Lines Matching full:options
81 void parse_server_config_depth(ServerOptions *options, const char *filename,
89 /* Initializes the server options to their default values. */
92 initialize_server_options(ServerOptions *options) in initialize_server_options() argument
94 memset(options, 0, sizeof(*options)); in initialize_server_options()
96 /* Portable-specific options */ in initialize_server_options()
97 options->use_pam = -1; in initialize_server_options()
99 /* Standard Options */ in initialize_server_options()
100 options->num_ports = 0; in initialize_server_options()
101 options->ports_from_cmdline = 0; in initialize_server_options()
102 options->queued_listen_addrs = NULL; in initialize_server_options()
103 options->num_queued_listens = 0; in initialize_server_options()
104 options->listen_addrs = NULL; in initialize_server_options()
105 options->num_listen_addrs = 0; in initialize_server_options()
106 options->address_family = -1; in initialize_server_options()
107 options->routing_domain = NULL; in initialize_server_options()
108 options->num_host_key_files = 0; in initialize_server_options()
109 options->num_host_cert_files = 0; in initialize_server_options()
110 options->host_key_agent = NULL; in initialize_server_options()
111 options->pid_file = NULL; in initialize_server_options()
112 options->login_grace_time = -1; in initialize_server_options()
113 options->permit_root_login = PERMIT_NOT_SET; in initialize_server_options()
114 options->ignore_rhosts = -1; in initialize_server_options()
115 options->ignore_user_known_hosts = -1; in initialize_server_options()
116 options->print_motd = -1; in initialize_server_options()
117 options->print_lastlog = -1; in initialize_server_options()
118 options->x11_forwarding = -1; in initialize_server_options()
119 options->x11_display_offset = -1; in initialize_server_options()
120 options->x11_use_localhost = -1; in initialize_server_options()
121 options->permit_tty = -1; in initialize_server_options()
122 options->permit_user_rc = -1; in initialize_server_options()
123 options->xauth_location = NULL; in initialize_server_options()
124 options->strict_modes = -1; in initialize_server_options()
125 options->tcp_keep_alive = -1; in initialize_server_options()
126 options->log_facility = SYSLOG_FACILITY_NOT_SET; in initialize_server_options()
127 options->log_level = SYSLOG_LEVEL_NOT_SET; in initialize_server_options()
128 options->hostbased_authentication = -1; in initialize_server_options()
129 options->hostbased_uses_name_from_packet_only = -1; in initialize_server_options()
130 options->hostbased_key_types = NULL; in initialize_server_options()
131 options->hostkeyalgorithms = NULL; in initialize_server_options()
132 options->pubkey_authentication = -1; in initialize_server_options()
133 options->pubkey_auth_options = -1; in initialize_server_options()
134 options->pubkey_key_types = NULL; in initialize_server_options()
135 options->kerberos_authentication = -1; in initialize_server_options()
136 options->kerberos_or_local_passwd = -1; in initialize_server_options()
137 options->kerberos_ticket_cleanup = -1; in initialize_server_options()
138 options->kerberos_get_afs_token = -1; in initialize_server_options()
139 options->gss_authentication=-1; in initialize_server_options()
140 options->gss_cleanup_creds = -1; in initialize_server_options()
141 options->gss_strict_acceptor = -1; in initialize_server_options()
142 options->password_authentication = -1; in initialize_server_options()
143 options->kbd_interactive_authentication = -1; in initialize_server_options()
144 options->challenge_response_authentication = -1; in initialize_server_options()
145 options->permit_empty_passwd = -1; in initialize_server_options()
146 options->permit_user_env = -1; in initialize_server_options()
147 options->permit_user_env_whitelist = NULL; in initialize_server_options()
148 options->compression = -1; in initialize_server_options()
149 options->rekey_limit = -1; in initialize_server_options()
150 options->rekey_interval = -1; in initialize_server_options()
151 options->allow_tcp_forwarding = -1; in initialize_server_options()
152 options->allow_streamlocal_forwarding = -1; in initialize_server_options()
153 options->allow_agent_forwarding = -1; in initialize_server_options()
154 options->num_allow_users = 0; in initialize_server_options()
