kernel/usb4bsd: Remove unused malloc type declaration.
[dragonfly.git] / crypto / openssh / servconf.c
1
2 /* $OpenBSD: servconf.c,v 1.229 2012/07/13 01:35:21 dtucker Exp $ */
3 /*
4  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5  *                    All rights reserved
6  *
7  * As far as I am concerned, the code I have written for this software
8  * can be used freely for any purpose.  Any derived versions of this
9  * software must be clearly marked as such, and if the derived work is
10  * incompatible with the protocol description in the RFC file, it must be
11  * called by a name other than "ssh" or "Secure Shell".
12  */
13
14 #include "includes.h"
15
16 #include <sys/types.h>
17 #include <sys/socket.h>
18
19 #include <netinet/in.h>
20 #include <netinet/in_systm.h>
21 #include <netinet/ip.h>
22
23 #include <netdb.h>
24 #include <pwd.h>
25 #include <stdio.h>
26 #include <stdlib.h>
27 #include <string.h>
28 #include <signal.h>
29 #include <unistd.h>
30 #include <stdarg.h>
31 #include <errno.h>
32
33 #include "openbsd-compat/sys-queue.h"
34 #include "xmalloc.h"
35 #include "ssh.h"
36 #include "log.h"
37 #include "buffer.h"
38 #include "servconf.h"
39 #include "compat.h"
40 #include "pathnames.h"
41 #include "misc.h"
42 #include "cipher.h"
43 #include "key.h"
44 #include "kex.h"
45 #include "mac.h"
46 #include "match.h"
47 #include "channels.h"
48 #include "groupaccess.h"
49 #include "canohost.h"
50 #include "packet.h"
51
52 static void add_listen_addr(ServerOptions *, char *, int);
53 static void add_one_listen_addr(ServerOptions *, char *, int);
54
55 /* Use of privilege separation or not */
56 extern int use_privsep;
57 extern Buffer cfg;
58
59 /* Initializes the server options to their default values. */
60
61 void
62 initialize_server_options(ServerOptions *options)
63 {
64         memset(options, 0, sizeof(*options));
65
66         /* Portable-specific options */
67         options->use_pam = -1;
68
69         /* Standard Options */
70         options->num_ports = 0;
71         options->ports_from_cmdline = 0;
72         options->listen_addrs = NULL;
73         options->address_family = -1;
74         options->num_host_key_files = 0;
75         options->num_host_cert_files = 0;
76         options->pid_file = NULL;
77         options->server_key_bits = -1;
78         options->login_grace_time = -1;
79         options->key_regeneration_time = -1;
80         options->permit_root_login = PERMIT_NOT_SET;
81         options->ignore_rhosts = -1;
82         options->ignore_user_known_hosts = -1;
83         options->print_motd = -1;
84         options->print_lastlog = -1;
85         options->x11_forwarding = -1;
86         options->x11_display_offset = -1;
87         options->x11_use_localhost = -1;
88         options->xauth_location = NULL;
89         options->strict_modes = -1;
90         options->tcp_keep_alive = -1;
91         options->log_facility = SYSLOG_FACILITY_NOT_SET;
92         options->log_level = SYSLOG_LEVEL_NOT_SET;
93         options->rhosts_rsa_authentication = -1;
94         options->hostbased_authentication = -1;
95         options->hostbased_uses_name_from_packet_only = -1;
96         options->rsa_authentication = -1;
97         options->pubkey_authentication = -1;
98         options->kerberos_authentication = -1;
99         options->kerberos_or_local_passwd = -1;
100         options->kerberos_ticket_cleanup = -1;
101         options->kerberos_get_afs_token = -1;
102         options->gss_authentication=-1;
103         options->gss_cleanup_creds = -1;
104         options->password_authentication = -1;
105         options->kbd_interactive_authentication = -1;
106         options->challenge_response_authentication = -1;
107         options->permit_blacklisted_keys = -1;
108         options->permit_empty_passwd = -1;
109         options->permit_user_env = -1;
110         options->use_login = -1;
111         options->compression = -1;
112         options->allow_tcp_forwarding = -1;
113         options->allow_agent_forwarding = -1;
114         options->num_allow_users = 0;
115         options->num_deny_users = 0;
116         options->num_allow_groups = 0;
117         options->num_deny_groups = 0;
118         options->ciphers = NULL;
119         options->macs = NULL;
120         options->kex_algorithms = NULL;
121         options->protocol = SSH_PROTO_UNKNOWN;
122         options->gateway_ports = -1;
123         options->num_subsystems = 0;
124         options->max_startups_begin = -1;
125         options->max_startups_rate = -1;
126         options->max_startups = -1;
127         options->max_authtries = -1;
128         options->max_sessions = -1;
129         options->banner = NULL;
130         options->use_dns = -1;
131         options->client_alive_interval = -1;
132         options->client_alive_count_max = -1;
133         options->num_authkeys_files = 0;
134         options->num_accept_env = 0;
135         options->permit_tun = -1;
136         options->num_permitted_opens = -1;
137         options->adm_forced_command = NULL;
138         options->chroot_directory = NULL;
139         options->zero_knowledge_password_authentication = -1;
140         options->none_enabled = -1;
141         options->tcp_rcv_buf_poll = -1;
142         options->hpn_disabled = -1;
143         options->hpn_buffer_size = -1;
144         options->revoked_keys_file = NULL;
145         options->trusted_user_ca_keys = NULL;
146         options->authorized_principals_file = NULL;
147         options->ip_qos_interactive = -1;
148         options->ip_qos_bulk = -1;
149         options->version_addendum = NULL;
150 }
151
152 void
153 fill_default_server_options(ServerOptions *options)
154 {
155         /* needed for hpn socket tests */
156         int sock;
157         int socksize;
158         int socksizelen = sizeof(int);
159
160         /* Portable-specific options */
161         if (options->use_pam == -1)
162                 options->use_pam = 0;
163
164         /* Standard Options */
165         if (options->protocol == SSH_PROTO_UNKNOWN)
166                 options->protocol = SSH_PROTO_2;
167         if (options->num_host_key_files == 0) {
168                 /* fill default hostkeys for protocols */
169                 if (options->protocol & SSH_PROTO_1)
170                         options->host_key_files[options->num_host_key_files++] =
171                             _PATH_HOST_KEY_FILE;
172                 if (options->protocol & SSH_PROTO_2) {
173                         options->host_key_files[options->num_host_key_files++] =
174                             _PATH_HOST_RSA_KEY_FILE;
175                         options->host_key_files[options->num_host_key_files++] =
176                             _PATH_HOST_DSA_KEY_FILE;
177 #ifdef OPENSSL_HAS_ECC
178                         options->host_key_files[options->num_host_key_files++] =
179                             _PATH_HOST_ECDSA_KEY_FILE;
180 #endif
181                 }
182         }
183         /* No certificates by default */
184         if (options->num_ports == 0)
185                 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
186         if (options->listen_addrs == NULL)
187                 add_listen_addr(options, NULL, 0);
188         if (options->pid_file == NULL)
189                 options->pid_file = _PATH_SSH_DAEMON_PID_FILE;
190         if (options->server_key_bits == -1)
191                 options->server_key_bits = 1024;
192         if (options->login_grace_time == -1)
193                 options->login_grace_time = 120;
194         if (options->key_regeneration_time == -1)
195                 options->key_regeneration_time = 3600;
196         if (options->permit_root_login == PERMIT_NOT_SET)
197                 options->permit_root_login = PERMIT_NO;
198         if (options->ignore_rhosts == -1)
199                 options->ignore_rhosts = 1;
200         if (options->ignore_user_known_hosts == -1)
201                 options->ignore_user_known_hosts = 0;
202         if (options->print_motd == -1)
203                 options->print_motd = 1;
204         if (options->print_lastlog == -1)
205                 options->print_lastlog = 1;
206         if (options->x11_forwarding == -1)
207                 options->x11_forwarding = 1;
208         if (options->x11_display_offset == -1)
209                 options->x11_display_offset = 10;
210         if (options->x11_use_localhost == -1)
211                 options->x11_use_localhost = 1;
212         if (options->xauth_location == NULL)
213                 options->xauth_location = _PATH_XAUTH;
214         if (options->strict_modes == -1)
215                 options->strict_modes = 1;
216         if (options->tcp_keep_alive == -1)
217                 options->tcp_keep_alive = 1;
218         if (options->log_facility == SYSLOG_FACILITY_NOT_SET)
219                 options->log_facility = SYSLOG_FACILITY_AUTH;
220         if (options->log_level == SYSLOG_LEVEL_NOT_SET)
221                 options->log_level = SYSLOG_LEVEL_INFO;
222         if (options->rhosts_rsa_authentication == -1)
223                 options->rhosts_rsa_authentication = 0;
224         if (options->hostbased_authentication == -1)
225                 options->hostbased_authentication = 0;
226         if (options->hostbased_uses_name_from_packet_only == -1)
227                 options->hostbased_uses_name_from_packet_only = 0;
228         if (options->rsa_authentication == -1)
229                 options->rsa_authentication = 1;
230         if (options->pubkey_authentication == -1)
231                 options->pubkey_authentication = 1;
232         if (options->kerberos_authentication == -1)
233                 options->kerberos_authentication = 0;
234         if (options->kerberos_or_local_passwd == -1)
235                 options->kerberos_or_local_passwd = 1;
236         if (options->kerberos_ticket_cleanup == -1)
237                 options->kerberos_ticket_cleanup = 1;
238         if (options->kerberos_get_afs_token == -1)
239                 options->kerberos_get_afs_token = 0;
240         if (options->gss_authentication == -1)
241                 options->gss_authentication = 0;
242         if (options->gss_cleanup_creds == -1)
243                 options->gss_cleanup_creds = 1;
244         if (options->password_authentication == -1)
245                 options->password_authentication = 1;
246         if (options->kbd_interactive_authentication == -1)
247                 options->kbd_interactive_authentication = 0;
248         if (options->challenge_response_authentication == -1)
249                 options->challenge_response_authentication = 1;
250         if (options->permit_blacklisted_keys == -1)
251                 options->permit_blacklisted_keys = 0;
252         if (options->permit_empty_passwd == -1)
253                 options->permit_empty_passwd = 0;
254         if (options->permit_user_env == -1)
255                 options->permit_user_env = 0;
256         if (options->use_login == -1)
257                 options->use_login = 0;
258         if (options->compression == -1)
259                 options->compression = COMP_DELAYED;
260         if (options->allow_tcp_forwarding == -1)
261                 options->allow_tcp_forwarding = 1;
262         if (options->allow_agent_forwarding == -1)
263                 options->allow_agent_forwarding = 1;
264         if (options->gateway_ports == -1)
265                 options->gateway_ports = 0;
266         if (options->max_startups == -1)
267                 options->max_startups = 10;
268         if (options->max_startups_rate == -1)
269                 options->max_startups_rate = 100;               /* 100% */
270         if (options->max_startups_begin == -1)
271                 options->max_startups_begin = options->max_startups;
272         if (options->max_authtries == -1)
273                 options->max_authtries = DEFAULT_AUTH_FAIL_MAX;
274         if (options->max_sessions == -1)
275                 options->max_sessions = DEFAULT_SESSIONS_MAX;
276         if (options->use_dns == -1)
277                 options->use_dns = 1;
278         if (options->client_alive_interval == -1)
279                 options->client_alive_interval = 0;
280         if (options->client_alive_count_max == -1)
281                 options->client_alive_count_max = 3;
282         if (options->num_authkeys_files == 0) {
283                 options->authorized_keys_files[options->num_authkeys_files++] =
284                     xstrdup(_PATH_SSH_USER_PERMITTED_KEYS);
285                 options->authorized_keys_files[options->num_authkeys_files++] =
