tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,404 Commits 7 Branches 18 Tags 96 MiB
Commit Graph

80 Commits

Author SHA1 Message Date
Damien Miller 47655ee03a - (djm) OpenBSD CVS Sync 
- otto@cvs.openbsd.org 2005/07/19 15:32:26
     [auth-passwd.c]
     auth_usercheck(3) can return NULL, so check for that. Report from
     mpech@. ok markus@
 2005-07-26 21:54:11 +10:00
Darren Tucker 0f5eeff23d - (dtucker) [auth-passwd.c auth-sia.h] Remove duplicate definitions of 
sys_auth_passwd, pointed out by cmadams at hiwaay.net.
 2005-04-05 21:00:47 +10:00
Darren Tucker 92170a8626 - (dtucker) [auth-passwd.c openbsd-compat/port-aix.c] Don't call 
disable_forwarding() from compat library. Prevent linker errrors trying
   to resolve it for binaries other than sshd.  ok djm@
 2005-02-09 17:08:23 +11:00
Darren Tucker 218f178cb2 - dtucker@cvs.openbsd.org 2005/01/24 11:47:13 
[auth-passwd.c]
     #if -> #ifdef so builds without HAVE_LOGIN_CAP work too; ok djm@ otto@
 2005-01-24 22:50:47 +11:00
Darren Tucker 5c14c73429 - otto@cvs.openbsd.org 2005/01/21 08:32:02 
[auth-passwd.c sshd.c]
     Warn in advance for password and account expiry; initialize loginmsg
     buffer earlier and clear it after privsep fork. ok and help dtucker@
     markus@
 2005-01-24 21:55:49 +11:00
Ben Lindstrom e35bf12eeb - (bal) [auth-passwd.c auth1.c] Clean up unused variables. 2004-06-22 03:37:11 +00:00
Darren Tucker 450a158d7e - (dtucker) [auth-pam.c auth-pam.h auth-passwd.c]: Bug #874: Re-add PAM 
support for PasswordAuthentication=yes.  ok djm@
 2004-05-30 20:43:59 +10:00
Darren Tucker 91bf45c597 - (dtucker) [auth-passwd.c auth-sia.c auth-sia.h defines.h 
openbsd-compat/xcrypt.c] Bug #802: Fix build error on Tru64 when
   configured --with-osfsia.  ok djm@
 2004-03-04 22:59:36 +11:00
Darren Tucker b4dc6c23a5 - (dtucker) [auth-passwd.c] Only check password expiry once. Prevents 
multiple warnings if a wrong password is entered.
 2004-02-22 10:23:35 +11:00
Darren Tucker cee6d4cf5a - (dtucker) [auth-passwd.c auth-shadow.c] Only enable shadow expiry check 
if HAS_SHADOW_EXPIRY is set.
 2004-02-11 18:48:52 +11:00
Darren Tucker 9df3defdbb - (dtucker) [LICENCE Makefile.in auth-passwd.c auth-shadow.c auth.c auth.h 
defines.h] Bug #14: Use do_pwchange to support password expiry and force
   change for platforms using /etc/shadow.  ok djm@
 2004-02-10 13:01:14 +11:00
Darren Tucker e3dba82dd4 - (dtucker) [auth-passwd.c auth.h openbsd-compat/port-aix.c 
openbsd-compat/port-aix.h] Bug #14: Use do_pwchange to support AIX's
    native password expiry.
 2004-02-10 12:50:19 +11:00
Darren Tucker c52a29913d Sync Ids missed in password expiry sync 2004-02-06 16:38:16 +11:00
Darren Tucker 23bc8d0bff - markus@cvs.openbsd.org 2004/01/30 09:48:57 
[auth-passwd.c auth.h pathnames.h session.c]
     support for password change; ok dtucker@
     (set password-dead=1w in login.conf to use this).
     In -Portable, this is currently only platforms using bsdauth.
