Lines Matching defs:options
68 /* Initializes the server options to their default values. */
71 initialize_server_options(ServerOptions *options)
73 memset(options, 0, sizeof(*options));
75 /* Portable-specific options */
76 options->use_pam = -1;
79 options->num_ports = 0;
80 options->ports_from_cmdline = 0;
81 options->listen_addrs = NULL;
82 options->address_family = -1;
83 options->num_host_key_files = 0;
84 options->num_host_cert_files = 0;
85 options->host_key_agent = NULL;
86 options->pid_file = NULL;
87 options->server_key_bits = -1;
88 options->login_grace_time = -1;
89 options->key_regeneration_time = -1;
90 options->permit_root_login = PERMIT_NOT_SET;
91 options->ignore_rhosts = -1;
92 options->ignore_user_known_hosts = -1;
93 options->print_motd = -1;
94 options->print_lastlog = -1;
95 options->x11_forwarding = -1;
96 options->x11_display_offset = -1;
97 options->x11_use_localhost = -1;
98 options->permit_tty = -1;
99 options->xauth_location = NULL;
100 options->strict_modes = -1;
101 options->tcp_keep_alive = -1;
102 options->log_facility = SYSLOG_FACILITY_NOT_SET;
103 options->log_level = SYSLOG_LEVEL_NOT_SET;
104 options->rhosts_rsa_authentication = -1;
105 options->hostbased_authentication = -1;
106 options->hostbased_uses_name_from_packet_only = -1;
107 options->rsa_authentication = -1;
108 options->pubkey_authentication = -1;
109 options->kerberos_authentication = -1;
110 options->kerberos_or_local_passwd = -1;
111 options->kerberos_ticket_cleanup = -1;
112 options->kerberos_get_afs_token = -1;
113 options->gss_authentication=-1;
114 options->gss_cleanup_creds = -1;
115 options->password_authentication = -1;
116 options->kbd_interactive_authentication = -1;
117 options->challenge_response_authentication = -1;
118 options->permit_empty_passwd = -1;
119 options->permit_user_env = -1;
120 options->use_login = -1;
121 options->compression = -1;
122 options->rekey_limit = -1;
123 options->rekey_interval = -1;
124 options->allow_tcp_forwarding = -1;
125 options->allow_agent_forwarding = -1;
126 options->num_allow_users = 0;
127 options->num_deny_users = 0;
128 options->num_allow_groups = 0;
129 options->num_deny_groups = 0;
130 options->ciphers = NULL;
131 options->macs = NULL;
132 options->kex_algorithms = NULL;
133 options->protocol = SSH_PROTO_UNKNOWN;
134 options->gateway_ports = -1;
135 options->num_subsystems = 0;
136 options->max_startups_begin = -1;
137 options->max_startups_rate = -1;
138 options->max_startups = -1;
139 options->max_authtries = -1;
140 options->max_sessions = -1;
141 options->banner = NULL;
142 options->use_dns = -1;
143 options->client_alive_interval = -1;
144 options->client_alive_count_max = -1;
145 options->num_authkeys_files = 0;
146 options->num_accept_env = 0;
147 options->permit_tun = -1;
148 options->num_permitted_opens = -1;
149 options->adm_forced_command = NULL;
150 options->chroot_directory = NULL;
151 options->authorized_keys_command = NULL;
152 options->authorized_keys_command_user = NULL;
153 options->revoked_keys_file = NULL;
154 options->trusted_user_ca_keys = NULL;
155 options->authorized_principals_file = NULL;
156 options->ip_qos_interactive = -1;
157 options->ip_qos_bulk = -1;
158 options->version_addendum = NULL;
159 options->hpn_disabled = -1;
160 options->hpn_buffer_size = -1;
161 options->tcp_rcv_buf_poll = -1;
163 options->none_enabled = -1;
168 fill_default_server_options(ServerOptions *options)
170 /* Portable-specific options */
171 if (options->use_pam == -1)
172 options->use_pam = 1;
175 if (options->protocol == SSH_PROTO_UNKNOWN)
176 options->protocol = SSH_PROTO_2;
177 if (options->num_host_key_files == 0) {
179 if (options->protocol & SSH_PROTO_1)
180 options->host_key_files[options->num_host_key_files++] =
182 if (options->protocol & SSH_PROTO_2) {
183 options->host_key_files[options->num_host_key_files++] =
185 options->host_key_files[options->num_host_key_files++] =
188 options->host_key_files[options->num_host_key_files++] =
191 options->host_key_files[options->num_host_key_files++] =
196 if (options->num_ports == 0)
197 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
