summaryrefslogtreecommitdiffstats
path: root/readconf.c
diff options
context:
space:
mode:
Diffstat (limited to 'readconf.c')
-rw-r--r--readconf.c128
1 files changed, 68 insertions, 60 deletions
diff --git a/readconf.c b/readconf.c
index 36265e4..1464430 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.196 2013/02/22 04:45:08 dtucker Exp $ */
+/* $OpenBSD: readconf.c,v 1.204 2013/06/10 19:19:44 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -30,6 +30,9 @@
#include <stdio.h>
#include <string.h>
#include <unistd.h>
+#ifdef HAVE_UTIL_H
+#include <util.h>
+#endif
#include "xmalloc.h"
#include "ssh.h"
@@ -134,8 +137,8 @@ typedef enum {
oHashKnownHosts,
oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
- oKexAlgorithms, oIPQoS, oRequestTTY,
- oDeprecated, oUnsupported
+ oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown,
+ oIgnoredUnknownOption, oDeprecated, oUnsupported
} OpCodes;
/* Textual representations of the tokens. */
@@ -246,6 +249,7 @@ static struct {
{ "kexalgorithms", oKexAlgorithms },
{ "ipqos", oIPQoS },
{ "requesttty", oRequestTTY },
+ { "ignoreunknown", oIgnoreUnknown },
{ NULL, oBadOption }
};
@@ -304,22 +308,20 @@ clear_forwardings(Options *options)
int i;
for (i = 0; i < options->num_local_forwards; i++) {
- if (options->local_forwards[i].listen_host != NULL)
- xfree(options->local_forwards[i].listen_host);
- xfree(options->local_forwards[i].connect_host);
+ free(options->local_forwards[i].listen_host);
+ free(options->local_forwards[i].connect_host);
}
if (options->num_local_forwards > 0) {
- xfree(options->local_forwards);
+ free(options->local_forwards);
options->local_forwards = NULL;
}
options->num_local_forwards = 0;
for (i = 0; i < options->num_remote_forwards; i++) {
- if (options->remote_forwards[i].listen_host != NULL)
- xfree(options->remote_forwards[i].listen_host);
- xfree(options->remote_forwards[i].connect_host);
+ free(options->remote_forwards[i].listen_host);
+ free(options->remote_forwards[i].connect_host);
}
if (options->num_remote_forwards > 0) {
- xfree(options->remote_forwards);
+ free(options->remote_forwards);
options->remote_forwards = NULL;
}
options->num_remote_forwards = 0;
@@ -351,14 +353,17 @@ add_identity_file(Options *options, const char *dir, const char *filename,
*/
static OpCodes
-parse_token(const char *cp, const char *filename, int linenum)
+parse_token(const char *cp, const char *filename, int linenum,
+ const char *ignored_unknown)
{
- u_int i;
+ int i;
for (i = 0; keywords[i].name; i++)
- if (strcasecmp(cp, keywords[i].name) == 0)
+ if (strcmp(cp, keywords[i].name) == 0)
return keywords[i].opcode;
-
+ if (ignored_unknown != NULL && match_pattern_list(cp, ignored_unknown,
+ strlen(ignored_unknown), 1) == 1)
+ return oIgnoredUnknownOption;
error("%s: line %d: Bad configuration option: %s",
filename, linenum, cp);
return oBadOption;
@@ -377,10 +382,10 @@ process_config_line(Options *options, const char *host,
{
char *s, **charptr, *endofnumber, *keyword, *arg, *arg2;
char **cpptr, fwdarg[256];
- u_int *uintptr, max_entries = 0;
- int negated, opcode, *intptr, value, value2, scale;
+ u_int i, *uintptr, max_entries = 0;
+ int negated, opcode, *intptr, value, value2;
LogLevel *log_level_ptr;
- long long orig, val64;
+ long long val64;
size_t len;
Forward fwd;
@@ -400,14 +405,22 @@ process_config_line(Options *options, const char *host,
keyword = strdelim(&s);
if (keyword == NULL || !*keyword || *keyword == '\n' || *keyword == '#')
return 0;
+ /* Match lowercase keyword */
+ for (i = 0; i < strlen(keyword); i++)
+ keyword[i] = tolower(keyword[i]);
- opcode = parse_token(keyword, filename, linenum);
+ opcode = parse_token(keyword, filename, linenum,
+ options->ignored_unknown);
switch (opcode) {
case oBadOption:
/* don't panic, but count bad options */
return -1;
/* NOTREACHED */
+ case oIgnoredUnknownOption:
