Mercurial > dropbear
comparison pubkeyapi.h @ 1654:cc0fc5131c5c
Rename EPKA -> Plugin
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 15 May 2019 21:59:45 +0800 |
parents | 76189c9ffea2 |
children |
comparison
equal
deleted
inserted
replaced
1653:76189c9ffea2 | 1654:cc0fc5131c5c |
---|---|
31 * https://github.com/fabriziobertocci/dropbear-epka | 31 * https://github.com/fabriziobertocci/dropbear-epka |
32 * for additional information and examples about this API | 32 * for additional information and examples about this API |
33 * | 33 * |
34 */ | 34 */ |
35 | 35 |
36 struct EPKAInstance; | 36 struct PluginInstance; |
37 struct EPKASession; | 37 struct PluginSession; |
38 | 38 |
39 /* API VERSION INFORMATION - | 39 /* API VERSION INFORMATION - |
40 * Dropbear will: | 40 * Dropbear will: |
41 * - Reject any plugin with a major version mismatch | 41 * - Reject any plugin with a major version mismatch |
42 * - Load and print a warning if the plugin's minor version is HIGHER than | 42 * - Load and print a warning if the plugin's minor version is HIGHER than |
43 * dropbear's minor version (assumes properties are added at the end of | 43 * dropbear's minor version (assumes properties are added at the end of |
44 * EPKAInstance or EPKASession). This is a case of plugin newer than dropbear. | 44 * PluginInstance or PluginSession). This is a case of plugin newer than dropbear. |
45 * - Reject if the plugin minor version is SMALLER than dropbear one (case | 45 * - Reject if the plugin minor version is SMALLER than dropbear one (case |
46 * of plugin older than dropbear). | 46 * of plugin older than dropbear). |
47 * - Load (with no warnings) if version match. | 47 * - Load (with no warnings) if version match. |
48 */ | 48 */ |
49 #define DROPBEAR_EPKA_VERSION_MAJOR 1 | 49 #define DROPBEAR_PLUGIN_VERSION_MAJOR 1 |
50 #define DROPBEAR_EPKA_VERSION_MINOR 0 | 50 #define DROPBEAR_PLUGIN_VERSION_MINOR 0 |
51 | 51 |
52 | 52 |
53 /* Creates an instance of the plugin. | 53 /* Creates an instance of the plugin. |
54 * | 54 * |
55 * This is the main entry point of the plug-in and should be IMMUTABLE across | 55 * This is the main entry point of the plug-in and should be IMMUTABLE across |
58 * any plugin for which API major version does not match. | 58 * any plugin for which API major version does not match. |
59 * | 59 * |
60 * If the version MINOR is different, dropbear will allow the plugin to run | 60 * If the version MINOR is different, dropbear will allow the plugin to run |
61 * only if: plugin_MINOR > dropbear_MINOR | 61 * only if: plugin_MINOR > dropbear_MINOR |
62 * | 62 * |
63 * If plugin_MINOR < dropbeart_MINOR or if the MAJOR version is different | 63 * If plugin_MINOR < dropbear_MINOR or if the MAJOR version is different |
64 * dropbear will reject the plugin and terminate the execution. | 64 * dropbear will reject the plugin and terminate the execution. |
65 * | 65 * |
66 * addrstring is the IP address of the client. | 66 * addrstring is the IP address of the client. |
67 * | 67 * |
68 * Returns NULL in case of failure, otherwise a void * of the instance that need | 68 * Returns NULL in case of failure, otherwise a void * of the instance that need |
69 * to be passed to all the subsequent call to the plugin | 69 * to be passed to all the subsequent call to the plugin |
70 */ | 70 */ |
71 typedef struct EPKAInstance *(* PubkeyExtPlugin_newFn)(int verbose, | 71 typedef struct PluginInstance *(* PubkeyExtPlugin_newFn)(int verbose, |
72 const char *options, | 72 const char *options, |
73 const char *addrstring); | 73 const char *addrstring); |
74 #define DROPBEAR_PUBKEY_PLUGIN_FNNAME_NEW "plugin_new" | 74 #define DROPBEAR_PUBKEY_PLUGIN_FNNAME_NEW "plugin_new" |
75 | 75 |
76 | 76 |
81 * If session is a non-NULL, it will reuse it. | 81 * If session is a non-NULL, it will reuse it. |
82 * | 82 * |
83 * Returns DROPBEAR_SUCCESS (0) if success or DROPBEAR_FAILURE (-1) if | 83 * Returns DROPBEAR_SUCCESS (0) if success or DROPBEAR_FAILURE (-1) if |
84 * authentication fails | 84 * authentication fails |
85 */ | 85 */ |
86 typedef int (* PubkeyExtPlugin_checkPubKeyFn)(struct EPKAInstance *pluginInstance, | 86 typedef int (* PubkeyExtPlugin_checkPubKeyFn)(struct PluginInstance *PluginInstance, |
87 struct EPKASession **sessionInOut, | 87 struct PluginSession **sessionInOut, |
88 const char* algo, | 88 const char* algo, |
89 unsigned int algolen, | 89 unsigned int algolen, |
