diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2018-03-03 03:15:51 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2018-03-03 14:37:16 +1100 |
| commit | 7c856857607112a3dfe6414696bf4c7ab7fb0cb3 (patch) | |
| tree | 48c837fc9c9e11d64862d4f54c1a886b54d8721c /auth-options.h | |
| parent | 90c4bec8b5f9ec4c003ae4abdf13fc7766f00c8b (diff) | |
upstream: switch over to the new authorized_keys options API and
remove the legacy one.
Includes a fairly big refactor of auth2-pubkey.c to retain less state
between key file lines.
feedback and ok markus@
OpenBSD-Commit-ID: dece6cae0f47751b9892080eb13d6625599573df
Diffstat (limited to 'auth-options.h')
| -rw-r--r-- | auth-options.h | 46 |
1 files changed, 13 insertions, 33 deletions
diff --git a/auth-options.h b/auth-options.h index 0dbfc325e..16871d754 100644 --- a/auth-options.h +++ b/auth-options.h | |||
| @@ -1,15 +1,19 @@ | |||
| 1 | /* $OpenBSD: auth-options.h,v 1.24 2018/03/03 03:06:02 djm Exp $ */ | 1 | /* $OpenBSD: auth-options.h,v 1.25 2018/03/03 03:15:51 djm Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Copyright (c) 2018 Damien Miller <djm@mindrot.org> |
| 5 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | ||
| 6 | * All rights reserved | ||
| 7 | * | 5 | * |
| 8 | * As far as I am concerned, the code I have written for this software | 6 | * Permission to use, copy, modify, and distribute this software for any |
| 9 | * can be used freely for any purpose. Any derived versions of this | 7 | * purpose with or without fee is hereby granted, provided that the above |
| 10 | * software must be clearly marked as such, and if the derived work is | 8 | * copyright notice and this permission notice appear in all copies. |
| 11 | * incompatible with the protocol description in the RFC file, it must be | 9 | * |
| 12 | * called by a name other than "ssh" or "Secure Shell". | 10 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
| 11 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
| 12 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
| 13 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
| 14 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
| 15 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
| 16 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
| 13 | */ | 17 | */ |
| 14 | 18 | ||
| 15 | #ifndef AUTH_OPTIONS_H | 19 | #ifndef AUTH_OPTIONS_H |
| @@ -18,30 +22,6 @@ | |||
| 18 | struct passwd; | 22 | struct passwd; |
| 19 | struct sshkey; | 23 | struct sshkey; |
| 20 | 24 | ||
| 21 | /* Linked list of custom environment strings */ | ||
| 22 | struct envstring { | ||
| 23 | struct envstring *next; | ||
| 24 | char *s; | ||
| 25 | }; | ||
| 26 | |||
| 27 | /* Flags that may be set in authorized_keys options. */ | ||
| 28 | extern int no_port_forwarding_flag; | ||
| 29 | extern int no_agent_forwarding_flag; | ||
| 30 | extern int no_x11_forwarding_flag; | ||
| 31 | extern int no_pty_flag; | ||
| 32 | extern int no_user_rc; | ||
| 33 | extern char *forced_command; | ||
| 34 | extern struct envstring *custom_environment; | ||
| 35 | extern int forced_tun_device; | ||
| 36 | extern int key_is_cert_authority; | ||
| 37 | extern char *authorized_principals; | ||
| 38 | |||
| 39 | int auth_parse_options(struct passwd *, char *, const char *, u_long); | ||
| 40 | void auth_clear_options(void); | ||
| 41 | int auth_cert_options(struct sshkey *, struct passwd *, const char **); | ||
| 42 | |||
| 43 | /* authorized_keys options handling */ | ||
| 44 | |||
| 45 | /* | 25 | /* |
| 46 | * sshauthopt represents key options parsed from authorized_keys or | 26 | * sshauthopt represents key options parsed from authorized_keys or |
| 47 | * from certificate extensions/options. | 27 | * from certificate extensions/options. |