155 options->num_deny_users = 0; in initialize_server_options()
156 options->num_allow_groups = 0; in initialize_server_options()
157 options->num_deny_groups = 0; in initialize_server_options()
158 options->ciphers = NULL; in initialize_server_options()
159 options->macs = NULL; in initialize_server_options()
160 options->kex_algorithms = NULL; in initialize_server_options()
161 options->ca_sign_algorithms = NULL; in initialize_server_options()
162 options->fwd_opts.gateway_ports = -1; in initialize_server_options()
163 options->fwd_opts.streamlocal_bind_mask = (mode_t)-1; in initialize_server_options()
164 options->fwd_opts.streamlocal_bind_unlink = -1; in initialize_server_options()
165 options->num_subsystems = 0; in initialize_server_options()
166 options->max_startups_begin = -1; in initialize_server_options()
167 options->max_startups_rate = -1; in initialize_server_options()
168 options->max_startups = -1; in initialize_server_options()
169 options->max_authtries = -1; in initialize_server_options()
170 options->max_sessions = -1; in initialize_server_options()
171 options->banner = NULL; in initialize_server_options()
172 options->use_dns = -1; in initialize_server_options()
173 options->client_alive_interval = -1; in initialize_server_options()
174 options->client_alive_count_max = -1; in initialize_server_options()
175 options->num_authkeys_files = 0; in initialize_server_options()
176 options->num_accept_env = 0; in initialize_server_options()
177 options->num_setenv = 0; in initialize_server_options()
178 options->permit_tun = -1; in initialize_server_options()
179 options->permitted_opens = NULL; in initialize_server_options()
180 options->permitted_listens = NULL; in initialize_server_options()
181 options->adm_forced_command = NULL; in initialize_server_options()
182 options->chroot_directory = NULL; in initialize_server_options()
183 options->authorized_keys_command = NULL; in initialize_server_options()
184 options->authorized_keys_command_user = NULL; in initialize_server_options()
185 options->revoked_keys_file = NULL; in initialize_server_options()
186 options->sk_provider = NULL; in initialize_server_options()
187 options->trusted_user_ca_keys = NULL; in initialize_server_options()
188 options->authorized_principals_file = NULL; in initialize_server_options()
189 options->authorized_principals_command = NULL; in initialize_server_options()
190 options->authorized_principals_command_user = NULL; in initialize_server_options()
191 options->ip_qos_interactive = -1; in initialize_server_options()
192 options->ip_qos_bulk = -1; in initialize_server_options()
193 options->version_addendum = NULL; in initialize_server_options()
194 options->fingerprint_hash = -1; in initialize_server_options()
195 options->disable_forwarding = -1; in initialize_server_options()
196 options->expose_userauth_info = -1; in initialize_server_options()
277 ServerOptions *options, const char *path, int userprovided) in servconf_add_hostkey() argument
282 &options->host_key_files, &options->host_key_file_userprovided, in servconf_add_hostkey()
283 &options->num_host_key_files, apath, userprovided); in servconf_add_hostkey()
289 ServerOptions *options, const char *path) in servconf_add_hostcert() argument
294 &options->host_cert_files, &options->num_host_cert_files, apath); in servconf_add_hostcert()
299 fill_default_server_options(ServerOptions *options) in fill_default_server_options() argument
303 /* Portable-specific options */ in fill_default_server_options()
304 if (options->use_pam == -1) in fill_default_server_options()
305 options->use_pam = 0; in fill_default_server_options()
307 /* Standard Options */ in fill_default_server_options()
308 if (options->num_host_key_files == 0) { in fill_default_server_options()
310 servconf_add_hostkey("[default]", 0, options, in fill_default_server_options()
313 servconf_add_hostkey("[default]", 0, options, in fill_default_server_options()
316 servconf_add_hostkey("[default]", 0, options, in fill_default_server_options()
319 servconf_add_hostkey("[default]", 0, options, in fill_default_server_options()
324 if (options->num_ports == 0) in fill_default_server_options()
325 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; in fill_default_server_options()
326 if (options->address_family == -1) in fill_default_server_options()
