version 1.91, 2017/05/30 14:29:59 |
version 1.92, 2017/06/24 06:34:38 |
|
|
char *service; |
char *service; |
struct passwd *pw; /* set if 'valid' */ |
struct passwd *pw; /* set if 'valid' */ |
char *style; |
char *style; |
void *kbdintctxt; |
|
char *info; /* Extra info for next auth_log */ |
/* Method lists for multiple authentication */ |
auth_session_t *as; |
|
char **auth_methods; /* modified from server config */ |
char **auth_methods; /* modified from server config */ |
u_int num_auth_methods; |
u_int num_auth_methods; |
|
|
|
/* Authentication method-specific data */ |
|
void *methoddata; |
|
void *kbdintctxt; |
|
auth_session_t *as; |
#ifdef KRB5 |
#ifdef KRB5 |
krb5_context krb5_ctx; |
krb5_context krb5_ctx; |
krb5_ccache krb5_fwd_ccache; |
krb5_ccache krb5_fwd_ccache; |
krb5_principal krb5_user; |
krb5_principal krb5_user; |
char *krb5_ticket_file; |
char *krb5_ticket_file; |
#endif |
#endif |
void *methoddata; |
|
|
|
struct sshkey **prev_userkeys; |
/* Authentication keys already used; these will be refused henceforth */ |
u_int nprev_userkeys; |
struct sshkey **prev_keys; |
|
u_int nprev_keys; |
|
|
|
/* Last used key and ancilliary information from active auth method */ |
|
struct sshkey *auth_method_key; |
|
char *auth_method_info; |
|
|
|
/* Information exposed to session */ |
|
struct sshbuf *session_info; /* Auth info for environment */ |
}; |
}; |
|
|
/* |
/* |
* Every authentication method has to handle authentication requests for |
* Every authentication method has to handle authentication requests for |
* non-existing users, or for users that are not allowed to login. In this |
* non-existing users, or for users that are not allowed to login. In this |
|
|
int hostbased_key_allowed(struct passwd *, const char *, char *, |
int hostbased_key_allowed(struct passwd *, const char *, char *, |
struct sshkey *); |
struct sshkey *); |
int user_key_allowed(struct passwd *, struct sshkey *, int); |
int user_key_allowed(struct passwd *, struct sshkey *, int); |
void pubkey_auth_info(Authctxt *, const struct sshkey *, const char *, ...) |
int auth2_key_already_used(Authctxt *, const struct sshkey *); |
__attribute__((__format__ (printf, 3, 4))); |
|
void auth2_record_userkey(Authctxt *, struct sshkey *); |
|
int auth2_userkey_already_used(Authctxt *, struct sshkey *); |
|
|
|
|
/* |
|
* Handling auth method-specific information for logging and prevention |
|
* of key reuse during multiple authentication. |
|
*/ |
|
void auth2_authctxt_reset_info(Authctxt *); |
|
void auth2_record_key(Authctxt *, int, const struct sshkey *); |
|
void auth2_record_info(Authctxt *authctxt, const char *, ...) |
|
__attribute__((__format__ (printf, 2, 3))) |
|
__attribute__((__nonnull__ (2))); |
|
void auth2_update_session_info(Authctxt *, const char *, const char *); |
|
|
struct stat; |
struct stat; |
int auth_secure_path(const char *, struct stat *, const char *, uid_t, |
int auth_secure_path(const char *, struct stat *, const char *, uid_t, |
char *, size_t); |
char *, size_t); |
|
|
|
|
void do_authentication2(Authctxt *); |
void do_authentication2(Authctxt *); |
|
|
void auth_info(Authctxt *authctxt, const char *, ...) |
|
__attribute__((__format__ (printf, 2, 3))) |
|
__attribute__((__nonnull__ (2))); |
|
void auth_log(Authctxt *, int, int, const char *, const char *); |
void auth_log(Authctxt *, int, int, const char *, const char *); |
void auth_maxtries_exceeded(Authctxt *) __attribute__((noreturn)); |
void auth_maxtries_exceeded(Authctxt *) __attribute__((noreturn)); |
void userauth_finish(struct ssh *, int, const char *, const char *); |
void userauth_finish(struct ssh *, int, const char *, const char *); |