readconf.h revision 157019
11638Srgrimes/* $OpenBSD: readconf.h,v 1.68 2005/12/06 22:38:27 reyk Exp $ */ 21638Srgrimes 31638Srgrimes/* 41638Srgrimes * Author: Tatu Ylonen <ylo@cs.hut.fi> 51638Srgrimes * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 61638Srgrimes * All rights reserved 71638Srgrimes * Functions for reading the configuration file. 81638Srgrimes * 91638Srgrimes * As far as I am concerned, the code I have written for this software 101638Srgrimes * can be used freely for any purpose. Any derived versions of this 111638Srgrimes * software must be clearly marked as such, and if the derived work is 121638Srgrimes * incompatible with the protocol description in the RFC file, it must be 131638Srgrimes * called by a name other than "ssh" or "Secure Shell". 141638Srgrimes */ 151638Srgrimes 161638Srgrimes#ifndef READCONF_H 171638Srgrimes#define READCONF_H 181638Srgrimes 191638Srgrimes#include "key.h" 201638Srgrimes 211638Srgrimes/* Data structure for representing a forwarding request. */ 221638Srgrimes 231638Srgrimestypedef struct { 241638Srgrimes char *listen_host; /* Host (address) to listen on. */ 251638Srgrimes u_short listen_port; /* Port to forward. */ 261638Srgrimes char *connect_host; /* Host to connect. */ 271638Srgrimes u_short connect_port; /* Port to connect on connect_host. */ 281638Srgrimes} Forward; 291638Srgrimes/* Data structure for representing option data. */ 301638Srgrimes 311638Srgrimes#define MAX_SEND_ENV 256 321638Srgrimes 331638Srgrimestypedef struct { 341638Srgrimes int forward_agent; /* Forward authentication agent. */ 351638Srgrimes int forward_x11; /* Forward X11 display. */ 361638Srgrimes int forward_x11_trusted; /* Trust Forward X11 display. */ 371638Srgrimes char *xauth_location; /* Location for xauth program */ 381638Srgrimes int gateway_ports; /* Allow remote connects to forwarded ports. */ 391638Srgrimes int use_privileged_port; /* Don't use privileged port if false. */ 401638Srgrimes int rhosts_rsa_authentication; /* Try rhosts with RSA 411638Srgrimes * authentication. */ 421638Srgrimes int rsa_authentication; /* Try RSA authentication. */ 431638Srgrimes int pubkey_authentication; /* Try ssh2 pubkey authentication. */ 441638Srgrimes int hostbased_authentication; /* ssh2's rhosts_rsa */ 451638Srgrimes int challenge_response_authentication; 461638Srgrimes /* Try S/Key or TIS, authentication. */ 471638Srgrimes int gss_authentication; /* Try GSS authentication */ 481638Srgrimes int gss_deleg_creds; /* Delegate GSS credentials */ 491638Srgrimes int password_authentication; /* Try password 501638Srgrimes * authentication. */ 511638Srgrimes int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ 521638Srgrimes char *kbd_interactive_devices; /* Keyboard-interactive auth devices. */ 531638Srgrimes int batch_mode; /* Batch mode: do not ask for passwords. */ 541638Srgrimes int check_host_ip; /* Also keep track of keys for IP address */ 551638Srgrimes int strict_host_key_checking; /* Strict host key checking. */ 561638Srgrimes int compression; /* Compress packets in both directions. */ 571638Srgrimes int compression_level; /* Compression level 1 (fast) to 9 581638Srgrimes * (best). */ 591638Srgrimes int tcp_keep_alive; /* Set SO_KEEPALIVE. */ 601638Srgrimes LogLevel log_level; /* Level for logging. */ 611638Srgrimes 621638Srgrimes int port; /* Port to connect. */ 631638Srgrimes int address_family; 641638Srgrimes int connection_attempts; /* Max attempts (seconds) before 651638Srgrimes * giving up */ 661638Srgrimes int connection_timeout; /* Max time (seconds) before 671638Srgrimes * aborting connection attempt */ 