327 options->address_family = AF_UNSPEC; in fill_default_server_options()
328 if (options->listen_addrs == NULL) in fill_default_server_options()
329 add_listen_addr(options, NULL, NULL, 0); in fill_default_server_options()
330 if (options->pid_file == NULL) in fill_default_server_options()
331 options->pid_file = xstrdup(_PATH_SSH_DAEMON_PID_FILE); in fill_default_server_options()
332 if (options->login_grace_time == -1) in fill_default_server_options()
333 options->login_grace_time = 120; in fill_default_server_options()
334 if (options->permit_root_login == PERMIT_NOT_SET) in fill_default_server_options()
335 options->permit_root_login = PERMIT_NO_PASSWD; in fill_default_server_options()
336 if (options->ignore_rhosts == -1) in fill_default_server_options()
337 options->ignore_rhosts = 1; in fill_default_server_options()
338 if (options->ignore_user_known_hosts == -1) in fill_default_server_options()
339 options->ignore_user_known_hosts = 0; in fill_default_server_options()
340 if (options->print_motd == -1) in fill_default_server_options()
341 options->print_motd = 1; in fill_default_server_options()
342 if (options->print_lastlog == -1) in fill_default_server_options()
343 options->print_lastlog = 1; in fill_default_server_options()
344 if (options->x11_forwarding == -1) in fill_default_server_options()
345 options->x11_forwarding = 0; in fill_default_server_options()
346 if (options->x11_display_offset == -1) in fill_default_server_options()
347 options->x11_display_offset = 10; in fill_default_server_options()
348 if (options->x11_use_localhost == -1) in fill_default_server_options()
349 options->x11_use_localhost = 1; in fill_default_server_options()
350 if (options->xauth_location == NULL) in fill_default_server_options()
351 options->xauth_location = xstrdup(_PATH_XAUTH); in fill_default_server_options()
352 if (options->permit_tty == -1) in fill_default_server_options()
353 options->permit_tty = 1; in fill_default_server_options()
354 if (options->permit_user_rc == -1) in fill_default_server_options()
355 options->permit_user_rc = 1; in fill_default_server_options()
356 if (options->strict_modes == -1) in fill_default_server_options()
357 options->strict_modes = 1; in fill_default_server_options()
358 if (options->tcp_keep_alive == -1) in fill_default_server_options()
359 options->tcp_keep_alive = 1; in fill_default_server_options()
360 if (options->log_facility == SYSLOG_FACILITY_NOT_SET) in fill_default_server_options()
361 options->log_facility = SYSLOG_FACILITY_AUTH; in fill_default_server_options()
362 if (options->log_level == SYSLOG_LEVEL_NOT_SET) in fill_default_server_options()
363 options->log_level = SYSLOG_LEVEL_INFO; in fill_default_server_options()
364 if (options->hostbased_authentication == -1) in fill_default_server_options()
365 options->hostbased_authentication = 0; in fill_default_server_options()
366 if (options->hostbased_uses_name_from_packet_only == -1) in fill_default_server_options()
367 options->hostbased_uses_name_from_packet_only = 0; in fill_default_server_options()
368 if (options->pubkey_authentication == -1) in fill_default_server_options()
369 options->pubkey_authentication = 1; in fill_default_server_options()
370 if (options->pubkey_auth_options == -1) in fill_default_server_options()
371 options->pubkey_auth_options = 0; in fill_default_server_options()
372 if (options->kerberos_authentication == -1) in fill_default_server_options()
373 options->kerberos_authentication = 0; in fill_default_server_options()
374 if (options->kerberos_or_local_passwd == -1) in fill_default_server_options()
375 options->kerberos_or_local_passwd = 1; in fill_default_server_options()
376 if (options->kerberos_ticket_cleanup == -1) in fill_default_server_options()
377 options->kerberos_ticket_cleanup = 1; in fill_default_server_options()
378 if (options->kerberos_get_afs_token == -1) in fill_default_server_options()
379 options->kerberos_get_afs_token = 0; in fill_default_server_options()
380 if (options->gss_authentication == -1) in fill_default_server_options()
381 options->gss_authentication = 0; in fill_default_server_options()
382 if (options->gss_cleanup_creds == -1) in fill_default_server_options()
383 options->gss_cleanup_creds = 1; in fill_default_server_options()
384 if (options->gss_strict_acceptor == -1) in fill_default_server_options()
