tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,113 Commits 6 Branches 20 Tags 97 MiB
Commit Graph

181 Commits

Author SHA1 Message Date
Damien Miller b0fb6872ed - deraadt@cvs.openbsd.org 2006/03/19 18:51:18 
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
     [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
     [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
     [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
     [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
     [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
     [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
     [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
     [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
     [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
     [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
     [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
     [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
     [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
     [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
     [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
     RCSID() can die
 2006-03-26 00:03:21 +11:00
Damien Miller 66f9eb65ff - (djm) [auth-pam.c] Fix memleak in error path, from Coverity via 
elad AT NetBSD.org
 2006-03-18 23:04:49 +11:00
Damien Miller 6645e7a70d - (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c] 
[sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c]
   [sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c]
   [openbsd-compat/glob.c openbsd-compat/mktemp.c]
   [openbsd-compat/readpassphrase.c] Lots of include fixes for
   OpenSolaris
 2006-03-15 14:42:54 +11:00
Darren Tucker 1d4ebbf143 Correct format in debug message 2006-01-29 16:46:13 +11:00
Darren Tucker 7b1e695846 - (dtucker) [auth-pam.c] Bug #1028: send final non-query messages from 
PAM via keyboard-interactive.  Patch tested by the folks at Vintela.
 2005-09-28 22:33:27 +10:00
Damien Miller 37294fb630 - (djm) [auth-pam.c sftp.c] spaces vs. tabs at start of line 2005-07-17 17:18:49 +10:00
Damien Miller 94cf4c8448 - (djm) [acss.c auth-pam.c auth-shadow.c auth-skey.c auth1.c canohost.c] 
[cipher-acss.c loginrec.c ssh-rand-helper.c sshd.c] Fix whitespace at EOL
   in portable too ("perl -p -i -e 's/\s+$/\n/' *.[ch]")
 2005-07-17 17:04:47 +10:00
Darren Tucker 4f1adad4f6 - (dtucker) [auth-pam.c] Ensure that only one side of the authentication 
socketpair stays open on in both the monitor and PAM process.  Patch from
   Joerg Sonnenberger.
 2005-07-16 11:33:06 +10:00
Darren Tucker f08bdb5a7e - (dtucker) [auth-pam.c] Bug #1033: Fix warnings building with PAM on Linux: 
warning: dereferencing type-punned pointer will break strict-aliasing rules
  warning: passing arg 3 of `pam_get_item' from incompatible pointer type
  The type-punned pointer fix is based on a patch from SuSE's rpm.  ok djm@
 2005-05-26 19:59:48 +10:00
Darren Tucker 328118aa79 - (dtucker) [auth-pam.c] Since people don't seem to be getting the message 
that USE_POSIX_THREADS is unsupported, not recommended and generally a bad
   idea, it is now known as UNSUPPORTED_POSIX_THREADS_HACK.  Attempting to use
   USE_POSIX_THREADS will now generate an error so we don't silently change
   behaviour.  ok djm@
 2005-05-25 16:18:09 +10:00
Darren Tucker d5bfa8f9d8 Oops, did not intend to commit this yet 2005-01-20 13:29:51 +11:00
Darren Tucker d231186fd0 - djm@cvs.openbsd.org 2004/12/22 02:13:19 
[cipher-ctr.c cipher.c]
     remove fallback AES support for old OpenSSL, as OpenBSD has had it for
     many years now; ok deraadt@
     (Id sync only: Portable will continue to support older OpenSSLs)
 2005-01-20 13:27:56 +11:00
Darren Tucker 36a3d60347 - (dtucker) [auth-pam.c] Bug #971: Prevent leaking information about user 
existence via keyboard-interactive/pam, in conjunction with previous
   auth2-chall.c change; with Colin Watson and djm.
