]>
Commit | Line | Data |
---|---|---|
8a1450c6 | 1 | /* $OpenBSD: servconf.h,v 1.160 2023/09/06 23:35:35 djm Exp $ */ |
05764b92 | 2 | |
d4a8b7e3 | 3 | /* |
95def098 | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
95def098 DM |
5 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
6 | * All rights reserved | |
95def098 | 7 | * Definitions for server configuration data and for the functions reading it. |
4af51306 | 8 | * |
e4340be5 DM |
9 | * As far as I am concerned, the code I have written for this software |
10 | * can be used freely for any purpose. Any derived versions of this | |
11 | * software must be clearly marked as such, and if the derived work is | |
12 | * incompatible with the protocol description in the RFC file, it must be | |
13 | * called by a name other than "ssh" or "Secure Shell". | |
95def098 | 14 | */ |
d4a8b7e3 | 15 | |
d4a8b7e3 DM |
16 | #ifndef SERVCONF_H |
17 | #define SERVCONF_H | |
18 | ||
92725d4d | 19 | #include <openbsd-compat/sys-queue.h> |
c2bd7f74 | 20 | |
34132e54 DM |
21 | #define MAX_PORTS 256 /* Max # ports. */ |
22 | ||
d8a9021f BL |
23 | /* permit_root_login */ |
24 | #define PERMIT_NOT_SET -1 | |
25 | #define PERMIT_NO 0 | |
26 | #define PERMIT_FORCED_ONLY 1 | |
27 | #define PERMIT_NO_PASSWD 2 | |
28 | #define PERMIT_YES 3 | |
29 | ||
69ff1df9 DM |
30 | /* use_privsep */ |
31 | #define PRIVSEP_OFF 0 | |
32 | #define PRIVSEP_ON 1 | |
5a5c2b90 | 33 | #define PRIVSEP_NOSANDBOX 2 |
69ff1df9 | 34 | |
dbee4119 | 35 | /* PermitOpen */ |
36 | #define PERMITOPEN_ANY 0 | |
37 | #define PERMITOPEN_NONE -2 | |
38 | ||
c90f72d2 | 39 | /* IgnoreRhosts */ |
40 | #define IGNORE_RHOSTS_NO 0 | |
41 | #define IGNORE_RHOSTS_YES 1 | |
42 | #define IGNORE_RHOSTS_SHOSTS 2 | |
43 | ||
89413dba | 44 | #define DEFAULT_AUTH_FAIL_MAX 6 /* Default for MaxAuthTries */ |
7207f64a | 45 | #define DEFAULT_SESSIONS_MAX 10 /* Default for MaxSessions */ |
d8a9021f | 46 | |
76e95daa DM |
47 | /* Magic name for internal sftp-server */ |
48 | #define INTERNAL_SFTP_NAME "internal-sftp" | |
49 | ||
0fddf296 | 50 | /* PubkeyAuthOptions flags */ |
801c9f09 | 51 | #define PUBKEYAUTH_TOUCH_REQUIRED (1) |
52 | #define PUBKEYAUTH_VERIFY_REQUIRED (1<<1) | |
0fddf296 | 53 | |
dbee4119 | 54 | struct ssh; |
55 | struct fwd_perm_list; | |
56 | ||
acf559e1 | 57 | /* |
58 | * Used to store addresses from ListenAddr directives. These may be | |
59 | * incomplete, as they may specify addresses that need to be merged | |
60 | * with any ports requested by ListenPort. | |
61 | */ | |
62 | struct queued_listenaddr { | |
63 | char *addr; | |
64 | int port; /* <=0 if unspecified */ | |
65 | char *rdomain; | |
66 | }; | |
67 | ||
68 | /* Resolved listen addresses, grouped by optional routing domain */ | |
69 | struct listenaddr { | |
70 | char *rdomain; | |
71 | struct addrinfo *addrs; | |
72 | }; | |
73 | ||
95def098 | 74 | typedef struct { |
3dc71ad8 DM |
75 | u_int num_ports; |
76 | u_int ports_from_cmdline; | |
77 | int ports[MAX_PORTS]; /* Port number to listen on. */ | |
acf559e1 | 78 | struct queued_listenaddr *queued_listen_addrs; |
531a57a3 | 79 | u_int num_queued_listens; |
acf559e1 | 80 | struct listenaddr *listen_addrs; |
81 | u_int num_listen_addrs; | |
6f722805 DM |
