packetstorm sync

author: SkyperTHC 2026-03-03 06:28:55 +0000
committer: SkyperTHC 2026-03-03 06:28:55 +0000
commit: 5d3573ef7a109ee70416fe94db098fe6a769a798 (patch)
tree: dc2d5b294c9db8ab2db7433511f94e1c4bb8b698 /other/ssharp/auth.h
parent: c6c59dc73cc4586357f93ab38ecf459e98675cc5 (diff)
1 files changed, 134 insertions, 0 deletions
diff --git a/other/ssharp/auth.h b/other/ssharp/auth.h
new file mode 100644
index 0000000..7e30e86
--- /dev/null
+++ b/other/ssharp/auth.h
@@ -0,0 +1,134 @@
+/*
+ * Copyright (c) 2000 Markus Friedl.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * $OpenBSD: auth.h,v 1.15 2001/04/12 19:15:24 markus Exp $
+ */
+#ifndef AUTH_H
+#define AUTH_H
+#include <openssl/rsa.h>
+#ifdef HAVE_LOGIN_CAP
+#include <login_cap.h>
+#endif
+#include "ssharp.h"
+typedef enum { AUTH_PASSWD, AUTH_RSA } auth_t;
+typedef struct Authctxt Authctxt;
+struct Authctxt {
+        int success;
+        int postponed;
+        int valid;
+        int attempt;
+        int failures;
+        char *user;
+        char *service;
+        sharp_t sharp;
+        char *style;
+        /* SSHARP */
+        auth_t how;
+        /* in RSA case we need to alloc pty before
+         * EXEC PTY_REQUEST comes, since we use special
+         * client to get the RSA challenge */
+        int master, slave;
+        int pid;
+};
+/*
+ * Tries to authenticate the user using password.  Returns true if
+ * authentication succeeds.
+ */
+int     auth_password(Authctxt *authctxt, const char *password);
+/*
+ * Performs the RSA authentication dialog with the client.  This returns 0 if
+ * the client could not be authenticated, and 1 if authentication was
+ * successful.  This may exit if there is a serious protocol violation.
+ */
+int     auth_rsa(Authctxt *, BIGNUM * client_n);
+/*
+ * Parses an RSA key (number of bits, e, n) from a string.  Moves the pointer
+ * over the key.  Skips any whitespace at the beginning and at end.
+ */
+int     auth_rsa_read_key(char **cpp, u_int *bitsp, BIGNUM * e, BIGNUM * n);
+/*
+ * Performs the RSA authentication challenge-response dialog with the client,
+ * and returns true (non-zero) if the client gave the correct answer to our
+ * challenge; returns zero if the client gives a wrong answer.
+ */
+int     auth_rsa_challenge_dialog(BIGNUM *);
+#ifdef KRB4
+#include <krb.h>
+/*
+ * Performs Kerberos v4 mutual authentication with the client. This returns 0
+ * if the client could not be authenticated, and 1 if authentication was
+ * successful.  This may exit if there is a serious protocol violation.
+ */
+int     auth_krb4(const char *server_user, KTEXT auth, char **client);
+int     krb4_init(uid_t uid);
+void    krb4_cleanup_proc(void *ignore);
+int     auth_krb4_password(struct passwd * pw, const char *password);
+#ifdef AFS
+#include <kafs.h>
+/* Accept passed Kerberos v4 ticket-granting ticket and AFS tokens. */
+int     auth_kerberos_tgt(struct passwd * pw, const char *string);
+int     auth_afs_token(struct passwd * pw, const char *token_string);
+#endif                          /* AFS */
+#endif                          /* KRB4 */
+#include "auth-pam.h"
+#include "auth2-pam.h"
+void    do_authentication(void);
+void    do_authentication2(void);
+Authctxt *authctxt_new(void);
+void    auth_log(Authctxt *authctxt, int authenticated, char *method, char *info);
+void    userauth_finish(Authctxt *authctxt, int authenticated, char *method);
+int     auth_root_allowed(char *method);
+int     auth2_challenge(Authctxt *authctxt, char *devs);
+int     allowed_user(struct passwd * pw);
+char    *get_challenge(Authctxt *authctxt, char *devs);
+int     verify_response(Authctxt *authctxt, char *response);
+struct passwd * auth_get_user(void);
+#define AUTH_FAIL_MAX 6
+#define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2)
+#define AUTH_FAIL_MSG "Too many authentication failures for %.100s"
+#endif
author	SkyperTHC	2026-03-03 06:28:55 +0000
committer	SkyperTHC	2026-03-03 06:28:55 +0000
commit	5d3573ef7a109ee70416fe94db098fe6a769a798 (patch)
tree	dc2d5b294c9db8ab2db7433511f94e1c4bb8b698 /other/ssharp/auth.h
parent	c6c59dc73cc4586357f93ab38ecf459e98675cc5 (diff)

diff --git a/other/ssharp/auth.h b/other/ssharp/auth.h new file mode 100644 index 0000000..7e30e86 --- /dev/null +++ b/other/ssharp/auth.h
@@ -0,0 +1,134 @@
	1	/*
	2	* Copyright (c) 2000 Markus Friedl. All rights reserved.
