tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,353 Commits 6 Branches 20 Tags 98 MiB
Commit Graph

66 Commits

Author SHA1 Message Date
Kevin Steves 38c4a28a7e - (stevesk) [auth1.c] fix password auth for protocol 1 when 
!USE_PAM && !HAVE_OSF_SIA; merge issue.
 2002-04-02 03:24:56 +00:00
Ben Lindstrom 53f1830d6a - (bal) 'pw' should be 'authctxt->pw' in auth1.c spotted by 
kent@lysator.liu.se
 2002-03-27 16:50:03 +00:00
Ben Lindstrom 7ebb635d81 - markus@cvs.openbsd.org 2002/03/19 14:27:39 
[auth.c auth1.c auth2.c]
     make getpwnamallow() allways call pwcopy()
 2002-03-22 03:04:08 +00:00
Ben Lindstrom 7a2073c50b - provos@cvs.openbsd.org 2002/03/18 17:50:31 
[auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h
      auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c
      session.h servconf.h serverloop.c session.c sshd.c]
     integrate privilege separated openssh; its turned off by default for now.
     work done by me and markus@

applied, but outside of ensure that smaller code bits migrated with
their owners.. no work was tried to 'fix' it to work. =)  Later project!
 2002-03-22 02:30:41 +00:00
Ben Lindstrom 73ab9ba45d - provos@cvs.openbsd.org 2002/03/18 01:12:14 
[auth.h auth1.c auth2.c sshd.c]
     have the authentication functions return the authentication context
     and then do_authenticated; okay millert@
 2002-03-22 01:27:35 +00:00
Ben Lindstrom 2ae18f40a7 - provos@cvs.openbsd.org 2002/03/17 20:25:56 
[auth.c auth.h auth1.c auth2.c]
     getpwnamallow returns struct passwd * only if user valid; okay markus@
 2002-03-22 01:24:38 +00:00
Damien Miller 3a5b023330 Stupid djm commits experimental code to head instead of branch 
revert
 2002-03-13 13:19:42 +11:00
Damien Miller 646e7cf3d7 Import of Niels Provos' 20020312 ssh-complete.diff 
PAM, Cygwin and OSF SIA will not work for sure
 2002-03-13 12:47:54 +11:00
Damien Miller 72476d4b24 - (djm) Bug #114 - not starting PAM for SSH protocol 1 invalid users 2002-02-14 20:39:49 +11:00
Damien Miller f3451a2181 - (djm) Cleanup after sync: 
- :%s/reverse_mapping_check/verify_reverse_mapping/g
 2002-02-05 12:40:46 +11:00
Damien Miller c7ef63dd41 - markus@cvs.openbsd.org 2002/02/03 17:53:25 
[auth1.c serverloop.c session.c session.h]
     don't use channel_input_channel_request and callback
     use new server_input_channel_req() instead:
     	server_input_channel_req does generic request parsing on server side
     	session_input_channel_req handles just session specific things now
     ok djm@
 2002-02-05 12:21:42 +11:00
Damien Miller dff5099f13 - markus@cvs.openbsd.org 2001/12/28 14:50:54 
[auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshconnect2.c sshd.c]
     packet_read* no longer return the packet length, since it's not used.
 2002-01-22 23:16:32 +11:00
Damien Miller d432ccf740 - markus@cvs.openbsd.org 2001/12/28 13:57:33 
[auth1.c kexdh.c kexgex.c packet.c packet.h sshconnect1.c sshd.c]
     packet_get_bignum* no longer returns a size
 2002-01-22 23:14:44 +11:00
Damien Miller 48b03fc546 - markus@cvs.openbsd.org 2001/12/27 20:39:58 
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
     get rid of packet_integrity_check, use packet_done() instead.
 2002-01-22 23:11:40 +11:00
Damien Miller 66823cddbe - markus@cvs.openbsd.org 2001/12/27 20:39:58 
[auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
     get rid of packet_integrity_check, use packet_done() instead.
 2002-01-22 23:11:38 +11:00
Damien Miller d221ca6cc9 - markus@cvs.openbsd.org 2001/12/27 19:54:53 
[auth1.c auth.h auth-rh-rsa.c]
     auth_rhosts_rsa now accept generic keys.
