OpenCoverage

servconf.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/openssh/src/servconf.c
Source codeSwitch to Preprocessed file
LineSourceCount
1-
2/* $OpenBSD: servconf.c,v 1.342 2018/09/20 23:40:16 djm Exp $ */-
3/*-
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland-
5 * All rights reserved-
6 *-
7 * As far as I am concerned, the code I have written for this software-
8 * can be used freely for any purpose. Any derived versions of this-
9 * software must be clearly marked as such, and if the derived work is-
10 * incompatible with the protocol description in the RFC file, it must be-
11 * called by a name other than "ssh" or "Secure Shell".-
12 */-
13-
14#include "includes.h"-
15-
16#include <sys/types.h>-
17#include <sys/socket.h>-
18#ifdef HAVE_SYS_SYSCTL_H-
19#include <sys/sysctl.h>-
20#endif-
21-
22#include <netinet/in.h>-
23#include <netinet/in_systm.h>-
24#include <netinet/ip.h>-
25#ifdef HAVE_NET_ROUTE_H-
26#include <net/route.h>-
27#endif-
28-
29#include <ctype.h>-
30#include <netdb.h>-
31#include <pwd.h>-
32#include <stdio.h>-
33#include <stdlib.h>-
34#include <string.h>-
35#include <signal.h>-
36#include <unistd.h>-
37#include <limits.h>-
38#include <stdarg.h>-
39#include <errno.h>-
40#ifdef HAVE_UTIL_H-
41#include <util.h>-
42#endif-
43-
44#include "openbsd-compat/sys-queue.h"-
45#include "xmalloc.h"-
46#include "ssh.h"-
47#include "log.h"-
48#include "sshbuf.h"-
49#include "misc.h"-
50#include "servconf.h"-
51#include "compat.h"-
52#include "pathnames.h"-
53#include "cipher.h"-
54#include "sshkey.h"-
55#include "kex.h"-
56#include "mac.h"-
57#include "match.h"-
58#include "channels.h"-
59#include "groupaccess.h"-
60#include "canohost.h"-
61#include "packet.h"-
62#include "ssherr.h"-
63#include "hostfile.h"-
64#include "auth.h"-
65#include "myproposal.h"-
66#include "digest.h"-
67-
68static void add_listen_addr(ServerOptions *, const char *,-
69 const char *, int);-
70static void add_one_listen_addr(ServerOptions *, const char *,-
71 const char *, int);-
72-
73/* Use of privilege separation or not */-
74extern int use_privsep;-
75extern struct sshbuf *cfg;-
76-
77/* Initializes the server options to their default values. */-
78-
79void-
80initialize_server_options(ServerOptions *options)-
81{-
82 memset(options, 0, sizeof(*options));-
83-
84 /* Portable-specific options */-
85 options->use_pam = -1;-
86-
87 /* Standard Options */-
88 options->num_ports = 0;-
89 options->ports_from_cmdline = 0;-
90 options->queued_listen_addrs = NULL;-
91 options->num_queued_listens = 0;-
92 options->listen_addrs = NULL;-
93 options->num_listen_addrs = 0;-
94 options->address_family = -1;-
95 options->routing_domain = NULL;-
96 options->num_host_key_files = 0;-
97 options->num_host_cert_files = 0;-
98 options->host_key_agent = NULL;-
99 options->pid_file = NULL;-
100 options->login_grace_time = -1;-
101 options->permit_root_login = PERMIT_NOT_SET;-
102 options->ignore_rhosts = -1;-
103 options->ignore_user_known_hosts = -1;-
104 options->print_motd = -1;-
105 options->print_lastlog = -1;-
106 options->x11_forwarding = -1;-
107 options->x11_display_offset = -1;-
108 options->x11_use_localhost = -1;-
109 options->permit_tty = -1;-
110 options->permit_user_rc = -1;-
111 options->xauth_location = NULL;-
112 options->strict_modes = -1;-
113 options->tcp_keep_alive = -1;-
114 options->log_facility = SYSLOG_FACILITY_NOT_SET;-
115 options->log_level = SYSLOG_LEVEL_NOT_SET;-
116 options->hostbased_authentication = -1;-
117 options->hostbased_uses_name_from_packet_only = -1;-
118 options->hostbased_key_types = NULL;-
119 options->hostkeyalgorithms = NULL;-
120 options->pubkey_authentication = -1;-
121 options->pubkey_key_types = NULL;-
122 options->kerberos_authentication = -1;-
123 options->kerberos_or_local_passwd = -1;-
124 options->kerberos_ticket_cleanup = -1;-
125 options->kerberos_get_afs_token = -1;-
126 options->gss_authentication=-1;-
127 options->gss_cleanup_creds = -1;-
128 options->gss_strict_acceptor = -1;-
129 options->password_authentication = -1;-
130 options->kbd_interactive_authentication = -1;-
131 options->challenge_response_authentication = -1;-
132 options->permit_empty_passwd = -1;-
133 options->permit_user_env = -1;-
134 options->permit_user_env_whitelist = NULL;-
135 options->compression = -1;-
136 options->rekey_limit = -1;-
137 options->rekey_interval = -1;-
138 options->allow_tcp_forwarding = -1;-
139 options->allow_streamlocal_forwarding = -1;-
140 options->allow_agent_forwarding = -1;-
141 options->num_allow_users = 0;-
142 options->num_deny_users = 0;-
143 options->num_allow_groups = 0;-
144 options->num_deny_groups = 0;-
145 options->ciphers = NULL;-
146 options->macs = NULL;-
147 options->kex_algorithms = NULL;-
148 options->ca_sign_algorithms = NULL;-
149 options->fwd_opts.gateway_ports = -1;-
150 options->fwd_opts.streamlocal_bind_mask = (mode_t)-1;-
151 options->fwd_opts.streamlocal_bind_unlink = -1;-
152 options->num_subsystems = 0;-
153 options->max_startups_begin = -1;-
154 options->max_startups_rate = -1;-
155 options->max_startups = -1;-
156 options->max_authtries = -1;-
157 options->max_sessions = -1;-
158 options->banner = NULL;-
159 options->use_dns = -1;-
160 options->client_alive_interval = -1;-
161 options->client_alive_count_max = -1;-
162 options->num_authkeys_files = 0;-
163 options->num_accept_env = 0;-
164 options->num_setenv = 0;-
165 options->permit_tun = -1;-
166 options->permitted_opens = NULL;-
167 options->permitted_listens = NULL;-
168 options->adm_forced_command = NULL;-
169 options->chroot_directory = NULL;-
170 options->authorized_keys_command = NULL;-
171 options->authorized_keys_command_user = NULL;-
172 options->revoked_keys_file = NULL;-
173 options->trusted_user_ca_keys = NULL;-
174 options->authorized_principals_file = NULL;-
175 options->authorized_principals_command = NULL;-
176 options->authorized_principals_command_user = NULL;-
177 options->ip_qos_interactive = -1;-
178 options->ip_qos_bulk = -1;-
179 options->version_addendum = NULL;-
180 options->fingerprint_hash = -1;-
181 options->disable_forwarding = -1;-
182 options->expose_userauth_info = -1;-
183}
executed 2 times by 1 test: end of block
Executed by:
  • sshd
2
184-
185/* Returns 1 if a string option is unset or set to "none" or 0 otherwise. */-
186static int-
187option_clear_or_none(const char *o)-
188{-
189 return o == NULL || strcasecmp(o, "none") == 0;
executed 22 times by 1 test: return o == ((void *)0) || strcasecmp(o, "none") == 0;
Executed by:
  • sshd
o == ((void *)0)Description
TRUEevaluated 14 times by 1 test
Evaluated by:
  • sshd
FALSEevaluated 8 times by 1 test
Evaluated by:
  • sshd
strcasecmp(o, "none") == 0Description
TRUEnever evaluated
FALSEevaluated 8 times by 1 test
Evaluated by:
  • sshd
0-22
190}-
191-
192static void-
193assemble_algorithms(ServerOptions *o)-
194{-
195 char *all_cipher, *all_mac, *all_kex, *all_key, *all_sig;-
196 int r;-
197-
198 all_cipher = cipher_alg_list(',', 0);-
199 all_mac = mac_alg_list(',');-
200 all_kex = kex_alg_list(',');-
201 all_key = sshkey_alg_list(0, 0, 1, ',');-
202 all_sig = sshkey_alg_list(0, 1, 1, ',');-
203#define ASSEMBLE(what, defaults, all) \-
204 do { \-
205 if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \-
206 fatal("%s: %s: %s", __func__, #what, ssh_err(r)); \-
207 } while (0)-
208 ASSEMBLE(ciphers, KEX_SERVER_ENCRYPT, all_cipher);
never executed: fatal("%s: %s: %s", __func__, "ciphers", ssh_err(r));
(r = kex_assem..._cipher)) != 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
209 ASSEMBLE(macs, KEX_SERVER_MAC, all_mac);
never executed: fatal("%s: %s: %s", __func__, "macs", ssh_err(r));
(r = kex_assem...all_mac)) != 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
210 ASSEMBLE(kex_algorithms, KEX_SERVER_KEX, all_kex);
never executed: fatal("%s: %s: %s", __func__, "kex_algorithms", ssh_err(r));
(r = kex_assem...all_kex)) != 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
211 ASSEMBLE(hostkeyalgorithms, KEX_DEFAULT_PK_ALG, all_key);
never executed: fatal("%s: %s: %s", __func__, "hostkeyalgorithms", ssh_err(r));
(r = kex_assem...all_key)) != 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
212 ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key);
never executed: fatal("%s: %s: %s", __func__, "hostbased_key_types", ssh_err(r));
(r = kex_assem...all_key)) != 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
213 ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key);
never executed: fatal("%s: %s: %s", __func__, "pubkey_key_types", ssh_err(r));
(r = kex_assem...all_key)) != 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
214 ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig);
never executed: fatal("%s: %s: %s", __func__, "ca_sign_algorithms", ssh_err(r));
(r = kex_assem...all_sig)) != 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
215#undef ASSEMBLE-
216 free(all_cipher);-
217 free(all_mac);-
218 free(all_kex);-
219 free(all_key);-
220 free(all_sig);-
221}
executed 2 times by 1 test: end of block
Executed by:
  • sshd
2
222-
223static void-
224array_append(const char *file, const int line, const char *directive,-
225 char ***array, u_int *lp, const char *s)-
226{-
227-
228 if (*lp >= INT_MAX)
*lp >= 0x7fffffffDescription
TRUEnever evaluated
FALSEevaluated 10 times by 1 test
Evaluated by:
  • sshd
0-10
229 fatal("%s line %d: Too many %s entries", file, line, directive);
never executed: fatal("%s line %d: Too many %s entries", file, line, directive);
0
230-
231 *array = xrecallocarray(*array, *lp, *lp + 1, sizeof(**array));-
232 (*array)[*lp] = xstrdup(s);-
233 (*lp)++;-
234}
executed 10 times by 1 test: end of block
Executed by:
  • sshd
10
235-
236void-
237servconf_add_hostkey(const char *file, const int line,-
238 ServerOptions *options, const char *path)-
239{-
240 char *apath = derelativise_path(path);-
241-
242 array_append(file, line, "HostKey",-
243 &options->host_key_files, &options->num_host_key_files, apath);-
244 free(apath);-
245}
executed 4 times by 1 test: end of block
Executed by:
  • sshd
4
246-
247void-
248servconf_add_hostcert(const char *file, const int line,-
249 ServerOptions *options, const char *path)-
250{-
251 char *apath = derelativise_path(path);-
252-
253 array_append(file, line, "HostCertificate",-
254 &options->host_cert_files, &options->num_host_cert_files, apath);-
255 free(apath);-
256}
never executed: end of block
0
257-
258void-
259fill_default_server_options(ServerOptions *options)-
260{-
261 u_int i;-
262-
263 /* Portable-specific options */-
264 if (options->use_pam == -1)
options->use_pam == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
265 options->use_pam = 0;
executed 2 times by 1 test: options->use_pam = 0;
Executed by:
  • sshd
2
266-
267 /* Standard Options */-
268 if (options->num_host_key_files == 0) {
options->num_h...key_files == 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
269 /* fill default hostkeys for protocols */-
270 servconf_add_hostkey("[default]", 0, options,-
271 _PATH_HOST_RSA_KEY_FILE);-
272#ifdef OPENSSL_HAS_ECC-
273 servconf_add_hostkey("[default]", 0, options,-
274 _PATH_HOST_ECDSA_KEY_FILE);-
275#endif-
276 servconf_add_hostkey("[default]", 0, options,-
277 _PATH_HOST_ED25519_KEY_FILE);-
278#ifdef WITH_XMSS-
279 servconf_add_hostkey("[default]", 0, options,-
280 _PATH_HOST_XMSS_KEY_FILE);-
281#endif /* WITH_XMSS */-
282 }
never executed: end of block
0
283 /* No certificates by default */-
284 if (options->num_ports == 0)
options->num_ports == 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
285 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
never executed: options->ports[options->num_ports++] = 22;
0
286 if (options->address_family == -1)
options->address_family == -1Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
287 options->address_family = AF_UNSPEC;
never executed: options->address_family = 0 ;
0
288 if (options->listen_addrs == NULL)
options->liste...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
289 add_listen_addr(options, NULL, NULL, 0);
never executed: add_listen_addr(options, ((void *)0) , ((void *)0) , 0);
0
290 if (options->pid_file == NULL)
options->pid_f...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
291 options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE);
never executed: options->pid_file = xstrdup("/var/run" "/sshd.pid");
0
292 if (options->login_grace_time == -1)
options->login...ace_time == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
293 options->login_grace_time = 120;
executed 2 times by 1 test: options->login_grace_time = 120;
Executed by:
  • sshd
2
294 if (options->permit_root_login == PERMIT_NOT_SET)
options->permi...ot_login == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
295 options->permit_root_login = PERMIT_NO_PASSWD;
executed 2 times by 1 test: options->permit_root_login = 2;
Executed by:
  • sshd
2
296 if (options->ignore_rhosts == -1)
options->ignore_rhosts == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
297 options->ignore_rhosts = 1;
executed 2 times by 1 test: options->ignore_rhosts = 1;
Executed by:
  • sshd
2
298 if (options->ignore_user_known_hosts == -1)
options->ignor...wn_hosts == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
299 options->ignore_user_known_hosts = 0;
executed 2 times by 1 test: options->ignore_user_known_hosts = 0;
Executed by:
  • sshd
2
300 if (options->print_motd == -1)
options->print_motd == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
301 options->print_motd = 1;
executed 2 times by 1 test: options->print_motd = 1;
Executed by:
  • sshd
2
302 if (options->print_lastlog == -1)
options->print_lastlog == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
303 options->print_lastlog = 1;
executed 2 times by 1 test: options->print_lastlog = 1;
Executed by:
  • sshd
2
304 if (options->x11_forwarding == -1)
options->x11_forwarding == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
305 options->x11_forwarding = 0;
executed 2 times by 1 test: options->x11_forwarding = 0;
Executed by:
  • sshd
2
306 if (options->x11_display_offset == -1)
options->x11_d...y_offset == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
307 options->x11_display_offset = 10;
executed 2 times by 1 test: options->x11_display_offset = 10;
Executed by:
  • sshd
2
308 if (options->x11_use_localhost == -1)
options->x11_u...ocalhost == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
309 options->x11_use_localhost = 1;
executed 2 times by 1 test: options->x11_use_localhost = 1;
Executed by:
  • sshd
2
310 if (options->xauth_location == NULL)
options->xauth...== ((void *)0)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
311 options->xauth_location = xstrdup(_PATH_XAUTH);
executed 2 times by 1 test: options->xauth_location = xstrdup("/usr/bin/xauth");
Executed by:
  • sshd
2
312 if (options->permit_tty == -1)
options->permit_tty == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
313 options->permit_tty = 1;
executed 2 times by 1 test: options->permit_tty = 1;
Executed by:
  • sshd
2
314 if (options->permit_user_rc == -1)
options->permit_user_rc == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
315 options->permit_user_rc = 1;
executed 2 times by 1 test: options->permit_user_rc = 1;
Executed by:
  • sshd
2
316 if (options->strict_modes == -1)
options->strict_modes == -1Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
317 options->strict_modes = 1;
never executed: options->strict_modes = 1;
0
318 if (options->tcp_keep_alive == -1)
options->tcp_keep_alive == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
319 options->tcp_keep_alive = 1;
executed 2 times by 1 test: options->tcp_keep_alive = 1;
Executed by:
  • sshd
2
320 if (options->log_facility == SYSLOG_FACILITY_NOT_SET)
options->log_f...CILITY_NOT_SETDescription
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
321 options->log_facility = SYSLOG_FACILITY_AUTH;
executed 2 times by 1 test: options->log_facility = SYSLOG_FACILITY_AUTH;
Executed by:
  • sshd
2
322 if (options->log_level == SYSLOG_LEVEL_NOT_SET)
options->log_l..._LEVEL_NOT_SETDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
323 options->log_level = SYSLOG_LEVEL_INFO;
never executed: options->log_level = SYSLOG_LEVEL_INFO;
0
324 if (options->hostbased_authentication == -1)
options->hostb...tication == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
325 options->hostbased_authentication = 0;
executed 2 times by 1 test: options->hostbased_authentication = 0;
Executed by:
  • sshd
2
326 if (options->hostbased_uses_name_from_packet_only == -1)
options->hostb...ket_only == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
327 options->hostbased_uses_name_from_packet_only = 0;
executed 2 times by 1 test: options->hostbased_uses_name_from_packet_only = 0;
Executed by:
  • sshd
2
328 if (options->pubkey_authentication == -1)
options->pubke...tication == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
329 options->pubkey_authentication = 1;
executed 2 times by 1 test: options->pubkey_authentication = 1;
Executed by:
  • sshd
2
330 if (options->kerberos_authentication == -1)
options->kerbe...tication == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
331 options->kerberos_authentication = 0;
executed 2 times by 1 test: options->kerberos_authentication = 0;
Executed by:
  • sshd
2
332 if (options->kerberos_or_local_passwd == -1)
options->kerbe...l_passwd == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
333 options->kerberos_or_local_passwd = 1;
executed 2 times by 1 test: options->kerberos_or_local_passwd = 1;
Executed by:
  • sshd
2
334 if (options->kerberos_ticket_cleanup == -1)
options->kerbe..._cleanup == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
335 options->kerberos_ticket_cleanup = 1;
executed 2 times by 1 test: options->kerberos_ticket_cleanup = 1;
Executed by:
  • sshd
2
336 if (options->kerberos_get_afs_token == -1)
options->kerbe...fs_token == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
337 options->kerberos_get_afs_token = 0;
executed 2 times by 1 test: options->kerberos_get_afs_token = 0;
Executed by:
  • sshd
2
338 if (options->gss_authentication == -1)
options->gss_a...tication == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
339 options->gss_authentication = 0;
executed 2 times by 1 test: options->gss_authentication = 0;
Executed by:
  • sshd
2
340 if (options->gss_cleanup_creds == -1)
options->gss_c...up_creds == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
341 options->gss_cleanup_creds = 1;
executed 2 times by 1 test: options->gss_cleanup_creds = 1;
Executed by:
  • sshd
2
342 if (options->gss_strict_acceptor == -1)
options->gss_s...acceptor == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
343 options->gss_strict_acceptor = 1;
executed 2 times by 1 test: options->gss_strict_acceptor = 1;
Executed by:
  • sshd
2
344 if (options->password_authentication == -1)
options->passw...tication == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
345 options->password_authentication = 1;
executed 2 times by 1 test: options->password_authentication = 1;
Executed by:
  • sshd
2
346 if (options->kbd_interactive_authentication == -1)
options->kbd_i...tication == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
347 options->kbd_interactive_authentication = 0;
executed 2 times by 1 test: options->kbd_interactive_authentication = 0;
Executed by:
  • sshd
2
348 if (options->challenge_response_authentication == -1)
options->chall...tication == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
349 options->challenge_response_authentication = 1;
executed 2 times by 1 test: options->challenge_response_authentication = 1;
Executed by:
  • sshd
2
350 if (options->permit_empty_passwd == -1)
options->permi...y_passwd == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
351 options->permit_empty_passwd = 0;
executed 2 times by 1 test: options->permit_empty_passwd = 0;
Executed by:
  • sshd
2
352 if (options->permit_user_env == -1) {
options->permit_user_env == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
353 options->permit_user_env = 0;-
354 options->permit_user_env_whitelist = NULL;-
355 }
executed 2 times by 1 test: end of block
Executed by:
  • sshd
2
356 if (options->compression == -1)
options->compression == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
357 options->compression = COMP_DELAYED;
executed 2 times by 1 test: options->compression = 2;
Executed by:
  • sshd
2
358 if (options->rekey_limit == -1)
options->rekey_limit == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
359 options->rekey_limit = 0;
executed 2 times by 1 test: options->rekey_limit = 0;
Executed by:
  • sshd
2
360 if (options->rekey_interval == -1)
options->rekey_interval == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
361 options->rekey_interval = 0;
executed 2 times by 1 test: options->rekey_interval = 0;
Executed by:
  • sshd
2
362 if (options->allow_tcp_forwarding == -1)
options->allow...rwarding == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
363 options->allow_tcp_forwarding = FORWARD_ALLOW;
executed 2 times by 1 test: options->allow_tcp_forwarding = ((1)|(1<<1));
Executed by:
  • sshd
2
364 if (options->allow_streamlocal_forwarding == -1)
options->allow...rwarding == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
365 options->allow_streamlocal_forwarding = FORWARD_ALLOW;
executed 2 times by 1 test: options->allow_streamlocal_forwarding = ((1)|(1<<1));
Executed by:
  • sshd
2
366 if (options->allow_agent_forwarding == -1)
options->allow...rwarding == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
367 options->allow_agent_forwarding = 1;
executed 2 times by 1 test: options->allow_agent_forwarding = 1;
Executed by:
  • sshd
2
368 if (options->fwd_opts.gateway_ports == -1)
options->fwd_o...ay_ports == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
369 options->fwd_opts.gateway_ports = 0;
executed 2 times by 1 test: options->fwd_opts.gateway_ports = 0;
Executed by:
  • sshd
2
370 if (options->max_startups == -1)
options->max_startups == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
371 options->max_startups = 100;
executed 2 times by 1 test: options->max_startups = 100;
Executed by:
  • sshd
2
372 if (options->max_startups_rate == -1)
options->max_s...ups_rate == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
373 options->max_startups_rate = 30; /* 30% */
executed 2 times by 1 test: options->max_startups_rate = 30;
Executed by:
  • sshd
2
374 if (options->max_startups_begin == -1)
options->max_s...ps_begin == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
375 options->max_startups_begin = 10;
executed 2 times by 1 test: options->max_startups_begin = 10;
Executed by:
  • sshd
2
