tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,969 Commits 6 Branches 20 Tags 98 MiB
Commit Graph

289 Commits

Author SHA1 Message Date
Darren Tucker 69687f4b65 - (dtucker) [auth-pam.c auth-pam.h session.c] Bug #890: Send output from 
failing PAM session modules to user then exit, similar to the way
   /etc/nologin is handled.  ok djm@
 2004-09-11 22:17:26 +10:00
Darren Tucker 14c372d49d - (dtucker) [session.c openbsd-compat/bsd-cygwin_util.{c,h}] Bug #915: only 
copy required environment variables on Cygwin.  Patch from vinschen at
   redhat.com, ok djm@
 2004-08-30 20:42:08 +10:00
Darren Tucker 5cb30ad2ec - markus@cvs.openbsd.org 2004/07/28 09:40:29 
[auth.c auth1.c auth2.c cipher.c cipher.h key.c session.c ssh.c
     sshconnect1.c]
     more s/illegal/invalid/
 2004-08-12 22:40:24 +10:00
Darren Tucker 0999174755 - dtucker@cvs.openbsd.org 2004/07/17 05:31:41 
[monitor.c monitor_wrap.c session.c session.h sshd.c sshlogin.c]
     Move "Last logged in at.." message generation to the monitor, right
     before recording the new login.  Fixes missing lastlog message when
     /var/log/lastlog is not world-readable and incorrect datestamp when
     multiple sessions are used (bz #463);  much assistance & ok markus@
 2004-07-17 17:05:14 +10:00
Darren Tucker fc9597034b - deraadt@cvs.openbsd.org 2004/07/11 17:48:47 
[channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c
     readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c
     session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h
     sshd.c ttymodes.h]
     spaces
 2004-07-17 16:12:08 +10:00
Darren Tucker 0a44d1ecf3 - (dtucker) [session.c] Call display_loginmsg again after do_pam_session. 
Ensures messages from PAM modules are displayed when privsep=no.

Note: I did not want to just move display_loginmsg since that would change
existing behaviour (order of expiry warnings, "Last Login", motd) to less
like the native tools.
 2004-07-01 09:48:29 +10:00
Damien Miller a6b1d169e6 - djm@cvs.openbsd.org 2004/06/30 08:36:59 
[session.c]
     unbreak TTY break, diagnosed by darren AT dazwin.com; ok markus@
 2004-06-30 22:41:07 +10:00
Darren Tucker 723e945b55 - djm@cvs.openbsd.org 2004/06/21 17:53:03 
[session.c]
     fix fd leak for multiple subsystem connections; with markus@
 2004-06-22 12:57:08 +10:00
Darren Tucker 1f8311c836 - deraadt@cvs.openbsd.org 2004/05/11 19:01:43 
[auth.c auth2-none.c authfile.c channels.c monitor.c monitor_mm.c
     packet.c packet.h progressmeter.c session.c openbsd-compat/xmmap.c]
     improve some code lint did not like; djm millert ok
 2004-05-13 16:39:33 +10:00
Darren Tucker e14e005f41 - djm@cvs.openbsd.org 2004/05/09 01:19:28 
[OVERVIEW auth-rsa.c auth1.c kex.c monitor.c session.c sshconnect1.c
     sshd.c] removed: mpaux.c mpaux.h
     kill some more tiny files; ok deraadt@
 2004-05-13 16:30:44 +10:00
Darren Tucker 46bc075474 - djm@cvs.openbsd.org 2004/04/27 09:46:37 
[readconf.c readconf.h servconf.c servconf.h session.c session.h ssh.c
     ssh_config.5 sshd_config.5]
     bz #815: implement ability to pass specified environment variables from
     the client to the server; ok markus@
 2004-05-02 22:11:30 +10:00
Damien Miller 9c870f966a - (djm) [auth-krb5.c auth.h session.c] Explicitly refer to Kerberos ccache 
file using FILE: method, fixes problems on Mac OSX.
   Patch from simon@sxw.org.uk; ok dtucker@
 2004-04-16 22:47:55 +10:00
Darren Tucker ac7c998a2d - (dtucker) [session.c] Flush stdout after displaying loginmsg. From 
f_mohr at yahoo.de.
 2004-04-07 08:04:09 +10:00
Darren Tucker b385059346 - (dtucker) [session.c] Bug #817: Clear loginmsg after fork to prevent 
duplicate login messages for mutli-session logins.  ok djm@
 2004-03-27 16:44:21 +11:00
Darren Tucker 1825f26d21 - (dtucker) [session.c] Bug #789: Only make setcred call for !privsep in the 
non-interactive path.  ok djm@
 2004-02-24 00:01:27 +11:00
Darren Tucker 1921ed9f96 - (dtucker) [auth-pam.c auth-pam.h session.c] Bug #14: Use do_pwchange to 
change expired PAM passwords for SSHv1 connections without privsep.
   pam_chauthtok is still used when privsep is disabled.  ok djm@
 2004-02-10 13:23:28 +11:00
Darren Tucker 23bc8d0bff - markus@cvs.openbsd.org 2004/01/30 09:48:57 
[auth-passwd.c auth.h pathnames.h session.c]
     support for password change; ok dtucker@
     (set password-dead=1w in login.conf to use this).
     In -Portable, this is currently only platforms using bsdauth.
 2004-02-06 16:24:31 +11:00
Darren Tucker ef3a4a208c - (dtucker) [session.c] Bug #789: Do not call do_pam_setcred as a non-root 
user, since some modules might fail due to lack of privilege.  ok djm@
 2004-02-06 15:30:50 +11:00
Darren Tucker 3c78c5ed2f - (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c] 
Change AFS symbol to USE_AFS to prevent namespace collisions, do not
   include kafs.h unless necessary.  From deengert at anl.gov.

