source: trunk/third/ssh/ssh.h @ 12646

Revision 12646, 33.7 KB checked in by danw, 26 years ago (diff)
This commit was generated by cvs2svn to compensate for changes in r12645, which included commits to RCS files with non-trunk default branches.
Line 
1/*
2
3ssh.h
4
5Author: Tatu Ylonen <ylo@cs.hut.fi>
6
7Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8                   All rights reserved
9
10Created: Fri Mar 17 17:09:37 1995 ylo
11
12Generic header file for ssh.
13
14*/
15
16/*
17 * $Id: ssh.h,v 1.1.1.4 1999-03-08 17:43:43 danw Exp $
18 * $Log: not supported by cvs2svn $
19 * Revision 1.25  1998/07/08 01:05:30  kivinen
20 *      Added consts.
21 *
22 * Revision 1.24  1998/07/08 00:50:13  kivinen
23 *      Added some prototypes. Added setting PASSWD_PATH if not set in
24 *      by the configure.
25 *
26 * Revision 1.23  1998/05/23  20:37:44  kivinen
27 *      Added OSF1 C2 prototypes.
28 *
29 * Revision 1.22  1998/03/27  17:02:55  kivinen
30 *      Added gateway ports option. Added ignore root rhosts option.
31 *
32 * Revision 1.21  1998/01/02 06:23:01  kivinen
33 *      Renamed SSH_AUTHENTICATION_SOCKET to SSH_AUTH_SOCK.
34 *
35 * Revision 1.20  1997/04/27 21:55:35  kivinen
36 *      Added channel_add_{allow,deny}_forwd_{to,port} prototypes.
37 *      Added match_port prototype.
38 *
39 * Revision 1.19  1997/04/21 01:06:44  kivinen
40 *      Fixed prototype for server_loop to have cleanup_context
41 *      instead of ttyname.
42 *
43 * Revision 1.18  1997/04/17 04:17:02  kivinen
44 *      Added read_confirmation prototype.
45 *      Added ttyname to server_loop prototype.
46 *
47 * Revision 1.17  1997/04/05 22:01:10  kivinen
48 *      Fixed typo in SSH_AUTH_KERBEROS.
49 *
50 * Revision 1.16  1997/03/27 03:11:13  kivinen
51 *      Added kerberos patches from Glenn Machin.
52 *
53 * Revision 1.15  1997/03/26 07:12:09  kivinen
54 *      Fixed prototypes.
55 *      Added UID_ROOT define.
56 *
57 * Revision 1.14  1997/03/19 17:44:13  kivinen
58 *      Added TISAuthentication stuff from Andre April
59 *      <Andre.April@cediti.be>.
60 *
61 * Revision 1.13  1996/12/04 18:14:30  ttsalo
62 *     Added new option, LOCAL_HOSTNAME_IN_DEBUG
63 *
64 * Revision 1.12  1996/11/24 08:27:48  kivinen
65 *      Fixed auth_input_request_forwarding prototype.
66 *
67 * Revision 1.11  1996/11/05 16:03:00  ttsalo
68 *       Removed the get_permanent_fd prototype
69 *
70 * Revision 1.10  1996/10/29 22:46:55  kivinen
71 *      Changed PROTOCOL_MINOR from 4 to 5.
72 *      log -> log_msg.
73 *
74 * Revision 1.9  1996/10/20 16:28:39  ttsalo
75 *      Added global variable original_real_uid
76 *
77 * Revision 1.8  1996/09/24 20:17:54  ylo
78 *      Changed identity files to be always encrypted with 3DES (used
79 *      to be IDEA, when it is compiled in).  This is to make identity
80 *      files more compatible with versions that don't include IDEA
81 *      for patent reasons.
82 *
83 * Revision 1.7  1996/09/08 17:21:09  ttsalo
84 *      A lot of changes in agent-socket handling
85 *
86 * Revision 1.6  1996/09/04 12:42:31  ttsalo
87 *      Added pid to agent-socket name
88 *
89 * Revision 1.5  1996/08/29 14:51:24  ttsalo
90 *      Agent-socket directory handling implemented
91 *
92 * Revision 1.4  1996/08/21 20:43:56  ttsalo
93 *      Made ssh-agent use a different, more secure way of storing
94 *      it's initial socket.
95 *
96 * Revision 1.3  1996/08/13 09:04:21  ttsalo
97 *      Home directory, .ssh and .ssh/authorized_keys are now
98 *      checked for wrong owner and group & world writeability.
99 *
100 * Revision 1.2  1996/04/22 23:49:45  huima
101 * Changed protocol version to 1.4, added calls to emulate module.
102 *
103 * Revision 1.1.1.1  1996/02/18  21:38:10  ylo
104 *      Imported ssh-1.2.13.
105 *
106 * Revision 1.16  1995/10/02  01:31:13  ylo
107 *      Moved sshd.pid to PIDDIR.  Also changed file name.
108 *      Added SSH_HOSTS_EQUIV (shosts.equiv).