286                     xstrdup(_PATH_SSH_USER_PERMITTED_KEYS2);
287         }
288         if (options->permit_tun == -1)
289                 options->permit_tun = SSH_TUNMODE_NO;
290         if (options->zero_knowledge_password_authentication == -1)
291                 options->zero_knowledge_password_authentication = 0;
292         if (options->ip_qos_interactive == -1)
293                 options->ip_qos_interactive = IPTOS_LOWDELAY;
294         if (options->ip_qos_bulk == -1)
295                 options->ip_qos_bulk = IPTOS_THROUGHPUT;
296
297         if (options->hpn_disabled == -1)
298                 options->hpn_disabled = 0;
299
300         if (options->hpn_buffer_size == -1) {
301                 /* option not explicitly set. Now we have to figure out */
302                 /* what value to use */
303                 if (options->hpn_disabled == 1) {
304                         options->hpn_buffer_size = CHAN_SES_WINDOW_DEFAULT;
305                 } else {
306                         /* get the current RCV size and set it to that */
307                         /*create a socket but don't connect it */
308                         /* we use that the get the rcv socket size */
309                         sock = socket(AF_INET, SOCK_STREAM, 0);
310                         getsockopt(sock, SOL_SOCKET, SO_RCVBUF,
311                                    &socksize, &socksizelen);
312                         close(sock);
313                         options->hpn_buffer_size = socksize;
314                         debug ("HPN Buffer Size: %d", options->hpn_buffer_size);
315
316                 }
317         } else {
318                 /* we have to do this incase the user sets both values in a contradictory */
319                 /* manner. hpn_disabled overrrides hpn_buffer_size*/
320                 if (options->hpn_disabled <= 0) {
321                         if (options->hpn_buffer_size == 0)
322                                 options->hpn_buffer_size = 1;
323                         /* limit the maximum buffer to 64MB */
324                         if (options->hpn_buffer_size > 64*1024) {
325                                 options->hpn_buffer_size = 64*1024*1024;
326                         } else {
327                                 options->hpn_buffer_size *= 1024;
328                         }
329                 } else
330                         options->hpn_buffer_size = CHAN_TCP_WINDOW_DEFAULT;
331         }
332
333         if (options->version_addendum == NULL)
334                 options->version_addendum = xstrdup("");
335         /* Turn privilege separation on by default */
336         if (use_privsep == -1)
337                 use_privsep = PRIVSEP_NOSANDBOX;
338
339 #ifndef HAVE_MMAP
340         if (use_privsep && options->compression == 1) {
341                 error("This platform does not support both privilege "
342                     "separation and compression");
343                 error("Compression disabled");
344                 options->compression = 0;
345         }
346 #endif
347
348 }
349
350 /* Keyword tokens. */
351 typedef enum {
352         sBadOption,             /* == unknown option */
353         /* Portable-specific options */
354         sUsePAM,
355         /* Standard Options */
356         sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
357         sPermitRootLogin, sLogFacility, sLogLevel,
358         sRhostsRSAAuthentication, sRSAAuthentication,
359         sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,
360         sKerberosGetAFSToken,
361         sKerberosTgtPassing, sChallengeResponseAuthentication,
362         sPasswordAuthentication, sKbdInteractiveAuthentication,
363         sListenAddress, sAddressFamily,
364         sPrintMotd, sPrintLastLog, sIgnoreRhosts,
365         sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
366         sStrictModes, sPermitBlacklistedKeys, sEmptyPasswd, sTCPKeepAlive,
367         sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
368         sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
369         sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
370         sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem,
371         sMaxStartups, sMaxAuthTries, sMaxSessions,
372         sBanner, sUseDNS, sHostbasedAuthentication,
373         sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
374         sClientAliveCountMax, sAuthorizedKeysFile,
375         sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel,
376         sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
377         sUsePrivilegeSeparation, sAllowAgentForwarding,
378         sZeroKnowledgePasswordAuthentication, sHostCertificate,
379         sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
380         sKexAlgorithms, sIPQoS, sVersionAddendum,
381         sNoneEnabled, sTcpRcvBufPoll, sHPNDisabled, sHPNBufferSize,
382         sDeprecated, sUnsupported
383 } ServerOpCodes;
384
385 #define SSHCFG_GLOBAL   0x01    /* allowed in main section of sshd_config */
386 #define SSHCFG_MATCH    0x02    /* allowed inside a Match section */
387 #define SSHCFG_ALL      (SSHCFG_GLOBAL|SSHCFG_MATCH)
388
389 /* Textual representation of the tokens. */
390 static struct {
391         const char *name;
392         ServerOpCodes opcode;
393         u_int flags;
394 } keywords[] = {
395         /* Portable-specific options */
396 #ifdef USE_PAM
397         { "usepam", sUsePAM, SSHCFG_GLOBAL },
398 #else
399         { "usepam", sUnsupported, SSHCFG_GLOBAL },
400 #endif
401         { "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL },
402         /* Standard Options */
403         { "port", sPort, SSHCFG_GLOBAL },
404         { "hostkey", sHostKeyFile, SSHCFG_GLOBAL },
405         { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL },          /* alias */
406         { "pidfile", sPidFile, SSHCFG_GLOBAL },
407         { "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL },
408         { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL },
409         { "keyregenerationinterval", sKeyRegenerationTime, SSHCFG_GLOBAL },
410         { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL },
411         { "syslogfacility", sLogFacility, SSHCFG_GLOBAL },
412         { "loglevel", sLogLevel, SSHCFG_GLOBAL },
413         { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL },
414         { "rhostsrsaauthentication", sRhostsRSAAuthentication, SSHCFG_ALL },
415         { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL },
416         { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL },
417         { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL },
418         { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL },
419         { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */
420 #ifdef KRB5
421         { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL },
422         { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL },
423         { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL },
424 #ifdef USE_AFS
425         { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL },
426 #else
427         { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL },
428 #endif
429 #else
430         { "kerberosauthentication", sUnsupported, SSHCFG_ALL },
431         { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL },
432         { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL },
433         { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL },
434 #endif
435         { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL },
436         { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL },
437 #ifdef GSSAPI
438         { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
439         { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
440 #else
441         { "gssapiauthentication", sUnsupported, SSHCFG_ALL },
442         { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL },
443 #endif
444         { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
445         { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
446         { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },
447         { "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */
448 #ifdef JPAKE
449         { "zeroknowledgepasswordauthentication", sZeroKnowledgePasswordAuthentication, SSHCFG_ALL },
450 #else
451         { "zeroknowledgepasswordauthentication", sUnsupported, SSHCFG_ALL },
452 #endif
453         { "checkmail", sDeprecated, SSHCFG_GLOBAL },
454         { "listenaddress", sListenAddress, SSHCFG_GLOBAL },
455         { "addressfamily", sAddressFamily, SSHCFG_GLOBAL },
456         { "printmotd", sPrintMotd, SSHCFG_GLOBAL },
457         { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL },
458         { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL },
459         { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL },
460         { "x11forwarding", sX11Forwarding, SSHCFG_ALL },
461         { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL },
462         { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
463         { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
464         { "strictmodes", sStrictModes, SSHCFG_GLOBAL },
465         { "permitblacklistedkeys", sPermitBlacklistedKeys, SSHCFG_GLOBAL },
466         { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
467         { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
468         { "uselogin", sUseLogin, SSHCFG_GLOBAL },
469         { "compression", sCompression, SSHCFG_GLOBAL },
470         { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL },
471         { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL },  /* obsolete alias */
472         { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL },
473         { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL },
474         { "allowusers", sAllowUsers, SSHCFG_ALL },
475         { "denyusers", sDenyUsers, SSHCFG_ALL },
476         { "allowgroups", sAllowGroups, SSHCFG_ALL },
477         { "denygroups", sDenyGroups, SSHCFG_ALL },
478         { "ciphers", sCiphers, SSHCFG_GLOBAL },
479         { "macs", sMacs, SSHCFG_GLOBAL },
480         { "protocol", sProtocol, SSHCFG_GLOBAL },
481         { "gatewayports", sGatewayPorts, SSHCFG_ALL },
482         { "subsystem", sSubsystem, SSHCFG_GLOBAL },
483         { "maxstartups", sMaxStartups, SSHCFG_GLOBAL },
484         { "maxauthtries", sMaxAuthTries, SSHCFG_ALL },
485         { "maxsessions", sMaxSessions, SSHCFG_ALL },
486         { "banner", sBanner, SSHCFG_ALL },
487         { "usedns", sUseDNS, SSHCFG_GLOBAL },
488         { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL },
489         { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL },
490         { "clientaliveinterval", sClientAliveInterval, SSHCFG_GLOBAL },
491         { "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL },
492         { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL },
493         { "authorizedkeysfile2", sDeprecated, SSHCFG_ALL },
494         { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL},
495         { "acceptenv", sAcceptEnv, SSHCFG_ALL },
496         { "permittunnel", sPermitTunnel, SSHCFG_ALL },
497         { "match", sMatch, SSHCFG_ALL },
498         { "permitopen", sPermitOpen, SSHCFG_ALL },
499         { "forcecommand", sForceCommand, SSHCFG_ALL },
500         { "chrootdirectory", sChrootDirectory, SSHCFG_ALL },
501         { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL },
502         { "revokedkeys", sRevokedKeys, SSHCFG_ALL },
503         { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
504         { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
505         { "noneenabled", sNoneEnabled },
506         { "hpndisabled", sHPNDisabled },
507         { "hpnbuffersize", sHPNBufferSize },
508         { "tcprcvbufpoll", sTcpRcvBufPoll },
509         { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL },
510         { "ipqos", sIPQoS, SSHCFG_ALL },
511         { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL },
512         { NULL, sBadOption, 0 }
513 };
514
515 static struct {
516         int val;
517         char *text;
518 } tunmode_desc[] = {
519         { SSH_TUNMODE_NO, "no" },
520         { SSH_TUNMODE_POINTOPOINT, "point-to-point" },
521         { SSH_TUNMODE_ETHERNET, "ethernet" },
522         { SSH_TUNMODE_YES, "yes" },
523         { -1, NULL }
524 };
525
526 /*
527  * Returns the number of the token pointed to by cp or sBadOption.
