Lines Matching full:options
77 static void parse_server_config_depth(ServerOptions *options,
85 /* Initializes the server options to their default values. */
88 initialize_server_options(ServerOptions *options) in initialize_server_options() argument
90 memset(options, 0, sizeof(*options)); in initialize_server_options()
92 /* Portable-specific options */ in initialize_server_options()
93 options->use_pam = -1; in initialize_server_options()
95 /* Standard Options */ in initialize_server_options()
96 options->num_ports = 0; in initialize_server_options()
97 options->ports_from_cmdline = 0; in initialize_server_options()
98 options->queued_listen_addrs = NULL; in initialize_server_options()
99 options->num_queued_listens = 0; in initialize_server_options()
100 options->listen_addrs = NULL; in initialize_server_options()
101 options->num_listen_addrs = 0; in initialize_server_options()
102 options->address_family = -1; in initialize_server_options()
103 options->routing_domain = NULL; in initialize_server_options()
104 options->num_host_key_files = 0; in initialize_server_options()
105 options->num_host_cert_files = 0; in initialize_server_options()
106 options->host_key_agent = NULL; in initialize_server_options()
107 options->pid_file = NULL; in initialize_server_options()
108 options->login_grace_time = -1; in initialize_server_options()
109 options->permit_root_login = PERMIT_NOT_SET; in initialize_server_options()
110 options->ignore_rhosts = -1; in initialize_server_options()
111 options->ignore_user_known_hosts = -1; in initialize_server_options()
112 options->print_motd = -1; in initialize_server_options()
113 options->print_lastlog = -1; in initialize_server_options()
114 options->x11_forwarding = -1; in initialize_server_options()
115 options->x11_display_offset = -1; in initialize_server_options()
116 options->x11_use_localhost = -1; in initialize_server_options()
117 options->permit_tty = -1; in initialize_server_options()
118 options->permit_user_rc = -1; in initialize_server_options()
119 options->xauth_location = NULL; in initialize_server_options()
120 options->strict_modes = -1; in initialize_server_options()
121 options->tcp_keep_alive = -1; in initialize_server_options()
122 options->log_facility = SYSLOG_FACILITY_NOT_SET; in initialize_server_options()
123 options->log_level = SYSLOG_LEVEL_NOT_SET; in initialize_server_options()
124 options->num_log_verbose = 0; in initialize_server_options()
125 options->log_verbose = NULL; in initialize_server_options()
126 options->hostbased_authentication = -1; in initialize_server_options()
127 options->hostbased_uses_name_from_packet_only = -1; in initialize_server_options()
128 options->hostbased_accepted_algos = NULL; in initialize_server_options()
129 options->hostkeyalgorithms = NULL; in initialize_server_options()
130 options->pubkey_authentication = -1; in initialize_server_options()
131 options->pubkey_auth_options = -1; in initialize_server_options()
132 options->pubkey_accepted_algos = NULL; in initialize_server_options()
133 options->kerberos_authentication = -1; in initialize_server_options()
134 options->kerberos_or_local_passwd = -1; in initialize_server_options()
135 options->kerberos_ticket_cleanup = -1; in initialize_server_options()
136 options->kerberos_get_afs_token = -1; in initialize_server_options()
137 options->gss_authentication=-1; in initialize_server_options()
138 options->gss_cleanup_creds = -1; in initialize_server_options()
139 options->gss_strict_acceptor = -1; in initialize_server_options()
140 options->password_authentication = -1; in initialize_server_options()
141 options->kbd_interactive_authentication = -1; in initialize_server_options()
142 options->permit_empty_passwd = -1; in initialize_server_options()
143 options->permit_user_env = -1; in initialize_server_options()
144 options->permit_user_env_allowlist = NULL; in initialize_server_options()
145 options->compression = -1; in initialize_server_options()
146 options->rekey_limit = -1; in initialize_server_options()
147 options->rekey_interval = -1; in initialize_server_options()
148 options->allow_tcp_forwarding = -1; in initialize_server_options()
149 options->allow_streamlocal_forwarding = -1; in initialize_server_options()
150 options->allow_agent_forwarding = -1; in initialize_server_options()
151 options->num_allow_users = 0; in initialize_server_options()
152 options->num_deny_users = 0; in initialize_server_options()
153 options->num_allow_groups = 0; in initialize_server_options()
154 options->num_deny_groups = 0; in initialize_server_options()
155 options->ciphers = NULL; in initialize_server_options()
156 options->macs = NULL; in initialize_server_options()
157 options->kex_algorithms = NULL; in initialize_server_options()
158 options->ca_sign_algorithms = NULL; in initialize_server_options()
159 options->fwd_opts.gateway_ports = -1; in initialize_server_options()