 2005-01-20 12:43:38 +11:00
Damien Miller daffc6a115 - (djm) [auth-pam.c] snprintf->strl*, fix server message length calculations 2004-10-16 18:52:44 +10:00
Darren Tucker 77fc29eeb3 - (dtucker) [auth-pam.c auth.h auth2-none.c auth2.c monitor.c monitor_wrap.c] 
Bug #892: Send messages from failing PAM account modules to the client via
   SSH2_MSG_USERAUTH_BANNER messages.  Note that this will not happen with
   SSH2 kbdint authentication, which need to be dealt with separately.  ok djm@
 2004-09-11 23:07:03 +10:00
Darren Tucker 0a7e3c6c89 - (dtucker) [auth-pam.c] Relocate sshpam_store_conv(), no code change. 2004-09-11 22:28:01 +10:00
Darren Tucker 69687f4b65 - (dtucker) [auth-pam.c auth-pam.h session.c] Bug #890: Send output from 
failing PAM session modules to user then exit, similar to the way
   /etc/nologin is handled.  ok djm@
 2004-09-11 22:17:26 +10:00
Darren Tucker 21dd0897d5 - (dtucker) [acconfig.h auth-pam.c configure.ac] Set real uid to non-root 
to convince Solaris PAM to honour password complexity rules.  ok djm@
 2004-08-16 23:12:05 +10:00
Damien Miller 2d2ed3d633 - (djm) [auth-pam.c] Portable parts of bz#899: Don't display invalid 
usernames in setproctitle from peak AT argo.troja.mff.cuni.cz;
 2004-07-21 20:54:47 +10:00
Damien Miller a6fb77fd6c - (djm) [auth-pam.c] Avoid use of xstrdup and friends in conversation function, 
instead return PAM_CONV_ERR, avoiding another path to fatal(); ok dtucker@
 2004-07-19 09:39:11 +10:00
Darren Tucker 5d423f4ece - (dtucker) [auth-pam.c] Check for zero from waitpid() too, which allows 
the monitor to properly clean up the PAM thread (Debian bug #252676).
 2004-07-11 16:54:08 +10:00
Darren Tucker 1f7e40864f - (dtucker) [auth-pam.c] Bug #559 (last piece): Pass DISALLOW_NULL_AUTHTOK 
to pam_authenticate for challenge-response auth too.  Originally from
   fcusack at fcusack.com, ok djm@
 2004-07-01 14:00:14 +10:00
Darren Tucker e2ba9c2e83 - (dtucker) [auth-pam.c] Bug #705: Make arguments match PAM specs, fixes 
warnings on compliant platforms.  From paul.a.bolton at bt.com.  ok djm@
 2004-07-01 12:38:14 +10:00
Darren Tucker 59e06026d7 - (dtucker) [auth-pam.c] Check for buggy PAM modules that return a NULL 
appdata_ptr to the conversation function.  ok djm@

By rights we should free the messages too, but if this happens then one
of the modules has already proven itself to be buggy so can we trust
the messages?
 2004-06-30 20:34:31 +10:00
Darren Tucker 17db1c47cf - (dtucker) [auth-pam.c] Don't use PAM namespace for 
pam_password_change_required either.
 2004-06-19 12:54:38 +10:00
Darren Tucker 94befab9dd - (dtucker) [auth-pam.c] Don't use pam_* namespace for sshd's PAM functions. 
ok djm@
 2004-06-03 14:53:12 +10:00
Damien Miller 26314f6354 - (djm) [auth-pam.c] Add copyright for local changes 2004-06-01 11:28:20 +10:00
Darren Tucker e061b1598a - (dtucker) [auth-pam.c] Use an invalid password for root if 
PermitRootLogin != yes or the login is invalid, to prevent leaking
   information.  Based on Openwall's owl-always-auth patch.  ok djm@
 2004-05-30 22:04:56 +10:00
Darren Tucker 450a158d7e - (dtucker) [auth-pam.c auth-pam.h auth-passwd.c]: Bug #874: Re-add PAM 
support for PasswordAuthentication=yes.  ok djm@
 2004-05-30 20:43:59 +10:00
Darren Tucker b53355eca5 - (dtucker) [auth-pam.c] Bug #839: Ensure that pam authentication "thread" 
is terminated if the privsep slave exits during keyboard-interactive
   authentication.  ok djm@
 2004-05-24 11:55:36 +10:00
Darren Tucker b6db172a79 - (dtucker) [auth-pam.c scard-opensc.c] Tinderbox says auth-pam.c uses 
readpass.h, grep says scard-opensc.c does too.  Replace with misc.h.