109 *
110 * Revision 1.15  1995/09/27  02:16:24  ylo
111 *      Added SSH_USER_RC and SSH_SYSTEM_RC.
112 *
113 * Revision 1.14  1995/09/25  00:02:06  ylo
114 *      Added client_loop.
115 *      Added screen number arguments.
116 *      Added connection_attempts.
117 *
118 * Revision 1.13  1995/09/22  22:23:41  ylo
119 *      Changed argument list of ssh_login.
120 *
121 * Revision 1.12  1995/09/21  17:14:08  ylo
122 *      Added original_real_uid argument to ssh_connect.
123 *
124 * Revision 1.11  1995/09/10  22:47:59  ylo
125 *      Added server_loop.
126 *      Added original_real_uid parameter to ssh_login.
127 *
128 * Revision 1.10  1995/09/09  21:26:46  ylo
129 * /m/shadows/u2/users/ylo/ssh/README
130 *
131 * Revision 1.9  1995/08/31  09:23:42  ylo
132 *      Added support for ETCDIR.
133 *
134 * Revision 1.8  1995/08/29  22:33:52  ylo
135 *      Added get_remote_ipaddr, get_permanent_fd.
136 *      Deleted SSH_NUM_DUPS.
137 *
138 * Revision 1.7  1995/08/21  23:28:57  ylo
139 *      Added SERVER_CONFIG_FILE.
140 *      Added syslog facility definitions.
141 *
142 * Revision 1.6  1995/08/18  22:57:06  ylo
143 *      Now uses 3DES as the authfile cipher if IDEA is not available.
144 *
145 * Revision 1.5  1995/07/27  00:41:04  ylo
146 *      Added GlobalKnownHostsFile and UserKnownHostsFile.
147 *
148 * Revision 1.4  1995/07/26  23:28:56  ylo
149 *      Changed PROTOCOL_MINOR from 0 to 1.
150 *
151 * Revision 1.3  1995/07/16  01:02:26  ylo
152 *      Removed host argument from record_logout.
153 *
154 * Revision 1.2  1995/07/13  01:40:22  ylo
155 *      Removed "Last modified" header.
156 *      Added cvs log.
157 *
158 * $Endlog$
159 */
160
161#ifndef SSH_H
162#define SSH_H
163
164#include <gmp.h>
165#include "rsa.h"
166#include "randoms.h"
167#include "cipher.h"
168
169/* The default cipher used if IDEA is not supported by the remote host.
170   It is recommended that this be one of the mandatory ciphers (DES, 3DES),
171   though that is not required. */
172#define SSH_FALLBACK_CIPHER     SSH_CIPHER_3DES
173
174/* Cipher used for encrypting authentication files. */
175#define SSH_AUTHFILE_CIPHER     SSH_CIPHER_3DES
176
177/* Default port number. */
178#define SSH_DEFAULT_PORT        22
179
180/* Maximum number of TCP/IP ports forwarded per direction. */
181#define SSH_MAX_FORWARDS_PER_DIRECTION  100
182
183/* Maximum number of RSA authentication identity files that can be specified
184   in configuration files or on the command line. */
185#define SSH_MAX_IDENTITY_FILES          100
186
187/* Major protocol version.  Different version indicates major incompatiblity
188   that prevents communication.  */
189#define PROTOCOL_MAJOR          1
190
191/* Minor protocol version.  Different version indicates minor incompatibility
192   that does not prevent interoperation. */
193#define PROTOCOL_MINOR          5
194
195/* Name for the service.  The port named by this service overrides the default
196   port if present. */
197#define SSH_SERVICE_NAME        "ssh"
198
199/* System-wide file containing host keys of known hosts.  This file should be
200   world-readable. */
201#define SSH_SYSTEM_HOSTFILE     ETCDIR "/ssh_known_hosts"
202
203/*  HOST_KEY_FILE               /etc/ssh_host_key,
204    SERVER_CONFIG_FILE          /etc/sshd_config,
205and HOST_CONFIG_FILE            /etc/ssh_config
206are all defined in Makefile.in.  Of these, ssh_host_key should be readable
207only by root, whereas ssh_config should be world-readable. */
208
209/* Random seed file for the daemon.  This file should be readable only by
210   root. */
211#define SSH_DAEMON_SEED_FILE    ETCDIR "/ssh_random_seed"
212
213/* The process id of the daemon listening for connections is saved
214   here to make it easier to kill the correct daemon when necessary. */
215#define SSH_DAEMON_PID_FILE     PIDDIR "/sshd.pid"
216
217/* The directory in user\'s home directory in which the files reside.
218   The directory should be world-readable (though not all files are). */
219#define SSH_USER_DIR            ".ssh"
220
221/* Per-user file containing host keys of known hosts.  This file need
222   not be readable by anyone except the user him/herself, though this does
223   not contain anything particularly secret. */
224#define SSH_USER_HOSTFILE       "~/.ssh/known_hosts"
225
226/* Name of the file containing client-side random seed.  This file should
227   only be readable by the user him/herself. */
228#define SSH_CLIENT_SEEDFILE     ".ssh/random_seed"
229
230/* Name of the default file containing client-side authentication key.
