diff options
author | Colin Watson <cjwatson@debian.org> | 2011-09-06 14:56:29 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2011-09-06 14:56:29 +0100 |
commit | 978e62d6f14c60747bddef2cc72d66a9c8b83b54 (patch) | |
tree | 89400a44e42d84937deba7864e4964d6c7734da5 /servconf.h | |
parent | 87c685b8c6a49814fd782288097b3093f975aa72 (diff) | |
parent | 3a7e89697ca363de0f64e0d5704c57219294e41c (diff) |
* New upstream release (http://www.openssh.org/txt/release-5.9).
- Introduce sandboxing of the pre-auth privsep child using an optional
sshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables
mandatory restrictions on the syscalls the privsep child can perform.
- Add new SHA256-based HMAC transport integrity modes from
http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt.
- The pre-authentication sshd(8) privilege separation slave process now
logs via a socket shared with the master process, avoiding the need to
maintain /dev/log inside the chroot (closes: #75043, #429243,
#599240).
- ssh(1) now warns when a server refuses X11 forwarding (closes:
#504757).
- sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths,
separated by whitespace (closes: #76312). The authorized_keys2
fallback is deprecated but documented (closes: #560156).
- ssh(1) and sshd(8): set IPv6 traffic class from IPQoS, as well as IPv4
ToS/DSCP (closes: #498297).
- ssh-add(1) now accepts keys piped from standard input. E.g. "ssh-add
- < /path/to/key" (closes: #229124).
- Clean up lost-passphrase text in ssh-keygen(1) (closes: #444691).
- Say "required" rather than "recommended" in unprotected-private-key
warning (LP: #663455).
Diffstat (limited to 'servconf.h')
-rw-r--r-- | servconf.h | 26 |
1 files changed, 23 insertions, 3 deletions
diff --git a/servconf.h b/servconf.h index be3be0be3..0be15f09a 100644 --- a/servconf.h +++ b/servconf.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: servconf.h,v 1.95 2010/11/13 23:27:50 djm Exp $ */ | 1 | /* $OpenBSD: servconf.h,v 1.99 2011/06/22 21:57:01 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -27,6 +27,7 @@ | |||
27 | #define MAX_HOSTCERTS 256 /* Max # host certificates. */ | 27 | #define MAX_HOSTCERTS 256 /* Max # host certificates. */ |
28 | #define MAX_ACCEPT_ENV 256 /* Max # of env vars. */ | 28 | #define MAX_ACCEPT_ENV 256 /* Max # of env vars. */ |
29 | #define MAX_MATCH_GROUPS 256 /* Max # of groups for Match. */ | 29 | #define MAX_MATCH_GROUPS 256 /* Max # of groups for Match. */ |
30 | #define MAX_AUTHKEYS_FILES 256 /* Max # of authorized_keys files. */ | ||
30 | 31 | ||
31 | /* permit_root_login */ | 32 | /* permit_root_login */ |
32 | #define PERMIT_NOT_SET -1 | 33 | #define PERMIT_NOT_SET -1 |
@@ -35,6 +36,11 @@ | |||
35 | #define PERMIT_NO_PASSWD 2 | 36 | #define PERMIT_NO_PASSWD 2 |
36 | #define PERMIT_YES 3 | 37 | #define PERMIT_YES 3 |
37 | 38 | ||
39 | /* use_privsep */ | ||
40 | #define PRIVSEP_OFF 0 | ||
41 | #define PRIVSEP_ON 1 | ||
42 | #define PRIVSEP_SANDBOX 2 | ||
43 | |||
38 | #define DEFAULT_AUTH_FAIL_MAX 6 /* Default for MaxAuthTries */ | 44 | #define DEFAULT_AUTH_FAIL_MAX 6 /* Default for MaxAuthTries */ |
39 | #define DEFAULT_SESSIONS_MAX 10 /* Default for MaxSessions */ | 45 | #define DEFAULT_SESSIONS_MAX 10 /* Default for MaxSessions */ |
40 | 46 | ||
@@ -149,8 +155,8 @@ typedef struct { | |||
149 | * disconnect the session | 155 | * disconnect the session |
150 | */ | 156 | */ |
151 | 157 | ||
152 | char *authorized_keys_file; /* File containing public keys */ | 158 | u_int num_authkeys_files; /* Files containing public keys */ |
153 | char *authorized_keys_file2; | 159 | char *authorized_keys_files[MAX_AUTHKEYS_FILES]; |
154 | 160 | ||
155 | char *adm_forced_command; | 161 | char *adm_forced_command; |
156 | 162 | ||
@@ -168,6 +174,20 @@ typedef struct { | |||
168 | char *authorized_principals_file; | 174 | char *authorized_principals_file; |
169 | } ServerOptions; | 175 | } ServerOptions; |
170 | 176 | ||
177 | /* | ||
178 | * These are string config options that must be copied between the | ||
179 | * Match sub-config and the main config, and must be sent from the | ||
180 | * privsep slave to the privsep master. We use a macro to ensure all | ||
181 | * the options are copied and the copies are done in the correct order. | ||
182 | */ | ||
183 | #define COPY_MATCH_STRING_OPTS() do { \ | ||
184 | M_CP_STROPT(banner); \ | ||
185 | M_CP_STROPT(trusted_user_ca_keys); \ | ||
186 | M_CP_STROPT(revoked_keys_file); \ | ||
187 | M_CP_STROPT(authorized_principals_file); \ | ||
188 | M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \ | ||
189 | } while (0) | ||
190 | |||
171 | void initialize_server_options(ServerOptions *); | 191 | void initialize_server_options(ServerOptions *); |
172 | void fill_default_server_options(ServerOptions *); | 192 | void fill_default_server_options(ServerOptions *); |
173 | int process_server_config_line(ServerOptions *, char *, const char *, int, | 193 | int process_server_config_line(ServerOptions *, char *, const char *, int, |