528  */
529
530 static ServerOpCodes
531 parse_token(const char *cp, const char *filename,
532             int linenum, u_int *flags)
533 {
534         u_int i;
535
536         for (i = 0; keywords[i].name; i++)
537                 if (strcasecmp(cp, keywords[i].name) == 0) {
538                         debug ("Config token is %s", keywords[i].name);
539                         *flags = keywords[i].flags;
540                         return keywords[i].opcode;
541                 }
542
543         error("%s: line %d: Bad configuration option: %s",
544             filename, linenum, cp);
545         return sBadOption;
546 }
547
548 char *
549 derelativise_path(const char *path)
550 {
551         char *expanded, *ret, cwd[MAXPATHLEN];
552
553         expanded = tilde_expand_filename(path, getuid());
554         if (*expanded == '/')
555                 return expanded;
556         if (getcwd(cwd, sizeof(cwd)) == NULL)
557                 fatal("%s: getcwd: %s", __func__, strerror(errno));
558         xasprintf(&ret, "%s/%s", cwd, expanded);
559         xfree(expanded);
560         return ret;
561 }
562
563 static void
564 add_listen_addr(ServerOptions *options, char *addr, int port)
565 {
566         u_int i;
567
568         if (options->num_ports == 0)
569                 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
570         if (options->address_family == -1)
571                 options->address_family = AF_UNSPEC;
572         if (port == 0)
573                 for (i = 0; i < options->num_ports; i++)
574                         add_one_listen_addr(options, addr, options->ports[i]);
575         else
576                 add_one_listen_addr(options, addr, port);
577 }
578
579 static void
580 add_one_listen_addr(ServerOptions *options, char *addr, int port)
581 {
582         struct addrinfo hints, *ai, *aitop;
583         char strport[NI_MAXSERV];
584         int gaierr;
585
586         memset(&hints, 0, sizeof(hints));
587         hints.ai_family = options->address_family;
588         hints.ai_socktype = SOCK_STREAM;
589         hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
590         snprintf(strport, sizeof strport, "%d", port);
591         if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
592                 fatal("bad addr or host: %s (%s)",
593                     addr ? addr : "<NULL>",
594                     ssh_gai_strerror(gaierr));
595         for (ai = aitop; ai->ai_next; ai = ai->ai_next)
596                 ;
597         ai->ai_next = options->listen_addrs;
598         options->listen_addrs = aitop;
599 }
600
601 struct connection_info *
602 get_connection_info(int populate, int use_dns)
603 {
604         static struct connection_info ci;
605
606         if (!populate)
607                 return &ci;
608         ci.host = get_canonical_hostname(use_dns);
609         ci.address = get_remote_ipaddr();
610         ci.laddress = get_local_ipaddr(packet_get_connection_in());
611         ci.lport = get_local_port();
612         return &ci;
613 }
614
615 /*
616  * The strategy for the Match blocks is that the config file is parsed twice.
617  *
618  * The first time is at startup.  activep is initialized to 1 and the
619  * directives in the global context are processed and acted on.  Hitting a
620  * Match directive unsets activep and the directives inside the block are
621  * checked for syntax only.
622  *
623  * The second time is after a connection has been established but before
624  * authentication.  activep is initialized to 2 and global config directives
625  * are ignored since they have already been processed.  If the criteria in a
626  * Match block is met, activep is set and the subsequent directives
627  * processed and actioned until EOF or another Match block unsets it.  Any
628  * options set are copied into the main server config.
629  *
630  * Potential additions/improvements:
631  *  - Add Match support for pre-kex directives, eg Protocol, Ciphers.
632  *
633  *  - Add a Tag directive (idea from David Leonard) ala pf, eg:
634  *      Match Address 192.168.0.*
635  *              Tag trusted
636  *      Match Group wheel
637  *              Tag trusted
638  *      Match Tag trusted
639  *              AllowTcpForwarding yes
640  *              GatewayPorts clientspecified
641  *              [...]
642  *
643  *  - Add a PermittedChannelRequests directive
644  *      Match Group shell
645  *              PermittedChannelRequests session,forwarded-tcpip
646  */
647
648 static int
649 match_cfg_line_group(const char *grps, int line, const char *user)
650 {
651         int result = 0;
652         struct passwd *pw;
653
654         if (user == NULL)
655                 goto out;
656
657         if ((pw = getpwnam(user)) == NULL) {
658                 debug("Can't match group at line %d because user %.100s does "
659                     "not exist", line, user);
660         } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) {
661                 debug("Can't Match group because user %.100s not in any group "
662                     "at line %d", user, line);
663         } else if (ga_match_pattern_list(grps) != 1) {
664                 debug("user %.100s does not match group list %.100s at line %d",
665                     user, grps, line);
666         } else {
667                 debug("user %.100s matched group list %.100s at line %d", user,
668                     grps, line);
669                 result = 1;
670         }
671 out:
672         ga_free();
673         return result;
674 }
675
676 /*
677  * All of the attributes on a single Match line are ANDed together, so we need to check every
678  * attribute and set the result to zero if any attribute does not match.
