[openssh.git] / servconf.h

/*

servconf.h

Author: Tatu Ylonen <ylo@cs.hut.fi>

Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
                   All rights reserved

Created: Mon Aug 21 15:35:03 1995 ylo

Definitions for server configuration data and for the functions reading it.

*/

/* RCSID("$Id$"); */

#ifndef SERVCONF_H
#define SERVCONF_H

#define MAX_ALLOW_USERS		256 /* Max # users on allow list. */
#define MAX_DENY_USERS		256 /* Max # users on deny list. */
#define MAX_ALLOW_GROUPS	256 /* Max # groups on allow list. */
#define MAX_DENY_GROUPS		256 /* Max # groups on deny list. */

typedef struct
{
  int port;			/* Port number to listen on. */
  struct in_addr listen_addr;	/* Address on which the server listens. */
  char *host_key_file;		/* File containing host key. */
  int server_key_bits;		/* Size of the server key. */
  int login_grace_time;		/* Disconnect if no auth in this time (sec). */
  int key_regeneration_time;	/* Server key lifetime (seconds). */
  int permit_root_login;	/* If true, permit root login. */
  int ignore_rhosts;		/* Ignore .rhosts and .shosts. */
  int ignore_user_known_hosts;	/* Ignore ~/.ssh/known_hosts for RhostsRsaAuth */
  int print_motd;		/* If true, print /etc/motd. */
  int check_mail;               /* If true, check for new mail. */
  int x11_forwarding;		/* If true, permit inet (spoofing) X11 fwd. */
  int x11_display_offset;	/* What DISPLAY number to start searching at */
  int strict_modes;		/* If true, require string home dir modes. */
  int keepalives;		/* If true, set SO_KEEPALIVE. */
  SyslogFacility log_facility;	/* Facility for system logging. */
  LogLevel log_level;		/* Level for system logging. */
  int rhosts_authentication;	/* If true, permit rhosts authentication. */
  int rhosts_rsa_authentication;/* If true, permit rhosts RSA authentication.*/
  int rsa_authentication;	/* If true, permit RSA authentication. */
#ifdef KRB4
  int kerberos_authentication;	/* If true, permit Kerberos authentication. */
  int kerberos_or_local_passwd;	/* If true, permit kerberos and any other
				   password authentication mechanism, such
				   as SecurID or /etc/passwd */
  int kerberos_ticket_cleanup;	/* If true, destroy ticket file on logout. */
#endif
#ifdef AFS
  int kerberos_tgt_passing;	/* If true, permit Kerberos tgt passing. */
  int afs_token_passing;	/* If true, permit AFS token passing. */
#endif
  int password_authentication;  /* If true, permit password authentication. */
#ifdef SKEY
  int skey_authentication;      /* If true, permit s/key authentication. */
#endif
  int permit_empty_passwd;      /* If false, do not permit empty passwords. */
  int use_login;                /* If true, login(1) is used */
  unsigned int num_allow_users;
  char *allow_users[MAX_ALLOW_USERS];
  unsigned int num_deny_users;
  char *deny_users[MAX_DENY_USERS];
  unsigned int num_allow_groups;
  char *allow_groups[MAX_ALLOW_GROUPS];
  unsigned int num_deny_groups;
  char *deny_groups[MAX_DENY_GROUPS];
} ServerOptions;

/* Initializes the server options to special values that indicate that they
   have not yet been set. */
void initialize_server_options(ServerOptions *options);

/* Reads the server configuration file.  This only sets the values for those
   options that have the special value indicating they have not been set. */
void read_server_config(ServerOptions *options, const char *filename);

/* Sets values for those values that have not yet been set. */
void fill_default_server_options(ServerOptions *options);