 2004-05-13 17:29:35 +10:00
Darren Tucker 2a9bf4b3d3 - (dtucker) [auth-pam.c] Log username and source host for failed PAM 
authentication attempts.  With & ok djm@
 2004-04-18 11:00:26 +10:00
Darren Tucker 17addf0463 - (dtucker) [auth-pam.c] rename the_authctxt to sshpam_authctxt in auth-pam.c 
to reduce potential confusion with the one in sshd.c.  ok djm@
 2004-03-30 20:57:57 +10:00
Darren Tucker dbf7a74ee5 - (dtucker) [auth-pam.c auth-pam.h auth1.c auth2.c monitor.c monitor_wrap.c 
monitor_wrap.h] Bug #808: Ensure force_pwchange is correctly initialized
   even if keyboard-interactive is not used by the client.  Prevents segfaults
   in some cases where the user's password is expired (note this is not
   considered a security exposure).  ok djm@
 2004-03-08 23:04:06 +11:00
Darren Tucker b9b6021667 - (dtucker) [auth-pam.c] Reset signal status when starting pam auth thread, 
prevent hanging during PAM keyboard-interactive authentications.  ok djm@
 2004-03-04 20:03:54 +11:00
Darren Tucker 4b385d4bc0 - (dtucker) [auth-pam.c] Don't try to export PAM when compiled with 
-DUSE_POSIX_THREADS.  From antoine.verheijen at ualbert ca.  ok djm@
 2004-03-04 19:54:10 +11:00
Darren Tucker 5cf8ef735c - (dtucker) [auth-pam.c] Store output from pam_session and pam_setcred for 
display after login.  Should fix problems like pam_motd not displaying
   anything, noticed by cjwatson at debian.org.  ok djm@
 2004-02-17 23:20:07 +11:00
Darren Tucker ba53b839d3 - (dtucker) [auth-pam.c] Tidy up PAM debugging. ok djm@ 2004-02-17 20:46:59 +11:00
Darren Tucker 1921ed9f96 - (dtucker) [auth-pam.c auth-pam.h session.c] Bug #14: Use do_pwchange to 
change expired PAM passwords for SSHv1 connections without privsep.
   pam_chauthtok is still used when privsep is disabled.  ok djm@
 2004-02-10 13:23:28 +11:00
Darren Tucker a8df9248ce - (dtucker) [auth-pam.c] Add minor debugging. 2004-01-15 00:15:07 +11:00
Darren Tucker 7ae0962798 - (dtucker) [auth-pam.c] Reset signal handler in pthread_cancel too, add 
test for case where cleanup has already run.
 2004-01-14 23:07:56 +11:00
Darren Tucker 749bc95bd8 - (dtucker) [auth-pam.c] Have monitor die if PAM authentication thread exits 
unexpectedly.  with & ok djm@
 2004-01-14 22:14:04 +11:00
Darren Tucker 1b27c8fbcb - (dtucker) [auth-pam.c] Relocate struct pam_ctxt and prototypes. No 
functional changes.

This is in preparation for a change to catch the authentication thread
exitting unexpectedly, to split functional and cosmetic changes.
 2004-01-13 22:35:58 +11:00
Darren Tucker 0234e8607f - (dtucker) [auth-pam.c defines.h] Bug #783: move __unused to defines.h and 
only define if not already.  From des at freebsd.org.
 2004-01-08 23:32:04 +11:00
Damien Miller 0f47c53742 - (djm) OSX/Darwin put the PAM headers in a different place, detect this. 
