- markus@cvs.openbsd.org 2002/06/08 05:07:56

[openssh.git] / auth.h

diff --git a/auth.h b/auth.h
index 9b5b19f6c105a4ba84387d4f4cf48a535ae8949a..d98547d02ab1bbef9260f00122b31aa767ce6455 100644 (file)
--- a/auth.h
+++ b/auth.h
@@ -1,4 +1,4 @@
-/*     $OpenBSD: auth.h,v 1.29 2002/03/04 17:27:39 stevesk Exp $       */
+/*     $OpenBSD: auth.h,v 1.39 2002/05/31 11:35:15 markus Exp $        */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -43,6 +43,7 @@
 #endif
 
 typedef struct Authctxt Authctxt;
+typedef struct Authmethod Authmethod;
 typedef struct KbdintDevice KbdintDevice;
 
 struct Authctxt {
@@ -71,6 +72,12 @@ struct Authctxt {
 #endif
 };
 
+struct Authmethod {
+       char    *name;
+       int     (*userauth)(Authctxt *authctxt);
+       int     *enabled;
+};
+
 /*
  * Keyboard interactive device:
  * init_ctx    returns: non NULL upon success
@@ -88,14 +95,21 @@ struct KbdintDevice
        void    (*free_ctx)(void *ctx);
 };
 
-int     auth_rhosts(struct passwd *, const char *);
+int      auth_rhosts(struct passwd *, const char *);
 int
 auth_rhosts2(struct passwd *, const char *, const char *, const char *);
 
-int     auth_rhosts_rsa(struct passwd *, const char *, Key *);
+int     auth_rhosts_rsa(struct passwd *, char *, Key *);
 int      auth_password(Authctxt *, const char *);
 int      auth_rsa(struct passwd *, BIGNUM *);
-int      auth_rsa_challenge_dialog(RSA *);
+int      auth_rsa_challenge_dialog(Key *);
+BIGNUM *auth_rsa_generate_challenge(Key *);
+int     auth_rsa_verify_response(Key *, BIGNUM *, u_char[]);
+int     auth_rsa_key_allowed(struct passwd *, BIGNUM *, Key **);
+
+int     auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *);
+int     hostbased_key_allowed(struct passwd *, const char *, char *, Key *);
+int     user_key_allowed(struct passwd *, Key *);
 
 #ifdef KRB4
 #include <krb.h>
@@ -129,10 +143,19 @@ void      auth_log(Authctxt *, int, char *, char *);
 void   userauth_finish(Authctxt *, int, char *);
 int    auth_root_allowed(char *);
 
+char   *auth2_read_banner(void);
+
+void   privsep_challenge_enable(void);
+
 int    auth2_challenge(Authctxt *, char *);
 void   auth2_challenge_stop(Authctxt *);
+int    bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **);
+int    bsdauth_respond(void *, u_int, char **);
+int    skey_query(void *, char **, char **, u_int *, char ***, u_int **);
+int    skey_respond(void *, u_int, char **);
 
 int    allowed_user(struct passwd *);
+struct passwd * getpwnamallow(const char *user);
 
 char   *get_challenge(Authctxt *);
 int    verify_response(Authctxt *, const char *);
@@ -150,8 +173,20 @@ HostStatus
 check_key_in_hostfiles(struct passwd *, Key *, const char *,
     const char *, const char *);
 
+/* hostkey handling */
+Key    *get_hostkey_by_index(int);
+Key    *get_hostkey_by_type(int);
+int     get_hostkey_index(Key *);
+int     ssh1_session_key(BIGNUM *);
+
+/* debug messages during authentication */
+void    auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2)));
+void    auth_debug_send(void);
+void    auth_debug_reset(void);
+
 #define AUTH_FAIL_MAX 6
 #define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2)
 #define AUTH_FAIL_MSG "Too many authentication failures for %.100s"
 
+#define SKEY_PROMPT "\nS/Key Password: "
 #endif