 2004-02-06 16:24:31 +11:00
Darren Tucker d76341616d - (dtucker) [auth-passwd.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h] 
Move AIX specific password authentication code to port-aix.c, call
   authenticate() until reenter flag is clear.
 2003-11-22 14:16:56 +11:00
Damien Miller 787b2ec18c more whitespace (tabs this time) 2003-11-21 23:56:47 +11:00
Damien Miller a8e06cef35 - djm@cvs.openbsd.org 2003/11/21 11:57:03 
[everything]
     unexpand and delete whitespace at EOL; ok markus@
     (done locally and RCS IDs synced)
 2003-11-21 23:48:55 +11:00
Damien Miller 3e3b5145e5 - djm@cvs.openbsd.org 2003/11/04 08:54:09 
[auth1.c auth2.c auth2-pubkey.c auth.h auth-krb5.c auth-passwd.c]
     [auth-rhosts.c auth-rh-rsa.c auth-rsa.c monitor.c serverloop.c]
     [session.c]
     standardise arguments to auth methods - they should all take authctxt.
     check authctxt->valid rather then pw != NULL; ok markus@
 2003-11-17 21:13:40 +11:00
Damien Miller 5d07e6d465 20030918 
- (djm) Bug #652: Fix empty password auth
 2003-09-18 18:25:46 +10:00
Darren Tucker 2270c7e8aa - (dtucker) [auth-passwd.c] On AIX, call setauthdb() before loginsuccess(), 
required to correctly reset failed login count when using a password
   registry other than "files" (eg LDAP, see bug #543).
 2003-09-13 10:41:56 +10:00
Damien Miller 856f0be669 - markus@cvs.openbsd.org 2003/08/26 09:58:43 
[auth-passwd.c auth.c auth.h auth1.c auth2-none.c auth2-passwd.c]
     [auth2.c monitor.c]
     fix passwd auth for 'username leaks via timing'; with djm@, original
     patches from solar
 2003-09-03 07:32:45 +10:00
Ben Lindstrom 515d0f9a1e - (bal) openbsd-compat/ clean up. Considate headers, add in $Id$ on our 
files, and added missing license to header.
 2003-08-29 16:59:52 +00:00
Darren Tucker 6aaa58c470 - (dtucker) OpenBSD CVS Sync 
- markus@cvs.openbsd.org 2003/07/22 13:35:22
     [auth1.c auth.h auth-passwd.c monitor.c monitor.h monitor_wrap.c
     monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c ssh.1
     ssh.c ssh_config.5 sshconnect1.c sshd.c sshd_config.5 ssh.h]
     remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1);
     test+ok henning@
 - (dtucker) [Makefile.in acconfig.h configure.ac] Remove KRB4/AFS support.
 - (dtucker) [auth-krb4.c radix.c radix.h] Remove KRB4/AFS specific files.

I hope I got this right....
 2003-08-02 22:24:49 +10:00
Ben Lindstrom 0410e32f47 - (bal) [auth-passwd.c openbsd-compat/Makefile.in openbsd-compat/xcrypt.c 
openbsd-compat/xcrypt.h] Split off encryption into xcrypt() interface,
    and isolate shadow password functions.  Tested in Solaris, but should
    not break other platforms too badly (except maybe HP =).  Also brings
    auth-passwd.c into full sync with OpenBSD tree.
 2003-07-24 06:52:13 +00:00
Darren Tucker b9aa0a0baa - (dtucker) [auth-passwd.c auth.c session.c sshd.c port-aix.c port-aix.h] 
Convert aixloginmsg into platform-independant Buffer loginmsg.
 2003-07-08 22:59:59 +10:00
Darren Tucker a0c0b63112 - (dtucker) [acconfig.h auth-passwd.c configure.ac session.c port-aix.[ch]] 
Include AIX headers for authentication functions and make calls match
   prototypes.  Test for and handle 3-args and 4-arg variants of loginfailed.