385 options->gss_strict_acceptor = 1; in fill_default_server_options()
386 if (options->password_authentication == -1) in fill_default_server_options()
387 options->password_authentication = 1; in fill_default_server_options()
388 if (options->kbd_interactive_authentication == -1) in fill_default_server_options()
389 options->kbd_interactive_authentication = 0; in fill_default_server_options()
390 if (options->challenge_response_authentication == -1) in fill_default_server_options()
391 options->challenge_response_authentication = 1; in fill_default_server_options()
392 if (options->permit_empty_passwd == -1) in fill_default_server_options()
393 options->permit_empty_passwd = 0; in fill_default_server_options()
394 if (options->permit_user_env == -1) { in fill_default_server_options()
395 options->permit_user_env = 0; in fill_default_server_options()
396 options->permit_user_env_whitelist = NULL; in fill_default_server_options()
398 if (options->compression == -1) in fill_default_server_options()
400 options->compression = COMP_DELAYED; in fill_default_server_options()
402 options->compression = COMP_NONE; in fill_default_server_options()
405 if (options->rekey_limit == -1) in fill_default_server_options()
406 options->rekey_limit = 0; in fill_default_server_options()
407 if (options->rekey_interval == -1) in fill_default_server_options()
408 options->rekey_interval = 0; in fill_default_server_options()
409 if (options->allow_tcp_forwarding == -1) in fill_default_server_options()
410 options->allow_tcp_forwarding = FORWARD_ALLOW; in fill_default_server_options()
411 if (options->allow_streamlocal_forwarding == -1) in fill_default_server_options()
412 options->allow_streamlocal_forwarding = FORWARD_ALLOW; in fill_default_server_options()
413 if (options->allow_agent_forwarding == -1) in fill_default_server_options()
414 options->allow_agent_forwarding = 1; in fill_default_server_options()
415 if (options->fwd_opts.gateway_ports == -1) in fill_default_server_options()
416 options->fwd_opts.gateway_ports = 0; in fill_default_server_options()
417 if (options->max_startups == -1) in fill_default_server_options()
418 options->max_startups = 100; in fill_default_server_options()
419 if (options->max_startups_rate == -1) in fill_default_server_options()
420 options->max_startups_rate = 30; /* 30% */ in fill_default_server_options()
421 if (options->max_startups_begin == -1) in fill_default_server_options()
422 options->max_startups_begin = 10; in fill_default_server_options()
423 if (options->max_authtries == -1) in fill_default_server_options()
424 options->max_authtries = DEFAULT_AUTH_FAIL_MAX; in fill_default_server_options()
425 if (options->max_sessions == -1) in fill_default_server_options()
426 options->max_sessions = DEFAULT_SESSIONS_MAX; in fill_default_server_options()
427 if (options->use_dns == -1) in fill_default_server_options()
428 options->use_dns = 0; in fill_default_server_options()
429 if (options->client_alive_interval == -1) in fill_default_server_options()
430 options->client_alive_interval = 0; in fill_default_server_options()
431 if (options->client_alive_count_max == -1) in fill_default_server_options()
432 options->client_alive_count_max = 3; in fill_default_server_options()
433 if (options->num_authkeys_files == 0) { in fill_default_server_options()
435 &options->authorized_keys_files, in fill_default_server_options()
436 &options->num_authkeys_files, in fill_default_server_options()
439 &options->authorized_keys_files, in fill_default_server_options()
440 &options->num_authkeys_files, in fill_default_server_options()
443 if (options->permit_tun == -1) in fill_default_server_options()
444 options->permit_tun = SSH_TUNMODE_NO; in fill_default_server_options()
445 if (options->ip_qos_interactive == -1) in fill_default_server_options()
446 options->ip_qos_interactive = IPTOS_DSCP_AF21; in fill_default_server_options()
447 if (options->ip_qos_bulk == -1) in fill_default_server_options()
448 options->ip_qos_bulk = IPTOS_DSCP_CS1; in fill_default_server_options()
449 if (options->version_addendum == NULL) in fill_default_server_options()
450 options->version_addendum = xstrdup(""); in fill_default_server_options()
451 if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1) in fill_default_server_options()
