- jakob@cvs.openbsd.org 2003/05/14 18:16:20

[key.c key.h readconf.c readconf.h ssh_config.5 sshconnect.c] [dns.c dns.h README.dns ssh-keygen.1 ssh-keygen.c] add experimental support for verifying hos keys using DNS as described in draft-ietf-secsh-dns-xx.txt. more information in README.dns. ok markus@ and henning@
author: Damien Miller <djm@mindrot.org> 2003-05-15 10:19:46 +1000
committer: Damien Miller <djm@mindrot.org> 2003-05-15 10:19:46 +1000
commit: 37876e913a069036501086a247ed2ea430cea206 (patch)
tree: 8294744f47011c82b63ec0b46f4449ff4f26ec7c /dns.h
parent: abbae980e7532da68e7f6aa1da716fb69e7521ad (diff)
1 files changed, 57 insertions, 0 deletions
diff --git a/dns.h b/dns.h
new file mode 100644
index 000000000..ba0ea9fb4
--- /dev/null
+++ b/dns.h
@@ -0,0 +1,57 @@
+/*      $OpenBSD: dns.h,v 1.3 2003/05/14 22:56:51 jakob Exp $   */
+/*
+ * Copyright (c) 2003 Wesley Griffin. All rights reserved.
+ * Copyright (c) 2003 Jakob Schlyter. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+#include "includes.h"
+#ifdef DNS
+#ifndef DNS_H
+#define DNS_H
+enum sshfp_types {
+        SSHFP_KEY_RESERVED,
+        SSHFP_KEY_RSA,
+        SSHFP_KEY_DSA
+};
+enum sshfp_hashes {
+        SSHFP_HASH_RESERVED,
+        SSHFP_HASH_SHA1
+};
+#define DNS_RDATACLASS_IN       1
+#define DNS_RDATATYPE_SSHFP     44
+#define DNS_VERIFY_FAILED       -1
+#define DNS_VERIFY_OK           0
+#define DNS_VERIFY_ERROR        1
+int     verify_host_key_dns(const char *, struct sockaddr *, Key *);
+int     export_dns_rr(const char *, Key *, FILE *, int);
+#endif /* DNS_H */
+#endif /* DNS */
author	Damien Miller <djm@mindrot.org>	2003-05-15 10:19:46 +1000
committer	Damien Miller <djm@mindrot.org>	2003-05-15 10:19:46 +1000
commit	37876e913a069036501086a247ed2ea430cea206 (patch)
tree	8294744f47011c82b63ec0b46f4449ff4f26ec7c /dns.h
parent	abbae980e7532da68e7f6aa1da716fb69e7521ad (diff)

diff --git a/dns.h b/dns.h new file mode 100644 index 000000000..ba0ea9fb4 --- /dev/null +++ b/dns.h
@@ -0,0 +1,57 @@
	1	/* $OpenBSD: dns.h,v 1.3 2003/05/14 22:56:51 jakob Exp $ */
	2
	3	/*
	4	* Copyright (c) 2003 Wesley Griffin. All rights reserved.
	5	* Copyright (c) 2003 Jakob Schlyter. All rights reserved.
	6	*
	7	* Redistribution and use in source and binary forms, with or without
	8	* modification, are permitted provided that the following conditions
	9	* are met:
	10	* 1. Redistributions of source code must retain the above copyright
	11	* notice, this list of conditions and the following disclaimer.
	12	* 2. Redistributions in binary form must reproduce the above copyright
	13	* notice, this list of conditions and the following disclaimer in the
	14	* documentation and/or other materials provided with the distribution.
	15	*
	16	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
	17	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	18	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	19	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
	20	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	21	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	22	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	23	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	24	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	25	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	26	*/
	27
	28
	29	#include "includes.h"
	30
	31	#ifdef DNS
	32	#ifndef DNS_H
	33	#define DNS_H
	34
	35	enum sshfp_types {
	36	SSHFP_KEY_RESERVED,
	37	SSHFP_KEY_RSA,
	38	SSHFP_KEY_DSA
	39	};
	40
	41	enum sshfp_hashes {
	42	SSHFP_HASH_RESERVED,
	43	SSHFP_HASH_SHA1
	44	};
	45
	46	#define DNS_RDATACLASS_IN 1
	47	#define DNS_RDATATYPE_SSHFP 44
	48
	49	#define DNS_VERIFY_FAILED -1
	50	#define DNS_VERIFY_OK 0
	51	#define DNS_VERIFY_ERROR 1
	52
	53	int verify_host_key_dns(const char , struct sockaddr , Key *);
	54	int export_dns_rr(const char , Key , FILE *, int);
	55
	56	#endif /* DNS_H */
	57	#endif /* DNS */