For consistency, all of the libkafs bits are now inside "#if defined(KRB5)
&& defined(USE_AFS)".
 2004-01-23 22:03:10 +11:00
Damien Miller d352636553 - (djm) Do pam_session processing for systems with HAVE_LOGIN_CAP; from 
ralf.hack AT pipex.net; ok dtucker@
 2004-01-23 14:16:26 +11:00
Darren Tucker 7fe8b72771 - (dtucker) [session.c] Enable AFS support in conjunction with KRB5 not 
just HEIMDAL.

Currently this will make no difference, as only Heimdal (which defines KRB5
anyway) has libkafs, however a libkafs that works with MIT may become
available.  In that case it will be used too.
 2004-01-22 12:48:26 +11:00
Damien Miller 8f341f8b8b - markus@cvs.openbsd.org 2004/01/13 19:23:15 
[compress.c session.c]
     -Wall; ok henning
 2004-01-21 11:00:46 +11:00
Darren Tucker 409cb328c1 - (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c] 
Only enable KerberosGetAFSToken if Heimdal's libkafs is found.  with jakob@
 2004-01-05 22:36:51 +11:00
Darren Tucker 22ef508754 - jakob@cvs.openbsd.org 2003/12/23 16:12:10 
[servconf.c servconf.h session.c sshd_config]
     implement KerberosGetAFSToken server option. ok markus@, beck@
 2003-12-31 11:37:34 +11:00
Darren Tucker 3175eb9a5a - markus@cvs.openbsd.org 2003/12/02 17:01:15 
[channels.c session.c ssh-agent.c ssh.h sshd.c]
     use SSH_LISTEN_BACKLOG (=128) in listen(2).
 2003-12-09 19:15:11 +11:00
Damien Miller ce34674a9f sync whitespace - no code change 2003-11-22 14:41:58 +11:00
Damien Miller 787b2ec18c more whitespace (tabs this time) 2003-11-21 23:56:47 +11:00
Damien Miller a8e06cef35 - djm@cvs.openbsd.org 2003/11/21 11:57:03 
[everything]
     unexpand and delete whitespace at EOL; ok markus@
     (done locally and RCS IDs synced)
 2003-11-21 23:48:55 +11:00
Damien Miller c756e9b56e - (djm) Export environment variables from authentication subprocess to 
parent. Part of Bug #717
 2003-11-17 21:41:42 +11:00
Damien Miller 3e3b5145e5 - djm@cvs.openbsd.org 2003/11/04 08:54:09 
[auth1.c auth2.c auth2-pubkey.c auth.h auth-krb5.c auth-passwd.c]
     [auth-rhosts.c auth-rh-rsa.c auth-rsa.c monitor.c serverloop.c]
     [session.c]
     standardise arguments to auth methods - they should all take authctxt.
     check authctxt->valid rather then pw != NULL; ok markus@
 2003-11-17 21:13:40 +11:00
Darren Tucker 072a7b178c - markus@cvs.openbsd.org 2003/10/14 19:54:39 
[session.c ssh-agent.c]
     10X for mkdtemp; djm@
 2003-10-15 16:10:25 +10:00
Darren Tucker 8846a07639 - (dtucker) [auth-pam.c auth-pam.h session.c] Make PAM use the new static 
cleanup functions.  With & ok djm@
 2003-10-07 11:30:15 +10:00
Darren Tucker f391ba6730 - (dtucker) [session.c] Fix bus errors on some 64-bit Solaris configurations. 
Based on patches by Matthias Koeppe and Thomas Baden.  ok djm@
 2003-10-02 20:07:09 +10:00
Darren Tucker 3e33cecf71 - markus@cvs.openbsd.org 2003/09/23 20:17:11 
[Makefile.in auth1.c auth2.c auth.c auth.h auth-krb5.c canohost.c
     cleanup.c clientloop.c fatal.c gss-serv.c log.c log.h monitor.c monitor.h
     monitor_wrap.c monitor_wrap.h packet.c serverloop.c session.c session.h
     ssh-agent.c sshd.c]
     replace fatal_cleanup() and linked list of fatal callbacks with static
     cleanup_exit() function.  re-refine cleanup_exit() where appropriate,
     allocate sshd's authctxt eary to allow simpler cleanup in sshd.
     tested by many, ok deraadt@
 2003-10-02 16:12:36 +10:00
Darren Tucker fb16b2411e - markus@cvs.openbsd.org 2003/09/18 08:49:45 
[deattack.c misc.c session.c ssh-agent.c]
     more buffer allocation fixes; from Solar Designer; CAN-2003-0682;
     ok millert@
 2003-09-22 21:04:23 +10:00
Darren Tucker c11b1e8420 - (dtucker) [session.c] Bug #643: Fix size_t -> u_int and fix null deref 
when /etc/default/login doesn't exist or isn't readable.  Fixes from