679  */
680 static int
681 match_cfg_line(char **condition, int line, struct connection_info *ci)
682 {
683         int result = 1, port;
684         char *arg, *attrib, *cp = *condition;
685         size_t len;
686
687         if (ci == NULL)
688                 debug3("checking syntax for 'Match %s'", cp);
689         else
690                 debug3("checking match for '%s' user %s host %s addr %s "
691                     "laddr %s lport %d", cp, ci->user ? ci->user : "(null)",
692                     ci->host ? ci->host : "(null)",
693                     ci->address ? ci->address : "(null)",
694                     ci->laddress ? ci->laddress : "(null)", ci->lport);
695
696         while ((attrib = strdelim(&cp)) && *attrib != '\0') {
697                 if ((arg = strdelim(&cp)) == NULL || *arg == '\0') {
698                         error("Missing Match criteria for %s", attrib);
699                         return -1;
700                 }
701                 len = strlen(arg);
702                 if (strcasecmp(attrib, "user") == 0) {
703                         if (ci == NULL || ci->user == NULL) {
704                                 result = 0;
705                                 continue;
706                         }
707                         if (match_pattern_list(ci->user, arg, len, 0) != 1)
708                                 result = 0;
709                         else
710                                 debug("user %.100s matched 'User %.100s' at "
711                                     "line %d", ci->user, arg, line);
712                 } else if (strcasecmp(attrib, "group") == 0) {
713                         if (ci == NULL || ci->user == NULL) {
714                                 result = 0;
715                                 continue;
716                         }
717                         switch (match_cfg_line_group(arg, line, ci->user)) {
718                         case -1:
719                                 return -1;
720                         case 0:
721                                 result = 0;
722                         }
723                 } else if (strcasecmp(attrib, "host") == 0) {
724                         if (ci == NULL || ci->host == NULL) {
725                                 result = 0;
726                                 continue;
727                         }
728                         if (match_hostname(ci->host, arg, len) != 1)
729                                 result = 0;
730                         else
731                                 debug("connection from %.100s matched 'Host "
732                                     "%.100s' at line %d", ci->host, arg, line);
733                 } else if (strcasecmp(attrib, "address") == 0) {
734                         if (ci == NULL || ci->address == NULL) {
735                                 result = 0;
736                                 continue;
737                         }
738                         switch (addr_match_list(ci->address, arg)) {
739                         case 1:
740                                 debug("connection from %.100s matched 'Address "
741                                     "%.100s' at line %d", ci->address, arg, line);
742                                 break;
743                         case 0:
744                         case -1:
745                                 result = 0;
746                                 break;
747                         case -2:
748                                 return -1;
749                         }
750                 } else if (strcasecmp(attrib, "localaddress") == 0){
751                         if (ci == NULL || ci->laddress == NULL) {
752                                 result = 0;
753                                 continue;
754                         }
755                         switch (addr_match_list(ci->laddress, arg)) {
756                         case 1:
757                                 debug("connection from %.100s matched "
758                                     "'LocalAddress %.100s' at line %d",
759                                     ci->laddress, arg, line);
760                                 break;
761                         case 0:
762                         case -1:
763                                 result = 0;
764                                 break;
765                         case -2:
766                                 return -1;
767                         }
768                 } else if (strcasecmp(attrib, "localport") == 0) {
769                         if ((port = a2port(arg)) == -1) {
770                                 error("Invalid LocalPort '%s' on Match line",
771                                     arg);
772                                 return -1;
773                         }
774                         if (ci == NULL || ci->lport == 0) {
775                                 result = 0;
776                                 continue;
777                         }
778                         /* TODO support port lists */
779                         if (port == ci->lport)
780                                 debug("connection from %.100s matched "
781                                     "'LocalPort %d' at line %d",
782                                     ci->laddress, port, line);
783                         else
784                                 result = 0;
785                 } else {
786                         error("Unsupported Match attribute %s", attrib);
787                         return -1;
788                 }
789         }
790         if (ci != NULL)
791                 debug3("match %sfound", result ? "" : "not ");
792         *condition = cp;
793         return result;
794 }
795
796 #define WHITESPACE " \t\r\n"
797
798 /* Multistate option parsing */
799 struct multistate {
800         char *key;
801         int value;
802 };
803 static const struct multistate multistate_addressfamily[] = {
804         { "inet",                       AF_INET },
805         { "inet6",                      AF_INET6 },
806         { "any",                        AF_UNSPEC },
807         { NULL, -1 }
808 };
809 static const struct multistate multistate_permitrootlogin[] = {
810         { "without-password",           PERMIT_NO_PASSWD },
811         { "forced-commands-only",       PERMIT_FORCED_ONLY },
812         { "yes",                        PERMIT_YES },
813         { "no",                         PERMIT_NO },
814         { NULL, -1 }
815 };
816 static const struct multistate multistate_compression[] = {
817         { "delayed",                    COMP_DELAYED },
818         { "yes",                        COMP_ZLIB },
819         { "no",                         COMP_NONE },
820         { NULL, -1 }
821 };
822 static const struct multistate multistate_gatewayports[] = {
823         { "clientspecified",            2 },
824         { "yes",                        1 },
825         { "no",                         0 },
826         { NULL, -1 }
827 };
828 static const struct multistate multistate_privsep[] = {
829         { "yes",                        PRIVSEP_NOSANDBOX },
830         { "sandbox",                    PRIVSEP_ON },
831         { "nosandbox",                  PRIVSEP_NOSANDBOX },
832         { "no",                         PRIVSEP_OFF },
833         { NULL, -1 }
834 };
835
836 int
837 process_server_config_line(ServerOptions *options, char *line,
838     const char *filename, int linenum, int *activep,
839     struct connection_info *connectinfo)
840 {
841         char *cp, **charptr, *arg, *p;
842         int cmdline = 0, *intptr, value, value2, n;
843         SyslogFacility *log_facility_ptr;
844         LogLevel *log_level_ptr;
845         ServerOpCodes opcode;
846         int port;
847         u_int i, flags = 0;
848         size_t len;
849         const struct multistate *multistate_ptr;
850
851         cp = line;
852         if ((arg = strdelim(&cp)) == NULL)
853                 return 0;
854         /* Ignore leading whitespace */
855         if (*arg == '\0')
856                 arg = strdelim(&cp);
857         if (!arg || !*arg || *arg == '#')
858                 return 0;
859         intptr = NULL;
860         charptr = NULL;
861         opcode = parse_token(arg, filename, linenum, &flags);
862
863         if (activep == NULL) { /* We are processing a command line directive */
864                 cmdline = 1;
865                 activep = &cmdline;
866         }
867         if (*activep && opcode != sMatch)
868                 debug3("%s:%d setting %s %s", filename, linenum, arg, cp);
869         if (*activep == 0 && !(flags & SSHCFG_MATCH)) {
870                 if (connectinfo == NULL) {
871                         fatal("%s line %d: Directive '%s' is not allowed "
872                             "within a Match block", filename, linenum, arg);
873                 } else { /* this is a directive we have already processed */
874                         while (arg)
875                                 arg = strdelim(&cp);
876                         return 0;
877                 }
878         }
879
880         switch (opcode) {
881         /* Portable-specific options */
882         case sUsePAM:
883                 intptr = &options->use_pam;
884                 goto parse_flag;
885
886         /* Standard Options */
887         case sBadOption:
888                 return -1;
889         case sPort:
890                 /* ignore ports from configfile if cmdline specifies ports */
891                 if (options->ports_from_cmdline)
892                         return 0;
893                 if (options->listen_addrs != NULL)
894                         fatal("%s line %d: ports must be specified before "
895                             "ListenAddress.", filename, linenum);
896                 if (options->num_ports >= MAX_PORTS)
897                         fatal("%s line %d: too many ports.",
898                             filename, linenum);
899                 arg = strdelim(&cp);
900                 if (!arg || *arg == '\0')
901                         fatal("%s line %d: missing port number.",
902                             filename, linenum);
903                 options->ports[options->num_ports++] = a2port(arg);
904                 if (options->ports[options->num_ports-1] <= 0)
905                         fatal("%s line %d: Badly formatted port number.",
906                             filename, linenum);
907                 break;
908
909         case sServerKeyBits:
910                 intptr = &options->server_key_bits;
911  parse_int:
912                 arg = strdelim(&cp);
913                 if (!arg || *arg == '\0')
914                         fatal("%s line %d: missing integer value.",
915                             filename, linenum);
916                 value = atoi(arg);
917                 if (*activep && *intptr == -1)
918                         *intptr = value;
919                 break;
920
921         case sLoginGraceTime:
922                 intptr = &options->login_grace_time;
923  parse_time:
924                 arg = strdelim(&cp);
925                 if (!arg || *arg == '\0')
926                         fatal("%s line %d: missing time value.",
927                             filename, linenum);
928                 if ((value = convtime(arg)) == -1)
929                         fatal("%s line %d: invalid time value.",
930                             filename, linenum);
931                 if (*intptr == -1)
932                         *intptr = value;
933                 break;
934
935         case sKeyRegenerationTime:
936                 intptr = &options->key_regeneration_time;
937                 goto parse_time;
938
939         case sListenAddress:
940                 arg = strdelim(&cp);
941                 if (arg == NULL || *arg == '\0')
942                         fatal("%s line %d: missing address",