82 | int address_family; /* Address family used by the server. */ |
83 | ||
35eb33fb | 84 | char *routing_domain; /* Bind session to routing domain */ |
85 | ||
6f722805 | 86 | char **host_key_files; /* Files containing host keys. */ |
928f1231 | 87 | int *host_key_file_userprovided; /* Key was specified by user. */ |
6f722805 DM |
88 | u_int num_host_key_files; /* Number of files for host keys. */ |
89 | char **host_cert_files; /* Files containing host certs. */ | |
90 | u_int num_host_cert_files; /* Number of files for host certs. */ | |
91 | ||
92 | char *host_key_agent; /* ssh-agent socket for host keys. */ | |
93 | char *pid_file; /* Where to put our pid */ | |
88057eb6 | 94 | char *moduli_file; /* moduli file for DH-GEX */ |
95def098 DM |
95 | int login_grace_time; /* Disconnect if no auth in this time |
96 | * (sec). */ | |
d8a9021f | 97 | int permit_root_login; /* PERMIT_*, see above */ |
95def098 DM |
98 | int ignore_rhosts; /* Ignore .rhosts and .shosts. */ |
99 | int ignore_user_known_hosts; /* Ignore ~/.ssh/known_hosts | |
100 | * for RhostsRsaAuth */ | |
101 | int print_motd; /* If true, print /etc/motd. */ | |
7bfff36c | 102 | int print_lastlog; /* If true, print lastlog */ |
95def098 DM |
103 | int x11_forwarding; /* If true, permit inet (spoofing) X11 fwd. */ |
104 | int x11_display_offset; /* What DISPLAY number to start | |
105 | * searching at */ | |
95c249ff | 106 | int x11_use_localhost; /* If true, use localhost for fake X11 server. */ |
d3a18570 | 107 | char *xauth_location; /* Location of xauth program */ |
5ff30c6b | 108 | int permit_tty; /* If false, deny pty allocation */ |
72e6b5c9 | 109 | int permit_user_rc; /* If false, deny ~/.ssh/rc execution */ |
95def098 | 110 | int strict_modes; /* If true, require string home dir modes. */ |
12c150e7 | 111 | int tcp_keep_alive; /* If true, set SO_KEEPALIVE. */ |
0dac6fb6 DM |
112 | int ip_qos_interactive; /* IP ToS/DSCP/class for interactive */ |
113 | int ip_qos_bulk; /* IP ToS/DSCP/class for bulk traffic */ | |
06b33aa0 BL |
114 | char *ciphers; /* Supported SSH2 ciphers. */ |
115 | char *macs; /* Supported SSH2 macs. */ | |
d5f62bf2 | 116 | char *kex_algorithms; /* SSH2 kex methods in order of preference. */ |
7acefbbc | 117 | struct ForwardOptions fwd_opts; /* forwarding options */ |
95def098 DM |
118 | SyslogFacility log_facility; /* Facility for system logging. */ |
119 | LogLevel log_level; /* Level for system logging. */ | |
793b583d | 120 | u_int num_log_verbose; /* Verbose log overrides */ |
121 | char **log_verbose; | |
5eabda30 BL |
122 | int hostbased_authentication; /* If true, permit ssh2 hostbased auth */ |
123 | int hostbased_uses_name_from_packet_only; /* experimental */ | |
e9f78d6b | 124 | char *hostbased_accepted_algos; /* Algos allowed for hostbased */ |
3a1638dd | 125 | char *hostkeyalgorithms; /* SSH2 server key types */ |
86e5737c | 126 | char *ca_sign_algorithms; /* Allowed CA signature algorithms */ |
0bc1bd81 | 127 | int pubkey_authentication; /* If true, permit ssh2 pubkey authentication. */ |
ee9c0da8 | 128 | char *pubkey_accepted_algos; /* Signature algos allowed for pubkey */ |
0fddf296 | 129 | int pubkey_auth_options; /* -1 or mask of PUBKEYAUTH_* flags */ |
95def098 DM |
