source: trunk/third/ssh/readconf.c @ 12646

Revision 12646, 23.2 KB checked in by danw, 26 years ago (diff)
This commit was generated by cvs2svn to compensate for changes in r12645, which included commits to RCS files with non-trunk default branches.
Line 
1/*
2
3readconf.c
4
5Author: Tatu Ylonen <ylo@cs.hut.fi>
6
7Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8                   All rights reserved
9
10Created: Sat Apr 22 00:03:10 1995 ylo
11
12Functions for reading the configuration files.
13
14*/
15
16/*
17 * $Id: readconf.c,v 1.1.1.4 1999-03-08 17:43:25 danw Exp $
18 * $Log: not supported by cvs2svn $
19 * Revision 1.15  1998/07/08 00:46:30  kivinen
20 *      Fixed typo (privileged).
21 *
22 * Revision 1.14  1998/05/23  20:23:39  kivinen
23 *      Removed extra comma at the end of OpCodes enum.
24 *
25 * Revision 1.13  1998/04/30  01:55:12  kivinen
26 *      Added PasswordPromptLogin and PasswordPromptHost options, so
27 *      now the password prompt is configurable.
28 *
29 * Revision 1.12  1998/03/27 16:59:33  kivinen
30 *      Added GatewayPorts option.
31 *
32 * Revision 1.11  1998/01/02 06:19:58  kivinen
33 *      Added xauthlocation option.
34 *
35 * Revision 1.10  1997/08/21 22:16:45  ylo
36 *      Fixed security bug with port number > 65535 in local forwarding.
37 *
38 * Revision 1.9  1997/08/09 20:22:44  ylo
39 *      Removed extra newline from fatal message.
40 *
41 * Revision 1.8  1997/08/07 16:23:55  kivinen
42 *      Moved privileged port check to add_local_forward function.
43 *
44 * Revision 1.7  1997/04/23 00:01:18  kivinen
45 *      Added ClearAllForwardins and NumberOfPasswordPrompts options.
46 *
47 * Revision 1.6  1997/04/17 04:21:08  kivinen
48 *      Changed StrictHostKeyChecking to have three possible values,
49 *      yes, no, and ask.
50 *
51 * Revision 1.5  1997/03/27 03:10:16  kivinen
52 *      Added kerberos patches from Glenn Machin.
53 *
54 * Revision 1.4  1997/03/26 05:34:37  kivinen
55 *      Added UsePriviledgedPort option.
56 *
57 * Revision 1.3  1997/03/25 05:40:58  kivinen
58 *      Changed keywords to be case insensitive.
59 *      Added = to WHITESPACE so now it allows options in format
60 *      Foo=bar.
61 *
62 * Revision 1.2  1997/03/19 17:54:37  kivinen
63 *      Added TIS authentication code from Andre April
64 *      <Andre.April@cediti.be>.
65 *
66 * Revision 1.1.1.1  1996/02/18 21:38:12  ylo
67 *      Imported ssh-1.2.13.
68 *
69 * Revision 1.7  1995/09/24  23:59:44  ylo
70 *      Added ConnectionAttempts.
71 *
72 * Revision 1.6  1995/09/09  21:26:44  ylo
73 * /m/shadows/u2/users/ylo/ssh/README
74 *
75 * Revision 1.5  1995/09/06  19:52:36  ylo
76 *      Fixed spelling of fascist.
77 *
78 * Revision 1.4  1995/08/21  23:25:55  ylo
79 *      Minor cleanup.
80 *
81 * Revision 1.3  1995/07/27  00:39:00  ylo
82 *      Added GlobalKnownHostsFile and UserKnownHostsFile.
83 *
84 * Revision 1.2  1995/07/13  01:30:39  ylo
85 *      Removed "Last modified" header.
86 *      Added cvs log.
87 *
88 * $Endlog$
89 */
90
91/* Format of the configuration file:
92
93   # Configuration data is parsed as follows:
94   #  1. command line options
95   #  2. user-specific file
96   #  3. system-wide file
97   # Any configuration value is only changed the first time it is set.
98   # Thus, host-specific definitions should be at the beginning of the
99   # configuration file, and defaults at the end.
