enum {
/*
- * SSH ciphers (both SSH1 and SSH2)
+ * SSH ciphers (both SSH-1 and SSH-2)
*/
CIPHER_WARN, /* pseudo 'cipher' */
CIPHER_3DES,
CIPHER_BLOWFISH,
- CIPHER_AES, /* (SSH 2 only) */
+ CIPHER_AES, /* (SSH-2 only) */
CIPHER_DES,
CIPHER_MAX /* no. ciphers (inc warn) */
};
int ssh_rekey_time; /* in minutes */
char ssh_rekey_data[16];
int agentfwd;
- int change_username; /* allow username switching in SSH2 */
+ int change_username; /* allow username switching in SSH-2 */
int ssh_cipherlist[CIPHER_MAX];
Filename keyfile;
int sshprot; /* use v1 or v2 when both available */
- int ssh2_des_cbc; /* "des-cbc" nonstandard SSH2 cipher */
+ int ssh2_des_cbc; /* "des-cbc" unrecommended SSH-2 cipher */
int try_tis_auth;
int try_ki_auth;
int ssh_subsys; /* run a subsystem rather than a command */
int x11_auth;
/* port forwarding */
int lport_acceptall; /* accept conns from hosts other than localhost */
- int rport_acceptall; /* same for remote forwarded ports (SSH2 only) */
+ int rport_acceptall; /* same for remote forwarded ports (SSH-2 only) */
/*
* The port forwarding string contains a number of
* NUL-terminated substrings, terminated in turn by an empty
* Exports from windlg.c
*/
void logevent(void *frontend, const char *);
-void verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
- char *keystr, char *fingerprint);
-void askalg(void *frontend, const char *algtype, const char *algname);
-int askappend(void *frontend, Filename filename);
+/*
+ * verify_ssh_host_key() can return one of three values:
+ *
+ * - +1 means `key was OK' (either already known or the user just
+ * approved it) `so continue with the connection'
+ *
+ * - 0 means `key was not OK, abandon the connection'
+ *
+ * - -1 means `I've initiated enquiries, please wait to be called
+ * back via the provided function with a result that's either 0
+ * or +1'.
+ */
+int verify_ssh_host_key(void *frontend, char *host, int port, char *keytype,
+ char *keystr, char *fingerprint,
+ void (*callback)(void *ctx, int result), void *ctx);
+/*
+ * askalg has the same set of return values as verify_ssh_host_key.
+ */
+int askalg(void *frontend, const char *algtype, const char *algname,
+ void (*callback)(void *ctx, int result), void *ctx);
+/*
+ * askappend can return four values:
+ *
+ * - 2 means overwrite the log file
+ * - 1 means append to the log file
+ * - 0 means cancel logging for this session
+ * - -1 means please wait.
+ */
+int askappend(void *frontend, Filename filename,
+ void (*callback)(void *ctx, int result), void *ctx);
/*
* Exports from console.c (that aren't equivalents to things in