130 | int kerberos_authentication; /* If true, permit Kerberos |
131 | * authentication. */ | |
132 | int kerberos_or_local_passwd; /* If true, permit kerberos | |
133 | * and any other password | |
134 | * authentication mechanism, | |
135 | * such as SecurID or | |
136 | * /etc/passwd */ | |
137 | int kerberos_ticket_cleanup; /* If true, destroy ticket | |
138 | * file on logout. */ | |
22ef5087 DT |
139 | int kerberos_get_afs_token; /* If true, try to get AFS token if |
140 | * authenticated with Kerberos. */ | |
0efd155c DT |
141 | int gss_authentication; /* If true, permit GSSAPI authentication */ |
142 | int gss_cleanup_creds; /* If true, destroy cred cache on logout */ | |
d7c31da4 | 143 | int gss_strict_acceptor; /* If true, restrict the GSSAPI acceptor name */ |
95def098 DM |
144 | int password_authentication; /* If true, permit password |
145 | * authentication. */ | |
874d77bb | 146 | int kbd_interactive_authentication; /* If true, permit */ |
95def098 DM |
147 | int permit_empty_passwd; /* If false, do not permit empty |
148 | * passwords. */ | |
5d860f02 | 149 | int permit_user_env; /* If true, read ~/.ssh/environment */ |
6d755706 | 150 | char *permit_user_env_allowlist; /* pattern-list of allowed env names */ |
23e0f667 | 151 | int compression; /* If true, compression is allowed */ |
aa5b3f83 | 152 | int allow_tcp_forwarding; /* One of FORWARD_* */ |
7acefbbc | 153 | int allow_streamlocal_forwarding; /* One of FORWARD_* */ |
4f755cdc | 154 | int allow_agent_forwarding; |
7844f357 | 155 | int disable_forwarding; |
46c16220 | 156 | u_int num_allow_users; |
6f722805 | 157 | char **allow_users; |
46c16220 | 158 | u_int num_deny_users; |
6f722805 | 159 | char **deny_users; |
46c16220 | 160 | u_int num_allow_groups; |
6f722805 | 161 | char **allow_groups; |
46c16220 | 162 | u_int num_deny_groups; |
6f722805 | 163 | char **deny_groups; |
f6d9e221 | 164 | |
46c16220 | 165 | u_int num_subsystems; |
8a1450c6 | 166 | char **subsystem_name; |
167 | char **subsystem_command; | |
168 | char **subsystem_args; | |
37023965 | 169 | |
46bc0754 | 170 | u_int num_accept_env; |
6f722805 | 171 | char **accept_env; |
28013759 | 172 | u_int num_setenv; |
173 | char **setenv; | |
46bc0754 | 174 | |
942da039 DM |
175 | int max_startups_begin; |
176 | int max_startups_rate; | |
37023965 | 177 | int max_startups; |
3a923129 | 178 | int per_source_max_startups; |
179 | int per_source_masklen_ipv4; | |
180 | int per_source_masklen_ipv6; | |
89413dba | 181 | int max_authtries; |
7207f64a | 182 | int max_sessions; |
48bd7c11 | 183 | char *banner; /* SSH-2 banner message */ |
3a961dc0 | 184 | int use_dns; |
5744dc42 | 185 | int client_alive_interval; /* |
9f0f5c64 DM |
186 | * poke the client this often to |
187 | * see if it's still there | |
5744dc42 BL |
188 | */ |
189 | int client_alive_count_max; /* | |
7bb37b29 BL |
190 | * If the client is unresponsive |
191 | * for this many intervals above, | |
9f0f5c64 | 192 | * disconnect the session |
5744dc42 | 193 | */ |
e468de65 | 194 | |
6f722805 DM |
195 | u_int num_authkeys_files; /* Files containing public keys */ |
196 | char **authorized_keys_files; | |
d27b9471 | 197 | |
e275443f DM |
198 | char *adm_forced_command; |
199 | ||
4e448a31 | 200 | int use_pam; /* Enable auth via PAM */ |
