monitor_wrap.h 4.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113
  1. /* $OpenBSD: monitor_wrap.h,v 1.45 2020/08/27 01:06:18 djm Exp $ */
  2. /*
  3. * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  4. * All rights reserved.
  5. *
  6. * Redistribution and use in source and binary forms, with or without
  7. * modification, are permitted provided that the following conditions
  8. * are met:
  9. * 1. Redistributions of source code must retain the above copyright
  10. * notice, this list of conditions and the following disclaimer.
  11. * 2. Redistributions in binary form must reproduce the above copyright
  12. * notice, this list of conditions and the following disclaimer in the
  13. * documentation and/or other materials provided with the distribution.
  14. *
  15. * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  16. * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  17. * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  18. * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
  19. * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  20. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  21. * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  22. * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  23. * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  24. * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  25. */
  26. #ifndef _MM_WRAP_H_
  27. #define _MM_WRAP_H_
  28. extern int use_privsep;
  29. #define PRIVSEP(x) (use_privsep ? mm_##x : x)
  30. enum mm_keytype { MM_NOKEY, MM_HOSTKEY, MM_USERKEY };
  31. struct ssh;
  32. struct monitor;
  33. struct Authctxt;
  34. struct sshkey;
  35. struct sshauthopt;
  36. struct sshkey_sig_details;
  37. void mm_log_handler(LogLevel, const char *, void *);
  38. int mm_is_monitor(void);
  39. #ifdef WITH_OPENSSL
  40. DH *mm_choose_dh(int, int, int);
  41. #endif
  42. int mm_sshkey_sign(struct ssh *, struct sshkey *, u_char **, size_t *,
  43. const u_char *, size_t, const char *, const char *,
  44. const char *, u_int compat);
  45. void mm_inform_authserv(char *, char *);
  46. #ifdef WITH_SELINUX
  47. void mm_inform_authrole(char *);
  48. #endif
  49. struct passwd *mm_getpwnamallow(struct ssh *, const char *);
  50. char *mm_auth2_read_banner(void);
  51. int mm_auth_password(struct ssh *, char *);
  52. int mm_key_allowed(enum mm_keytype, const char *, const char *, struct sshkey *,
  53. int, struct sshauthopt **);
  54. int mm_user_key_allowed(struct ssh *, struct passwd *, struct sshkey *, int,
  55. struct sshauthopt **);
  56. int mm_hostbased_key_allowed(struct ssh *, struct passwd *, const char *,
  57. const char *, struct sshkey *);
  58. int mm_hostbased_key_verify(struct ssh *, const struct sshkey *, const u_char *, size_t,
  59. const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **);
  60. int mm_user_key_verify(struct ssh*, const struct sshkey *, const u_char *, size_t,
  61. const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **);
  62. #ifdef GSSAPI
  63. OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID);
  64. OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *,
  65. gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *);
  66. int mm_ssh_gssapi_userok(char *user);
  67. OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t);
  68. #endif
  69. #ifdef USE_PAM
  70. void mm_start_pam(struct ssh *ssh);
  71. u_int mm_do_pam_account(void);
  72. void *mm_sshpam_init_ctx(struct Authctxt *);
  73. int mm_sshpam_query(void *, char **, char **, u_int *, char ***, u_int **);
  74. int mm_sshpam_respond(void *, u_int, char **);
  75. void mm_sshpam_free_ctx(void *);
  76. #endif
  77. #ifdef SSH_AUDIT_EVENTS
  78. #include "audit.h"
  79. void mm_audit_event(struct ssh *, ssh_audit_event_t);
  80. int mm_audit_run_command(struct ssh *ssh, const char *);
  81. void mm_audit_end_command(struct ssh *ssh, int, const char *);
  82. void mm_audit_unsupported_body(struct ssh *, int);
  83. void mm_audit_kex_body(struct ssh *, int, char *, char *, char *, char *, pid_t, uid_t);
  84. void mm_audit_session_key_free_body(struct ssh *, int, pid_t, uid_t);
  85. void mm_audit_destroy_sensitive_data(struct ssh *, const char *, pid_t, uid_t);
  86. #endif
  87. struct Session;
  88. void mm_terminate(void);
  89. int mm_pty_allocate(int *, int *, char *, size_t);
  90. void mm_session_pty_cleanup2(struct Session *);
  91. /* Key export functions */
  92. struct newkeys *mm_newkeys_from_blob(u_char *, int);
  93. int mm_newkeys_to_blob(int, u_char **, u_int *);
  94. void mm_send_keystate(struct ssh *, struct monitor*);
  95. /* bsdauth */
  96. int mm_bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **);
  97. int mm_bsdauth_respond(void *, u_int, char **);
  98. #endif /* _MM_WRAP_H_ */