231   This file should only be readable by the user him/herself. */
232#define SSH_CLIENT_IDENTITY     ".ssh/identity"
233
234/* Configuration file in user\'s home directory.  This file need not be
235   readable by anyone but the user him/herself, but does not contain
236   anything particularly secret.  If the user\'s home directory resides
237   on an NFS volume where root is mapped to nobody, this may need to be
238   world-readable. */
239#define SSH_USER_CONFFILE       ".ssh/config"
240
241/* File containing a list of those rsa keys that permit logging in as
242   this user.  This file need not be
243   readable by anyone but the user him/herself, but does not contain
244   anything particularly secret.  If the user\'s home directory resides
245   on an NFS volume where root is mapped to nobody, this may need to be
246   world-readable.  (This file is read by the daemon which is running as
247   root.) */
248#define SSH_USER_PERMITTED_KEYS ".ssh/authorized_keys"
249
250/* Per-user and system-wide ssh "rc" files.  These files are executed with
251   /bin/sh before starting the shell or command if they exist.  They
252   will be passed "proto cookie" as arguments if X11 forwarding with
253   spoofing is in use.  xauth will be run if neither of these exists. */
254#define SSH_USER_RC             ".ssh/rc"
255#define SSH_SYSTEM_RC           ETCDIR "/sshrc"
256
257/* Ssh-only version of /etc/hosts.equiv. */
258#define SSH_HOSTS_EQUIV         ETCDIR "/shosts.equiv"
259
260/* Additionally, the daemon may use ~/.rhosts and /etc/hosts.equiv if
261   rhosts authentication is enabled. */
262
263/* Socket for connecting the authentication agent.  Normally the connection
264   to the authentication agent is passed in a file descriptor; however,
265   on some systems, commonly used shells close all open file descriptors.
266   To make the agent usable on those systems, configure checks whether
267   the shells close all descriptors, and if so, uses a socket instead.
268   That socket is an unix-domain socket and must not be accessible by
269   anyone but the user him/herself. A directory \'ssh-agent-<loginname>\'
270   is created under /tmp, which is supposedly on the local machine,
271   and socket is created under the directory. On some systems, sockets\'
272   protections are not adequately checked, so this mode 700 per-user
273   directory is needed. If socket were in the user\'s home directory,
274   the daemon (running as root) might not be able to create and listen
275   to the socket.
276   
277   SSH_AGENT_SOCKET_DIR can be changed to something else ("/tmp/.ssh/ssh-%s"
278   for example), but only the last directory in the path will be
279   dynamically created and deleted by sshd and ssh-agent. */
280#define SSH_AGENT_SOCKET_DIR    "/tmp/ssh-%.50s"
281#define SSH_AGENT_SOCKET        "agent-socket-%d"
282
283/* Name of the environment variable containing the pathname of the
284   authentication socket. */
285#define SSH_AUTHSOCKET_ENV_NAME         "SSH_AUTH_SOCK"
286
287/* Check that we always have PASSWD_PATH set */
288#ifndef PASSWD_PATH
289#define PASSWD_PATH "/bin/passwd"
290#endif /* PASSWD_PATH */
291
292/* Force host key length and server key length to differ by at least this
293   many bits.  This is to make double encryption with rsaref work. */
294#define SSH_KEY_BITS_RESERVED           128
295
296/* Length of the session key in bytes.  (Specified as 256 bits in the
297   protocol.)  */
298#define SSH_SESSION_KEY_LENGTH          32
299
300#ifdef KERBEROS
301#ifdef KRB5
302#include <krb5.h>
303#define KRB_SERVICE_NAME                "host"
304#endif /* KRB5 */
305#endif /* KERBEROS */
306
307/* Authentication methods.  New types can be added, but old types should not
308   be removed for compatibility.  The maximum allowed value is 31. */
309#define SSH_AUTH_RHOSTS         1
310#define SSH_AUTH_RSA            2
311#define SSH_AUTH_PASSWORD       3
312#define SSH_AUTH_RHOSTS_RSA     4
313#define SSH_AUTH_TIS            5
314#define SSH_AUTH_KERBEROS       6
315#define SSH_PASS_KERBEROS_TGT   7
316
317/* These are reserved for official patches, do not use them */
318#define SSH_AUTH_RESERVED_1     8
319#define SSH_AUTH_RESERVED_2     9
320#define SSH_AUTH_RESERVED_3     10
321#define SSH_AUTH_RESERVED_4     11
322#define SSH_AUTH_RESERVED_5     12
323#define SSH_AUTH_RESERVED_6     13
324#define SSH_AUTH_RESERVED_7     14
325#define SSH_AUTH_RESERVED_8     15
326
327/* If you add new methods add them after this using random number between 16-31
328   so if someone else adds also new methods you dont use same number. */
329
330/* Protocol flags.  These are bit masks. */
331#define SSH_PROTOFLAG_SCREEN_NUMBER     1 /* X11 forwarding includes screen */
332#define SSH_PROTOFLAG_HOST_IN_FWD_OPEN  2 /* forwarding opens contain host */
333
334/* Definition of message types.  New values can be added, but old values