 2003-07-08 20:52:12 +10:00
Damien Miller 3a961dc0d3 - (djm) OpenBSD CVS Sync 
- markus@cvs.openbsd.org 2003/06/02 09:17:34
     [auth2-hostbased.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c]
     [canohost.c monitor.c servconf.c servconf.h session.c sshd_config]
     [sshd_config.5]
     deprecate VerifyReverseMapping since it's dangerous if combined
     with IP based access control as noted by Mike Harding; replace with
     a UseDNS option, UseDNS is on by default and includes the
     VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@
     ok deraadt@, djm@
 - (djm) Fix portable-specific uses of verify_reverse_mapping too
 2003-06-03 10:25:48 +10:00
Damien Miller 4f9f42a9bb - (djm) Merge FreeBSD PAM code: replaces PAM password auth kludge with 
proper challenge-response module
 2003-05-10 19:28:02 +10:00
Damien Miller eab4bae038 - (djm) Add back radix.o (used by AFS support), after it went missing from 
Makefile many moons ago
 - (djm) Apply "owl-always-auth" patch from Openwall/Solar Designer
 - (djm) Fix blibpath specification for AIX/gcc
 - (djm) Some systems have basename in -lgen. Fix from ayamura@ayamura.org
 2003-04-29 23:22:40 +10:00
Damien Miller 4d9dc1aa82 - (djm) Unbreak root password auth. Spotted by dtucker@zip.com.au 2003-01-30 10:20:56 +11:00
Damien Miller e9b7d720c8 unbreak for PAM case 2003-01-22 16:21:02 +11:00
Damien Miller 2101bfc4e1 - (djm) Reorganise PAM & SIA password handling to eliminate some common code 2003-01-22 15:42:26 +11:00
Ben Lindstrom 164725f40e l) Fix issue where successfull login does not clear failure counts 
in AIX.  Patch by dtucker@zip.com.au ok by djm
 2002-09-25 23:14:14 +00:00
Damien Miller 444f9fca60 - ID sync for auth-passwd.c 2002-06-21 16:05:12 +10:00
Ben Lindstrom 115422f918 - (bal) Cygwin special handling of empty passwords wrong. Patch by 
vinschen@redhat.com
 2002-06-21 00:26:22 +00:00
Ben Lindstrom beecf74e2b - (bal) CVS ID fix up on auth-passwd.c 2002-05-15 15:59:17 +00:00
Ben Lindstrom 0b47814b43 - (bal) Back all the way out of auth-passwd.c changes. Breaks too many 
things that don't set pw->pw_passwd.
 2002-05-10 02:40:15 +00:00
Damien Miller 52910ddc66 - (djm) Unbreak auth-passwd.c for PAM and SIA 2002-05-08 12:18:26 +10:00
Ben Lindstrom 532bbdb99b - (bal) Fixed auth-passwd.c to resolve PermitEmptyPassword issue 2002-05-06 23:06:08 +00:00
Kevin Steves 0ea1d9d1f2 - (stevesk) [acconfig.h auth-passwd.c configure.ac sshd.c] HP-UX 10.26 
support.  bug #184.  most from dcole@keysoftsys.com.
 2002-04-25 18:17:04 +00:00
Kevin Steves e683e76439 - (stevesk) [auth-pam.c auth-pam.h auth-passwd.c auth-sia.c auth-sia.h 
auth1.c auth2.c] PAM, OSF_SIA password auth cleanup; from djm.