160 options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; in initialize_server_options()
161 options->fwd_opts.streamlocal_bind_unlink = -1; in initialize_server_options()
162 options->num_subsystems = 0; in initialize_server_options()
163 options->max_startups_begin = -1; in initialize_server_options()
164 options->max_startups_rate = -1; in initialize_server_options()
165 options->max_startups = -1; in initialize_server_options()
166 options->per_source_max_startups = -1; in initialize_server_options()
167 options->per_source_masklen_ipv4 = -1; in initialize_server_options()
168 options->per_source_masklen_ipv6 = -1; in initialize_server_options()
169 options->max_authtries = -1; in initialize_server_options()
170 options->max_sessions = -1; in initialize_server_options()
171 options->banner = NULL; in initialize_server_options()
172 options->use_dns = -1; in initialize_server_options()
173 options->client_alive_interval = -1; in initialize_server_options()
174 options->client_alive_count_max = -1; in initialize_server_options()
175 options->num_authkeys_files = 0; in initialize_server_options()
176 options->num_accept_env = 0; in initialize_server_options()
177 options->num_setenv = 0; in initialize_server_options()
178 options->permit_tun = -1; in initialize_server_options()
179 options->permitted_opens = NULL; in initialize_server_options()
180 options->permitted_listens = NULL; in initialize_server_options()
181 options->adm_forced_command = NULL; in initialize_server_options()
182 options->chroot_directory = NULL; in initialize_server_options()
183 options->authorized_keys_command = NULL; in initialize_server_options()
184 options->authorized_keys_command_user = NULL; in initialize_server_options()
185 options->revoked_keys_file = NULL; in initialize_server_options()
186 options->sk_provider = NULL; in initialize_server_options()
187 options->trusted_user_ca_keys = NULL; in initialize_server_options()
188 options->authorized_principals_file = NULL; in initialize_server_options()
189 options->authorized_principals_command = NULL; in initialize_server_options()
190 options->authorized_principals_command_user = NULL; in initialize_server_options()
191 options->ip_qos_interactive = -1; in initialize_server_options()
192 options->ip_qos_bulk = -1; in initialize_server_options()
193 options->version_addendum = NULL; in initialize_server_options()
194 options->fingerprint_hash = -1; in initialize_server_options()
195 options->disable_forwarding = -1; in initialize_server_options()
196 options->expose_userauth_info = -1; in initialize_server_options()
197 options->required_rsa_size = -1; in initialize_server_options()
198 options->channel_timeouts = NULL; in initialize_server_options()
199 options->num_channel_timeouts = 0; in initialize_server_options()
200 options->unused_connection_timeout = -1; in initialize_server_options()
201 options->use_blacklist = -1; in initialize_server_options()
258 ServerOptions *options, const char *path, int userprovided) in servconf_add_hostkey() argument
265 &options->host_key_files, &options->host_key_file_userprovided, in servconf_add_hostkey()
266 &options->num_host_key_files, apath, userprovided); in servconf_add_hostkey()
272 ServerOptions *options, const char *path) in servconf_add_hostcert() argument
277 &options->host_cert_files, &options->num_host_cert_files, apath); in servconf_add_hostcert()
282 fill_default_server_options(ServerOptions *options) in fill_default_server_options() argument
286 /* Portable-specific options */ in fill_default_server_options()
287 if (options->use_pam == -1) in fill_default_server_options()
288 options->use_pam = 1; in fill_default_server_options()
290 /* Standard Options */ in fill_default_server_options()
291 if (options->num_host_key_files == 0) { in fill_default_server_options()
293 servconf_add_hostkey(defaultkey, 0, options, in fill_default_server_options()
296 servconf_add_hostkey(defaultkey, 0, options, in fill_default_server_options()
299 servconf_add_hostkey(defaultkey, 0, options, in fill_default_server_options()
302 servconf_add_hostkey(defaultkey, 0, options, in fill_default_server_options()
306 if (options->num_host_key_files == 0) in fill_default_server_options()
309 if (options->num_ports == 0) in fill_default_server_options()
310 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; in fill_default_server_options()
311 if (options->address_family == -1) in fill_default_server_options()
312 options->address_family = AF_UNSPEC; in fill_default_server_options()
313 if (options->listen_addrs == NULL) in fill_default_server_options()
314 add_listen_addr(options, NULL, NULL, 0); in fill_default_server_options()
315 if (options->pid_file == NULL) in fill_default_server_options()
316 options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE); in fill_default_server_options()
317 if (options->moduli_file == NULL) in fill_default_server_options()
