* New upstream release (http://www.openssh.com/txt/release-6.2).

  - Add support for multiple required authentication in SSH protocol 2 via
    an AuthenticationMethods option (closes: #195716).
  - Fix Sophie Germain formula in moduli(5) (closes: #698612).
  - Update ssh-copy-id to Phil Hands' greatly revised version (closes:
    #99785, #322228, #620428; LP: #518883, #835901, #1074798).

1 files changed, 18 insertions, 2 deletions

diff --git a/servconf.h b/servconf.h
index a15f2a7fa..bc0536927 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.h,v 1.103 2012/07/10 02:19:15 djm Exp $ */
+/* $OpenBSD: servconf.h,v 1.107 2013/01/03 05:49:36 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -28,6 +28,7 @@
 #define MAX_ACCEPT_ENV          256     /* Max # of env vars. */
 #define MAX_MATCH_GROUPS        256     /* Max # of groups for Match. */
 #define MAX_AUTHKEYS_FILES      256     /* Max # of authorized_keys files. */
+#define MAX_AUTH_METHODS        256     /* Max # of AuthenticationMethods. */
 
 /* permit_root_login */
 #define PERMIT_NOT_SET          -1
@@ -41,6 +42,12 @@
 #define PRIVSEP_ON              1
 #define PRIVSEP_NOSANDBOX       2
 
+/* AllowTCPForwarding */
+#define FORWARD_DENY            0
+#define FORWARD_REMOTE          (1)
+#define FORWARD_LOCAL           (1<<1)
+#define FORWARD_ALLOW           (FORWARD_REMOTE|FORWARD_LOCAL)
+
 #define DEFAULT_AUTH_FAIL_MAX   6       /* Default for MaxAuthTries */
 #define DEFAULT_SESSIONS_MAX    10      /* Default for MaxSessions */
 
@@ -119,7 +126,7 @@ typedef struct {
         int     permit_user_env;        /* If true, read ~/.ssh/environment */
         int     use_login;      /* If true, login(1) is used */
         int     compression;    /* If true, compression is allowed */
-        int     allow_tcp_forwarding;
+        int     allow_tcp_forwarding; /* One of FORWARD_* */
         int     allow_agent_forwarding;
         u_int num_allow_users;
         char   *allow_users[MAX_ALLOW_USERS];
@@ -170,8 +177,14 @@ typedef struct {
         char   *revoked_keys_file;
         char   *trusted_user_ca_keys;
         char   *authorized_principals_file;
+        char   *authorized_keys_command;
+        char   *authorized_keys_command_user;
 
         char   *version_addendum;       /* Appended to SSH banner */
+
+        u_int   num_auth_methods;
+        char   *auth_methods[MAX_AUTH_METHODS];
+
         int     debian_banner;
 }       ServerOptions;
 
@@ -196,12 +209,15 @@ struct connection_info {
                 M_CP_STROPT(trusted_user_ca_keys); \
                 M_CP_STROPT(revoked_keys_file); \
                 M_CP_STROPT(authorized_principals_file); \
+                M_CP_STROPT(authorized_keys_command); \
+                M_CP_STROPT(authorized_keys_command_user); \
                 M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \
                 M_CP_STRARRAYOPT(allow_users, num_allow_users); \
                 M_CP_STRARRAYOPT(deny_users, num_deny_users); \
                 M_CP_STRARRAYOPT(allow_groups, num_allow_groups); \
                 M_CP_STRARRAYOPT(deny_groups, num_deny_groups); \
                 M_CP_STRARRAYOPT(accept_env, num_accept_env); \
+                M_CP_STRARRAYOPT(auth_methods, num_auth_methods); \
         } while (0)
 
 struct connection_info *get_connection_info(int, int);