943                             filename, linenum);
944                 /* check for bare IPv6 address: no "[]" and 2 or more ":" */
945                 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL
946                     && strchr(p+1, ':') != NULL) {
947                         add_listen_addr(options, arg, 0);
948                         break;
949                 }
950                 p = hpdelim(&arg);
951                 if (p == NULL)
952                         fatal("%s line %d: bad address:port usage",
953                             filename, linenum);
954                 p = cleanhostname(p);
955                 if (arg == NULL)
956                         port = 0;
957                 else if ((port = a2port(arg)) <= 0)
958                         fatal("%s line %d: bad port number", filename, linenum);
959
960                 add_listen_addr(options, p, port);
961
962                 break;
963
964         case sAddressFamily:
965                 intptr = &options->address_family;
966                 multistate_ptr = multistate_addressfamily;
967                 if (options->listen_addrs != NULL)
968                         fatal("%s line %d: address family must be specified "
969                             "before ListenAddress.", filename, linenum);
970  parse_multistate:
971                 arg = strdelim(&cp);
972                 if (!arg || *arg == '\0')
973                         fatal("%s line %d: missing argument.",
974                             filename, linenum);
975                 value = -1;
976                 for (i = 0; multistate_ptr[i].key != NULL; i++) {
977                         if (strcasecmp(arg, multistate_ptr[i].key) == 0) {
978                                 value = multistate_ptr[i].value;
979                                 break;
980                         }
981                 }
982                 if (value == -1)
983                         fatal("%s line %d: unsupported option \"%s\".",
984                             filename, linenum, arg);
985                 if (*activep && *intptr == -1)
986                         *intptr = value;
987                 break;
988
989         case sHostKeyFile:
990                 intptr = &options->num_host_key_files;
991                 if (*intptr >= MAX_HOSTKEYS)
992                         fatal("%s line %d: too many host keys specified (max %d).",
993                             filename, linenum, MAX_HOSTKEYS);
994                 charptr = &options->host_key_files[*intptr];
995  parse_filename:
996                 arg = strdelim(&cp);
997                 if (!arg || *arg == '\0')
998                         fatal("%s line %d: missing file name.",
999                             filename, linenum);
1000                 if (*activep && *charptr == NULL) {
1001                         *charptr = derelativise_path(arg);
1002                         /* increase optional counter */
1003                         if (intptr != NULL)
1004                                 *intptr = *intptr + 1;
1005                 }
1006                 break;
1007
1008         case sHostCertificate:
1009                 intptr = &options->num_host_cert_files;
1010                 if (*intptr >= MAX_HOSTKEYS)
1011                         fatal("%s line %d: too many host certificates "
1012                             "specified (max %d).", filename, linenum,
1013                             MAX_HOSTCERTS);
1014                 charptr = &options->host_cert_files[*intptr];
1015                 goto parse_filename;
1016                 break;
1017
1018         case sPidFile:
1019                 charptr = &options->pid_file;
1020                 goto parse_filename;
1021
1022         case sPermitRootLogin:
1023                 intptr = &options->permit_root_login;
1024                 multistate_ptr = multistate_permitrootlogin;
1025                 goto parse_multistate;
1026
1027         case sIgnoreRhosts:
1028                 intptr = &options->ignore_rhosts;
1029  parse_flag:
1030                 arg = strdelim(&cp);
1031                 if (!arg || *arg == '\0')
1032                         fatal("%s line %d: missing yes/no argument.",
1033                             filename, linenum);
1034                 value = 0;      /* silence compiler */
1035                 if (strcmp(arg, "yes") == 0)
1036                         value = 1;
1037                 else if (strcmp(arg, "no") == 0)
1038                         value = 0;
1039                 else
1040                         fatal("%s line %d: Bad yes/no argument: %s",
1041                                 filename, linenum, arg);
1042                 if (*activep && *intptr == -1)
1043                         *intptr = value;
1044                 break;
1045
1046         case sNoneEnabled:
1047                 intptr = &options->none_enabled;
1048                 goto parse_flag;
1049
1050         case sTcpRcvBufPoll:
1051                 intptr = &options->tcp_rcv_buf_poll;
1052                 goto parse_flag;
1053
1054         case sHPNDisabled:
1055                 intptr = &options->hpn_disabled;
1056                 goto parse_flag;
1057
1058         case sHPNBufferSize:
1059                 intptr = &options->hpn_buffer_size;
1060                 goto parse_int;
1061
1062         case sIgnoreUserKnownHosts:
1063                 intptr = &options->ignore_user_known_hosts;
1064                 goto parse_flag;
1065
1066         case sRhostsRSAAuthentication:
1067                 intptr = &options->rhosts_rsa_authentication;
1068                 goto parse_flag;
1069
1070         case sHostbasedAuthentication:
1071                 intptr = &options->hostbased_authentication;
1072                 goto parse_flag;
1073
1074         case sHostbasedUsesNameFromPacketOnly:
1075                 intptr = &options->hostbased_uses_name_from_packet_only;
1076                 goto parse_flag;
1077
1078         case sRSAAuthentication:
1079                 intptr = &options->rsa_authentication;
1080                 goto parse_flag;
1081
1082         case sPubkeyAuthentication:
1083                 intptr = &options->pubkey_authentication;
1084                 goto parse_flag;
1085
1086         case sKerberosAuthentication:
1087                 intptr = &options->kerberos_authentication;
1088                 goto parse_flag;
1089
1090         case sKerberosOrLocalPasswd:
1091                 intptr = &options->kerberos_or_local_passwd;
1092                 goto parse_flag;
1093
1094         case sKerberosTicketCleanup:
1095                 intptr = &options->kerberos_ticket_cleanup;
1096                 goto parse_flag;
1097
1098         case sKerberosGetAFSToken:
1099                 intptr = &options->kerberos_get_afs_token;
1100                 goto parse_flag;
1101
1102         case sGssAuthentication:
1103                 intptr = &options->gss_authentication;
1104                 goto parse_flag;
1105
1106         case sGssCleanupCreds:
1107                 intptr = &options->gss_cleanup_creds;
1108                 goto parse_flag;
1109
1110         case sPasswordAuthentication:
1111                 intptr = &options->password_authentication;
1112                 goto parse_flag;
1113
1114         case sZeroKnowledgePasswordAuthentication:
1115                 intptr = &options->zero_knowledge_password_authentication;
1116                 goto parse_flag;
1117
1118         case sKbdInteractiveAuthentication:
1119                 intptr = &options->kbd_interactive_authentication;
1120                 goto parse_flag;
1121
1122         case sChallengeResponseAuthentication:
1123                 intptr = &options->challenge_response_authentication;
1124                 goto parse_flag;
1125
1126         case sPrintMotd:
1127                 intptr = &options->print_motd;
1128                 goto parse_flag;
1129
1130         case sPrintLastLog:
1131                 intptr = &options->print_lastlog;
1132                 goto parse_flag;
1133
1134         case sX11Forwarding:
1135                 intptr = &options->x11_forwarding;
1136                 goto parse_flag;
1137
1138         case sX11DisplayOffset:
1139                 intptr = &options->x11_display_offset;
1140                 goto parse_int;
1141
1142         case sX11UseLocalhost:
1143                 intptr = &options->x11_use_localhost;
1144                 goto parse_flag;
1145
1146         case sXAuthLocation:
1147                 charptr = &options->xauth_location;
1148                 goto parse_filename;
1149
1150         case sStrictModes:
1151                 intptr = &options->strict_modes;
1152                 goto parse_flag;
1153
1154         case sTCPKeepAlive:
1155                 intptr = &options->tcp_keep_alive;
1156                 goto parse_flag;
1157
1158         case sPermitBlacklistedKeys:
1159                 intptr = &options->permit_blacklisted_keys;
1160                 goto parse_flag;
1161
1162         case sEmptyPasswd:
1163                 intptr = &options->permit_empty_passwd;
1164                 goto parse_flag;
1165
1166         case sPermitUserEnvironment:
1167                 intptr = &options->permit_user_env;
1168                 goto parse_flag;
1169
1170         case sUseLogin:
1171                 intptr = &options->use_login;
1172                 goto parse_flag;
1173
1174         case sCompression:
1175                 intptr = &options->compression;
1176                 multistate_ptr = multistate_compression;
1177                 goto parse_multistate;
1178
1179         case sGatewayPorts:
1180                 intptr = &options->gateway_ports;
1181                 multistate_ptr = multistate_gatewayports;
1182                 goto parse_multistate;
1183
1184         case sUseDNS:
1185                 intptr = &options->use_dns;
1186                 goto parse_flag;
1187
1188         case sLogFacility:
1189                 log_facility_ptr = &options->log_facility;
1190                 arg = strdelim(&cp);
1191                 value = log_facility_number(arg);
1192                 if (value == SYSLOG_FACILITY_NOT_SET)
1193                         fatal("%.200s line %d: unsupported log facility '%s'",
1194                             filename, linenum, arg ? arg : "<NONE>");
1195                 if (*log_facility_ptr == -1)
1196                         *log_facility_ptr = (SyslogFacility) value;
1197                 break;
1198
1199         case sLogLevel:
1200                 log_level_ptr = &options->log_level;
1201                 arg = strdelim(&cp);
1202                 value = log_level_number(arg);
1203                 if (value == SYSLOG_LEVEL_NOT_SET)
1204                         fatal("%.200s line %d: unsupported log level '%s'",
1205                             filename, linenum, arg ? arg : "<NONE>");
1206                 if (*log_level_ptr == -1)
1207                         *log_level_ptr = (LogLevel) value;
1208                 break;
1209
1210         case sAllowTcpForwarding:
1211                 intptr = &options->allow_tcp_forwarding;
1212                 goto parse_flag;
1213
1214         case sAllowAgentForwarding:
1215                 intptr = &options->allow_agent_forwarding;
1216                 goto parse_flag;
1217
1218         case sUsePrivilegeSeparation:
1219                 intptr = &use_privsep;
1220                 multistate_ptr = multistate_privsep;
1221                 goto parse_multistate;
1222
1223         case sAllowUsers:
1224                 while ((arg = strdelim(&cp)) && *arg != '\0') {
1225                         if (options->num_allow_users >= MAX_ALLOW_USERS)
1226                                 fatal("%s line %d: too many allow users.",
1227                                     filename, linenum);
1228                         if (!*activep)