90 const unsigned char* keyblob, | 90 const unsigned char* keyblob, |
91 unsigned int keybloblen, | 91 unsigned int keybloblen, |
92 const char *username); | 92 const char *username); |
93 | 93 |
94 /* Notify the plugin that auth completed (after signature verification) | 94 /* Notify the plugin that auth completed (after signature verification) |
95 */ | 95 */ |
96 typedef void (* PubkeyExtPlugin_authSuccessFn)(struct EPKASession *session); | 96 typedef void (* PubkeyExtPlugin_authSuccessFn)(struct PluginSession *session); |
97 | 97 |
98 /* Deletes a session | 98 /* Deletes a session |
99 * TODO: Add a reason why the session is terminated. See svr_dropbear_exit (in svr-session.c) | 99 * TODO: Add a reason why the session is terminated. See svr_dropbear_exit (in svr-session.c) |
100 */ | 100 */ |
101 typedef void (* PubkeyExtPlugin_sessionDeleteFn)(struct EPKASession *session); | 101 typedef void (* PubkeyExtPlugin_sessionDeleteFn)(struct PluginSession *session); |
102 | 102 |
103 /* Deletes the plugin instance */ | 103 /* Deletes the plugin instance */ |
104 typedef void (* PubkeyExtPlugin_deleteFn)(struct EPKAInstance *pluginInstance); | 104 typedef void (* PubkeyExtPlugin_deleteFn)(struct PluginInstance *PluginInstance); |
105 | 105 |
106 | 106 |
107 /* The EPKAInstance object - A simple container of the pointer to the functions used | 107 /* The PluginInstance object - A simple container of the pointer to the functions used |
108 * by Dropbear. | 108 * by Dropbear. |
109 * | 109 * |
110 * A plug-in can extend it to add its own properties | 110 * A plug-in can extend it to add its own properties |
111 * | 111 * |
112 * The instance is created from the call to the plugin_new() function of the | 112 * The instance is created from the call to the plugin_new() function of the |
113 * shared library. | 113 * shared library. |
114 * The delete_plugin function should delete the object. | 114 * The delete_plugin function should delete the object. |
115 */ | 115 */ |
116 struct EPKAInstance { | 116 struct PluginInstance { |
117 int api_version[2]; /* 0=Major, 1=Minor */ | 117 int api_version[2]; /* 0=Major, 1=Minor */ |
118 | 118 |
119 PubkeyExtPlugin_checkPubKeyFn checkpubkey; /* mandatory */ | 119 PubkeyExtPlugin_checkPubKeyFn checkpubkey; /* mandatory */ |
120 PubkeyExtPlugin_authSuccessFn auth_success; /* optional */ | 120 PubkeyExtPlugin_authSuccessFn auth_success; /* optional */ |
121 PubkeyExtPlugin_sessionDeleteFn delete_session; /* mandatory */ | 121 PubkeyExtPlugin_sessionDeleteFn delete_session; /* mandatory */ |
127 ****************************************************************************/ | 127 ****************************************************************************/ |
128 /* Returns the options from the session. | 128 /* Returns the options from the session. |
129 * The returned buffer will be destroyed when the session is deleted. | 129 * The returned buffer will be destroyed when the session is deleted. |
130 * Option buffer string NULL-terminated | 130 * Option buffer string NULL-terminated |
131 */ | 131 */ |
132 typedef char * (* PubkeyExtPlugin_getOptionsFn)(struct EPKASession *session); | 132 typedef char * (* PubkeyExtPlugin_getOptionsFn)(struct PluginSession *session); |
133 | 133 |
134 | 134 |
135 /* An SSH Session. Created during pre-auth and reused during the authentication. | 135 /* An SSH Session. Created during pre-auth and reused during the authentication. |
136 * The plug-in should delete this object (or any object extending it) from | 136 * The plug-in should delete this object (or any object extending it) from |
137 * the delete_session() function. | 137 * the delete_session() function. |
140 * reused between pre-auth and auth (and to store whatever session-specific | 140 * reused between pre-auth and auth (and to store whatever session-specific |
141 * variable you need to keep). | 141 * variable you need to keep). |
142 * | 142 * |
143 * Store any optional auth options in the auth_options property of the session. | 143 * Store any optional auth options in the auth_options property of the session. |
144 */ | 144 */ |
145 struct EPKASession { | 145 struct PluginSession { |
146 struct EPKAInstance * plugin_instance; | 146 struct PluginInstance * plugin_instance; |
147 | 147 |
148 PubkeyExtPlugin_getOptionsFn get_options; | 148 PubkeyExtPlugin_getOptionsFn get_options; |
149 }; | 149 }; |
150 | 150 |
151 #endif | 151 #endif |