376 if (options->max_authtries == -1)
options->max_authtries == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
377 options->max_authtries = DEFAULT_AUTH_FAIL_MAX;
executed 2 times by 1 test: options->max_authtries = 6;
Executed by:
  • sshd
2
378 if (options->max_sessions == -1)
options->max_sessions == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
379 options->max_sessions = DEFAULT_SESSIONS_MAX;
executed 2 times by 1 test: options->max_sessions = 10;
Executed by:
  • sshd
2
380 if (options->use_dns == -1)
options->use_dns == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
381 options->use_dns = 0;
executed 2 times by 1 test: options->use_dns = 0;
Executed by:
  • sshd
2
382 if (options->client_alive_interval == -1)
options->clien...interval == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
383 options->client_alive_interval = 0;
executed 2 times by 1 test: options->client_alive_interval = 0;
Executed by:
  • sshd
2
384 if (options->client_alive_count_max == -1)
options->clien...ount_max == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
385 options->client_alive_count_max = 3;
executed 2 times by 1 test: options->client_alive_count_max = 3;
Executed by:
  • sshd
2
386 if (options->num_authkeys_files == 0) {
options->num_a...eys_files == 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
387 array_append("[default]", 0, "AuthorizedKeysFiles",-
388 &options->authorized_keys_files,-
389 &options->num_authkeys_files,-
390 _PATH_SSH_USER_PERMITTED_KEYS);-
391 array_append("[default]", 0, "AuthorizedKeysFiles",-
392 &options->authorized_keys_files,-
393 &options->num_authkeys_files,-
394 _PATH_SSH_USER_PERMITTED_KEYS2);-
395 }
never executed: end of block
0
396 if (options->permit_tun == -1)
options->permit_tun == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
397 options->permit_tun = SSH_TUNMODE_NO;
executed 2 times by 1 test: options->permit_tun = 0x00;
Executed by:
  • sshd
2
398 if (options->ip_qos_interactive == -1)
options->ip_qo...eractive == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
399 options->ip_qos_interactive = IPTOS_DSCP_AF21;
executed 2 times by 1 test: options->ip_qos_interactive = 0x48 ;
Executed by:
  • sshd
2
400 if (options->ip_qos_bulk == -1)
options->ip_qos_bulk == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
401 options->ip_qos_bulk = IPTOS_DSCP_CS1;
executed 2 times by 1 test: options->ip_qos_bulk = 0x20;
Executed by:
  • sshd
2
402 if (options->version_addendum == NULL)
options->versi...== ((void *)0)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
403 options->version_addendum = xstrdup("");
executed 2 times by 1 test: options->version_addendum = xstrdup("");
Executed by:
  • sshd
2
404 if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1)
options->fwd_o... == (mode_t)-1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
405 options->fwd_opts.streamlocal_bind_mask = 0177;
executed 2 times by 1 test: options->fwd_opts.streamlocal_bind_mask = 0177;
Executed by:
  • sshd
2
406 if (options->fwd_opts.streamlocal_bind_unlink == -1)
options->fwd_o...d_unlink == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
407 options->fwd_opts.streamlocal_bind_unlink = 0;
executed 2 times by 1 test: options->fwd_opts.streamlocal_bind_unlink = 0;
Executed by:
  • sshd
2
408 if (options->fingerprint_hash == -1)
options->finge...int_hash == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
409 options->fingerprint_hash = SSH_FP_HASH_DEFAULT;
executed 2 times by 1 test: options->fingerprint_hash = 2;
Executed by:
  • sshd
2
410 if (options->disable_forwarding == -1)
options->disab...rwarding == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
411 options->disable_forwarding = 0;
executed 2 times by 1 test: options->disable_forwarding = 0;
Executed by:
  • sshd
2
412 if (options->expose_userauth_info == -1)
options->expos...uth_info == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
413 options->expose_userauth_info = 0;
executed 2 times by 1 test: options->expose_userauth_info = 0;
Executed by:
  • sshd
2
414-
415 assemble_algorithms(options);-
416-
417 /* Turn privilege separation and sandboxing on by default */-
418 if (use_privsep == -1)
use_privsep == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
419 use_privsep = PRIVSEP_ON;
executed 2 times by 1 test: use_privsep = 1;
Executed by:
  • sshd
2
420-
421#define CLEAR_ON_NONE(v) \-
422 do { \-
423 if (option_clear_or_none(v)) { \-
424 free(v); \-
425 v = NULL; \-
426 } \-
427 } while(0)-
428 CLEAR_ON_NONE(options->pid_file);
never executed: end of block
option_clear_o...ons->pid_file)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
429 CLEAR_ON_NONE(options->xauth_location);
never executed: end of block
option_clear_o...auth_location)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
430 CLEAR_ON_NONE(options->banner);
executed 2 times by 1 test: end of block
Executed by:
  • sshd
option_clear_o...tions->banner)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
431 CLEAR_ON_NONE(options->trusted_user_ca_keys);
executed 2 times by 1 test: end of block
Executed by:
  • sshd
option_clear_o..._user_ca_keys)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
432 CLEAR_ON_NONE(options->revoked_keys_file);
executed 2 times by 1 test: end of block
Executed by:
  • sshd
option_clear_o...ked_keys_file)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
433 CLEAR_ON_NONE(options->authorized_principals_file);
executed 2 times by 1 test: end of block
Executed by:
  • sshd
option_clear_o...incipals_file)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
434 CLEAR_ON_NONE(options->adm_forced_command);
executed 2 times by 1 test: end of block
Executed by:
  • sshd
option_clear_o...orced_command)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
435 CLEAR_ON_NONE(options->chroot_directory);
executed 2 times by 1 test: end of block
Executed by:
  • sshd
option_clear_o...oot_directory)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
436 CLEAR_ON_NONE(options->routing_domain);
executed 2 times by 1 test: end of block
Executed by:
  • sshd
option_clear_o...outing_domain)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
437 for (i = 0; i < options->num_host_key_files; i++)
i < options->n...host_key_filesDescription
TRUEevaluated 4 times by 1 test
Evaluated by:
  • sshd
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
2-4
438 CLEAR_ON_NONE(options->host_key_files[i]);
never executed: end of block
executed 4 times by 1 test: end of block
Executed by:
  • sshd
option_clear_o..._key_files[i])Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • sshd
0-4
439 for (i = 0; i < options->num_host_cert_files; i++)
i < options->n...ost_cert_filesDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
440 CLEAR_ON_NONE(options->host_cert_files[i]);
never executed: end of block
never executed: end of block
option_clear_o...cert_files[i])Description
TRUEnever evaluated
FALSEnever evaluated
0
441#undef CLEAR_ON_NONE-
442-
443 /* Similar handling for AuthenticationMethods=any */-
444 if (options->num_auth_methods == 1 &&
options->num_auth_methods == 1Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
445 strcmp(options->auth_methods[0], "any") == 0) {
never executed: __result = (((const unsigned char *) (const char *) ( options->auth_methods[0] ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "any" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
446 free(options->auth_methods[0]);-
447 options->auth_methods[0] = NULL;-
448 options->num_auth_methods = 0;-
449 }
never executed: end of block
0
450-
451#ifndef HAVE_MMAP-
452 if (use_privsep && options->compression == 1) {
use_privsepDescription
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
options->compression == 1Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
453 error("This platform does not support both privilege "-
454 "separation and compression");-
455 error("Compression disabled");-
456 options->compression = 0;-
457 }
never executed: end of block
0
458#endif-
459-
460}
executed 2 times by 1 test: end of block
Executed by:
  • sshd
2
461-
462/* Keyword tokens. */-
463typedef enum {-
464 sBadOption, /* == unknown option */-
465 /* Portable-specific options */-
466 sUsePAM,-
467 /* Standard Options */-
468 sPort, sHostKeyFile, sLoginGraceTime,-
469 sPermitRootLogin, sLogFacility, sLogLevel,-
470 sRhostsRSAAuthentication, sRSAAuthentication,-
471 sKerberosAuthentication, sKerberosOrLocalPasswd, sKerberosTicketCleanup,-
472 sKerberosGetAFSToken, sChallengeResponseAuthentication,-
473 sPasswordAuthentication, sKbdInteractiveAuthentication,-
474 sListenAddress, sAddressFamily,-
475 sPrintMotd, sPrintLastLog, sIgnoreRhosts,-
476 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,-
477 sPermitTTY, sStrictModes, sEmptyPasswd, sTCPKeepAlive,-
478 sPermitUserEnvironment, sAllowTcpForwarding, sCompression,-
479 sRekeyLimit, sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,-
480 sIgnoreUserKnownHosts, sCiphers, sMacs, sPidFile,-
481 sGatewayPorts, sPubkeyAuthentication, sPubkeyAcceptedKeyTypes,-
482 sXAuthLocation, sSubsystem, sMaxStartups, sMaxAuthTries, sMaxSessions,-
483 sBanner, sUseDNS, sHostbasedAuthentication,-
484 sHostbasedUsesNameFromPacketOnly, sHostbasedAcceptedKeyTypes,-
485 sHostKeyAlgorithms,-
486 sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile,-
487 sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor,-
488 sAcceptEnv, sSetEnv, sPermitTunnel,-
489 sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory,-
490 sUsePrivilegeSeparation, sAllowAgentForwarding,-
491 sHostCertificate,-
492 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,-
493 sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser,-
494 sKexAlgorithms, sCASignatureAlgorithms, sIPQoS, sVersionAddendum,-
495 sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,-
496 sAuthenticationMethods, sHostKeyAgent, sPermitUserRC,-
497 sStreamLocalBindMask, sStreamLocalBindUnlink,-
498 sAllowStreamLocalForwarding, sFingerprintHash, sDisableForwarding,-
499 sExposeAuthInfo, sRDomain,-
500 sDeprecated, sIgnore, sUnsupported-
501} ServerOpCodes;-
502-
503#define SSHCFG_GLOBAL 0x01 /* allowed in main section of sshd_config */-
504#define SSHCFG_MATCH 0x02 /* allowed inside a Match section */-
505#define SSHCFG_ALL (SSHCFG_GLOBAL|SSHCFG_MATCH)-
506-
507/* Textual representation of the tokens. */-
508static struct {-
509 const char *name;-
510 ServerOpCodes opcode;-
511 u_int flags;-
512} keywords[] = {-
513 /* Portable-specific options */-
514#ifdef USE_PAM-
515 { "usepam", sUsePAM, SSHCFG_GLOBAL },-
516#else-
517 { "usepam", sUnsupported, SSHCFG_GLOBAL },-
518#endif-
519 { "pamauthenticationviakbdint", sDeprecated, SSHCFG_GLOBAL },-
520 /* Standard Options */-
521 { "port", sPort, SSHCFG_GLOBAL },-
522 { "hostkey", sHostKeyFile, SSHCFG_GLOBAL },-
523 { "hostdsakey", sHostKeyFile, SSHCFG_GLOBAL }, /* alias */-
524 { "hostkeyagent", sHostKeyAgent, SSHCFG_GLOBAL },-
525 { "pidfile", sPidFile, SSHCFG_GLOBAL },-
526 { "serverkeybits", sDeprecated, SSHCFG_GLOBAL },-
527 { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL },-
528 { "keyregenerationinterval", sDeprecated, SSHCFG_GLOBAL },-
529 { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL },-
530 { "syslogfacility", sLogFacility, SSHCFG_GLOBAL },-
531 { "loglevel", sLogLevel, SSHCFG_ALL },-
532 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL },-
533 { "rhostsrsaauthentication", sDeprecated, SSHCFG_ALL },-
534 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL },-
535 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL },-
536 { "hostbasedacceptedkeytypes", sHostbasedAcceptedKeyTypes, SSHCFG_ALL },-
537 { "hostkeyalgorithms", sHostKeyAlgorithms, SSHCFG_GLOBAL },-
538 { "rsaauthentication", sDeprecated, SSHCFG_ALL },-
539 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL },-
540 { "pubkeyacceptedkeytypes", sPubkeyAcceptedKeyTypes, SSHCFG_ALL },-
541 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */-
542#ifdef KRB5-
543 { "kerberosauthentication", sKerberosAuthentication, SSHCFG_ALL },-
544 { "kerberosorlocalpasswd", sKerberosOrLocalPasswd, SSHCFG_GLOBAL },-
545 { "kerberosticketcleanup", sKerberosTicketCleanup, SSHCFG_GLOBAL },-
546#ifdef USE_AFS-
547 { "kerberosgetafstoken", sKerberosGetAFSToken, SSHCFG_GLOBAL },-
548#else-
549 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL },-
550#endif-
551#else-
552 { "kerberosauthentication", sUnsupported, SSHCFG_ALL },-
553 { "kerberosorlocalpasswd", sUnsupported, SSHCFG_GLOBAL },-
554 { "kerberosticketcleanup", sUnsupported, SSHCFG_GLOBAL },-
555 { "kerberosgetafstoken", sUnsupported, SSHCFG_GLOBAL },-
556#endif-
557 { "kerberostgtpassing", sUnsupported, SSHCFG_GLOBAL },-
558 { "afstokenpassing", sUnsupported, SSHCFG_GLOBAL },-
559#ifdef GSSAPI-
560 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },-
561 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },-
562 { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL },-
563#else-
564 { "gssapiauthentication", sUnsupported, SSHCFG_ALL },-
565 { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL },-
566 { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL },-
567#endif-
568 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },-
569 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },-
570 { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },-
571 { "skeyauthentication", sDeprecated, SSHCFG_GLOBAL },-
572 { "checkmail", sDeprecated, SSHCFG_GLOBAL },-
573 { "listenaddress", sListenAddress, SSHCFG_GLOBAL },-
574 { "addressfamily", sAddressFamily, SSHCFG_GLOBAL },-
575 { "printmotd", sPrintMotd, SSHCFG_GLOBAL },-
576#ifdef DISABLE_LASTLOG-
577 { "printlastlog", sUnsupported, SSHCFG_GLOBAL },-
578#else-
579 { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL },-
580#endif-
581 { "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL },-
582 { "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL },-
583 { "x11forwarding", sX11Forwarding, SSHCFG_ALL },-
584 { "x11displayoffset", sX11DisplayOffset, SSHCFG_ALL },-
585 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },-
586 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },-
587 { "strictmodes", sStrictModes, SSHCFG_GLOBAL },-
588 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },-
589 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },-
590 { "uselogin", sDeprecated, SSHCFG_GLOBAL },-
591 { "compression", sCompression, SSHCFG_GLOBAL },-
592 { "rekeylimit", sRekeyLimit, SSHCFG_ALL },-
593 { "tcpkeepalive", sTCPKeepAlive, SSHCFG_GLOBAL },-
594 { "keepalive", sTCPKeepAlive, SSHCFG_GLOBAL }, /* obsolete alias */-
595 { "allowtcpforwarding", sAllowTcpForwarding, SSHCFG_ALL },-
596 { "allowagentforwarding", sAllowAgentForwarding, SSHCFG_ALL },-
597 { "allowusers", sAllowUsers, SSHCFG_ALL },-
598 { "denyusers", sDenyUsers, SSHCFG_ALL },-
599 { "allowgroups", sAllowGroups, SSHCFG_ALL },-
600 { "denygroups", sDenyGroups, SSHCFG_ALL },-
601 { "ciphers", sCiphers, SSHCFG_GLOBAL },-
602 { "macs", sMacs, SSHCFG_GLOBAL },-
603 { "protocol", sIgnore, SSHCFG_GLOBAL },-
604 { "gatewayports", sGatewayPorts, SSHCFG_ALL },-
605 { "subsystem", sSubsystem, SSHCFG_GLOBAL },-
606 { "maxstartups", sMaxStartups, SSHCFG_GLOBAL },-
607 { "maxauthtries", sMaxAuthTries, SSHCFG_ALL },-
608 { "maxsessions", sMaxSessions, SSHCFG_ALL },-
609 { "banner", sBanner, SSHCFG_ALL },-
610 { "usedns", sUseDNS, SSHCFG_GLOBAL },-
611 { "verifyreversemapping", sDeprecated, SSHCFG_GLOBAL },-
612 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL },-
613 { "clientaliveinterval", sClientAliveInterval, SSHCFG_ALL },-
614 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_ALL },-
615 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL },-
616 { "authorizedkeysfile2", sDeprecated, SSHCFG_ALL },-
617 { "useprivilegeseparation", sDeprecated, SSHCFG_GLOBAL},-
618 { "acceptenv", sAcceptEnv, SSHCFG_ALL },-
619 { "setenv", sSetEnv, SSHCFG_ALL },-
620 { "permittunnel", sPermitTunnel, SSHCFG_ALL },-
621 { "permittty", sPermitTTY, SSHCFG_ALL },-
622 { "permituserrc", sPermitUserRC, SSHCFG_ALL },-
623 { "match", sMatch, SSHCFG_ALL },-
624 { "permitopen", sPermitOpen, SSHCFG_ALL },-
625 { "permitlisten", sPermitListen, SSHCFG_ALL },-
626 { "forcecommand", sForceCommand, SSHCFG_ALL },-
627 { "chrootdirectory", sChrootDirectory, SSHCFG_ALL },-
628 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL },-
629 { "revokedkeys", sRevokedKeys, SSHCFG_ALL },-
630 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },-
631 { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },-
632 { "kexalgorithms", sKexAlgorithms, SSHCFG_GLOBAL },-
633 { "ipqos", sIPQoS, SSHCFG_ALL },-
634 { "authorizedkeyscommand", sAuthorizedKeysCommand, SSHCFG_ALL },-
635 { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL },-
636 { "authorizedprincipalscommand", sAuthorizedPrincipalsCommand, SSHCFG_ALL },-
637 { "authorizedprincipalscommanduser", sAuthorizedPrincipalsCommandUser, SSHCFG_ALL },-
638 { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL },-
639 { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL },-
640 { "streamlocalbindmask", sStreamLocalBindMask, SSHCFG_ALL },-
641 { "streamlocalbindunlink", sStreamLocalBindUnlink, SSHCFG_ALL },-
642 { "allowstreamlocalforwarding", sAllowStreamLocalForwarding, SSHCFG_ALL },-
643 { "fingerprinthash", sFingerprintHash, SSHCFG_GLOBAL },-
644 { "disableforwarding", sDisableForwarding, SSHCFG_ALL },-
645 { "exposeauthinfo", sExposeAuthInfo, SSHCFG_ALL },-
646 { "rdomain", sRDomain, SSHCFG_ALL },-
647 { "casignaturealgorithms", sCASignatureAlgorithms, SSHCFG_ALL },-
648 { NULL, sBadOption, 0 }-
649};-
650-
651static struct {-
652 int val;-
653 char *text;-
654} tunmode_desc[] = {-
655 { SSH_TUNMODE_NO, "no" },-
656 { SSH_TUNMODE_POINTOPOINT, "point-to-point" },-
657 { SSH_TUNMODE_ETHERNET, "ethernet" },-
658 { SSH_TUNMODE_YES, "yes" },-
659 { -1, NULL }-
660};-
661-
662/* Returns an opcode name from its number */-
663-
664static const char *-
665lookup_opcode_name(ServerOpCodes code)-
666{-
667 u_int i;-
668-
669 for (i = 0; keywords[i].name != NULL; i++)
keywords[i].na...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
670 if (keywords[i].opcode == code)
keywords[i].opcode == codeDescription
TRUEnever evaluated
FALSEnever evaluated
0
671 return(keywords[i].name);
never executed: return(keywords[i].name);
0
672 return "UNKNOWN";
never executed: return "UNKNOWN";
0
673}-
674-
675-
676/*-
677 * Returns the number of the token pointed to by cp or sBadOption.-
678 */-
679-
680static ServerOpCodes-
681parse_token(const char *cp, const char *filename,-
682 int linenum, u_int *flags)-
683{-
684 u_int i;-
685-
686 for (i = 0; keywords[i].name; i++)
keywords[i].nameDescription
TRUEevaluated 960 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-960
687 if (strcasecmp(cp, keywords[i].name) == 0) {
strcasecmp(cp,...[i].name) == 0Description
TRUEevaluated 25 times by 1 test
Evaluated by:
  • sshd
FALSEevaluated 935 times by 1 test
Evaluated by:
  • sshd
25-935
688 *flags = keywords[i].flags;-
689 return keywords[i].opcode;
executed 25 times by 1 test: return keywords[i].opcode;
Executed by:
  • sshd
25
690 }-
691-
692 error("%s: line %d: Bad configuration option: %s",-
693 filename, linenum, cp);-
694 return sBadOption;
never executed: return sBadOption;
0
695}-
696-
697char *-
698derelativise_path(const char *path)-
699{-
700 char *expanded, *ret, cwd[PATH_MAX];-
701-
702 if (strcasecmp(path, "none") == 0)
strcasecmp(path, "none") == 0Description
TRUEnever evaluated
FALSEevaluated 6 times by 1 test
Evaluated by:
  • sshd
0-6
703 return xstrdup("none");
never executed: return xstrdup("none");
0
704 expanded = tilde_expand_filename(path, getuid());-
705 if (*expanded == '/')
*expanded == '/'Description
TRUEevaluated 6 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-6
706 return expanded;
executed 6 times by 1 test: return expanded;
Executed by:
  • sshd
6
707 if (getcwd(cwd, sizeof(cwd)) == NULL)
getcwd(cwd, si...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
708 fatal("%s: getcwd: %s", __func__, strerror(errno));
never executed: fatal("%s: getcwd: %s", __func__, strerror( (*__errno_location ()) ));
0
709 xasprintf(&ret, "%s/%s", cwd, expanded);-
710 free(expanded);-
711 return ret;
never executed: return ret;
0
712}-
713-
714static void-
715add_listen_addr(ServerOptions *options, const char *addr,-
716 const char *rdomain, int port)-
717{-
718 u_int i;-
719-
720 if (port > 0)
port > 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
721 add_one_listen_addr(options, addr, rdomain, port);
never executed: add_one_listen_addr(options, addr, rdomain, port);
0
722 else {-
723 for (i = 0; i < options->num_ports; i++) {
i < options->num_portsDescription
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
2
724 add_one_listen_addr(options, addr, rdomain,-
725 options->ports[i]);-
726 }
executed 2 times by 1 test: end of block
Executed by:
  • sshd
2
727 }
executed 2 times by 1 test: end of block
Executed by:
  • sshd
2
728}-
729-
730static void-
731add_one_listen_addr(ServerOptions *options, const char *addr,-
732 const char *rdomain, int port)-
733{-
734 struct addrinfo hints, *ai, *aitop;-
735 char strport[NI_MAXSERV];-
736 int gaierr;-
737 u_int i;-
738-
739 /* Find listen_addrs entry for this rdomain */-
740 for (i = 0; i < options->num_listen_addrs; i++) {
i < options->num_listen_addrsDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
741 if (rdomain == NULL && options->listen_addrs[i].rdomain == NULL)
rdomain == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
options->liste...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
742 break;
never executed: break;
0
743 if (rdomain == NULL || options->listen_addrs[i].rdomain == NULL)
rdomain == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
options->liste...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
744 continue;
never executed: continue;
0
745 if (strcmp(rdomain, options->listen_addrs[i].rdomain) == 0)
never executed: __result = (((const unsigned char *) (const char *) ( rdomain ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( options->listen_addrs[i].rdomain ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
746 break;
never executed: break;
0
747 }
never executed: end of block
0
748 if (i >= options->num_listen_addrs) {
i >= options->num_listen_addrsDescription
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
749 /* No entry for this rdomain; allocate one */-
750 if (i >= INT_MAX)
i >= 0x7fffffffDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
751 fatal("%s: too many listen addresses", __func__);
never executed: fatal("%s: too many listen addresses", __func__);
