[thirdparty/openssh-portable.git] / hostfile.h

/* $OpenBSD: hostfile.h,v 1.29 2021/01/26 00:51:30 djm Exp $ */

/*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
 *
 * As far as I am concerned, the code I have written for this software
 * can be used freely for any purpose.  Any derived versions of this
 * software must be clearly marked as such, and if the derived work is
 * incompatible with the protocol description in the RFC file, it must be
 * called by a name other than "ssh" or "Secure Shell".
 */
#ifndef HOSTFILE_H
#define HOSTFILE_H

typedef enum {
	HOST_OK, HOST_NEW, HOST_CHANGED, HOST_REVOKED, HOST_FOUND
}       HostStatus;

typedef enum {
	MRK_ERROR, MRK_NONE, MRK_REVOKE, MRK_CA
}	HostkeyMarker;

struct hostkey_entry {
	char *host;
	char *file;
	u_long line;
	struct sshkey *key;
	HostkeyMarker marker;
	u_int note; /* caller-specific note/flag */
};
struct hostkeys {
	struct hostkey_entry *entries;
	u_int num_entries;
};

struct hostkeys *init_hostkeys(void);
void	 load_hostkeys(struct hostkeys *, const char *,
    const char *, u_int);
void	 load_hostkeys_file(struct hostkeys *, const char *,
    const char *, FILE *, u_int note);
void	 free_hostkeys(struct hostkeys *);

HostStatus check_key_in_hostkeys(struct hostkeys *, struct sshkey *,
    const struct hostkey_entry **);
int	 lookup_key_in_hostkeys_by_type(struct hostkeys *, int, int,
    const struct hostkey_entry **);
int	 lookup_marker_in_hostkeys(struct hostkeys *, int);

int	 hostfile_read_key(char **, u_int *, struct sshkey *);
int	 add_host_to_hostfile(const char *, const char *,
    const struct sshkey *, int);

int	 hostfile_replace_entries(const char *filename,
    const char *host, const char *ip, struct sshkey **keys, size_t nkeys,
    int store_hash, int quiet, int hash_alg);

#define HASH_MAGIC	"|1|"
#define HASH_DELIM	'|'

#define CA_MARKER	"@cert-authority"
#define REVOKE_MARKER	"@revoked"

char	*host_hash(const char *, const char *, u_int);

/*
 * Iterate through a hostkeys file, optionally parsing keys and matching
 * hostnames. Allows access to the raw keyfile lines to allow
 * streaming edits to the file to take place.
 */
#define HKF_WANT_MATCH		(1)	/* return only matching hosts/addrs */
#define HKF_WANT_PARSE_KEY	(1<<1)	/* need key parsed */

#define HKF_STATUS_OK		0	/* Line parsed, didn't match host */
#define HKF_STATUS_INVALID	1	/* line had parse error */
#define HKF_STATUS_COMMENT	2	/* valid line contained no key */
#define HKF_STATUS_MATCHED	3	/* hostname or IP matched */

#define HKF_MATCH_HOST		(1)	/* hostname matched */
#define HKF_MATCH_IP		(1<<1)	/* address matched */
#define HKF_MATCH_HOST_HASHED	(1<<2)	/* hostname was hashed */
#define HKF_MATCH_IP_HASHED	(1<<3)	/* address was hashed */
/* XXX HKF_MATCH_KEY_TYPE? */

/*
 * The callback function receives this as an argument for each matching 
 * hostkey line. The callback may "steal" the 'key' field by setting it to NULL.
 * If a parse error occurred, then "hosts" and subsequent options may be NULL.
 */
struct hostkey_foreach_line {
	const char *path; /* Path of file */
	u_long linenum;	/* Line number */
	u_int status;	/* One of HKF_STATUS_* */
	u_int match;	/* Zero or more of HKF_MATCH_* OR'd together */
	char *line;	/* Entire key line; mutable by callback */
	int marker;	/* CA/revocation markers; indicated by MRK_* value */
	const char *hosts; /* Raw hosts text, may be hashed or list multiple */
	const char *rawkey; /* Text of key and any comment following it */
	int keytype;	/* Type of key; KEY_UNSPEC for invalid/comment lines */
	struct sshkey *key; /* Key, if parsed ok and HKF_WANT_MATCH_HOST set */
	const char *comment; /* Any comment following the key */
	u_int note;	/* caller-specified note copied from arguments */
};

