From f88d86e05895671b9d036c26566a41752ec86c31 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Wed, 14 Sep 2005 15:20:11 +0000 Subject: * Add remaining pieces of Kerberos support (closes: #275472): - Add GSSAPI key exchange support from http://www.sxw.org.uk/computing/patches/openssh.html (thanks, Stephen Frost). --- ssh-gss.h | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'ssh-gss.h') diff --git a/ssh-gss.h b/ssh-gss.h index 52fb49a6f..74ce6f8bc 100644 --- a/ssh-gss.h +++ b/ssh-gss.h @@ -62,6 +62,13 @@ #define SSH_GSS_OIDTYPE 0x06 +#define SSH2_MSG_KEXGSS_INIT 30 +#define SSH2_MSG_KEXGSS_CONTINUE 31 +#define SSH2_MSG_KEXGSS_COMPLETE 32 +#define SSH2_MSG_KEXGSS_HOSTKEY 33 +#define SSH2_MSG_KEXGSS_ERROR 34 +#define KEX_GSS_SHA1 "gss-group1-sha1-" + typedef struct { char *filename; char *envvar; @@ -99,6 +106,7 @@ typedef struct { } Gssctxt; extern ssh_gssapi_mech *supported_mechs[]; +extern Gssctxt *gss_kex_context; int ssh_gssapi_check_oid(Gssctxt *, void *, size_t); void ssh_gssapi_set_oid_data(Gssctxt *, void *, size_t); @@ -121,7 +129,13 @@ OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t); OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID); void ssh_gssapi_buildmic(Buffer *, const char *, const char *, const char *); -/* In the server */ +typedef int ssh_gssapi_check_fn(gss_OID, void *); +char *ssh_gssapi_client_mechanisms(char *host); +char *ssh_gssapi_kex_mechs(gss_OID_set, ssh_gssapi_check_fn *, void *); +int ssh_gssapi_check_mechanism(gss_OID, void *); +gss_OID ssh_gssapi_id_kex(Gssctxt *, char *); + +int ssh_gssapi_server_check_mech(gss_OID, void *); int ssh_gssapi_userok(char *name); OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); void ssh_gssapi_do_child(char ***, u_int *); -- cgit v1.2.3