0
752 options->listen_addrs = xrecallocarray(options->listen_addrs,-
753 options->num_listen_addrs, options->num_listen_addrs + 1,-
754 sizeof(*options->listen_addrs));-
755 i = options->num_listen_addrs++;-
756 if (rdomain != NULL)
rdomain != ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
757 options->listen_addrs[i].rdomain = xstrdup(rdomain);
never executed: options->listen_addrs[i].rdomain = xstrdup(rdomain);
0
758 }
executed 2 times by 1 test: end of block
Executed by:
  • sshd
2
759 /* options->listen_addrs[i] points to the addresses for this rdomain */-
760-
761 memset(&hints, 0, sizeof(hints));-
762 hints.ai_family = options->address_family;-
763 hints.ai_socktype = SOCK_STREAM;-
764 hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
(addr == ((void *)0) )Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
765 snprintf(strport, sizeof strport, "%d", port);-
766 if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0)
(gaierr = geta... &aitop)) != 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
767 fatal("bad addr or host: %s (%s)",
never executed: fatal("bad addr or host: %s (%s)", addr ? addr : "<NULL>", ssh_gai_strerror(gaierr));
0
768 addr ? addr : "<NULL>",
never executed: fatal("bad addr or host: %s (%s)", addr ? addr : "<NULL>", ssh_gai_strerror(gaierr));
0
769 ssh_gai_strerror(gaierr));
never executed: fatal("bad addr or host: %s (%s)", addr ? addr : "<NULL>", ssh_gai_strerror(gaierr));
0
770 for (ai = aitop; ai->ai_next; ai = ai->ai_next)
ai->ai_nextDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
771 ;
never executed: ;
0
772 ai->ai_next = options->listen_addrs[i].addrs;-
773 options->listen_addrs[i].addrs = aitop;-
774}
executed 2 times by 1 test: end of block
Executed by:
  • sshd
2
775-
776/* Returns nonzero if the routing domain name is valid */-
777static int-
778valid_rdomain(const char *name)-
779{-
780#if defined(HAVE_SYS_VALID_RDOMAIN)-
781 return sys_valid_rdomain(name);-
782#elif defined(__OpenBSD__)-
783 const char *errstr;-
784 long long num;-
785 struct rt_tableinfo info;-
786 int mib[6];-
787 size_t miblen = sizeof(mib);-
788-
789 if (name == NULL)-
790 return 1;-
791-
792 num = strtonum(name, 0, 255, &errstr);-
793 if (errstr != NULL)-
794 return 0;-
795-
796 /* Check whether the table actually exists */-
797 memset(mib, 0, sizeof(mib));-
798 mib[0] = CTL_NET;-
799 mib[1] = PF_ROUTE;-
800 mib[4] = NET_RT_TABLE;-
801 mib[5] = (int)num;-
802 if (sysctl(mib, 6, &info, &miblen, NULL, 0) == -1)-
803 return 0;-
804-
805 return 1;-
806#else /* defined(__OpenBSD__) */-
807 error("Routing domains are not supported on this platform");-
808 return 0;
never executed: return 0;
0
809#endif-
810}-
811-
812/*-
813 * Queue a ListenAddress to be processed once we have all of the Ports-
814 * and AddressFamily options.-
815 */-
816static void-
817queue_listen_addr(ServerOptions *options, const char *addr,-
818 const char *rdomain, int port)-
819{-
820 struct queued_listenaddr *qla;-
821-
822 options->queued_listen_addrs = xrecallocarray(-
823 options->queued_listen_addrs,-
824 options->num_queued_listens, options->num_queued_listens + 1,-
825 sizeof(*options->queued_listen_addrs));-
826 qla = &options->queued_listen_addrs[options->num_queued_listens++];-
827 qla->addr = xstrdup(addr);-
828 qla->port = port;-
829 qla->rdomain = rdomain == NULL ? NULL : xstrdup(rdomain);
rdomain == ((void *)0)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
830}
executed 2 times by 1 test: end of block
Executed by:
  • sshd
2
831-
832/*-
833 * Process queued (text) ListenAddress entries.-
834 */-
835static void-
836process_queued_listen_addrs(ServerOptions *options)-
837{-
838 u_int i;-
839 struct queued_listenaddr *qla;-
840-
841 if (options->num_ports == 0)
options->num_ports == 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
842 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
never executed: options->ports[options->num_ports++] = 22;
0
843 if (options->address_family == -1)
options->address_family == -1Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
844 options->address_family = AF_UNSPEC;
never executed: options->address_family = 0 ;
0
845-
846 for (i = 0; i < options->num_queued_listens; i++) {
i < options->n...queued_listensDescription
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
2
847 qla = &options->queued_listen_addrs[i];-
848 add_listen_addr(options, qla->addr, qla->rdomain, qla->port);-
849 free(qla->addr);-
850 free(qla->rdomain);-
851 }
executed 2 times by 1 test: end of block
Executed by:
  • sshd
2
852 free(options->queued_listen_addrs);-
853 options->queued_listen_addrs = NULL;-
854 options->num_queued_listens = 0;-
855}
executed 2 times by 1 test: end of block
Executed by:
  • sshd
2
856-
857/*-
858 * Inform channels layer of permitopen options for a single forwarding-
859 * direction (local/remote).-
860 */-
861static void-
862process_permitopen_list(struct ssh *ssh, ServerOpCodes opcode,-
863 char **opens, u_int num_opens)-
864{-
865 u_int i;-
866 int port;-
867 char *host, *arg, *oarg;-
868 int where = opcode == sPermitOpen ? FORWARD_LOCAL : FORWARD_REMOTE;
opcode == sPermitOpenDescription
TRUEnever evaluated
FALSEnever evaluated
0
869 const char *what = lookup_opcode_name(opcode);-
870-
871 channel_clear_permission(ssh, FORWARD_ADM, where);-
872 if (num_opens == 0)
num_opens == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
873 return; /* permit any */
never executed: return;
0
874-
875 /* handle keywords: "any" / "none" */-
876 if (num_opens == 1 && strcmp(opens[0], "any") == 0)
never executed: __result = (((const unsigned char *) (const char *) ( opens[0] ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "any" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
num_opens == 1Description
TRUEnever evaluated
FALSEnever evaluated
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
877 return;
never executed: return;
0
878 if (num_opens == 1 && strcmp(opens[0], "none") == 0) {
never executed: __result = (((const unsigned char *) (const char *) ( opens[0] ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "none" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
num_opens == 1Description
TRUEnever evaluated
FALSEnever evaluated
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
879 channel_disable_admin(ssh, where);-
880 return;
never executed: return;
0
881 }-
882 /* Otherwise treat it as a list of permitted host:port */-
883 for (i = 0; i < num_opens; i++) {
i < num_opensDescription
TRUEnever evaluated
FALSEnever evaluated
0
884 oarg = arg = xstrdup(opens[i]);-
885 host = hpdelim(&arg);-
886 if (host == NULL)
host == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
887 fatal("%s: missing host in %s", __func__, what);
never executed: fatal("%s: missing host in %s", __func__, what);
0
888 host = cleanhostname(host);-
889 if (arg == NULL || ((port = permitopen_port(arg)) < 0))
arg == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
((port = permi...ort(arg)) < 0)Description
TRUEnever evaluated
FALSEnever evaluated
0
890 fatal("%s: bad port number in %s", __func__, what);
never executed: fatal("%s: bad port number in %s", __func__, what);
0
891 /* Send it to channels layer */-
892 channel_add_permission(ssh, FORWARD_ADM,-
893 where, host, port);-
894 free(oarg);-
895 }
never executed: end of block
0
896}
never executed: end of block
0
897-
898/*-
899 * Inform channels layer of permitopen options from configuration.-
900 */-
901void-
902process_permitopen(struct ssh *ssh, ServerOptions *options)-
903{-
904 process_permitopen_list(ssh, sPermitOpen,-
905 options->permitted_opens, options->num_permitted_opens);-
906 process_permitopen_list(ssh, sPermitListen,-
907 options->permitted_listens,-
908 options->num_permitted_listens);-
909}
never executed: end of block
0
910-
911struct connection_info *-
912get_connection_info(int populate, int use_dns)-
913{-
914 struct ssh *ssh = active_state; /* XXX */-
915 static struct connection_info ci;-
916-
917 if (!populate)
!populateDescription
TRUEnever evaluated
FALSEnever evaluated
0
918 return &ci;
never executed: return &ci;
0
919 ci.host = auth_get_canonical_hostname(ssh, use_dns);-
920 ci.address = ssh_remote_ipaddr(ssh);-
921 ci.laddress = ssh_local_ipaddr(ssh);-
922 ci.lport = ssh_local_port(ssh);-
923 ci.rdomain = ssh_packet_rdomain_in(ssh);-
924 return &ci;
never executed: return &ci;
0
925}-
926-
927/*-
928 * The strategy for the Match blocks is that the config file is parsed twice.-
929 *-
930 * The first time is at startup. activep is initialized to 1 and the-
931 * directives in the global context are processed and acted on. Hitting a-
932 * Match directive unsets activep and the directives inside the block are-
933 * checked for syntax only.-
934 *-
935 * The second time is after a connection has been established but before-
936 * authentication. activep is initialized to 2 and global config directives-
937 * are ignored since they have already been processed. If the criteria in a-
938 * Match block is met, activep is set and the subsequent directives-
939 * processed and actioned until EOF or another Match block unsets it. Any-
940 * options set are copied into the main server config.-
941 *-
942 * Potential additions/improvements:-
943 * - Add Match support for pre-kex directives, eg. Ciphers.-
944 *-
945 * - Add a Tag directive (idea from David Leonard) ala pf, eg:-
946 * Match Address 192.168.0.*-
947 * Tag trusted-
948 * Match Group wheel-
949 * Tag trusted-
950 * Match Tag trusted-
951 * AllowTcpForwarding yes-
952 * GatewayPorts clientspecified-
953 * [...]-
954 *-
955 * - Add a PermittedChannelRequests directive-
956 * Match Group shell-
957 * PermittedChannelRequests session,forwarded-tcpip-
958 */-
959-
960static int-
961match_cfg_line_group(const char *grps, int line, const char *user)-
962{-
963 int result = 0;-
964 struct passwd *pw;-
965-
966 if (user == NULL)
user == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
967 goto out;
never executed: goto out;
0
968-
969 if ((pw = getpwnam(user)) == NULL) {
(pw = getpwnam...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
970 debug("Can't match group at line %d because user %.100s does "-
971 "not exist", line, user);-
972 } else if (ga_init(pw->pw_name, pw->pw_gid) == 0) {
never executed: end of block
ga_init(pw->pw...->pw_gid) == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
973 debug("Can't Match group because user %.100s not in any group "-
974 "at line %d", user, line);-
975 } else if (ga_match_pattern_list(grps) != 1) {
never executed: end of block
ga_match_patte...ist(grps) != 1Description
TRUEnever evaluated
FALSEnever evaluated
0
976 debug("user %.100s does not match group list %.100s at line %d",-
977 user, grps, line);-
978 } else {
never executed: end of block
0
979 debug("user %.100s matched group list %.100s at line %d", user,-
980 grps, line);-
981 result = 1;-
982 }
never executed: end of block
0
983out:
code before this statement never executed: out:
0
984 ga_free();-
985 return result;
never executed: return result;
0
986}-
987-
988static void-
989match_test_missing_fatal(const char *criteria, const char *attrib)-
990{-
991 fatal("'Match %s' in configuration but '%s' not in connection "-
992 "test specification.", criteria, attrib);-
993}
never executed: end of block
0
994-
995/*-
996 * All of the attributes on a single Match line are ANDed together, so we need-
997 * to check every attribute and set the result to zero if any attribute does-
998 * not match.-
999 */-
1000static int-
1001match_cfg_line(char **condition, int line, struct connection_info *ci)-
1002{-
1003 int result = 1, attributes = 0, port;-
1004 char *arg, *attrib, *cp = *condition;-
1005-
1006 if (ci == NULL)
ci == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1007 debug3("checking syntax for 'Match %s'", cp);
never executed: debug3("checking syntax for 'Match %s'", cp);
0
1008 else-
1009 debug3("checking match for '%s' user %s host %s addr %s "
never executed: debug3("checking match for '%s' user %s host %s addr %s " "laddr %s lport %d", cp, ci->user ? ci->user : "(null)", ci->host ? ci->host : "(null)", ci->address ? ci->address : "(null)", ci->laddress ? ci->laddress : "(null)", ci->lport);
0
1010 "laddr %s lport %d", cp, ci->user ? ci->user : "(null)",
never executed: debug3("checking match for '%s' user %s host %s addr %s " "laddr %s lport %d", cp, ci->user ? ci->user : "(null)", ci->host ? ci->host : "(null)", ci->address ? ci->address : "(null)", ci->laddress ? ci->laddress : "(null)", ci->lport);
0
1011 ci->host ? ci->host : "(null)",
never executed: debug3("checking match for '%s' user %s host %s addr %s " "laddr %s lport %d", cp, ci->user ? ci->user : "(null)", ci->host ? ci->host : "(null)", ci->address ? ci->address : "(null)", ci->laddress ? ci->laddress : "(null)", ci->lport);
0
1012 ci->address ? ci->address : "(null)",
never executed: debug3("checking match for '%s' user %s host %s addr %s " "laddr %s lport %d", cp, ci->user ? ci->user : "(null)", ci->host ? ci->host : "(null)", ci->address ? ci->address : "(null)", ci->laddress ? ci->laddress : "(null)", ci->lport);
0
1013 ci->laddress ? ci->laddress : "(null)", ci->lport);
never executed: debug3("checking match for '%s' user %s host %s addr %s " "laddr %s lport %d", cp, ci->user ? ci->user : "(null)", ci->host ? ci->host : "(null)", ci->address ? ci->address : "(null)", ci->laddress ? ci->laddress : "(null)", ci->lport);
0
1014-
1015 while ((attrib = strdelim(&cp)) && *attrib != '\0') {
(attrib = strdelim(&cp))Description
TRUEnever evaluated
FALSEnever evaluated
*attrib != '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1016 attributes++;-
1017 if (strcasecmp(attrib, "all") == 0) {
strcasecmp(attrib, "all") == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1018 if (attributes != 1 ||
attributes != 1Description
TRUEnever evaluated
FALSEnever evaluated
0
1019 ((arg = strdelim(&cp)) != NULL && *arg != '\0')) {
(arg = strdeli...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
*arg != '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1020 error("'all' cannot be combined with other "-
1021 "Match attributes");-
1022 return -1;
never executed: return -1;
0
1023 }-
1024 *condition = cp;-
1025 return 1;
never executed: return 1;
0
1026 }-
1027 if ((arg = strdelim(&cp)) == NULL || *arg == '\0') {
(arg = strdeli...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1028 error("Missing Match criteria for %s", attrib);-
1029 return -1;
never executed: return -1;
0
1030 }-
1031 if (strcasecmp(attrib, "user") == 0) {
strcasecmp(att..., "user") == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1032 if (ci == NULL) {
ci == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1033 result = 0;-
1034 continue;
never executed: continue;
0
1035 }-
1036 if (ci->user == NULL)
ci->user == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1037 match_test_missing_fatal("User", "user");
never executed: match_test_missing_fatal("User", "user");
0
1038 if (match_pattern_list(ci->user, arg, 0) != 1)
match_pattern_..., arg, 0) != 1Description
TRUEnever evaluated
FALSEnever evaluated
0
1039 result = 0;
never executed: result = 0;
0
1040 else-
1041 debug("user %.100s matched 'User %.100s' at "
never executed: debug("user %.100s matched 'User %.100s' at " "line %d", ci->user, arg, line);
0
1042 "line %d", ci->user, arg, line);
never executed: debug("user %.100s matched 'User %.100s' at " "line %d", ci->user, arg, line);
0
1043 } else if (strcasecmp(attrib, "group") == 0) {
strcasecmp(att... "group") == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1044 if (ci == NULL) {
ci == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1045 result = 0;-
1046 continue;
never executed: continue;
0
1047 }-
1048 if (ci->user == NULL)
ci->user == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1049 match_test_missing_fatal("Group", "user");
never executed: match_test_missing_fatal("Group", "user");
0
1050 switch (match_cfg_line_group(arg, line, ci->user)) {-
1051 case -1:
never executed: case -1:
0
1052 return -1;
never executed: return -1;
0
1053 case 0:
never executed: case 0:
0
1054 result = 0;-
1055 }
never executed: end of block
0
1056 } else if (strcasecmp(attrib, "host") == 0) {
never executed: end of block
strcasecmp(att..., "host") == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1057 if (ci == NULL) {
ci == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1058 result = 0;-
1059 continue;
never executed: continue;
0
1060 }-
1061 if (ci->host == NULL)
ci->host == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1062 match_test_missing_fatal("Host", "host");
never executed: match_test_missing_fatal("Host", "host");
0
1063 if (match_hostname(ci->host, arg) != 1)
match_hostname...ost, arg) != 1Description
TRUEnever evaluated
FALSEnever evaluated
0
1064 result = 0;
never executed: result = 0;
0
1065 else-
1066 debug("connection from %.100s matched 'Host "
never executed: debug("connection from %.100s matched 'Host " "%.100s' at line %d", ci->host, arg, line);
0
1067 "%.100s' at line %d", ci->host, arg, line);
never executed: debug("connection from %.100s matched 'Host " "%.100s' at line %d", ci->host, arg, line);
0
1068 } else if (strcasecmp(attrib, "address") == 0) {
strcasecmp(att...address") == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1069 if (ci == NULL) {
ci == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1070 result = 0;-
1071 continue;
never executed: continue;
0
1072 }-
1073 if (ci->address == NULL)
ci->address == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1074 match_test_missing_fatal("Address", "addr");
never executed: match_test_missing_fatal("Address", "addr");
0
1075 switch (addr_match_list(ci->address, arg)) {-
1076 case 1:
never executed: case 1:
0
1077 debug("connection from %.100s matched 'Address "-
1078 "%.100s' at line %d", ci->address, arg, line);-
1079 break;
never executed: break;
0
1080 case 0:
never executed: case 0:
0
1081 case -1:
never executed: case -1:
0
1082 result = 0;-
1083 break;
never executed: break;
0
1084 case -2:
never executed: case -2:
0
1085 return -1;
never executed: return -1;
0
1086 }-
1087 } else if (strcasecmp(attrib, "localaddress") == 0){
never executed: end of block
strcasecmp(att...address") == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1088 if (ci == NULL) {
ci == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1089 result = 0;-
1090 continue;
never executed: continue;
0
1091 }-
1092 if (ci->laddress == NULL)
ci->laddress == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1093 match_test_missing_fatal("LocalAddress",
never executed: match_test_missing_fatal("LocalAddress", "laddr");
0
1094 "laddr");
never executed: match_test_missing_fatal("LocalAddress", "laddr");
0
1095 switch (addr_match_list(ci->laddress, arg)) {-
1096 case 1:
never executed: case 1:
0
1097 debug("connection from %.100s matched "-
1098 "'LocalAddress %.100s' at line %d",-
1099 ci->laddress, arg, line);-
1100 break;
never executed: break;
0
1101 case 0:
never executed: case 0:
0
1102 case -1:
never executed: case -1:
0
1103 result = 0;-
1104 break;
never executed: break;
0
1105 case -2:
never executed: case -2:
0
1106 return -1;
never executed: return -1;
0
1107 }-
1108 } else if (strcasecmp(attrib, "localport") == 0) {
never executed: end of block
strcasecmp(att...calport") == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1109 if ((port = a2port(arg)) == -1) {
(port = a2port(arg)) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1110 error("Invalid LocalPort '%s' on Match line",-
1111 arg);-
1112 return -1;
never executed: return -1;
0
1113 }-
1114 if (ci == NULL) {
ci == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1115 result = 0;-
1116 continue;
never executed: continue;
0
1117 }-
1118 if (ci->lport == 0)
ci->lport == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1119 match_test_missing_fatal("LocalPort", "lport");
never executed: match_test_missing_fatal("LocalPort", "lport");
0
1120 /* TODO support port lists */-
1121 if (port == ci->lport)
port == ci->lportDescription
TRUEnever evaluated
FALSEnever evaluated
0
1122 debug("connection from %.100s matched "
never executed: debug("connection from %.100s matched " "'LocalPort %d' at line %d", ci->laddress, port, line);
0
1123 "'LocalPort %d' at line %d",
never executed: debug("connection from %.100s matched " "'LocalPort %d' at line %d", ci->laddress, port, line);
0
1124 ci->laddress, port, line);
never executed: debug("connection from %.100s matched " "'LocalPort %d' at line %d", ci->laddress, port, line);
0
1125 else-
1126 result = 0;
never executed: result = 0;
0
1127 } else if (strcasecmp(attrib, "rdomain") == 0) {
strcasecmp(att...rdomain") == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1128 if (ci == NULL || ci->rdomain == NULL) {
ci == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
ci->rdomain == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1129 result = 0;-
1130 continue;
never executed: continue;
0
1131 }-
1132 if (match_pattern_list(ci->rdomain, arg, 0) != 1)
match_pattern_..., arg, 0) != 1Description
TRUEnever evaluated
FALSEnever evaluated
0
1133 result = 0;
never executed: result = 0;
0
1134 else-
1135 debug("user %.100s matched 'RDomain %.100s' at "
never executed: debug("user %.100s matched 'RDomain %.100s' at " "line %d", ci->rdomain, arg, line);
0
1136 "line %d", ci->rdomain, arg, line);
never executed: debug("user %.100s matched 'RDomain %.100s' at " "line %d", ci->rdomain, arg, line);
0
1137 } else {-
1138 error("Unsupported Match attribute %s", attrib);-
1139 return -1;
never executed: return -1;
0
1140 }-
1141 }-
1142 if (attributes == 0) {
attributes == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1143 error("One or more attributes required for Match");-
1144 return -1;
never executed: return -1;
0
1145 }-
1146 if (ci != NULL)
ci != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1147 debug3("match %sfound", result ? "" : "not ");
never executed: debug3("match %sfound", result ? "" : "not ");
0
1148 *condition = cp;-
1149 return result;
never executed: return result;
0
1150}-
1151-
1152#define WHITESPACE " \t\r\n"-
1153-
1154/* Multistate option parsing */-
1155struct multistate {-
1156 char *key;-
1157 int value;-
1158};-
1159static const struct multistate multistate_flag[] = {-
1160 { "yes", 1 },-
1161 { "no", 0 },-
1162 { NULL, -1 }-
1163};-
1164static const struct multistate multistate_addressfamily[] = {-
1165 { "inet", AF_INET },-
1166 { "inet6", AF_INET6 },-
1167 { "any", AF_UNSPEC },-
1168 { NULL, -1 }-
1169};-
1170static const struct multistate multistate_permitrootlogin[] = {-
1171 { "without-password", PERMIT_NO_PASSWD },-