/*
 * Callback fires for each line (or matching line if a HKF_WANT_* option
 * is set). The foreach loop will terminate if the callback returns a non-
 * zero exit status.
 */
typedef int hostkeys_foreach_fn(struct hostkey_foreach_line *l, void *ctx);

/* Iterate over a hostkeys file */
int hostkeys_foreach(const char *path,
    hostkeys_foreach_fn *callback, void *ctx,
    const char *host, const char *ip, u_int options, u_int note);
int hostkeys_foreach_file(const char *path, FILE *f,
    hostkeys_foreach_fn *callback, void *ctx,
    const char *host, const char *ip, u_int options, u_int note);

void hostfile_create_user_ssh_dir(const char *, int);

#endif
Commit	Line	Data
dfe18a29	1	/* $OpenBSD: hostfile.h,v 1.29 2021/01/26 00:51:30 djm Exp $ */
36579d3d	2
e4340be5 DM	3	/*
	4	* Author: Tatu Ylonen <ylo@cs.hut.fi>
	5	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	6	* All rights reserved
	7	*
	8	* As far as I am concerned, the code I have written for this software
	9	* can be used freely for any purpose. Any derived versions of this
	10	* software must be clearly marked as such, and if the derived work is
	11	* incompatible with the protocol description in the RFC file, it must be
	12	* called by a name other than "ssh" or "Secure Shell".
	13	*/
450a7a1f DM	14	#ifndef HOSTFILE_H
	15	#define HOSTFILE_H
	16
450a7a1f	17	typedef enum {
1aed65eb	18	HOST_OK, HOST_NEW, HOST_CHANGED, HOST_REVOKED, HOST_FOUND
450a7a1f	19	} HostStatus;
46c16220	20
d925dcd8 DM	21	typedef enum {
	22	MRK_ERROR, MRK_NONE, MRK_REVOKE, MRK_CA
	23	} HostkeyMarker;
	24
	25	struct hostkey_entry {
	26	char *host;
	27	char *file;
	28	u_long line;
1129dcfc	29	struct sshkey *key;
d925dcd8	30	HostkeyMarker marker;
b4c7cd11	31	u_int note; /* caller-specific note/flag */
d925dcd8	32	};
dfe18a29	33	struct hostkeys {
	34	struct hostkey_entry *entries;
	35	u_int num_entries;
	36	};
d925dcd8 DM	37
d925dcd8 DM	38	struct hostkeys *init_hostkeys(void);
b4c7cd11	39	void load_hostkeys(struct hostkeys , const char ,
	40	const char *, u_int);
	41	void load_hostkeys_file(struct hostkeys , const char ,
	42	const char , FILE , u_int note);
d925dcd8 DM	43	void free_hostkeys(struct hostkeys *);
d925dcd8 DM	44
1129dcfc	45	HostStatus check_key_in_hostkeys(struct hostkeys , struct sshkey ,
d925dcd8	46	const struct hostkey_entry **);
af889a40	47	int lookup_key_in_hostkeys_by_type(struct hostkeys *, int, int,
d925dcd8	48	const struct hostkey_entry **);
05a65140	49	int lookup_marker_in_hostkeys(struct hostkeys *, int);
d925dcd8	50
1129dcfc	51	int hostfile_read_key(char *, u_int , struct sshkey *);
	52	int add_host_to_hostfile(const char , const char ,
	53	const struct sshkey *, int);
450a7a1f	54
6c5c9497	55	int hostfile_replace_entries(const char *filename,
	56	const char host, const char ip, struct sshkey **keys, size_t nkeys,
	57	int store_hash, int quiet, int hash_alg);
8d4f8725	58
e1776155 DM	59	#define HASH_MAGIC "\|1\|"
	60	#define HASH_DELIM '\|'
	61