100
101   # Host-specific declarations.  These may override anything above.  A single
102   # host may match multiple declarations; these are processed in the order
103   # that they are given in.
104
105   Host *.ngs.fi ngs.fi
106     FallBackToRsh no
107
108   Host fake.com
109     HostName another.host.name.real.org
110     User blaah
111     Port 34289
112     ForwardX11 no
113     ForwardAgent no
114
115   Host books.com
116     RemoteForward 9999 shadows.cs.hut.fi:9999
117     Cipher 3des
118
119   Host fascist.blob.com
120     Port 23123
121     User tylonen
122     RhostsAuthentication no
123     PasswordAuthentication no
124
125   Host puukko.hut.fi
126     User t35124p
127     ProxyCommand ssh-proxy %h %p
128
129   Host *.fr
130     UseRsh yes
131
132   Host *.su
133     Cipher none
134     PasswordAuthentication no
135
136   # Defaults for various options
137   Host *
138     ForwardAgent no
139     ForwardX11 yes
140     RhostsAuthentication yes
141     PasswordAuthentication yes
142     RSAAuthentication yes
143     RhostsRSAAuthentication yes
144     FallBackToRsh no
145     UseRsh no
146     StrictHostKeyChecking yes
147     KeepAlives no
148     IdentityFile ~/.ssh/identity
149     Port 22
150     Cipher idea
151     EscapeChar ~
152
153*/
154
155#include "includes.h"
156#include "ssh.h"
157#include "cipher.h"
158#include "readconf.h"
159#include "xmalloc.h"
160#include "userfile.h"
161
162/* Keyword tokens. */
163
164typedef enum
165{
166  oForwardAgent, oForwardX11, oRhostsAuthentication, oTISAuthentication,
167  oPasswordAuthentication, oRSAAuthentication, oFallBackToRsh, oUseRsh,
168  oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
169  oUser, oHost, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand,
170  oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts,
171  oBatchMode, oStrictHostKeyChecking, oCompression, oCompressionLevel,
172  oKeepAlives, oUsePrivilegedPort, oKerberosAuthentication,
173  oKerberosTgtPassing, oClearAllForwardings, oNumberOfPasswordPrompts,
174  oXauthPath, oGatewayPorts, oPasswordPromptLogin, oPasswordPromptHost
175} OpCodes;
176
177/* Textual representations of the tokens. */
178
179static struct
180{
181  const char *name;
182  OpCodes opcode;
183} keywords[] =
184{
185  { "forwardagent", oForwardAgent },
186  { "forwardx11", oForwardX11 },
187  { "rhostsauthentication", oRhostsAuthentication },
188  { "passwordauthentication", oPasswordAuthentication },
189  { "rsaauthentication", oRSAAuthentication },
190  { "tisauthentication", oTISAuthentication },
191  { "fallbacktorsh", oFallBackToRsh },
192  { "usersh", oUseRsh },
193  { "identityfile", oIdentityFile },
194  { "hostname", oHostName },
195  { "proxycommand", oProxyCommand },
196  { "port", oPort },
197  { "cipher", oCipher },
198  { "remoteforward", oRemoteForward },
199  { "localforward", oLocalForward },
200  { "user", oUser },
201  { "host", oHost },
202  { "escapechar", oEscapeChar },
203  { "rhostsrsaauthentication", oRhostsRSAAuthentication },
204  { "globalknownhostsfile", oGlobalKnownHostsFile },
205  { "userknownhostsfile", oUserKnownHostsFile },
206  { "connectionattempts", oConnectionAttempts },
207  { "batchmode", oBatchMode },
208  { "stricthostkeychecking", oStrictHostKeyChecking },
209  { "compression", oCompression },
210  { "compressionlevel", oCompressionLevel },
211  { "keepalive", oKeepAlives },
212  { "usepriviledgedport", oUsePrivilegedPort },
213  { "useprivilegedport", oUsePrivilegedPort },
214  { "kerberosauthentication", oKerberosAuthentication },
215  { "kerberostgtpassing", oKerberosTgtPassing },
216  { "clearallforwardings", oClearAllForwardings },
217  { "numberofpasswordprompts", oNumberOfPasswordPrompts },
218  { "xauthlocation", oXauthPath },
219  { "gatewayports", oGatewayPorts },
220  { "passwordpromptlogin", oPasswordPromptLogin },
221  { "passwordprompthost", oPasswordPromptHost },
222  { NULL, 0 }
223};
224
225/* Characters considered whitespace in strtok calls. */