318 options->moduli_file = xstrdup(_PATH_DH_MODULI); in fill_default_server_options()
319 if (options->login_grace_time == -1) in fill_default_server_options()
320 options->login_grace_time = 120; in fill_default_server_options()
321 if (options->permit_root_login == PERMIT_NOT_SET) in fill_default_server_options()
322 options->permit_root_login = PERMIT_NO; in fill_default_server_options()
323 if (options->ignore_rhosts == -1) in fill_default_server_options()
324 options->ignore_rhosts = 1; in fill_default_server_options()
325 if (options->ignore_user_known_hosts == -1) in fill_default_server_options()
326 options->ignore_user_known_hosts = 0; in fill_default_server_options()
327 if (options->print_motd == -1) in fill_default_server_options()
328 options->print_motd = 1; in fill_default_server_options()
329 if (options->print_lastlog == -1) in fill_default_server_options()
330 options->print_lastlog = 1; in fill_default_server_options()
331 if (options->x11_forwarding == -1) in fill_default_server_options()
332 options->x11_forwarding = 0; in fill_default_server_options()
333 if (options->x11_display_offset == -1) in fill_default_server_options()
334 options->x11_display_offset = 10; in fill_default_server_options()
335 if (options->x11_use_localhost == -1) in fill_default_server_options()
336 options->x11_use_localhost = 1; in fill_default_server_options()
337 if (options->xauth_location == NULL) in fill_default_server_options()
338 options->xauth_location = xstrdup(_PATH_XAUTH); in fill_default_server_options()
339 if (options->permit_tty == -1) in fill_default_server_options()
340 options->permit_tty = 1; in fill_default_server_options()
341 if (options->permit_user_rc == -1) in fill_default_server_options()
342 options->permit_user_rc = 1; in fill_default_server_options()
343 if (options->strict_modes == -1) in fill_default_server_options()
344 options->strict_modes = 1; in fill_default_server_options()
345 if (options->tcp_keep_alive == -1) in fill_default_server_options()
346 options->tcp_keep_alive = 1; in fill_default_server_options()
347 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) in fill_default_server_options()
348 options->log_facility = SYSLOG_FACILITY_AUTH; in fill_default_server_options()
349 if (options->log_level == SYSLOG_LEVEL_NOT_SET) in fill_default_server_options()
350 options->log_level = SYSLOG_LEVEL_INFO; in fill_default_server_options()
351 if (options->hostbased_authentication == -1) in fill_default_server_options()
352 options->hostbased_authentication = 0; in fill_default_server_options()
353 if (options->hostbased_uses_name_from_packet_only == -1) in fill_default_server_options()
354 options->hostbased_uses_name_from_packet_only = 0; in fill_default_server_options()
355 if (options->pubkey_authentication == -1) in fill_default_server_options()
356 options->pubkey_authentication = 1; in fill_default_server_options()
357 if (options->pubkey_auth_options == -1) in fill_default_server_options()
358 options->pubkey_auth_options = 0; in fill_default_server_options()
359 if (options->kerberos_authentication == -1) in fill_default_server_options()
360 options->kerberos_authentication = 0; in fill_default_server_options()
361 if (options->kerberos_or_local_passwd == -1) in fill_default_server_options()
362 options->kerberos_or_local_passwd = 1; in fill_default_server_options()
363 if (options->kerberos_ticket_cleanup == -1) in fill_default_server_options()
364 options->kerberos_ticket_cleanup = 1; in fill_default_server_options()
365 if (options->kerberos_get_afs_token == -1) in fill_default_server_options()
366 options->kerberos_get_afs_token = 0; in fill_default_server_options()
367 if (options->gss_authentication == -1) in fill_default_server_options()
368 options->gss_authentication = 0; in fill_default_server_options()
369 if (options->gss_cleanup_creds == -1) in fill_default_server_options()
370 options->gss_cleanup_creds = 1; in fill_default_server_options()
371 if (options->gss_strict_acceptor == -1) in fill_default_server_options()
372 options->gss_strict_acceptor = 1; in fill_default_server_options()
373 if (options->password_authentication == -1) in fill_default_server_options()
374 options->password_authentication = 0; in fill_default_server_options()
375 if (options->kbd_interactive_authentication == -1) in fill_default_server_options()
376 options->kbd_interactive_authentication = 1; in fill_default_server_options()
377 if (options->permit_empty_passwd == -1) in fill_default_server_options()
378 options->permit_empty_passwd = 0; in fill_default_server_options()
379 if (options->permit_user_env == -1) { in fill_default_server_options()
380 options->permit_user_env = 0; in fill_default_server_options()
381 options->permit_user_env_allowlist = NULL; in fill_default_server_options()
383 if (options->compression == -1) in fill_default_server_options()
385 options->compression = COMP_DELAYED; in fill_default_server_options()