1172 { "prohibit-password", PERMIT_NO_PASSWD },-
1173 { "forced-commands-only", PERMIT_FORCED_ONLY },-
1174 { "yes", PERMIT_YES },-
1175 { "no", PERMIT_NO },-
1176 { NULL, -1 }-
1177};-
1178static const struct multistate multistate_compression[] = {-
1179 { "yes", COMP_DELAYED },-
1180 { "delayed", COMP_DELAYED },-
1181 { "no", COMP_NONE },-
1182 { NULL, -1 }-
1183};-
1184static const struct multistate multistate_gatewayports[] = {-
1185 { "clientspecified", 2 },-
1186 { "yes", 1 },-
1187 { "no", 0 },-
1188 { NULL, -1 }-
1189};-
1190static const struct multistate multistate_tcpfwd[] = {-
1191 { "yes", FORWARD_ALLOW },-
1192 { "all", FORWARD_ALLOW },-
1193 { "no", FORWARD_DENY },-
1194 { "remote", FORWARD_REMOTE },-
1195 { "local", FORWARD_LOCAL },-
1196 { NULL, -1 }-
1197};-
1198-
1199int-
1200process_server_config_line(ServerOptions *options, char *line,-
1201 const char *filename, int linenum, int *activep,-
1202 struct connection_info *connectinfo)-
1203{-
1204 char *cp, ***chararrayptr, **charptr, *arg, *arg2, *p;-
1205 int cmdline = 0, *intptr, value, value2, n, port;-
1206 SyslogFacility *log_facility_ptr;-
1207 LogLevel *log_level_ptr;-
1208 ServerOpCodes opcode;-
1209 u_int i, *uintptr, uvalue, flags = 0;-
1210 size_t len;-
1211 long long val64;-
1212 const struct multistate *multistate_ptr;-
1213 const char *errstr;-
1214-
1215 /* Strip trailing whitespace. Allow \f (form feed) at EOL only */-
1216 if ((len = strlen(line)) == 0)
(len = strlen(line)) == 0Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • sshd
FALSEevaluated 25 times by 1 test
Evaluated by:
  • sshd
4-25
1217 return 0;
executed 4 times by 1 test: return 0;
Executed by:
  • sshd
4
1218 for (len--; len > 0; len--) {
len > 0Description
TRUEevaluated 25 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-25
1219 if (strchr(WHITESPACE "\f", line[len]) == NULL)
(__extension__...== ((void *)0)Description
TRUEevaluated 25 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
__builtin_cons... ( line[len] )Description
TRUEnever evaluated
FALSEevaluated 25 times by 1 test
Evaluated by:
  • sshd
!__builtin_con...\t\r\n" "\f" )Description
TRUEnever evaluated
FALSEnever evaluated
( line[len] ) == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0-25
1220 break;
executed 25 times by 1 test: break;
Executed by:
  • sshd
25
1221 line[len] = '\0';-
1222 }
never executed: end of block
0
1223-
1224 cp = line;-
1225 if ((arg = strdelim(&cp)) == NULL)
(arg = strdeli...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 25 times by 1 test
Evaluated by:
  • sshd
0-25
1226 return 0;
never executed: return 0;
0
1227 /* Ignore leading whitespace */-
1228 if (*arg == '\0')
*arg == '\0'Description
TRUEnever evaluated
FALSEevaluated 25 times by 1 test
Evaluated by:
  • sshd
0-25
1229 arg = strdelim(&cp);
never executed: arg = strdelim(&cp);
0
1230 if (!arg || !*arg || *arg == '#')
!argDescription
TRUEnever evaluated
FALSEevaluated 25 times by 1 test
Evaluated by:
  • sshd
!*argDescription
TRUEnever evaluated
FALSEevaluated 25 times by 1 test
Evaluated by:
  • sshd
*arg == '#'Description
TRUEnever evaluated
FALSEevaluated 25 times by 1 test
Evaluated by:
  • sshd
0-25
1231 return 0;
never executed: return 0;
0
1232 intptr = NULL;-
1233 charptr = NULL;-
1234 opcode = parse_token(arg, filename, linenum, &flags);-
1235-
1236 if (activep == NULL) { /* We are processing a command line directive */
activep == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 25 times by 1 test
Evaluated by:
  • sshd
0-25
1237 cmdline = 1;-
1238 activep = &cmdline;-
1239 }
never executed: end of block
0
1240 if (*activep && opcode != sMatch)
*activepDescription
TRUEevaluated 25 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
opcode != sMatchDescription
TRUEevaluated 25 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-25
1241 debug3("%s:%d setting %s %s", filename, linenum, arg, cp);
executed 25 times by 1 test: debug3("%s:%d setting %s %s", filename, linenum, arg, cp);
Executed by:
  • sshd
25
1242 if (*activep == 0 && !(flags & SSHCFG_MATCH)) {
*activep == 0Description
TRUEnever evaluated
FALSEevaluated 25 times by 1 test
Evaluated by:
  • sshd
!(flags & 0x02)Description
TRUEnever evaluated
FALSEnever evaluated
0-25
1243 if (connectinfo == NULL) {
connectinfo == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1244 fatal("%s line %d: Directive '%s' is not allowed "-
1245 "within a Match block", filename, linenum, arg);-
1246 } else { /* this is a directive we have already processed */
never executed: end of block
0
1247 while (arg)
argDescription
TRUEnever evaluated
FALSEnever evaluated
0
1248 arg = strdelim(&cp);
never executed: arg = strdelim(&cp);
0
1249 return 0;
never executed: return 0;
0
1250 }-
1251 }-
1252-
1253 switch (opcode) {-
1254 /* Portable-specific options */-
1255 case sUsePAM:
never executed: case sUsePAM:
0
1256 intptr = &options->use_pam;-
1257 goto parse_flag;
never executed: goto parse_flag;
0
1258-
1259 /* Standard Options */-
1260 case sBadOption:
never executed: case sBadOption:
0
1261 return -1;
never executed: return -1;
0
1262 case sPort:
executed 2 times by 1 test: case sPort:
Executed by:
  • sshd
2
1263 /* ignore ports from configfile if cmdline specifies ports */-
1264 if (options->ports_from_cmdline)
options->ports_from_cmdlineDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
1265 return 0;
never executed: return 0;
0
1266 if (options->num_ports >= MAX_PORTS)
options->num_ports >= 256Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
1267 fatal("%s line %d: too many ports.",
never executed: fatal("%s line %d: too many ports.", filename, linenum);
0
1268 filename, linenum);
never executed: fatal("%s line %d: too many ports.", filename, linenum);
0
1269 arg = strdelim(&cp);-
1270 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
*arg == '\0'Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
1271 fatal("%s line %d: missing port number.",
never executed: fatal("%s line %d: missing port number.", filename, linenum);
0
1272 filename, linenum);
never executed: fatal("%s line %d: missing port number.", filename, linenum);
0
1273 options->ports[options->num_ports++] = a2port(arg);-
1274 if (options->ports[options->num_ports-1] <= 0)
options->ports..._ports-1] <= 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
1275 fatal("%s line %d: Badly formatted port number.",
never executed: fatal("%s line %d: Badly formatted port number.", filename, linenum);
0
1276 filename, linenum);
never executed: fatal("%s line %d: Badly formatted port number.", filename, linenum);
0
1277 break;
executed 2 times by 1 test: break;
Executed by:
  • sshd
2
1278-
1279 case sLoginGraceTime:
never executed: case sLoginGraceTime:
0
1280 intptr = &options->login_grace_time;-
1281 parse_time:
code before this statement never executed: parse_time:
0
1282 arg = strdelim(&cp);-
1283 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1284 fatal("%s line %d: missing time value.",
never executed: fatal("%s line %d: missing time value.", filename, linenum);
0
1285 filename, linenum);
never executed: fatal("%s line %d: missing time value.", filename, linenum);
0
1286 if ((value = convtime(arg)) == -1)
(value = convtime(arg)) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1287 fatal("%s line %d: invalid time value.",
never executed: fatal("%s line %d: invalid time value.", filename, linenum);
0
1288 filename, linenum);
never executed: fatal("%s line %d: invalid time value.", filename, linenum);
0
1289 if (*activep && *intptr == -1)
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
*intptr == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1290 *intptr = value;
never executed: *intptr = value;
0
1291 break;
never executed: break;
0
1292-
1293 case sListenAddress:
executed 2 times by 1 test: case sListenAddress:
Executed by:
  • sshd
2
1294 arg = strdelim(&cp);-
1295 if (arg == NULL || *arg == '\0')
arg == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
*arg == '\0'Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
1296 fatal("%s line %d: missing address",
never executed: fatal("%s line %d: missing address", filename, linenum);
0
1297 filename, linenum);
never executed: fatal("%s line %d: missing address", filename, linenum);
0
1298 /* check for bare IPv6 address: no "[]" and 2 or more ":" */-
1299 if (strchr(arg, '[') == NULL && (p = strchr(arg, ':')) != NULL
(__extension__...== ((void *)0)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
__builtin_constant_p ( '[' )Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
!__builtin_constant_p ( arg )Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
( '[' ) == '\0'Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
(p = (__extens...!= ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
__builtin_constant_p ( ':' )Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
!__builtin_constant_p ( arg )Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
( ':' ) == '\0'Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
1300 && strchr(p+1, ':') != NULL) {
(__extension__...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( ':' )Description
TRUEnever evaluated
FALSEnever evaluated
!__builtin_constant_p ( p+1 )Description
TRUEnever evaluated
FALSEnever evaluated
( ':' ) == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1301 port = 0;-
1302 p = arg;-
1303 } else {
never executed: end of block
0
1304 p = hpdelim(&arg);-
1305 if (p == NULL)
p == ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
1306 fatal("%s line %d: bad address:port usage",
never executed: fatal("%s line %d: bad address:port usage", filename, linenum);
0
1307 filename, linenum);
never executed: fatal("%s line %d: bad address:port usage", filename, linenum);
0
1308 p = cleanhostname(p);-
1309 if (arg == NULL)
arg == ((void *)0)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
1310 port = 0;
executed 2 times by 1 test: port = 0;
Executed by:
  • sshd
2
1311 else if ((port = a2port(arg)) <= 0)
(port = a2port(arg)) <= 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1312 fatal("%s line %d: bad port number",
never executed: fatal("%s line %d: bad port number", filename, linenum);
0
1313 filename, linenum);
never executed: fatal("%s line %d: bad port number", filename, linenum);
0
1314 }
executed 2 times by 1 test: end of block
Executed by:
  • sshd
2
1315 /* Optional routing table */-
1316 arg2 = NULL;-
1317 if ((arg = strdelim(&cp)) != NULL) {
(arg = strdeli...!= ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
1318 if (strcmp(arg, "rdomain") != 0 ||
never executed: __result = (((const unsigned char *) (const char *) ( arg ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "rdomain" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) != 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1319 (arg2 = strdelim(&cp)) == NULL)
(arg2 = strdel...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1320 fatal("%s line %d: bad ListenAddress syntax",
never executed: fatal("%s line %d: bad ListenAddress syntax", filename, linenum);
0
1321 filename, linenum);
never executed: fatal("%s line %d: bad ListenAddress syntax", filename, linenum);
0
1322 if (!valid_rdomain(arg2))
!valid_rdomain(arg2)Description
TRUEnever evaluated
FALSEnever evaluated
0
1323 fatal("%s line %d: bad routing domain",
never executed: fatal("%s line %d: bad routing domain", filename, linenum);
0
1324 filename, linenum);
never executed: fatal("%s line %d: bad routing domain", filename, linenum);
0
1325 }
never executed: end of block
0
1326-
1327 queue_listen_addr(options, p, arg2, port);-
1328-
1329 break;
executed 2 times by 1 test: break;
Executed by:
  • sshd
2
1330-
1331 case sAddressFamily:
executed 2 times by 1 test: case sAddressFamily:
Executed by:
  • sshd
2
1332 intptr = &options->address_family;-
1333 multistate_ptr = multistate_addressfamily;-
1334 parse_multistate:
code before this statement executed 2 times by 1 test: parse_multistate:
Executed by:
  • sshd
2
1335 arg = strdelim(&cp);-
1336 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEevaluated 5 times by 1 test
Evaluated by:
  • sshd
*arg == '\0'Description
TRUEnever evaluated
FALSEevaluated 5 times by 1 test
Evaluated by:
  • sshd
0-5
1337 fatal("%s line %d: missing argument.",
never executed: fatal("%s line %d: missing argument.", filename, linenum);
0
1338 filename, linenum);
never executed: fatal("%s line %d: missing argument.", filename, linenum);
0
1339 value = -1;-
1340 for (i = 0; multistate_ptr[i].key != NULL; i++) {
multistate_ptr...!= ((void *)0)Description
TRUEevaluated 8 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-8
1341 if (strcasecmp(arg, multistate_ptr[i].key) == 0) {
strcasecmp(arg...r[i].key) == 0Description
TRUEevaluated 5 times by 1 test
Evaluated by:
  • sshd
FALSEevaluated 3 times by 1 test
Evaluated by:
  • sshd
3-5
1342 value = multistate_ptr[i].value;-
1343 break;
executed 5 times by 1 test: break;
Executed by:
  • sshd
5
1344 }-
1345 }
executed 3 times by 1 test: end of block
Executed by:
  • sshd
3
1346 if (value == -1)
value == -1Description
TRUEnever evaluated
FALSEevaluated 5 times by 1 test
Evaluated by:
  • sshd
0-5
1347 fatal("%s line %d: unsupported option \"%s\".",
never executed: fatal("%s line %d: unsupported option \"%s\".", filename, linenum, arg);
0
1348 filename, linenum, arg);
never executed: fatal("%s line %d: unsupported option \"%s\".", filename, linenum, arg);
0
1349 if (*activep && *intptr == -1)
*activepDescription
TRUEevaluated 5 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
*intptr == -1Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • sshd
FALSEevaluated 1 time by 1 test
Evaluated by:
  • sshd
0-5
1350 *intptr = value;
executed 4 times by 1 test: *intptr = value;
Executed by:
  • sshd
4
1351 break;
executed 5 times by 1 test: break;
Executed by:
  • sshd
5
1352-
1353 case sHostKeyFile:
executed 4 times by 1 test: case sHostKeyFile:
Executed by:
  • sshd
4
1354 arg = strdelim(&cp);-
1355 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • sshd
*arg == '\0'Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • sshd
0-4
1356 fatal("%s line %d: missing file name.",
never executed: fatal("%s line %d: missing file name.", filename, linenum);
0
1357 filename, linenum);
never executed: fatal("%s line %d: missing file name.", filename, linenum);
0
1358 if (*activep)
*activepDescription
TRUEevaluated 4 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-4
1359 servconf_add_hostkey(filename, linenum, options, arg);
executed 4 times by 1 test: servconf_add_hostkey(filename, linenum, options, arg);
Executed by:
  • sshd
4
1360 break;
executed 4 times by 1 test: break;
Executed by:
  • sshd
4
1361-
1362 case sHostKeyAgent:
never executed: case sHostKeyAgent:
0
1363 charptr = &options->host_key_agent;-
1364 arg = strdelim(&cp);-
1365 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1366 fatal("%s line %d: missing socket name.",
never executed: fatal("%s line %d: missing socket name.", filename, linenum);
0
1367 filename, linenum);
never executed: fatal("%s line %d: missing socket name.", filename, linenum);
0
1368 if (*activep && *charptr == NULL)
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
*charptr == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1369 *charptr = !strcmp(arg, SSH_AUTHSOCKET_ENV_NAME) ?
never executed: *charptr = ! __extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p ( arg ) && __builtin_constant_p ( "SSH_AUTH_SOCK" ) && (__s1_len = __builtin_strlen ( arg ), __s2_len = __builtin_strlen ( "SSH_AUTH_SOCK" ), (!((size_t)(const void *)(( arg ) ...K" ))[2] - __s2[2]); if (__s2_len > 2 && __result == 0) __result = (((const unsigned char *) (const char *) ( "SSH_AUTH_SOCK" ))[3] - __s2[3]); } } __result; }))) : __builtin_strcmp ( arg , "SSH_AUTH_SOCK" )))); }) ? xstrdup(arg) : derelativise_path(arg);
never executed: __result = (((const unsigned char *) (const char *) ( arg ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "SSH_AUTH_SOCK" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
! __extension_...SOCK" )))); })Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1370 xstrdup(arg) : derelativise_path(arg);
never executed: *charptr = ! __extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p ( arg ) && __builtin_constant_p ( "SSH_AUTH_SOCK" ) && (__s1_len = __builtin_strlen ( arg ), __s2_len = __builtin_strlen ( "SSH_AUTH_SOCK" ), (!((size_t)(const void *)(( arg ) ...K" ))[2] - __s2[2]); if (__s2_len > 2 && __result == 0) __result = (((const unsigned char *) (const char *) ( "SSH_AUTH_SOCK" ))[3] - __s2[3]); } } __result; }))) : __builtin_strcmp ( arg , "SSH_AUTH_SOCK" )))); }) ? xstrdup(arg) : derelativise_path(arg);
0
1371 break;
never executed: break;
0
1372-
1373 case sHostCertificate:
never executed: case sHostCertificate:
0
1374 arg = strdelim(&cp);-
1375 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1376 fatal("%s line %d: missing file name.",
never executed: fatal("%s line %d: missing file name.", filename, linenum);
0
1377 filename, linenum);
never executed: fatal("%s line %d: missing file name.", filename, linenum);
0
1378 if (*activep)
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
0
1379 servconf_add_hostcert(filename, linenum, options, arg);
never executed: servconf_add_hostcert(filename, linenum, options, arg);
0
1380 break;
never executed: break;
0
1381-
1382 case sPidFile:
executed 2 times by 1 test: case sPidFile:
Executed by:
  • sshd
2
1383 charptr = &options->pid_file;-
1384 parse_filename:
code before this statement executed 2 times by 1 test: parse_filename:
Executed by:
  • sshd
2
1385 arg = strdelim(&cp);-
1386 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
*arg == '\0'Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
1387 fatal("%s line %d: missing file name.",
never executed: fatal("%s line %d: missing file name.", filename, linenum);
0
1388 filename, linenum);
never executed: fatal("%s line %d: missing file name.", filename, linenum);
0
1389 if (*activep && *charptr == NULL) {
*activepDescription
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
*charptr == ((void *)0)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
1390 *charptr = derelativise_path(arg);-
1391 /* increase optional counter */-
1392 if (intptr != NULL)
intptr != ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
1393 *intptr = *intptr + 1;
never executed: *intptr = *intptr + 1;
0
1394 }
executed 2 times by 1 test: end of block
Executed by:
  • sshd
2
1395 break;
executed 2 times by 1 test: break;
Executed by:
  • sshd
2
1396-
1397 case sPermitRootLogin:
never executed: case sPermitRootLogin:
0
1398 intptr = &options->permit_root_login;-
1399 multistate_ptr = multistate_permitrootlogin;-
1400 goto parse_multistate;
never executed: goto parse_multistate;
0
1401-
1402 case sIgnoreRhosts:
never executed: case sIgnoreRhosts:
0
1403 intptr = &options->ignore_rhosts;-
1404 parse_flag:
code before this statement never executed: parse_flag:
0
1405 multistate_ptr = multistate_flag;-
1406 goto parse_multistate;
executed 3 times by 1 test: goto parse_multistate;
Executed by:
  • sshd
3
1407-
1408 case sIgnoreUserKnownHosts:
never executed: case sIgnoreUserKnownHosts:
0
1409 intptr = &options->ignore_user_known_hosts;-
1410 goto parse_flag;
never executed: goto parse_flag;
0
1411-
1412 case sHostbasedAuthentication:
never executed: case sHostbasedAuthentication:
0
1413 intptr = &options->hostbased_authentication;-
1414 goto parse_flag;
never executed: goto parse_flag;
0
1415-
1416 case sHostbasedUsesNameFromPacketOnly:
never executed: case sHostbasedUsesNameFromPacketOnly:
0
1417 intptr = &options->hostbased_uses_name_from_packet_only;-
1418 goto parse_flag;
never executed: goto parse_flag;
0
1419-
1420 case sHostbasedAcceptedKeyTypes:
never executed: case sHostbasedAcceptedKeyTypes:
0
1421 charptr = &options->hostbased_key_types;-
1422 parse_keytypes:
code before this statement never executed: parse_keytypes:
0
1423 arg = strdelim(&cp);-
1424 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1425 fatal("%s line %d: Missing argument.",
never executed: fatal("%s line %d: Missing argument.", filename, linenum);
0
1426 filename, linenum);
never executed: fatal("%s line %d: Missing argument.", filename, linenum);
0
1427 if (*arg != '-' &&
*arg != '-'Description
TRUEnever evaluated
FALSEnever evaluated
0
1428 !sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1))
!sshkey_names_... + 1 : arg, 1)Description
TRUEnever evaluated
FALSEnever evaluated
0
1429 fatal("%s line %d: Bad key types '%s'.",
never executed: fatal("%s line %d: Bad key types '%s'.", filename, linenum, arg ? arg : "<NONE>");
0
1430 filename, linenum, arg ? arg : "<NONE>");
never executed: fatal("%s line %d: Bad key types '%s'.", filename, linenum, arg ? arg : "<NONE>");
0
1431 if (*activep && *charptr == NULL)
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
*charptr == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1432 *charptr = xstrdup(arg);
never executed: *charptr = xstrdup(arg);
0
1433 break;
never executed: break;
0
1434-
1435 case sHostKeyAlgorithms:
never executed: case sHostKeyAlgorithms:
0
1436 charptr = &options->hostkeyalgorithms;-
1437 goto parse_keytypes;
never executed: goto parse_keytypes;
0
1438-
1439 case sCASignatureAlgorithms:
never executed: case sCASignatureAlgorithms:
0
1440 charptr = &options->ca_sign_algorithms;-
1441 goto parse_keytypes;
never executed: goto parse_keytypes;
0
1442-
1443 case sPubkeyAuthentication:
never executed: case sPubkeyAuthentication:
0
1444 intptr = &options->pubkey_authentication;-
1445 goto parse_flag;
never executed: goto parse_flag;
0
1446-
1447 case sPubkeyAcceptedKeyTypes:
never executed: case sPubkeyAcceptedKeyTypes:
0
1448 charptr = &options->pubkey_key_types;-
1449 goto parse_keytypes;
never executed: goto parse_keytypes;
0
1450-
1451 case sKerberosAuthentication:
never executed: case sKerberosAuthentication:
0
1452 intptr = &options->kerberos_authentication;-
1453 goto parse_flag;
never executed: goto parse_flag;
0
1454-
1455 case sKerberosOrLocalPasswd:
never executed: case sKerberosOrLocalPasswd:
0
1456 intptr = &options->kerberos_or_local_passwd;-
1457 goto parse_flag;
never executed: goto parse_flag;
0
1458-
1459 case sKerberosTicketCleanup:
never executed: case sKerberosTicketCleanup:
0
1460 intptr = &options->kerberos_ticket_cleanup;-
1461 goto parse_flag;
never executed: goto parse_flag;
0
1462-
1463 case sKerberosGetAFSToken:
never executed: case sKerberosGetAFSToken:
0
1464 intptr = &options->kerberos_get_afs_token;-
1465 goto parse_flag;
never executed: goto parse_flag;
0
1466-
1467 case sGssAuthentication:
never executed: case sGssAuthentication:
0