d27b9471 DM |
201 | |
202 | int permit_tun; | |
a765cf4b | 203 | |
115063a6 | 204 | char **permitted_opens; /* May also be one of PERMITOPEN_* */ |
205 | u_int num_permitted_opens; | |
93c06ab6 | 206 | char **permitted_listens; /* May also be one of PERMITOPEN_* */ |
207 | u_int num_permitted_listens; | |
d8cb1f18 DM |
208 | |
209 | char *chroot_directory; | |
1aed65eb DM |
210 | char *revoked_keys_file; |
211 | char *trusted_user_ca_keys; | |
09d3e125 DM |
212 | char *authorized_keys_command; |
213 | char *authorized_keys_command_user; | |
bcc50d81 | 214 | char *authorized_principals_file; |
215 | char *authorized_principals_command; | |
216 | char *authorized_principals_command_user; | |
23528816 | 217 | |
5f96f3b4 DT |
218 | int64_t rekey_limit; |
219 | int rekey_interval; | |
220 | ||
23528816 | 221 | char *version_addendum; /* Appended to SSH banner */ |
a6e3f01d DM |
222 | |
223 | u_int num_auth_methods; | |
6f722805 | 224 | char **auth_methods; |
56d1c83c | 225 | |
226 | int fingerprint_hash; | |
8f574959 | 227 | int expose_userauth_info; |
e9d910b0 | 228 | u_int64_t timing_secret; |
56584cce | 229 | char *sk_provider; |
1875042c | 230 | int required_rsa_size; /* minimum size of RSA keys */ |
2d1ff2b9 | 231 | |
232 | char **channel_timeouts; /* inactivity timeout by channel type */ | |
233 | u_int num_channel_timeouts; | |
0293c198 | 234 | |
235 | int unused_connection_timeout; | |
95def098 | 236 | } ServerOptions; |
d4a8b7e3 | 237 | |
fbcf8275 DT |
238 | /* Information about the incoming connection as used by Match */ |
239 | struct connection_info { | |
240 | const char *user; | |
241 | const char *host; /* possibly resolved hostname */ | |
34afde5c | 242 | const char *address; /* remote address */ |
fbcf8275 DT |
243 | const char *laddress; /* local address */ |
244 | int lport; /* local port */ | |
68af80e6 | 245 | const char *rdomain; /* routing domain if available */ |
e826bbca | 246 | int test; /* test mode, allow some attributes to be |
247 | * unspecified */ | |
fbcf8275 DT |
248 | }; |
249 | ||
c2bd7f74 | 250 | /* List of included files for re-exec from the parsed configuration */ |
251 | struct include_item { | |
252 | char *selector; | |
253 | char *filename; | |
254 | struct sshbuf *contents; | |
255 | TAILQ_ENTRY(include_item) entry; | |
256 | }; | |
257 | TAILQ_HEAD(include_list, include_item); | |
258 | ||
fbcf8275 | 259 | |
f2e407e2 DM |
260 | /* |
261 | * These are string config options that must be copied between the | |
262 | * Match sub-config and the main config, and must be sent from the | |
6d755706 | 263 | * privsep child to the privsep master. We use a macro to ensure all |
f2e407e2 | 264 | * the options are copied and the copies are done in the correct order. |
534b2cca DM |
265 | * |
266 | * NB. an option must appear in servconf.c:copy_set_server_options() or | |
267 | * COPY_MATCH_STRING_OPTS here but never both. | |
f2e407e2 DM |
268 | */ |
269 | #define COPY_MATCH_STRING_OPTS() do { \ | |
270 | M_CP_STROPT(banner); \ | |
271 | M_CP_STROPT(trusted_user_ca_keys); \ | |
272 | M_CP_STROPT(revoked_keys_file); \ | |
44138445 DM |
273 | M_CP_STROPT(authorized_keys_command); \ |
274 | M_CP_STROPT(authorized_keys_command_user); \ | |
