upstream commit

remember which public keys have been used for
 authentication and refuse to accept previously-used keys.

This allows AuthenticationMethods=publickey,publickey to require
that users authenticate using two _different_ pubkeys.

ok markus@

1 files changed, 8 insertions, 1 deletions

diff --git a/auth.h b/auth.h
index d081c94a6..c67e4a4d4 100644
--- a/auth.h
+++ b/auth.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.h,v 1.78 2014/07/03 11:16:55 djm Exp $ */
+/* $OpenBSD: auth.h,v 1.79 2014/12/22 07:51:30 djm Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -42,6 +42,8 @@
 #include <krb5.h>
 #endif
 
+struct sshkey;
+
 typedef struct Authctxt Authctxt;
 typedef struct Authmethod Authmethod;
 typedef struct KbdintDevice KbdintDevice;
@@ -75,6 +77,9 @@ struct Authctxt {
 #endif
         Buffer          *loginmsg;
         void            *methoddata;
+
+        struct sshkey   **prev_userkeys;
+        u_int            nprev_userkeys;
 };
 /*
  * Every authentication method has to handle authentication requests for
@@ -123,6 +128,8 @@ int	 hostbased_key_allowed(struct passwd *, const char *, char *, Key *);
 int      user_key_allowed(struct passwd *, Key *);
 void     pubkey_auth_info(Authctxt *, const Key *, const char *, ...)
             __attribute__((__format__ (printf, 3, 4)));
+void     auth2_record_userkey(Authctxt *, struct sshkey *);
+int      auth2_userkey_already_used(Authctxt *, struct sshkey *);
 
 struct stat;
 int      auth_secure_path(const char *, struct stat *, const char *, uid_t,