diff options
author | djm@openbsd.org <djm@openbsd.org> | 2023-01-06 02:47:18 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2023-01-06 16:23:16 +1100 |
commit | 2d1ff2b9431393ad99ef496d5e3b9dd0d4f5ac8c (patch) | |
tree | 3f244d571a85c08ae82b00c079af13b12e49e462 /servconf.h | |
parent | 0e34348d0bc0b1522f75d6212a53d6d1d1367980 (diff) | |
download | openssh-git-2d1ff2b9431393ad99ef496d5e3b9dd0d4f5ac8c.tar.gz |
upstream: Implement channel inactivity timeouts
This adds a sshd_config ChannelTimeouts directive that allows channels that
have not seen traffic in a configurable interval to be automatically closed.
Different timeouts may be applied to session, X11, agent and TCP forwarding
channels.
Note: this only affects channels over an opened SSH connection and not
the connection itself. Most clients close the connection when their channels
go away, with a notable exception being ssh(1) in multiplexing mode.
ok markus dtucker
OpenBSD-Commit-ID: ae8bba3ed9d9f95ff2e2dc8dcadfa36b48e6c0b8
Diffstat (limited to 'servconf.h')
-rw-r--r-- | servconf.h | 7 |
1 files changed, 6 insertions, 1 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: servconf.h,v 1.157 2022/09/17 10:34:29 djm Exp $ */ +/* $OpenBSD: servconf.h,v 1.158 2023/01/06 02:47:19 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -230,6 +230,9 @@ typedef struct { u_int64_t timing_secret; char *sk_provider; int required_rsa_size; /* minimum size of RSA keys */ + + char **channel_timeouts; /* inactivity timeout by channel type */ + u_int num_channel_timeouts; } ServerOptions; /* Information about the incoming connection as used by Match */ @@ -287,6 +290,7 @@ TAILQ_HEAD(include_list, include_item); M_CP_STRARRAYOPT(auth_methods, num_auth_methods); \ M_CP_STRARRAYOPT(permitted_opens, num_permitted_opens); \ M_CP_STRARRAYOPT(permitted_listens, num_permitted_listens); \ + M_CP_STRARRAYOPT(channel_timeouts, num_channel_timeouts); \ M_CP_STRARRAYOPT(log_verbose, num_log_verbose); \ } while (0) @@ -296,6 +300,7 @@ void fill_default_server_options(ServerOptions *); int process_server_config_line(ServerOptions *, char *, const char *, int, int *, struct connection_info *, struct include_list *includes); void process_permitopen(struct ssh *ssh, ServerOptions *options); +void process_channel_timeouts(struct ssh *ssh, ServerOptions *); void load_server_config(const char *, struct sshbuf *); void parse_server_config(ServerOptions *, const char *, struct sshbuf *, struct include_list *includes, struct connection_info *, int); |