bcc50d81 | 275 | M_CP_STROPT(authorized_principals_file); \ |
276 | M_CP_STROPT(authorized_principals_command); \ | |
277 | M_CP_STROPT(authorized_principals_command_user); \ | |
e9f78d6b | 278 | M_CP_STROPT(hostbased_accepted_algos); \ |
ee9c0da8 | 279 | M_CP_STROPT(pubkey_accepted_algos); \ |
86e5737c | 280 | M_CP_STROPT(ca_sign_algorithms); \ |
35eb33fb | 281 | M_CP_STROPT(routing_domain); \ |
6d755706 | 282 | M_CP_STROPT(permit_user_env_allowlist); \ |
d8478b6a | 283 | M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \ |
c24da770 DM |
284 | M_CP_STRARRAYOPT(allow_users, num_allow_users); \ |
285 | M_CP_STRARRAYOPT(deny_users, num_deny_users); \ | |
286 | M_CP_STRARRAYOPT(allow_groups, num_allow_groups); \ | |
287 | M_CP_STRARRAYOPT(deny_groups, num_deny_groups); \ | |
288 | M_CP_STRARRAYOPT(accept_env, num_accept_env); \ | |
95d1109f | 289 | M_CP_STRARRAYOPT(setenv, num_setenv); \ |
a6e3f01d | 290 | M_CP_STRARRAYOPT(auth_methods, num_auth_methods); \ |
6f722805 | 291 | M_CP_STRARRAYOPT(permitted_opens, num_permitted_opens); \ |
93c06ab6 | 292 | M_CP_STRARRAYOPT(permitted_listens, num_permitted_listens); \ |
2d1ff2b9 | 293 | M_CP_STRARRAYOPT(channel_timeouts, num_channel_timeouts); \ |
793b583d | 294 | M_CP_STRARRAYOPT(log_verbose, num_log_verbose); \ |
8a1450c6 | 295 | M_CP_STRARRAYOPT(subsystem_name, num_subsystems); \ |
296 | M_CP_STRARRAYOPT(subsystem_command, num_subsystems); \ | |
297 | M_CP_STRARRAYOPT(subsystem_args, num_subsystems); \ | |
f2e407e2 DM |
298 | } while (0) |
299 | ||
172a592a | 300 | struct connection_info *get_connection_info(struct ssh *, int, int); |
4cc240da | 301 | void initialize_server_options(ServerOptions *); |
4cc240da | 302 | void fill_default_server_options(ServerOptions *); |
4515047e | 303 | int process_server_config_line(ServerOptions *, char *, const char *, int, |
31d8d231 | 304 | int *, struct connection_info *, struct include_list *includes); |
dbee4119 | 305 | void process_permitopen(struct ssh *ssh, ServerOptions *options); |
2d1ff2b9 | 306 | void process_channel_timeouts(struct ssh *ssh, ServerOptions *); |
2808d18c | 307 | void load_server_config(const char *, struct sshbuf *); |
308 | void parse_server_config(ServerOptions *, const char *, struct sshbuf *, | |
731087d2 | 309 | struct include_list *includes, struct connection_info *, int); |
c2bd7f74 | 310 | void parse_server_match_config(ServerOptions *, |
31d8d231 | 311 | struct include_list *includes, struct connection_info *); |
fbcf8275 DT |
312 | int parse_server_match_testspec(struct connection_info *, char *); |
313 | int server_match_spec_complete(struct connection_info *); | |
8a1450c6 | 314 | void servconf_merge_subsystems(ServerOptions *, ServerOptions *); |
1629c07c | 315 | void copy_set_server_options(ServerOptions *, ServerOptions *, int); |
e7140f20 | 316 | void dump_config(ServerOptions *); |
88b6fb2b | 317 | char *derelativise_path(const char *); |
6f722805 | 318 | void servconf_add_hostkey(const char *, const int, |
928f1231 | 319 | ServerOptions *, const char *path, int); |
6f722805 DM |
320 | void servconf_add_hostcert(const char *, const int, |
321 | ServerOptions *, const char *path); | |
d4a8b7e3 | 322 | |
95def098 | 323 | #endif /* SERVCONF_H */ |