198 if (options->listen_addrs == NULL)
199 add_listen_addr(options, NULL, 0);
200 if (options->pid_file == NULL)
201 options->pid_file = _PATH_SSH_DAEMON_PID_FILE;
202 if (options->server_key_bits == -1)
203 options->server_key_bits = 1024;
204 if (options->login_grace_time == -1)
205 options->login_grace_time = 120;
206 if (options->key_regeneration_time == -1)
207 options->key_regeneration_time = 3600;
208 if (options->permit_root_login == PERMIT_NOT_SET)
209 options->permit_root_login = PERMIT_NO;
210 if (options->ignore_rhosts == -1)
211 options->ignore_rhosts = 1;
212 if (options->ignore_user_known_hosts == -1)
213 options->ignore_user_known_hosts = 0;
214 if (options->print_motd == -1)
215 options->print_motd = 1;
216 if (options->print_lastlog == -1)
217 options->print_lastlog = 1;
218 if (options->x11_forwarding == -1)
219 options->x11_forwarding = 1;
220 if (options->x11_display_offset == -1)
221 options->x11_display_offset = 10;
222 if (options->x11_use_localhost == -1)
223 options->x11_use_localhost = 1;
224 if (options->xauth_location == NULL)
225 options->xauth_location = _PATH_XAUTH;
226 if (options->permit_tty == -1)
227 options->permit_tty = 1;
228 if (options->strict_modes == -1)
229 options->strict_modes = 1;
230 if (options->tcp_keep_alive == -1)
231 options->tcp_keep_alive = 1;
232 if (options->log_facility == SYSLOG_FACILITY_NOT_SET)
233 options->log_facility = SYSLOG_FACILITY_AUTH;
234 if (options->log_level == SYSLOG_LEVEL_NOT_SET)
235 options->log_level = SYSLOG_LEVEL_INFO;
236 if (options->rhosts_rsa_authentication == -1)
237 options->rhosts_rsa_authentication = 0;
238 if (options->hostbased_authentication == -1)
239 options->hostbased_authentication = 0;
240 if (options->hostbased_uses_name_from_packet_only == -1)
241 options->hostbased_uses_name_from_packet_only = 0;
242 if (options->rsa_authentication == -1)
243 options->rsa_authentication = 1;
244 if (options->pubkey_authentication == -1)
245 options->pubkey_authentication = 1;
246 if (options->kerberos_authentication == -1)
247 options->kerberos_authentication = 0;
248 if (options->kerberos_or_local_passwd == -1)
249 options->kerberos_or_local_passwd = 1;
250 if (options->kerberos_ticket_cleanup == -1)
251 options->kerberos_ticket_cleanup = 1;
252 if (options->kerberos_get_afs_token == -1)
253 options->kerberos_get_afs_token = 0;
254 if (options->gss_authentication == -1)
255 options->gss_authentication = 0;
256 if (options->gss_cleanup_creds == -1)
257 options->gss_cleanup_creds = 1;
258 if (options->password_authentication == -1)
259 options->password_authentication = 0;
260 if (options->kbd_interactive_authentication == -1)
261 options->kbd_interactive_authentication = 0;
262 if (options->challenge_response_authentication == -1)
263 options->challenge_response_authentication = 1;
264 if (options->permit_empty_passwd == -1)
265 options->permit_empty_passwd = 0;
266 if (options->permit_user_env == -1)
267 options->permit_user_env = 0;
268 if (options->use_login == -1)
269 options->use_login = 0;
270 if (options->compression == -1)
271 options->compression = COMP_DELAYED;
272 if (options->rekey_limit == -1)
273 options->rekey_limit = 0;
274 if (options->rekey_interval == -1)
275 options->rekey_interval = 0;
276 if (options->allow_tcp_forwarding == -1)
277 options->allow_tcp_forwarding = FORWARD_ALLOW;
278 if (options->allow_agent_forwarding == -1)
279 options->allow_agent_forwarding = 1;
280 if (options->gateway_ports == -1)
281 options->gateway_ports = 0;
282 if (options->max_startups == -1)
283 options->max_startups = 100;
284 if (options->max_startups_rate == -1)
285 options->max_startups_rate = 30; /* 30% */
286 if (options->max_startups_begin == -1)
287 options->max_startups_begin = 10;
288 if (options->max_authtries == -1)
289 options->max_authtries = DEFAULT_AUTH_FAIL_MAX;
290 if (options->max_sessions == -1)
291 options->max_sessions = DEFAULT_SESSIONS_MAX;
292 if (options->use_dns == -1)
293 options->use_dns = 1;
294 if (options->client_alive_interval == -1)
295 options->client_alive_interval = 0;
296 if (options->client_alive_count_max == -1)
