1/* 2 * Dropbear - a SSH2 server 3 * 4 * Copyright (c) 2002,2003 Matt Johnston 5 * All rights reserved. 6 * 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in 15 * all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 23 * SOFTWARE. */ 24 25#ifndef _AUTH_H_ 26#define _AUTH_H_ 27 28#include "includes.h" 29 30void svr_authinitialise(); 31void cli_authinitialise(); 32 33/* Server functions */ 34void recv_msg_userauth_request(); 35void send_msg_userauth_failure(int partial, int incrfail); 36void send_msg_userauth_success(); 37void svr_auth_password(); 38void svr_auth_pubkey(); 39void svr_auth_pam(); 40 41/* Client functions */ 42void recv_msg_userauth_failure(); 43void recv_msg_userauth_success(); 44void recv_msg_userauth_specific_60(); 45void recv_msg_userauth_pk_ok(); 46void recv_msg_userauth_info_request(); 47void cli_get_user(); 48void cli_auth_getmethods(); 49void cli_auth_try(); 50void recv_msg_userauth_banner(); 51void cli_pubkeyfail(); 52void cli_auth_password(); 53int cli_auth_pubkey(); 54void cli_auth_interactive(); 55char* getpass_or_cancel(char* prompt); 56 57 58#define MAX_USERNAME_LEN 25 /* arbitrary for the moment */ 59 60#define AUTH_TYPE_NONE 1 61#define AUTH_TYPE_PUBKEY 1 << 1 62#define AUTH_TYPE_PASSWORD 1 << 2 63#define AUTH_TYPE_INTERACT 1 << 3 64 65#define AUTH_METHOD_NONE "none" 66#define AUTH_METHOD_NONE_LEN 4 67#define AUTH_METHOD_PUBKEY "publickey" 68#define AUTH_METHOD_PUBKEY_LEN 9 69#define AUTH_METHOD_PASSWORD "password" 70#define AUTH_METHOD_PASSWORD_LEN 8 71#define AUTH_METHOD_INTERACT "keyboard-interactive" 72#define AUTH_METHOD_INTERACT_LEN 20 73 74 75 76/* This structure is shared between server and client - it contains 77 * relatively little extraneous bits when used for the client rather than the 78 * server */ 79struct AuthState { 80 81 char *username; /* This is the username the client presents to check. It 82 is updated each run through, used for auth checking */ 83 unsigned char authtypes; /* Flags indicating which auth types are still 84 valid */ 85 unsigned int failcount; /* Number of (failed) authentication attempts.*/ 86 unsigned authdone : 1; /* 0 if we haven't authed, 1 if we have. Applies for 87 client and server (though has differing [obvious] 88 meanings). */ 89 unsigned perm_warn : 1; /* Server only, set if bad permissions on 90 ~/.ssh/authorized_keys have already been 91 logged. */ 92 93 /* These are only used for the server */ 94 char *printableuser; /* stripped of control chars, used for logs etc */ 95 struct passwd * pw; 96 97}; 98 99struct SignKeyList; 100/* A singly linked list of signing keys */ 101struct SignKeyList { 102 103 sign_key *key; 104 int type; /* The type of key */ 105 struct SignKeyList *next; 106 /* filename? or the buffer? for encrypted keys, so we can later get 107 * the private key portion */ 108 109}; 110 111#endif /* _AUTH_H_ */ 112