1468 intptr = &options->gss_authentication;-
1469 goto parse_flag;
never executed: goto parse_flag;
0
1470-
1471 case sGssCleanupCreds:
never executed: case sGssCleanupCreds:
0
1472 intptr = &options->gss_cleanup_creds;-
1473 goto parse_flag;
never executed: goto parse_flag;
0
1474-
1475 case sGssStrictAcceptor:
never executed: case sGssStrictAcceptor:
0
1476 intptr = &options->gss_strict_acceptor;-
1477 goto parse_flag;
never executed: goto parse_flag;
0
1478-
1479 case sPasswordAuthentication:
never executed: case sPasswordAuthentication:
0
1480 intptr = &options->password_authentication;-
1481 goto parse_flag;
never executed: goto parse_flag;
0
1482-
1483 case sKbdInteractiveAuthentication:
never executed: case sKbdInteractiveAuthentication:
0
1484 intptr = &options->kbd_interactive_authentication;-
1485 goto parse_flag;
never executed: goto parse_flag;
0
1486-
1487 case sChallengeResponseAuthentication:
never executed: case sChallengeResponseAuthentication:
0
1488 intptr = &options->challenge_response_authentication;-
1489 goto parse_flag;
never executed: goto parse_flag;
0
1490-
1491 case sPrintMotd:
never executed: case sPrintMotd:
0
1492 intptr = &options->print_motd;-
1493 goto parse_flag;
never executed: goto parse_flag;
0
1494-
1495 case sPrintLastLog:
never executed: case sPrintLastLog:
0
1496 intptr = &options->print_lastlog;-
1497 goto parse_flag;
never executed: goto parse_flag;
0
1498-
1499 case sX11Forwarding:
never executed: case sX11Forwarding:
0
1500 intptr = &options->x11_forwarding;-
1501 goto parse_flag;
never executed: goto parse_flag;
0
1502-
1503 case sX11DisplayOffset:
never executed: case sX11DisplayOffset:
0
1504 intptr = &options->x11_display_offset;-
1505 parse_int:
code before this statement never executed: parse_int:
0
1506 arg = strdelim(&cp);-
1507 if ((errstr = atoi_err(arg, &value)) != NULL)
(errstr = atoi...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1508 fatal("%s line %d: integer value %s.",
never executed: fatal("%s line %d: integer value %s.", filename, linenum, errstr);
0
1509 filename, linenum, errstr);
never executed: fatal("%s line %d: integer value %s.", filename, linenum, errstr);
0
1510 if (*activep && *intptr == -1)
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
*intptr == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1511 *intptr = value;
never executed: *intptr = value;
0
1512 break;
never executed: break;
0
1513-
1514 case sX11UseLocalhost:
never executed: case sX11UseLocalhost:
0
1515 intptr = &options->x11_use_localhost;-
1516 goto parse_flag;
never executed: goto parse_flag;
0
1517-
1518 case sXAuthLocation:
never executed: case sXAuthLocation:
0
1519 charptr = &options->xauth_location;-
1520 goto parse_filename;
never executed: goto parse_filename;
0
1521-
1522 case sPermitTTY:
never executed: case sPermitTTY:
0
1523 intptr = &options->permit_tty;-
1524 goto parse_flag;
never executed: goto parse_flag;
0
1525-
1526 case sPermitUserRC:
never executed: case sPermitUserRC:
0
1527 intptr = &options->permit_user_rc;-
1528 goto parse_flag;
never executed: goto parse_flag;
0
1529-
1530 case sStrictModes:
executed 3 times by 1 test: case sStrictModes:
Executed by:
  • sshd
3
1531 intptr = &options->strict_modes;-
1532 goto parse_flag;
executed 3 times by 1 test: goto parse_flag;
Executed by:
  • sshd
3
1533-
1534 case sTCPKeepAlive:
never executed: case sTCPKeepAlive:
0
1535 intptr = &options->tcp_keep_alive;-
1536 goto parse_flag;
never executed: goto parse_flag;
0
1537-
1538 case sEmptyPasswd:
never executed: case sEmptyPasswd:
0
1539 intptr = &options->permit_empty_passwd;-
1540 goto parse_flag;
never executed: goto parse_flag;
0
1541-
1542 case sPermitUserEnvironment:
never executed: case sPermitUserEnvironment:
0
1543 intptr = &options->permit_user_env;-
1544 charptr = &options->permit_user_env_whitelist;-
1545 arg = strdelim(&cp);-
1546 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1547 fatal("%s line %d: missing argument.",
never executed: fatal("%s line %d: missing argument.", filename, linenum);
0
1548 filename, linenum);
never executed: fatal("%s line %d: missing argument.", filename, linenum);
0
1549 value = 0;-
1550 p = NULL;-
1551 if (strcmp(arg, "yes") == 0)
never executed: __result = (((const unsigned char *) (const char *) ( arg ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "yes" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1552 value = 1;
never executed: value = 1;
0
1553 else if (strcmp(arg, "no") == 0)
never executed: __result = (((const unsigned char *) (const char *) ( arg ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "no" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1554 value = 0;
never executed: value = 0;
0
1555 else {-
1556 /* Pattern-list specified */-
1557 value = 1;-
1558 p = xstrdup(arg);-
1559 }
never executed: end of block
0
1560 if (*activep && *intptr == -1) {
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
*intptr == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1561 *intptr = value;-
1562 *charptr = p;-
1563 p = NULL;-
1564 }
never executed: end of block
0
1565 free(p);-
1566 break;
never executed: break;
0
1567-
1568 case sCompression:
never executed: case sCompression:
0
1569 intptr = &options->compression;-
1570 multistate_ptr = multistate_compression;-
1571 goto parse_multistate;
never executed: goto parse_multistate;
0
1572-
1573 case sRekeyLimit:
never executed: case sRekeyLimit:
0
1574 arg = strdelim(&cp);-
1575 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1576 fatal("%.200s line %d: Missing argument.", filename,
never executed: fatal("%.200s line %d: Missing argument.", filename, linenum);
0
1577 linenum);
never executed: fatal("%.200s line %d: Missing argument.", filename, linenum);
0
1578 if (strcmp(arg, "default") == 0) {
never executed: __result = (((const unsigned char *) (const char *) ( arg ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "default" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1579 val64 = 0;-
1580 } else {
never executed: end of block
0
1581 if (scan_scaled(arg, &val64) == -1)
scan_scaled(arg, &val64) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1582 fatal("%.200s line %d: Bad number '%s': %s",
never executed: fatal("%.200s line %d: Bad number '%s': %s", filename, linenum, arg, strerror( (*__errno_location ()) ));
0
1583 filename, linenum, arg, strerror(errno));
never executed: fatal("%.200s line %d: Bad number '%s': %s", filename, linenum, arg, strerror( (*__errno_location ()) ));
0
1584 if (val64 != 0 && val64 < 16)
val64 != 0Description
TRUEnever evaluated
FALSEnever evaluated
val64 < 16Description
TRUEnever evaluated
FALSEnever evaluated
0
1585 fatal("%.200s line %d: RekeyLimit too small",
never executed: fatal("%.200s line %d: RekeyLimit too small", filename, linenum);
0
1586 filename, linenum);
never executed: fatal("%.200s line %d: RekeyLimit too small", filename, linenum);
0
1587 }
never executed: end of block
0
1588 if (*activep && options->rekey_limit == -1)
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
options->rekey_limit == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1589 options->rekey_limit = val64;
never executed: options->rekey_limit = val64;
0
1590 if (cp != NULL) { /* optional rekey interval present */
cp != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1591 if (strcmp(cp, "none") == 0) {
never executed: __result = (((const unsigned char *) (const char *) ( cp ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "none" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1592 (void)strdelim(&cp); /* discard */-
1593 break;
never executed: break;
0
1594 }-
1595 intptr = &options->rekey_interval;-
1596 goto parse_time;
never executed: goto parse_time;
0
1597 }-
1598 break;
never executed: break;
0
1599-
1600 case sGatewayPorts:
never executed: case sGatewayPorts:
0
1601 intptr = &options->fwd_opts.gateway_ports;-
1602 multistate_ptr = multistate_gatewayports;-
1603 goto parse_multistate;
never executed: goto parse_multistate;
0
1604-
1605 case sUseDNS:
never executed: case sUseDNS:
0
1606 intptr = &options->use_dns;-
1607 goto parse_flag;
never executed: goto parse_flag;
0
1608-
1609 case sLogFacility:
never executed: case sLogFacility:
0
1610 log_facility_ptr = &options->log_facility;-
1611 arg = strdelim(&cp);-
1612 value = log_facility_number(arg);-
1613 if (value == SYSLOG_FACILITY_NOT_SET)
value == SYSLO...CILITY_NOT_SETDescription
TRUEnever evaluated
FALSEnever evaluated
0
1614 fatal("%.200s line %d: unsupported log facility '%s'",
never executed: fatal("%.200s line %d: unsupported log facility '%s'", filename, linenum, arg ? arg : "<NONE>");
0
1615 filename, linenum, arg ? arg : "<NONE>");
never executed: fatal("%.200s line %d: unsupported log facility '%s'", filename, linenum, arg ? arg : "<NONE>");
0
1616 if (*log_facility_ptr == -1)
*log_facility_ptr == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1617 *log_facility_ptr = (SyslogFacility) value;
never executed: *log_facility_ptr = (SyslogFacility) value;
0
1618 break;
never executed: break;
0
1619-
1620 case sLogLevel:
executed 2 times by 1 test: case sLogLevel:
Executed by:
  • sshd
2
1621 log_level_ptr = &options->log_level;-
1622 arg = strdelim(&cp);-
1623 value = log_level_number(arg);-
1624 if (value == SYSLOG_LEVEL_NOT_SET)
value == SYSLOG_LEVEL_NOT_SETDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
1625 fatal("%.200s line %d: unsupported log level '%s'",
never executed: fatal("%.200s line %d: unsupported log level '%s'", filename, linenum, arg ? arg : "<NONE>");
0
1626 filename, linenum, arg ? arg : "<NONE>");
never executed: fatal("%.200s line %d: unsupported log level '%s'", filename, linenum, arg ? arg : "<NONE>");
0
1627 if (*activep && *log_level_ptr == -1)
*activepDescription
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
*log_level_ptr == -1Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
1628 *log_level_ptr = (LogLevel) value;
executed 2 times by 1 test: *log_level_ptr = (LogLevel) value;
Executed by:
  • sshd
2
1629 break;
executed 2 times by 1 test: break;
Executed by:
  • sshd
2
1630-
1631 case sAllowTcpForwarding:
never executed: case sAllowTcpForwarding:
0
1632 intptr = &options->allow_tcp_forwarding;-
1633 multistate_ptr = multistate_tcpfwd;-
1634 goto parse_multistate;
never executed: goto parse_multistate;
0
1635-
1636 case sAllowStreamLocalForwarding:
never executed: case sAllowStreamLocalForwarding:
0
1637 intptr = &options->allow_streamlocal_forwarding;-
1638 multistate_ptr = multistate_tcpfwd;-
1639 goto parse_multistate;
never executed: goto parse_multistate;
0
1640-
1641 case sAllowAgentForwarding:
never executed: case sAllowAgentForwarding:
0
1642 intptr = &options->allow_agent_forwarding;-
1643 goto parse_flag;
never executed: goto parse_flag;
0
1644-
1645 case sDisableForwarding:
never executed: case sDisableForwarding:
0
1646 intptr = &options->disable_forwarding;-
1647 goto parse_flag;
never executed: goto parse_flag;
0
1648-
1649 case sAllowUsers:
never executed: case sAllowUsers:
0
1650 while ((arg = strdelim(&cp)) && *arg != '\0') {
(arg = strdelim(&cp))Description
TRUEnever evaluated
FALSEnever evaluated
*arg != '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1651 if (match_user(NULL, NULL, NULL, arg) == -1)
match_user( ((...) , arg) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1652 fatal("%s line %d: invalid AllowUsers pattern: "
never executed: fatal("%s line %d: invalid AllowUsers pattern: " "\"%.100s\"", filename, linenum, arg);
0
1653 "\"%.100s\"", filename, linenum, arg);
never executed: fatal("%s line %d: invalid AllowUsers pattern: " "\"%.100s\"", filename, linenum, arg);
0
1654 if (!*activep)
!*activepDescription
TRUEnever evaluated
FALSEnever evaluated
0
1655 continue;
never executed: continue;
0
1656 array_append(filename, linenum, "AllowUsers",-
1657 &options->allow_users, &options->num_allow_users,-
1658 arg);-
1659 }
never executed: end of block
0
1660 break;
never executed: break;
0
1661-
1662 case sDenyUsers:
never executed: case sDenyUsers:
0
1663 while ((arg = strdelim(&cp)) && *arg != '\0') {
(arg = strdelim(&cp))Description
TRUEnever evaluated
FALSEnever evaluated
*arg != '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1664 if (match_user(NULL, NULL, NULL, arg) == -1)
match_user( ((...) , arg) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1665 fatal("%s line %d: invalid DenyUsers pattern: "
never executed: fatal("%s line %d: invalid DenyUsers pattern: " "\"%.100s\"", filename, linenum, arg);
0
1666 "\"%.100s\"", filename, linenum, arg);
never executed: fatal("%s line %d: invalid DenyUsers pattern: " "\"%.100s\"", filename, linenum, arg);
0
1667 if (!*activep)
!*activepDescription
TRUEnever evaluated
FALSEnever evaluated
0
1668 continue;
never executed: continue;
0
1669 array_append(filename, linenum, "DenyUsers",-
1670 &options->deny_users, &options->num_deny_users,-
1671 arg);-
1672 }
never executed: end of block
0
1673 break;
never executed: break;
0
1674-
1675 case sAllowGroups:
never executed: case sAllowGroups:
0
1676 while ((arg = strdelim(&cp)) && *arg != '\0') {
(arg = strdelim(&cp))Description
TRUEnever evaluated
FALSEnever evaluated
*arg != '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1677 if (!*activep)
!*activepDescription
TRUEnever evaluated
FALSEnever evaluated
0
1678 continue;
never executed: continue;
0
1679 array_append(filename, linenum, "AllowGroups",-
1680 &options->allow_groups, &options->num_allow_groups,-
1681 arg);-
1682 }
never executed: end of block
0
1683 break;
never executed: break;
0
1684-
1685 case sDenyGroups:
never executed: case sDenyGroups:
0
1686 while ((arg = strdelim(&cp)) && *arg != '\0') {
(arg = strdelim(&cp))Description
TRUEnever evaluated
FALSEnever evaluated
*arg != '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1687 if (!*activep)
!*activepDescription
TRUEnever evaluated
FALSEnever evaluated
0
1688 continue;
never executed: continue;
0
1689 array_append(filename, linenum, "DenyGroups",-
1690 &options->deny_groups, &options->num_deny_groups,-
1691 arg);-
1692 }
never executed: end of block
0
1693 break;
never executed: break;
0
1694-
1695 case sCiphers:
never executed: case sCiphers:
0
1696 arg = strdelim(&cp);-
1697 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1698 fatal("%s line %d: Missing argument.", filename, linenum);
never executed: fatal("%s line %d: Missing argument.", filename, linenum);
0
1699 if (*arg != '-' && !ciphers_valid(*arg == '+' ? arg + 1 : arg))
*arg != '-'Description
TRUEnever evaluated
FALSEnever evaluated
!ciphers_valid...arg + 1 : arg)Description
TRUEnever evaluated
FALSEnever evaluated
0
1700 fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
never executed: fatal("%s line %d: Bad SSH2 cipher spec '%s'.", filename, linenum, arg ? arg : "<NONE>");
0
1701 filename, linenum, arg ? arg : "<NONE>");
never executed: fatal("%s line %d: Bad SSH2 cipher spec '%s'.", filename, linenum, arg ? arg : "<NONE>");
0
1702 if (options->ciphers == NULL)
options->ciphe...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1703 options->ciphers = xstrdup(arg);
never executed: options->ciphers = xstrdup(arg);
0
1704 break;
never executed: break;
0
1705-
1706 case sMacs:
never executed: case sMacs:
0
1707 arg = strdelim(&cp);-
1708 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1709 fatal("%s line %d: Missing argument.", filename, linenum);
never executed: fatal("%s line %d: Missing argument.", filename, linenum);
0
1710 if (*arg != '-' && !mac_valid(*arg == '+' ? arg + 1 : arg))
*arg != '-'Description
TRUEnever evaluated
FALSEnever evaluated
!mac_valid(*ar...arg + 1 : arg)Description
TRUEnever evaluated
FALSEnever evaluated
0
1711 fatal("%s line %d: Bad SSH2 mac spec '%s'.",
never executed: fatal("%s line %d: Bad SSH2 mac spec '%s'.", filename, linenum, arg ? arg : "<NONE>");
0
1712 filename, linenum, arg ? arg : "<NONE>");
never executed: fatal("%s line %d: Bad SSH2 mac spec '%s'.", filename, linenum, arg ? arg : "<NONE>");
0
1713 if (options->macs == NULL)
options->macs == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1714 options->macs = xstrdup(arg);
never executed: options->macs = xstrdup(arg);
0
1715 break;
never executed: break;
0
1716-
1717 case sKexAlgorithms:
never executed: case sKexAlgorithms:
0
1718 arg = strdelim(&cp);-
1719 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1720 fatal("%s line %d: Missing argument.",
never executed: fatal("%s line %d: Missing argument.", filename, linenum);
0
1721 filename, linenum);
never executed: fatal("%s line %d: Missing argument.", filename, linenum);
0
1722 if (*arg != '-' &&
*arg != '-'Description
TRUEnever evaluated
FALSEnever evaluated
0
1723 !kex_names_valid(*arg == '+' ? arg + 1 : arg))
!kex_names_val...arg + 1 : arg)Description
TRUEnever evaluated
FALSEnever evaluated
0
1724 fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.",
never executed: fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.", filename, linenum, arg ? arg : "<NONE>");
0
1725 filename, linenum, arg ? arg : "<NONE>");
never executed: fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.", filename, linenum, arg ? arg : "<NONE>");
0
1726 if (options->kex_algorithms == NULL)
options->kex_a...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1727 options->kex_algorithms = xstrdup(arg);
never executed: options->kex_algorithms = xstrdup(arg);
0
1728 break;
never executed: break;
0
1729-
1730 case sSubsystem:
executed 2 times by 1 test: case sSubsystem:
Executed by:
  • sshd
2
1731 if (options->num_subsystems >= MAX_SUBSYSTEMS) {
options->num_subsystems >= 256Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
1732 fatal("%s line %d: too many subsystems defined.",-
1733 filename, linenum);-
1734 }
never executed: end of block
0
1735 arg = strdelim(&cp);-
1736 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
*arg == '\0'Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
1737 fatal("%s line %d: Missing subsystem name.",
never executed: fatal("%s line %d: Missing subsystem name.", filename, linenum);
0
1738 filename, linenum);
never executed: fatal("%s line %d: Missing subsystem name.", filename, linenum);
0
1739 if (!*activep) {
!*activepDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
1740 arg = strdelim(&cp);-
1741 break;
never executed: break;
0
1742 }-
1743 for (i = 0; i < options->num_subsystems; i++)
i < options->num_subsystemsDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
1744 if (strcmp(arg, options->subsystem_name[i]) == 0)
never executed: __result = (((const unsigned char *) (const char *) ( arg ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( options->subsystem_name[i] ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1745 fatal("%s line %d: Subsystem '%s' already defined.",
never executed: fatal("%s line %d: Subsystem '%s' already defined.", filename, linenum, arg);
0
1746 filename, linenum, arg);
never executed: fatal("%s line %d: Subsystem '%s' already defined.", filename, linenum, arg);
0
1747 options->subsystem_name[options->num_subsystems] = xstrdup(arg);-
1748 arg = strdelim(&cp);-
1749 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
*arg == '\0'Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
1750 fatal("%s line %d: Missing subsystem command.",
never executed: fatal("%s line %d: Missing subsystem command.", filename, linenum);
0
1751 filename, linenum);
never executed: fatal("%s line %d: Missing subsystem command.", filename, linenum);
0
1752 options->subsystem_command[options->num_subsystems] = xstrdup(arg);-
1753-
1754 /* Collect arguments (separate to executable) */-
1755 p = xstrdup(arg);-
1756 len = strlen(p) + 1;-
1757 while ((arg = strdelim(&cp)) != NULL && *arg != '\0') {
(arg = strdeli...!= ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
*arg != '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0-2
1758 len += 1 + strlen(arg);-
1759 p = xreallocarray(p, 1, len);-
1760 strlcat(p, " ", len);-
1761 strlcat(p, arg, len);-
1762 }
never executed: end of block
0
1763 options->subsystem_args[options->num_subsystems] = p;-
1764 options->num_subsystems++;-
1765 break;
executed 2 times by 1 test: break;
Executed by:
  • sshd
2
1766-
1767 case sMaxStartups:
never executed: case sMaxStartups:
0
1768 arg = strdelim(&cp);-
1769 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1770 fatal("%s line %d: Missing MaxStartups spec.",
never executed: fatal("%s line %d: Missing MaxStartups spec.", filename, linenum);
0
1771 filename, linenum);
never executed: fatal("%s line %d: Missing MaxStartups spec.", filename, linenum);
0
1772 if ((n = sscanf(arg, "%d:%d:%d",
(n = sscanf(ar...tartups)) == 3Description
TRUEnever evaluated
FALSEnever evaluated
0
1773 &options->max_startups_begin,
(n = sscanf(ar...tartups)) == 3Description
TRUEnever evaluated
FALSEnever evaluated
0
1774 &options->max_startups_rate,
(n = sscanf(ar...tartups)) == 3Description
TRUEnever evaluated
FALSEnever evaluated
0
1775 &options->max_startups)) == 3) {
(n = sscanf(ar...tartups)) == 3Description
TRUEnever evaluated
FALSEnever evaluated
0
1776 if (options->max_startups_begin >
options->max_s...->max_startupsDescription
TRUEnever evaluated
FALSEnever evaluated
0
1777 options->max_startups ||
options->max_s...->max_startupsDescription
TRUEnever evaluated
FALSEnever evaluated
0
1778 options->max_startups_rate > 100 ||
options->max_s...ups_rate > 100Description
TRUEnever evaluated
FALSEnever evaluated
0
1779 options->max_startups_rate < 1)
options->max_startups_rate < 1Description
TRUEnever evaluated
FALSEnever evaluated
0
1780 fatal("%s line %d: Illegal MaxStartups spec.",
never executed: fatal("%s line %d: Illegal MaxStartups spec.", filename, linenum);
0
1781 filename, linenum);
never executed: fatal("%s line %d: Illegal MaxStartups spec.", filename, linenum);
0
1782 } else if (n != 1)
never executed: end of block
n != 1Description
TRUEnever evaluated
FALSEnever evaluated
0
1783 fatal("%s line %d: Illegal MaxStartups spec.",
never executed: fatal("%s line %d: Illegal MaxStartups spec.", filename, linenum);
0
1784 filename, linenum);
never executed: fatal("%s line %d: Illegal MaxStartups spec.", filename, linenum);
0
1785 else-
1786 options->max_startups = options->max_startups_begin;
never executed: options->max_startups = options->max_startups_begin;
0
1787 break;
never executed: break;
0
1788-
1789 case sMaxAuthTries:
never executed: case sMaxAuthTries:
0
1790 intptr = &options->max_authtries;-
1791 goto parse_int;
never executed: goto parse_int;
0
1792-
1793 case sMaxSessions:
never executed: case sMaxSessions:
0
1794 intptr = &options->max_sessions;-
1795 goto parse_int;
never executed: goto parse_int;
0
1796-
1797 case sBanner:
never executed: case sBanner:
0
1798 charptr = &options->banner;-
1799 goto parse_filename;
never executed: goto parse_filename;
0
1800-
1801 /*-
1802 * These options can contain %X options expanded at-
1803 * connect time, so that you can specify paths like:-
1804 *-
1805 * AuthorizedKeysFile /etc/ssh_keys/%u-
1806 */-
1807 case sAuthorizedKeysFile:
executed 2 times by 1 test: case sAuthorizedKeysFile:
Executed by:
  • sshd
2
1808 if (*activep && options->num_authkeys_files == 0) {
*activepDescription
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
options->num_a...eys_files == 0Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
1809 while ((arg = strdelim(&cp)) && *arg != '\0') {
(arg = strdelim(&cp))Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
*arg != '\0'Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-2
1810 arg = tilde_expand_filename(arg, getuid());-
1811 array_append(filename, linenum,-
1812 "AuthorizedKeysFile",-
1813 &options->authorized_keys_files,-
1814 &options->num_authkeys_files, arg);-
1815 free(arg);-
1816 }
executed 2 times by 1 test: end of block
Executed by:
  • sshd
2
1817 }
executed 2 times by 1 test: end of block
Executed by:
  • sshd
2
1818 return 0;
executed 2 times by 1 test: return 0;
Executed by:
  • sshd
2
1819-
1820 case sAuthorizedPrincipalsFile:
never executed: case sAuthorizedPrincipalsFile:
0
1821 charptr = &options->authorized_principals_file;-
1822 arg = strdelim(&cp);-
1823 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1824 fatal("%s line %d: missing file name.",
never executed: fatal("%s line %d: missing file name.", filename, linenum);
0
1825 filename, linenum);
never executed: fatal("%s line %d: missing file name.", filename, linenum);
0
1826 if (*activep && *charptr == NULL) {
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
*charptr == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1827 *charptr = tilde_expand_filename(arg, getuid());-
1828 /* increase optional counter */-
1829 if (intptr != NULL)
intptr != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1830 *intptr = *intptr + 1;
never executed: *intptr = *intptr + 1;
0
1831 }
never executed: end of block
0
1832 break;
never executed: break;
0
1833-
1834 case sClientAliveInterval:
never executed: case sClientAliveInterval:
0
1835 intptr = &options->client_alive_interval;-
1836 goto parse_time;
never executed: goto parse_time;
0
1837-
1838 case sClientAliveCountMax:
never executed: case sClientAliveCountMax:
0
1839 intptr = &options->client_alive_count_max;-
1840 goto parse_int;
never executed: goto parse_int;
0
1841-
1842 case sAcceptEnv:
executed 4 times by 1 test: case sAcceptEnv:
Executed by:
  • sshd
4
1843 while ((arg = strdelim(&cp)) && *arg != '\0') {
(arg = strdelim(&cp))Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • sshd
FALSEevaluated 4 times by 1 test
Evaluated by:
  • sshd
*arg != '\0'Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
0-4
1844 if (strchr(arg, '=') != NULL)
(__extension__...!= ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • sshd
__builtin_constant_p ( '=' )Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
!__builtin_constant_p ( arg )Description
TRUEevaluated 4 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
( '=' ) == '\0'Description
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • sshd
0-4
1845 fatal("%s line %d: Invalid environment name.",
never executed: fatal("%s line %d: Invalid environment name.", filename, linenum);
0
1846 filename, linenum);
never executed: fatal("%s line %d: Invalid environment name.", filename, linenum);
0
1847 if (!*activep)
!*activepDescription
TRUEnever evaluated
FALSEevaluated 4 times by 1 test
Evaluated by:
  • sshd
0-4
1848 continue;
never executed: continue;
0
1849 array_append(filename, linenum, "AcceptEnv",-
1850 &options->accept_env, &options->num_accept_env,-
1851 arg);-
1852 }
executed 4 times by 1 test: end of block
Executed by:
  • sshd
4
1853 break;
executed 4 times by 1 test: break;
Executed by:
  • sshd
4
1854-
1855 case sSetEnv:
never executed: case sSetEnv:
0
1856 uvalue = options->num_setenv;-
1857 while ((arg = strdelimw(&cp)) && *arg != '\0') {
(arg = strdelimw(&cp))Description
TRUEnever evaluated
FALSEnever evaluated
*arg != '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1858 if (strchr(arg, '=') == NULL)
(__extension__...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( '=' )Description
TRUEnever evaluated
FALSEnever evaluated
!__builtin_constant_p ( arg )Description
TRUEnever evaluated
FALSEnever evaluated
( '=' ) == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1859 fatal("%s line %d: Invalid environment.",
never executed: fatal("%s line %d: Invalid environment.", filename, linenum);
0
1860 filename, linenum);
never executed: fatal("%s line %d: Invalid environment.", filename, linenum);
0
1861 if (!*activep || uvalue != 0)
!*activepDescription
TRUEnever evaluated
FALSEnever evaluated
uvalue != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1862 continue;
never executed: continue;
0
1863 array_append(filename, linenum, "SetEnv",-
1864 &options->setenv, &options->num_setenv, arg);-
1865 }
never executed: end of block
0
1866 break;
never executed: break;
0
1867-
1868 case sPermitTunnel:
never executed: case sPermitTunnel:
0
1869 intptr = &options->permit_tun;-
1870 arg = strdelim(&cp);-
1871 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1872 fatal("%s line %d: Missing yes/point-to-point/"
never executed: fatal("%s line %d: Missing yes/point-to-point/" "ethernet/no argument.", filename, linenum);
0
1873 "ethernet/no argument.", filename, linenum);
never executed: fatal("%s line %d: Missing yes/point-to-point/" "ethernet/no argument.", filename, linenum);
0
1874 value = -1;-
1875 for (i = 0; tunmode_desc[i].val != -1; i++)
tunmode_desc[i].val != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1876 if (strcmp(tunmode_desc[i].text, arg) == 0) {
never executed: __result = (((const unsigned char *) (const char *) ( tunmode_desc[i].text ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( arg ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1877 value = tunmode_desc[i].val;-
1878 break;
never executed: break;
0
1879 }-
1880 if (value == -1)
value == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1881 fatal("%s line %d: Bad yes/point-to-point/ethernet/"
never executed: fatal("%s line %d: Bad yes/point-to-point/ethernet/" "no argument: %s", filename, linenum, arg);
0
1882 "no argument: %s", filename, linenum, arg);
never executed: fatal("%s line %d: Bad yes/point-to-point/ethernet/" "no argument: %s", filename, linenum, arg);
0
1883 if (*activep && *intptr == -1)
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
*intptr == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1884 *intptr = value;
never executed: *intptr = value;
0
1885 break;
never executed: break;
0
1886-
1887 case sMatch:
never executed: case sMatch:
0
1888 if (cmdline)
cmdlineDescription
TRUEnever evaluated
FALSEnever evaluated
0
1889 fatal("Match directive not supported as a command-line "
never executed: fatal("Match directive not supported as a command-line " "option");
0
1890 "option");
never executed: fatal("Match directive not supported as a command-line " "option");
0
1891 value = match_cfg_line(&cp, linenum, connectinfo);-
1892 if (value < 0)
value < 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1893 fatal("%s line %d: Bad Match condition", filename,
never executed: fatal("%s line %d: Bad Match condition", filename, linenum);
0
1894 linenum);
never executed: fatal("%s line %d: Bad Match condition", filename, linenum);
0
1895 *activep = value;-
1896 break;
never executed: break;
0
1897-
1898 case sPermitListen:
never executed: case sPermitListen:
0
1899 case sPermitOpen:
never executed: case sPermitOpen:
0
1900 if (opcode == sPermitListen) {
opcode == sPermitListenDescription
TRUEnever evaluated
FALSEnever evaluated
0
1901 uintptr = &options->num_permitted_listens;-
1902 chararrayptr = &options->permitted_listens;-
1903 } else {
never executed: end of block
0
1904 uintptr = &options->num_permitted_opens;-
1905 chararrayptr = &options->permitted_opens;-
1906 }
never executed: end of block
0
1907 arg = strdelim(&cp);-
1908 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1909 fatal("%s line %d: missing %s specification",
never executed: fatal("%s line %d: missing %s specification", filename, linenum, lookup_opcode_name(opcode));
0
1910 filename, linenum, lookup_opcode_name(opcode));
never executed: fatal("%s line %d: missing %s specification", filename, linenum, lookup_opcode_name(opcode));
0
1911 uvalue = *uintptr; /* modified later */-
1912 if (strcmp(arg, "any") == 0 || strcmp(arg, "none") == 0) {
never executed: __result = (((const unsigned char *) (const char *) ( arg ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "any" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( arg ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "none" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1913 if (*activep && uvalue == 0) {
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
uvalue == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1914 *uintptr = 1;-
1915 *chararrayptr = xcalloc(1,-
1916 sizeof(**chararrayptr));-
1917 (*chararrayptr)[0] = xstrdup(arg);-
1918 }
never executed: end of block
0
1919 break;
never executed: break;
0
1920 }-
1921 for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) {
arg != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
*arg != '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1922 if (opcode == sPermitListen &&
opcode == sPermitListenDescription
TRUEnever evaluated
FALSEnever evaluated
0
1923 strchr(arg, ':') == NULL) {
(__extension__...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( ':' )Description
TRUEnever evaluated
FALSEnever evaluated
!__builtin_constant_p ( arg )Description
TRUEnever evaluated
FALSEnever evaluated
( ':' ) == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1924 /*-
1925 * Allow bare port number for PermitListen-
1926 * to indicate a wildcard listen host.-
1927 */-
1928 xasprintf(&arg2, "*:%s", arg);-
1929 } else {
never executed: end of block
0
1930 arg2 = xstrdup(arg);-
1931 p = hpdelim(&arg);-
1932 if (p == NULL) {
p == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1933 fatal("%s line %d: missing host in %s",-
1934 filename, linenum,-
1935 lookup_opcode_name(opcode));-
1936 }
never executed: end of block
0
1937 p = cleanhostname(p);-
1938 }
never executed: end of block
0
1939 if (arg == NULL ||
arg == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1940 ((port = permitopen_port(arg)) < 0)) {
((port = permi...ort(arg)) < 0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1941 fatal("%s line %d: bad port number in %s",-
1942 filename, linenum,-
1943 lookup_opcode_name(opcode));-
1944 }
never executed: end of block
0
1945 if (*activep && uvalue == 0) {
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
uvalue == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
1946 array_append(filename, linenum,-
1947 lookup_opcode_name(opcode),-
1948 chararrayptr, uintptr, arg2);-
1949 }
never executed: end of block
0
1950 free(arg2);-
1951 }
never executed: end of block
0
1952 break;
never executed: break;
0
1953-
1954 case sForceCommand:
never executed: case sForceCommand:
0
1955 if (cp == NULL || *cp == '\0')
cp == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
*cp == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1956 fatal("%.200s line %d: Missing argument.", filename,
never executed: fatal("%.200s line %d: Missing argument.", filename, linenum);
0
1957 linenum);
never executed: fatal("%.200s line %d: Missing argument.", filename, linenum);
0
1958 len = strspn(cp, WHITESPACE);-
1959 if (*activep && options->adm_forced_command == NULL)
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
options->adm_f...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1960 options->adm_forced_command = xstrdup(cp + len);
never executed: options->adm_forced_command = xstrdup(cp + len);
0
1961 return 0;
never executed: return 0;
0
1962-
1963 case sChrootDirectory:
never executed: case sChrootDirectory:
0
1964 charptr = &options->chroot_directory;-
1965-
1966 arg = strdelim(&cp);-
1967 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
1968 fatal("%s line %d: missing file name.",
never executed: fatal("%s line %d: missing file name.", filename, linenum);
0
1969 filename, linenum);
never executed: fatal("%s line %d: missing file name.", filename, linenum);
0
1970 if (*activep && *charptr == NULL)
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
*charptr == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1971 *charptr = xstrdup(arg);
never executed: *charptr = xstrdup(arg);
0
1972 break;
never executed: break;
0
1973-
1974 case sTrustedUserCAKeys:
never executed: case sTrustedUserCAKeys:
0
1975 charptr = &options->trusted_user_ca_keys;-
1976 goto parse_filename;
never executed: goto parse_filename;
0
1977-
1978 case sRevokedKeys:
never executed: case sRevokedKeys:
0
1979 charptr = &options->revoked_keys_file;-
1980 goto parse_filename;
never executed: goto parse_filename;
0
1981-
1982 case sIPQoS:
never executed: case sIPQoS:
0
1983 arg = strdelim(&cp);-
1984 if ((value = parse_ipqos(arg)) == -1)
(value = parse...os(arg)) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1985 fatal("%s line %d: Bad IPQoS value: %s",
never executed: fatal("%s line %d: Bad IPQoS value: %s", filename, linenum, arg);
0
1986 filename, linenum, arg);
never executed: fatal("%s line %d: Bad IPQoS value: %s", filename, linenum, arg);
0
1987 arg = strdelim(&cp);-
1988 if (arg == NULL)
arg == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
1989 value2 = value;
never executed: value2 = value;
0
1990 else if ((value2 = parse_ipqos(arg)) == -1)
(value2 = pars...os(arg)) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
1991 fatal("%s line %d: Bad IPQoS value: %s",
never executed: fatal("%s line %d: Bad IPQoS value: %s", filename, linenum, arg);
0
1992 filename, linenum, arg);
never executed: fatal("%s line %d: Bad IPQoS value: %s", filename, linenum, arg);
0
1993 if (*activep) {
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
0
1994 options->ip_qos_interactive = value;-
1995 options->ip_qos_bulk = value2;-
1996 }
never executed: end of block
0
1997 break;
never executed: break;
0
1998-
1999 case sVersionAddendum:
never executed: case sVersionAddendum:
0
2000 if (cp == NULL || *cp == '\0')
cp == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
*cp == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
2001 fatal("%.200s line %d: Missing argument.", filename,
never executed: fatal("%.200s line %d: Missing argument.", filename, linenum);
0
2002 linenum);
never executed: fatal("%.200s line %d: Missing argument.", filename, linenum);
0
2003 len = strspn(cp, WHITESPACE);-
2004 if (*activep && options->version_addendum == NULL) {
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
options->versi...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
2005 if (strcasecmp(cp + len, "none") == 0)
strcasecmp(cp ..., "none") == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2006 options->version_addendum = xstrdup("");
never executed: options->version_addendum = xstrdup("");
0
2007 else if (strchr(cp + len, '\r') != NULL)
(__extension__...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( '\r' )Description
TRUEnever evaluated
FALSEnever evaluated
!__builtin_con...p ( cp + len )Description
TRUEnever evaluated
FALSEnever evaluated
( '\r' ) == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
2008 fatal("%.200s line %d: Invalid argument",
never executed: fatal("%.200s line %d: Invalid argument", filename, linenum);
0
2009 filename, linenum);
never executed: fatal("%.200s line %d: Invalid argument", filename, linenum);
0
2010 else-
2011 options->version_addendum = xstrdup(cp + len);
never executed: options->version_addendum = xstrdup(cp + len);
0
2012 }-
2013 return 0;
never executed: return 0;
0
2014-
2015 case sAuthorizedKeysCommand:
never executed: case sAuthorizedKeysCommand:
0
2016 if (cp == NULL)
cp == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
2017 fatal("%.200s line %d: Missing argument.", filename,
never executed: fatal("%.200s line %d: Missing argument.", filename, linenum);
0
2018 linenum);
never executed: fatal("%.200s line %d: Missing argument.", filename, linenum);
0
2019 len = strspn(cp, WHITESPACE);-
2020 if (*activep && options->authorized_keys_command == NULL) {
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
options->autho...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
2021 if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0)
cp[len] != '/'Description
TRUEnever evaluated
FALSEnever evaluated
strcasecmp(cp ..., "none") != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2022 fatal("%.200s line %d: AuthorizedKeysCommand "
never executed: fatal("%.200s line %d: AuthorizedKeysCommand " "must be an absolute path", filename, linenum);
0
2023 "must be an absolute path",
never executed: fatal("%.200s line %d: AuthorizedKeysCommand " "must be an absolute path", filename, linenum);
0
2024 filename, linenum);
never executed: fatal("%.200s line %d: AuthorizedKeysCommand " "must be an absolute path", filename, linenum);
0
2025 options->authorized_keys_command = xstrdup(cp + len);-
2026 }
never executed: end of block
0
2027 return 0;
never executed: return 0;
0
2028-
2029 case sAuthorizedKeysCommandUser:
never executed: case sAuthorizedKeysCommandUser:
0
2030 charptr = &options->authorized_keys_command_user;-
2031-
2032 arg = strdelim(&cp);-
2033 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
2034 fatal("%s line %d: missing AuthorizedKeysCommandUser "
never executed: fatal("%s line %d: missing AuthorizedKeysCommandUser " "argument.", filename, linenum);
0
2035 "argument.", filename, linenum);
never executed: fatal("%s line %d: missing AuthorizedKeysCommandUser " "argument.", filename, linenum);
0
2036 if (*activep && *charptr == NULL)
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
*charptr == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
2037 *charptr = xstrdup(arg);
never executed: *charptr = xstrdup(arg);
0
2038 break;
never executed: break;
0
2039-
2040 case sAuthorizedPrincipalsCommand:
never executed: case sAuthorizedPrincipalsCommand:
0
2041 if (cp == NULL)
cp == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
2042 fatal("%.200s line %d: Missing argument.", filename,
never executed: fatal("%.200s line %d: Missing argument.", filename, linenum);
0
2043 linenum);
never executed: fatal("%.200s line %d: Missing argument.", filename, linenum);
0
2044 len = strspn(cp, WHITESPACE);-
2045 if (*activep &&
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
0
2046 options->authorized_principals_command == NULL) {
options->autho...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
2047 if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0)
cp[len] != '/'Description
TRUEnever evaluated
FALSEnever evaluated
strcasecmp(cp ..., "none") != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2048 fatal("%.200s line %d: "
never executed: fatal("%.200s line %d: " "AuthorizedPrincipalsCommand must be " "an absolute path", filename, linenum);
0
2049 "AuthorizedPrincipalsCommand must be "
never executed: fatal("%.200s line %d: " "AuthorizedPrincipalsCommand must be " "an absolute path", filename, linenum);
0
2050 "an absolute path", filename, linenum);
never executed: fatal("%.200s line %d: " "AuthorizedPrincipalsCommand must be " "an absolute path", filename, linenum);
0
2051 options->authorized_principals_command =-
2052 xstrdup(cp + len);-
2053 }
never executed: end of block
0
2054 return 0;
never executed: return 0;
0
2055-
2056 case sAuthorizedPrincipalsCommandUser:
never executed: case sAuthorizedPrincipalsCommandUser:
0
2057 charptr = &options->authorized_principals_command_user;-
2058-
2059 arg = strdelim(&cp);-
2060 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
2061 fatal("%s line %d: missing "
never executed: fatal("%s line %d: missing " "AuthorizedPrincipalsCommandUser argument.", filename, linenum);
0
2062 "AuthorizedPrincipalsCommandUser argument.",
never executed: fatal("%s line %d: missing " "AuthorizedPrincipalsCommandUser argument.", filename, linenum);
0
2063 filename, linenum);
never executed: fatal("%s line %d: missing " "AuthorizedPrincipalsCommandUser argument.", filename, linenum);
0
2064 if (*activep && *charptr == NULL)
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
*charptr == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
2065 *charptr = xstrdup(arg);
never executed: *charptr = xstrdup(arg);
0
2066 break;
never executed: break;
0
2067-
2068 case sAuthenticationMethods:
never executed: case sAuthenticationMethods:
0
2069 if (options->num_auth_methods == 0) {
options->num_auth_methods == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2070 value = 0; /* seen "any" pseudo-method */-
2071 value2 = 0; /* successfully parsed any method */-
2072 while ((arg = strdelim(&cp)) && *arg != '\0') {
(arg = strdelim(&cp))Description
TRUEnever evaluated
FALSEnever evaluated
*arg != '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
2073 if (strcmp(arg, "any") == 0) {
never executed: __result = (((const unsigned char *) (const char *) ( arg ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "any" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
__extension__ ... )))); }) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2074 if (options->num_auth_methods > 0) {
options->num_auth_methods > 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2075 fatal("%s line %d: \"any\" "-
2076 "must appear alone in "-
2077 "AuthenticationMethods",-
2078 filename, linenum);-
2079 }
never executed: end of block
0
2080 value = 1;-
2081 } else if (value) {
never executed: end of block
valueDescription
TRUEnever evaluated
FALSEnever evaluated
0
2082 fatal("%s line %d: \"any\" must appear "-
2083 "alone in AuthenticationMethods",-
2084 filename, linenum);-
2085 } else if (auth2_methods_valid(arg, 0) != 0) {
never executed: end of block
auth2_methods_...d(arg, 0) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2086 fatal("%s line %d: invalid "-
2087 "authentication method list.",-
2088 filename, linenum);-
2089 }
never executed: end of block
0
2090 value2 = 1;-
2091 if (!*activep)
!*activepDescription
TRUEnever evaluated
FALSEnever evaluated
0
2092 continue;
never executed: continue;
0
2093 array_append(filename, linenum,-
2094 "AuthenticationMethods",-
2095 &options->auth_methods,-
2096 &options->num_auth_methods, arg);-
2097 }