 2002-04-04 19:02:28 +00:00
Ben Lindstrom d96c8b3b56 - markus@cvs.openbsd.org 2002/03/04 12:43:06 
[auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     unused include
 2002-03-05 01:45:56 +00:00
Damien Miller f9661094e5 - (djm) Use bigcrypt() on systems with SCO_PROTECTED_PW. Patch from 
Roger Cornelius <rac@tenzing.org>
 2002-01-03 10:30:56 +11:00
Ben Lindstrom ec95ed9b4c - dugsong@cvs.openbsd.org 2001/06/26 16:15:25 
[auth1.c auth.h auth-krb4.c auth-passwd.c readconf.c readconf.h
      servconf.c servconf.h session.c sshconnect1.c sshd.c]
     Kerberos v5 support for SSH1, mostly from Assar Westerlund
     <assar@freebsd.org> and Bjorn Gronvall <bg@sics.se>. markus@ ok
 2001-07-04 04:21:14 +00:00
Damien Miller da2ed56f61 - (djm) Include crypt.h if available in auth-passwd.c 2001-04-25 22:50:18 +10:00
Ben Lindstrom eebc4a2ed3 - (bal) auth-chall.c auth-passwd.c auth.h auth1.c auth2.c session.c CVS ID 
resync
 2001-03-22 01:22:03 +00:00
Damien Miller 60396b060b - (djm) Merge BSD_AUTH support from Markus Friedl and David J. MacKenzie 
enable with --with-bsd-auth.
 2001-02-18 17:01:00 +11:00
Ben Lindstrom d8a9021f36 - markus@cvs.openbsd.org 2001/02/12 16:16:23 
[auth-passwd.c auth.c auth.h auth1.c auth2.c servconf.c servconf.h
      ssh-keygen.c sshd.8]
     PermitRootLogin={yes,without-password,forced-commands-only,no}
     (before this change, root could login even if PermitRootLogin==no)
 2001-02-15 03:08:27 +00:00
Kevin Steves ef4eea9bad - stevesk@cvs.openbsd.org 2001/02/04 08:32:27 
[many files; did this manually to our top-level source dir]
     unexpand and remove end-of-line whitespace; ok markus@
 2001-02-05 12:42:17 +00:00
Ben Lindstrom 226cfa0378 Hopefully things did not get mixed around too much. It compiles under 
Linux and works.  So that is at least a good sign. =)
20010122
 - (bal) OpenBSD Resync
   - markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus
     [servconf.c ssh.h sshd.c]
     only auth-chall.c needs #ifdef SKEY
   - markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus
     [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
      auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
      packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
      session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
      ssh1.h sshconnect1.c sshd.c ttymodes.c]
     move ssh1 definitions to ssh1.h, pathnames to pathnames.h
   - markus@cvs.openbsd.org 2001/01/19 16:48:14
     [sshd.8]
     fix typo; from stevesk@
   - markus@cvs.openbsd.org 2001/01/19 16:50:58
     [ssh-dss.c]
     clear and free digest, make consistent with other code (use dlen); from
     stevesk@
   - markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus
     [auth-options.c auth-options.h auth-rsa.c auth2.c]
     pass the filename to auth_parse_options()
   - markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001
     [readconf.c]
     fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com
   - stevesk@cvs.openbsd.org 2001/01/20 18:20:29
     [sshconnect2.c]
     dh_new_group() does not return NULL.  ok markus@
   - markus@cvs.openbsd.org 2001/01/20 21:33:42
     [ssh-add.c]
     do not loop forever if askpass does not exist; from
     andrew@pimlott.ne.mediaone.net
   - djm@cvs.openbsd.org 2001/01/20 23:00:56
     [servconf.c]
     Check for NULL return from strdelim; ok markus
   - djm@cvs.openbsd.org 2001/01/20 23:02:07
     [readconf.c]
     KNF; ok markus
   - jakob@cvs.openbsd.org 2001/01/21 9:00:33
     [ssh-keygen.1]
     remove -R flag; ok markus@
   - markus@cvs.openbsd.org 2001/01/21 19:05:40
     [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
      auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
      auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
      bufaux.c  bufaux.h buffer.c canahost.c canahost.h channels.c
      cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
      deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
      key.c key.h log-client.c log-server.c log.c log.h login.c login.h
      match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
      readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
      session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
      ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
      sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
      ttysmodes.c uidswap.c xmalloc.c]
     split ssh.h and try to cleanup the #include mess. remove unnecessary
     #includes.  rename util.[ch] -> misc.[ch]
 - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
 - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
   conflict when compiling for non-kerb install
 - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
   on 1/19.
 2001-01-22 05:34:40 +00:00