200s line %d: Missing argument.", filename, linenum);
566 fwd_port = a2port(arg);
567 if (fwd_port == 0)
568 fatal("%.200s line %d: Badly formatted port number.",
569 filename, linenum);
570 arg = strdelim(&s);
571 if (!arg || *arg == '\0')
572 fatal("%.200s line %d: Missing second argument.",
573 filename, linenum);
574 if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
575 fatal("%.200s line %d: Badly formatted host:port.",
576 filename, linenum);
577 if (*activep)
578 add_remote_forward(options, fwd_port, buf, fwd_host_port);
579 break;
580
581 case oLocalForward:
582 arg = strdelim(&s);
583 if (!arg || *arg == '\0')
584 fatal("%.200s line %d: Missing argument.", filename, linenum);
585 fwd_port = a2port(arg);
586 if (fwd_port == 0)
587 fatal("%.200s line %d: Badly formatted port number.",
588 filename, linenum);
589 arg = strdelim(&s);
590 if (!arg || *arg == '\0')
591 fatal("%.200s line %d: Missing second argument.",
592 filename, linenum);
593 if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
594 fatal("%.200s line %d: Badly formatted host:port.",
595 filename, linenum);
596 if (*activep)
597 add_local_forward(options, fwd_port, buf, fwd_host_port);
598 break;
599
600 case oDynamicForward:
601 arg = strdelim(&s);
602 if (!arg || *arg == '\0')
603 fatal("%.200s line %d: Missing port argument.",
604 filename, linenum);
605 fwd_port = a2port(arg);
606 if (fwd_port == 0)
607 fatal("%.200s line %d: Badly formatted port number.",
608 filename, linenum);
609 add_local_forward(options, fwd_port, "socks4", 0);
610 break;
611
612 case oHost:
613 *activep = 0;
614 while ((arg = strdelim(&s)) != NULL && *arg != '\0')
615 if (match_pattern(host, arg)) {
616 debug("Applying options for %.100s", arg);
617 *activep = 1;
618 break;
619 }
620 /* Avoid garbage check below, as strdelim is done. */
621 return 0;
622
623 case oEscapeChar:
624 intptr = &options->escape_char;
625 arg = strdelim(&s);
626 if (!arg || *arg == '\0')
627 fatal("%.200s line %d: Missing argument.", filename, linenum);
628 if (arg[0] == '^' && arg[2] == 0 &&
629 (u_char) arg[1] >= 64 && (u_char) arg[1] < 128)
630 value = (u_char) arg[1] & 31;
631 else if (strlen(arg) == 1)
632 value = (u_char) arg[0];
633 else if (strcmp(arg, "none") == 0)
634 value = -2;
635 else {
636 fatal("%.200s line %d: Bad escape character.",
637 filename, linenum);
638 /* NOTREACHED */
639 value = 0; /* Avoid compiler warning. */
640 }
641 if (*activep && *intptr == -1)
642 *intptr = value;
643 break;
644
645 default:
646 fatal("process_config_line: Unimplemented opcode %d", opcode);
647 }
648
649 /* Check that there is no garbage at end of line. */
650 if ((arg = strdelim(&s)) != NULL && *arg != '\0') {
651 fatal("%.200s line %d: garbage at end of line; \"%.200s\".",
652 filename, linenum, arg);
653 }
654 return 0;
655}
656
657
658/*
659 * Reads the config file and modifies the options accordingly. Options
660 * should already be initialized before this call. This never returns if
661 * there is an error. If the file does not exist, this returns immediately.
662 */
663
664void
665read_config_file(const char *filename, const char *host, Options *options)
666{
667 FILE *f;
668 char line[1024];
669 int active, linenum;
670 int bad_options = 0;
671
672 /* Open the file. */
673 f = fopen(filename, "r");
674 if (!f)
675 return;
676
677 debug("Reading configuration data %.200s", filename);
678
679 /*
680 * Mark that we are now processing the options. This flag is turned
681 * on/off by Host specifications.