681638Srgrimes int number_of_password_prompts; /* Max number of password 691638Srgrimes * prompts. */ 701638Srgrimes int cipher; /* Cipher to use. */ 711638Srgrimes char *ciphers; /* SSH2 ciphers in order of preference. */ 721638Srgrimes char *macs; /* SSH2 macs in order of preference. */ 731638Srgrimes char *hostkeyalgorithms; /* SSH2 server key types in order of preference. */ 741638Srgrimes int protocol; /* Protocol in order of preference. */ 751638Srgrimes char *hostname; /* Real host to connect. */ 761638Srgrimes char *host_key_alias; /* hostname alias for .ssh/known_hosts */ 771638Srgrimes char *proxy_command; /* Proxy command for connecting the host. */ 781638Srgrimes char *user; /* User to log in as. */ 791638Srgrimes int escape_char; /* Escape character; -2 = none */ 801638Srgrimes 811638Srgrimes char *system_hostfile;/* Path for /etc/ssh/ssh_known_hosts. */ 821638Srgrimes char *user_hostfile; /* Path for $HOME/.ssh/known_hosts. */ 831638Srgrimes char *system_hostfile2; 841638Srgrimes char *user_hostfile2; 851638Srgrimes char *preferred_authentications; 861638Srgrimes char *bind_address; /* local socket address for connection to sshd */ 871638Srgrimes char *smartcard_device; /* Smartcard reader device */ 881638Srgrimes int verify_host_key_dns; /* Verify host key using DNS */ 891638Srgrimes 901638Srgrimes int num_identity_files; /* Number of files for RSA/DSA identities. */ 911638Srgrimes char *identity_files[SSH_MAX_IDENTITY_FILES]; 921638Srgrimes Key *identity_keys[SSH_MAX_IDENTITY_FILES]; 931638Srgrimes 941638Srgrimes /* Local TCP/IP forward requests. */ 951638Srgrimes int num_local_forwards; 961638Srgrimes Forward local_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; 971638Srgrimes 981638Srgrimes /* Remote TCP/IP forward requests. */ 991638Srgrimes int num_remote_forwards; 1001638Srgrimes Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; 1011638Srgrimes int clear_forwardings; 1021638Srgrimes 1031638Srgrimes int enable_ssh_keysign; 1041638Srgrimes int rekey_limit; 1051638Srgrimes int no_host_authentication_for_localhost; 1061638Srgrimes int identities_only; 1071638Srgrimes int server_alive_interval; 1081638Srgrimes int server_alive_count_max; 1091638Srgrimes 1101638Srgrimes int num_send_env; 1111638Srgrimes char *send_env[MAX_SEND_ENV]; 1121638Srgrimes 1131638Srgrimes char *control_path; 1141638Srgrimes int control_master; 1151638Srgrimes 1161638Srgrimes int hash_known_hosts; 1171638Srgrimes 1181638Srgrimes int tun_open; /* tun(4) */ 1191638Srgrimes int tun_local; /* force tun device (optional) */ 1201638Srgrimes int tun_remote; /* force tun device (optional) */ 1211638Srgrimes 1221638Srgrimes char *local_command; 1231638Srgrimes int permit_local_command; 1241638Srgrimes 1251638Srgrimes} Options; 1261638Srgrimes 1271638Srgrimes#define SSHCTL_MASTER_NO 0 1281638Srgrimes#define SSHCTL_MASTER_YES 1 1291638Srgrimes#define SSHCTL_MASTER_AUTO 2 1301638Srgrimes#define SSHCTL_MASTER_ASK 3 1311638Srgrimes#define SSHCTL_MASTER_AUTO_ASK 4 1321638Srgrimes 1331638Srgrimesvoid initialize_options(Options *); 1341638Srgrimesvoid fill_default_options(Options *); 1351638Srgrimesint read_config_file(const char *, const char *, Options *, int); 1361638Srgrimesint parse_forward(Forward *, const char *); 1371638Srgrimes 1381638Srgrimesint 1391638Srgrimesprocess_config_line(Options *, const char *, char *, const char *, int, int *); 1401638Srgrimes 1411638Srgrimesvoid add_local_forward(Options *, const Forward *); 1421638Srgrimesvoid add_remote_forward(Options *, const Forward *); 1431638Srgrimes 1441638Srgrimes#endif /* READCONF_H */ 1451638Srgrimes