diff options
Diffstat (limited to 'servconf.h')
| -rw-r--r-- | servconf.h | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/servconf.h b/servconf.h index 5a2b60512..4afdf24d0 100644 --- a/servconf.h +++ b/servconf.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: servconf.h,v 1.144 2020/04/17 03:30:05 djm Exp $ */ | 1 | /* $OpenBSD: servconf.h,v 1.146 2020/08/27 01:07:10 djm Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| @@ -50,7 +50,8 @@ | |||
| 50 | #define INTERNAL_SFTP_NAME "internal-sftp" | 50 | #define INTERNAL_SFTP_NAME "internal-sftp" |
| 51 | 51 | ||
| 52 | /* PubkeyAuthOptions flags */ | 52 | /* PubkeyAuthOptions flags */ |
| 53 | #define PUBKEYAUTH_TOUCH_REQUIRED 1 | 53 | #define PUBKEYAUTH_TOUCH_REQUIRED (1) |
| 54 | #define PUBKEYAUTH_VERIFY_REQUIRED (1<<1) | ||
| 54 | 55 | ||
| 55 | struct ssh; | 56 | struct ssh; |
| 56 | struct fwd_perm_list; | 57 | struct fwd_perm_list; |
| @@ -149,7 +150,7 @@ typedef struct { | |||
| 149 | int permit_empty_passwd; /* If false, do not permit empty | 150 | int permit_empty_passwd; /* If false, do not permit empty |
| 150 | * passwords. */ | 151 | * passwords. */ |
| 151 | int permit_user_env; /* If true, read ~/.ssh/environment */ | 152 | int permit_user_env; /* If true, read ~/.ssh/environment */ |
| 152 | char *permit_user_env_whitelist; /* pattern-list whitelist */ | 153 | char *permit_user_env_allowlist; /* pattern-list of allowed env names */ |
| 153 | int compression; /* If true, compression is allowed */ | 154 | int compression; /* If true, compression is allowed */ |
| 154 | int allow_tcp_forwarding; /* One of FORWARD_* */ | 155 | int allow_tcp_forwarding; /* One of FORWARD_* */ |
| 155 | int allow_streamlocal_forwarding; /* One of FORWARD_* */ | 156 | int allow_streamlocal_forwarding; /* One of FORWARD_* */ |
| @@ -255,7 +256,7 @@ TAILQ_HEAD(include_list, include_item); | |||
| 255 | /* | 256 | /* |
| 256 | * These are string config options that must be copied between the | 257 | * These are string config options that must be copied between the |
| 257 | * Match sub-config and the main config, and must be sent from the | 258 | * Match sub-config and the main config, and must be sent from the |
| 258 | * privsep slave to the privsep master. We use a macro to ensure all | 259 | * privsep child to the privsep master. We use a macro to ensure all |
| 259 | * the options are copied and the copies are done in the correct order. | 260 | * the options are copied and the copies are done in the correct order. |
| 260 | * | 261 | * |
| 261 | * NB. an option must appear in servconf.c:copy_set_server_options() or | 262 | * NB. an option must appear in servconf.c:copy_set_server_options() or |
| @@ -274,7 +275,7 @@ TAILQ_HEAD(include_list, include_item); | |||
| 274 | M_CP_STROPT(pubkey_key_types); \ | 275 | M_CP_STROPT(pubkey_key_types); \ |
| 275 | M_CP_STROPT(ca_sign_algorithms); \ | 276 | M_CP_STROPT(ca_sign_algorithms); \ |
| 276 | M_CP_STROPT(routing_domain); \ | 277 | M_CP_STROPT(routing_domain); \ |
| 277 | M_CP_STROPT(permit_user_env_whitelist); \ | 278 | M_CP_STROPT(permit_user_env_allowlist); \ |
| 278 | M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \ | 279 | M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \ |
| 279 | M_CP_STRARRAYOPT(allow_users, num_allow_users); \ | 280 | M_CP_STRARRAYOPT(allow_users, num_allow_users); \ |
| 280 | M_CP_STRARRAYOPT(deny_users, num_deny_users); \ | 281 | M_CP_STRARRAYOPT(deny_users, num_deny_users); \ |