335   should not be removed or without careful consideration of the consequences
336   for compatibility.  The maximum value is 254; value 255 is reserved
337   for future extension. */
338/* Message name */                      /* msg code */  /* arguments */
339#define SSH_MSG_NONE                            0       /* no message */
340#define SSH_MSG_DISCONNECT                      1       /* cause (string) */
341#define SSH_SMSG_PUBLIC_KEY                     2       /* ck,msk,srvk,hostk */
342#define SSH_CMSG_SESSION_KEY                    3       /* key (MP_INT) */
343#define SSH_CMSG_USER                           4       /* user (string) */
344#define SSH_CMSG_AUTH_RHOSTS                    5       /* user (string) */
345#define SSH_CMSG_AUTH_RSA                       6       /* modulus (MP_INT) */
346#define SSH_SMSG_AUTH_RSA_CHALLENGE             7       /* int (MP_INT) */
347#define SSH_CMSG_AUTH_RSA_RESPONSE              8       /* int (MP_INT) */
348#define SSH_CMSG_AUTH_PASSWORD                  9       /* pass (string) */
349#define SSH_CMSG_REQUEST_PTY                    10      /* TERM, tty modes */
350#define SSH_CMSG_WINDOW_SIZE                    11      /* row,col,xpix,ypix */
351#define SSH_CMSG_EXEC_SHELL                     12      /* */
352#define SSH_CMSG_EXEC_CMD                       13      /* cmd (string) */
353#define SSH_SMSG_SUCCESS                        14      /* */
354#define SSH_SMSG_FAILURE                        15      /* */
355#define SSH_CMSG_STDIN_DATA                     16      /* data (string) */
356#define SSH_SMSG_STDOUT_DATA                    17      /* data (string) */
357#define SSH_SMSG_STDERR_DATA                    18      /* data (string) */
358#define SSH_CMSG_EOF                            19      /* */
359#define SSH_SMSG_EXITSTATUS                     20      /* status (int) */
360#define SSH_MSG_CHANNEL_OPEN_CONFIRMATION       21      /* channel (int) */
361#define SSH_MSG_CHANNEL_OPEN_FAILURE            22      /* channel (int) */
362#define SSH_MSG_CHANNEL_DATA                    23      /* ch,data (int,str) */
363#define SSH_MSG_CHANNEL_CLOSE                   24      /* channel (int) */
364#define SSH_MSG_CHANNEL_CLOSE_CONFIRMATION      25      /* channel (int) */
365
366/* new channel protocol */
367#define SSH_MSG_CHANNEL_INPUT_EOF               24
368#define SSH_MSG_CHANNEL_OUTPUT_CLOSED           25
369
370/*      SSH_CMSG_X11_REQUEST_FORWARDING         26         OBSOLETE */
371#define SSH_SMSG_X11_OPEN                       27      /* channel (int) */
372#define SSH_CMSG_PORT_FORWARD_REQUEST           28      /* p,host,hp (i,s,i) */
373#define SSH_MSG_PORT_OPEN                       29      /* ch,h,p (i,s,i) */
374#define SSH_CMSG_AGENT_REQUEST_FORWARDING       30      /* */
375#define SSH_SMSG_AGENT_OPEN                     31      /* port (int) */
376#define SSH_MSG_IGNORE                          32      /* string */
377#define SSH_CMSG_EXIT_CONFIRMATION              33      /* */
378#define SSH_CMSG_X11_REQUEST_FORWARDING         34      /* proto,data (s,s) */
379#define SSH_CMSG_AUTH_RHOSTS_RSA                35      /* user,mod (s,mpi) */
380#define SSH_MSG_DEBUG                           36      /* string */
381#define SSH_CMSG_REQUEST_COMPRESSION            37      /* level 1-9 (int) */
382#define SSH_CMSG_MAX_PACKET_SIZE                38      /* max_size (int) */
383
384/* Support for TIS authentication server
385   Contributed by Andre April <Andre.April@cediti.be>. */
386#define SSH_CMSG_AUTH_TIS                       39      /* */
387#define SSH_SMSG_AUTH_TIS_CHALLENGE             40      /* string */
388#define SSH_CMSG_AUTH_TIS_RESPONSE              41      /* pass (string) */
389
390/* Support for kerberos authentication by Glenn Machin and Dug Song
391   <dugsong@umich.edu> */
392#define SSH_CMSG_AUTH_KERBEROS                  42      /* string (KTEXT) */
393#define SSH_SMSG_AUTH_KERBEROS_RESPONSE         43      /* string (KTEXT) */
394#define SSH_CMSG_HAVE_KERBEROS_TGT              44      /* string (credentials) */
395
396/* Reserved for official extensions, do not use these */
397#define SSH_CMSG_RESERVED_START                 45
398#define SSH_CMSG_RESERVED_END                   63
399
400/* If ou add new messages add them starting from something after 64, better to
401   use some random number between 64-127 so if someone else adds something else
402   you dont use same numbers */
403
404
405/* define this and debug() will print local hostname */
406#define LOCAL_HOSTNAME_IN_DEBUG 1
407
408/* Includes that need definitions above. */
409
410#include "readconf.h"
411
412/*------------ definitions for login.c -------------*/
413
414/* Returns the time when the user last logged in.  Returns 0 if the
415   information is not available.  This must be called before record_login.
