diff options
Diffstat (limited to 'servconf.h')
| -rw-r--r-- | servconf.h | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/servconf.h b/servconf.h index 2ccf4d0f2..06e21a93d 100644 --- a/servconf.h +++ b/servconf.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: servconf.h,v 1.103 2012/07/10 02:19:15 djm Exp $ */ | 1 | /* $OpenBSD: servconf.h,v 1.107 2013/01/03 05:49:36 djm Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| @@ -28,6 +28,7 @@ | |||
| 28 | #define MAX_ACCEPT_ENV 256 /* Max # of env vars. */ | 28 | #define MAX_ACCEPT_ENV 256 /* Max # of env vars. */ |
| 29 | #define MAX_MATCH_GROUPS 256 /* Max # of groups for Match. */ | 29 | #define MAX_MATCH_GROUPS 256 /* Max # of groups for Match. */ |
| 30 | #define MAX_AUTHKEYS_FILES 256 /* Max # of authorized_keys files. */ | 30 | #define MAX_AUTHKEYS_FILES 256 /* Max # of authorized_keys files. */ |
| 31 | #define MAX_AUTH_METHODS 256 /* Max # of AuthenticationMethods. */ | ||
| 31 | 32 | ||
| 32 | /* permit_root_login */ | 33 | /* permit_root_login */ |
| 33 | #define PERMIT_NOT_SET -1 | 34 | #define PERMIT_NOT_SET -1 |
| @@ -41,6 +42,12 @@ | |||
| 41 | #define PRIVSEP_ON 1 | 42 | #define PRIVSEP_ON 1 |
| 42 | #define PRIVSEP_NOSANDBOX 2 | 43 | #define PRIVSEP_NOSANDBOX 2 |
| 43 | 44 | ||
| 45 | /* AllowTCPForwarding */ | ||
| 46 | #define FORWARD_DENY 0 | ||
| 47 | #define FORWARD_REMOTE (1) | ||
| 48 | #define FORWARD_LOCAL (1<<1) | ||
| 49 | #define FORWARD_ALLOW (FORWARD_REMOTE|FORWARD_LOCAL) | ||
| 50 | |||
| 44 | #define DEFAULT_AUTH_FAIL_MAX 6 /* Default for MaxAuthTries */ | 51 | #define DEFAULT_AUTH_FAIL_MAX 6 /* Default for MaxAuthTries */ |
| 45 | #define DEFAULT_SESSIONS_MAX 10 /* Default for MaxSessions */ | 52 | #define DEFAULT_SESSIONS_MAX 10 /* Default for MaxSessions */ |
| 46 | 53 | ||
| @@ -118,7 +125,7 @@ typedef struct { | |||
| 118 | int permit_user_env; /* If true, read ~/.ssh/environment */ | 125 | int permit_user_env; /* If true, read ~/.ssh/environment */ |
| 119 | int use_login; /* If true, login(1) is used */ | 126 | int use_login; /* If true, login(1) is used */ |
| 120 | int compression; /* If true, compression is allowed */ | 127 | int compression; /* If true, compression is allowed */ |
| 121 | int allow_tcp_forwarding; | 128 | int allow_tcp_forwarding; /* One of FORWARD_* */ |
| 122 | int allow_agent_forwarding; | 129 | int allow_agent_forwarding; |
| 123 | u_int num_allow_users; | 130 | u_int num_allow_users; |
| 124 | char *allow_users[MAX_ALLOW_USERS]; | 131 | char *allow_users[MAX_ALLOW_USERS]; |
| @@ -169,8 +176,13 @@ typedef struct { | |||
| 169 | char *revoked_keys_file; | 176 | char *revoked_keys_file; |
| 170 | char *trusted_user_ca_keys; | 177 | char *trusted_user_ca_keys; |
| 171 | char *authorized_principals_file; | 178 | char *authorized_principals_file; |
| 179 | char *authorized_keys_command; | ||
| 180 | char *authorized_keys_command_user; | ||
| 172 | 181 | ||
| 173 | char *version_addendum; /* Appended to SSH banner */ | 182 | char *version_addendum; /* Appended to SSH banner */ |
| 183 | |||
| 184 | u_int num_auth_methods; | ||
| 185 | char *auth_methods[MAX_AUTH_METHODS]; | ||
| 174 | } ServerOptions; | 186 | } ServerOptions; |
| 175 | 187 | ||
| 176 | /* Information about the incoming connection as used by Match */ | 188 | /* Information about the incoming connection as used by Match */ |
| @@ -194,12 +206,15 @@ struct connection_info { | |||
| 194 | M_CP_STROPT(trusted_user_ca_keys); \ | 206 | M_CP_STROPT(trusted_user_ca_keys); \ |
| 195 | M_CP_STROPT(revoked_keys_file); \ | 207 | M_CP_STROPT(revoked_keys_file); \ |
| 196 | M_CP_STROPT(authorized_principals_file); \ | 208 | M_CP_STROPT(authorized_principals_file); \ |
| 209 | M_CP_STROPT(authorized_keys_command); \ | ||
| 210 | M_CP_STROPT(authorized_keys_command_user); \ | ||
| 197 | M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \ | 211 | M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \ |
| 198 | M_CP_STRARRAYOPT(allow_users, num_allow_users); \ | 212 | M_CP_STRARRAYOPT(allow_users, num_allow_users); \ |
| 199 | M_CP_STRARRAYOPT(deny_users, num_deny_users); \ | 213 | M_CP_STRARRAYOPT(deny_users, num_deny_users); \ |
| 200 | M_CP_STRARRAYOPT(allow_groups, num_allow_groups); \ | 214 | M_CP_STRARRAYOPT(allow_groups, num_allow_groups); \ |
| 201 | M_CP_STRARRAYOPT(deny_groups, num_deny_groups); \ | 215 | M_CP_STRARRAYOPT(deny_groups, num_deny_groups); \ |
| 202 | M_CP_STRARRAYOPT(accept_env, num_accept_env); \ | 216 | M_CP_STRARRAYOPT(accept_env, num_accept_env); \ |
| 217 | M_CP_STRARRAYOPT(auth_methods, num_auth_methods); \ | ||
| 203 | } while (0) | 218 | } while (0) |
| 204 | 219 | ||
| 205 | struct connection_info *get_connection_info(int, int); | 220 | struct connection_info *get_connection_info(int, int); |