226#define WHITESPACE " \t\r\n="
227
228
229/* Adds a local TCP/IP port forward to options.  Never returns if there
230   is an error. */
231
232void add_local_forward(Options *options, int port, const char *host,
233                       int host_port)
234{
235  Forward *fwd;
236  if ((port < 1024 || port > 65535) && original_real_uid != UID_ROOT)
237    fatal("Privileged ports can only be forwarded by root.");
238  if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
239    fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION);
240  fwd = &options->local_forwards[options->num_local_forwards++];
241  fwd->port = port;
242  fwd->host = xstrdup(host);
243  fwd->host_port = host_port;
244}
245
246/* Adds a remote TCP/IP port forward to options.  Never returns if there
247   is an error. */
248
249void add_remote_forward(Options *options, int port, const char *host,
250                       int host_port)
251{
252  Forward *fwd;
253  if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION)
254    fatal("Too many remote forwards (max %d).",
255          SSH_MAX_FORWARDS_PER_DIRECTION);
256  fwd = &options->remote_forwards[options->num_remote_forwards++];
257  fwd->port = port;
258  fwd->host = xstrdup(host);
259  fwd->host_port = host_port;
260}
261
262/* Returns the number of the token pointed to by cp of length len.
263   Never returns if the token is not known. */
264
265static OpCodes parse_token(const char *cp, const char *filename, int linenum)
266{
267  unsigned int i;
268
269  for (i = 0; keywords[i].name; i++)
270    if (strcmp(cp, keywords[i].name) == 0)
271      return keywords[i].opcode;
272
273  fatal("%.200s line %d: Bad configuration option.",
274        filename, linenum);
275  /*NOTREACHED*/
276  return 0;
277}
278
279/* Processes a single option line as used in the configuration files.
280   This only sets those values that have not already been set. */
281
282void process_config_line(Options *options, const char *host,
283                         char *line, const char *filename, int linenum,
284                         int *activep)
285{
286  char buf[256], *cp, *string, **charptr;
287  int opcode, *intptr, value, fwd_port, fwd_host_port, i;
288
289  /* Skip leading whitespace. */
290  cp = line + strspn(line, WHITESPACE);
291  if (!*cp || *cp == '\n' || *cp == '#')
292    return;
293
294  /* Get the keyword. (Each line is supposed to begin with a keyword). */
295  cp = strtok(cp, WHITESPACE);
296  for(i = 0; cp[i]; i++)
297    cp[i] = tolower(cp[i]);
298  opcode = parse_token(cp, filename, linenum);
299
300  switch (opcode)
301    {
302
303    case oForwardAgent:
304      intptr = &options->forward_agent;
305    parse_flag:
306      cp = strtok(NULL, WHITESPACE);
307      if (!cp)
308        fatal("%.200s line %d: Missing yes/no argument.",
309              filename, linenum);
310      value = 0; /* To avoid compiler warning... */
311      for(i = 0; cp[i]; i++)
312        cp[i] = tolower(cp[i]);
313      if (strcmp(cp, "yes") == 0 || strcmp(cp, "true") == 0)
314        value = 1;
315      else
316        if (strcmp(cp, "no") == 0 || strcmp(cp, "false") == 0)
317          value = 0;
318        else
319          fatal("%.200s line %d: Bad yes/no argument.",
320                filename, linenum);
321      if (*activep && *intptr == -1)
322        *intptr = value;
323      break;
324     
325    case oForwardX11:
326      intptr = &options->forward_x11;
327      goto parse_flag;
328     
329    case oRhostsAuthentication:
330      intptr = &options->rhosts_authentication;
331      goto parse_flag;
332     
333    case oPasswordAuthentication:
334      intptr = &options->password_authentication;
335      goto parse_flag;
336     
337    case oRSAAuthentication:
338      intptr = &options->rsa_authentication;
339      goto parse_flag;
340     
341    case oTISAuthentication:
342      intptr = &options->tis_authentication;
343      goto parse_flag;
344     
345    case oRhostsRSAAuthentication:
346      intptr = &options->rhosts_rsa_authentication;
347      goto parse_flag;
348     
349    case oKerberosAuthentication:
350      intptr = &options->kerberos_authentication;
351      goto parse_flag;
352     
353    case oKerberosTgtPassing:
354      intptr = &options->kerberos_tgt_passing;
355      goto parse_flag;
356     
357    case oFallBackToRsh:
358      intptr = &options->fallback_to_rsh;
359      goto parse_flag;
360     
361    case oUseRsh:
362      intptr = &options->use_rsh;
363      goto parse_flag;
364
365    case oBatchMode:
366      intptr = &options->batch_mode;
367      goto parse_flag;
368
369    case oStrictHostKeyChecking:
370      cp = strtok(NULL, WHITESPACE);
371      if (!cp)
372        fatal("%.200s line %d: Missing yes/no/ask argument.",
373              filename, linenum);
374      value = 0; /* To avoid compiler warning... */
375      for(i = 0; cp[i]; i++)
376        cp[i] = tolower(cp[i]);
377      if (strcmp(cp, "yes") == 0 || strcmp(cp, "true") == 0)
378        value = 1;
379      else
380        if (strcmp(cp, "no") == 0 || strcmp(cp, "false") == 0)
381          value = 0;
382        else
383          if (strcmp(cp, "ask") == 0)
384            value = 2;
385          else
386            fatal("%.200s line %d: Bad yes/no/ask argument.",
387                  filename, linenum);
388      if (*activep && options->strict_host_key_checking == -1)
389        options->strict_host_key_checking = value;
390      break;
391     
392    case oCompression:
393      intptr = &options->compression;
394      goto parse_flag;
395
396    case oKeepAlives:
397      intptr = &options->keepalives;
398      goto parse_flag;
399
400    case oUsePrivilegedPort:
401      intptr = &options->use_privileged_port;
402      goto parse_flag;
403     
404    case oCompressionLevel:
405      intptr = &options->compression_level;
406      goto parse_int;
407
408    case oIdentityFile:
409      cp = strtok(NULL, WHITESPACE);
410      if (!cp)
411        fatal("%.200s line %d: Missing argument.", filename, linenum);
412      if (*activep)
413        {
414          if (options->num_identity_files >= SSH_MAX_IDENTITY_FILES)
415            fatal("%.200s line %d: Too many identity files specified (max %d).",
416                  filename, linenum, SSH_MAX_IDENTITY_FILES);
417          options->identity_files[options->num_identity_files++] = xstrdup(cp);
418        }
419      break;
420     
421    case oUser:
422      charptr = &options->user;
423    parse_string:
424      cp = strtok(NULL, WHITESPACE);
425      if (!cp)
426        fatal("%.200s line %d: Missing argument.", filename, linenum);
427      if (*activep && *charptr == NULL)
428        *charptr = xstrdup(cp);
429      break;
430     
431    case oGlobalKnownHostsFile:
432      charptr = &options->system_hostfile;
433      goto parse_string;
434     
435    case oUserKnownHostsFile:
436      charptr = &options->user_hostfile;
437      goto parse_string;
438
439    case oHostName:
440      charptr = &options->hostname;
441      goto parse_string;
442     
443    case oProxyCommand:
444      charptr = &options->proxy_command;
445      string = xstrdup("");
446      while ((cp = strtok(NULL, WHITESPACE)) != NULL)
447        {
448          string = xrealloc(string, strlen(string) + strlen(cp) + 2);
449          strcat(string, " ");
450          strcat(string, cp);
451        }
452      if (*activep && *charptr == NULL)
453        *charptr = string;
454      else
455        xfree(string);
456      return;
457
458    case oPort:
459      intptr = &options->port;
460    parse_int:
461      cp = strtok(NULL, WHITESPACE);
462      if (!cp)
463        fatal("%.200s line %d: Missing argument.", filename, linenum);
464      if (cp[0] < '0' || cp[0] > '9')
465        fatal("%.200s line %d: Bad number.", filename, linenum);
466      if (*cp == '0')   /* Octal or hex */
467        {
468          int base;
469         
470          cp++;
471          if (*cp == 'x')       /* Hex */