682 */
683 active = 1;
684 linenum = 0;
685 while (fgets(line, sizeof(line), f)) {
686 /* Update line number counter. */
687 linenum++;
688 if (process_config_line(options, host, line, filename, linenum, &active) != 0)
689 bad_options++;
690 }
691 fclose(f);
692 if (bad_options > 0)
693 fatal("%s: terminating, %d bad configuration options",
694 filename, bad_options);
695}
696
697/*
698 * Initializes options to special values that indicate that they have not yet
699 * been set. Read_config_file will only set options with this value. Options
700 * are processed in the following order: command line, user config file,
701 * system config file. Last, fill_default_options is called.
702 */
703
704void
705initialize_options(Options * options)
706{
707 memset(options, 'X', sizeof(*options));
708 options->forward_agent = -1;
709 options->forward_x11 = -1;
710 options->xauth_location = NULL;
711 options->gateway_ports = -1;
712 options->use_privileged_port = -1;
713 options->rhosts_authentication = -1;
714 options->rsa_authentication = -1;
715 options->pubkey_authentication = -1;
716 options->challenge_reponse_authentication = -1;
717#ifdef KRB4
718 options->kerberos_authentication = -1;
719#endif
720#ifdef AFS
721 options->kerberos_tgt_passing = -1;
722 options->afs_token_passing = -1;
723#endif
724 options->password_authentication = -1;
725 options->kbd_interactive_authentication = -1;
726 options->kbd_interactive_devices = NULL;
727 options->rhosts_rsa_authentication = -1;
728 options->hostbased_authentication = -1;
729 options->fallback_to_rsh = -1;
730 options->use_rsh = -1;
731 options->batch_mode = -1;
732 options->check_host_ip = -1;
733 options->strict_host_key_checking = -1;
734 options->compression = -1;
735 options->keepalives = -1;
736 options->compression_level = -1;
737 options->port = -1;
738 options->connection_attempts = -1;
739 options->number_of_password_prompts = -1;
740 options->cipher = -1;
741 options->ciphers = NULL;
742 options->macs = NULL;
743 options->hostkeyalgorithms = NULL;
744 options->protocol = SSH_PROTO_UNKNOWN;
745 options->num_identity_files = 0;
746 options->hostname = NULL;
747 options->host_key_alias = NULL;
748 options->proxy_command = NULL;
749 options->user = NULL;
750 options->escape_char = -1;
751 options->system_hostfile = NULL;
752 options->user_hostfile = NULL;
753 options->system_hostfile2 = NULL;
754 options->user_hostfile2 = NULL;
755 options->num_local_forwards = 0;
756 options->num_remote_forwards = 0;
757 options->log_level = (LogLevel) - 1;
758 options->preferred_authentications = NULL;
759
760 options->specialRSA = 0;
761}
762
763/*
764 * Called after processing other sources of option data, this fills those
765 * options for which no value has been specified with their default values.
