1 files changed, 12 insertions, 2 deletions

diff --git a/servconf.h b/servconf.h
index c2848a76..ffcbc331 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.h,v 1.124 2017/06/24 06:34:38 djm Exp $ */
+/* $OpenBSD: servconf.h,v 1.125 2017/09/12 06:32:07 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -48,12 +48,19 @@
 #define FORWARD_LOCAL		(1<<1)
 #define FORWARD_ALLOW		(FORWARD_REMOTE|FORWARD_LOCAL)
 
+/* PermitOpen */
+#define PERMITOPEN_ANY		0
+#define PERMITOPEN_NONE		-2
+
 #define DEFAULT_AUTH_FAIL_MAX	6	/* Default for MaxAuthTries */
 #define DEFAULT_SESSIONS_MAX	10	/* Default for MaxSessions */
 
 /* Magic name for internal sftp-server */
 #define INTERNAL_SFTP_NAME	"internal-sftp"
 
+struct ssh;
+struct fwd_perm_list;
+
 typedef struct {
 	u_int	num_ports;
 	u_int	ports_from_cmdline;
@@ -169,7 +176,8 @@ typedef struct {
 
 	int	permit_tun;
 
-	int	num_permitted_opens;
+	char   **permitted_opens;
+	u_int   num_permitted_opens; /* May also be one of PERMITOPEN_* */
 
 	char   *chroot_directory;
 	char   *revoked_keys_file;
@@ -229,6 +237,7 @@ struct connection_info {
 		M_CP_STRARRAYOPT(deny_groups, num_deny_groups); \
 		M_CP_STRARRAYOPT(accept_env, num_accept_env); \
 		M_CP_STRARRAYOPT(auth_methods, num_auth_methods); \
+		M_CP_STRARRAYOPT(permitted_opens, num_permitted_opens); \
 	} while (0)
 
 struct connection_info *get_connection_info(int, int);
@@ -236,6 +245,7 @@ void	 initialize_server_options(ServerOptions *);
 void	 fill_default_server_options(ServerOptions *);
 int	 process_server_config_line(ServerOptions *, char *, const char *, int,
 	     int *, struct connection_info *);
+void	 process_permitopen(struct ssh *ssh, ServerOptions *options);
 void	 load_server_config(const char *, Buffer *);
 void	 parse_server_config(ServerOptions *, const char *, Buffer *,
 	     struct connection_info *);