416   The host from which the user logged in is stored in buf. */
417unsigned long get_last_login_time(uid_t uid, const char *logname,
418                                  char *buf, unsigned int bufsize);
419
420/* Records that the user has logged in.  This does many things normally
421   done by login(1). */
422void record_login(int pid, const char *ttyname, const char *user, uid_t uid,
423                  const char *host, struct sockaddr_in *addr);
424
425/* Records that the user has logged out.  This does many thigs normally
426   done by login(1) or init. */
427void record_logout(int pid, const char *ttyname);
428
429/*------------ definitions for sshconnect.c ----------*/
430
431/* Opens a TCP/IP connection to the remote server on the given host.  If
432   port is 0, the default port will be used.  If anonymous is zero,
433   a privileged port will be allocated to make the connection.
434   This requires super-user privileges if anonymous is false.
435   Connection_attempts specifies the maximum number of tries, one per
436   second.  This returns true on success, and zero on failure.  If the
437   connection is successful, this calls packet_set_connection for the
438   connection. */
439int ssh_connect(const char *host, int port, int connection_attempts,
440                int anonymous, uid_t original_real_uid,
441                const char *proxy_command, RandomState *random_state);
442
443/* Starts a dialog with the server, and authenticates the current user on the
444   server.  This does not need any extra privileges.  The basic connection
445   to the server must already have been established before this is called.
446   If login fails, this function prints an error and never returns.
447   This initializes the random state, and leaves it initialized (it will also
448   have references from the packet module). */
449void ssh_login(RandomState *state, int host_key_valid, RSAPrivateKey *host_key,
450               const char *host, Options *options, uid_t original_real_uid);
451
452/*------------ Definitions for various authentication methods. -------*/
453
454/* Tries to authenticate the user using the .rhosts file.  Returns true if
455   authentication succeeds.  If ignore_rhosts is non-zero, this will not
456   consider .rhosts and .shosts (/etc/hosts.equiv will still be used).
457   If strict_modes is true, checks ownership and modes of .rhosts/.shosts. */
458int auth_rhosts(struct passwd *pw, const char *client_user,
459                int ignore_rhosts, int ignore_root_rhosts,
460                int strict_modes);
461
462/* Tries to authenticate the user using the .rhosts file and the host using
463   its host key.  Returns true if authentication succeeds. */
464int auth_rhosts_rsa(RandomState *state,
465                    struct passwd *pw, const char *client_user,
466                    unsigned int bits, MP_INT *client_host_key_e,
467                    MP_INT *client_host_key_n, int ignore_rhosts,
468                    int ignore_root_rhosts, int strict_modes);
469
470/* Tries to authenticate the user using password.  Returns true if
471   authentication succeeds. */
472#if defined(KERBEROS) && defined(KRB5)
473int auth_password(const char *server_user, const char *password,
474                  krb5_principal client);
475#else /* defined(KERBEROS) && defined(KRB5) */
476int auth_password(const char *server_user, const char *password);
477#endif /* defined(KERBEROS) && defined(KRB5) */
478
479/* Performs the RSA authentication dialog with the client.  This returns
480   0 if the client could not be authenticated, and 1 if authentication was
481   successful.  This may exit if there is a serious protocol violation. */
482int auth_rsa(struct passwd *pw, MP_INT *client_n, RandomState *state,
483             int strict_modes);
484
485/* Parses an RSA key (number of bits, e, n) from a string.  Moves the pointer
486   over the key.  Skips any whitespace at the beginning and at end. */
487int auth_rsa_read_key(char **cpp, unsigned int *bitsp, MP_INT *e, MP_INT *n);
488
489/* Returns the name of the machine at the other end of the socket.  The
490   returned string should be freed by the caller. */
491char *get_remote_hostname(int socket);
492
493/* Return the canonical name of the host in the other side of the current
494   connection (as returned by packet_get_connection).  The host name is
495   cached, so it is efficient to call this several times. */
496const char *get_canonical_hostname(void);
497
498/* Returns the remote IP address as an ascii string.  The value need not be
499   freed by the caller. */
500const char *get_remote_ipaddr(void);
501
502/* Returns the port number of the peer of the socket. */
503int get_peer_port(int sock);
504
505/* Returns the port number of the remote host. */
506int get_remote_port(void);
507
508/* Tries to match the host name (which must be in all lowercase) against the
509   comma-separated sequence of subpatterns (each possibly preceded by ! to
510   indicate negation).  Returns true if there is a positive match; zero
511   otherwise. */
512int match_hostname(const char *host, const char *ip,
513                   const char *pattern, unsigned int len);
514
515/* Checks whether the given host is already in the list of our known hosts.