297 options->client_alive_count_max = 3;
298 if (options->num_authkeys_files == 0) {
299 options->authorized_keys_files[options->num_authkeys_files++] =
301 options->authorized_keys_files[options->num_authkeys_files++] =
304 if (options->permit_tun == -1)
305 options->permit_tun = SSH_TUNMODE_NO;
306 if (options->ip_qos_interactive == -1)
307 options->ip_qos_interactive = IPTOS_LOWDELAY;
308 if (options->ip_qos_bulk == -1)
309 options->ip_qos_bulk = IPTOS_THROUGHPUT;
310 if (options->version_addendum == NULL)
311 options->version_addendum = xstrdup(SSH_VERSION_FREEBSD);
317 if (use_privsep && options->compression == 1) {
321 options->compression = 0;
325 if (options->hpn_disabled == -1)
326 options->hpn_disabled = 0;
327 if (options->hpn_buffer_size == -1) {
332 options->hpn_buffer_size = CHAN_SES_WINDOW_DEFAULT;
333 if (!options->hpn_disabled) {
334 sock_get_rcvbuf(&options->hpn_buffer_size, 0);
335 debug ("HPN Buffer Size: %d", options->hpn_buffer_size);
342 if (options->hpn_disabled <= 0) {
346 if (options->hpn_buffer_size == 0)
347 options->hpn_buffer_size = 1;
349 if (options->hpn_buffer_size > maxlen / 1024)
350 options->hpn_buffer_size = maxlen;
352 options->hpn_buffer_size *= 1024;
354 options->hpn_buffer_size = CHAN_TCP_WINDOW_DEFAULT;
362 /* Portable-specific options */
409 /* Portable-specific options */
579 add_listen_addr(ServerOptions *options, char *addr, int port)
583 if (options->num_ports == 0)
584 options->ports[options->num_ports++] = SSH_DEFAULT_PORT;
585 if (options->address_family == -1)
586 options->address_family = AF_UNSPEC;
588 for (i = 0; i < options->num_ports; i++)
589 add_one_listen_addr(options, addr, options->ports[i]);
591 add_one_listen_addr(options, addr, port);
595 add_one_listen_addr(ServerOptions *options, char *addr, int port)
602 hints.ai_family = options->address_family;
612 ai->ai_next = options->listen_addrs;
613 options->listen_addrs = aitop;
643 * options set are copied into the main server config.
876 process_server_config_line(ServerOptions *options, char *line,
920 /* Portable-specific options */
922 intptr = &options->use_pam;
930 if (options->ports_from_cmdline)
932 if (options->listen_addrs != NULL)
935 if (options->num_ports >= MAX_PORTS)
942 options->ports[options->num_ports++] = a2port(arg);
943 if (options->ports[options->num_ports-1] <= 0)
949 intptr = &options->server_key_bits;
961 intptr = &options->login_grace_time;
975 intptr = &options->key_regeneration_time;
986 add_listen_addr(options, arg, 0);
999 add_listen_addr(options, p, port);
1004 intptr = &options->address_family;
1006 if (options->listen_addrs != NULL)
1029 intptr = &options->num_host_key_files;
1033 charptr = &options->host_key_files[*intptr];
1048 charptr = &options->host_key_agent;
1059 intptr = &options->num_host_cert_files;
1064 charptr = &options->host_cert_files[*intptr];
1069 charptr = &options->pid_file;
1073 intptr = &options->permit_root_login;
1078 intptr = &options->ignore_rhosts;
1097 intptr = &options->ignore_user_known_hosts;
1101 intptr = &options->rhosts_rsa_authentication;
1105 intptr = &options->hostbased_authentication;
1109 intptr = &options->hostbased_uses_name_from_packet_only;
1113 intptr = &options->rsa_authentication;
1117 intptr = &options->pubkey_authentication;
1121 intptr = &options->kerberos_authentication;
1125 intptr = &options->kerberos_or_local_passwd;
1129 intptr = &options->kerberos_ticket_cleanup;
1133 intptr = &options->kerberos_get_afs_token;
1137 intptr = &options->gss_authentication;
1141 intptr = &options->gss_cleanup_creds;
1145 intptr = &options->password_authentication;
1149 intptr = &options->kbd_interactive_authentication;
1153 intptr = &options->challenge_response_authentication;
1157 intptr = &options->print_motd;
1161 intptr = &options->print_lastlog;
1165 intptr = &options->x11_forwarding;
1169 intptr = &options->x11_display_offset;
1173 intptr = &options->x11_use_localhost;
1177 charptr = &options->xauth_location;
1181 intptr = &options->permit_tty;
1185 intptr = &options->strict_modes;
1189 intptr = &options->tcp_keep_alive;
