xref: /freebsd/crypto/openssh/servconf.h (revision 23f282aa31e9b6fceacd449020e936e98d6f2298) 
1 /*
2  *
3  * servconf.h
4  *
5  * Author: Tatu Ylonen <ylo@cs.hut.fi>
6  *
7  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8  *                    All rights reserved
9  *
10  * Created: Mon Aug 21 15:35:03 1995 ylo
11  *
12  * Definitions for server configuration data and for the functions reading it.
13  *
14  * $FreeBSD$
15  */
16 
17 /* RCSID("$Id: servconf.h,v 1.15 2000/01/04 00:08:00 markus Exp $"); */
18 
19 #ifndef SERVCONF_H
20 #define SERVCONF_H
21 
22 #define MAX_PORTS		256	/* Max # ports. */
23 
24 #define MAX_ALLOW_USERS		256	/* Max # users on allow list. */
25 #define MAX_DENY_USERS		256	/* Max # users on deny list. */
26 #define MAX_ALLOW_GROUPS	256	/* Max # groups on allow list. */
27 #define MAX_DENY_GROUPS		256	/* Max # groups on deny list. */
28 
29 typedef struct {
30 	unsigned int num_ports;
31 	unsigned int ports_from_cmdline;
32 	u_short ports[MAX_PORTS];	/* Port number to listen on. */
33 	char   *listen_addr;		/* Address on which the server listens. */
34 	struct addrinfo *listen_addrs;	/* Addresses on which the server listens. */
35 	char   *host_key_file;	/* File containing host key. */
36 	int     server_key_bits;/* Size of the server key. */
37 	int     login_grace_time;	/* Disconnect if no auth in this time
38 					 * (sec). */
39 	int     key_regeneration_time;	/* Server key lifetime (seconds). */
40 	int     permit_root_login;	/* If true, permit root login. */
41 	int     ignore_rhosts;	/* Ignore .rhosts and .shosts. */
42 	int     ignore_user_known_hosts;	/* Ignore ~/.ssh/known_hosts
43 						 * for RhostsRsaAuth */
44 	int     print_motd;	/* If true, print /etc/motd. */
45 	int     check_mail;	/* If true, check for new mail. */
46 	int     x11_forwarding;	/* If true, permit inet (spoofing) X11 fwd. */
47 	int     x11_display_offset;	/* What DISPLAY number to start
48 					 * searching at */
49 	int     strict_modes;	/* If true, require string home dir modes. */
50 	int     keepalives;	/* If true, set SO_KEEPALIVE. */
51 	SyslogFacility log_facility;	/* Facility for system logging. */
52 	LogLevel log_level;	/* Level for system logging. */
53 	int     rhosts_authentication;	/* If true, permit rhosts
54 					 * authentication. */
55 	int     rhosts_rsa_authentication;	/* If true, permit rhosts RSA
56 						 * authentication. */
57 	int     rsa_authentication;	/* If true, permit RSA authentication. */
58 #ifdef KRB4
59 	int     krb4_authentication;		/* If true, permit Kerberos v4
60 						 * authentication. */
61 	int     krb4_or_local_passwd;		/* If true, permit kerberos v4
62 						 * and any other password
63 						 * authentication mechanism,
64 						 * such as SecurID or
65 						 * /etc/passwd */
66 	int     krb4_ticket_cleanup;		/* If true, destroy ticket
67 						 * file on logout. */
68 #endif
69 #ifdef KRB5
70 	int     krb5_authentication;
71 	int     krb5_tgt_passing;
72 
73 #endif /* KRB5 */
74 #ifdef AFS
75 	int     krb4_tgt_passing;	/* If true, permit Kerberos v4 tgt
76 					 * passing. */
77 	int     afs_token_passing;	/* If true, permit AFS token passing. */
78 #endif
79 	int     password_authentication;	/* If true, permit password
80 						 * authentication. */
81 #ifdef SKEY
82 	int     skey_authentication;	/* If true, permit s/key
83 					 * authentication. */
84 #endif
85 	int     permit_empty_passwd;	/* If false, do not permit empty
86 					 * passwords. */
87 	int     use_login;	/* If true, login(1) is used */
88 	unsigned int num_allow_users;
89 	char   *allow_users[MAX_ALLOW_USERS];
90 	unsigned int num_deny_users;
91 	char   *deny_users[MAX_DENY_USERS];
92 	unsigned int num_allow_groups;
93 	char   *allow_groups[MAX_ALLOW_GROUPS];
94 	unsigned int num_deny_groups;
95 	char   *deny_groups[MAX_DENY_GROUPS];
96 	unsigned int connections_per_period;	/*
97 						 * If not 0, number of sshd
98 						 * connections accepted per
99 						 * connections_period.
100 						 */
101 	unsigned int connections_period;
102 }       ServerOptions;
103 /*
104  * Initializes the server options to special values that indicate that they
105  * have not yet been set.
106  */
107 void    initialize_server_options(ServerOptions * options);
108 
109 /*
110  * Reads the server configuration file.  This only sets the values for those
111  * options that have the special value indicating they have not been set.
112  */
113 void    read_server_config(ServerOptions * options, const char *filename);
114 
115 /* Sets values for those values that have not yet been set. */
116 void    fill_default_server_options(ServerOptions * options);
117 
118 #endif				/* SERVCONF_H */
119