summaryrefslogtreecommitdiff
path: root/servconf.h
diff options
context:
space:
mode:
Diffstat (limited to 'servconf.h')
-rw-r--r--servconf.h52
1 files changed, 24 insertions, 28 deletions
diff --git a/servconf.h b/servconf.h
index 1dca702e6..1ff3bc5a1 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: servconf.h,v 1.126 2017/10/02 19:33:20 djm Exp $ */ 1/* $OpenBSD: servconf.h,v 1.127 2017/10/05 15:52:03 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -18,17 +18,7 @@
18 18
19#define MAX_PORTS 256 /* Max # ports. */ 19#define MAX_PORTS 256 /* Max # ports. */
20 20
21#define MAX_ALLOW_USERS 256 /* Max # users on allow list. */
22#define MAX_DENY_USERS 256 /* Max # users on deny list. */
23#define MAX_ALLOW_GROUPS 256 /* Max # groups on allow list. */
24#define MAX_DENY_GROUPS 256 /* Max # groups on deny list. */
25#define MAX_SUBSYSTEMS 256 /* Max # subsystems. */ 21#define MAX_SUBSYSTEMS 256 /* Max # subsystems. */
26#define MAX_HOSTKEYS 256 /* Max # hostkeys. */
27#define MAX_HOSTCERTS 256 /* Max # host certificates. */
28#define MAX_ACCEPT_ENV 256 /* Max # of env vars. */
29#define MAX_MATCH_GROUPS 256 /* Max # of groups for Match. */
30#define MAX_AUTHKEYS_FILES 256 /* Max # of authorized_keys files. */
31#define MAX_AUTH_METHODS 256 /* Max # of AuthenticationMethods. */
32 22
33/* permit_root_login */ 23/* permit_root_login */
34#define PERMIT_NOT_SET -1 24#define PERMIT_NOT_SET -1
@@ -68,14 +58,16 @@ typedef struct {
68 u_int num_queued_listens; 58 u_int num_queued_listens;
69 char **queued_listen_addrs; 59 char **queued_listen_addrs;
70 int *queued_listen_ports; 60 int *queued_listen_ports;
71 struct addrinfo *listen_addrs; /* Addresses on which the server listens. */ 61 struct addrinfo *listen_addrs; /* Addresses for server to listen. */
72 int address_family; /* Address family used by the server. */ 62 int address_family; /* Address family used by the server. */
73 char *host_key_files[MAX_HOSTKEYS]; /* Files containing host keys. */ 63
74 int num_host_key_files; /* Number of files for host keys. */ 64 char **host_key_files; /* Files containing host keys. */
75 char *host_cert_files[MAX_HOSTCERTS]; /* Files containing host certs. */ 65 u_int num_host_key_files; /* Number of files for host keys. */
76 int num_host_cert_files; /* Number of files for host certs. */ 66 char **host_cert_files; /* Files containing host certs. */
77 char *host_key_agent; /* ssh-agent socket for host keys. */ 67 u_int num_host_cert_files; /* Number of files for host certs. */
78 char *pid_file; /* Where to put our pid */ 68
69 char *host_key_agent; /* ssh-agent socket for host keys. */
70 char *pid_file; /* Where to put our pid */
79 int login_grace_time; /* Disconnect if no auth in this time 71 int login_grace_time; /* Disconnect if no auth in this time
80 * (sec). */ 72 * (sec). */
81 int permit_root_login; /* PERMIT_*, see above */ 73 int permit_root_login; /* PERMIT_*, see above */
@@ -134,13 +126,13 @@ typedef struct {
134 int allow_agent_forwarding; 126 int allow_agent_forwarding;
135 int disable_forwarding; 127 int disable_forwarding;
136 u_int num_allow_users; 128 u_int num_allow_users;
137 char *allow_users[MAX_ALLOW_USERS]; 129 char **allow_users;
138 u_int num_deny_users; 130 u_int num_deny_users;
139 char *deny_users[MAX_DENY_USERS]; 131 char **deny_users;
140 u_int num_allow_groups; 132 u_int num_allow_groups;
141 char *allow_groups[MAX_ALLOW_GROUPS]; 133 char **allow_groups;
142 u_int num_deny_groups; 134 u_int num_deny_groups;
143 char *deny_groups[MAX_DENY_GROUPS]; 135 char **deny_groups;
144 136
145 u_int num_subsystems; 137 u_int num_subsystems;
146 char *subsystem_name[MAX_SUBSYSTEMS]; 138 char *subsystem_name[MAX_SUBSYSTEMS];
@@ -148,7 +140,7 @@ typedef struct {
148 char *subsystem_args[MAX_SUBSYSTEMS]; 140 char *subsystem_args[MAX_SUBSYSTEMS];
149 141
150 u_int num_accept_env; 142 u_int num_accept_env;
151 char *accept_env[MAX_ACCEPT_ENV]; 143 char **accept_env;
152 144
153 int max_startups_begin; 145 int max_startups_begin;
154 int max_startups_rate; 146 int max_startups_rate;
@@ -167,8 +159,8 @@ typedef struct {
167 * disconnect the session 159 * disconnect the session
168 */ 160 */
169 161
170 u_int num_authkeys_files; /* Files containing public keys */ 162 u_int num_authkeys_files; /* Files containing public keys */
171 char *authorized_keys_files[MAX_AUTHKEYS_FILES]; 163 char **authorized_keys_files;
172 164
173 char *adm_forced_command; 165 char *adm_forced_command;
174 166
@@ -194,7 +186,7 @@ typedef struct {
194 char *version_addendum; /* Appended to SSH banner */ 186 char *version_addendum; /* Appended to SSH banner */
195 187
196 u_int num_auth_methods; 188 u_int num_auth_methods;
197 char *auth_methods[MAX_AUTH_METHODS]; 189 char **auth_methods;
198 190
199 int fingerprint_hash; 191 int fingerprint_hash;
200 int expose_userauth_info; 192 int expose_userauth_info;
@@ -237,7 +229,7 @@ struct connection_info {
237 M_CP_STRARRAYOPT(deny_groups, num_deny_groups); \ 229 M_CP_STRARRAYOPT(deny_groups, num_deny_groups); \
238 M_CP_STRARRAYOPT(accept_env, num_accept_env); \ 230 M_CP_STRARRAYOPT(accept_env, num_accept_env); \
239 M_CP_STRARRAYOPT(auth_methods, num_auth_methods); \ 231 M_CP_STRARRAYOPT(auth_methods, num_auth_methods); \
240 M_CP_STRARRAYOPT_ALLOC(permitted_opens, num_permitted_opens); \ 232 M_CP_STRARRAYOPT(permitted_opens, num_permitted_opens); \
241 } while (0) 233 } while (0)
242 234
243struct connection_info *get_connection_info(int, int); 235struct connection_info *get_connection_info(int, int);
@@ -255,5 +247,9 @@ int server_match_spec_complete(struct connection_info *);
255void copy_set_server_options(ServerOptions *, ServerOptions *, int); 247void copy_set_server_options(ServerOptions *, ServerOptions *, int);
256void dump_config(ServerOptions *); 248void dump_config(ServerOptions *);
257char *derelativise_path(const char *); 249char *derelativise_path(const char *);
250void servconf_add_hostkey(const char *, const int,
251 ServerOptions *, const char *path);
252void servconf_add_hostcert(const char *, const int,
253 ServerOptions *, const char *path);
258 254
259#endif /* SERVCONF_H */ 255#endif /* SERVCONF_H */