1193 intptr = &options->permit_empty_passwd;
1197 intptr = &options->permit_user_env;
1201 intptr = &options->use_login;
1205 intptr = &options->compression;
1228 if (*activep && options->rekey_limit == -1)
1229 options->rekey_limit = (u_int32_t)val64;
1235 intptr = &options->rekey_interval;
1241 intptr = &options->gateway_ports;
1246 intptr = &options->use_dns;
1250 log_facility_ptr = &options->log_facility;
1261 log_level_ptr = &options->log_level;
1272 intptr = &options->allow_tcp_forwarding;
1277 intptr = &options->allow_agent_forwarding;
1287 if (options->num_allow_users >= MAX_ALLOW_USERS)
1292 options->allow_users[options->num_allow_users++] =
1299 if (options->num_deny_users >= MAX_DENY_USERS)
1304 options->deny_users[options->num_deny_users++] =
1311 if (options->num_allow_groups >= MAX_ALLOW_GROUPS)
1316 options->allow_groups[options->num_allow_groups++] =
1323 if (options->num_deny_groups >= MAX_DENY_GROUPS)
1328 options->deny_groups[options->num_deny_groups++] =
1340 if (options->ciphers == NULL)
1341 options->ciphers = xstrdup(arg);
1351 if (options->macs == NULL)
1352 options->macs = xstrdup(arg);
1363 if (options->kex_algorithms == NULL)
1364 options->kex_algorithms = xstrdup(arg);
1368 intptr = &options->protocol;
1381 if (options->num_subsystems >= MAX_SUBSYSTEMS) {
1393 for (i = 0; i < options->num_subsystems; i++)
1394 if (strcmp(arg, options->subsystem_name[i]) == 0)
1397 options->subsystem_name[options->num_subsystems] = xstrdup(arg);
1402 options->subsystem_command[options->num_subsystems] = xstrdup(arg);
1413 options->subsystem_args[options->num_subsystems] = p;
1414 options->num_subsystems++;
1423 &options->max_startups_begin,
1424 &options->max_startups_rate,
1425 &options->max_startups)) == 3) {
1426 if (options->max_startups_begin >
1427 options->max_startups ||
1428 options->max_startups_rate > 100 ||
1429 options->max_startups_rate < 1)
1436 options->max_startups = options->max_startups_begin;
1440 intptr = &options->max_authtries;
1444 intptr = &options->max_sessions;
1448 charptr = &options->banner;
1452 * These options can contain %X options expanded at
1458 if (*activep && options->num_authkeys_files == 0) {
1460 if (options->num_authkeys_files >=
1465 options->authorized_keys_files[
1466 options->num_authkeys_files++] =
1473 charptr = &options->authorized_principals_file;
1487 intptr = &options->client_alive_interval;
1491 intptr = &options->client_alive_count_max;
1499 if (options->num_accept_env >= MAX_ACCEPT_ENV)
1504 options->accept_env[options->num_accept_env++] =
1510 intptr = &options->permit_tun;
1544 n = options->num_permitted_opens; /* modified later */
1548 options->num_permitted_opens = 0;
1554 options->num_permitted_opens = 1;
1571 options->num_permitted_opens =
1581 if (*activep && options->adm_forced_command == NULL)
1582 options->adm_forced_command = xstrdup(cp + len);
1586 charptr = &options->chroot_directory;
1597 charptr = &options->trusted_user_ca_keys;
1601 charptr = &options->revoked_keys_file;
1616 options->ip_qos_interactive = value;
1617 options->ip_qos_bulk = value2;
1626 if (*activep && options->version_addendum == NULL) {
1628 options->version_addendum = xstrdup("");
1633 options->version_addendum = xstrdup(cp + len);
1639 if (*activep && options->authorized_keys_command == NULL) {
1644 options->authorized_keys_command = xstrdup(cp + len);
1649 charptr = &options->authorized_keys_command_user;
1657 if (*activep && options->num_auth_methods == 0) {
1659 if (options->num_auth_methods >=
1668 options->auth_methods[
1669 options->num_auth_methods++] = xstrdup(arg);
1675 intptr = &options->hpn_disabled;
1679 intptr = &options->hpn_buffer_size;
1683 intptr = &options->tcp_rcv_buf_poll;
1688 intptr = &options->none_enabled;
1752 parse_server_match_config(ServerOptions *options,
1759 copy_set_server_options(options, &mo, 0);
1863 * The only things that should be below this point are string options
1878 parse_server_config(ServerOptions *options, const char *filename, Buffer *conf,
1890 if (process_server_config_line(options, cp, filename,
1896 fatal("%s: terminating, %d bad configuration options",