1 /* $NetBSD: monitor_wrap.h,v 1.27 2026/04/08 18:58:41 christos Exp $ */ 2 /* $OpenBSD: monitor_wrap.h,v 1.54 2026/03/02 02:40:15 djm Exp $ */ 3 4 /* 5 * Copyright 2002 Niels Provos <provos (at) citi.umich.edu> 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 22 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 23 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 24 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 25 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 26 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29 #ifndef _MM_WRAP_H_ 30 #define _MM_WRAP_H_ 31 32 #define MONITOR_MAX_MSGLEN (4 * 1024 * 1024) 33 /* The configuration has to fit in a monitor message along with other state */ 34 #define MONITOR_MAX_CFGLEN (MONITOR_MAX_MSGLEN - (64 * 1024)) 35 36 enum mm_keytype { MM_NOKEY, MM_HOSTKEY, MM_USERKEY }; 37 38 struct ssh; 39 struct monitor; 40 struct Authctxt; 41 struct sshkey; 42 struct sshauthopt; 43 struct sshkey_sig_details; 44 45 void mm_log_handler(LogLevel, int, const char *, void *); 46 int mm_is_monitor(void); 47 #ifdef WITH_OPENSSL 48 DH *mm_choose_dh(int, int, int); 49 #endif 50 void mm_sshkey_setcompat(struct ssh *); 51 int mm_sshkey_sign(struct ssh *, struct sshkey *, u_char **, size_t *, 52 const u_char *, size_t, const char *, const char *, 53 const char *, u_int compat); 54 void mm_inform_authserv(char *, char *); 55 struct passwd *mm_getpwnamallow(struct ssh *, const char *); 56 char *mm_auth2_read_banner(void); 57 int mm_auth_password(struct ssh *, const char *); 58 int mm_key_allowed(enum mm_keytype, const char *, const char *, struct sshkey *, 59 int, struct sshauthopt **); 60 int mm_user_key_allowed(struct ssh *ssh, struct passwd *, struct sshkey *, int, 61 struct sshauthopt **); 62 int mm_hostbased_key_allowed(struct ssh *, struct passwd *, const char *, 63 const char *, struct sshkey *); 64 int mm_sshkey_verify(const struct sshkey *, const u_char *, size_t, 65 const u_char *, size_t, const char *, u_int, struct sshkey_sig_details **); 66 67 void mm_decode_activate_server_options(struct ssh *ssh, struct sshbuf *m); 68 69 #ifdef GSSAPI 70 #include "ssh-gss.h" 71 72 OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); 73 OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, 74 gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); 75 int mm_ssh_gssapi_userok(char *user); 76 OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); 77 #endif 78 79 #ifdef USE_PAM 80 void mm_start_pam(struct ssh *); 81 u_int mm_do_pam_account(void); 82 void *mm_sshpam_init_ctx(struct Authctxt *); 83 int mm_sshpam_query(void *, char **, char **, u_int *, char ***, u_int **); 84 int mm_sshpam_respond(void *, u_int, char **); 85 void mm_sshpam_free_ctx(void *); 86 #endif 87 88 struct Session; 89 void mm_terminate(void); 90 int mm_pty_allocate(int *, int *, char *, size_t); 91 void mm_session_pty_cleanup2(struct Session *); 92 93 void mm_send_keystate(struct ssh *, struct monitor*); 94 95 /* state */ 96 struct include_list; 97 void mm_get_state(struct ssh *, struct include_list *, struct sshbuf *, 98 struct sshbuf **, uint64_t *, struct sshbuf **, struct sshbuf **, 99 u_char **, struct sshbuf **, struct sshbuf **); 100 101 /* bsdauth */ 102 int mm_bsdauth_query(void *, char **, char **, u_int *, char ***, u_int **); 103 int mm_bsdauth_respond(void *, u_int, char **); 104 105 /* skey */ 106 int mm_skey_query(void *, char **, char **, u_int *, char ***, u_int **); 107 int mm_skey_respond(void *, u_int, char **); 108 109 /* auth_krb */ 110 #ifdef KRB5 111 /* auth and reply are really krb5_data objects, but we don't want to 112 * include all of the krb5 headers here */ 113 int mm_auth_krb5(void *authctxt, void *auth, char **client, void *reply); 114 #endif 115 116 /* config / channels glue */ 117 void server_process_permitopen(struct ssh *); 118 void server_process_channel_timeouts(struct ssh *ssh); 119 struct connection_info * 120 server_get_connection_info(struct ssh *, int, int); 121 122 #endif /* _MM_WRAP_H_ */ 123
Indexes created Sat Jun 13 00:24:39 UTC 2026