516   Returns HOST_OK if the host is known and has the specified key,
517   HOST_NEW if the host is not known, and HOST_CHANGED if the host is known
518   but used to have a different host key.  The host must be in all lowercase.
519   The check (file accesses) will be performed using the given uid with
520   userfile. */
521typedef enum { HOST_OK, HOST_NEW, HOST_CHANGED } HostStatus;
522HostStatus check_host_in_hostfile(uid_t uid,
523                                  const char *filename,
524                                  const char *host, unsigned int bits,
525                                  MP_INT *e, MP_INT *n);
526
527/* Appends an entry to the host file.  Returns false if the entry
528   could not be appended.  The operation will be performed with the given
529   uid using userfile. */
530int add_host_to_hostfile(uid_t uid, const char *filename, const char *host,
531                         unsigned int bits, MP_INT *e, MP_INT *n);
532
533/* Performs the RSA authentication challenge-response dialog with the client,
534   and returns true (non-zero) if the client gave the correct answer to
535   our challenge; returns zero if the client gives a wrong answer. */
536int auth_rsa_challenge_dialog(RandomState *state, unsigned int bits,
537                              MP_INT *e, MP_INT *n);
538
539/* Reads a passphrase from /dev/tty with echo turned off.  Returns the
540   passphrase (allocated with xmalloc).  Exits if EOF is encountered.
541   If from_stdin is true, the passphrase will be read from stdin instead.
542   If this needs to use an auxiliary program to read the passphrase,
543   this will run it with the given uid using userfile. */
544char *read_passphrase(uid_t uid, const char *prompt, int from_stdin);
545
546/* Reads a yes/no confirmation from /dev/tty.  Exits if EOF or "no" is
547   encountered. */
548void read_confirmation(const char *prompt);
549
550/* Saves the authentication (private) key in a file, encrypting it with
551   passphrase.  The identification of the file (lowest 64 bits of n)
552   will precede the key to provide identification of the key without
553   needing a passphrase.  File I/O will be done using the given uid with
554   userfile. */
555int save_private_key(uid_t uid, const char *filename, const char *passphrase,
556                     RSAPrivateKey *private_key, const char *comment,
557                     RandomState *state);
558
559/* Loads the public part of the key file (public key and comment).
560   Returns 0 if an error occurred; zero if the public key was successfully
561   read.  The comment of the key is returned in comment_return if it is
562   non-NULL; the caller must free the value with xfree.  File I/O will be
563   done with the given uid using userfile. */
564int load_public_key(uid_t uid, const char *filename, RSAPublicKey *pub,
565                    char **comment_return);
566
567/* Loads the private key from the file.  Returns 0 if an error is encountered
568   (file does not exist or is not readable, or passphrase is bad).
569   This initializes the private key.  The comment of the key is returned
570   in comment_return if it is non-NULL; the caller must free the value
571   with xfree.  File I/O will be done with the given uid using userfile. */
572int load_private_key(uid_t uid, const char *filename, const char *passphrase,
573                     RSAPrivateKey *private_key, char **comment_return);
574
575/*------------ Definitions for logging. -----------------------*/
576
577/* Supported syslog facilities. */
578typedef enum
579{
580  SYSLOG_FACILITY_DAEMON,
581  SYSLOG_FACILITY_USER,
582  SYSLOG_FACILITY_AUTH,
583  SYSLOG_FACILITY_LOCAL0,
584  SYSLOG_FACILITY_LOCAL1,
585  SYSLOG_FACILITY_LOCAL2,
586  SYSLOG_FACILITY_LOCAL3,
587  SYSLOG_FACILITY_LOCAL4,
588  SYSLOG_FACILITY_LOCAL5,
589  SYSLOG_FACILITY_LOCAL6,
590  SYSLOG_FACILITY_LOCAL7
591} SyslogFacility;
592
593typedef enum {
594  SYSLOG_SEVERITY_DEBUG,
595  SYSLOG_SEVERITY_INFO,
596  SYSLOG_SEVERITY_NOTICE,
597  SYSLOG_SEVERITY_WARNING,
598  SYSLOG_SEVERITY_ERR,
599  SYSLOG_SEVERITY_CRIT
600} SyslogSeverity;
601
602/* Initializes logging.  If debug is non-zero, debug() will output something.
603   If quiet is non-zero, none of these will log send anything to syslog
604   (but maybe to stderr). */
605void log_init(char *av0, int on_stderr, int debug, int quiet,
606              SyslogFacility facility);
607
608/* Outputs a message to syslog or stderr, depending on the implementation.
609   The format must guarantee that the final message does not exceed 1024
610   characters.  The message should not contain newline. */
611void log_msg(const char *fmt, ...);
612
613/* Outputs a message to syslog or stderr, depending on the implementation.