472            {
473              cp++;
474              base = 16;
475            }
476          else
477            base = 8;
478          value = 0;
479          while ((base == 16 && isxdigit(*cp)) ||
480                 (base == 8 && isdigit(*cp) && *cp < '8'))
481            {
482              value *= base;
483              if (*cp >= 'a' && *cp <= 'f')
484                value += *cp - 'a' + 10;
485              else if (*cp >= 'A' && *cp <= 'F')
486                value += *cp - 'A' + 10;
487              else
488                value += *cp - '0';
489              cp++;
490            }
491        }
492      else
493        {
494          value = atoi(cp);
495        }
496      if (*activep && *intptr == -1)
497        *intptr = value;
498      break;
499     
500    case oConnectionAttempts:
501      intptr = &options->connection_attempts;
502      goto parse_int;
503
504    case oNumberOfPasswordPrompts:
505      intptr = &options->number_of_password_prompts;
506      goto parse_int;
507
508    case oPasswordPromptLogin:
509      intptr = &options->password_prompt_login;
510      goto parse_flag;
511     
512    case oPasswordPromptHost:
513      intptr = &options->password_prompt_host;
514      goto parse_flag;
515
516    case oCipher:
517      intptr = &options->cipher;
518      cp = strtok(NULL, WHITESPACE);
519      value = cipher_number(cp);
520      if (value == -1)
521        fatal("%.200s line %d: Bad cipher.", filename, linenum);
522      if (*activep && *intptr == -1)
523        *intptr = value;
524      break;
525     
526    case oClearAllForwardings:
527      intptr = &options->clear_all_forwardings;
528      goto parse_flag;
529     
530    case oRemoteForward:
531      cp = strtok(NULL, WHITESPACE);
532      if (!cp)
533        fatal("%.200s line %d: Missing argument.", filename, linenum);
534      if (cp[0] < '0' || cp[0] > '9')
535        fatal("%.200s line %d: Badly formatted port number.",
536              filename, linenum);
537      fwd_port = atoi(cp);
538      cp = strtok(NULL, WHITESPACE);
539      if (!cp)
540        fatal("%.200s line %d: Missing second argument.",
541              filename, linenum);
542      if (sscanf(cp, "%255[^:]:%d", buf, &fwd_host_port) != 2)
543        fatal("%.200s line %d: Badly formatted host:port.",
544              filename, linenum);
545      if (*activep)
546        add_remote_forward(options, fwd_port, buf, fwd_host_port);
547      break;
548     
549    case oLocalForward:
550      cp = strtok(NULL, WHITESPACE);
551      if (!cp)
552        fatal("%.200s line %d: Missing argument.", filename, linenum);
553      if (cp[0] < '0' || cp[0] > '9')
554        fatal("%.200s line %d: Badly formatted port number.",
555              filename, linenum);
556      fwd_port = atoi(cp);
557      cp = strtok(NULL, WHITESPACE);
558      if (!cp)
559        fatal("%.200s line %d: Missing second argument.",
560              filename, linenum);
561      if (sscanf(cp, "%255[^:]:%d", buf, &fwd_host_port) != 2)
562        fatal("%.200s line %d: Badly formatted host:port.",
563              filename, linenum);
564      if (*activep)
565        add_local_forward(options, fwd_port, buf, fwd_host_port);
566      break;
567     
568    case oHost:
569      *activep = 0;
570      while ((cp = strtok(NULL, WHITESPACE)) != NULL)
571        if (match_pattern(host, cp))
572          {
573            debug("Applying options for %.100s", cp);
574            *activep = 1;
575            break;
576          }
577      /* Avoid garbage check below, as strtok already returned NULL. */
578      return;
579
580    case oEscapeChar:
581      intptr = &options->escape_char;
582      cp = strtok(NULL, WHITESPACE);
583      if (!cp)
584        fatal("%.200s line %d: Missing argument.", filename, linenum);
585      if (cp[0] == '^' && cp[2] == 0 &&
586          (unsigned char)cp[1] >= 64 && (unsigned char)cp[1] < 128)
587        value = (unsigned char)cp[1] & 31;
588      else