+ debug("%s line %d: Ignored unknown option \"%s\"",
+ filename, linenum, keyword);
+ return 0;
case oConnectTimeout:
intptr = &options->connection_timeout;
parse_time:
@@ -562,39 +575,32 @@ parse_yesnoask:
case oRekeyLimit:
arg = strdelim(&s);
if (!arg || *arg == '\0')
- fatal("%.200s line %d: Missing argument.", filename, linenum);
- if (arg[0] < '0' || arg[0] > '9')
- fatal("%.200s line %d: Bad number.", filename, linenum);
- orig = val64 = strtoll(arg, &endofnumber, 10);
- if (arg == endofnumber)
- fatal("%.200s line %d: Bad number.", filename, linenum);
- switch (toupper(*endofnumber)) {
- case '\0':
- scale = 1;
- break;
- case 'K':
- scale = 1<<10;
- break;
- case 'M':
- scale = 1<<20;
- break;
- case 'G':
- scale = 1<<30;
- break;
- default:
- fatal("%.200s line %d: Invalid RekeyLimit suffix",
- filename, linenum);
+ fatal("%.200s line %d: Missing argument.", filename,
+ linenum);
+ if (strcmp(arg, "default") == 0) {
+ val64 = 0;
+ } else {
+ if (scan_scaled(arg, &val64) == -1)
+ fatal("%.200s line %d: Bad number '%s': %s",
+ filename, linenum, arg, strerror(errno));
+ /* check for too-large or too-small limits */
+ if (val64 > UINT_MAX)
+ fatal("%.200s line %d: RekeyLimit too large",
+ filename, linenum);
+ if (val64 != 0 && val64 < 16)
+ fatal("%.200s line %d: RekeyLimit too small",
+ filename, linenum);
}
- val64 *= scale;
- /* detect integer wrap and too-large limits */
- if ((val64 / scale) != orig || val64 > UINT_MAX)
- fatal("%.200s line %d: RekeyLimit too large",
- filename, linenum);
- if (val64 < 16)
- fatal("%.200s line %d: RekeyLimit too small",
- filename, linenum);
if (*activep && options->rekey_limit == -1)
options->rekey_limit = (u_int32_t)val64;
+ if (s != NULL) { /* optional rekey interval present */
+ if (strcmp(s, "none") == 0) {
+ (void)strdelim(&s); /* discard */
+ break;
+ }
+ intptr = &options->rekey_interval;
+ goto parse_time;
+ }
break;
case oIdentityFile:
@@ -1062,6 +1068,10 @@ parse_int:
*intptr = value;
break;
+ case oIgnoreUnknown:
+ charptr = &options->ignored_unknown;
+ goto parse_string;
+
case oDeprecated:
debug("%s line %d: Deprecated option \"%s\"",
filename, linenum, keyword);
@@ -1202,6 +1212,7 @@ initialize_options(Options * options)
options->no_host_authentication_for_localhost = - 1;
options->identities_only = - 1;
options->rekey_limit = - 1;
+ options->rekey_interval = -1;
options->verify_host_key_dns = -1;
options->server_alive_interval = -1;
options->server_alive_count_max = -1;
@@ -1222,6 +1233,7 @@ initialize_options(Options * options)
options->ip_qos_interactive = -1;
options->ip_qos_bulk = -1;
options->request_tty = -1;
+ options->ignored_unknown = NULL;
}
/*
@@ -1232,8 +1244,6 @@ initialize_options(Options * options)
void
fill_default_options(Options * options)
{
- int len;
-
if (options->forward_agent == -1)
options->forward_agent = 0;
if (options->forward_x11 == -1)
@@ -1339,6 +1349,8 @@ fill_default_options(Options * options)
options->enable_ssh_keysign = 0;
if (options->rekey_limit == -1)
options->rekey_limit = 0;
+ if (options->rekey_interval == -1)
+ options->rekey_interval = 0;
if (options->verify_host_key_dns == -1)
options->verify_host_key_dns = 0;
if (options->server_alive_interval == -1)
@@ -1442,7 +1454,7 @@ parse_forward(Forward *fwd, const char *fwdspec, int dynamicfwd, int remotefwd)
i = 0; /* failure */
}
- xfree(p);
+ free(p);
if (dynamicfwd) {
if (!(i == 1 || i == 2))
@@ -1468,13 +1480,9 @@ parse_forward(Forward *fwd, const char *fwdspec, int dynamicfwd, int remotefwd)
return (i);
fail_free:
- if (fwd->connect_host != NULL) {
- xfree(fwd->connect_host);
- fwd->connect_host = NULL;
- }
- if (fwd->listen_host != NULL) {
- xfree(fwd->listen_host);
- fwd->listen_host = NULL;
- }
+ free(fwd->connect_host);
+ fwd->connect_host = NULL;
+ free(fwd->listen_host);
+ fwd->listen_host = NULL;
return (0);
}
OpenPOWER on IntegriCloud