Report from jakob@
 2004-01-02 18:01:30 +11:00
Darren Tucker c376c8647e Enable commented-out "if (compat20)" test. (Should not have been committed.) 2003-12-18 16:08:59 +11:00
Darren Tucker 07705c788e - (dtucker) [auth-pam.c] Do PAM chauthtok during SSH2 keyboard-interactive 
authentication.  Partially fixes bug #423.  Feedback & ok djm@

Some background on why this is the way it is:
* Solaris 8's pam_chauthtok ignores the CHANGE_EXPIRED_AUTHTOK flag, so
  we must call do_pam_account() to figure out if the password is expired.
* AIX 5.2 does not like having pam_acct_mgmt() called twice, once from the
  authentication thread and once from the main shell child, so we cache the
  result, which must be passed from the authentication thread back to the
  monitor.
 2003-12-18 15:34:31 +11:00
Damien Miller 787b2ec18c more whitespace (tabs this time) 2003-11-21 23:56:47 +11:00
Damien Miller a8e06cef35 - djm@cvs.openbsd.org 2003/11/21 11:57:03 
[everything]
     unexpand and delete whitespace at EOL; ok markus@
     (done locally and RCS IDs synced)
 2003-11-21 23:48:55 +11:00
Darren Tucker 8a1624c42d - (dtucker) [auth-pam.c] Only use pam_putenv if our platform has it. ok djm@ 2003-11-18 12:45:35 +11:00
Darren Tucker 18df00cc77 - (dtucker) [auth-pam.c] Convert chauthtok_conv into a generic tty_conv, 
and use it for do_pam_session.  Fixes problems like pam_motd not displaying
   anything.  ok djm@
 2003-11-18 12:42:07 +11:00
Damien Miller c756e9b56e - (djm) Export environment variables from authentication subprocess to 
parent. Part of Bug #717
 2003-11-17 21:41:42 +11:00
Damien Miller 9bdba70350 - (djm) Bug #632: Don't call pam_end indirectly from within kbd-int 
conversation function
 2003-11-17 21:27:55 +11:00
Darren Tucker ae52b7ca59 - (dtucker) [auth-pam.c] Add newline to accumulated PAM_TEXT_INFO and 
PAM_ERROR_MSG messages.
 2003-11-13 19:52:31 +11:00
Darren Tucker 0947ddff72 - (dtucker) [auth-pam.c] Append newlines to lines output by the 
pam_chauthtok_conv().
 2003-11-13 11:21:31 +11:00
Darren Tucker 439ce0daf9 Add FALLTHROUGH comment 2003-10-09 14:20:15 +10:00
Darren Tucker 8846a07639 - (dtucker) [auth-pam.c auth-pam.h session.c] Make PAM use the new static 
cleanup functions.  With & ok djm@
 2003-10-07 11:30:15 +10:00
Damien Miller 5c3a55846a - (djm) Sync with V_3_7 branch: 
- (djm) Fix SSH1 challenge kludge
   - (djm) Bug #671: Fix builds on OpenBSD
   - (djm) Bug #676: Fix PAM stack corruption
   - (djm) Fix bad free() in PAM code
   - (djm) Don't call pam_end before pam_init
   - (djm) Enable build with old OpenSSL again
   - (djm) Trim deprecated options from INSTALL. Mention UsePAM
   - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
 2003-09-23 22:12:38 +10:00
Damien Miller f2728099ba - (djm) Sync with V_3_7 branch 2003-09-17 07:24:25 +10:00
Darren Tucker 455813b79e Add extern __progname, needed if SSHD_PAM_SERVICE not defined 2003-09-13 22:12:11 +10:00
Darren Tucker c58c2eedb0 - (dtucker) [auth-pam.c] Use SSHD_PAM_SERVICE for PAM service name, patch 
from cjwatson at debian.org.
 2003-09-13 22:02:05 +10:00
Damien Miller 341c6e687c - (djm) Bug #423: reorder setting of PAM_TTY and calling of PAM session 
management (now done in do_setusercontext). Largely from
   michael_steffens AT hp.com
 2003-09-02 23:18:52 +10:00
Damien Miller f4b6f10ded - (djm) Don't initialise pam_conv structures inline. Avoids HP/UX compiler 
error. Part of Bug #423, patch from  michael_steffens AT hp.com
 2003-09-02 23:12:06 +10:00
Darren Tucker 49aaf4ad52 - (dtucker) [Makefile.in acconfig.h auth-krb5.c auth-pam.c auth-pam.h 
configure.ac defines.h gss-serv-krb5.c session.c ssh-gss.h sshconnect1.c
   sshconnect2.c] Add Portable GSSAPI support, patch by Simon Wilkinson.