589        if (strlen(cp) == 1)
590          value = (unsigned char)cp[0];
591        else
592          if (strcmp(cp, "none") == 0)
593            value = -2;
594          else
595            {
596              fatal("%.200s line %d: Bad escape character.",
597                    filename, linenum);
598              /*NOTREACHED*/
599              value = 0; /* Avoid compiler warning. */
600            }
601      if (*activep && *intptr == -1)
602        *intptr = value;
603      break;
604     
605    case oXauthPath:
606      charptr = &options->xauth_path;
607    parse_pathname:
608      cp = strtok(NULL, WHITESPACE);
609      if (!cp)
610        {
611          fprintf(stderr, "%s line %d: missing file name.\n",
612                  filename, linenum);
613          exit(1);
614        }
615      if (*charptr == NULL)
616        *charptr = tilde_expand_filename(cp, getuid());
617      break;
618     
619    case oGatewayPorts:
620      intptr = &options->gateway_ports;
621      goto parse_flag;
622     
623    default:
624      fatal("parse_config_file: Unimplemented opcode %d", opcode);
625    }
626 
627  /* Check that there is no garbage at end of line. */
628  if (strtok(NULL, WHITESPACE) != NULL)
629    fatal("%.200s line %d: garbage at end of line.",
630          filename, linenum);
631}
632
633
634/* Reads the config file and modifies the options accordingly.  Options should
635   already be initialized before this call.  This never returns if there
636   is an error.  If the file does not exist, this returns immediately.
637   All I/O will be done with the given uid using userfile. */
638
639void read_config_file(uid_t uid, const char *filename, const char *host,
640                      Options *options)
641{
642  UserFile uf;
643  char line[1024];
644  int active, linenum;
645
646  /* Open the file. */
647  uf = userfile_open(uid, filename, O_RDONLY, 0);
648  if (uf == NULL)
649    return;
650
651  debug("Reading configuration data %.200s", filename);
652
653  /* Mark that we are now processing the options.  This flag is turned on/off
654     by Host specifications. */
655  active = 1;
656  linenum = 0;
657  while (userfile_gets(line, sizeof(line), uf))
658    {
659      /* Update line number counter. */
660      linenum++;
661
662      process_config_line(options, host, line, filename, linenum, &active);
663    }
664  userfile_close(uf);
665}
666
667/* Initializes options to special values that indicate that they have not
668   yet been set.  Read_config_file will only set options with this value.
669   Options are processed in the following order: command line, user config
670   file, system config file.  Last, fill_default_options is called. */
671
672void initialize_options(Options *options)
673{
674  memset(options, 'X', sizeof(*options));
675  options->forward_agent = -1;
676  options->forward_x11 = -1;
677  options->rhosts_authentication = -1;
678  options->rsa_authentication = -1;
679  options->kerberos_authentication = -1;
680  options->kerberos_tgt_passing = -1;
681  options->tis_authentication = -1;
682  options->password_authentication = -1;
683  options->rhosts_rsa_authentication = -1;
684  options->fallback_to_rsh = -1;
685  options->use_rsh = -1;
686  options->batch_mode = -1;
687  options->strict_host_key_checking = -1;
688  options->compression = -1;
689  options->keepalives = -1;
690  options->compression_level = -1;
691  options->port = -1;
692  options->connection_attempts = -1;
693  options->number_of_password_prompts = -1;
694  options->password_prompt_login = -1;
695  options->password_prompt_host = -1;
696  options->cipher = -1;
697  options->num_identity_files = 0;
698  options->hostname = NULL;
699  options->proxy_command = NULL;
700  options->user = NULL;
701  options->escape_char = -1;
702  options->system_hostfile = NULL;
703  options->user_hostfile = NULL;
704  options->clear_all_forwardings = -1;
705  options->num_local_forwards = 0;
706  options->num_remote_forwards = 0;
