From 1aed65eb27feec505997c98621bdf158f9ab8b99 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Thu, 4 Mar 2010 21:53:35 +1100
Subject:    - djm@cvs.openbsd.org 2010/03/04 10:36:03      [auth-rh-rsa.c
 auth-rsa.c auth.c auth.h auth2-hostbased.c auth2-pubkey.c]      [authfile.c
 authfile.h hostfile.c hostfile.h servconf.c servconf.h]      [ssh-keygen.c
 ssh.1 sshconnect.c sshd_config.5]      Add a TrustedUserCAKeys option to
 sshd_config to specify CA keys that      are trusted to authenticate users
 (in addition than doing it per-user      in authorized_keys).

     Add a RevokedKeys option to sshd_config and a @revoked marker to
     known_hosts to allow keys to me revoked and banned for user or host
     authentication.

     feedback and ok markus@
---
 hostfile.h | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'hostfile.h')

diff --git a/hostfile.h b/hostfile.h
index ebac1e4f1..1d460c1a9 100644
--- a/hostfile.h
+++ b/hostfile.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.h,v 1.17 2010/02/26 20:29:54 djm Exp $ */
+/* $OpenBSD: hostfile.h,v 1.18 2010/03/04 10:36:03 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -15,7 +15,7 @@
 #define HOSTFILE_H
 
 typedef enum {
-	HOST_OK, HOST_NEW, HOST_CHANGED, HOST_FOUND
+	HOST_OK, HOST_NEW, HOST_CHANGED, HOST_REVOKED, HOST_FOUND
 }       HostStatus;
 
 int	 hostfile_read_key(char **, u_int *, Key *);
@@ -29,6 +29,7 @@ int	lookup_key_in_hostfile_by_type(const char *, const char *,
 #define HASH_DELIM	'|'
 
 #define CA_MARKER	"@cert-authority"
+#define REVOKE_MARKER	"@revoked"
 
 char	*host_hash(const char *, const char *, u_int);
 
-- 
cgit v1.2.3