- markus@cvs.openbsd.org 2001/06/23 00:20:57

     [auth2.c auth.c auth.h auth-rh-rsa.c]
     *known_hosts2 is obsolete for hostbased authentication and
     only used for backward compat. merge ssh1/2 hostkey check
     and move it to auth.c

1 files changed, 8 insertions, 2 deletions

diff --git a/auth.h b/auth.h
index 2d1f1e9b..b9585d3a 100644
--- a/auth.h
+++ b/auth.h
@@ -21,11 +21,13 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
- * $OpenBSD: auth.h,v 1.17 2001/05/20 17:20:35 markus Exp $
+ * $OpenBSD: auth.h,v 1.18 2001/06/23 00:20:58 markus Exp $
  */
 #ifndef AUTH_H
 #define AUTH_H
 
+#include "key.h"
+#include "hostfile.h"
 #include <openssl/rsa.h>
 
 #ifdef HAVE_LOGIN_CAP
@@ -159,7 +161,6 @@ int	verify_response(Authctxt *authctxt, const char *response);
 
 struct passwd * auth_get_user(void);
 
-
 /* expand a filename - return buffer is allocated by xmalloc */
 char	*expand_filename(const char *template, struct passwd *pw);
 char	*authorized_keys_file(struct passwd *pw);
@@ -169,6 +170,11 @@ char	*authorized_keys_file2(struct passwd *pw);
 int
 secure_filename(FILE *f, const char *file, uid_t u, char *err, size_t errlen);
 
+/* helper for hostbased auth */
+HostStatus
+check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
+    const char *sysfile, const char *userfile);
+
 #define AUTH_FAIL_MAX 6
 #define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2)
 #define AUTH_FAIL_MSG "Too many authentication failures for %.100s"