766 */
767
768void
769fill_default_options(Options * options)
770{
771 int len;
772
773 if (options->forward_agent == -1)
774 options->forward_agent = 0;
775 if (options->forward_x11 == -1)
776 options->forward_x11 = 0;
777#ifdef XAUTH_PATH
778 if (options->xauth_location == NULL)
779 options->xauth_location = XAUTH_PATH;
780#endif /* XAUTH_PATH */
781 if (options->gateway_ports == -1)
782 options->gateway_ports = 0;
783 if (options->use_privileged_port == -1)
784 options->use_privileged_port = 0;
785 if (options->rhosts_authentication == -1)
786 options->rhosts_authentication = 1;
787 if (options->rsa_authentication == -1)
788 options->rsa_authentication = 1;
789 if (options->pubkey_authentication == -1)
790 options->pubkey_authentication = 1;
791 if (options->challenge_reponse_authentication == -1)
792 options->challenge_reponse_authentication = 0;
793#ifdef KRB4
794 if (options->kerberos_authentication == -1)
795 options->kerberos_authentication = 1;
796#endif /* KRB4 */
797#ifdef AFS
798 if (options->kerberos_tgt_passing == -1)
799 options->kerberos_tgt_passing = 1;
800 if (options->afs_token_passing == -1)
801 options->afs_token_passing = 1;
802#endif /* AFS */
803 if (options->password_authentication == -1)
804 options->password_authentication = 1;
805 if (options->kbd_interactive_authentication == -1)
806 options->kbd_interactive_authentication = 1;
807 if (options->rhosts_rsa_authentication == -1)
808 options->rhosts_rsa_authentication = 1;
809 if (options->hostbased_authentication == -1)
810 options->hostbased_authentication = 0;
811 if (options->fallback_to_rsh == -1)
812 options->fallback_to_rsh = 0;
813 if (options->use_rsh == -1)
814 options->use_rsh = 0;
815 if (options->batch_mode == -1)
816 options->batch_mode = 0;
817 if (options->check_host_ip == -1)
818 options->check_host_ip = 1;
819 if (options->strict_host_key_checking == -1)
820 options->strict_host_key_checking = 2; /* 2 is default */
821 if (options->compression == -1)
822 options->compression = 0;
823 if (options->keepalives == -1)
824 options->keepalives = 1;
825 if (options->compression_level == -1)
826 options->compression_level = 6;
827 if (options->port == -1)
828 options->port = 0; /* Filled in ssh_connect. */
829 if (options->connection_attempts == -1)
830 options->connection_attempts = 4;
831 if (options->number_of_password_prompts == -1)
832 options->number_of_password_prompts = 3;
833 /* Selected in ssh_login(). */
834 if (options->cipher == -1)
835 options->cipher = SSH_CIPHER_NOT_SET;
836 /* options->ciphers, default set in myproposals.h */
837 /* options->macs, default set in myproposals.h */
838 /* options->hostkeyalgorithms, default set in myproposals.h */
839 if (options->protocol == SSH_PROTO_UNKNOWN)
840 options->protocol = SSH_PROTO_1|SSH_PROTO_2;
841 if (options->num_identity_files == 0) {
842 if (options->protocol & SSH_PROTO_1) {
843 len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1;
844 options->identity_files[options->num_identity_files] =
845 xmalloc(len);
846 snprintf(options->identity_files[options->num_identity_files++],
847 len, "~/%.100s", _PATH_SSH_CLIENT_IDENTITY);
848 }
849 if (options->protocol & SSH_PROTO_2) {
850 len = 2 + strlen(_PATH_SSH_CLIENT_ID_RSA) + 1;
851 options->identity_files[options->num_identity_files] =
852 xmalloc(len);
853 snprintf(options->identity_files[options->num_identity_files++],
854 len, "~/%.100s", _PATH_SSH_CLIENT_ID_RSA);
855
856 len = 2 + strlen(_PATH_SSH_CLIENT_ID_DSA) + 1;
857 options->identity_files[options->num_identity_files] =
858 xmalloc(len);
859 snprintf(options->identity_files[options->num_identity_files++],
860 len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA);
861 }
862 }
863 if (options->escape_char == -1)
864 options->escape_char = '~';
865 if (options->system_hostfile == NULL)
866 options->system_hostfile = _PATH_SSH_SYSTEM_HOSTFILE;
867 if (options->user_hostfile == NULL)
868 options->user_hostfile = _PATH_SSH_USER_HOSTFILE;
869 if (options->system_hostfile2 == NULL)
870 options->system_hostfile2 = _PATH_SSH_SYSTEM_HOSTFILE2;
871 if (options->user_hostfile2 == NULL)
872 options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2;
873 if (options->log_level == (LogLevel) - 1)
874 options->log_level = SYSLOG_LEVEL_INFO;
875 /* options->proxy_command should not be set by default */
876 /* options->user will be set in the main program if appropriate */
877 /* options->hostname will be set in the main program if appropriate */
878 /* options->host_key_alias should not be set by default */
879 /* options->preferred_authentications will be set in ssh */
880}