452 options->fwd_opts.streamlocal_bind_mask = 0177; in fill_default_server_options()
453 if (options->fwd_opts.streamlocal_bind_unlink == -1) in fill_default_server_options()
454 options->fwd_opts.streamlocal_bind_unlink = 0; in fill_default_server_options()
455 if (options->fingerprint_hash == -1) in fill_default_server_options()
456 options->fingerprint_hash = SSH_FP_HASH_DEFAULT; in fill_default_server_options()
457 if (options->disable_forwarding == -1) in fill_default_server_options()
458 options->disable_forwarding = 0; in fill_default_server_options()
459 if (options->expose_userauth_info == -1) in fill_default_server_options()
460 options->expose_userauth_info = 0; in fill_default_server_options()
461 if (options->sk_provider == NULL) in fill_default_server_options()
462 options->sk_provider = xstrdup("internal"); in fill_default_server_options()
464 assemble_algorithms(options); in fill_default_server_options()
477 CLEAR_ON_NONE(options->pid_file); in fill_default_server_options()
478 CLEAR_ON_NONE(options->xauth_location); in fill_default_server_options()
479 CLEAR_ON_NONE(options->banner); in fill_default_server_options()
480 CLEAR_ON_NONE(options->trusted_user_ca_keys); in fill_default_server_options()
481 CLEAR_ON_NONE(options->revoked_keys_file); in fill_default_server_options()
482 CLEAR_ON_NONE(options->sk_provider); in fill_default_server_options()
483 CLEAR_ON_NONE(options->authorized_principals_file); in fill_default_server_options()
484 CLEAR_ON_NONE(options->adm_forced_command); in fill_default_server_options()
485 CLEAR_ON_NONE(options->chroot_directory); in fill_default_server_options()
486 CLEAR_ON_NONE(options->routing_domain); in fill_default_server_options()
487 CLEAR_ON_NONE(options->host_key_agent); in fill_default_server_options()
488 for (i = 0; i < options->num_host_key_files; i++) in fill_default_server_options()
489 CLEAR_ON_NONE(options->host_key_files[i]); in fill_default_server_options()
490 for (i = 0; i < options->num_host_cert_files; i++) in fill_default_server_options()
491 CLEAR_ON_NONE(options->host_cert_files[i]); in fill_default_server_options()
495 if (options->num_auth_methods == 1 && in fill_default_server_options()
496 strcmp(options->auth_methods[0], "any") == 0) { in fill_default_server_options()
497 free(options->auth_methods[0]); in fill_default_server_options()
498 options->auth_methods[0] = NULL; in fill_default_server_options()
499 options->num_auth_methods = 0; in fill_default_server_options()
503 if (use_privsep && options->compression == 1) { in fill_default_server_options()
507 options->compression = 0; in fill_default_server_options()
515 /* Portable-specific options */
517 /* Standard Options */
564 /* Portable-specific options */
571 /* Standard Options */
769 add_listen_addr(ServerOptions *options, const char *addr, in add_listen_addr() argument
775 add_one_listen_addr(options, addr, rdomain, port); in add_listen_addr()
777 for (i = 0; i < options->num_ports; i++) { in add_listen_addr()
778 add_one_listen_addr(options, addr, rdomain, in add_listen_addr()
779 options->ports[i]); in add_listen_addr()
785 add_one_listen_addr(ServerOptions *options, const char *addr, in add_one_listen_addr() argument
794 for (i = 0; i < options->num_listen_addrs; i++) { in add_one_listen_addr()
795 if (rdomain == NULL && options->listen_addrs[i].rdomain == NULL) in add_one_listen_addr()
797 if (rdomain == NULL || options->listen_addrs[i].rdomain == NULL) in add_one_listen_addr()
799 if (strcmp(rdomain, options->listen_addrs[i].rdomain) == 0) in add_one_listen_addr()
802 if (i >= options->num_listen_addrs) { in add_one_listen_addr()
806 options->listen_addrs = xrecallocarray(options->listen_addrs, in add_one_listen_addr()
807 options->num_listen_addrs, options->num_listen_addrs + 1, in add_one_listen_addr()
808 sizeof(*options->listen_addrs)); in add_one_listen_addr()
809 i = options->num_listen_addrs++; in add_one_listen_addr()
811 options->listen_addrs[i].rdomain = xstrdup(rdomain); in add_one_listen_addr()
813 /* options->listen_addrs[i] points to the addresses for this rdomain */ in add_one_listen_addr()
816 hints.ai_family = options->address_family; in add_one_listen_addr()
826 ai->ai_next = options->listen_addrs[i].addrs; in add_one_listen_addr()
827 options->listen_addrs[i].addrs = aitop; in add_one_listen_addr()
868 * and AddressFamily options.
