[gssapi-openssh.git] / openssh / monitor_wrap.h

/* $OpenBSD: monitor_wrap.h,v 1.21 2008/11/04 08:22:13 djm Exp $ */

/*
 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#ifndef _MM_WRAP_H_
#define _MM_WRAP_H_

extern int use_privsep;
#define PRIVSEP(x)	(use_privsep ? mm_##x : x)

enum mm_keytype {MM_NOKEY, MM_HOSTKEY, MM_USERKEY, MM_RSAHOSTKEY, MM_RSAUSERKEY};

struct monitor;
struct mm_master;
struct Authctxt;

int mm_is_monitor(void);
DH *mm_choose_dh(int, int, int);
int mm_key_sign(Key *, u_char **, u_int *, u_char *, u_int);
void mm_inform_authserv(char *, char *);
struct passwd *mm_getpwnamallow(const char *);
char *mm_auth2_read_banner(void);
int mm_auth_password(struct Authctxt *, char *);
int mm_key_allowed(enum mm_keytype, char *, char *, Key *);
int mm_user_key_allowed(struct passwd *, Key *);
int mm_hostbased_key_allowed(struct passwd *, char *, char *, Key *);
int mm_auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *);
int mm_key_verify(Key *, u_char *, u_int, u_char *, u_int);
int mm_auth_rsa_key_allowed(struct passwd *, BIGNUM *, Key **);
int mm_auth_rsa_verify_response(Key *, BIGNUM *, u_char *);
BIGNUM *mm_auth_rsa_generate_challenge(Key *);

#ifdef GSSAPI
OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *,
   gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *);
int mm_ssh_gssapi_userok(char *user, struct passwd *);
OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
OM_uint32 mm_ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t);
int mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *);
#endif

#ifdef USE_PAM
void mm_start_pam(struct Authctxt *);
u_int mm_do_pam_account(void);
void *mm_sshpam_init_ctx(struct Authctxt *);
int mm_sshpam_query(void *, char **, char **, u_int *, char ***, u_int **);
int mm_sshpam_respond(void *, u_int, char **);
void mm_sshpam_free_ctx(void *);
#endif

#ifdef SSH_AUDIT_EVENTS
#include "audit.h"
void mm_audit_event(ssh_audit_event_t);
void mm_audit_run_command(const char *);
#endif

struct Session;
void mm_terminate(void);
int mm_pty_allocate(int *, int *, char *, size_t);
void mm_session_pty_cleanup2(struct Session *);

/* SSHv1 interfaces */
void mm_ssh1_session_id(u_char *);
int mm_ssh1_session_key(BIGNUM *);

/* Key export functions */
struct Newkeys *mm_newkeys_from_blob(u_char *, int);
int mm_newkeys_to_blob(int, u_char **, u_int *);

void monitor_apply_keystate(struct monitor *);
void mm_get_keystate(struct monitor *);
void mm_send_keystate(struct monitor*);

/* bsdauth */
int mm_bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **);
int mm_bsdauth_respond(void *, u_int, char **);

/* skey */
int mm_skey_query(void *, char **, char **, u_int *, char ***, u_int **);
int mm_skey_respond(void *, u_int, char **);

/* jpake */
struct jpake_group;
void mm_auth2_jpake_get_pwdata(struct Authctxt *, BIGNUM **, char **, char **);
void mm_jpake_step1(struct jpake_group *, u_char **, u_int *,
    BIGNUM **, BIGNUM **, BIGNUM **, BIGNUM **,
    u_char **, u_int *, u_char **, u_int *);
void mm_jpake_step2(struct jpake_group *, BIGNUM *,
    BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *,
    const u_char *, u_int, const u_char *, u_int,
    const u_char *, u_int, const u_char *, u_int,
    BIGNUM **, u_char **, u_int *);
void mm_jpake_key_confirm(struct jpake_group *, BIGNUM *, BIGNUM *,
    BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *, BIGNUM *,
    const u_char *, u_int, const u_char *, u_int,
    const u_char *, u_int, const u_char *, u_int,
    BIGNUM **, u_char **, u_int *);
int mm_jpake_check_confirm(const BIGNUM *,
    const u_char *, u_int, const u_char *, u_int, const u_char *, u_int);


/* zlib allocation hooks */

void *mm_zalloc(struct mm_master *, u_int, u_int);
void mm_zfree(struct mm_master *, void *);
void mm_init_compression(struct mm_master *);

