diff options
Diffstat (limited to 'auth.h')
-rw-r--r-- | auth.h | 39 |
1 files changed, 15 insertions, 24 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth.h,v 1.41 2002/09/26 11:38:43 markus Exp $ */ | 1 | /* $OpenBSD: auth.h,v 1.46 2003/08/28 12:54:34 markus Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
@@ -48,29 +48,32 @@ typedef struct KbdintDevice KbdintDevice; | |||
48 | 48 | ||
49 | struct Authctxt { | 49 | struct Authctxt { |
50 | int success; | 50 | int success; |
51 | int postponed; | 51 | int postponed; /* authentication needs another step */ |
52 | int valid; | 52 | int valid; /* user exists and is allowed to login */ |
53 | int attempt; | 53 | int attempt; |
54 | int failures; | 54 | int failures; |
55 | char *user; | 55 | char *user; /* username sent by the client */ |
56 | char *service; | 56 | char *service; |
57 | struct passwd *pw; | 57 | struct passwd *pw; /* set if 'valid' */ |
58 | char *style; | 58 | char *style; |
59 | void *kbdintctxt; | 59 | void *kbdintctxt; |
60 | #ifdef BSD_AUTH | 60 | #ifdef BSD_AUTH |
61 | auth_session_t *as; | 61 | auth_session_t *as; |
62 | #endif | 62 | #endif |
63 | #ifdef KRB4 | ||
64 | char *krb4_ticket_file; | ||
65 | #endif | ||
66 | #ifdef KRB5 | 63 | #ifdef KRB5 |
67 | krb5_context krb5_ctx; | 64 | krb5_context krb5_ctx; |
68 | krb5_auth_context krb5_auth_ctx; | ||
69 | krb5_ccache krb5_fwd_ccache; | 65 | krb5_ccache krb5_fwd_ccache; |
70 | krb5_principal krb5_user; | 66 | krb5_principal krb5_user; |
71 | char *krb5_ticket_file; | 67 | char *krb5_ticket_file; |
72 | #endif | 68 | #endif |
69 | void *methoddata; | ||
73 | }; | 70 | }; |
71 | /* | ||
72 | * Every authentication method has to handle authentication requests for | ||
73 | * non-existing users, or for users that are not allowed to login. In this | ||
74 | * case 'valid' is set to 0, but 'user' points to the username requested by | ||
75 | * the client. | ||
76 | */ | ||
74 | 77 | ||
75 | struct Authmethod { | 78 | struct Authmethod { |
76 | char *name; | 79 | char *name; |
@@ -111,20 +114,6 @@ int auth_rhosts_rsa_key_allowed(struct passwd *, char *, char *, Key *); | |||
111 | int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); | 114 | int hostbased_key_allowed(struct passwd *, const char *, char *, Key *); |
112 | int user_key_allowed(struct passwd *, Key *); | 115 | int user_key_allowed(struct passwd *, Key *); |
113 | 116 | ||
114 | #ifdef KRB4 | ||
115 | #include <krb.h> | ||
116 | int auth_krb4(Authctxt *, KTEXT, char **, KTEXT); | ||
117 | int auth_krb4_password(Authctxt *, const char *); | ||
118 | void krb4_cleanup_proc(void *); | ||
119 | |||
120 | #ifdef AFS | ||
121 | #include <kafs.h> | ||
122 | int auth_krb4_tgt(Authctxt *, const char *); | ||
123 | int auth_afs_token(Authctxt *, const char *); | ||
124 | #endif /* AFS */ | ||
125 | |||
126 | #endif /* KRB4 */ | ||
127 | |||
128 | #ifdef KRB5 | 117 | #ifdef KRB5 |
129 | int auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client, krb5_data *); | 118 | int auth_krb5(Authctxt *authctxt, krb5_data *auth, char **client, krb5_data *); |
130 | int auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt); | 119 | int auth_krb5_tgt(Authctxt *authctxt, krb5_data *tgt); |
@@ -133,7 +122,6 @@ void krb5_cleanup_proc(void *authctxt); | |||
133 | #endif /* KRB5 */ | 122 | #endif /* KRB5 */ |
134 | 123 | ||
135 | #include "auth-pam.h" | 124 | #include "auth-pam.h" |
136 | #include "auth2-pam.h" | ||
137 | 125 | ||
138 | Authctxt *do_authentication(void); | 126 | Authctxt *do_authentication(void); |
139 | Authctxt *do_authentication2(void); | 127 | Authctxt *do_authentication2(void); |
@@ -159,6 +147,7 @@ struct passwd * getpwnamallow(const char *user); | |||
159 | 147 | ||
160 | char *get_challenge(Authctxt *); | 148 | char *get_challenge(Authctxt *); |
161 | int verify_response(Authctxt *, const char *); | 149 | int verify_response(Authctxt *, const char *); |
150 | void abandon_challenge_response(Authctxt *); | ||
162 | 151 | ||
163 | struct passwd * auth_get_user(void); | 152 | struct passwd * auth_get_user(void); |
164 | 153 | ||
@@ -184,6 +173,8 @@ void auth_debug_add(const char *fmt,...) __attribute__((format(printf, 1, 2))); | |||
184 | void auth_debug_send(void); | 173 | void auth_debug_send(void); |
185 | void auth_debug_reset(void); | 174 | void auth_debug_reset(void); |
186 | 175 | ||
176 | struct passwd *fakepw(void); | ||
177 | |||
187 | #define AUTH_FAIL_MAX 6 | 178 | #define AUTH_FAIL_MAX 6 |
188 | #define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2) | 179 | #define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2) |
189 | #define AUTH_FAIL_MSG "Too many authentication failures for %.100s" | 180 | #define AUTH_FAIL_MSG "Too many authentication failures for %.100s" |