1229                                 continue;
1230                         options->allow_users[options->num_allow_users++] =
1231                             xstrdup(arg);
1232                 }
1233                 break;
1234
1235         case sDenyUsers:
1236                 while ((arg = strdelim(&cp)) && *arg != '\0') {
1237                         if (options->num_deny_users >= MAX_DENY_USERS)
1238                                 fatal("%s line %d: too many deny users.",
1239                                     filename, linenum);
1240                         if (!*activep)
1241                                 continue;
1242                         options->deny_users[options->num_deny_users++] =
1243                             xstrdup(arg);
1244                 }
1245                 break;
1246
1247         case sAllowGroups:
1248                 while ((arg = strdelim(&cp)) && *arg != '\0') {
1249                         if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
1250                                 fatal("%s line %d: too many allow groups.",
1251                                     filename, linenum);
1252                         if (!*activep)
1253                                 continue;
1254                         options->allow_groups[options->num_allow_groups++] =
1255                             xstrdup(arg);
1256                 }
1257                 break;
1258
1259         case sDenyGroups:
1260                 while ((arg = strdelim(&cp)) && *arg != '\0') {
1261                         if (options->num_deny_groups >= MAX_DENY_GROUPS)
1262                                 fatal("%s line %d: too many deny groups.",
1263                                     filename, linenum);
1264                         if (!*activep)
1265                                 continue;
1266                         options->deny_groups[options->num_deny_groups++] =
1267                             xstrdup(arg);
1268                 }
1269                 break;
1270
1271         case sCiphers:
1272                 arg = strdelim(&cp);
1273                 if (!arg || *arg == '\0')
1274                         fatal("%s line %d: Missing argument.", filename, linenum);
1275                 if (!ciphers_valid(arg))
1276                         fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
1277                             filename, linenum, arg ? arg : "<NONE>");
1278                 if (options->ciphers == NULL)
1279                         options->ciphers = xstrdup(arg);
1280                 break;
1281
1282         case sMacs:
1283                 arg = strdelim(&cp);
1284                 if (!arg || *arg == '\0')
1285                         fatal("%s line %d: Missing argument.", filename, linenum);
1286                 if (!mac_valid(arg))
1287                         fatal("%s line %d: Bad SSH2 mac spec '%s'.",
1288                             filename, linenum, arg ? arg : "<NONE>");
1289                 if (options->macs == NULL)
1290                         options->macs = xstrdup(arg);
1291                 break;
1292
1293         case sKexAlgorithms:
1294                 arg = strdelim(&cp);
1295                 if (!arg || *arg == '\0')
1296                         fatal("%s line %d: Missing argument.",
1297                             filename, linenum);
1298                 if (!kex_names_valid(arg))
1299                         fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.",
1300                             filename, linenum, arg ? arg : "<NONE>");
1301                 if (options->kex_algorithms == NULL)
1302                         options->kex_algorithms = xstrdup(arg);
1303                 break;
1304
1305         case sProtocol:
1306                 intptr = &options->protocol;
1307                 arg = strdelim(&cp);
1308                 if (!arg || *arg == '\0')
1309                         fatal("%s line %d: Missing argument.", filename, linenum);
1310                 value = proto_spec(arg);
1311                 if (value == SSH_PROTO_UNKNOWN)
1312                         fatal("%s line %d: Bad protocol spec '%s'.",
1313                             filename, linenum, arg ? arg : "<NONE>");
1314                 if (*intptr == SSH_PROTO_UNKNOWN)
1315                         *intptr = value;
1316                 break;
1317
1318         case sSubsystem:
1319                 if (options->num_subsystems >= MAX_SUBSYSTEMS) {
1320                         fatal("%s line %d: too many subsystems defined.",
1321                             filename, linenum);
1322                 }
1323                 arg = strdelim(&cp);
1324                 if (!arg || *arg == '\0')
1325                         fatal("%s line %d: Missing subsystem name.",
1326                             filename, linenum);
1327                 if (!*activep) {
1328                         arg = strdelim(&cp);
1329                         break;
1330                 }
1331                 for (i = 0; i < options->num_subsystems; i++)
1332                         if (strcmp(arg, options->subsystem_name[i]) == 0)
1333                                 fatal("%s line %d: Subsystem '%s' already defined.",
1334                                     filename, linenum, arg);
1335                 options->subsystem_name[options->num_subsystems] = xstrdup(arg);
1336                 arg = strdelim(&cp);
1337                 if (!arg || *arg == '\0')
1338                         fatal("%s line %d: Missing subsystem command.",
1339                             filename, linenum);
1340                 options->subsystem_command[options->num_subsystems] = xstrdup(arg);
1341
1342                 /* Collect arguments (separate to executable) */
1343                 p = xstrdup(arg);
1344                 len = strlen(p) + 1;
1345                 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') {
1346                         len += 1 + strlen(arg);
1347                         p = xrealloc(p, 1, len);
1348                         strlcat(p, " ", len);
1349                         strlcat(p, arg, len);
1350                 }
1351                 options->subsystem_args[options->num_subsystems] = p;
1352                 options->num_subsystems++;
1353                 break;
1354
1355         case sMaxStartups:
1356                 arg = strdelim(&cp);
1357                 if (!arg || *arg == '\0')
1358                         fatal("%s line %d: Missing MaxStartups spec.",
1359                             filename, linenum);
1360                 if ((n = sscanf(arg, "%d:%d:%d",
1361                     &options->max_startups_begin,
1362                     &options->max_startups_rate,
1363                     &options->max_startups)) == 3) {
1364                         if (options->max_startups_begin >
1365                             options->max_startups ||
1366                             options->max_startups_rate > 100 ||
1367                             options->max_startups_rate < 1)
1368                                 fatal("%s line %d: Illegal MaxStartups spec.",
1369                                     filename, linenum);
1370                 } else if (n != 1)
1371                         fatal("%s line %d: Illegal MaxStartups spec.",
1372                             filename, linenum);
1373                 else
1374                         options->max_startups = options->max_startups_begin;
1375                 break;
1376
1377         case sMaxAuthTries:
1378                 intptr = &options->max_authtries;
1379                 goto parse_int;
1380
1381         case sMaxSessions:
1382                 intptr = &options->max_sessions;
1383                 goto parse_int;
1384
1385         case sBanner:
1386                 charptr = &options->banner;
1387                 goto parse_filename;
1388
1389         /*
1390          * These options can contain %X options expanded at
1391          * connect time, so that you can specify paths like:
1392          *
1393          * AuthorizedKeysFile   /etc/ssh_keys/%u
1394          */
1395         case sAuthorizedKeysFile:
1396                 if (*activep && options->num_authkeys_files == 0) {
1397                         while ((arg = strdelim(&cp)) && *arg != '\0') {
1398                                 if (options->num_authkeys_files >=
1399                                     MAX_AUTHKEYS_FILES)
1400                                         fatal("%s line %d: "
1401                                             "too many authorized keys files.",
1402                                             filename, linenum);
1403                                 options->authorized_keys_files[
1404                                     options->num_authkeys_files++] =
1405                                     tilde_expand_filename(arg, getuid());
1406                         }
1407                 }
1408                 return 0;
1409
1410         case sAuthorizedPrincipalsFile:
1411                 charptr = &options->authorized_principals_file;
1412                 arg = strdelim(&cp);
1413                 if (!arg || *arg == '\0')
1414                         fatal("%s line %d: missing file name.",
1415                             filename, linenum);
1416                 if (*activep && *charptr == NULL) {
1417                         *charptr = tilde_expand_filename(arg, getuid());
1418                         /* increase optional counter */
1419                         if (intptr != NULL)
1420                                 *intptr = *intptr + 1;
1421                 }
1422                 break;
1423
1424         case sClientAliveInterval:
1425                 intptr = &options->client_alive_interval;
1426                 goto parse_time;
1427
1428         case sClientAliveCountMax:
1429                 intptr = &options->client_alive_count_max;
1430                 goto parse_int;
1431
1432         case sAcceptEnv:
1433                 while ((arg = strdelim(&cp)) && *arg != '\0') {
1434                         if (strchr(arg, '=') != NULL)
1435                                 fatal("%s line %d: Invalid environment name.",
1436                                     filename, linenum);
1437                         if (options->num_accept_env >= MAX_ACCEPT_ENV)
1438                                 fatal("%s line %d: too many allow env.",
1439                                     filename, linenum);
1440                         if (!*activep)
1441                                 continue;
1442                         options->accept_env[options->num_accept_env++] =
1443                             xstrdup(arg);
1444                 }
1445                 break;
1446
1447         case sPermitTunnel:
1448                 intptr = &options->permit_tun;
1449                 arg = strdelim(&cp);
1450                 if (!arg || *arg == '\0')
1451                         fatal("%s line %d: Missing yes/point-to-point/"
1452                             "ethernet/no argument.", filename, linenum);
1453                 value = -1;
1454                 for (i = 0; tunmode_desc[i].val != -1; i++)
1455                         if (strcmp(tunmode_desc[i].text, arg) == 0) {
1456                                 value = tunmode_desc[i].val;
1457                                 break;
1458                         }
1459                 if (value == -1)
1460                         fatal("%s line %d: Bad yes/point-to-point/ethernet/"
1461                             "no argument: %s", filename, linenum, arg);
1462                 if (*intptr == -1)
1463                         *intptr = value;
1464                 break;
1465
1466         case sMatch:
1467                 if (cmdline)
1468                         fatal("Match directive not supported as a command-line "
1469                            "option");