#endif /* _MM_WRAP_H_ */
Commit	Line	Data
91d9cdd3	1	/* $OpenBSD: monitor_wrap.h,v 1.21 2008/11/04 08:22:13 djm Exp $ */
700318f3	2
	3	/*
	4	* Copyright 2002 Niels Provos <provos@citi.umich.edu>
	5	* All rights reserved.
	6	*
	7	* Redistribution and use in source and binary forms, with or without
	8	* modification, are permitted provided that the following conditions
	9	* are met:
	10	* 1. Redistributions of source code must retain the above copyright
	11	* notice, this list of conditions and the following disclaimer.
	12	* 2. Redistributions in binary form must reproduce the above copyright
	13	* notice, this list of conditions and the following disclaimer in the
	14	* documentation and/or other materials provided with the distribution.
	15	*
	16	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
	17	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	18	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	19	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
	20	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	21	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	22	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	23	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	24	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	25	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	26	*/
	27
	28	#ifndef _MM_WRAP_H_
	29	#define _MM_WRAP_H_
700318f3	30
	31	extern int use_privsep;
	32	#define PRIVSEP(x) (use_privsep ? mm_##x : x)
	33
	34	enum mm_keytype {MM_NOKEY, MM_HOSTKEY, MM_USERKEY, MM_RSAHOSTKEY, MM_RSAUSERKEY};
	35
	36	struct monitor;
	37	struct mm_master;
700318f3	38	struct Authctxt;
700318f3	39
cdd66111	40	int mm_is_monitor(void);
700318f3	41	DH *mm_choose_dh(int, int, int);
	42	int mm_key_sign(Key , u_char , u_int , u_char *, u_int);
	43	void mm_inform_authserv(char , char );
	44	struct passwd mm_getpwnamallow(const char );
41b2f314	45	char *mm_auth2_read_banner(void);
700318f3	46	int mm_auth_password(struct Authctxt , char );
	47	int mm_key_allowed(enum mm_keytype, char , char , Key *);
	48	int mm_user_key_allowed(struct passwd , Key );
	49	int mm_hostbased_key_allowed(struct passwd , char , char , Key );
	50	int mm_auth_rhosts_rsa_key_allowed(struct passwd , char , char , Key );
	51	int mm_key_verify(Key , u_char , u_int, u_char *, u_int);
	52	int mm_auth_rsa_key_allowed(struct passwd , BIGNUM , Key **);
	53	int mm_auth_rsa_verify_response(Key , BIGNUM , u_char *);
	54	BIGNUM mm_auth_rsa_generate_challenge(Key );
	55
0fff78ff	56	#ifdef GSSAPI
c9f39d2c	57	OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
	58	OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *,
	59	gss_buffer_desc , gss_buffer_desc , OM_uint32 *);
f97edba6	60	int mm_ssh_gssapi_userok(char user, struct passwd );
cdd66111	61	OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
f97edba6	62	OM_uint32 mm_ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t);
f97edba6	63	int mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *);
0fff78ff	64	#endif
0fff78ff	65
700318f3	66	#ifdef USE_PAM
99be0775	67	void mm_start_pam(struct Authctxt *);
0fff78ff	68	u_int mm_do_pam_account(void);
	69	void mm_sshpam_init_ctx(struct Authctxt );
	70	int mm_sshpam_query(void , char , char , u_int , char *, u_int );
	71	int mm_sshpam_respond(void , u_int, char *);
	72	void mm_sshpam_free_ctx(void *);
700318f3	73	#endif
700318f3	74
996d5e62	75	#ifdef SSH_AUDIT_EVENTS
	76	#include "audit.h"
	77	void mm_audit_event(ssh_audit_event_t);
	78	void mm_audit_run_command(const char *);
	79	#endif
	80
cdd66111	81	struct Session;
700318f3	82	void mm_terminate(void);
9108f8d9	83	int mm_pty_allocate(int , int , char *, size_t);
cdd66111	84	void mm_session_pty_cleanup2(struct Session *);
700318f3	85
	86	/* SSHv1 interfaces */
	87	void mm_ssh1_session_id(u_char *);
	88	int mm_ssh1_session_key(BIGNUM *);
	89
	90	/* Key export functions */
	91	struct Newkeys mm_newkeys_from_blob(u_char , int);
	92	int mm_newkeys_to_blob(int, u_char *, u_int );
	93
	94	void monitor_apply_keystate(struct monitor *);
	95	void mm_get_keystate(struct monitor *);
	96	void mm_send_keystate(struct monitor*);
	97
	98	/* bsdauth */
	99	int mm_bsdauth_query(void , char , char , u_int , char *, u_int );
	100	int mm_bsdauth_respond(void , u_int, char *);
	101
	102	/* skey */
	103	int mm_skey_query(void , char , char , u_int , char *, u_int );
	104	int mm_skey_respond(void , u_int, char *);
	105
91d9cdd3	106	/* jpake */
	107	struct jpake_group;
	108	void mm_auth2_jpake_get_pwdata(struct Authctxt , BIGNUM , char , char *);
	109	void mm_jpake_step1(struct jpake_group , u_char , u_int ,
	110	BIGNUM , BIGNUM , BIGNUM , BIGNUM ,
	111	u_char *, u_int , u_char *, u_int );
	112	void mm_jpake_step2(struct jpake_group , BIGNUM ,
	113	BIGNUM , BIGNUM , BIGNUM , BIGNUM ,
	114	const u_char , u_int, const u_char , u_int,
	115	const u_char , u_int, const u_char , u_int,
	116	BIGNUM , u_char , u_int *);
	117	void mm_jpake_key_confirm(struct jpake_group , BIGNUM , BIGNUM *,
	118	BIGNUM , BIGNUM , BIGNUM , BIGNUM , BIGNUM *,
	119	const u_char , u_int, const u_char , u_int,
	120	const u_char , u_int, const u_char , u_int,
	121	BIGNUM , u_char , u_int *);
	122	int mm_jpake_check_confirm(const BIGNUM *,
	123	const u_char , u_int, const u_char , u_int, const u_char *, u_int);
	124
	125
700318f3	126	/* zlib allocation hooks */
	127
	128	void mm_zalloc(struct mm_master , u_int, u_int);
	129	void mm_zfree(struct mm_master , void );
	130	void mm_init_compression(struct mm_master *);
	131
9108f8d9	132	#endif /* _MM_WRAP_H_ */