707  options->use_privileged_port = -1;
708  options->no_user_given = 0;
709  options->xauth_path = NULL;
710  options->gateway_ports = -1;
711}
712
713/* Called after processing other sources of option data, this fills those
714   options for which no value has been specified with their default values. */
715
716void fill_default_options(Options *options)
717{
718  if (options->forward_agent == -1)
719    options->forward_agent = 1;
720  if (options->forward_x11 == -1)
721    options->forward_x11 = 1;
722  if (options->rhosts_authentication == -1)
723    options->rhosts_authentication = 1;
724  if (options->rsa_authentication == -1)
725    options->rsa_authentication = 1;
726  if (options->kerberos_authentication == -1)
727#if defined(KERBEROS) && defined(KRB5)
728    options->kerberos_authentication = 1;
729#else  /* defined(KERBEROS) && defined(KRB5) */
730    options->kerberos_authentication = 0;
731#endif /* defined(KERBEROS) && defined(KRB5) */
732  if (options->kerberos_tgt_passing == -1)
733#if defined(KERBEROS_TGT_PASSING) && defined(KRB5)
734    options->kerberos_tgt_passing = 1;
735#else  /* defined(KERBEROS_TGT_PASSING) && defined(KRB5) */
736    options->kerberos_tgt_passing = 0;
737#endif /* defined(KERBEROS_TGT_PASSING) && defined(KRB5) */
738  if (options->tis_authentication == -1)
739    options->tis_authentication = 0;
740  if (options->password_authentication == -1)
741    options->password_authentication = 1;
742  if (options->rhosts_rsa_authentication == -1)
743    options->rhosts_rsa_authentication = 1;
744  if (options->fallback_to_rsh == -1)
745    options->fallback_to_rsh = 1;
746  if (options->use_rsh == -1)
747    options->use_rsh = 0;
748  if (options->batch_mode == -1)
749    options->batch_mode = 0;
750  if (options->strict_host_key_checking == -1)
751    options->strict_host_key_checking = 2;
752  if (options->use_privileged_port == -1)
753    options->use_privileged_port = 1;
754  if (options->compression == -1)
755    options->compression = 0;
756  if (options->keepalives == -1)
757    options->keepalives = 1;
758  if (options->compression_level == -1)
759    options->compression_level = 6;
760  if (options->port == -1)
761    options->port = 0; /* Filled in ssh_connect. */
762  if (options->connection_attempts == -1)
763    options->connection_attempts = 4;
764  if (options->number_of_password_prompts == -1)
765    options->number_of_password_prompts = 1;
766  if (options->password_prompt_login == -1)
767    options->password_prompt_login = 1;
768  if (options->password_prompt_host == -1)
769    options->password_prompt_host = 1;
770  if (options->cipher == -1)
771    options->cipher = SSH_CIPHER_NOT_SET; /* Selected in ssh_login(). */
772  if (options->clear_all_forwardings == 1)
773    {
774      options->num_local_forwards = 0;
775      options->num_remote_forwards = 0;
776    }
777
778  if (options->num_identity_files == 0)
779    {
780      options->identity_files[0] =
781        xmalloc(2 + strlen(SSH_CLIENT_IDENTITY) + 1);
782      sprintf(options->identity_files[0], "~/%.100s", SSH_CLIENT_IDENTITY);
783      options->num_identity_files = 1;
784    }
785  if (options->escape_char == -1)
786    options->escape_char = '~';
787  if (options->system_hostfile == NULL)
788    options->system_hostfile = SSH_SYSTEM_HOSTFILE;
789  if (options->user_hostfile == NULL)
790    options->user_hostfile = SSH_USER_HOSTFILE;
791  /* options->proxy_command should not be set by default */
792  /* options->user will be set in the main program if appropriate */
793  /* options->hostname will be set in the main program if appropriate */
794#ifdef XAUTH_PATH
795  if (options->xauth_path == NULL)
796    options->xauth_path = XAUTH_PATH;
797#else   /* !XAUTH_PATH */
798  if (options->xauth_path == NULL)
799    options->xauth_path = "xauth";
800#endif  /* !XAUTH_PATH */
801  if (options->gateway_ports == -1)
802    options->gateway_ports = 0;
803}
804
Note: See TracBrowser for help on using the repository browser.