387 options->compression = COMP_NONE; in fill_default_server_options()
390 if (options->rekey_limit == -1) in fill_default_server_options()
391 options->rekey_limit = 0; in fill_default_server_options()
392 if (options->rekey_interval == -1) in fill_default_server_options()
393 options->rekey_interval = 0; in fill_default_server_options()
394 if (options->allow_tcp_forwarding == -1) in fill_default_server_options()
395 options->allow_tcp_forwarding = FORWARD_ALLOW; in fill_default_server_options()
396 if (options->allow_streamlocal_forwarding == -1) in fill_default_server_options()
397 options->allow_streamlocal_forwarding = FORWARD_ALLOW; in fill_default_server_options()
398 if (options->allow_agent_forwarding == -1) in fill_default_server_options()
399 options->allow_agent_forwarding = 1; in fill_default_server_options()
400 if (options->fwd_opts.gateway_ports == -1) in fill_default_server_options()
401 options->fwd_opts.gateway_ports = 0; in fill_default_server_options()
402 if (options->max_startups == -1) in fill_default_server_options()
403 options->max_startups = 100; in fill_default_server_options()
404 if (options->max_startups_rate == -1) in fill_default_server_options()
405 options->max_startups_rate = 30; /* 30% */ in fill_default_server_options()
406 if (options->max_startups_begin == -1) in fill_default_server_options()
407 options->max_startups_begin = 10; in fill_default_server_options()
408 if (options->per_source_max_startups == -1) in fill_default_server_options()
409 options->per_source_max_startups = INT_MAX; in fill_default_server_options()
410 if (options->per_source_masklen_ipv4 == -1) in fill_default_server_options()
411 options->per_source_masklen_ipv4 = 32; in fill_default_server_options()
412 if (options->per_source_masklen_ipv6 == -1) in fill_default_server_options()
413 options->per_source_masklen_ipv6 = 128; in fill_default_server_options()
414 if (options->max_authtries == -1) in fill_default_server_options()
415 options->max_authtries = DEFAULT_AUTH_FAIL_MAX; in fill_default_server_options()
416 if (options->max_sessions == -1) in fill_default_server_options()
417 options->max_sessions = DEFAULT_SESSIONS_MAX; in fill_default_server_options()
418 if (options->use_dns == -1) in fill_default_server_options()
419 options->use_dns = 1; in fill_default_server_options()
420 if (options->client_alive_interval == -1) in fill_default_server_options()
421 options->client_alive_interval = 0; in fill_default_server_options()
422 if (options->client_alive_count_max == -1) in fill_default_server_options()
423 options->client_alive_count_max = 3; in fill_default_server_options()
424 if (options->num_authkeys_files == 0) { in fill_default_server_options()
426 &options->authorized_keys_files, in fill_default_server_options()
427 &options->num_authkeys_files, in fill_default_server_options()
430 &options->authorized_keys_files, in fill_default_server_options()
431 &options->num_authkeys_files, in fill_default_server_options()
434 if (options->permit_tun == -1) in fill_default_server_options()
435 options->permit_tun = SSH_TUNMODE_NO; in fill_default_server_options()
436 if (options->ip_qos_interactive == -1) in fill_default_server_options()
437 options->ip_qos_interactive = IPTOS_DSCP_AF21; in fill_default_server_options()
438 if (options->ip_qos_bulk == -1) in fill_default_server_options()
439 options->ip_qos_bulk = IPTOS_DSCP_CS1; in fill_default_server_options()
440 if (options->version_addendum == NULL) in fill_default_server_options()
441 options->version_addendum = xstrdup(SSH_VERSION_FREEBSD); in fill_default_server_options()
442 if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) in fill_default_server_options()
443 options->fwd_opts.streamlocal_bind_mask = 0177; in fill_default_server_options()
444 if (options->fwd_opts.streamlocal_bind_unlink == -1) in fill_default_server_options()
445 options->fwd_opts.streamlocal_bind_unlink = 0; in fill_default_server_options()
446 if (options->fingerprint_hash == -1) in fill_default_server_options()
447 options->fingerprint_hash = SSH_FP_HASH_DEFAULT; in fill_default_server_options()
448 if (options->disable_forwarding == -1) in fill_default_server_options()
449 options->disable_forwarding = 0; in fill_default_server_options()
450 if (options->expose_userauth_info == -1) in fill_default_server_options()
451 options->expose_userauth_info = 0; in fill_default_server_options()
452 if (options->sk_provider == NULL) in fill_default_server_options()
453 options->sk_provider = xstrdup("internal"); in fill_default_server_options()
454 if (options->required_rsa_size == -1) in fill_default_server_options()
455 options->required_rsa_size = SSH_RSA_MINIMUM_MODULUS_SIZE; in fill_default_server_options()
456 if (options->unused_connection_timeout == -1) in fill_default_server_options()
457 options->unused_connection_timeout = 0; in fill_default_server_options()
458 if (options->use_blacklist == -1) in fill_default_server_options()