   jparsons-lists at saffron.net and georg.oppenberg at deu mci com.
 2003-09-19 20:56:51 +10:00
Darren Tucker e1a790d0d1 - (dtucker) [acconfig.h configure.ac defines.h session.c] Bug #252: Retrieve 
PATH (or SUPATH) and UMASK from /etc/default/login on platforms that have it
   (eg Solaris, Reliant Unix).  Patch from Robert.Dahlem at siemens.com.  ok djm@
 2003-09-16 11:52:19 +10:00
Damien Miller 341c6e687c - (djm) Bug #423: reorder setting of PAM_TTY and calling of PAM session 
management (now done in do_setusercontext). Largely from
   michael_steffens AT hp.com
 2003-09-02 23:18:52 +10:00
Damien Miller 324948b320 - markus@cvs.openbsd.org 2003/08/31 13:29:05 
[session.c]
     call ssh_gssapi_storecreds conditionally from do_exec();
     with sxw@inf.ed.ac.uk
 2003-09-02 22:55:45 +10:00
Damien Miller 1a0c0b9621 - markus@cvs.openbsd.org 2003/08/28 12:54:34 
[auth-krb5.c auth.h auth1.c monitor.c monitor.h monitor_wrap.c]
     [monitor_wrap.h readconf.c servconf.c session.c ssh_config.5]
     [sshconnect1.c sshd.c sshd_config sshd_config.5]
     remove kerberos support from ssh1, since it has been replaced with GSSAPI;
     but keep kerberos passwd auth for ssh1 and 2; ok djm, hin, henning, ...
 2003-09-02 22:51:17 +10:00
Darren Tucker 49aaf4ad52 - (dtucker) [Makefile.in acconfig.h auth-krb5.c auth-pam.c auth-pam.h 
configure.ac defines.h gss-serv-krb5.c session.c ssh-gss.h sshconnect1.c
   sshconnect2.c] Add Portable GSSAPI support, patch by Simon Wilkinson.
 2003-08-26 11:58:16 +10:00
Darren Tucker 0efd155c3c - markus@cvs.openbsd.org 2003/08/22 10:56:09 
[auth2.c auth2-gss.c auth.h compat.c compat.h gss-genr.c gss-serv-krb5.c
     gss-serv.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c
     readconf.h servconf.c servconf.h session.c session.h ssh-gss.h
     ssh_config.5 sshconnect2.c sshd_config sshd_config.5]
     support GSS API user authentication; patches from Simon Wilkinson,
     stripped down and tested by Jakob and myself.
 2003-08-26 11:49:55 +10:00
Damien Miller 1f499fd368 - (djm) Bug #564: Perform PAM account checks for all authentications when 
UsePAM=yes; ok dtucker
 2003-08-25 13:08:49 +10:00
Darren Tucker 3bdbd848ea - markus@cvs.openbsd.org 2003/08/13 08:33:02 
[session.c]
     use more portable tcsendbreak(3) and ignore break_length;
     ok deraadt, millert
 2003-08-13 20:31:05 +10:00
Darren Tucker d85efee437 - (dtucker) [session.c] Remove #ifdef TIOCSBRK kludge. 2003-08-13 20:28:14 +10:00
Darren Tucker 80649c5fa6 - (dtucker) [session.c openbsd-compat/bsd-cygwin_util.h] Move Cygwin 
specific defines and includes to bsd-cygwin_util.h.  Fixes build error too.
 2003-08-07 16:28:16 +10:00
Darren Tucker b9d3f41ceb - (dtucker) [session.c] Have session_break_req not attempt to send a break 
if TIOCSBRK and TIOCCBRK are not defined (eg Cygwin).
 2003-08-07 13:24:24 +10:00
Darren Tucker 6aaa58c470 - (dtucker) OpenBSD CVS Sync 
- markus@cvs.openbsd.org 2003/07/22 13:35:22
     [auth1.c auth.h auth-passwd.c monitor.c monitor.h monitor_wrap.c
     monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c ssh.1
     ssh.c ssh_config.5 sshconnect1.c sshd.c sshd_config.5 ssh.h]
     remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1);
     test+ok henning@
 - (dtucker) [Makefile.in acconfig.h configure.ac] Remove KRB4/AFS support.
 - (dtucker) [auth-krb4.c radix.c radix.h] Remove KRB4/AFS specific files.

I hope I got this right....
 2003-08-02 22:24:49 +10:00
Darren Tucker b9aa0a0baa - (dtucker) [auth-passwd.c auth.c session.c sshd.c port-aix.c port-aix.h] 
Convert aixloginmsg into platform-independant Buffer loginmsg.
 2003-07-08 22:59:59 +10:00
Darren Tucker 793e817d49 - (dtucker) Check return value of setpcred(). 2003-07-08 21:01:04 +10:00