1470                 value = match_cfg_line(&cp, linenum, connectinfo);
1471                 if (value < 0)
1472                         fatal("%s line %d: Bad Match condition", filename,
1473                             linenum);
1474                 *activep = value;
1475                 break;
1476
1477         case sPermitOpen:
1478                 arg = strdelim(&cp);
1479                 if (!arg || *arg == '\0')
1480                         fatal("%s line %d: missing PermitOpen specification",
1481                             filename, linenum);
1482                 n = options->num_permitted_opens;       /* modified later */
1483                 if (strcmp(arg, "any") == 0) {
1484                         if (*activep && n == -1) {
1485                                 channel_clear_adm_permitted_opens();
1486                                 options->num_permitted_opens = 0;
1487                         }
1488                         break;
1489                 }
1490                 if (strcmp(arg, "none") == 0) {
1491                         if (*activep && n == -1) {
1492                                 channel_clear_adm_permitted_opens();
1493                                 options->num_permitted_opens = 1;
1494                                 channel_disable_adm_local_opens();
1495                         }
1496                         break;
1497                 }
1498                 if (*activep && n == -1)
1499                         channel_clear_adm_permitted_opens();
1500                 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) {
1501                         p = hpdelim(&arg);
1502                         if (p == NULL)
1503                                 fatal("%s line %d: missing host in PermitOpen",
1504                                     filename, linenum);
1505                         p = cleanhostname(p);
1506                         if (arg == NULL || ((port = permitopen_port(arg)) < 0))
1507                                 fatal("%s line %d: bad port number in "
1508                                     "PermitOpen", filename, linenum);
1509                         if (*activep && n == -1)
1510                                 options->num_permitted_opens =
1511                                     channel_add_adm_permitted_opens(p, port);
1512                 }
1513                 break;
1514
1515         case sForceCommand:
1516                 if (cp == NULL)
1517                         fatal("%.200s line %d: Missing argument.", filename,
1518                             linenum);
1519                 len = strspn(cp, WHITESPACE);
1520                 if (*activep && options->adm_forced_command == NULL)
1521                         options->adm_forced_command = xstrdup(cp + len);
1522                 return 0;
1523
1524         case sChrootDirectory:
1525                 charptr = &options->chroot_directory;
1526
1527                 arg = strdelim(&cp);
1528                 if (!arg || *arg == '\0')
1529                         fatal("%s line %d: missing file name.",
1530                             filename, linenum);
1531                 if (*activep && *charptr == NULL)
1532                         *charptr = xstrdup(arg);
1533                 break;
1534
1535         case sTrustedUserCAKeys:
1536                 charptr = &options->trusted_user_ca_keys;
1537                 goto parse_filename;
1538
1539         case sRevokedKeys:
1540                 charptr = &options->revoked_keys_file;
1541                 goto parse_filename;
1542
1543         case sIPQoS:
1544                 arg = strdelim(&cp);
1545                 if ((value = parse_ipqos(arg)) == -1)
1546                         fatal("%s line %d: Bad IPQoS value: %s",
1547                             filename, linenum, arg);
1548                 arg = strdelim(&cp);
1549                 if (arg == NULL)
1550                         value2 = value;
1551                 else if ((value2 = parse_ipqos(arg)) == -1)
1552                         fatal("%s line %d: Bad IPQoS value: %s",
1553                             filename, linenum, arg);
1554                 if (*activep) {
1555                         options->ip_qos_interactive = value;
1556                         options->ip_qos_bulk = value2;
1557                 }
1558                 break;
1559
1560         case sVersionAddendum:
1561                 if (cp == NULL)
1562                         fatal("%.200s line %d: Missing argument.", filename,
1563                             linenum);
1564                 len = strspn(cp, WHITESPACE);
1565                 if (*activep && options->version_addendum == NULL) {
1566                         if (strcasecmp(cp + len, "none") == 0)
1567                                 options->version_addendum = xstrdup("");
1568                         else if (strchr(cp + len, '\r') != NULL)
1569                                 fatal("%.200s line %d: Invalid argument",
1570                                     filename, linenum);
1571                         else
1572                                 options->version_addendum = xstrdup(cp + len);
1573                 }
1574                 return 0;
1575
1576         case sDeprecated:
1577                 logit("%s line %d: Deprecated option %s",
1578                     filename, linenum, arg);
1579                 while (arg)
1580                     arg = strdelim(&cp);
1581                 break;
1582
1583         case sUnsupported:
1584                 logit("%s line %d: Unsupported option %s",
1585                     filename, linenum, arg);
1586                 while (arg)
1587                     arg = strdelim(&cp);
1588                 break;
1589
1590         default:
1591                 fatal("%s line %d: Missing handler for opcode %s (%d)",
1592                     filename, linenum, arg, opcode);
1593         }
1594         if ((arg = strdelim(&cp)) != NULL && *arg != '\0')
1595                 fatal("%s line %d: garbage at end of line; \"%.200s\".",
1596                     filename, linenum, arg);
1597         return 0;
1598 }
1599
1600 /* Reads the server configuration file. */
1601
1602 void
1603 load_server_config(const char *filename, Buffer *conf)
1604 {
1605         char line[4096], *cp;
1606         FILE *f;
1607         int lineno = 0;
1608
1609         debug2("%s: filename %s", __func__, filename);
1610         if ((f = fopen(filename, "r")) == NULL) {
1611                 perror(filename);
1612                 exit(1);
1613         }
1614         buffer_clear(conf);
1615         while (fgets(line, sizeof(line), f)) {
1616                 lineno++;
1617                 if (strlen(line) == sizeof(line) - 1)
1618                         fatal("%s line %d too long", filename, lineno);
1619                 /*
1620                  * Trim out comments and strip whitespace
1621                  * NB - preserve newlines, they are needed to reproduce
1622                  * line numbers later for error messages
1623                  */
1624                 if ((cp = strchr(line, '#')) != NULL)
1625                         memcpy(cp, "\n", 2);
1626                 cp = line + strspn(line, " \t\r");
1627
1628                 buffer_append(conf, cp, strlen(cp));
1629         }
1630         buffer_append(conf, "\0", 1);
1631         fclose(f);
1632         debug2("%s: done config len = %d", __func__, buffer_len(conf));
1633 }
1634
1635 void
1636 parse_server_match_config(ServerOptions *options,
1637    struct connection_info *connectinfo)
1638 {
1639         ServerOptions mo;
1640
1641         initialize_server_options(&mo);
1642         parse_server_config(&mo, "reprocess config", &cfg, connectinfo);
1643         copy_set_server_options(options, &mo, 0);
1644 }
1645
1646 int parse_server_match_testspec(struct connection_info *ci, char *spec)
1647 {
1648         char *p;
1649
1650         while ((p = strsep(&spec, ",")) && *p != '\0') {
1651                 if (strncmp(p, "addr=", 5) == 0) {
1652                         ci->address = xstrdup(p + 5);
1653                 } else if (strncmp(p, "host=", 5) == 0) {
1654                         ci->host = xstrdup(p + 5);
1655                 } else if (strncmp(p, "user=", 5) == 0) {
1656                         ci->user = xstrdup(p + 5);
1657                 } else if (strncmp(p, "laddr=", 6) == 0) {
1658                         ci->laddress = xstrdup(p + 6);
1659                 } else if (strncmp(p, "lport=", 6) == 0) {
1660                         ci->lport = a2port(p + 6);
1661                         if (ci->lport == -1) {
1662                                 fprintf(stderr, "Invalid port '%s' in test mode"
1663                                    " specification %s\n", p+6, p);
1664                                 return -1;
1665                         }
1666                 } else {
1667                         fprintf(stderr, "Invalid test mode specification %s\n",
1668                            p);
1669                         return -1;
1670                 }
1671         }
1672         return 0;
1673 }
1674
1675 /*
1676  * returns 1 for a complete spec, 0 for partial spec and -1 for an
1677  * empty spec.
1678  */
1679 int server_match_spec_complete(struct connection_info *ci)
1680 {
1681         if (ci->user && ci->host && ci->address)
1682                 return 1;       /* complete */
1683         if (!ci->user && !ci->host && !ci->address)
1684                 return -1;      /* empty */
1685         return 0;       /* partial */
1686 }
1687
1688 /* Helper macros */
1689 #define M_CP_INTOPT(n) do {\
1690         if (src->n != -1) \
1691                 dst->n = src->n; \
1692 } while (0)
1693 #define M_CP_STROPT(n) do {\
1694         if (src->n != NULL) { \
1695                 if (dst->n != NULL) \
1696                         xfree(dst->n); \
1697                 dst->n = src->n; \
1698         } \
1699 } while(0)
1700 #define M_CP_STRARRAYOPT(n, num_n) do {\
1701         if (src->num_n != 0) { \
1702                 for (dst->num_n = 0; dst->num_n < src->num_n; dst->num_n++) \
1703                         dst->n[dst->num_n] = xstrdup(src->n[dst->num_n]); \
1704         } \
1705 } while(0)
1706
1707 /*
1708  * Copy any supported values that are set.
1709  *
1710  * If the preauth flag is set, we do not bother copying the string or
1711  * array values that are not used pre-authentication, because any that we
1712  * do use must be explictly sent in mm_getpwnamallow().
1713  */
1714 void
1715 copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
1716 {
1717         M_CP_INTOPT(password_authentication);
1718         M_CP_INTOPT(gss_authentication);
1719         M_CP_INTOPT(rsa_authentication);
1720         M_CP_INTOPT(pubkey_authentication);
1721         M_CP_INTOPT(kerberos_authentication);
1722         M_CP_INTOPT(hostbased_authentication);
1723         M_CP_INTOPT(hostbased_uses_name_from_packet_only);
1724         M_CP_INTOPT(kbd_interactive_authentication);
1725         M_CP_INTOPT(zero_knowledge_password_authentication);
1726         M_CP_INTOPT(permit_root_login);
1727         M_CP_INTOPT(permit_empty_passwd);
1728
1729         M_CP_INTOPT(allow_tcp_forwarding);
1730         M_CP_INTOPT(allow_agent_forwarding);
1731         M_CP_INTOPT(permit_tun);
1732         M_CP_INTOPT(gateway_ports);
1733         M_CP_INTOPT(x11_display_offset);
1734         M_CP_INTOPT(x11_forwarding);
1735         M_CP_INTOPT(x11_use_localhost);
1736         M_CP_INTOPT(max_sessions);
1737         M_CP_INTOPT(max_authtries);
1738         M_CP_INTOPT(ip_qos_interactive);
1739         M_CP_INTOPT(ip_qos_bulk);
1740
1741         /* See comment in servconf.h */
1742         COPY_MATCH_STRING_OPTS();
1743
1744         /*
1745          * The only things that should be below this point are string options
1746          * which are only used after authentication.