459 options->use_blacklist = 0; in fill_default_server_options()
461 assemble_algorithms(options); in fill_default_server_options()
476 if (options->nv == 1 && \ in fill_default_server_options()
477 strcasecmp(options->v[0], none) == 0) { \ in fill_default_server_options()
478 free(options->v[0]); \ in fill_default_server_options()
479 free(options->v); \ in fill_default_server_options()
480 options->v = NULL; \ in fill_default_server_options()
481 options->nv = 0; \ in fill_default_server_options()
484 CLEAR_ON_NONE(options->pid_file); in fill_default_server_options()
485 CLEAR_ON_NONE(options->xauth_location); in fill_default_server_options()
486 CLEAR_ON_NONE(options->banner); in fill_default_server_options()
487 CLEAR_ON_NONE(options->trusted_user_ca_keys); in fill_default_server_options()
488 CLEAR_ON_NONE(options->revoked_keys_file); in fill_default_server_options()
489 CLEAR_ON_NONE(options->sk_provider); in fill_default_server_options()
490 CLEAR_ON_NONE(options->authorized_principals_file); in fill_default_server_options()
491 CLEAR_ON_NONE(options->adm_forced_command); in fill_default_server_options()
492 CLEAR_ON_NONE(options->chroot_directory); in fill_default_server_options()
493 CLEAR_ON_NONE(options->routing_domain); in fill_default_server_options()
494 CLEAR_ON_NONE(options->host_key_agent); in fill_default_server_options()
496 for (i = 0; i < options->num_host_key_files; i++) in fill_default_server_options()
497 CLEAR_ON_NONE(options->host_key_files[i]); in fill_default_server_options()
498 for (i = 0; i < options->num_host_cert_files; i++) in fill_default_server_options()
499 CLEAR_ON_NONE(options->host_cert_files[i]); in fill_default_server_options()
510 /* Portable-specific options */
512 /* Standard Options */
560 /* Portable-specific options */
567 /* Standard Options */
777 add_listen_addr(ServerOptions *options, const char *addr, in add_listen_addr() argument
783 add_one_listen_addr(options, addr, rdomain, port); in add_listen_addr()
785 for (i = 0; i < options->num_ports; i++) { in add_listen_addr()
786 add_one_listen_addr(options, addr, rdomain, in add_listen_addr()
787 options->ports[i]); in add_listen_addr()
793 add_one_listen_addr(ServerOptions *options, const char *addr, in add_one_listen_addr() argument
802 for (i = 0; i < options->num_listen_addrs; i++) { in add_one_listen_addr()
803 if (rdomain == NULL && options->listen_addrs[i].rdomain == NULL) in add_one_listen_addr()
805 if (rdomain == NULL || options->listen_addrs[i].rdomain == NULL) in add_one_listen_addr()
807 if (strcmp(rdomain, options->listen_addrs[i].rdomain) == 0) in add_one_listen_addr()
810 if (i >= options->num_listen_addrs) { in add_one_listen_addr()
814 options->listen_addrs = xrecallocarray(options->listen_addrs, in add_one_listen_addr()
815 options->num_listen_addrs, options->num_listen_addrs + 1, in add_one_listen_addr()
816 sizeof(*options->listen_addrs)); in add_one_listen_addr()
817 i = options->num_listen_addrs++; in add_one_listen_addr()
819 options->listen_addrs[i].rdomain = xstrdup(rdomain); in add_one_listen_addr()
821 /* options->listen_addrs[i] points to the addresses for this rdomain */ in add_one_listen_addr()
824 hints.ai_family = options->address_family; in add_one_listen_addr()
834 ai->ai_next = options->listen_addrs[i].addrs; in add_one_listen_addr()
835 options->listen_addrs[i].addrs = aitop; in add_one_listen_addr()
876 * and AddressFamily options.
879 queue_listen_addr(ServerOptions *options, const char *addr, in queue_listen_addr() argument
884 options->queued_listen_addrs = xrecallocarray( in queue_listen_addr()
885 options->queued_listen_addrs, in queue_listen_addr()
886 options->num_queued_listens, options->num_queued_listens + 1, in queue_listen_addr()
887 sizeof(*options->queued_listen_addrs)); in queue_listen_addr()
888 qla = &options->queued_listen_addrs[options->num_queued_listens++]; in queue_listen_addr()
898 process_queued_listen_addrs(ServerOptions *options) in process_queued_listen_addrs() argument
903 if (options->num_ports == 0) in process_queued_listen_addrs()
904 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; in process_queued_listen_addrs()
905 if (options->address_family == -1) in process_queued_listen_addrs()
906 options->address_family = AF_UNSPEC; in process_queued_listen_addrs()
908 for (i = 0; i < options->num_queued_listens; i++) { in process_queued_listen_addrs()
909 qla = &options->queued_listen_addrs[i]; in process_queued_listen_addrs()
910 add_listen_addr(options, qla->addr, qla->rdomain, qla->port); in process_queued_listen_addrs()
914 free(options->queued_listen_addrs); in process_queued_listen_addrs()
915 options->queued_listen_addrs = NULL; in process_queued_listen_addrs()
916 options->num_queued_listens = 0; in process_queued_listen_addrs()
920 * Inform channels layer of permitopen options for a single forwarding
961 * Inform channels layer of permitopen options from configuration.