0a80ca19	62	#define CA_MARKER "@cert-authority"
1aed65eb	63	#define REVOKE_MARKER "@revoked"
0a80ca19	64
e1776155 DM	65	char host_hash(const char , const char *, u_int);
e1776155 DM	66
c29811cc	67	/*
	68	* Iterate through a hostkeys file, optionally parsing keys and matching
	69	* hostnames. Allows access to the raw keyfile lines to allow
	70	* streaming edits to the file to take place.
	71	*/
6c5c9497	72	#define HKF_WANT_MATCH (1) /* return only matching hosts/addrs */
c29811cc	73	#define HKF_WANT_PARSE_KEY (1<<1) /* need key parsed */
c29811cc	74
6c5c9497	75	#define HKF_STATUS_OK 0 /* Line parsed, didn't match host */
	76	#define HKF_STATUS_INVALID 1 /* line had parse error */
	77	#define HKF_STATUS_COMMENT 2 /* valid line contained no key */
	78	#define HKF_STATUS_MATCHED 3 /* hostname or IP matched */
	79
	80	#define HKF_MATCH_HOST (1) /* hostname matched */
	81	#define HKF_MATCH_IP (1<<1) /* address matched */
	82	#define HKF_MATCH_HOST_HASHED (1<<2) /* hostname was hashed */
	83	#define HKF_MATCH_IP_HASHED (1<<3) /* address was hashed */
	84	/* XXX HKF_MATCH_KEY_TYPE? */
c29811cc	85
	86	/*
	87	* The callback function receives this as an argument for each matching
	88	* hostkey line. The callback may "steal" the 'key' field by setting it to NULL.
	89	* If a parse error occurred, then "hosts" and subsequent options may be NULL.
	90	*/
	91	struct hostkey_foreach_line {
	92	const char path; / Path of file */
	93	u_long linenum; /* Line number */
6c5c9497	94	u_int status; /* One of HKF_STATUS_* */
6c5c9497	95	u_int match; /* Zero or more of HKF_MATCH_* OR'd together */
c29811cc	96	char line; / Entire key line; mutable by callback */
	97	int marker; /* CA/revocation markers; indicated by MRK_* value */
	98	const char hosts; / Raw hosts text, may be hashed or list multiple */
c29811cc	99	const char rawkey; / Text of key and any comment following it */
6c5c9497	100	int keytype; /* Type of key; KEY_UNSPEC for invalid/comment lines */
c29811cc	101	struct sshkey key; / Key, if parsed ok and HKF_WANT_MATCH_HOST set */
c29811cc	102	const char comment; / Any comment following the key */
b4c7cd11	103	u_int note; /* caller-specified note copied from arguments */
c29811cc	104	};
	105
	106	/*
	107	* Callback fires for each line (or matching line if a HKF_WANT_* option
	108	* is set). The foreach loop will terminate if the callback returns a non-
	109	* zero exit status.
	110	*/
	111	typedef int hostkeys_foreach_fn(struct hostkey_foreach_line l, void ctx);
	112
6c5c9497	113	/* Iterate over a hostkeys file */
b4c7cd11	114	int hostkeys_foreach(const char *path,
	115	hostkeys_foreach_fn callback, void ctx,
	116	const char host, const char ip, u_int options, u_int note);
	117	int hostkeys_foreach_file(const char path, FILE f,
	118	hostkeys_foreach_fn callback, void ctx,
	119	const char host, const char ip, u_int options, u_int note);
c29811cc	120
74344c3c	121	void hostfile_create_user_ssh_dir(const char *, int);
74344c3c	122
450a7a1f	123	#endif