never executed: end of block
0
2098 if (value2 == 0) {
value2 == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2099 fatal("%s line %d: no AuthenticationMethods "-
2100 "specified", filename, linenum);-
2101 }
never executed: end of block
0
2102 }
never executed: end of block
0
2103 return 0;
never executed: return 0;
0
2104-
2105 case sStreamLocalBindMask:
never executed: case sStreamLocalBindMask:
0
2106 arg = strdelim(&cp);-
2107 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
2108 fatal("%s line %d: missing StreamLocalBindMask "
never executed: fatal("%s line %d: missing StreamLocalBindMask " "argument.", filename, linenum);
0
2109 "argument.", filename, linenum);
never executed: fatal("%s line %d: missing StreamLocalBindMask " "argument.", filename, linenum);
0
2110 /* Parse mode in octal format */-
2111 value = strtol(arg, &p, 8);-
2112 if (arg == p || value < 0 || value > 0777)
arg == pDescription
TRUEnever evaluated
FALSEnever evaluated
value < 0Description
TRUEnever evaluated
FALSEnever evaluated
value > 0777Description
TRUEnever evaluated
FALSEnever evaluated
0
2113 fatal("%s line %d: Bad mask.", filename, linenum);
never executed: fatal("%s line %d: Bad mask.", filename, linenum);
0
2114 if (*activep)
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
0
2115 options->fwd_opts.streamlocal_bind_mask = (mode_t)value;
never executed: options->fwd_opts.streamlocal_bind_mask = (mode_t)value;
0
2116 break;
never executed: break;
0
2117-
2118 case sStreamLocalBindUnlink:
never executed: case sStreamLocalBindUnlink:
0
2119 intptr = &options->fwd_opts.streamlocal_bind_unlink;-
2120 goto parse_flag;
never executed: goto parse_flag;
0
2121-
2122 case sFingerprintHash:
never executed: case sFingerprintHash:
0
2123 arg = strdelim(&cp);-
2124 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
2125 fatal("%.200s line %d: Missing argument.",
never executed: fatal("%.200s line %d: Missing argument.", filename, linenum);
0
2126 filename, linenum);
never executed: fatal("%.200s line %d: Missing argument.", filename, linenum);
0
2127 if ((value = ssh_digest_alg_by_name(arg)) == -1)
(value = ssh_d...me(arg)) == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2128 fatal("%.200s line %d: Invalid hash algorithm \"%s\".",
never executed: fatal("%.200s line %d: Invalid hash algorithm \"%s\".", filename, linenum, arg);
0
2129 filename, linenum, arg);
never executed: fatal("%.200s line %d: Invalid hash algorithm \"%s\".", filename, linenum, arg);
0
2130 if (*activep)
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
0
2131 options->fingerprint_hash = value;
never executed: options->fingerprint_hash = value;
0
2132 break;
never executed: break;
0
2133-
2134 case sExposeAuthInfo:
never executed: case sExposeAuthInfo:
0
2135 intptr = &options->expose_userauth_info;-
2136 goto parse_flag;
never executed: goto parse_flag;
0
2137-
2138 case sRDomain:
never executed: case sRDomain:
0
2139 charptr = &options->routing_domain;-
2140 arg = strdelim(&cp);-
2141 if (!arg || *arg == '\0')
!argDescription
TRUEnever evaluated
FALSEnever evaluated
*arg == '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
2142 fatal("%.200s line %d: Missing argument.",
never executed: fatal("%.200s line %d: Missing argument.", filename, linenum);
0
2143 filename, linenum);
never executed: fatal("%.200s line %d: Missing argument.", filename, linenum);
0
2144 if (strcasecmp(arg, "none") != 0 && strcmp(arg, "%D") != 0 &&
never executed: __result = (((const unsigned char *) (const char *) ( arg ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "%D" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
strcasecmp(arg, "none") != 0Description
TRUEnever evaluated
FALSEnever evaluated
__extension__ ... )))); }) != 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2145 !valid_rdomain(arg))
!valid_rdomain(arg)Description
TRUEnever evaluated
FALSEnever evaluated
0
2146 fatal("%s line %d: bad routing domain",
never executed: fatal("%s line %d: bad routing domain", filename, linenum);
0
2147 filename, linenum);
never executed: fatal("%s line %d: bad routing domain", filename, linenum);
0
2148 if (*activep && *charptr == NULL)
*activepDescription
TRUEnever evaluated
FALSEnever evaluated
*charptr == ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
2149 *charptr = xstrdup(arg);
never executed: *charptr = xstrdup(arg);
0
2150 break;
never executed: break;
0
2151-
2152 case sDeprecated:
never executed: case sDeprecated:
0
2153 case sIgnore:
never executed: case sIgnore:
0
2154 case sUnsupported:
never executed: case sUnsupported:
0
2155 do_log2(opcode == sIgnore ?-
2156 SYSLOG_LEVEL_DEBUG2 : SYSLOG_LEVEL_INFO,-
2157 "%s line %d: %s option %s", filename, linenum,-
2158 opcode == sUnsupported ? "Unsupported" : "Deprecated", arg);-
2159 while (arg)
argDescription
TRUEnever evaluated
FALSEnever evaluated
0
2160 arg = strdelim(&cp);
never executed: arg = strdelim(&cp);
0
2161 break;
never executed: break;
0
2162-
2163 default:
never executed: default:
0
2164 fatal("%s line %d: Missing handler for opcode %s (%d)",-
2165 filename, linenum, arg, opcode);-
2166 }
never executed: end of block
0
2167 if ((arg = strdelim(&cp)) != NULL && *arg != '\0')
(arg = strdeli...!= ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 23 times by 1 test
Evaluated by:
  • sshd
*arg != '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0-23
2168 fatal("%s line %d: garbage at end of line; \"%.200s\".",
never executed: fatal("%s line %d: garbage at end of line; \"%.200s\".", filename, linenum, arg);
0
2169 filename, linenum, arg);
never executed: fatal("%s line %d: garbage at end of line; \"%.200s\".", filename, linenum, arg);
0
2170 return 0;
executed 23 times by 1 test: return 0;
Executed by:
  • sshd
23
2171}-
2172-
2173/* Reads the server configuration file. */-
2174-
2175void-
2176load_server_config(const char *filename, struct sshbuf *conf)-
2177{-
2178 char *line = NULL, *cp;-
2179 size_t linesize = 0;-
2180 FILE *f;-
2181 int r, lineno = 0;-
2182-
2183 debug2("%s: filename %s", __func__, filename);-
2184 if ((f = fopen(filename, "r")) == NULL) {
(f = fopen(fil...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
2185 perror(filename);-
2186 exit(1);
never executed: exit(1);
0
2187 }-
2188 sshbuf_reset(conf);-
2189 while (getline(&line, &linesize, f) != -1) {
getline(&line,...size, f) != -1Description
TRUEevaluated 27 times by 1 test
Evaluated by:
  • sshd
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
2-27
2190 lineno++;-
2191 /*-
2192 * Trim out comments and strip whitespace-
2193 * NB - preserve newlines, they are needed to reproduce-
2194 * line numbers later for error messages-
2195 */-
2196 if ((cp = strchr(line, '#')) != NULL)
(cp = (__exten...!= ((void *)0)Description
TRUEevaluated 2 times by 1 test
Evaluated by:
  • sshd
FALSEevaluated 25 times by 1 test
Evaluated by:
  • sshd
__builtin_constant_p ( '#' )Description
TRUEevaluated 27 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
!__builtin_constant_p ( line )Description
TRUEevaluated 27 times by 1 test
Evaluated by:
  • sshd
FALSEnever evaluated
( '#' ) == '\0'Description
TRUEnever evaluated
FALSEevaluated 27 times by 1 test
Evaluated by:
  • sshd
0-27
2197 memcpy(cp, "\n", 2);
executed 2 times by 1 test: memcpy(cp, "\n", 2);
Executed by:
  • sshd
2
2198 cp = line + strspn(line, " \t\r");-
2199 if ((r = sshbuf_put(conf, cp, strlen(cp))) != 0)
(r = sshbuf_pu...len(cp))) != 0Description
TRUEnever evaluated
FALSEevaluated 27 times by 1 test
Evaluated by:
  • sshd
0-27
2200 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
2201 }
executed 27 times by 1 test: end of block
Executed by:
  • sshd
27
2202 free(line);-
2203 if ((r = sshbuf_put_u8(conf, 0)) != 0)
(r = sshbuf_pu...conf, 0)) != 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
2204 fatal("%s: buffer error: %s", __func__, ssh_err(r));
never executed: fatal("%s: buffer error: %s", __func__, ssh_err(r));
0
2205 fclose(f);-
2206 debug2("%s: done config len = %zu", __func__, sshbuf_len(conf));-
2207}
executed 2 times by 1 test: end of block
Executed by:
  • sshd
2
2208-
2209void-
2210parse_server_match_config(ServerOptions *options,-
2211 struct connection_info *connectinfo)-
2212{-
2213 ServerOptions mo;-
2214-
2215 initialize_server_options(&mo);-
2216 parse_server_config(&mo, "reprocess config", cfg, connectinfo);-
2217 copy_set_server_options(options, &mo, 0);-
2218}
never executed: end of block
0
2219-
2220int parse_server_match_testspec(struct connection_info *ci, char *spec)-
2221{-
2222 char *p;-
2223-
2224 while ((p = strsep(&spec, ",")) && *p != '\0') {
(p = __extensi..., "," )); }) )Description
TRUEnever evaluated
FALSEnever evaluated
*p != '\0'Description
TRUEnever evaluated
FALSEnever evaluated
0
2225 if (strncmp(p, "addr=", 5) == 0) {
never executed: __result = (((const unsigned char *) (const char *) ( p ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "addr=" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
(__extension__..." , 5 ))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( 5 )Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( p )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( p ) <...size_t) ( 5 ))Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_cons..._p ( "addr=" )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( "addr...size_t) ( 5 ))Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2226 ci->address = xstrdup(p + 5);-
2227 } else if (strncmp(p, "host=", 5) == 0) {
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( p ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "host=" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
(__extension__..." , 5 ))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( 5 )Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( p )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( p ) <...size_t) ( 5 ))Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_cons..._p ( "host=" )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( "host...size_t) ( 5 ))Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2228 ci->host = xstrdup(p + 5);-
2229 } else if (strncmp(p, "user=", 5) == 0) {
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( p ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "user=" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
(__extension__..." , 5 ))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( 5 )Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( p )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( p ) <...size_t) ( 5 ))Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_cons..._p ( "user=" )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( "user...size_t) ( 5 ))Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2230 ci->user = xstrdup(p + 5);-
2231 } else if (strncmp(p, "laddr=", 6) == 0) {
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( p ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "laddr=" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
(__extension__..." , 6 ))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( 6 )Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( p )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( p ) <...size_t) ( 6 ))Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_cons...p ( "laddr=" )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( "ladd...size_t) ( 6 ))Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2232 ci->laddress = xstrdup(p + 6);-
2233 } else if (strncmp(p, "rdomain=", 8) == 0) {
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( p ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "rdomain=" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
(__extension__..." , 8 ))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( 8 )Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( p )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( p ) <...size_t) ( 8 ))Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_cons...( "rdomain=" )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( "rdom...size_t) ( 8 ))Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2234 ci->rdomain = xstrdup(p + 8);-
2235 } else if (strncmp(p, "lport=", 6) == 0) {
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( p ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "lport=" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
(__extension__..." , 6 ))) == 0Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( 6 )Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_constant_p ( p )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( p ) <...size_t) ( 6 ))Description
TRUEnever evaluated
FALSEnever evaluated
__builtin_cons...p ( "lport=" )Description
TRUEnever evaluated
FALSEnever evaluated
strlen ( "lpor...size_t) ( 6 ))Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2236 ci->lport = a2port(p + 6);-
2237 if (ci->lport == -1) {
ci->lport == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2238 fprintf(stderr, "Invalid port '%s' in test mode"-
2239 " specification %s\n", p+6, p);-
2240 return -1;
never executed: return -1;
0
2241 }-
2242 } else {
never executed: end of block
0
2243 fprintf(stderr, "Invalid test mode specification %s\n",-
2244 p);-
2245 return -1;
never executed: return -1;
0
2246 }-
2247 }-
2248 return 0;
never executed: return 0;
0
2249}-
2250-
2251/*-
2252 * Copy any supported values that are set.-
2253 *-
2254 * If the preauth flag is set, we do not bother copying the string or-
2255 * array values that are not used pre-authentication, because any that we-
2256 * do use must be explicitly sent in mm_getpwnamallow().-
2257 */-
2258void-
2259copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)-
2260{-
2261#define M_CP_INTOPT(n) do {\-
2262 if (src->n != -1) \-
2263 dst->n = src->n; \-
2264} while (0)-
2265-
2266 M_CP_INTOPT(password_authentication);
never executed: dst->password_authentication = src->password_authentication;
src->password_...tication != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2267 M_CP_INTOPT(gss_authentication);
never executed: dst->gss_authentication = src->gss_authentication;
src->gss_authentication != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2268 M_CP_INTOPT(pubkey_authentication);
never executed: dst->pubkey_authentication = src->pubkey_authentication;
src->pubkey_au...tication != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2269 M_CP_INTOPT(kerberos_authentication);
never executed: dst->kerberos_authentication = src->kerberos_authentication;
src->kerberos_...tication != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2270 M_CP_INTOPT(hostbased_authentication);
never executed: dst->hostbased_authentication = src->hostbased_authentication;
src->hostbased...tication != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2271 M_CP_INTOPT(hostbased_uses_name_from_packet_only);
never executed: dst->hostbased_uses_name_from_packet_only = src->hostbased_uses_name_from_packet_only;
src->hostbased...ket_only != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2272 M_CP_INTOPT(kbd_interactive_authentication);
never executed: dst->kbd_interactive_authentication = src->kbd_interactive_authentication;
src->kbd_inter...tication != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2273 M_CP_INTOPT(permit_root_login);
never executed: dst->permit_root_login = src->permit_root_login;
src->permit_root_login != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2274 M_CP_INTOPT(permit_empty_passwd);
never executed: dst->permit_empty_passwd = src->permit_empty_passwd;
src->permit_empty_passwd != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2275-
2276 M_CP_INTOPT(allow_tcp_forwarding);
never executed: dst->allow_tcp_forwarding = src->allow_tcp_forwarding;
src->allow_tcp...rwarding != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2277 M_CP_INTOPT(allow_streamlocal_forwarding);
never executed: dst->allow_streamlocal_forwarding = src->allow_streamlocal_forwarding;
src->allow_str...rwarding != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2278 M_CP_INTOPT(allow_agent_forwarding);
never executed: dst->allow_agent_forwarding = src->allow_agent_forwarding;
src->allow_age...rwarding != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2279 M_CP_INTOPT(disable_forwarding);
never executed: dst->disable_forwarding = src->disable_forwarding;
src->disable_forwarding != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2280 M_CP_INTOPT(expose_userauth_info);
never executed: dst->expose_userauth_info = src->expose_userauth_info;
src->expose_us...uth_info != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2281 M_CP_INTOPT(permit_tun);
never executed: dst->permit_tun = src->permit_tun;
src->permit_tun != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2282 M_CP_INTOPT(fwd_opts.gateway_ports);
never executed: dst->fwd_opts.gateway_ports = src->fwd_opts.gateway_ports;
src->fwd_opts....ay_ports != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2283 M_CP_INTOPT(fwd_opts.streamlocal_bind_unlink);
never executed: dst->fwd_opts.streamlocal_bind_unlink = src->fwd_opts.streamlocal_bind_unlink;
src->fwd_opts....d_unlink != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2284 M_CP_INTOPT(x11_display_offset);
never executed: dst->x11_display_offset = src->x11_display_offset;
src->x11_display_offset != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2285 M_CP_INTOPT(x11_forwarding);
never executed: dst->x11_forwarding = src->x11_forwarding;
src->x11_forwarding != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2286 M_CP_INTOPT(x11_use_localhost);
never executed: dst->x11_use_localhost = src->x11_use_localhost;
src->x11_use_localhost != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2287 M_CP_INTOPT(permit_tty);
never executed: dst->permit_tty = src->permit_tty;
src->permit_tty != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2288 M_CP_INTOPT(permit_user_rc);
never executed: dst->permit_user_rc = src->permit_user_rc;
src->permit_user_rc != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2289 M_CP_INTOPT(max_sessions);
never executed: dst->max_sessions = src->max_sessions;
src->max_sessions != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2290 M_CP_INTOPT(max_authtries);
never executed: dst->max_authtries = src->max_authtries;
src->max_authtries != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2291 M_CP_INTOPT(client_alive_count_max);
never executed: dst->client_alive_count_max = src->client_alive_count_max;
src->client_al...ount_max != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2292 M_CP_INTOPT(client_alive_interval);
never executed: dst->client_alive_interval = src->client_alive_interval;
src->client_al...interval != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2293 M_CP_INTOPT(ip_qos_interactive);
never executed: dst->ip_qos_interactive = src->ip_qos_interactive;
src->ip_qos_interactive != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2294 M_CP_INTOPT(ip_qos_bulk);
never executed: dst->ip_qos_bulk = src->ip_qos_bulk;
src->ip_qos_bulk != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2295 M_CP_INTOPT(rekey_limit);
never executed: dst->rekey_limit = src->rekey_limit;
src->rekey_limit != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2296 M_CP_INTOPT(rekey_interval);
never executed: dst->rekey_interval = src->rekey_interval;
src->rekey_interval != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2297 M_CP_INTOPT(log_level);
never executed: dst->log_level = src->log_level;
src->log_level != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2298-
2299 /*-
2300 * The bind_mask is a mode_t that may be unsigned, so we can't use-
2301 * M_CP_INTOPT - it does a signed comparison that causes compiler-
2302 * warnings.-
2303 */-
2304 if (src->fwd_opts.streamlocal_bind_mask != (mode_t)-1) {
src->fwd_opts.... != (mode_t)-1Description
TRUEnever evaluated
FALSEnever evaluated
0
2305 dst->fwd_opts.streamlocal_bind_mask =-
2306 src->fwd_opts.streamlocal_bind_mask;-
2307 }
never executed: end of block
0
2308-
2309 /* M_CP_STROPT and M_CP_STRARRAYOPT should not appear before here */-
2310#define M_CP_STROPT(n) do {\-
2311 if (src->n != NULL && dst->n != src->n) { \-
2312 free(dst->n); \-
2313 dst->n = src->n; \-
2314 } \-
2315} while(0)-
2316#define M_CP_STRARRAYOPT(s, num_s) do {\-
2317 u_int i; \-
2318 if (src->num_s != 0) { \-
2319 for (i = 0; i < dst->num_s; i++) \-
2320 free(dst->s[i]); \-
2321 free(dst->s); \-
2322 dst->s = xcalloc(src->num_s, sizeof(*dst->s)); \-
2323 for (i = 0; i < src->num_s; i++) \-
2324 dst->s[i] = xstrdup(src->s[i]); \-
2325 dst->num_s = src->num_s; \-
2326 } \-
2327} while(0)-
2328-
2329 /* See comment in servconf.h */-
2330 COPY_MATCH_STRING_OPTS();
never executed: end of block
never executed: end of block
never executed: end of block
never executed: end of block
never executed: end of block
never executed: end of block
never executed: end of block
never executed: end of block
never executed: end of block
never executed: end of block
never executed: end of block
never executed: end of block
never executed: end of block
never executed: free(dst->authorized_keys_files[i]);
never executed: dst->authorized_keys_files[i] = xstrdup(src->authorized_keys_files[i]);
never executed: end of block
never executed: free(dst->allow_users[i]);
never executed: dst->allow_users[i] = xstrdup(src->allow_users[i]);
never executed: end of block
never executed: free(dst->deny_users[i]);
never executed: dst->deny_users[i] = xstrdup(src->deny_users[i]);
never executed: end of block
never executed: free(dst->allow_groups[i]);
never executed: dst->allow_groups[i] = xstrdup(src->allow_groups[i]);
never executed: end of block
never executed: free(dst->deny_groups[i]);
never executed: dst->deny_groups[i] = xstrdup(src->deny_groups[i]);
never executed: end of block
never executed: free(dst->accept_env[i]);
never executed: dst->accept_env[i] = xstrdup(src->accept_env[i]);
never executed: end of block
never executed: free(dst->auth_methods[i]);
never executed: dst->auth_methods[i] = xstrdup(src->auth_methods[i]);
never executed: end of block
never executed: free(dst->permitted_opens[i]);
never executed: dst->permitted_opens[i] = xstrdup(src->permitted_opens[i]);
never executed: end of block
never executed: free(dst->permitted_listens[i]);
never executed: dst->permitted_listens[i] = xstrdup(src->permitted_listens[i]);
never executed: end of block
src->num_authkeys_files != 0Description
TRUEnever evaluated
FALSEnever evaluated
src->num_allow_users != 0Description
TRUEnever evaluated
FALSEnever evaluated
src->num_deny_users != 0Description
TRUEnever evaluated
FALSEnever evaluated
src->num_allow_groups != 0Description
TRUEnever evaluated
FALSEnever evaluated