871 queue_listen_addr(ServerOptions *options, const char *addr, in queue_listen_addr() argument
876 options->queued_listen_addrs = xrecallocarray( in queue_listen_addr()
877 options->queued_listen_addrs, in queue_listen_addr()
878 options->num_queued_listens, options->num_queued_listens + 1, in queue_listen_addr()
879 sizeof(*options->queued_listen_addrs)); in queue_listen_addr()
880 qla = &options->queued_listen_addrs[options->num_queued_listens++]; in queue_listen_addr()
890 process_queued_listen_addrs(ServerOptions *options) in process_queued_listen_addrs() argument
895 if (options->num_ports == 0) in process_queued_listen_addrs()
896 options->ports[options->num_ports++] = SSH_DEFAULT_PORT; in process_queued_listen_addrs()
897 if (options->address_family == -1) in process_queued_listen_addrs()
898 options->address_family = AF_UNSPEC; in process_queued_listen_addrs()
900 for (i = 0; i < options->num_queued_listens; i++) { in process_queued_listen_addrs()
901 qla = &options->queued_listen_addrs[i]; in process_queued_listen_addrs()
902 add_listen_addr(options, qla->addr, qla->rdomain, qla->port); in process_queued_listen_addrs()
906 free(options->queued_listen_addrs); in process_queued_listen_addrs()
907 options->queued_listen_addrs = NULL; in process_queued_listen_addrs()
908 options->num_queued_listens = 0; in process_queued_listen_addrs()
912 * Inform channels layer of permitopen options for a single forwarding
954 * Inform channels layer of permitopen options from configuration.
957 process_permitopen(struct ssh *ssh, ServerOptions *options) in process_permitopen() argument
960 options->permitted_opens, options->num_permitted_opens); in process_permitopen()
962 options->permitted_listens, in process_permitopen()
963 options->num_permitted_listens); in process_permitopen()
994 * options set are copied into the main server config.
1264 process_server_config_line_depth(ServerOptions *options, char *line, in process_server_config_line_depth() argument
1321 /* Portable-specific options */ in process_server_config_line_depth()
1323 intptr = &options->use_pam; in process_server_config_line_depth()
1326 /* Standard Options */ in process_server_config_line_depth()
1331 if (options->ports_from_cmdline) in process_server_config_line_depth()
1333 if (options->num_ports >= MAX_PORTS) in process_server_config_line_depth()
1340 options->ports[options->num_ports++] = a2port(arg); in process_server_config_line_depth()
1341 if (options->ports[options->num_ports-1] <= 0) in process_server_config_line_depth()
1347 intptr = &options->login_grace_time; in process_server_config_line_depth()
1396 queue_listen_addr(options, p, arg2, port); in process_server_config_line_depth()
1401 intptr = &options->address_family; in process_server_config_line_depth()
1429 options, arg, 1); in process_server_config_line_depth()
1434 charptr = &options->host_key_agent; in process_server_config_line_depth()
1450 servconf_add_hostcert(filename, linenum, options, arg); in process_server_config_line_depth()
1454 charptr = &options->pid_file; in process_server_config_line_depth()
1469 intptr = &options->permit_root_login; in process_server_config_line_depth()
1474 intptr = &options->ignore_rhosts; in process_server_config_line_depth()
1479 intptr = &options->ignore_user_known_hosts; in process_server_config_line_depth()
1485 intptr = &options->hostbased_authentication; in process_server_config_line_depth()
1489 intptr = &options->hostbased_uses_name_from_packet_only; in process_server_config_line_depth()
1493 charptr = &options->hostbased_key_types; in process_server_config_line_depth()
1509 charptr = &options->hostkeyalgorithms; in process_server_config_line_depth()
1513 charptr = &options->ca_sign_algorithms; in process_server_config_line_depth()
1517 intptr = &options->pubkey_authentication; in process_server_config_line_depth()
1521 charptr = &options->pubkey_key_types; in process_server_config_line_depth()
1525 intptr = &options->pubkey_auth_options; in process_server_config_line_depth()
1543 intptr = &options->kerberos_authentication; in process_server_config_line_depth()
1547 intptr = &options->kerberos_or_local_passwd; in process_server_config_line_depth()
1551 intptr = &options->kerberos_ticket_cleanup; in process_server_config_line_depth()
1555 intptr = &options->kerberos_get_afs_token; in process_server_config_line_depth()
1559 intptr = &options->gss_authentication; in process_server_config_line_depth()
1563 intptr = &options->gss_cleanup_creds; in process_server_config_line_depth()
1567 intptr = &options->gss_strict_acceptor; in process_server_config_line_depth()
1571 intptr = &options->password_authentication; in process_server_config_line_depth()
1575 intptr = &options->kbd_interactive_authentication; in process_server_config_line_depth()
1579 intptr = &options->challenge_response_authentication; in process_server_config_line_depth()
1583 intptr = &options->print_motd; in process_server_config_line_depth()
1587 intptr = &options->print_lastlog; in process_server_config_line_depth()
1591 intptr = &options->x11_forwarding; in process_server_config_line_depth()
1595 intptr = &options->x11_display_offset; in process_server_config_line_depth()
1606 intptr = &options->x11_use_localhost; in process_server_config_line_depth()
1610 charptr = &options->xauth_location; in process_server_config_line_depth()
1614 intptr = &options->permit_tty; in process_server_config_line_depth()
1618 intptr = &options->permit_user_rc; in process_server_config_line_depth()
1622 intptr = &options->strict_modes; in process_server_config_line_depth()
1626 intptr = &options->tcp_keep_alive; in process_server_config_line_depth()
1630 intptr = &options->permit_empty_passwd; in process_server_config_line_depth()
1634 intptr = &options->permit_user_env; in process_server_config_line_depth()
1635 charptr = &options->permit_user_env_whitelist; in process_server_config_line_depth()
1660 intptr = &options->compression; in process_server_config_line_depth()
1679 if (*activep && options->rekey_limit == -1) in process_server_config_line_depth()
1680 options->rekey_limit = val64; in process_server_config_line_depth()
1686 intptr = &options->rekey_interval; in process_server_config_line_depth()
1692 intptr = &options->fwd_opts.gateway_ports; in process_server_config_line_depth()
1697 intptr = &options->use_dns; in process_server_config_line_depth()
1701 log_facility_ptr = &options->log_facility; in process_server_config_line_depth()
1712 log_level_ptr = &options->log_level; in process_server_config_line_depth()
1723 intptr = &options->allow_tcp_forwarding; in process_server_config_line_depth()
1728 intptr = &options->allow_streamlocal_forwarding; in process_server_config_line_depth()
1733 intptr = &options->allow_agent_forwarding; in process_server_config_line_depth()
1737 intptr = &options->disable_forwarding; in process_server_config_line_depth()
1748 &options->allow_users, &options->num_allow_users, in process_server_config_line_depth()
1761 &options->deny_users, &options->num_deny_users, in process_server_config_line_depth()
1771 &options->allow_groups, &options->num_allow_groups, in process_server_config_line_depth()
1781 &options->deny_groups, &options->num_deny_groups, in process_server_config_line_depth()
1794 if (options->ciphers == NULL) in process_server_config_line_depth()
1795 options->ciphers = xstrdup(arg); in process_server_config_line_depth()
1806 if (options->macs == NULL) in process_server_config_line_depth()
1807 options->macs = xstrdup(arg); in process_server_config_line_depth()
1820 if (options->kex_algorithms == NULL) in process_server_config_line_depth()
1821 options->kex_algorithms = xstrdup(arg); in process_server_config_line_depth()
1825 if (options->num_subsystems >= MAX_SUBSYSTEMS) { in process_server_config_line_depth()
1837 for (i = 0; i < options->num_subsystems; i++) in process_server_config_line_depth()
1838 if (strcmp(arg, options->subsystem_name[i]) == 0) in process_server_config_line_depth()
1841 options->subsystem_name[options->num_subsystems] = xstrdup(arg); in process_server_config_line_depth()
1846 options->subsystem_command[options->num_subsystems] = xstrdup(arg); in process_server_config_line_depth()
1857 options->subsystem_args[options->num_subsystems] = p; in process_server_config_line_depth()
1858 options->num_subsystems++; in process_server_config_line_depth()
1867 &options->max_startups_begin, in process_server_config_line_depth()
1868 &options->max_startups_rate, in process_server_config_line_depth()
1869 &options->max_startups)) == 3) { in process_server_config_line_depth()
1870 if (options->max_startups_begin > in process_server_config_line_depth()
1871 options->max_startups || in process_server_config_line_depth()
1872 options->max_startups_rate > 100 || in process_server_config_line_depth()
1873 options->max_startups_rate < 1) in process_server_config_line_depth()
1880 options->max_startups = options->max_startups_begin; in process_server_config_line_depth()
1884 intptr = &options->max_authtries; in process_server_config_line_depth()
1888 intptr = &options->max_sessions; in process_server_config_line_depth()
1892 charptr = &options->banner; in process_server_config_line_depth()
1896 * These options can contain %X options expanded at in process_server_config_line_depth()
