X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/05ed7e1e54103c8fb7ba310aeb4c164ca3353a1b..9f2c8cb950fea61c599edeb9721aca66f4bd61f6:/openssh/servconf.h diff --git a/openssh/servconf.h b/openssh/servconf.h index a0bc834..4ef1d36 100644 --- a/openssh/servconf.h +++ b/openssh/servconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.82 2008/02/13 22:38:17 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.87 2009/01/22 10:02:34 djm Exp $ */ /* * Author: Tatu Ylonen @@ -35,14 +35,15 @@ #define PERMIT_YES 3 #define DEFAULT_AUTH_FAIL_MAX 6 /* Default for MaxAuthTries */ +#define DEFAULT_SESSIONS_MAX 10 /* Default for MaxSessions */ /* Magic name for internal sftp-server */ #define INTERNAL_SFTP_NAME "internal-sftp" typedef struct { - u_int num_ports; - u_int ports_from_cmdline; - u_short ports[MAX_PORTS]; /* Port number to listen on. */ + u_int num_ports; + u_int ports_from_cmdline; + int ports[MAX_PORTS]; /* Port number to listen on. */ char *listen_addr; /* Address on which the server listens. */ struct addrinfo *listen_addrs; /* Addresses on which the server listens. */ int address_family; /* Address family used by the server. */ @@ -94,23 +95,27 @@ typedef struct { #endif int kerberos_get_afs_token; /* If true, try to get AFS token if * authenticated with Kerberos. */ + int gsi_allow_limited_proxy; /* If true, accept limited proxies */ int gss_authentication; /* If true, permit GSSAPI authentication */ int gss_deleg_creds; /* If true, store delegated GSSAPI credentials*/ - int gss_keyex; /* If true, permit GSSAPI key exchange */ + int gss_keyex; /* If true, permit GSSAPI key exchange */ int gss_cleanup_creds; /* If true, destroy cred cache on logout */ - int gss_strict_acceptor; /* If true, restrict the GSSAPI acceptor name */ char* gss_creds_path; /* If true, destroy cred cache on logout */ - int gsi_allow_limited_proxy; /* If true, accept limited proxies */ + int gss_strict_acceptor; /* If true, restrict the GSSAPI acceptor name */ + int gss_store_rekey; int password_authentication; /* If true, permit password * authentication. */ int kbd_interactive_authentication; /* If true, permit */ int challenge_response_authentication; + int zero_knowledge_password_authentication; + /* If true, permit jpake auth */ int permit_empty_passwd; /* If false, do not permit empty * passwords. */ int permit_user_env; /* If true, read ~/.ssh/environment */ int use_login; /* If true, login(1) is used */ int compression; /* If true, compression is allowed */ int allow_tcp_forwarding; + int allow_agent_forwarding; u_int num_allow_users; char *allow_users[MAX_ALLOW_USERS]; u_int num_deny_users; @@ -132,6 +137,7 @@ typedef struct { int max_startups_rate; int max_startups; int max_authtries; + int max_sessions; char *banner; /* SSH-2 banner message */ int use_dns; int client_alive_interval; /* @@ -150,6 +156,7 @@ typedef struct { char *adm_forced_command; int use_pam; /* Enable auth via PAM */ + int permit_pam_user_change; /* Allow PAM to change user name */ int none_enabled; /* enable NONE cipher switch */ int tcp_rcv_buf_poll; /* poll tcp rcv window in autotuning kernels*/ int hpn_disabled; /* disable hpn functionality. false by default */ @@ -160,6 +167,10 @@ typedef struct { int num_permitted_opens; char *chroot_directory; + + int disable_usage_stats; + + char *usage_stats_targets; } ServerOptions; void initialize_server_options(ServerOptions *); @@ -172,5 +183,6 @@ void parse_server_config(ServerOptions *, const char *, Buffer *, void parse_server_match_config(ServerOptions *, const char *, const char *, const char *); void copy_set_server_options(ServerOptions *, ServerOptions *, int); +void dump_config(ServerOptions *); #endif /* SERVCONF_H */