src->num_deny_groups != 0Description
TRUEnever evaluated
FALSEnever evaluated
src->num_accept_env != 0Description
TRUEnever evaluated
FALSEnever evaluated
src->num_auth_methods != 0Description
TRUEnever evaluated
FALSEnever evaluated
src->num_permitted_opens != 0Description
TRUEnever evaluated
FALSEnever evaluated
src->num_permi...d_listens != 0Description
TRUEnever evaluated
FALSEnever evaluated
i < dst->num_authkeys_filesDescription
TRUEnever evaluated
FALSEnever evaluated
i < src->num_authkeys_filesDescription
TRUEnever evaluated
FALSEnever evaluated
i < dst->num_allow_usersDescription
TRUEnever evaluated
FALSEnever evaluated
i < src->num_allow_usersDescription
TRUEnever evaluated
FALSEnever evaluated
i < dst->num_deny_usersDescription
TRUEnever evaluated
FALSEnever evaluated
i < src->num_deny_usersDescription
TRUEnever evaluated
FALSEnever evaluated
i < dst->num_allow_groupsDescription
TRUEnever evaluated
FALSEnever evaluated
i < src->num_allow_groupsDescription
TRUEnever evaluated
FALSEnever evaluated
i < dst->num_deny_groupsDescription
TRUEnever evaluated
FALSEnever evaluated
i < src->num_deny_groupsDescription
TRUEnever evaluated
FALSEnever evaluated
i < dst->num_accept_envDescription
TRUEnever evaluated
FALSEnever evaluated
i < src->num_accept_envDescription
TRUEnever evaluated
FALSEnever evaluated
i < dst->num_auth_methodsDescription
TRUEnever evaluated
FALSEnever evaluated
i < src->num_auth_methodsDescription
TRUEnever evaluated
FALSEnever evaluated
i < dst->num_permitted_opensDescription
TRUEnever evaluated
FALSEnever evaluated
i < src->num_permitted_opensDescription
TRUEnever evaluated
FALSEnever evaluated
i < dst->num_permitted_listensDescription
TRUEnever evaluated
FALSEnever evaluated
i < src->num_permitted_listensDescription
TRUEnever evaluated
FALSEnever evaluated
src->banner != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
dst->banner != src->bannerDescription
TRUEnever evaluated
FALSEnever evaluated
src->trusted_u...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
dst->trusted_u...d_user_ca_keysDescription
TRUEnever evaluated
FALSEnever evaluated
src->revoked_k...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
dst->revoked_k...oked_keys_fileDescription
TRUEnever evaluated
FALSEnever evaluated
src->authorize...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
dst->authorize...d_keys_commandDescription
TRUEnever evaluated
FALSEnever evaluated
src->authorize...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
dst->authorize...s_command_userDescription
TRUEnever evaluated
FALSEnever evaluated
src->authorize...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
dst->authorize...rincipals_fileDescription
TRUEnever evaluated
FALSEnever evaluated
src->authorize...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
dst->authorize...cipals_commandDescription
TRUEnever evaluated
FALSEnever evaluated
src->authorize...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
dst->authorize...s_command_userDescription
TRUEnever evaluated
FALSEnever evaluated
src->hostbased...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
dst->hostbased...ased_key_typesDescription
TRUEnever evaluated
FALSEnever evaluated
src->pubkey_ke...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
dst->pubkey_ke...bkey_key_typesDescription
TRUEnever evaluated
FALSEnever evaluated
src->ca_sign_a...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
dst->ca_sign_a...ign_algorithmsDescription
TRUEnever evaluated
FALSEnever evaluated
src->routing_d...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
dst->routing_d...routing_domainDescription
TRUEnever evaluated
FALSEnever evaluated
src->permit_us...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
dst->permit_us..._env_whitelistDescription
TRUEnever evaluated
FALSEnever evaluated
0
2331-
2332 /* Arguments that accept '+...' need to be expanded */-
2333 assemble_algorithms(dst);-
2334-
2335 /*-
2336 * The only things that should be below this point are string options-
2337 * which are only used after authentication.-
2338 */-
2339 if (preauth)
preauthDescription
TRUEnever evaluated
FALSEnever evaluated
0
2340 return;
never executed: return;
0
2341-
2342 /* These options may be "none" to clear a global setting */-
2343 M_CP_STROPT(adm_forced_command);
never executed: end of block
src->adm_force...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
dst->adm_force...forced_commandDescription
TRUEnever evaluated
FALSEnever evaluated
0
2344 if (option_clear_or_none(dst->adm_forced_command)) {
option_clear_o...orced_command)Description
TRUEnever evaluated
FALSEnever evaluated
0
2345 free(dst->adm_forced_command);-
2346 dst->adm_forced_command = NULL;-
2347 }
never executed: end of block
0
2348 M_CP_STROPT(chroot_directory);
never executed: end of block
src->chroot_di...!= ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
dst->chroot_di...root_directoryDescription
TRUEnever evaluated
FALSEnever evaluated
0
2349 if (option_clear_or_none(dst->chroot_directory)) {
option_clear_o...oot_directory)Description
TRUEnever evaluated
FALSEnever evaluated
0
2350 free(dst->chroot_directory);-
2351 dst->chroot_directory = NULL;-
2352 }
never executed: end of block
0
2353}
never executed: end of block
0
2354-
2355#undef M_CP_INTOPT-
2356#undef M_CP_STROPT-
2357#undef M_CP_STRARRAYOPT-
2358-
2359void-
2360parse_server_config(ServerOptions *options, const char *filename,-
2361 struct sshbuf *conf, struct connection_info *connectinfo)-
2362{-
2363 int active, linenum, bad_options = 0;-
2364 char *cp, *obuf, *cbuf;-
2365-
2366 debug2("%s: config %s len %zu", __func__, filename, sshbuf_len(conf));-
2367-
2368 if ((obuf = cbuf = sshbuf_dup_string(conf)) == NULL)
(obuf = cbuf =...== ((void *)0)Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
2369 fatal("%s: sshbuf_dup_string failed", __func__);
never executed: fatal("%s: sshbuf_dup_string failed", __func__);
0
2370 active = connectinfo ? 0 : 1;
connectinfoDescription
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
2371 linenum = 1;-
2372 while ((cp = strsep(&cbuf, "\n")) != NULL) {
(cp = __extens...!= ((void *)0)Description
TRUEevaluated 29 times by 1 test
Evaluated by:
  • sshd
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
2-29
2373 if (process_server_config_line(options, cp, filename,
process_server...nectinfo) != 0Description
TRUEnever evaluated
FALSEevaluated 29 times by 1 test
Evaluated by:
  • sshd
0-29
2374 linenum++, &active, connectinfo) != 0)
process_server...nectinfo) != 0Description
TRUEnever evaluated
FALSEevaluated 29 times by 1 test
Evaluated by:
  • sshd
0-29
2375 bad_options++;
never executed: bad_options++;
0
2376 }
executed 29 times by 1 test: end of block
Executed by:
  • sshd
29
2377 free(obuf);-
2378 if (bad_options > 0)
bad_options > 0Description
TRUEnever evaluated
FALSEevaluated 2 times by 1 test
Evaluated by:
  • sshd
0-2
2379 fatal("%s: terminating, %d bad configuration options",
never executed: fatal("%s: terminating, %d bad configuration options", filename, bad_options);
0
2380 filename, bad_options);
never executed: fatal("%s: terminating, %d bad configuration options", filename, bad_options);
0
2381 process_queued_listen_addrs(options);-
2382}
executed 2 times by 1 test: end of block
Executed by:
  • sshd
2
2383-
2384static const char *-
2385fmt_multistate_int(int val, const struct multistate *m)-
2386{-
2387 u_int i;-
2388-
2389 for (i = 0; m[i].key != NULL; i++) {
m[i].key != ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
2390 if (m[i].value == val)
m[i].value == valDescription
TRUEnever evaluated
FALSEnever evaluated
0
2391 return m[i].key;
never executed: return m[i].key;
0
2392 }
never executed: end of block
0
2393 return "UNKNOWN";
never executed: return "UNKNOWN";
0
2394}-
2395-
2396static const char *-
2397fmt_intarg(ServerOpCodes code, int val)-
2398{-
2399 if (val == -1)
val == -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2400 return "unset";
never executed: return "unset";
0
2401 switch (code) {-
2402 case sAddressFamily:
never executed: case sAddressFamily:
0
2403 return fmt_multistate_int(val, multistate_addressfamily);
never executed: return fmt_multistate_int(val, multistate_addressfamily);
0
2404 case sPermitRootLogin:
never executed: case sPermitRootLogin:
0
2405 return fmt_multistate_int(val, multistate_permitrootlogin);
never executed: return fmt_multistate_int(val, multistate_permitrootlogin);
0
2406 case sGatewayPorts:
never executed: case sGatewayPorts:
0
2407 return fmt_multistate_int(val, multistate_gatewayports);
never executed: return fmt_multistate_int(val, multistate_gatewayports);
0
2408 case sCompression:
never executed: case sCompression:
0
2409 return fmt_multistate_int(val, multistate_compression);
never executed: return fmt_multistate_int(val, multistate_compression);
0
2410 case sAllowTcpForwarding:
never executed: case sAllowTcpForwarding:
0
2411 return fmt_multistate_int(val, multistate_tcpfwd);
never executed: return fmt_multistate_int(val, multistate_tcpfwd);
0
2412 case sAllowStreamLocalForwarding:
never executed: case sAllowStreamLocalForwarding:
0
2413 return fmt_multistate_int(val, multistate_tcpfwd);
never executed: return fmt_multistate_int(val, multistate_tcpfwd);
0
2414 case sFingerprintHash:
never executed: case sFingerprintHash:
0
2415 return ssh_digest_alg_name(val);
never executed: return ssh_digest_alg_name(val);
0
2416 default:
never executed: default:
0
2417 switch (val) {-
2418 case 0:
never executed: case 0:
0
2419 return "no";
never executed: return "no";
0
2420 case 1:
never executed: case 1:
0
2421 return "yes";
never executed: return "yes";
0
2422 default:
never executed: default:
0
2423 return "UNKNOWN";
never executed: return "UNKNOWN";
0
2424 }-
2425 }-
2426}-
2427-
2428static void-
2429dump_cfg_int(ServerOpCodes code, int val)-
2430{-
2431 printf("%s %d\n", lookup_opcode_name(code), val);-
2432}
never executed: end of block
0
2433-
2434static void-
2435dump_cfg_oct(ServerOpCodes code, int val)-
2436{-
2437 printf("%s 0%o\n", lookup_opcode_name(code), val);-
2438}
never executed: end of block
0
2439-
2440static void-
2441dump_cfg_fmtint(ServerOpCodes code, int val)-
2442{-
2443 printf("%s %s\n", lookup_opcode_name(code), fmt_intarg(code, val));-
2444}
never executed: end of block
0
2445-
2446static void-
2447dump_cfg_string(ServerOpCodes code, const char *val)-
2448{-
2449 printf("%s %s\n", lookup_opcode_name(code),-
2450 val == NULL ? "none" : val);-
2451}
never executed: end of block
0
2452-
2453static void-
2454dump_cfg_strarray(ServerOpCodes code, u_int count, char **vals)-
2455{-
2456 u_int i;-
2457-
2458 for (i = 0; i < count; i++)
i < countDescription
TRUEnever evaluated
FALSEnever evaluated
0
2459 printf("%s %s\n", lookup_opcode_name(code), vals[i]);
never executed: printf("%s %s\n", lookup_opcode_name(code), vals[i]);
0
2460}
never executed: end of block
0
2461-
2462static void-
2463dump_cfg_strarray_oneline(ServerOpCodes code, u_int count, char **vals)-
2464{-
2465 u_int i;-
2466-
2467 if (count <= 0 && code != sAuthenticationMethods)
count <= 0Description
TRUEnever evaluated
FALSEnever evaluated
code != sAuthenticationMethodsDescription
TRUEnever evaluated
FALSEnever evaluated
0
2468 return;
never executed: return;
0
2469 printf("%s", lookup_opcode_name(code));-
2470 for (i = 0; i < count; i++)
i < countDescription
TRUEnever evaluated
FALSEnever evaluated
0
2471 printf(" %s", vals[i]);
never executed: printf(" %s", vals[i]);
0
2472 if (code == sAuthenticationMethods && count == 0)
code == sAuthenticationMethodsDescription
TRUEnever evaluated
FALSEnever evaluated
count == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2473 printf(" any");
never executed: printf(" any");
0
2474 printf("\n");-
2475}
never executed: end of block
0
2476-
2477static char *-
2478format_listen_addrs(struct listenaddr *la)-
2479{-
2480 int r;-
2481 struct addrinfo *ai;-
2482 char addr[NI_MAXHOST], port[NI_MAXSERV];-
2483 char *laddr1 = xstrdup(""), *laddr2 = NULL;-
2484-
2485 /*-
2486 * ListenAddress must be after Port. add_one_listen_addr pushes-
2487 * addresses onto a stack, so to maintain ordering we need to-
2488 * print these in reverse order.-
2489 */-
2490 for (ai = la->addrs; ai; ai = ai->ai_next) {
aiDescription
TRUEnever evaluated
FALSEnever evaluated
0
2491 if ((r = getnameinfo(ai->ai_addr, ai->ai_addrlen, addr,
(r = getnamein... 1 | 2 )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2492 sizeof(addr), port, sizeof(port),
(r = getnamein... 1 | 2 )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2493 NI_NUMERICHOST|NI_NUMERICSERV)) != 0) {
(r = getnamein... 1 | 2 )) != 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2494 error("getnameinfo: %.100s", ssh_gai_strerror(r));-
2495 continue;
never executed: continue;
0
2496 }-
2497 laddr2 = laddr1;-
2498 if (ai->ai_family == AF_INET6) {
ai->ai_family == 10Description
TRUEnever evaluated
FALSEnever evaluated
0
2499 xasprintf(&laddr1, "listenaddress [%s]:%s%s%s\n%s",-
2500 addr, port,-
2501 la->rdomain == NULL ? "" : " rdomain ",-
2502 la->rdomain == NULL ? "" : la->rdomain,-
2503 laddr2);-
2504 } else {
never executed: end of block
0
2505 xasprintf(&laddr1, "listenaddress %s:%s%s%s\n%s",-
2506 addr, port,-
2507 la->rdomain == NULL ? "" : " rdomain ",-
2508 la->rdomain == NULL ? "" : la->rdomain,-
2509 laddr2);-
2510 }
never executed: end of block
0
2511 free(laddr2);-
2512 }
never executed: end of block
0
2513 return laddr1;
never executed: return laddr1;
0
2514}-
2515-
2516void-
2517dump_config(ServerOptions *o)-
2518{-
2519 char *s;-
2520 u_int i;-
2521-
2522 /* these are usually at the top of the config */-
2523 for (i = 0; i < o->num_ports; i++)
i < o->num_portsDescription
TRUEnever evaluated
FALSEnever evaluated
0
2524 printf("port %d\n", o->ports[i]);
never executed: printf("port %d\n", o->ports[i]);
0
2525 dump_cfg_fmtint(sAddressFamily, o->address_family);-
2526-
2527 for (i = 0; i < o->num_listen_addrs; i++) {
i < o->num_listen_addrsDescription
TRUEnever evaluated
FALSEnever evaluated
0
2528 s = format_listen_addrs(&o->listen_addrs[i]);-
2529 printf("%s", s);-
2530 free(s);-
2531 }
never executed: end of block
0
2532-
2533 /* integer arguments */-
2534#ifdef USE_PAM-
2535 dump_cfg_fmtint(sUsePAM, o->use_pam);-
2536#endif-
2537 dump_cfg_int(sLoginGraceTime, o->login_grace_time);-
2538 dump_cfg_int(sX11DisplayOffset, o->x11_display_offset);-
2539 dump_cfg_int(sMaxAuthTries, o->max_authtries);-
2540 dump_cfg_int(sMaxSessions, o->max_sessions);-
2541 dump_cfg_int(sClientAliveInterval, o->client_alive_interval);-
2542 dump_cfg_int(sClientAliveCountMax, o->client_alive_count_max);-
2543 dump_cfg_oct(sStreamLocalBindMask, o->fwd_opts.streamlocal_bind_mask);-
2544-
2545 /* formatted integer arguments */-
2546 dump_cfg_fmtint(sPermitRootLogin, o->permit_root_login);-
2547 dump_cfg_fmtint(sIgnoreRhosts, o->ignore_rhosts);-
2548 dump_cfg_fmtint(sIgnoreUserKnownHosts, o->ignore_user_known_hosts);-
2549 dump_cfg_fmtint(sHostbasedAuthentication, o->hostbased_authentication);-
2550 dump_cfg_fmtint(sHostbasedUsesNameFromPacketOnly,-
2551 o->hostbased_uses_name_from_packet_only);-
2552 dump_cfg_fmtint(sPubkeyAuthentication, o->pubkey_authentication);-
2553#ifdef KRB5-
2554 dump_cfg_fmtint(sKerberosAuthentication, o->kerberos_authentication);-
2555 dump_cfg_fmtint(sKerberosOrLocalPasswd, o->kerberos_or_local_passwd);-
2556 dump_cfg_fmtint(sKerberosTicketCleanup, o->kerberos_ticket_cleanup);-
2557# ifdef USE_AFS-
2558 dump_cfg_fmtint(sKerberosGetAFSToken, o->kerberos_get_afs_token);-
2559# endif-
2560#endif-
2561#ifdef GSSAPI-
2562 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);-
2563 dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds);-
2564#endif-
2565 dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication);-
2566 dump_cfg_fmtint(sKbdInteractiveAuthentication,-
2567 o->kbd_interactive_authentication);-
2568 dump_cfg_fmtint(sChallengeResponseAuthentication,-
2569 o->challenge_response_authentication);-
2570 dump_cfg_fmtint(sPrintMotd, o->print_motd);-
2571#ifndef DISABLE_LASTLOG-
2572 dump_cfg_fmtint(sPrintLastLog, o->print_lastlog);-
2573#endif-
2574 dump_cfg_fmtint(sX11Forwarding, o->x11_forwarding);-
2575 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost);-
2576 dump_cfg_fmtint(sPermitTTY, o->permit_tty);-
2577 dump_cfg_fmtint(sPermitUserRC, o->permit_user_rc);-
2578 dump_cfg_fmtint(sStrictModes, o->strict_modes);-
2579 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);-
2580 dump_cfg_fmtint(sEmptyPasswd, o->permit_empty_passwd);-
2581 dump_cfg_fmtint(sCompression, o->compression);-
2582 dump_cfg_fmtint(sGatewayPorts, o->fwd_opts.gateway_ports);-
2583 dump_cfg_fmtint(sUseDNS, o->use_dns);-
2584 dump_cfg_fmtint(sAllowTcpForwarding, o->allow_tcp_forwarding);-
2585 dump_cfg_fmtint(sAllowAgentForwarding, o->allow_agent_forwarding);-
2586 dump_cfg_fmtint(sDisableForwarding, o->disable_forwarding);-
2587 dump_cfg_fmtint(sAllowStreamLocalForwarding, o->allow_streamlocal_forwarding);-
2588 dump_cfg_fmtint(sStreamLocalBindUnlink, o->fwd_opts.streamlocal_bind_unlink);-
2589 dump_cfg_fmtint(sFingerprintHash, o->fingerprint_hash);-
2590 dump_cfg_fmtint(sExposeAuthInfo, o->expose_userauth_info);-
2591-
2592 /* string arguments */-
2593 dump_cfg_string(sPidFile, o->pid_file);-
2594 dump_cfg_string(sXAuthLocation, o->xauth_location);-
2595 dump_cfg_string(sCiphers, o->ciphers ? o->ciphers : KEX_SERVER_ENCRYPT);-
2596 dump_cfg_string(sMacs, o->macs ? o->macs : KEX_SERVER_MAC);-
2597 dump_cfg_string(sBanner, o->banner);-
2598 dump_cfg_string(sForceCommand, o->adm_forced_command);-
2599 dump_cfg_string(sChrootDirectory, o->chroot_directory);-
2600 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys);-
2601 dump_cfg_string(sRevokedKeys, o->revoked_keys_file);-
2602 dump_cfg_string(sAuthorizedPrincipalsFile,-
2603 o->authorized_principals_file);-
2604 dump_cfg_string(sVersionAddendum, *o->version_addendum == '\0'-
2605 ? "none" : o->version_addendum);-
2606 dump_cfg_string(sAuthorizedKeysCommand, o->authorized_keys_command);-
2607 dump_cfg_string(sAuthorizedKeysCommandUser, o->authorized_keys_command_user);-
2608 dump_cfg_string(sAuthorizedPrincipalsCommand, o->authorized_principals_command);-
2609 dump_cfg_string(sAuthorizedPrincipalsCommandUser, o->authorized_principals_command_user);-
2610 dump_cfg_string(sHostKeyAgent, o->host_key_agent);-
2611 dump_cfg_string(sKexAlgorithms,-
2612 o->kex_algorithms ? o->kex_algorithms : KEX_SERVER_KEX);-
2613 dump_cfg_string(sCASignatureAlgorithms, o->ca_sign_algorithms ?-
2614 o->ca_sign_algorithms : SSH_ALLOWED_CA_SIGALGS);-
2615 dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types ?-
2616 o->hostbased_key_types : KEX_DEFAULT_PK_ALG);-
2617 dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms ?-
2618 o->hostkeyalgorithms : KEX_DEFAULT_PK_ALG);-
2619 dump_cfg_string(sPubkeyAcceptedKeyTypes, o->pubkey_key_types ?-
2620 o->pubkey_key_types : KEX_DEFAULT_PK_ALG);-
2621 dump_cfg_string(sRDomain, o->routing_domain);-
2622-
2623 /* string arguments requiring a lookup */-
2624 dump_cfg_string(sLogLevel, log_level_name(o->log_level));-
2625 dump_cfg_string(sLogFacility, log_facility_name(o->log_facility));-
2626-
2627 /* string array arguments */-
2628 dump_cfg_strarray_oneline(sAuthorizedKeysFile, o->num_authkeys_files,-
2629 o->authorized_keys_files);-
2630 dump_cfg_strarray(sHostKeyFile, o->num_host_key_files,-
2631 o->host_key_files);-
2632 dump_cfg_strarray(sHostCertificate, o->num_host_cert_files,-
2633 o->host_cert_files);-
2634 dump_cfg_strarray(sAllowUsers, o->num_allow_users, o->allow_users);-
2635 dump_cfg_strarray(sDenyUsers, o->num_deny_users, o->deny_users);-
2636 dump_cfg_strarray(sAllowGroups, o->num_allow_groups, o->allow_groups);-
2637 dump_cfg_strarray(sDenyGroups, o->num_deny_groups, o->deny_groups);-
2638 dump_cfg_strarray(sAcceptEnv, o->num_accept_env, o->accept_env);-
2639 dump_cfg_strarray(sSetEnv, o->num_setenv, o->setenv);-
2640 dump_cfg_strarray_oneline(sAuthenticationMethods,-
2641 o->num_auth_methods, o->auth_methods);-
2642-
2643 /* other arguments */-
2644 for (i = 0; i < o->num_subsystems; i++)
i < o->num_subsystemsDescription
TRUEnever evaluated
FALSEnever evaluated
0
2645 printf("subsystem %s %s\n", o->subsystem_name[i],
never executed: printf("subsystem %s %s\n", o->subsystem_name[i], o->subsystem_args[i]);
0
2646 o->subsystem_args[i]);
never executed: printf("subsystem %s %s\n", o->subsystem_name[i], o->subsystem_args[i]);
0
2647-
2648 printf("maxstartups %d:%d:%d\n", o->max_startups_begin,-
2649 o->max_startups_rate, o->max_startups);-
2650-
2651 s = NULL;-
2652 for (i = 0; tunmode_desc[i].val != -1; i++) {
tunmode_desc[i].val != -1Description
TRUEnever evaluated
FALSEnever evaluated
0
2653 if (tunmode_desc[i].val == o->permit_tun) {
tunmode_desc[i... o->permit_tunDescription
TRUEnever evaluated
FALSEnever evaluated
0
2654 s = tunmode_desc[i].text;-
2655 break;
never executed: break;
0
2656 }-
2657 }
never executed: end of block
0
2658 dump_cfg_string(sPermitTunnel, s);-
2659-
2660 printf("ipqos %s ", iptos2str(o->ip_qos_interactive));-
2661 printf("%s\n", iptos2str(o->ip_qos_bulk));-
2662-
2663 printf("rekeylimit %llu %d\n", (unsigned long long)o->rekey_limit,-
2664 o->rekey_interval);-
2665-
2666 printf("permitopen");-
2667 if (o->num_permitted_opens == 0)
o->num_permitted_opens == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2668 printf(" any");
never executed: printf(" any");
0
2669 else {-
2670 for (i = 0; i < o->num_permitted_opens; i++)
i < o->num_permitted_opensDescription
TRUEnever evaluated
FALSEnever evaluated
0
2671 printf(" %s", o->permitted_opens[i]);
never executed: printf(" %s", o->permitted_opens[i]);
0
2672 }
never executed: end of block
0
2673 printf("\n");-
2674 printf("permitlisten");-
2675 if (o->num_permitted_listens == 0)
o->num_permitted_listens == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
2676 printf(" any");
never executed: printf(" any");
0
2677 else {-
2678 for (i = 0; i < o->num_permitted_listens; i++)
i < o->num_permitted_listensDescription
TRUEnever evaluated
FALSEnever evaluated
0
2679 printf(" %s", o->permitted_listens[i]);
never executed: printf(" %s", o->permitted_listens[i]);
0
2680 }
never executed: end of block
0
2681 printf("\n");-
2682-
2683 if (o->permit_user_env_whitelist == NULL) {
o->permit_user...== ((void *)0)Description
TRUEnever evaluated
FALSEnever evaluated
0
2684 dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);-
2685 } else {
never executed: end of block
0
2686 printf("permituserenvironment %s\n",-
2687 o->permit_user_env_whitelist);-
2688 }
never executed: end of block
0
2689-
2690}-
Source codeSwitch to Preprocessed file

Generated by Squish Coco 4.2.2