- djm@cvs.openbsd.org 2010/01/30 02:54:53

[openssh.git] / authfd.h

diff --git a/authfd.h b/authfd.h
index e8a0ec88f482a19448e49e85e2713b1e2c3a4541..2582a27aa52fce6d6cd9dfec44740a4707d3af8d 100644 (file)
--- a/authfd.h
+++ b/authfd.h
@@ -1,4 +1,4 @@
-/*     $OpenBSD: authfd.h,v 1.24 2002/03/21 22:44:05 rees Exp $        */
+/* $OpenBSD: authfd.h,v 1.37 2009/08/27 17:44:52 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -16,8 +16,6 @@
 #ifndef AUTHFD_H
 #define AUTHFD_H
 
-#include "buffer.h"
-
 /* Messages for the authentication agent connection. */
 #define SSH_AGENTC_REQUEST_RSA_IDENTITIES      1
 #define SSH_AGENT_RSA_IDENTITIES_ANSWER                2
@@ -40,34 +38,50 @@
 
 /* smartcard */
 #define SSH_AGENTC_ADD_SMARTCARD_KEY           20
-#define SSH_AGENTC_REMOVE_SMARTCARD_KEY                21
+#define SSH_AGENTC_REMOVE_SMARTCARD_KEY                21
+
+/* lock/unlock the agent */
+#define SSH_AGENTC_LOCK                                22
+#define SSH_AGENTC_UNLOCK                      23
+
+/* add key with constraints */
+#define SSH_AGENTC_ADD_RSA_ID_CONSTRAINED      24
+#define SSH2_AGENTC_ADD_ID_CONSTRAINED         25
+#define SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED 26
+
+#define        SSH_AGENT_CONSTRAIN_LIFETIME            1
+#define        SSH_AGENT_CONSTRAIN_CONFIRM             2
 
 /* extended failure messages */
 #define SSH2_AGENT_FAILURE                     30
 
 /* additional error code for ssh.com's ssh-agent2 */
-#define SSH_COM_AGENT2_FAILURE                  102
+#define SSH_COM_AGENT2_FAILURE                 102
 
 #define        SSH_AGENT_OLD_SIGNATURE                 0x01
 
 typedef struct {
-       int     fd;
-       Buffer  identities;
-       int     howmany;
-}       AuthenticationConnection;
+       int     fd;
+       Buffer  identities;
+       int     howmany;
+}      AuthenticationConnection;
 
-int      ssh_get_authentication_socket(void);
-void     ssh_close_authentication_socket(int);
+int    ssh_agent_present(void);
+int    ssh_get_authentication_socket(void);
+void   ssh_close_authentication_socket(int);
 
 AuthenticationConnection *ssh_get_authentication_connection(void);
-void     ssh_close_authentication_connection(AuthenticationConnection *);
+void   ssh_close_authentication_connection(AuthenticationConnection *);
 int     ssh_get_num_identities(AuthenticationConnection *, int);
 Key    *ssh_get_first_identity(AuthenticationConnection *, char **, int);
 Key    *ssh_get_next_identity(AuthenticationConnection *, char **, int);
-int     ssh_add_identity(AuthenticationConnection *, Key *, const char *);
+int     ssh_add_identity_constrained(AuthenticationConnection *, Key *,
+    const char *, u_int, u_int);
 int     ssh_remove_identity(AuthenticationConnection *, Key *);
 int     ssh_remove_all_identities(AuthenticationConnection *, int);
-int     ssh_update_card(AuthenticationConnection *, int, const char *, const char *);
+int     ssh_lock_agent(AuthenticationConnection *, int, const char *);
+int     ssh_update_card(AuthenticationConnection *, int, const char *,
+    const char *, u_int, u_int);
 
 int
 ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16],