964 process_permitopen(struct ssh *ssh, ServerOptions *options) in process_permitopen() argument
967 options->permitted_opens, options->num_permitted_opens); in process_permitopen()
969 options->permitted_listens, in process_permitopen()
970 options->num_permitted_listens); in process_permitopen()
974 process_channel_timeouts(struct ssh *ssh, ServerOptions *options) in process_channel_timeouts() argument
980 debug3_f("setting %u timeouts", options->num_channel_timeouts); in process_channel_timeouts()
982 for (i = 0; i < options->num_channel_timeouts; i++) { in process_channel_timeouts()
983 if (parse_pattern_interval(options->channel_timeouts[i], in process_channel_timeouts()
986 options->channel_timeouts[i]); in process_channel_timeouts()
1021 * options set are copied into the main server config.
1309 process_server_config_line_depth(ServerOptions *options, char *line, in process_server_config_line_depth() argument
1383 /* Portable-specific options */ in process_server_config_line_depth()
1385 intptr = &options->use_pam; in process_server_config_line_depth()
1388 /* Standard Options */ in process_server_config_line_depth()
1393 if (options->ports_from_cmdline) { in process_server_config_line_depth()
1397 if (options->num_ports >= MAX_PORTS) in process_server_config_line_depth()
1404 options->ports[options->num_ports++] = a2port(arg); in process_server_config_line_depth()
1405 if (options->ports[options->num_ports-1] <= 0) in process_server_config_line_depth()
1411 intptr = &options->login_grace_time; in process_server_config_line_depth()
1458 queue_listen_addr(options, p, arg2, port); in process_server_config_line_depth()
1463 intptr = &options->address_family; in process_server_config_line_depth()
1491 options, arg, 1); in process_server_config_line_depth()
1496 charptr = &options->host_key_agent; in process_server_config_line_depth()
1512 servconf_add_hostcert(filename, linenum, options, arg); in process_server_config_line_depth()
1516 charptr = &options->pid_file; in process_server_config_line_depth()
1531 charptr = &options->moduli_file; in process_server_config_line_depth()
1535 intptr = &options->permit_root_login; in process_server_config_line_depth()
1540 intptr = &options->ignore_rhosts; in process_server_config_line_depth()
1545 intptr = &options->ignore_user_known_hosts; in process_server_config_line_depth()
1551 intptr = &options->hostbased_authentication; in process_server_config_line_depth()
1555 intptr = &options->hostbased_uses_name_from_packet_only; in process_server_config_line_depth()
1559 charptr = &options->hostbased_accepted_algos; in process_server_config_line_depth()
1576 charptr = &options->hostkeyalgorithms; in process_server_config_line_depth()
1581 charptr = &options->ca_sign_algorithms; in process_server_config_line_depth()
1586 intptr = &options->pubkey_authentication; in process_server_config_line_depth()
1591 charptr = &options->pubkey_accepted_algos; in process_server_config_line_depth()
1596 intptr = &options->pubkey_auth_options; in process_server_config_line_depth()
1616 intptr = &options->kerberos_authentication; in process_server_config_line_depth()
1620 intptr = &options->kerberos_or_local_passwd; in process_server_config_line_depth()
1624 intptr = &options->kerberos_ticket_cleanup; in process_server_config_line_depth()
1628 intptr = &options->kerberos_get_afs_token; in process_server_config_line_depth()
1632 intptr = &options->gss_authentication; in process_server_config_line_depth()
1636 intptr = &options->gss_cleanup_creds; in process_server_config_line_depth()
1640 intptr = &options->gss_strict_acceptor; in process_server_config_line_depth()
1644 intptr = &options->password_authentication; in process_server_config_line_depth()
1648 intptr = &options->kbd_interactive_authentication; in process_server_config_line_depth()
1652 intptr = &options->print_motd; in process_server_config_line_depth()
1656 intptr = &options->print_lastlog; in process_server_config_line_depth()
1660 intptr = &options->x11_forwarding; in process_server_config_line_depth()
1664 intptr = &options->x11_display_offset; in process_server_config_line_depth()
1675 intptr = &options->x11_use_localhost; in process_server_config_line_depth()
1679 charptr = &options->xauth_location; in process_server_config_line_depth()
1683 intptr = &options->permit_tty; in process_server_config_line_depth()
1687 intptr = &options->permit_user_rc; in process_server_config_line_depth()
1691 intptr = &options->strict_modes; in process_server_config_line_depth()
1695 intptr = &options->tcp_keep_alive; in process_server_config_line_depth()
1699 intptr = &options->permit_empty_passwd; in process_server_config_line_depth()
1703 intptr = &options->permit_user_env; in process_server_config_line_depth()
1704 charptr = &options->permit_user_env_allowlist; in process_server_config_line_depth()
1729 intptr = &options->compression; in process_server_config_line_depth()
1749 if (*activep && options->rekey_limit == -1) in process_server_config_line_depth()
