diff options
| author | Damien Miller <djm@mindrot.org> | 2010-03-04 11:53:35 +0100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2010-03-04 11:53:35 +0100 |
| commit | 1aed65eb27feec505997c98621bdf158f9ab8b99 (patch) | |
| tree | 81c2d0b9aff3c2211388ba00cde544e0618750d2 /hostfile.h | |
| parent | - djm@cvs.openbsd.org 2010/03/04 01:44:57 (diff) | |
| download | openssh-1aed65eb27feec505997c98621bdf158f9ab8b99.tar.xz openssh-1aed65eb27feec505997c98621bdf158f9ab8b99.zip | |
- djm@cvs.openbsd.org 2010/03/04 10:36:03
[auth-rh-rsa.c auth-rsa.c auth.c auth.h auth2-hostbased.c auth2-pubkey.c]
[authfile.c authfile.h hostfile.c hostfile.h servconf.c servconf.h]
[ssh-keygen.c ssh.1 sshconnect.c sshd_config.5]
Add a TrustedUserCAKeys option to sshd_config to specify CA keys that
are trusted to authenticate users (in addition than doing it per-user
in authorized_keys).
Add a RevokedKeys option to sshd_config and a @revoked marker to
known_hosts to allow keys to me revoked and banned for user or host
authentication.
feedback and ok markus@
Diffstat (limited to 'hostfile.h')
| -rw-r--r-- | hostfile.h | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/hostfile.h b/hostfile.h index ebac1e4f1..1d460c1a9 100644 --- a/hostfile.h +++ b/hostfile.h @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.h,v 1.17 2010/02/26 20:29:54 djm Exp $ */ +/* $OpenBSD: hostfile.h,v 1.18 2010/03/04 10:36:03 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -15,7 +15,7 @@ #define HOSTFILE_H typedef enum { - HOST_OK, HOST_NEW, HOST_CHANGED, HOST_FOUND + HOST_OK, HOST_NEW, HOST_CHANGED, HOST_REVOKED, HOST_FOUND } HostStatus; int hostfile_read_key(char **, u_int *, Key *); @@ -29,6 +29,7 @@ int lookup_key_in_hostfile_by_type(const char *, const char *, #define HASH_DELIM '|' #define CA_MARKER "@cert-authority" +#define REVOKE_MARKER "@revoked" char *host_hash(const char *, const char *, u_int); |