#endif /* SERVCONF_H */
Commit	Line	Data
8efc0c15	1	/*
	2
	3	servconf.h
	4
	5	Author: Tatu Ylonen <ylo@cs.hut.fi>
	6
	7	Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	8	All rights reserved
	9
	10	Created: Mon Aug 21 15:35:03 1995 ylo
	11
	12	Definitions for server configuration data and for the functions reading it.
	13
	14	*/
	15
	16	/* RCSID("$Id$"); */
	17
	18	#ifndef SERVCONF_H
	19	#define SERVCONF_H
	20
	21	#define MAX_ALLOW_USERS 256 /* Max # users on allow list. */
	22	#define MAX_DENY_USERS 256 /* Max # users on deny list. */
	23	#define MAX_ALLOW_GROUPS 256 /* Max # groups on allow list. */
	24	#define MAX_DENY_GROUPS 256 /* Max # groups on deny list. */
	25
	26	typedef struct
	27	{
	28	int port; /* Port number to listen on. */
	29	struct in_addr listen_addr; /* Address on which the server listens. */
	30	char host_key_file; / File containing host key. */
	31	int server_key_bits; /* Size of the server key. */
	32	int login_grace_time; /* Disconnect if no auth in this time (sec). */
	33	int key_regeneration_time; /* Server key lifetime (seconds). */
	34	int permit_root_login; /* If true, permit root login. */
	35	int ignore_rhosts; /* Ignore .rhosts and .shosts. */
b4748e2f	36	int ignore_user_known_hosts; /* Ignore ~/.ssh/known_hosts for RhostsRsaAuth */
8efc0c15	37	int print_motd; /* If true, print /etc/motd. */
	38	int check_mail; /* If true, check for new mail. */
	39	int x11_forwarding; /* If true, permit inet (spoofing) X11 fwd. */
	40	int x11_display_offset; /* What DISPLAY number to start searching at */
	41	int strict_modes; /* If true, require string home dir modes. */
	42	int keepalives; /* If true, set SO_KEEPALIVE. */
	43	SyslogFacility log_facility; /* Facility for system logging. */
6a17f9c2	44	LogLevel log_level; /* Level for system logging. */
8efc0c15	45	int rhosts_authentication; /* If true, permit rhosts authentication. */
	46	int rhosts_rsa_authentication;/* If true, permit rhosts RSA authentication.*/
	47	int rsa_authentication; /* If true, permit RSA authentication. */
	48	#ifdef KRB4
	49	int kerberos_authentication; /* If true, permit Kerberos authentication. */
	50	int kerberos_or_local_passwd; /* If true, permit kerberos and any other
	51	password authentication mechanism, such
	52	as SecurID or /etc/passwd */
	53	int kerberos_ticket_cleanup; /* If true, destroy ticket file on logout. */
	54	#endif
	55	#ifdef AFS
	56	int kerberos_tgt_passing; /* If true, permit Kerberos tgt passing. */
	57	int afs_token_passing; /* If true, permit AFS token passing. */
	58	#endif
	59	int password_authentication; /* If true, permit password authentication. */
	60	#ifdef SKEY
	61	int skey_authentication; /* If true, permit s/key authentication. */
	62	#endif
	63	int permit_empty_passwd; /* If false, do not permit empty passwords. */
	64	int use_login; /* If true, login(1) is used */
	65	unsigned int num_allow_users;
	66	char *allow_users[MAX_ALLOW_USERS];
	67	unsigned int num_deny_users;
	68	char *deny_users[MAX_DENY_USERS];
	69	unsigned int num_allow_groups;
	70	char *allow_groups[MAX_ALLOW_GROUPS];
	71	unsigned int num_deny_groups;
	72	char *deny_groups[MAX_DENY_GROUPS];
	73	} ServerOptions;
	74
	75	/* Initializes the server options to special values that indicate that they
	76	have not yet been set. */
	77	void initialize_server_options(ServerOptions *options);
	78
	79	/* Reads the server configuration file. This only sets the values for those
	80	options that have the special value indicating they have not been set. */
	81	void read_server_config(ServerOptions options, const char filename);
	82
	83	/* Sets values for those values that have not yet been set. */
	84	void fill_default_server_options(ServerOptions *options);
	85
	86	#endif /* SERVCONF_H */