diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2022-05-27 05:02:46 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2022-05-27 16:38:03 +1000 |
| commit | c83d8c4d6f3ccceef84d46de107f6b71cda06359 (patch) | |
| tree | 81872e6e3f2382f879831c09ae21e422ed41b900 /auth.h | |
| parent | 3b0b142d2a0767d8cd838e2f3aefde8a0aaa41e1 (diff) | |
upstream: split the low-level file handling functions out from
auth2-pubkey.c
Put them in a new auth2-pubkeyfile.c to make it easier to refer to them
(e.g. in unit/fuzz tests) without having to refer to everything else
pubkey auth brings in.
ok dtucker@
OpenBSD-Commit-ID: 3fdca2c61ad97dc1b8d4a7346816f83dc4ce2217
Diffstat (limited to 'auth.h')
| -rw-r--r-- | auth.h | 18 |
1 files changed, 15 insertions, 3 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: auth.h,v 1.103 2022/05/27 05:01:25 djm Exp $ */ +/* $OpenBSD: auth.h,v 1.104 2022/05/27 05:02:46 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -29,6 +29,7 @@ #define AUTH_H #include <signal.h> +#include <stdio.h> #ifdef HAVE_LOGIN_CAP #include <login_cap.h> @@ -44,6 +45,7 @@ struct passwd; struct ssh; struct sshbuf; struct sshkey; +struct sshkey_cert; struct sshauthopt; typedef struct Authctxt Authctxt; @@ -214,8 +216,6 @@ int sshd_hostkey_sign(struct ssh *, struct sshkey *, struct sshkey *, const struct sshauthopt *auth_options(struct ssh *); int auth_activate_options(struct ssh *, struct sshauthopt *); void auth_restrict_session(struct ssh *); -int auth_authorise_keyopts(struct passwd *pw, struct sshauthopt *, int, - const char *, const char *, const char *); void auth_log_authopts(const char *, const struct sshauthopt *, int); /* debug messages during authentication */ @@ -226,6 +226,18 @@ void auth_debug_reset(void); struct passwd *fakepw(void); +/* auth2-pubkeyfile.c */ +int auth_authorise_keyopts(struct passwd *, struct sshauthopt *, int, + const char *, const char *, const char *); +int auth_check_principals_line(char *, const struct sshkey_cert *, + const char *, struct sshauthopt **); +int auth_process_principals(FILE *, const char *, + const struct sshkey_cert *, struct sshauthopt **); +int auth_check_authkey_line(struct passwd *, struct sshkey *, + char *, const char *, const char *, const char *, struct sshauthopt **); +int auth_check_authkeys_file(struct passwd *, FILE *, char *, + struct sshkey *, const char *, const char *, struct sshauthopt **); + int sys_auth_passwd(struct ssh *, const char *); #if defined(KRB5) && !defined(HEIMDAL) |