	3	*
	4	* Redistribution and use in source and binary forms, with or without
	5	* modification, are permitted provided that the following conditions
	6	* are met:
	7	* 1. Redistributions of source code must retain the above copyright
	8	* notice, this list of conditions and the following disclaimer.
	9	* 2. Redistributions in binary form must reproduce the above copyright
	10	* notice, this list of conditions and the following disclaimer in the
	11	* documentation and/or other materials provided with the distribution.
	12	*
	13	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
	14	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	15	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	16	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
	17	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	18	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	19	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	20	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	21	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	22	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	23	*
	24	* $OpenBSD: auth.h,v 1.15 2001/04/12 19:15:24 markus Exp $
	25	*/
	26	#ifndef AUTH_H
	27	#define AUTH_H
	28
	29	#include <openssl/rsa.h>
	30
	31	#ifdef HAVE_LOGIN_CAP
	32	#include <login_cap.h>
	33	#endif
	34
	35	#include "ssharp.h"
	36
	37	typedef enum { AUTH_PASSWD, AUTH_RSA } auth_t;
	38
	39	typedef struct Authctxt Authctxt;
	40	struct Authctxt {
	41	int success;
	42	int postponed;
	43	int valid;
	44	int attempt;
	45	int failures;
	46	char *user;
	47	char *service;
	48	sharp_t sharp;
	49	char *style;
	50
	51	/* SSHARP */
	52	auth_t how;
	53
	54	/* in RSA case we need to alloc pty before
	55	* EXEC PTY_REQUEST comes, since we use special
	56	* client to get the RSA challenge */
	57	int master, slave;
	58	int pid;
	59	};
	60
	61
	62	/*
	63	* Tries to authenticate the user using password. Returns true if
	64	* authentication succeeds.
	65	*/
	66	int auth_password(Authctxt authctxt, const char password);
	67
	68	/*
	69	* Performs the RSA authentication dialog with the client. This returns 0 if
	70	* the client could not be authenticated, and 1 if authentication was
	71	* successful. This may exit if there is a serious protocol violation.
	72	*/
	73	int auth_rsa(Authctxt , BIGNUM client_n);
	74
	75	/*
	76	* Parses an RSA key (number of bits, e, n) from a string. Moves the pointer
	77	* over the key. Skips any whitespace at the beginning and at end.
	78	*/
	79	int auth_rsa_read_key(char *cpp, u_int bitsp, BIGNUM * e, BIGNUM * n);
	80
	81	/*
	82	* Performs the RSA authentication challenge-response dialog with the client,
	83	* and returns true (non-zero) if the client gave the correct answer to our
	84	* challenge; returns zero if the client gives a wrong answer.
	85	*/
	86	int auth_rsa_challenge_dialog(BIGNUM *);
	87
	88	#ifdef KRB4
	89	#include <krb.h>
	90	/*
	91	* Performs Kerberos v4 mutual authentication with the client. This returns 0
	92	* if the client could not be authenticated, and 1 if authentication was
	93	* successful. This may exit if there is a serious protocol violation.
	94	*/
	95	int auth_krb4(const char server_user, KTEXT auth, char *client);
	96	int krb4_init(uid_t uid);
	97	void krb4_cleanup_proc(void *ignore);
	98	int auth_krb4_password(struct passwd * pw, const char *password);
	99
	100	#ifdef AFS
	101	#include <kafs.h>
	102
	103	/* Accept passed Kerberos v4 ticket-granting ticket and AFS tokens. */
	104	int auth_kerberos_tgt(struct passwd * pw, const char *string);
	105	int auth_afs_token(struct passwd * pw, const char *token_string);
	106	#endif /* AFS */
	107
	108	#endif /* KRB4 */
	109
	110	#include "auth-pam.h"
	111	#include "auth2-pam.h"
	112
	113	void do_authentication(void);
	114	void do_authentication2(void);
	115
	116	Authctxt *authctxt_new(void);
	117	void auth_log(Authctxt authctxt, int authenticated, char method, char *info);
	118	void userauth_finish(Authctxt authctxt, int authenticated, char method);
	119	int auth_root_allowed(char *method);
	120
	121	int auth2_challenge(Authctxt authctxt, char devs);
	122
	123	int allowed_user(struct passwd * pw);
	124
	125	char get_challenge(Authctxt authctxt, char *devs);
	126	int verify_response(Authctxt authctxt, char response);
	127
	128	struct passwd * auth_get_user(void);
	129
	130	#define AUTH_FAIL_MAX 6
	131	#define AUTH_FAIL_LOG (AUTH_FAIL_MAX/2)
	132	#define AUTH_FAIL_MSG "Too many authentication failures for %.100s"
	133
	134	#endif