1750 options->rekey_limit = val64; in process_server_config_line_depth()
1756 intptr = &options->rekey_interval; in process_server_config_line_depth()
1762 intptr = &options->fwd_opts.gateway_ports; in process_server_config_line_depth()
1767 intptr = &options->use_dns; in process_server_config_line_depth()
1771 log_facility_ptr = &options->log_facility; in process_server_config_line_depth()
1782 log_level_ptr = &options->log_level; in process_server_config_line_depth()
1793 found = options->num_log_verbose == 0; in process_server_config_line_depth()
1817 options->log_verbose = strs; in process_server_config_line_depth()
1818 options->num_log_verbose = nstrs; in process_server_config_line_depth()
1825 intptr = &options->allow_tcp_forwarding; in process_server_config_line_depth()
1830 intptr = &options->allow_streamlocal_forwarding; in process_server_config_line_depth()
1835 intptr = &options->allow_agent_forwarding; in process_server_config_line_depth()
1839 intptr = &options->disable_forwarding; in process_server_config_line_depth()
1843 chararrayptr = &options->allow_users; in process_server_config_line_depth()
1844 uintptr = &options->num_allow_users; in process_server_config_line_depth()
1865 chararrayptr = &options->deny_users; in process_server_config_line_depth()
1866 uintptr = &options->num_deny_users; in process_server_config_line_depth()
1870 chararrayptr = &options->allow_groups; in process_server_config_line_depth()
1871 uintptr = &options->num_allow_groups; in process_server_config_line_depth()
1891 chararrayptr = &options->deny_groups; in process_server_config_line_depth()
1892 uintptr = &options->num_deny_groups; in process_server_config_line_depth()
1904 if (options->ciphers == NULL) in process_server_config_line_depth()
1905 options->ciphers = xstrdup(arg); in process_server_config_line_depth()
1917 if (options->macs == NULL) in process_server_config_line_depth()
1918 options->macs = xstrdup(arg); in process_server_config_line_depth()
1931 if (options->kex_algorithms == NULL) in process_server_config_line_depth()
1932 options->kex_algorithms = xstrdup(arg); in process_server_config_line_depth()
1945 for (i = 0; i < options->num_subsystems; i++) { in process_server_config_line_depth()
1946 if (strcmp(arg, options->subsystem_name[i]) == 0) { in process_server_config_line_depth()
1957 options->subsystem_name = xrecallocarray( in process_server_config_line_depth()
1958 options->subsystem_name, options->num_subsystems, in process_server_config_line_depth()
1959 options->num_subsystems + 1, in process_server_config_line_depth()
1960 sizeof(*options->subsystem_name)); in process_server_config_line_depth()
1961 options->subsystem_command = xrecallocarray( in process_server_config_line_depth()
1962 options->subsystem_command, options->num_subsystems, in process_server_config_line_depth()
1963 options->num_subsystems + 1, in process_server_config_line_depth()
1964 sizeof(*options->subsystem_command)); in process_server_config_line_depth()
1965 options->subsystem_args = xrecallocarray( in process_server_config_line_depth()
1966 options->subsystem_args, options->num_subsystems, in process_server_config_line_depth()
1967 options->num_subsystems + 1, in process_server_config_line_depth()
1968 sizeof(*options->subsystem_args)); in process_server_config_line_depth()
1969 options->subsystem_name[options->num_subsystems] = xstrdup(arg); in process_server_config_line_depth()
1975 options->subsystem_command[options->num_subsystems] = in process_server_config_line_depth()
1980 xasprintf(&options->subsystem_args[options->num_subsystems], in process_server_config_line_depth()
1984 options->num_subsystems++; in process_server_config_line_depth()
1993 &options->max_startups_begin, in process_server_config_line_depth()
1994 &options->max_startups_rate, in process_server_config_line_depth()
1995 &options->max_startups)) == 3) { in process_server_config_line_depth()
1996 if (options->max_startups_begin > in process_server_config_line_depth()
1997 options->max_startups || in process_server_config_line_depth()
1998 options->max_startups_rate > 100 || in process_server_config_line_depth()
1999 options->max_startups_rate < 1) in process_server_config_line_depth()
2006 options->max_startups = options->max_startups_begin; in process_server_config_line_depth()
2007 if (options->max_startups <= 0 || in process_server_config_line_depth()
2008 options->max_startups_begin <= 0) in process_server_config_line_depth()
2031 options->per_source_masklen_ipv4 = value; in process_server_config_line_depth()
2032 options->per_source_masklen_ipv6 = value2; in process_server_config_line_depth()
2048 if (*activep && options->per_source_max_startups == -1) in process_server_config_line_depth()
2049 options->per_source_max_startups = value; in process_server_config_line_depth()
2053 intptr = &options->max_authtries; in process_server_config_line_depth()
2057 intptr = &options->max_sessions; in process_server_config_line_depth()
2061 charptr = &options->banner; in process_server_config_line_depth()
