diff options
Diffstat (limited to 'sshserver.h')
-rw-r--r-- | sshserver.h | 143 |
1 files changed, 0 insertions, 143 deletions
diff --git a/sshserver.h b/sshserver.h deleted file mode 100644 index 5cc393df..00000000 --- a/sshserver.h +++ /dev/null @@ -1,143 +0,0 @@ -typedef struct AuthPolicy AuthPolicy; - -struct SshServerConfig { - const char *application_name; - const char *session_starting_dir; - - RSAKey *rsa_kex_key; - - /* - * In all of these ptrlens, setting the 'ptr' member to NULL means - * that we're not overriding the default configuration. - */ - ptrlen banner; /* default here is 'no banner' */ - ptrlen kex_override[NKEXLIST]; - - bool exit_signal_numeric; /* mimic an old server bug */ - - unsigned long ssh1_cipher_mask; - bool ssh1_allow_compression; - bool bare_connection; - - bool stunt_pretend_to_accept_any_pubkey; - bool stunt_open_unconditional_agent_socket; -}; - -Plug *ssh_server_plug( - Conf *conf, const SshServerConfig *ssc, - ssh_key *const *hostkeys, int nhostkeys, - RSAKey *hostkey1, AuthPolicy *authpolicy, LogPolicy *logpolicy, - const SftpServerVtable *sftpserver_vt); -void ssh_server_start(Plug *plug, Socket *socket); - -void server_instance_terminated(LogPolicy *logpolicy); -void platform_logevent(const char *msg); - -#define AUTHMETHODS(X) \ - X(NONE) \ - X(PASSWORD) \ - X(PUBLICKEY) \ - X(KBDINT) \ - X(TIS) \ - X(CRYPTOCARD) \ - /* end of list */ - -#define AUTHMETHOD_BIT_INDEX(name) AUTHMETHOD_BIT_INDEX_##name, -enum { AUTHMETHODS(AUTHMETHOD_BIT_INDEX) AUTHMETHOD_BIT_INDEX_dummy }; -#define AUTHMETHOD_BIT_VALUE(name) \ - AUTHMETHOD_##name = 1 << AUTHMETHOD_BIT_INDEX_##name, -enum { AUTHMETHODS(AUTHMETHOD_BIT_VALUE) AUTHMETHOD_BIT_VALUE_dummy }; - -typedef struct AuthKbdInt AuthKbdInt; -typedef struct AuthKbdIntPrompt AuthKbdIntPrompt; -struct AuthKbdInt { - char *title, *instruction; /* both need freeing */ - int nprompts; - AuthKbdIntPrompt *prompts; /* the array itself needs freeing */ -}; -struct AuthKbdIntPrompt { - char *prompt; /* needs freeing */ - bool echo; -}; - -unsigned auth_methods(AuthPolicy *); -bool auth_none(AuthPolicy *, ptrlen username); - -int auth_password(AuthPolicy *, ptrlen username, ptrlen password, - ptrlen *opt_new_password); -/* auth_password returns 1 for 'accepted', 0 for 'rejected', and 2 for - * 'ok but now you need to change your password' */ - -bool auth_publickey(AuthPolicy *, ptrlen username, ptrlen public_blob); -/* auth_publickey_ssh1 must return the whole public key given the modulus, - * because the SSH-1 client never transmits the exponent over the wire. - * The key remains owned by the AuthPolicy. */ - -AuthKbdInt *auth_kbdint_prompts(AuthPolicy *, ptrlen username); -/* auth_kbdint_prompts returns NULL to trigger auth failure */ -int auth_kbdint_responses(AuthPolicy *, const ptrlen *responses); -/* auth_kbdint_responses returns >0 for success, <0 for failure, and 0 - * to indicate that we haven't decided yet and further prompts are - * coming */ - -/* The very similar SSH-1 TIS and CryptoCard methods are combined into - * a single API for AuthPolicy, which takes a method argument */ -char *auth_ssh1int_challenge(AuthPolicy *, unsigned method, ptrlen username); -bool auth_ssh1int_response(AuthPolicy *, ptrlen response); - -RSAKey *auth_publickey_ssh1( - AuthPolicy *ap, ptrlen username, mp_int *rsa_modulus); -/* auth_successful returns false if further authentication is needed */ -bool auth_successful(AuthPolicy *, ptrlen username, unsigned method); - -PacketProtocolLayer *ssh2_userauth_server_new( - PacketProtocolLayer *successor_layer, AuthPolicy *authpolicy, - const SshServerConfig *ssc); -void ssh2_userauth_server_set_transport_layer( - PacketProtocolLayer *userauth, PacketProtocolLayer *transport); - -void ssh2connection_server_configure( - PacketProtocolLayer *ppl, const SftpServerVtable *sftpserver_vt, - const SshServerConfig *ssc); -void ssh1connection_server_configure( - PacketProtocolLayer *ppl, const SshServerConfig *ssc); - -PacketProtocolLayer *ssh1_login_server_new( - PacketProtocolLayer *successor_layer, RSAKey *hostkey, - AuthPolicy *authpolicy, const SshServerConfig *ssc); - -Channel *sesschan_new(SshChannel *c, LogContext *logctx, - const SftpServerVtable *sftpserver_vt, - const SshServerConfig *ssc); - -Backend *pty_backend_create( - Seat *seat, LogContext *logctx, Conf *conf, char **argv, const char *cmd, - struct ssh_ttymodes ttymodes, bool pipes_instead_of_pty, const char *dir, - const char *const *env_vars_to_unset); -int pty_backend_exit_signum(Backend *be); -ptrlen pty_backend_exit_signame(Backend *be, char **aux_msg); - -/* - * Establish a listening X server. Return value is the _number_ of - * Sockets that it established pointing at the given Plug. (0 - * indicates complete failure.) The socket pointers themselves are - * written into sockets[], up to a possible total of MAX_X11_SOCKETS. - * - * The supplied Conf has necessary environment variables written into - * it. (And is also used to open the port listeners, though that - * shouldn't affect anything.) - */ -#define MAX_X11_SOCKETS 2 -int platform_make_x11_server(Plug *plug, const char *progname, int mindisp, - const char *screen_number_suffix, - ptrlen authproto, ptrlen authdata, - Socket **sockets, Conf *conf); - -Conf *make_ssh_server_conf(void); - -/* Provided by Unix front end programs to uxsftpserver.c */ -void make_unix_sftp_filehandle_key(void *data, size_t size); - -typedef struct agentfwd agentfwd; -agentfwd *agentfwd_new(ConnectionLayer *cl, char **socketname_out); -void agentfwd_free(agentfwd *agent); |