787b2ec18c
more whitespace (tabs this time)
2003-11-21 23:56:47 +11:00
a8e06cef35
- djm@cvs.openbsd.org 2003/11/21 11:57:03
...
[everything]
unexpand and delete whitespace at EOL; ok markus@
(done locally and RCS IDs synced)
2003-11-21 23:48:55 +11:00
8a1624c42d
- (dtucker) [auth-pam.c] Only use pam_putenv if our platform has it. ok djm@
2003-11-18 12:45:35 +11:00
18df00cc77
- (dtucker) [auth-pam.c] Convert chauthtok_conv into a generic tty_conv,
...
and use it for do_pam_session. Fixes problems like pam_motd not displaying
anything. ok djm@
2003-11-18 12:42:07 +11:00
c756e9b56e
- (djm) Export environment variables from authentication subprocess to
...
parent. Part of Bug #717
2003-11-17 21:41:42 +11:00
9bdba70350
- (djm) Bug #632 : Don't call pam_end indirectly from within kbd-int
...
conversation function
2003-11-17 21:27:55 +11:00
ae52b7ca59
- (dtucker) [auth-pam.c] Add newline to accumulated PAM_TEXT_INFO and
...
PAM_ERROR_MSG messages.
2003-11-13 19:52:31 +11:00
0947ddff72
- (dtucker) [auth-pam.c] Append newlines to lines output by the
...
pam_chauthtok_conv().
2003-11-13 11:21:31 +11:00
439ce0daf9
Add FALLTHROUGH comment
2003-10-09 14:20:15 +10:00
8846a07639
- (dtucker) [auth-pam.c auth-pam.h session.c] Make PAM use the new static
...
cleanup functions. With & ok djm@
2003-10-07 11:30:15 +10:00
5c3a55846a
- (djm) Sync with V_3_7 branch:
...
- (djm) Fix SSH1 challenge kludge
- (djm) Bug #671 : Fix builds on OpenBSD
- (djm) Bug #676 : Fix PAM stack corruption
- (djm) Fix bad free() in PAM code
- (djm) Don't call pam_end before pam_init
- (djm) Enable build with old OpenSSL again
- (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
2003-09-23 22:12:38 +10:00
f2728099ba
- (djm) Sync with V_3_7 branch
2003-09-17 07:24:25 +10:00
455813b79e
Add extern __progname, needed if SSHD_PAM_SERVICE not defined
2003-09-13 22:12:11 +10:00
c58c2eedb0
- (dtucker) [auth-pam.c] Use SSHD_PAM_SERVICE for PAM service name, patch
...
from cjwatson at debian.org.
2003-09-13 22:02:05 +10:00
341c6e687c
- (djm) Bug #423 : reorder setting of PAM_TTY and calling of PAM session
...
management (now done in do_setusercontext). Largely from
michael_steffens AT hp.com
2003-09-02 23:18:52 +10:00
f4b6f10ded
- (djm) Don't initialise pam_conv structures inline. Avoids HP/UX compiler
...
error. Part of Bug #423 , patch from michael_steffens AT hp.com
2003-09-02 23:12:06 +10:00
49aaf4ad52
- (dtucker) [Makefile.in acconfig.h auth-krb5.c auth-pam.c auth-pam.h
...
configure.ac defines.h gss-serv-krb5.c session.c ssh-gss.h sshconnect1.c
sshconnect2.c] Add Portable GSSAPI support, patch by Simon Wilkinson.
2003-08-26 11:58:16 +10:00
1f499fd368
- (djm) Bug #564 : Perform PAM account checks for all authentications when
...
UsePAM=yes; ok dtucker
2003-08-25 13:08:49 +10:00
f38db7f5da
- (dtucker) [auth-pam.c] Don't set PAM_TTY if tty is null. ok djm@
2003-08-08 13:43:37 +10:00
7f2d795e3f
- (djm) [auth-pam.c] Don't use crappy APIs like sprintf. Thanks bal
2003-07-30 14:53:11 +10:00
3a961dc0d3
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2003/06/02 09:17:34
[auth2-hostbased.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c]
[canohost.c monitor.c servconf.c servconf.h session.c sshd_config]
[sshd_config.5]
deprecate VerifyReverseMapping since it's dangerous if combined
with IP based access control as noted by Mike Harding; replace with
a UseDNS option, UseDNS is on by default and includes the
VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@
ok deraadt@, djm@
- (djm) Fix portable-specific uses of verify_reverse_mapping too
2003-06-03 10:25:48 +10:00
46337202d4
- (djm) Fix segv from bad reordering in auth-pam.c
2003-06-02 11:04:39 +10:00
25d9342f04
- (djm) Return of the dreaded PAM_TTY_KLUDGE, which went missing in
...
recent merge
2003-05-18 20:45:47 +10:00
e27c6cc3ad
- (djm) Guard free_pam_environment against NULL argument. Works around
...
