1 files changed, 26 insertions, 8 deletions

diff --git a/servconf.h b/servconf.h
index 0be15f09a..a15f2a7fa 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.h,v 1.99 2011/06/22 21:57:01 djm Exp $ */
+/* $OpenBSD: servconf.h,v 1.103 2012/07/10 02:19:15 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -39,7 +39,7 @@
 /* use_privsep */
 #define PRIVSEP_OFF             0
 #define PRIVSEP_ON              1
-#define PRIVSEP_SANDBOX         2
+#define PRIVSEP_NOSANDBOX       2
 
 #define DEFAULT_AUTH_FAIL_MAX   6       /* Default for MaxAuthTries */
 #define DEFAULT_SESSIONS_MAX    10      /* Default for MaxSessions */
@@ -166,14 +166,25 @@ typedef struct {
 
         int     num_permitted_opens;
 
-        int     debian_banner;
-
         char   *chroot_directory;
         char   *revoked_keys_file;
         char   *trusted_user_ca_keys;
         char   *authorized_principals_file;
+
+        char   *version_addendum;       /* Appended to SSH banner */
+        int     debian_banner;
 }       ServerOptions;
 
+/* Information about the incoming connection as used by Match */
+struct connection_info {
+        const char *user;
+        const char *host;       /* possibly resolved hostname */
+        const char *address;    /* remote address */
+        const char *laddress;   /* local address */
+        int lport;              /* local port */
+};
+
+
 /*
  * These are string config options that must be copied between the
  * Match sub-config and the main config, and must be sent from the
@@ -186,17 +197,24 @@ typedef struct {
                 M_CP_STROPT(revoked_keys_file); \
                 M_CP_STROPT(authorized_principals_file); \
                 M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \
+                M_CP_STRARRAYOPT(allow_users, num_allow_users); \
+                M_CP_STRARRAYOPT(deny_users, num_deny_users); \
+                M_CP_STRARRAYOPT(allow_groups, num_allow_groups); \
+                M_CP_STRARRAYOPT(deny_groups, num_deny_groups); \
+                M_CP_STRARRAYOPT(accept_env, num_accept_env); \
         } while (0)
 
+struct connection_info *get_connection_info(int, int);
 void     initialize_server_options(ServerOptions *);
 void     fill_default_server_options(ServerOptions *);
 int      process_server_config_line(ServerOptions *, char *, const char *, int,
-             int *, const char *, const char *, const char *);
+             int *, struct connection_info *);
 void     load_server_config(const char *, Buffer *);
 void     parse_server_config(ServerOptions *, const char *, Buffer *,
-             const char *, const char *, const char *);
-void     parse_server_match_config(ServerOptions *, const char *, const char *,
-             const char *);
+             struct connection_info *);
+void     parse_server_match_config(ServerOptions *, struct connection_info *);
+int      parse_server_match_testspec(struct connection_info *, char *);
+int      server_match_spec_complete(struct connection_info *);
 void     copy_set_server_options(ServerOptions *, ServerOptions *, int);
 void     dump_config(ServerOptions *);
 char    *derelativise_path(const char *);