source: trunk/third/ssh/servconf.h @ 12646

Revision 12646, 6.3 KB checked in by danw, 26 years ago (diff)
This commit was generated by cvs2svn to compensate for changes in r12645, which included commits to RCS files with non-trunk default branches.
Line 
1/*
2
3servconf.h
4
5Author: Tatu Ylonen <ylo@cs.hut.fi>
6
7Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8                   All rights reserved
9
10Created: Mon Aug 21 15:35:03 1995 ylo
11
12Definitions for server configuration data and for the functions reading it.
13
14*/
15
16/*
17 * $Id: servconf.h,v 1.1.1.4 1999-03-08 17:43:41 danw Exp $
18 * $Log: not supported by cvs2svn $
19 * Revision 1.11  1998/05/23  20:37:02  kivinen
20 *      Added forced_empty_passwd_change, num_deny_shosts,
21 *      num_allow_shosts, password_expire_warning_days,
22 *      account_expire_warning_days. Fixed typo in
23 *      forcedpasswordchange.
24 *
25 * Revision 1.10  1998/03/27  17:00:09  kivinen
26 *      Added IgnoreRootRhosts option.
27 *
28 * Revision 1.9  1998/01/03 06:42:11  kivinen
29 *      Added allow/deny groups option.
30 *
31 * Revision 1.8  1998/01/02 06:20:45  kivinen
32 *      Added xauthlocation and checkmail options.
33 *
34 * Revision 1.7  1997/04/27 21:51:44  kivinen
35 *      Added F-SECURE stuff. Added {Allow,Deny}Forwarding{To,Port}
36 *      feature. Added {Allow,Deny}Users feature from Steve Kann
37 *      <stevek@SteveK.COM>.
38 *
39 * Revision 1.6  1997/03/27 03:14:31  kivinen
40 *      Added kerberos patches from Glenn Machin.
41 *      Added USELOGIN patches from Brian Cully.
42 *
43 * Revision 1.5  1997/03/26 05:33:54  kivinen
44 *      Added idle_timeout option.
45 *
46 * Revision 1.4  1997/03/25 05:44:48  kivinen
47 *      Added silent_deny and umask.
48 *
49 * Revision 1.3  1997/03/19 17:55:14  kivinen
50 *      Added TIS authentication code from Andre April
51 *      <Andre.April@cediti.be>.
52 *      Added SECURE_RPC, SECURE_NFS and NIS_PLUS support from Andy
53 *      Polyakov <appro@fy.chalmers.se>.
54 *
55 * Revision 1.2  1996/11/27 15:38:28  ttsalo
56 *     Added X11DisplayOffset-option
57 *
58 * Revision 1.1.1.1  1996/02/18 21:38:10  ylo
59 *      Imported ssh-1.2.13.
60 *
61 * $EndLog$
62 */
63
64#ifndef SERVCONF_H
65#define SERVCONF_H
66
67#define MAX_ALLOW_SHOSTS        256 /* Max # hosts on allow shosts list. */
68#define MAX_DENY_SHOSTS         256 /* Max # hosts on deny shosts list. */
69#define MAX_ALLOW_HOSTS         256 /* Max # hosts on allow list. */
70#define MAX_DENY_HOSTS          256 /* Max # hosts on deny list. */
71#define MAX_ALLOW_USERS         256 /* Max # users on allow list. */
72#define MAX_DENY_USERS          256 /* Max # users on deny list. */
73#define MAX_ALLOW_GROUPS        256 /* Max # groups on allow list. */
74#define MAX_DENY_GROUPS         256 /* Max # groups on deny list. */
75
76#ifdef F_SECURE_COMMERCIAL
77#define MAX_ALLOW_FORWD_TO      256 /* Max # forwardingto on allow list. */
78#define MAX_DENY_FORWD_TO       256 /* Max # forwardingto on deny list. */
79#define MAX_ALLOW_FORWD_PORT    256 /* Max # forwardingport on allow list. */
80#define MAX_DENY_FORWD_PORT     256 /* Max # forwardingport on deny list. */
81#endif /* F_SECURE_COMMERCIAL */
82
83typedef struct
84{
85  int port;                     /* Port number to listen on. */
86  struct in_addr listen_addr;   /* Address on which the server listens. */
87  char *host_key_file;          /* File containing host key. */
88  char *random_seed_file;       /* File containing random seed. */
89  char *pid_file;               /* File containing process ID number. */
90  int server_key_bits;          /* Size of the server key. */
91  int login_grace_time;         /* Disconnect if no auth in this time (sec). */
92  int key_regeneration_time;    /* Server key lifetime (seconds). */