614   The format must guarantee that the final message does not exceed 1024
615   characters.  The message should not contain newline.  The message
616   is logged at the given severity level. */
617void log_severity(SyslogSeverity severity, const char *fmt, ...);
618
619/* Outputs a message to syslog or stderr, depending on the implementation.
620   The format must guarantee that the final message does not exceed 1024
621   characters.  The message should not contain newline. */
622void debug(const char *fmt, ...);
623
624/* Outputs a message to syslog or stderr, depending on the implementation.
625   The format must guarantee that the final message does not exceed 1024
626   characters.  The message should not contain newline. */
627void error(const char *fmt, ...);
628
629/* Outputs a message to syslog or stderr, depending on the implementation.
630   The format must guarantee that the final message does not exceed 1024
631   characters.  The message should not contain newline. 
632   This call never returns. */
633void fatal(const char *fmt, ...);
634
635/* Outputs a message to syslog or stderr, depending on the implementation.
636   The format must guarantee that the final message does not exceed 1024
637   characters.  The message should not contain newline. 
638   This call never returns.  The message is logged with the specified
639   severity level. */
640void fatal_severity(SyslogSeverity severity, const char *fmt, ...);
641
642/* Registers a cleanup function to be called by fatal() before exiting.
643   It is permissible to call fatal_remove_cleanup for the function itself
644   from the function. */
645void fatal_add_cleanup(void (*proc)(void *context), void *context);
646
647/* Removes a cleanup frunction to be called at fatal(). */
648void fatal_remove_cleanup(void (*proc)(void *context), void *context);
649
650/*---------------- definitions for x11.c ------------------*/
651
652
653/* Sets specific protocol options. */
654void channel_set_options(int hostname_in_open);
655
656/* Allocate a new channel object and set its type and socket.  Remote_name
657   must have been allocated with xmalloc; this will free it when the channel
658   is freed. */
659int channel_allocate(int type, int sock, char *remote_name);
660
661/* Free the channel and close its socket. */
662void channel_free(int channel);
663
664/* Add any bits relevant to channels in select bitmasks. */
665void channel_prepare_select(fd_set *readset, fd_set *writeset);
666
667/* After select, perform any appropriate operations for channels which
668   have events pending. */
669void channel_after_select(fd_set *readset, fd_set *writeset);
670
671/* If there is data to send to the connection, send some of it now. */
672void channel_output_poll(void);
673
674/* This is called when a packet of type CHANNEL_DATA has just been received.
675   The message type has already been consumed, but channel number and data
676   is still there. */
677void channel_input_data(void);
678
679/* Returns true if no channel has too much buffered data. */
680int channel_not_very_much_buffered_data(void);
681
682/* This is called after receiving CHANNEL_CLOSE. */
683void channel_input_close(void);
684
685/* This is called after receiving CHANNEL_CLOSE_CONFIRMATION. */
686void channel_input_close_confirmation(void);
687
688/* This is called after receiving CHANNEL_OPEN_CONFIRMATION. */
689void channel_input_open_confirmation(void);
690
691/* This is called after receiving CHANNEL_OPEN_FAILURE from the other side. */
692void channel_input_open_failure(void);
693
694/* This closes any sockets that are listening for connections; this removes
695   any unix domain sockets. */
696void channel_stop_listening(void);
697
698/* Closes the sockets of all channels.  This is used to close extra file
699   descriptors after a fork. */
700void channel_close_all(void);
701
702/* Returns the maximum file descriptor number used by the channels. */
703int channel_max_fd(void);
704
705/* Returns true if there is still an open channel over the connection. */
706int channel_still_open(void);
707
708/* Returns a string containing a list of all open channels.  The list is
709   suitable for displaying to the user.  It uses crlf instead of newlines.
710   The caller should free the string with xfree. */
711char *channel_open_message(void);
712
713/* Initiate forwarding of connections to local port "port" through the secure
714   channel to host:port from remote side.  This never returns if there
715   was an error. */
716void channel_request_local_forwarding(int port, const char *host,
717                                      int remote_port,
718                                      int gateway_ports);
719
720/* Initiate forwarding of connections to port "port" on remote host through
721   the secure channel to host:port from local side.  This never returns
722   if there was an error.  This registers that open requests for that
723   port are permitted. */
724void channel_request_remote_forwarding(int port, const char *host,
725                                       int remote_port);
726
727/* Permits opening to any host/port in SSH_MSG_PORT_OPEN.  This is usually
728   called by the server, because the user could connect to any port anyway,
729   and the server has no way to know but to trust the client anyway. */
730void channel_permit_all_opens(void);
731
732#ifdef F_SECURE_COMMERCIAL
733
734
735
736
737
738
739
740
741
742
743
744#endif /* F_SECURE_COMMERCIAL */
745
746/* This is called after receiving CHANNEL_FORWARDING_REQUEST.  This initates
747   listening for the port, and sends back a success reply (or disconnect
748   message if there was an error).  This never returns if there was an
749   error. */
750void channel_input_port_forward_request(int is_root);
751
752/* This is called after receiving PORT_OPEN message.  This attempts to connect
753   to the given host:port, and sends back CHANNEL_OPEN_CONFIRMATION or
754   CHANNEL_OPEN_FAILURE. */
755void channel_input_port_open(void);
756
757/* Creates a port for X11 connections, and starts listening for it.
