1 /* 2 * Dropbear - a SSH2 server 3 * 4 * Copyright (c) 2002,2003 Matt Johnston 5 * All rights reserved. 6 * 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in 15 * all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 23 * SOFTWARE. */ 24 25 #ifndef _AUTH_H_ 26 #define _AUTH_H_ 27 28 #include "includes.h" 29 30 void svr_authinitialise(); 31 void cli_authinitialise(); 32 33 /* Server functions */ 34 void recv_msg_userauth_request(); 35 void send_msg_userauth_failure(int partial, int incrfail); 36 void send_msg_userauth_success(); 37 void svr_auth_password(); 38 void svr_auth_pubkey(); 39 void svr_auth_pam(); 40 41 /* Client functions */ 42 void recv_msg_userauth_failure(); 43 void recv_msg_userauth_success(); 44 void recv_msg_userauth_specific_60(); 45 void recv_msg_userauth_pk_ok(); 46 void recv_msg_userauth_info_request(); 47 void cli_get_user(); 48 void cli_auth_getmethods(); 49 void cli_auth_try(); 50 void recv_msg_userauth_banner(); 51 void cli_pubkeyfail(); 52 void cli_auth_password(); 53 int cli_auth_pubkey(); 54 void cli_auth_interactive(); 55 char* getpass_or_cancel(char* prompt); 56 57 58 #define MAX_USERNAME_LEN 25 /* arbitrary for the moment */ 59 60 #define AUTH_TYPE_NONE 1 61 #define AUTH_TYPE_PUBKEY 1 << 1 62 #define AUTH_TYPE_PASSWORD 1 << 2 63 #define AUTH_TYPE_INTERACT 1 << 3 64 65 #define AUTH_METHOD_NONE "none" 66 #define AUTH_METHOD_NONE_LEN 4 67 #define AUTH_METHOD_PUBKEY "publickey" 68 #define AUTH_METHOD_PUBKEY_LEN 9 69 #define AUTH_METHOD_PASSWORD "password" 70 #define AUTH_METHOD_PASSWORD_LEN 8 71 #define AUTH_METHOD_INTERACT "keyboard-interactive" 72 #define AUTH_METHOD_INTERACT_LEN 20 73 74 75 76 /* This structure is shared between server and client - it contains 77 * relatively little extraneous bits when used for the client rather than the 78 * server */ 79 struct AuthState { 80 81 char *username; /* This is the username the client presents to check. It 82 is updated each run through, used for auth checking */ 83 unsigned char authtypes; /* Flags indicating which auth types are still 84 valid */ 85 unsigned int failcount; /* Number of (failed) authentication attempts.*/ 86 unsigned authdone : 1; /* 0 if we haven't authed, 1 if we have. Applies for 87 client and server (though has differing [obvious] 88 meanings). */ 89 unsigned perm_warn : 1; /* Server only, set if bad permissions on 90 ~/.ssh/authorized_keys have already been 91 logged. */ 92 93 /* These are only used for the server */ 94 char *printableuser; /* stripped of control chars, used for logs etc */ 95 struct passwd * pw; 96 97 }; 98 99 struct SignKeyList; 100 /* A singly linked list of signing keys */ 101 struct SignKeyList { 102 103 sign_key *key; 104 int type; /* The type of key */ 105 struct SignKeyList *next; 106 /* filename? or the buffer? for encrypted keys, so we can later get 107 * the private key portion */ 108 109 }; 110 111 #endif /* _AUTH_H_ */ 112