 2002-01-22 23:11:00 +11:00
Damien Miller da7551677b - markus@cvs.openbsd.org 2001/12/27 18:22:16 
[auth1.c authfile.c auth-rsa.c dh.c kexdh.c kexgex.c key.c rsa.c scard.c ssh-agent.c sshconnect1.c sshd.c ssh-dss.c]
     call fatal() for openssl allocation failures
 2002-01-22 23:09:22 +11:00
Damien Miller aef7a095c8 - markus@cvs.openbsd.org 2001/12/25 18:53:00 
[auth1.c]
     be more carefull on allocation
 2002-01-22 23:07:52 +11:00
Damien Miller 0dea79d6b6 - (djm) Apply Cygwin pointer deref fix from Corinna Vinschen 
<vinschen@redhat.com> Could be abused to guess valid usernames
 2001-12-29 14:08:28 +11:00
Damien Miller 9f0f5c64bc - deraadt@cvs.openbsd.org 2001/12/19 07:18:56 
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
     [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
     [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
     [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
     [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
     [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
     [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
     [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
     basic KNF done while i was looking for something else
 2001-12-21 14:45:46 +11:00
Ben Lindstrom 3c36bb29ca - itojun@cvs.openbsd.org 2001/12/05 03:56:39 
[auth1.c auth2.c canohost.c channels.c deattack.c packet.c scp.c
      sshconnect2.c]
     make it compile with more strict prototype checking
 2001-12-06 17:55:26 +00:00
Damien Miller e49d0966b5 - (djm) AIX login{success,failed} changes. Move loginsuccess call to 
do_authenticated. Call loginfailed for protocol 2 failures > MAX like
   we do for protocol 1. Reports from Ralf Wenk <wera0003@fh-karlsruhe.de>,
   K.Wolkersdorfer@fz-juelich.de and others
 2001-11-13 23:46:18 +11:00
Damien Miller 056ca1eb47 - (djm) Fix early (and double) free of remote user when using Kerberos. 
Patch from Simon Wilkinson <simon@sxw.org.uk>
 2001-11-13 11:20:07 +11:00
Ben Lindstrom ec95ed9b4c - dugsong@cvs.openbsd.org 2001/06/26 16:15:25 
[auth1.c auth.h auth-krb4.c auth-passwd.c readconf.c readconf.h
      servconf.c servconf.h session.c sshconnect1.c sshd.c]
     Kerberos v5 support for SSH1, mostly from Assar Westerlund
     <assar@freebsd.org> and Bjorn Gronvall <bg@sics.se>. markus@ ok
 2001-07-04 04:21:14 +00:00
Ben Lindstrom bba81213b9 - itojun@cvs.openbsd.org 2001/06/23 15:12:20 
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
      canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
      hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
      readpass.c scp.c servconf.c serverloop.c session.c sftp.c
      sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
      ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
      ssh-keygen.c ssh-keyscan.c]
     more strict prototypes.  raise warning level in Makefile.inc.
     markus ok'ed
     TODO; cleanup headers
 2001-06-25 05:01:22 +00:00
Ben Lindstrom 551ea37576 - markus@cvs.openbsd.org 2001/05/18 14:13:29 
[auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c
      readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c]
     improved kbd-interactive support. work by per@appgate.com and me
 2001-06-05 18:56:16 +00:00
Ben Lindstrom 9e2057cb34 - markus@cvs.openbsd.org 2001/03/23 12:02:49 
[auth1.c]
     authctxt is now passed to do_authenticated
 2001-03-24 00:37:59 +00:00
Ben Lindstrom b31783d547 - markus@cvs.openbsd.org 2001/03/21 11:43:45 
[auth1.c auth2.c session.c session.h]
     merge common ssh v1/2 code
 2001-03-22 02:02:12 +00:00
Ben Lindstrom eebc4a2ed3 - (bal) auth-chall.c auth-passwd.c auth.h auth1.c auth2.c session.c CVS ID 
resync
 2001-03-22 01:22:03 +00:00
Ben Lindstrom a038498797 - stevesk@cvs.openbsd.org 2001/03/08 18:47:12 
[auth1.c]
     unused; ok markus@
 2001-03-08 20:37:22 +00:00
Ben Lindstrom 086cf214cf - markus@cvs.openbsd.org 2001/02/22 21:59:44 
[auth.c auth.h auth1.c auth2.c misc.c misc.h ssh.c]
     use pwcopy in ssh.c, too
 2001-03-05 05:56:40 +00:00
Damien Miller 60396b060b - (djm) Merge BSD_AUTH support from Markus Friedl and David J. MacKenzie 
enable with --with-bsd-auth.