1747          */
1748         if (preauth)
1749                 return;
1750
1751         M_CP_STROPT(adm_forced_command);
1752         M_CP_STROPT(chroot_directory);
1753 }
1754
1755 #undef M_CP_INTOPT
1756 #undef M_CP_STROPT
1757 #undef M_CP_STRARRAYOPT
1758
1759 void
1760 parse_server_config(ServerOptions *options, const char *filename, Buffer *conf,
1761     struct connection_info *connectinfo)
1762 {
1763         int active, linenum, bad_options = 0;
1764         char *cp, *obuf, *cbuf;
1765
1766         debug2("%s: config %s len %d", __func__, filename, buffer_len(conf));
1767
1768         obuf = cbuf = xstrdup(buffer_ptr(conf));
1769         active = connectinfo ? 0 : 1;
1770         linenum = 1;
1771         while ((cp = strsep(&cbuf, "\n")) != NULL) {
1772                 if (process_server_config_line(options, cp, filename,
1773                     linenum++, &active, connectinfo) != 0)
1774                         bad_options++;
1775         }
1776         xfree(obuf);
1777         if (bad_options > 0)
1778                 fatal("%s: terminating, %d bad configuration options",
1779                     filename, bad_options);
1780 }
1781
1782 static const char *
1783 fmt_multistate_int(int val, const struct multistate *m)
1784 {
1785         u_int i;
1786
1787         for (i = 0; m[i].key != NULL; i++) {
1788                 if (m[i].value == val)
1789                         return m[i].key;
1790         }
1791         return "UNKNOWN";
1792 }
1793
1794 static const char *
1795 fmt_intarg(ServerOpCodes code, int val)
1796 {
1797         if (val == -1)
1798                 return "unset";
1799         switch (code) {
1800         case sAddressFamily:
1801                 return fmt_multistate_int(val, multistate_addressfamily);
1802         case sPermitRootLogin:
1803                 return fmt_multistate_int(val, multistate_permitrootlogin);
1804         case sGatewayPorts:
1805                 return fmt_multistate_int(val, multistate_gatewayports);
1806         case sCompression:
1807                 return fmt_multistate_int(val, multistate_compression);
1808         case sUsePrivilegeSeparation:
1809                 return fmt_multistate_int(val, multistate_privsep);
1810         case sProtocol:
1811                 switch (val) {
1812                 case SSH_PROTO_1:
1813                         return "1";
1814                 case SSH_PROTO_2:
1815                         return "2";
1816                 case (SSH_PROTO_1|SSH_PROTO_2):
1817                         return "2,1";
1818                 default:
1819                         return "UNKNOWN";
1820                 }
1821         default:
1822                 switch (val) {
1823                 case 0:
1824                         return "no";
1825                 case 1:
1826                         return "yes";
1827                 default:
1828                         return "UNKNOWN";
1829                 }
1830         }
1831 }
1832
1833 static const char *
1834 lookup_opcode_name(ServerOpCodes code)
1835 {
1836         u_int i;
1837
1838         for (i = 0; keywords[i].name != NULL; i++)
1839                 if (keywords[i].opcode == code)
1840                         return(keywords[i].name);
1841         return "UNKNOWN";
1842 }
1843
1844 static void
1845 dump_cfg_int(ServerOpCodes code, int val)
1846 {
1847         printf("%s %d\n", lookup_opcode_name(code), val);
1848 }
1849
1850 static void
1851 dump_cfg_fmtint(ServerOpCodes code, int val)
1852 {
1853         printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val));
1854 }
1855
1856 static void
1857 dump_cfg_string(ServerOpCodes code, const char *val)
1858 {
1859         if (val == NULL)
1860                 return;
1861         printf("%s %s\n", lookup_opcode_name(code), val);
1862 }
1863
1864 static void
1865 dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals)
1866 {
1867         u_int i;
1868
1869         for (i = 0; i < count; i++)
1870                 printf("%s %s\n", lookup_opcode_name(code), vals[i]);
1871 }
1872
1873 static void
1874 dump_cfg_strarray_oneline(ServerOpCodes code, u_int count, char **vals)
1875 {
1876         u_int i;
1877
1878         printf("%s", lookup_opcode_name(code));
1879         for (i = 0; i < count; i++)
1880                 printf(" %s",  vals[i]);
1881         printf("\n");
1882 }
1883
1884 void
1885 dump_config(ServerOptions *o)
1886 {
1887         u_int i;
1888         int ret;
1889         struct addrinfo *ai;
1890         char addr[NI_MAXHOST], port[NI_MAXSERV], *s = NULL;
1891
1892         /* these are usually at the top of the config */
1893         for (i = 0; i < o->num_ports; i++)
1894                 printf("port %d\n", o->ports[i]);
1895         dump_cfg_fmtint(sProtocol, o->protocol);
1896         dump_cfg_fmtint(sAddressFamily, o->address_family);
1897
1898         /* ListenAddress must be after Port */
1899         for (ai = o->listen_addrs; ai; ai = ai->ai_next) {
1900                 if ((ret = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr,
1901                     sizeof(addr), port, sizeof(port),
1902                     NI_NUMERICHOST|NI_NUMERICSERV)) != 0) {
1903                         error("getnameinfo failed: %.100s",
1904                             (ret != EAI_SYSTEM) ? gai_strerror(ret) :
1905                             strerror(errno));
1906                 } else {
1907                         if (ai->ai_family == AF_INET6)
1908                                 printf("listenaddress [%s]:%s\n", addr, port);
1909                         else
1910                                 printf("listenaddress %s:%s\n", addr, port);
1911                 }
1912         }
1913
1914         /* integer arguments */
1915 #ifdef USE_PAM
1916         dump_cfg_int(sUsePAM, o->use_pam);
1917 #endif
1918         dump_cfg_int(sServerKeyBits, o->server_key_bits);
1919         dump_cfg_int(sLoginGraceTime, o->login_grace_time);
1920         dump_cfg_int(sKeyRegenerationTime, o->key_regeneration_time);
1921         dump_cfg_int(sX11DisplayOffset, o->x11_display_offset);
1922         dump_cfg_int(sMaxAuthTries, o->max_authtries);
1923         dump_cfg_int(sMaxSessions, o->max_sessions);
1924         dump_cfg_int(sClientAliveInterval, o->client_alive_interval);
1925         dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max);
1926
1927         /* formatted integer arguments */
1928         dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login);
1929         dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts);
1930         dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts);
1931         dump_cfg_fmtint(sRhostsRSAAuthentication, o->rhosts_rsa_authentication);
1932         dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication);
1933         dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly,
1934             o->hostbased_uses_name_from_packet_only);
1935         dump_cfg_fmtint(sRSAAuthentication, o->rsa_authentication);
1936         dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication);
1937 #ifdef KRB5
1938         dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication);
1939         dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd);
1940         dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup);
1941 # ifdef USE_AFS
1942         dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token);
1943 # endif
1944 #endif
1945 #ifdef GSSAPI
1946         dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
1947         dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds);
1948 #endif
1949 #ifdef JPAKE
1950         dump_cfg_fmtint(sZeroKnowledgePasswordAuthentication,
1951             o->zero_knowledge_password_authentication);
1952 #endif
1953         dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication);
1954         dump_cfg_fmtint(sKbdInteractiveAuthentication,
1955             o->kbd_interactive_authentication);
1956         dump_cfg_fmtint(sChallengeResponseAuthentication,
1957             o->challenge_response_authentication);
1958         dump_cfg_fmtint(sPrintMotd, o->print_motd);
1959         dump_cfg_fmtint(sPrintLastLog, o->print_lastlog);
1960         dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding);
1961         dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost);
1962         dump_cfg_fmtint(sStrictModes, o->strict_modes);
1963         dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);
1964         dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd);
1965         dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);
1966         dump_cfg_fmtint(sUseLogin, o->use_login);
1967         dump_cfg_fmtint(sCompression, o->compression);
1968         dump_cfg_fmtint(sGatewayPorts, o->gateway_ports);
1969         dump_cfg_fmtint(sUseDNS, o->use_dns);
1970         dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);
1971         dump_cfg_fmtint(sUsePrivilegeSeparation, use_privsep);
1972
1973         /* string arguments */
1974         dump_cfg_string(sPidFile, o->pid_file);
1975         dump_cfg_string(sXAuthLocation, o->xauth_location);
1976         dump_cfg_string(sCiphers, o->ciphers);
1977         dump_cfg_string(sMacs, o->macs);
1978         dump_cfg_string(sBanner, o->banner);
1979         dump_cfg_string(sForceCommand, o->adm_forced_command);
1980         dump_cfg_string(sChrootDirectory, o->chroot_directory);
1981         dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys);
1982         dump_cfg_string(sRevokedKeys, o->revoked_keys_file);
1983         dump_cfg_string(sAuthorizedPrincipalsFile,
1984             o->authorized_principals_file);
1985         dump_cfg_string(sVersionAddendum, o->version_addendum);
1986
1987         /* string arguments requiring a lookup */
1988         dump_cfg_string(sLogLevel, log_level_name(o->log_level));
1989         dump_cfg_string(sLogFacility, log_facility_name(o->log_facility));
1990
1991         /* string array arguments */
1992         dump_cfg_strarray_oneline(sAuthorizedKeysFile, o->num_authkeys_files,
1993             o->authorized_keys_files);
1994         dump_cfg_strarray(sHostKeyFile, o->num_host_key_files,
1995              o->host_key_files);
1996         dump_cfg_strarray(sHostKeyFile, o->num_host_cert_files,
1997              o->host_cert_files);
1998         dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users);
1999         dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users);
2000         dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups);
2001         dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups);
2002         dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env);
2003
2004         /* other arguments */
2005         for (i = 0; i < o->num_subsystems; i++)
2006                 printf("subsystem %s %s\n", o->subsystem_name[i],
2007                     o->subsystem_args[i]);
2008
2009         printf("maxstartups %d:%d:%d\n", o->max_startups_begin,
2010             o->max_startups_rate, o->max_startups);
2011
2012         for (i = 0; tunmode_desc[i].val != -1; i++)
2013                 if (tunmode_desc[i].val == o->permit_tun) {
2014                         s = tunmode_desc[i].text;
2015                         break;
2016                 }
2017         dump_cfg_string(sPermitTunnel, s);
2018
2019         printf("ipqos %s ", iptos2str(o->ip_qos_interactive));
2020         printf("%s\n", iptos2str(o->ip_qos_bulk));
2021
2022         channel_print_adm_permitted_opens();
2023 }