758   Returns the display name, or NULL if an error was encountered. */
759char *x11_create_display(int screen);
760
761/* Creates an internet domain socket for listening for X11 connections.
762   Returns a suitable value for the DISPLAY variable, or NULL if an error
763   occurs. */
764char *x11_create_display_inet(int screen);
765
766/* This is called when SSH_SMSG_X11_OPEN is received.  The packet contains
767   the remote channel number.  We should do whatever we want, and respond
768   with either SSH_MSG_OPEN_CONFIRMATION or SSH_MSG_OPEN_FAILURE. */
769void x11_input_open(void);
770
771/* Requests forwarding of X11 connections.  This should be called on the
772   client only. */
773void x11_request_forwarding(void);
774
775/* Requests forwarding for X11 connections, with authentication spoofing.
776   This should be called in the client only.  */
777void x11_request_forwarding_with_spoofing(RandomState *state,
778                                          const char *proto, const char *data);
779
780/* Sends a message to the server to request authentication fd forwarding. */
781void auth_request_forwarding(void);
782
783/* Returns the number of the file descriptor to pass to child programs as
784   the authentication fd. */
785int auth_get_fd(void);
786
787/* Returns the name of the forwarded authentication socket.  Returns NULL
788   if there is no forwarded authentication socket.  The returned value points
789   to a static buffer. */
790char *auth_get_socket_name(void);
791
792/* Tries to delete the authentication agent proxy socket and
793   directory */
794void auth_delete_socket(void *context);
795
796/* This if called to process SSH_CMSG_AGENT_REQUEST_FORWARDING on the server.
797   This starts forwarding authentication requests. This returns true if
798   everything succeeds, otherwise it will return false (agent forwarding
799   disabled). */
800int auth_input_request_forwarding(struct passwd *pw);
801
802/* This is called to process an SSH_SMSG_AGENT_OPEN message. */
803void auth_input_open_request(void);
804
805/* Returns true if the given string matches the pattern (which may contain
806   ? and * as wildcards), and zero if it does not match. */
807int match_pattern(const char *s, const char *pattern);
808/* this combines the effect of match_pattern on a username, hostname
809   and IP address. */
810int match_user(const char *user, const char *host, const char *ip,
811               const char *pattern);
812/* Check that host name matches the pattern. If the pattern only contains
813   numbers and periods, and wildcards compare it against the ip address
814   otherwise assume it is host name */
815int match_host(const char *host, const char *ip, const char *pattern);
816
817#ifdef F_SECURE_COMMERCIAL
818
819#endif /* F_SECURE_COMMERCIAL */
820
821/* Expands tildes in the file name.  Returns data allocated by xmalloc.
822   Warning: this calls getpw*. */
823char *tilde_expand_filename(const char *filename, uid_t my_uid);
824
825/* Performs the interactive session.  This handles data transmission between
826   the client and the program.  Note that the notion of stdin, stdout, and
827   stderr in this function is sort of reversed: this function writes to
828   stdin (of the child program), and reads from stdout and stderr (of the
829   child program).
830   This will close fdin, fdout and fderr after releasing pty (if ttyname is non
831   NULL) */
832void server_loop(int pid, int fdin, int fdout, int fderr,
833                 void *cleanup_context);
834
835/* Client side main loop for the interactive session. */
836int client_loop(int have_pty, int escape_char);
837
838/* Linked list of custom environment strings (see auth-rsa.c). */
839struct envstring {
840  struct envstring *next;
841  char *s;
842};
843
844
845/* Functions from signals.c. */
846
847/* Sets signal handlers so that core dumps are prevented.  This also
848   sets the maximum core dump size to zero as an extra precaution (where
849   supported).  The old core dump size limit is saved. */
850void signals_prevent_core(void);
851
852/* Sets all signals to their default state.  Restores RLIMIT_CORE previously
853   saved by prevent_core(). */
854void signals_reset(void);
855
856/* Global variables */
857
858extern uid_t original_real_uid;
859
860#ifdef AMIGA
861#define UID_ROOT 65535
862#else
863#define UID_ROOT 0
864#endif
865
866#ifdef HAVE_OSF1_C2_SECURITY
867void initialize_osf_security(int ac, char **av);
868
869const char *osf1c2_check_account_and_terminal(const char *username,
870                                              const char *terminal);
871
872int osf1c2_getprpwent(char *p, char *n, int len);
873
874char *osf1c2crypt(const char *pw, char *salt);
875#endif /* HAVE_OSF1_C2_SECURITY */
876
877#endif /* SSH_H */
Note: See TracBrowser for help on using the repository browser.