 2001-02-18 17:01:00 +11:00
Ben Lindstrom c1ba31fadc - markus@cvs.openssh.org 2001/02/13 22:49:40 
[auth1.c auth2.c]
    setproctitle(user) only if getpwnam succeeds
 2001-02-15 03:14:11 +00:00
Ben Lindstrom d8a9021f36 - markus@cvs.openbsd.org 2001/02/12 16:16:23 
[auth-passwd.c auth.c auth.h auth1.c auth2.c servconf.c servconf.h
      ssh-keygen.c sshd.8]
     PermitRootLogin={yes,without-password,forced-commands-only,no}
     (before this change, root could login even if PermitRootLogin==no)
 2001-02-15 03:08:27 +00:00
Damien Miller 92ddb7d6f0 - (djm) Split out and improve OSF SIA auth code. Patch from Chris Adams 
<cmadams@hiwaay.net> with a little modification and KNF.
 2001-02-14 01:25:23 +11:00
Kevin Steves bca8c8f3a1 - (stevesk) auth1.c: fix PAM passwordless check. 2001-02-13 11:26:21 +00:00
Damien Miller 61ce036c4a - (djm) Fix OSF SIA auth NULL pointer deref. Report from Mike Battersby 
<mib@unimelb.edu.au>
 2001-02-12 18:02:23 +11:00
Ben Lindstrom f79aeffe3b - markus@cvs.openbsd.org 2001/02/07 22:35:46 
[auth1.c auth2.c sshd.c]
     move k_setpag() to a central place; ok dugsong@
 2001-02-10 21:27:11 +00:00
Kevin Steves ef4eea9bad - stevesk@cvs.openbsd.org 2001/02/04 08:32:27 
[many files; did this manually to our top-level source dir]
     unexpand and remove end-of-line whitespace; ok markus@
 2001-02-05 12:42:17 +00:00
Ben Lindstrom d2ddda4efa - (bal) AIX patch for auth1.c by William L. Jones <jones@hpc.utexas.edu> 2001-02-04 21:57:11 +00:00
Damien Miller 3380426358 NB: big update - may break stuff. Please test! 
- (djm) OpenBSD CVS sync:
   - markus@cvs.openbsd.org  2001/02/03 03:08:38
     [auth-options.c auth-rh-rsa.c auth-rhosts.c auth.c canohost.c]
     [canohost.h servconf.c servconf.h session.c sshconnect1.c sshd.8]
     [sshd_config]
     make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@
   - markus@cvs.openbsd.org  2001/02/03 03:19:51
     [ssh.1 sshd.8 sshd_config]
     Skey is now called ChallengeResponse
   - markus@cvs.openbsd.org  2001/02/03 03:43:09
     [sshd.8]
     use no-pty option in .ssh/authorized_keys* if you need a 8-bit clean
     channel. note from Erik.Anggard@cygate.se (pr/1659)
   - stevesk@cvs.openbsd.org 2001/02/03 10:03:06
     [ssh.1]
     typos; ok markus@
   - djm@cvs.openbsd.org     2001/02/04 04:11:56
     [scp.1 sftp-server.c ssh.1 sshd.8 sftp-client.c sftp-client.h]
     [sftp-common.c sftp-common.h sftp-int.c sftp-int.h sftp.1 sftp.c]
     Basic interactive sftp client; ok theo@
 - (djm) Update RPM specs for new sftp binary
 - (djm) Update several bits for new optional reverse lookup stuff. I
   think I got them all.
 2001-02-04 23:20:18 +11:00
Kevin Steves 12aaa04e96 whitespace sync, cleanup 2001-01-24 21:23:39 +00:00
Ben Lindstrom 95fb2dde77 - markus@cvs.openbsd.org 2001/01/22 23:06:39 
[auth1.c auth2.c readconf.c readconf.h servconf.c servconf.h
      sshconnect1.c sshconnect2.c sshd.c]
     rename skey -> challenge response.
     auto-enable kbd-interactive for ssh2 if challenge-reponse is enabled.