2065 * These options can contain %X options expanded at in process_server_config_line_depth()
2071 found = options->num_authkeys_files == 0; in process_server_config_line_depth()
2088 options->authorized_keys_files = strs; in process_server_config_line_depth()
2089 options->num_authkeys_files = nstrs; in process_server_config_line_depth()
2096 charptr = &options->authorized_principals_file; in process_server_config_line_depth()
2110 intptr = &options->client_alive_interval; in process_server_config_line_depth()
2114 intptr = &options->client_alive_count_max; in process_server_config_line_depth()
2127 &options->accept_env, &options->num_accept_env, in process_server_config_line_depth()
2137 found = options->num_setenv == 0; in process_server_config_line_depth()
2155 options->setenv = strs; in process_server_config_line_depth()
2156 options->num_setenv = nstrs; in process_server_config_line_depth()
2163 intptr = &options->permit_tun; in process_server_config_line_depth()
2211 parse_server_config_depth(options, in process_server_config_line_depth()
2258 parse_server_config_depth(options, in process_server_config_line_depth()
2303 uintptr = &options->num_permitted_listens; in process_server_config_line_depth()
2304 chararrayptr = &options->permitted_listens; in process_server_config_line_depth()
2306 uintptr = &options->num_permitted_opens; in process_server_config_line_depth()
2307 chararrayptr = &options->permitted_opens; in process_server_config_line_depth()
2365 if (*activep && options->adm_forced_command == NULL) in process_server_config_line_depth()
2366 options->adm_forced_command = xstrdup(str + len); in process_server_config_line_depth()
2371 charptr = &options->chroot_directory; in process_server_config_line_depth()
2382 charptr = &options->trusted_user_ca_keys; in process_server_config_line_depth()
2386 charptr = &options->revoked_keys_file; in process_server_config_line_depth()
2390 charptr = &options->sk_provider; in process_server_config_line_depth()
2419 options->ip_qos_interactive = value; in process_server_config_line_depth()
2420 options->ip_qos_bulk = value2; in process_server_config_line_depth()
2437 if (*activep && options->version_addendum == NULL) { in process_server_config_line_depth()
2439 options->version_addendum = xstrdup(""); in process_server_config_line_depth()
2441 options->version_addendum = xstrdup(str + len); in process_server_config_line_depth()
2447 charptr = &options->authorized_keys_command; in process_server_config_line_depth()
2460 charptr = &options->authorized_keys_command_user; in process_server_config_line_depth()
2472 charptr = &options->authorized_principals_command; in process_server_config_line_depth()
2476 charptr = &options->authorized_principals_command_user; in process_server_config_line_depth()
2480 found = options->num_auth_methods == 0; in process_server_config_line_depth()
2505 options->auth_methods = strs; in process_server_config_line_depth()
2506 options->num_auth_methods = nstrs; in process_server_config_line_depth()
2523 options->fwd_opts.streamlocal_bind_mask = (mode_t)value; in process_server_config_line_depth()
2527 intptr = &options->fwd_opts.streamlocal_bind_unlink; in process_server_config_line_depth()
2539 options->fingerprint_hash = value; in process_server_config_line_depth()
2543 intptr = &options->expose_userauth_info; in process_server_config_line_depth()
2551 charptr = &options->routing_domain; in process_server_config_line_depth()
2565 intptr = &options->required_rsa_size; in process_server_config_line_depth()
2569 found = options->num_channel_timeouts == 0; in process_server_config_line_depth()
2592 options->channel_timeouts = strs; in process_server_config_line_depth()
2593 options->num_channel_timeouts = nstrs; in process_server_config_line_depth()
2600 intptr = &options->unused_connection_timeout; in process_server_config_line_depth()
2611 intptr = &options->use_blacklist; in process_server_config_line_depth()
2645 process_server_config_line(ServerOptions *options, char *line, in process_server_config_line() argument
2651 return process_server_config_line_depth(options, line, filename, in process_server_config_line()
2695 parse_server_match_config(ServerOptions *options, in parse_server_match_config() argument
2703 copy_set_server_options(options, &mo, 0); in parse_server_match_config()
2867 * The only things that should be below this point are string options in copy_set_server_options()
2873 /* These options may be "none" to clear a global setting */ in copy_set_server_options()
2895 parse_server_config_depth(ServerOptions *options, const char *filename, in parse_server_config_depth() argument
2912 if (process_server_config_line_depth(options, cp, in parse_server_config_depth()
2919 fatal("%s: terminating, %d bad configuration options", in parse_server_config_depth()
2924 parse_server_config(ServerOptions *options, const char *filename, in parse_server_config() argument
2929 parse_server_config_depth(options, filename, conf, includes, in parse_server_config()
2932 process_queued_listen_addrs(options); in parse_server_config()