93  int permit_root_login;        /* 0 = forced cmd only, 1 = no pwd, 2 = yes. */
94  int ignore_rhosts;            /* Ignore .rhosts and .shosts. */
95  int ignore_root_rhosts;       /* Ignore .rhosts and .shosts for root,
96                                   defaults to ignore_rhosts if not given. */
97  int quiet_mode;               /* If true, don't log anything but fatals. */
98  int fascist_logging;          /* Perform very verbose logging. */
99  int print_motd;               /* If true, print /etc/motd. */
100  int x11_forwarding;           /* If true, permit inet (spoofing) X11 fwd. */
101  int x11_display_offset;       /* How much to offset the DISPLAY number */
102  int strict_modes;             /* If true, require string home dir modes. */
103  int keepalives;               /* If true, set SO_KEEPALIVE. */
104  time_t idle_timeout;          /* If non zero, sets idle-timeout */
105  SyslogFacility log_facility;  /* Facility for system logging. */
106  int rhosts_authentication;    /* If true, permit rhosts authentication. */
107  int rhosts_rsa_authentication;/* If true, permit rhosts RSA authentication.*/
108  int rsa_authentication;       /* If true, permit RSA authentication. */
109  int kerberos_authentication;  /* If true, permit Kerberos authentication. */
110  int kerberos_or_local_passwd; /* If true, permit kerberos and any other
111                                   password authentication mechanism, such
112                                   as SecurID or /etc/passwd */
113  int kerberos_tgt_passing;     /* If true, permit Kerberos tgt passing. */
114  int allow_tcp_forwarding;
115  int tis_authentication;       /* If true, permit TIS authsrv auth. */
116  int password_authentication;  /* If true, permit password authentication. */
117  int permit_empty_passwd;      /* If false, do not permit empty passwords. */
118  int use_login;                /* Use /bin/login if possible */
119  int silent_deny;              /* 1 = deny by closing sockets. */
120  int forced_empty_passwd_change; /* If true, force password change if empty
121                                   password (first login). */
122  int forced_passwd_change;     /* If true, force password change if password
123                                   too old. */
124  int umask;                    /* Umask */
125  int check_mail;               /* If true, check mail spool at login */
126  unsigned int num_allow_shosts;
127  char *allow_shosts[MAX_ALLOW_SHOSTS];
128  unsigned int num_deny_shosts;
129  char *deny_shosts[MAX_DENY_SHOSTS];
130  unsigned int num_allow_hosts;
131  char *allow_hosts[MAX_ALLOW_HOSTS];
132  unsigned int num_deny_hosts;
133  char *deny_hosts[MAX_DENY_HOSTS];
134  unsigned int num_allow_users;
135  char *allow_users[MAX_ALLOW_USERS];
136  unsigned int num_deny_users;
137  char *deny_users[MAX_DENY_USERS];
138  unsigned int num_allow_groups;
139  char *allow_groups[MAX_ALLOW_GROUPS];
140  unsigned int num_deny_groups;
141  char *deny_groups[MAX_DENY_GROUPS];
142
143  char *xauth_path;
144 
145#ifdef F_SECURE_COMMERCIAL
146
147
148
149
150
151
152
153
154#endif /* F_SECURE_COMMERCIAL */
155  int password_expire_warning_days;
156  int account_expire_warning_days;
157} ServerOptions;
158
159/* Initializes the server options to special values that indicate that they
160   have not yet been set. */
161void initialize_server_options(ServerOptions *options);
162
163/* Reads the server configuration file.  This only sets the values for those
164   options that have the special value indicating they have not been set. */
165void read_server_config(ServerOptions *options, const char *filename);
166
167/* Sets values for those values that have not yet been set. */
168void fill_default_server_options(ServerOptions *options);
169
170#endif /* SERVCONF_H */
Note: See TracBrowser for help on using the repository browser.