 2001-01-23 03:12:10 +00:00
Ben Lindstrom 226cfa0378 Hopefully things did not get mixed around too much. It compiles under 
Linux and works.  So that is at least a good sign. =)
20010122
 - (bal) OpenBSD Resync
   - markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus
     [servconf.c ssh.h sshd.c]
     only auth-chall.c needs #ifdef SKEY
   - markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus
     [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
      auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
      packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
      session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
      ssh1.h sshconnect1.c sshd.c ttymodes.c]
     move ssh1 definitions to ssh1.h, pathnames to pathnames.h
   - markus@cvs.openbsd.org 2001/01/19 16:48:14
     [sshd.8]
     fix typo; from stevesk@
   - markus@cvs.openbsd.org 2001/01/19 16:50:58
     [ssh-dss.c]
     clear and free digest, make consistent with other code (use dlen); from
     stevesk@
   - markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus
     [auth-options.c auth-options.h auth-rsa.c auth2.c]
     pass the filename to auth_parse_options()
   - markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001
     [readconf.c]
     fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com
   - stevesk@cvs.openbsd.org 2001/01/20 18:20:29
     [sshconnect2.c]
     dh_new_group() does not return NULL.  ok markus@
   - markus@cvs.openbsd.org 2001/01/20 21:33:42
     [ssh-add.c]
     do not loop forever if askpass does not exist; from
     andrew@pimlott.ne.mediaone.net
   - djm@cvs.openbsd.org 2001/01/20 23:00:56
     [servconf.c]
     Check for NULL return from strdelim; ok markus
   - djm@cvs.openbsd.org 2001/01/20 23:02:07
     [readconf.c]
     KNF; ok markus
   - jakob@cvs.openbsd.org 2001/01/21 9:00:33
     [ssh-keygen.1]
     remove -R flag; ok markus@
   - markus@cvs.openbsd.org 2001/01/21 19:05:40
     [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
      auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
      auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
      bufaux.c  bufaux.h buffer.c canahost.c canahost.h channels.c
      cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
      deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
      key.c key.h log-client.c log-server.c log.c log.h login.c login.h
      match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
      readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
      session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
      ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
      sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
      ttysmodes.c uidswap.c xmalloc.c]
     split ssh.h and try to cleanup the #include mess. remove unnecessary
     #includes.  rename util.[ch] -> misc.[ch]
 - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
 - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
   conflict when compiling for non-kerb install
 - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
   on 1/19.
 2001-01-22 05:34:40 +00:00
Ben Lindstrom cf0809d644 Removed one more 'ISSUE' comment in auth1.c 
20010120
 - (bal) OpenBSD Resync
   - markus@cvs.openbsd.org 2001/01/19 12:45:26
     [ssh-chall.c servconf.c servconf.h ssh.h sshd.c]
     only auth-chall.c needs #ifdef SKEY
 2001-01-19 15:44:10 +00:00
Ben Lindstrom 5dc81502cb - (bal) Minor cygwin patch to auth1.c. Suggested by djm. 2001-01-19 06:10:29 +00:00
Ben Lindstrom b100ec9542 - (bal) Updated contrib/cygwin/ by Corinna Vinschen <vinschen@redhat.com> 
Also removed some of the 'ISSUES' comments that have been verified by djm.
 2001-01-19 05:37:32 +00:00
Damien Miller 22e22bf9ba - (djm) Merge patch from Tim Waugh (via Nalin Dahyabhai <nalin@redhat.com>) 
to fix NULL pointer deref and fake authloop breakage in PAM code.
 2001-01-19 15:46:38 +11:00
Ben Lindstrom db65e8fded Please grep through the source and look for 'ISSUE' comments and verify 
that I was able to get all the portable bits in the right location.  As for
the SKEY comment there is an email out to Markus as to how it should be
resolved.  Until then I just #ifdef SKEY/#endif out the whole block.

 - (bal) OpenBSD Resync
   - markus@cvs.openbsd.org 2001/01/18 16:20:21
     [log-client.c log-server.c log.c readconf.c servconf.c ssh.1 ssh.h
      sshd.8 sshd.c]
     log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many
     systems
   - markus@cvs.openbsd.org 2001/01/18 16:59:59
     [auth-passwd.c auth.c auth.h auth1.c auth2.c serverloop.c session.c
      session.h sshconnect1.c]
     1) removes fake skey from sshd, since this will be much
        harder with /usr/libexec/auth/login_XXX
     2) share/unify code used in ssh-1 and ssh-2 authentication (server side)
     3) make addition of BSD_AUTH and other challenge reponse methods
        easier.
   - markus@cvs.openbsd.org 2001/01/18 17:12:43
     [auth-chall.c auth2-chall.c]
     rename *-skey.c *-chall.c since the files are not skey specific
 2001-01-19 04:26:52 +00:00
Kevin Steves 99a0563fd5 - (stevesk) auth1.c: free should be after WITH_AIXAUTHENTICATE 
code.
 2001-01-08 20:54:36 +00:00