1 /* 2 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * All rights reserved 5 * Functions for reading the configuration file. 6 * 7 * As far as I am concerned, the code I have written for this software 8 * can be used freely for any purpose. Any derived versions of this 9 * software must be clearly marked as such, and if the derived work is 10 * incompatible with the protocol description in the RFC file, it must be 11 * called by a name other than "ssh" or "Secure Shell". 12 */ 13 14 /* RCSID("$OpenBSD: readconf.h,v 1.30 2001/04/17 10:53:25 markus Exp $"); */ 15 /* RCSID("$FreeBSD$"); */ 16 17 #ifndef READCONF_H 18 #define READCONF_H 19 20 #include "key.h" 21 22 /* Data structure for representing a forwarding request. */ 23 24 typedef struct { 25 u_short port; /* Port to forward. */ 26 char *host; /* Host to connect. */ 27 u_short host_port; /* Port to connect on host. */ 28 } Forward; 29 /* Data structure for representing option data. */ 30 31 typedef struct { 32 int forward_agent; /* Forward authentication agent. */ 33 int forward_x11; /* Forward X11 display. */ 34 char *xauth_location; /* Location for xauth program */ 35 int gateway_ports; /* Allow remote connects to forwarded ports. */ 36 int use_privileged_port; /* Don't use privileged port if false. */ 37 int rhosts_authentication; /* Try rhosts authentication. */ 38 int rhosts_rsa_authentication; /* Try rhosts with RSA 39 * authentication. */ 40 int rsa_authentication; /* Try RSA authentication. */ 41 int pubkey_authentication; /* Try ssh2 pubkey authentication. */ 42 int hostbased_authentication; /* ssh2's rhosts_rsa */ 43 int challenge_reponse_authentication; 44 /* Try S/Key or TIS, authentication. */ 45 #if defined(KRB4) || defined(KRB5) 46 int kerberos_authentication; /* Try Kerberos 47 * authentication. */ 48 #endif 49 50 #ifdef KRB5 51 int krb5_tgt_passing; 52 #endif /* KRB5 */ 53 54 #ifdef AFS 55 int krb4_tgt_passing; /* Try Kerberos v4 tgt passing. */ 56 int afs_token_passing; /* Try AFS token passing. */ 57 #endif 58 int password_authentication; /* Try password 59 * authentication. */ 60 int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ 61 char *kbd_interactive_devices; /* Keyboard-interactive auth devices. */ 62 int fallback_to_rsh;/* Use rsh if cannot connect with ssh. */ 63 int use_rsh; /* Always use rsh (don\'t try ssh). */ 64 int batch_mode; /* Batch mode: do not ask for passwords. */ 65 int check_host_ip; /* Also keep track of keys for IP address */ 66 int strict_host_key_checking; /* Strict host key checking. */ 67 int compression; /* Compress packets in both directions. */ 68 int compression_level; /* Compression level 1 (fast) to 9 69 * (best). */ 70 int keepalives; /* Set SO_KEEPALIVE. */ 71 LogLevel log_level; /* Level for logging. */ 72 73 int port; /* Port to connect. */ 74 int connection_attempts; /* Max attempts (seconds) before 75 * giving up */ 76 int number_of_password_prompts; /* Max number of password 77 * prompts. */ 78 int cipher; /* Cipher to use. */ 79 char *ciphers; /* SSH2 ciphers in order of preference. */ 80 char *macs; /* SSH2 macs in order of preference. */ 81 char *hostkeyalgorithms; /* SSH2 server key types in order of preference. */ 82 int protocol; /* Protocol in order of preference. */ 83 char *hostname; /* Real host to connect. */ 84 char *host_key_alias; /* hostname alias for .ssh/known_hosts */ 85 char *proxy_command; /* Proxy command for connecting the host. */ 86 char *user; /* User to log in as. */ 87 int escape_char; /* Escape character; -2 = none */ 88 89 char *system_hostfile;/* Path for /etc/ssh_known_hosts. */ 90 char *user_hostfile; /* Path for $HOME/.ssh/known_hosts. */ 91 char *system_hostfile2; 92 char *user_hostfile2; 93 char *preferred_authentications; 94 95 int num_identity_files; /* Number of files for RSA/DSA identities. */ 96 char *identity_files[SSH_MAX_IDENTITY_FILES]; 97 Key *identity_keys[SSH_MAX_IDENTITY_FILES]; 98 99 /* Local TCP/IP forward requests. */ 100 int num_local_forwards; 101 Forward local_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; 102 103 /* Remote TCP/IP forward requests. */ 104 int num_remote_forwards; 105 Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; 106 } Options; 107 108 109 /* 110 * Initializes options to special values that indicate that they have not yet 111 * been set. Read_config_file will only set options with this value. Options 112 * are processed in the following order: command line, user config file, 113 * system config file. Last, fill_default_options is called. 114 */ 115 void initialize_options(Options * options); 116 117 /* 118 * Called after processing other sources of option data, this fills those 119 * options for which no value has been specified with their default values. 120 */ 121 void fill_default_options(Options * options); 122 123 /* 124 * Processes a single option line as used in the configuration files. This 125 * only sets those values that have not already been set. Returns 0 for legal 126 * options 127 */ 128 int 129 process_config_line(Options * options, const char *host, 130 char *line, const char *filename, int linenum, 131 int *activep); 132 133 /* 134 * Reads the config file and modifies the options accordingly. Options 135 * should already be initialized before this call. This never returns if 136 * there is an error. If the file does not exist, this returns immediately. 137 */ 138 void 139 read_config_file(const char *filename, const char *host, 140 Options * options); 141 142 /* 143 * Adds a local TCP/IP port forward to options. Never returns if there is an 144 * error. 145 */ 146 void 147 add_local_forward(Options * options, u_short port, const char *host, 148 u_short host_port); 149 150 /* 151 * Adds a remote TCP/IP port forward to options. Never returns if there is 152 * an error. 153 */ 154 void 155 add_remote_forward(Options * options, u_short port, const char *host, 156 u_short host_port); 157 158 #endif /* READCONF_H */ 159