-/* $OpenBSD: sshconnect.h,v 1.8 2001/04/06 21:00:15 markus Exp $ */
+/* $OpenBSD: sshconnect.h,v 1.25 2009/05/27 06:38:16 andreas Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-#ifndef SSHCONNECT_H
-#define SSHCONNECT_H
-/*
- * Opens a TCP/IP connection to the remote server on the given host. If port
- * is 0, the default port will be used. If anonymous is zero, a privileged
- * port will be allocated to make the connection. This requires super-user
- * privileges if anonymous is false. Connection_attempts specifies the
- * maximum number of tries, one per second. This returns true on success,
- * and zero on failure. If the connection is successful, this calls
- * packet_set_connection for the connection.
- */
-int
-ssh_connect(const char *host, struct sockaddr_storage * hostaddr,
- u_short port, int connection_attempts,
- int anonymous, struct passwd *pw,
- const char *proxy_command);
-/*
- * Starts a dialog with the server, and authenticates the current user on the
- * server. This does not need any extra privileges. The basic connection to
- * the server must already have been established before this is called. If
- * login fails, this function prints an error and never returns. This
- * initializes the random state, and leaves it initialized (it will also have
- * references from the packet module).
- */
+typedef struct Sensitive Sensitive;
+struct Sensitive {
+ Key **keys;
+ int nkeys;
+ int external_keysign;
+};
+
+int
+ssh_connect(const char *, struct sockaddr_storage *, u_short, int, int,
+ int *, int, int, const char *);
void
-ssh_login(Key *host_key, const char *host,
- struct sockaddr * hostaddr, struct passwd *pw);
+ssh_login(Sensitive *, const char *, struct sockaddr *, struct passwd *, int);
+void ssh_exchange_identification(int);
-void
-check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
- const char *user_hostfile, const char *system_hostfile);
+int verify_host_key(char *, struct sockaddr *, Key *);
-void ssh_kex(char *host, struct sockaddr *hostaddr);
-void
-ssh_userauth(const char * local_user, const char * server_user, char *host,
- Key *own_host_key);
+void ssh_kex(char *, struct sockaddr *);
+void ssh_kex2(char *, struct sockaddr *);
-void ssh_kex2(char *host, struct sockaddr *hostaddr);
-void ssh_userauth2(const char *server_user, char *host);
+void ssh_userauth1(const char *, const char *, char *, Sensitive *);
+void ssh_userauth2(const char *, const char *, char *, Sensitive *);
-void ssh_put_password(char *password);
+void ssh_put_password(char *);
+int ssh_local_cmd(const char *);
+
+/*
+ * Macros to raise/lower permissions.
+ */
+#define PRIV_START do { \
+ int save_errno = errno; \
+ if (seteuid(original_effective_uid) != 0) \
+ fatal("PRIV_START: seteuid: %s", \
+ strerror(errno)); \
+ errno = save_errno; \
+} while (0)
-#endif
+#define PRIV_END do { \
+ int save_errno = errno; \
+ if (seteuid(original_real_uid) != 0) \
+ fatal("PRIV_END: seteuid: %s", \
+ strerror(errno)); \
+ errno = save_errno; \
+} while (0)