| version 1.7, 2000/04/14 10:30:30 |
version 1.7.2.3, 2001/03/12 15:44:08 |
|
|
| /* |
/* |
| * |
|
| * authfd.h |
|
| * |
|
| * Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
| * |
|
| * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| * All rights reserved |
* All rights reserved |
| * |
|
| * Created: Wed Mar 29 01:17:41 1995 ylo |
|
| * |
|
| * Functions to interface with the SSH_AUTHENTICATION_FD socket. |
* Functions to interface with the SSH_AUTHENTICATION_FD socket. |
| * |
* |
| |
* As far as I am concerned, the code I have written for this software |
| |
* can be used freely for any purpose. Any derived versions of this |
| |
* software must be clearly marked as such, and if the derived work is |
| |
* incompatible with the protocol description in the RFC file, it must be |
| |
* called by a name other than "ssh" or "Secure Shell". |
| */ |
*/ |
| |
|
| /* RCSID("$Id$"); */ |
/* RCSID("$OpenBSD$"); */ |
| |
|
| #ifndef AUTHFD_H |
#ifndef AUTHFD_H |
| #define AUTHFD_H |
#define AUTHFD_H |
|
|
| #define SSH_AGENTC_REMOVE_RSA_IDENTITY 8 |
#define SSH_AGENTC_REMOVE_RSA_IDENTITY 8 |
| #define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9 |
#define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9 |
| |
|
| |
/* private OpenSSH extensions for SSH2 */ |
| |
#define SSH2_AGENTC_REQUEST_IDENTITIES 11 |
| |
#define SSH2_AGENT_IDENTITIES_ANSWER 12 |
| |
#define SSH2_AGENTC_SIGN_REQUEST 13 |
| |
#define SSH2_AGENT_SIGN_RESPONSE 14 |
| |
#define SSH2_AGENTC_ADD_IDENTITY 17 |
| |
#define SSH2_AGENTC_REMOVE_IDENTITY 18 |
| |
#define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19 |
| |
|
| |
/* additional error code for ssh.com's ssh-agent2 */ |
| |
#define SSH_COM_AGENT2_FAILURE 102 |
| |
|
| |
#define SSH_AGENT_OLD_SIGNATURE 0x01 |
| |
|
| |
|
| typedef struct { |
typedef struct { |
| int fd; |
int fd; |
| Buffer packet; |
|
| Buffer identities; |
Buffer identities; |
| int howmany; |
int howmany; |
| } AuthenticationConnection; |
} AuthenticationConnection; |
| |
|
| /* Returns the number of the authentication fd, or -1 if there is none. */ |
/* Returns the number of the authentication fd, or -1 if there is none. */ |
| int ssh_get_authentication_socket(); |
int ssh_get_authentication_socket(void); |
| |
|
| /* |
/* |
| * This should be called for any descriptor returned by |
* This should be called for any descriptor returned by |
|
|
| * connection could not be opened. The connection should be closed by the |
* connection could not be opened. The connection should be closed by the |
| * caller by calling ssh_close_authentication_connection(). |
* caller by calling ssh_close_authentication_connection(). |
| */ |
*/ |
| AuthenticationConnection *ssh_get_authentication_connection(); |
AuthenticationConnection *ssh_get_authentication_connection(void); |
| |
|
| /* |
/* |
| * Closes the connection to the authentication agent and frees any associated |
* Closes the connection to the authentication agent and frees any associated |
| * memory. |
* memory. |
| */ |
*/ |
| void ssh_close_authentication_connection(AuthenticationConnection * ac); |
void ssh_close_authentication_connection(AuthenticationConnection *auth); |
| |
|
| /* |
/* |
| * Returns the first authentication identity held by the agent. Returns true |
* Returns the number authentication identity held by the agent. |
| * if an identity is available, 0 otherwise. The caller must initialize the |
|
| * integers before the call, and free the comment after a successful call |
|
| * (before calling ssh_get_next_identity). |
|
| */ |
*/ |
| int |
int ssh_get_num_identities(AuthenticationConnection *auth, int version); |
| ssh_get_first_identity(AuthenticationConnection * connection, |
|