HP/UX PAM problems debugged by dtucker
2003-05-16 18:21:01 +10:00
9d507dac1f
- (djm) Die screaming if start_pam() is called when UsePAM=no
2003-05-14 15:31:12 +10:00
4e448a31ae
- (djm) Add new UsePAM configuration directive to allow runtime control
...
over usage of PAM. This allows non-root use of sshd when built with
--with-pam
2003-05-14 15:11:48 +10:00
4f9f42a9bb
- (djm) Merge FreeBSD PAM code: replaces PAM password auth kludge with
...
proper challenge-response module
2003-05-10 19:28:02 +10:00
eab4bae038
- (djm) Add back radix.o (used by AFS support), after it went missing from
...
Makefile many moons ago
- (djm) Apply "owl-always-auth" patch from Openwall/Solar Designer
- (djm) Fix blibpath specification for AIX/gcc
- (djm) Some systems have basename in -lgen. Fix from ayamura@ayamura.org
2003-04-29 23:22:40 +10:00
996acd2476
*** empty log message ***
2003-04-09 20:59:48 +10:00
2101bfc4e1
- (djm) Reorganise PAM & SIA password handling to eliminate some common code
2003-01-22 15:42:26 +11:00
6a998ebfa9
- (stevesk) [auth-pam.c] should use PAM_MSG_MEMBER(); from solar
2002-07-28 20:24:07 +00:00
6fa740ba84
- (stevesk) [auth-pam.c] typo in comment
2002-07-23 00:51:53 +00:00
38b050a0f5
- (stevesk) [auth-pam.[ch] session.c] pam_getenvlist() must be
...
freed by the caller; add free_pam_environment() and use it.
2002-07-23 00:44:07 +00:00
287077eaf2
- (stevesk) [auth-pam.[ch] ssh.h] move SSHD_PAM_SERVICE to auth-pam.h
2002-07-21 23:59:39 +00:00
3429a1bf60
- (stevesk) [auth-pam.c] cast to avoid initialization type mismatch
...
warning on pam_conv struct conversation function.
2002-07-21 22:49:47 +00:00
63007d42ee
- (stevesk) [auth-pam.c] merge rest of solar's PAM patch;
...
PAM_NEW_AUTHTOK_REQD remains in #if 0 for now.
2002-07-21 17:57:01 +00:00
6cdecd0892
- (stevesk) [auth-pam.c] merge cosmetic changes from solar's
...
openssh-3.4p1-owl-password-changing.diff
2002-07-21 17:26:54 +00:00
23fe57c51c
- (djm) Use PAM_MSG_MEMBER for PAM_TEXT_INFO messages, use xmalloc &
...
friends consistently. Spotted by Solar Designer <solar@openwall.com>
2002-07-02 17:08:23 +10:00
f762a4bea5
- (djm) Don't reinitialise PAM credentials before we have started PAM.
...
Report from Pekka Savola <pekkas@netcore.fi>
2002-05-08 12:27:55 +10:00
ae9d5af0de
- (djm) Disable PAM password expiry until a complete fix for bug #188 exists
2002-04-26 11:27:24 +10:00
7941855f09
- (djm) Make privsep work with PAM (still experimental)
2002-04-23 20:28:48 +10:00
e683e76439
- (stevesk) [auth-pam.c auth-pam.h auth-passwd.c auth-sia.c auth-sia.h
...
auth1.c auth2.c] PAM, OSF_SIA password auth cleanup; from djm.
2002-04-04 19:02:28 +00:00
f3451a2181
- (djm) Cleanup after sync:
...
- :%s/reverse_mapping_check/verify_reverse_mapping/g
2002-02-05 12:40:46 +11:00
de77b464c6
- (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK)
...
if permit_empty_passwd == 0 so null password check cannot be bypassed.
jayaraj@amritapuri.com OpenBSD bug 2168
2001-11-09 20:22:16 +00:00
fe2f4a1e37
- (stevesk) Fix compile problem with PAM password change fix
2001-10-28 17:32:38 +00:00
092564869a
- (djm) Fix for PAM password changes being echoed (from stevesk)
2001-10-28 22:36:55 +11:00
33cdd9ee7b
- (djm) Avoid bug in Solaris PAM libs
2001-10-28 22:33:48 +11:00
706e7a9cf9
- (stevesk) auth-pam.c: use PERMIT_NO_PASSWD
2001-04-23 18:38:37 +00:00
5f3b9b9091
- (stevesk) pam_start() doesn't use DNS now for sshd -u0.
2001-04-23 17:28:28 +00:00
85ecbe767e
- (stevesk) set the default PAM service name to __progname instead
...
of the hard-coded value "sshd"; from Mark D. Roth <roth@feep.net>
2001-04-20 17:43:47 +00:00
Damien Miller
Darren Tucker
Kevin Steves