Mercurial > dropbear
annotate auth.h @ 447:278805938dcf
Patch from Nicolai Ehemann to try binding before going to the background,
so that if it exits early (because something's already listening etc)
then it will return an exitcode of 1.
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Thu, 19 Jul 2007 15:54:18 +0000 |
parents | 8f3ec7c104d9 |
children | c1e9c81d1d27 4317be8b7cf9 |
rev | line source |
---|---|
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
1 /* |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
2 * Dropbear - a SSH2 server |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 * |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 * Copyright (c) 2002,2003 Matt Johnston |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 * All rights reserved. |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
6 * |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
7 * Permission is hereby granted, free of charge, to any person obtaining a copy |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 * of this software and associated documentation files (the "Software"), to deal |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 * in the Software without restriction, including without limitation the rights |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
11 * copies of the Software, and to permit persons to whom the Software is |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
12 * furnished to do so, subject to the following conditions: |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
13 * |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
14 * The above copyright notice and this permission notice shall be included in |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
15 * all copies or substantial portions of the Software. |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
16 * |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
23 * SOFTWARE. */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
24 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
25 #ifndef _AUTH_H_ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
26 #define _AUTH_H_ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
27 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
28 #include "includes.h" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
29 |
33 | 30 void svr_authinitialise(); |
31 void cli_authinitialise(); | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
32 |
33 | 33 /* Server functions */ |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
34 void recv_msg_userauth_request(); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
35 void send_msg_userauth_failure(int partial, int incrfail); |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
36 void send_msg_userauth_success(); |
45
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
37 void svr_auth_password(); |
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
38 void svr_auth_pubkey(); |
57
3b2a5a1c4347
svr-authpam code merged and works. needs tidying a log
Matt Johnston <matt@ucc.asn.au>
parents:
47
diff
changeset
|
39 void svr_auth_pam(); |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
40 |
33 | 41 /* Client functions */ |
42 void recv_msg_userauth_failure(); | |
43 void recv_msg_userauth_success(); | |
249
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
248
diff
changeset
|
44 void recv_msg_userauth_specific_60(); |
45
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
45 void recv_msg_userauth_pk_ok(); |
249
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
248
diff
changeset
|
46 void recv_msg_userauth_info_request(); |
33 | 47 void cli_get_user(); |
48 void cli_auth_getmethods(); | |
49 void cli_auth_try(); | |
43 | 50 void recv_msg_userauth_banner(); |
45
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
51 void cli_pubkeyfail(); |
249
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
248
diff
changeset
|
52 void cli_auth_password(); |
45
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
53 int cli_auth_pubkey(); |
249
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
248
diff
changeset
|
54 void cli_auth_interactive(); |
334
8f3ec7c104d9
Make the dbclient password prompt more useful
Matt Johnston <matt@ucc.asn.au>
parents:
268
diff
changeset
|
55 char* getpass_or_cancel(char* prompt); |
33 | 56 |
57 | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
58 #define MAX_USERNAME_LEN 25 /* arbitrary for the moment */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
59 |
249
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
248
diff
changeset
|
60 #define AUTH_TYPE_NONE 1 |
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
248
diff
changeset
|
61 #define AUTH_TYPE_PUBKEY 1 << 1 |
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
248
diff
changeset
|
62 #define AUTH_TYPE_PASSWORD 1 << 2 |
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
248
diff
changeset
|
63 #define AUTH_TYPE_INTERACT 1 << 3 |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
64 |
249
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
248
diff
changeset
|
65 #define AUTH_METHOD_NONE "none" |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
66 #define AUTH_METHOD_NONE_LEN 4 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
67 #define AUTH_METHOD_PUBKEY "publickey" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
68 #define AUTH_METHOD_PUBKEY_LEN 9 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
69 #define AUTH_METHOD_PASSWORD "password" |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
70 #define AUTH_METHOD_PASSWORD_LEN 8 |
249
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
248
diff
changeset
|
71 #define AUTH_METHOD_INTERACT "keyboard-interactive" |
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
248
diff
changeset
|
72 #define AUTH_METHOD_INTERACT_LEN 20 |
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
248
diff
changeset
|
73 |
efbaf6b03837
added keyboard-interactive client support
Matt Johnston <matt@ucc.asn.au>
parents:
248
diff
changeset
|
74 |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
75 |
33 | 76 /* This structure is shared between server and client - it contains |
77 * relatively little extraneous bits when used for the client rather than the | |
78 * server */ | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
79 struct AuthState { |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
80 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
81 char *username; /* This is the username the client presents to check. It |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
82 is updated each run through, used for auth checking */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
83 unsigned char authtypes; /* Flags indicating which auth types are still |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
84 valid */ |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
85 unsigned int failcount; /* Number of (failed) authentication attempts.*/ |
33 | 86 unsigned authdone : 1; /* 0 if we haven't authed, 1 if we have. Applies for |
87 client and server (though has differing [obvious] | |
88 meanings). */ | |
248
bf64e666f99b
Log when pubkey auth fails because of bad pubkey perms/ownership
Matt Johnston <matt@ucc.asn.au>
parents:
215
diff
changeset
|
89 unsigned perm_warn : 1; /* Server only, set if bad permissions on |
bf64e666f99b
Log when pubkey auth fails because of bad pubkey perms/ownership
Matt Johnston <matt@ucc.asn.au>
parents:
215
diff
changeset
|
90 ~/.ssh/authorized_keys have already been |
bf64e666f99b
Log when pubkey auth fails because of bad pubkey perms/ownership
Matt Johnston <matt@ucc.asn.au>
parents:
215
diff
changeset
|
91 logged. */ |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
92 |
33 | 93 /* These are only used for the server */ |
94 char *printableuser; /* stripped of control chars, used for logs etc */ | |
95 struct passwd * pw; | |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
96 |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
97 }; |
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
98 |
215
aad4b3f58556
rename PubkeyList to SignKeyList for clarity
Matt Johnston <matt@ucc.asn.au>
parents:
57
diff
changeset
|
99 struct SignKeyList; |
aad4b3f58556
rename PubkeyList to SignKeyList for clarity
Matt Johnston <matt@ucc.asn.au>
parents:
57
diff
changeset
|
100 /* A singly linked list of signing keys */ |
aad4b3f58556
rename PubkeyList to SignKeyList for clarity
Matt Johnston <matt@ucc.asn.au>
parents:
57
diff
changeset
|
101 struct SignKeyList { |
45
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
102 |
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
103 sign_key *key; |
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
104 int type; /* The type of key */ |
215
aad4b3f58556
rename PubkeyList to SignKeyList for clarity
Matt Johnston <matt@ucc.asn.au>
parents:
57
diff
changeset
|
105 struct SignKeyList *next; |
45
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
106 /* filename? or the buffer? for encrypted keys, so we can later get |
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
107 * the private key portion */ |
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
108 |
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
109 }; |
9ee8996a375f
Pubkey auth is mostly there for the client. Something strange with
Matt Johnston <matt@ucc.asn.au>
parents:
43
diff
changeset
|
110 |
4
fe6bca95afa7
Makefile.in contains updated files required
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
111 #endif /* _AUTH_H_ */ |