| BIGNUM * e, BIGNUM * n, char **comment); |
|
| |
|
| /* |
/* |
| |
* Returns the first authentication identity held by the agent or NULL if |
| |
* no identies are available. Caller must free comment and key. |
| |
* Note that you cannot mix calls with different versions. |
| |
*/ |
| |
Key *ssh_get_first_identity(AuthenticationConnection *auth, char **comment, int version); |
| |
|
| |
/* |
| * Returns the next authentication identity for the agent. Other functions |
* Returns the next authentication identity for the agent. Other functions |
| * can be called between this and ssh_get_first_identity or two calls of this |
* can be called between this and ssh_get_first_identity or two calls of this |
| * function. This returns 0 if there are no more identities. The caller |
* function. This returns NULL if there are no more identities. The caller |
| * must free comment after a successful return. |
* must free key and comment after a successful return. |
| */ |
*/ |
| |
Key *ssh_get_next_identity(AuthenticationConnection *auth, char **comment, int version); |
| |
|
| |
/* |
| |
* Requests the agent to decrypt the given challenge. Returns true if the |
| |
* agent claims it was able to decrypt it. |
| |
*/ |
| int |
int |
| ssh_get_next_identity(AuthenticationConnection * connection, |
ssh_decrypt_challenge(AuthenticationConnection *auth, |
| BIGNUM * e, BIGNUM * n, char **comment); |
Key *key, BIGNUM * challenge, |
| |
u_char session_id[16], |
| |
u_int response_type, |
| |
u_char response[16]); |
| |
|
| /* Requests the agent to decrypt the given challenge. Returns true if |
/* Requests the agent to sign data using key */ |
| the agent claims it was able to decrypt it. */ |
|
| int |
int |
| ssh_decrypt_challenge(AuthenticationConnection * auth, |
ssh_agent_sign(AuthenticationConnection *auth, |
| BIGNUM * e, BIGNUM * n, BIGNUM * challenge, |
Key *key, |
| unsigned char session_id[16], |
u_char **sigp, int *lenp, |
| unsigned int response_type, |
u_char *data, int datalen); |
| unsigned char response[16]); |
|
| |
|
| /* |
/* |
| * Adds an identity to the authentication server. This call is not meant to |
* Adds an identity to the authentication server. This call is not meant to |
|
|
| * successfully added. |
* successfully added. |
| */ |
*/ |
| int |
int |
| ssh_add_identity(AuthenticationConnection * connection, RSA * key, |
ssh_add_identity(AuthenticationConnection *auth, Key *key, |
| const char *comment); |
const char *comment); |
| |
|
| /* |
/* |
|
|
| * meant to be used by normal applications. This returns true if the |
* meant to be used by normal applications. This returns true if the |
| * identity was successfully added. |
* identity was successfully added. |
| */ |
*/ |
| int ssh_remove_identity(AuthenticationConnection * connection, RSA * key); |
int ssh_remove_identity(AuthenticationConnection *auth, Key *key); |
| |
|
| /* |
/* |
| * Removes all identities from the authentication agent. This call is not |
* Removes all identities from the authentication agent. This call is not |
| * meant to be used by normal applications. This returns true if the |
* meant to be used by normal applications. This returns true if the |
| * operation was successful. |
* operation was successful. |
| */ |
*/ |
| int ssh_remove_all_identities(AuthenticationConnection * connection); |
int ssh_remove_all_identities(AuthenticationConnection *auth, int version); |
| |
|
| /* Closes the connection to the authentication agent. */ |
|
| void ssh_close_authentication(AuthenticationConnection * connection); |
|
| |
|
| #endif /* AUTHFD_H */ |
#endif /* AUTHFD_H */ |
![[BACK]](/icons/back.gif){kind=icon}
Return to authfd.h CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh