diff options
Diffstat (limited to 'crypto/openssh/readconf.h')
-rw-r--r-- | crypto/openssh/readconf.h | 34 |
1 files changed, 23 insertions, 11 deletions
diff --git a/crypto/openssh/readconf.h b/crypto/openssh/readconf.h index 31f4acb47084..9447d5d6e53d 100644 --- a/crypto/openssh/readconf.h +++ b/crypto/openssh/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.146 2021/12/19 22:14:47 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.156 2024/03/04 02:16:11 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -28,6 +28,7 @@ struct allowed_cname { }; typedef struct { + char *host_arg; /* Host arg as specified on command line. */ int forward_agent; /* Forward authentication agent. */ char *forward_agent_sock_path; /* Optional path of the agent. */ int forward_x11; /* Forward X11 display. */ @@ -69,6 +70,7 @@ typedef struct { char *kex_algorithms; /* SSH2 kex methods in order of preference. */ char *ca_sign_algorithms; /* Allowed CA signature algorithms */ char *hostname; /* Real host to connect. */ + char *tag; /* Configuration tag name. */ char *host_key_alias; /* hostname alias for .ssh/known_hosts */ char *proxy_command; /* Proxy command for connecting the host. */ char *user; /* User to log in as. */ @@ -85,7 +87,7 @@ typedef struct { char *sk_provider; /* Security key provider */ int verify_host_key_dns; /* Verify host key using DNS */ - int num_identity_files; /* Number of files for RSA/DSA identities. */ + int num_identity_files; /* Number of files for identities. */ char *identity_files[SSH_MAX_IDENTITY_FILES]; int identity_file_userprovided[SSH_MAX_IDENTITY_FILES]; struct sshkey *identity_keys[SSH_MAX_IDENTITY_FILES]; @@ -124,10 +126,10 @@ typedef struct { int server_alive_interval; int server_alive_count_max; - int num_send_env; - char **send_env; - int num_setenv; - char **setenv; + u_int num_send_env; + char **send_env; + u_int num_setenv; + char **setenv; char *control_path; int control_master; @@ -153,12 +155,12 @@ typedef struct { int proxy_use_fdpass; int num_canonical_domains; - char *canonical_domains[MAX_CANON_DOMAINS]; + char **canonical_domains; int canonicalize_hostname; int canonicalize_max_dots; int canonicalize_fallback_local; int num_permitted_cnames; - struct allowed_cname permitted_cnames[MAX_CANON_DOMAINS]; + struct allowed_cname *permitted_cnames; char *revoked_host_keys; @@ -169,8 +171,6 @@ typedef struct { char *hostbased_accepted_algos; char *pubkey_accepted_algos; - char *version_addendum; /* Appended to SSH banner */ - char *jump_user; char *jump_host; int jump_port; @@ -178,6 +178,13 @@ typedef struct { char *known_hosts_command; + int required_rsa_size; /* minimum size of RSA keys */ + int enable_escape_commandline; /* ~C commandline */ + int obscure_keystroke_timing_interval; + + char **channel_timeouts; /* inactivity timeout by channel type */ + u_int num_channel_timeouts; + char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ } Options; @@ -219,9 +226,14 @@ typedef struct { #define SSH_STRICT_HOSTKEY_YES 2 #define SSH_STRICT_HOSTKEY_ASK 3 +/* ObscureKeystrokes parameters */ +#define SSH_KEYSTROKE_DEFAULT_INTERVAL_MS 20 +#define SSH_KEYSTROKE_CHAFF_MIN_MS 1024 +#define SSH_KEYSTROKE_CHAFF_RNG_MS 2048 + const char *kex_default_pk_alg(void); char *ssh_connection_hash(const char *thishost, const char *host, - const char *portstr, const char *user); + const char *portstr, const char *user, const char *jump_host); void initialize_options(Options *); int fill_default_options(Options *); void fill_default_options_for_canonicalization(Options *); |