1902 if (*activep && options->num_authkeys_files == 0) { in process_server_config_line_depth()
1907 &options->authorized_keys_files, in process_server_config_line_depth()
1908 &options->num_authkeys_files, arg); in process_server_config_line_depth()
1915 charptr = &options->authorized_principals_file; in process_server_config_line_depth()
1929 intptr = &options->client_alive_interval; in process_server_config_line_depth()
1933 intptr = &options->client_alive_count_max; in process_server_config_line_depth()
1944 &options->accept_env, &options->num_accept_env, in process_server_config_line_depth()
1950 uvalue = options->num_setenv; in process_server_config_line_depth()
1958 &options->setenv, &options->num_setenv, arg); in process_server_config_line_depth()
1963 intptr = &options->permit_tun; in process_server_config_line_depth()
2006 parse_server_config_depth(options, in process_server_config_line_depth()
2054 parse_server_config_depth(options, in process_server_config_line_depth()
2085 uintptr = &options->num_permitted_listens; in process_server_config_line_depth()
2086 chararrayptr = &options->permitted_listens; in process_server_config_line_depth()
2088 uintptr = &options->num_permitted_opens; in process_server_config_line_depth()
2089 chararrayptr = &options->permitted_opens; in process_server_config_line_depth()
2144 if (*activep && options->adm_forced_command == NULL) in process_server_config_line_depth()
2145 options->adm_forced_command = xstrdup(cp + len); in process_server_config_line_depth()
2149 charptr = &options->chroot_directory; in process_server_config_line_depth()
2160 charptr = &options->trusted_user_ca_keys; in process_server_config_line_depth()
2164 charptr = &options->revoked_keys_file; in process_server_config_line_depth()
2168 charptr = &options->sk_provider; in process_server_config_line_depth()
2194 options->ip_qos_interactive = value; in process_server_config_line_depth()
2195 options->ip_qos_bulk = value2; in process_server_config_line_depth()
2204 if (*activep && options->version_addendum == NULL) { in process_server_config_line_depth()
2206 options->version_addendum = xstrdup(""); in process_server_config_line_depth()
2211 options->version_addendum = xstrdup(cp + len); in process_server_config_line_depth()
2220 if (*activep && options->authorized_keys_command == NULL) { in process_server_config_line_depth()
2225 options->authorized_keys_command = xstrdup(cp + len); in process_server_config_line_depth()
2230 charptr = &options->authorized_keys_command_user; in process_server_config_line_depth()
2246 options->authorized_principals_command == NULL) { in process_server_config_line_depth()
2251 options->authorized_principals_command = in process_server_config_line_depth()
2257 charptr = &options->authorized_principals_command_user; in process_server_config_line_depth()
2269 if (options->num_auth_methods == 0) { in process_server_config_line_depth()
2274 if (options->num_auth_methods > 0) { in process_server_config_line_depth()
2295 &options->auth_methods, in process_server_config_line_depth()
2296 &options->num_auth_methods, arg); in process_server_config_line_depth()
2315 options->fwd_opts.streamlocal_bind_mask = (mode_t)value; in process_server_config_line_depth()
2319 intptr = &options->fwd_opts.streamlocal_bind_unlink; in process_server_config_line_depth()
2331 options->fingerprint_hash = value; in process_server_config_line_depth()
2335 intptr = &options->expose_userauth_info; in process_server_config_line_depth()
2343 charptr = &options->routing_domain; in process_server_config_line_depth()
2378 process_server_config_line(ServerOptions *options, char *line, in process_server_config_line() argument
2382 return process_server_config_line_depth(options, line, filename, in process_server_config_line()
2424 parse_server_match_config(ServerOptions *options, in parse_server_match_config() argument
2442 copy_set_server_options(options, &mo, 0); in parse_server_match_config()
2563 * The only things that should be below this point are string options in copy_set_server_options()
2569 /* These options may be "none" to clear a global setting */ in copy_set_server_options()
2588 parse_server_config_depth(ServerOptions *options, const char *filename, in parse_server_config_depth() argument
2604 if (process_server_config_line_depth(options, cp, in parse_server_config_depth()
2611 fatal("%s: terminating, %d bad configuration options", in parse_server_config_depth()
2613 process_queued_listen_addrs(options); in parse_server_config_depth()
2617 parse_server_config(ServerOptions *options, const char *filename, in parse_server_config() argument
2622 parse_server_config_depth(options, filename, conf, includes, in parse_server_config()