 2003-08-26 11:58:16 +10:00
Damien Miller 1f499fd368 - (djm) Bug #564: Perform PAM account checks for all authentications when 
UsePAM=yes; ok dtucker
 2003-08-25 13:08:49 +10:00
Darren Tucker f38db7f5da - (dtucker) [auth-pam.c] Don't set PAM_TTY if tty is null. ok djm@ 2003-08-08 13:43:37 +10:00
Damien Miller 7f2d795e3f - (djm) [auth-pam.c] Don't use crappy APIs like sprintf. Thanks bal 2003-07-30 14:53:11 +10:00
Damien Miller 3a961dc0d3 - (djm) OpenBSD CVS Sync 
- markus@cvs.openbsd.org 2003/06/02 09:17:34
     [auth2-hostbased.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c]
     [canohost.c monitor.c servconf.c servconf.h session.c sshd_config]
     [sshd_config.5]
     deprecate VerifyReverseMapping since it's dangerous if combined
     with IP based access control as noted by Mike Harding; replace with
     a UseDNS option, UseDNS is on by default and includes the
     VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@
     ok deraadt@, djm@
 - (djm) Fix portable-specific uses of verify_reverse_mapping too
 2003-06-03 10:25:48 +10:00
Damien Miller 46337202d4 - (djm) Fix segv from bad reordering in auth-pam.c 2003-06-02 11:04:39 +10:00
Damien Miller 25d9342f04 - (djm) Return of the dreaded PAM_TTY_KLUDGE, which went missing in 
recent merge
 2003-05-18 20:45:47 +10:00
Damien Miller e27c6cc3ad - (djm) Guard free_pam_environment against NULL argument. Works around 
HP/UX PAM problems debugged by dtucker
 2003-05-16 18:21:01 +10:00
Damien Miller 9d507dac1f - (djm) Die screaming if start_pam() is called when UsePAM=no 2003-05-14 15:31:12 +10:00
Damien Miller 4e448a31ae - (djm) Add new UsePAM configuration directive to allow runtime control 
over usage of PAM. This allows non-root use of sshd when built with
   --with-pam
 2003-05-14 15:11:48 +10:00
Damien Miller 4f9f42a9bb - (djm) Merge FreeBSD PAM code: replaces PAM password auth kludge with 
proper challenge-response module
 2003-05-10 19:28:02 +10:00
Damien Miller eab4bae038 - (djm) Add back radix.o (used by AFS support), after it went missing from 
Makefile many moons ago
 - (djm) Apply "owl-always-auth" patch from Openwall/Solar Designer
 - (djm) Fix blibpath specification for AIX/gcc
 - (djm) Some systems have basename in -lgen. Fix from ayamura@ayamura.org
 2003-04-29 23:22:40 +10:00
Damien Miller 996acd2476 *** empty log message *** 2003-04-09 20:59:48 +10:00
Damien Miller 2101bfc4e1 - (djm) Reorganise PAM & SIA password handling to eliminate some common code 2003-01-22 15:42:26 +11:00
Kevin Steves 6a998ebfa9 - (stevesk) [auth-pam.c] should use PAM_MSG_MEMBER(); from solar 2002-07-28 20:24:07 +00:00
Kevin Steves 6fa740ba84 - (stevesk) [auth-pam.c] typo in comment 2002-07-23 00:51:53 +00:00
Kevin Steves 38b050a0f5 - (stevesk) [auth-pam.[ch] session.c] pam_getenvlist() must be 
freed by the caller; add free_pam_environment() and use it.
 2002-07-23 00:44:07 +00:00
Kevin Steves 287077eaf2 - (stevesk) [auth-pam.[ch] ssh.h] move SSHD_PAM_SERVICE to auth-pam.h 2002-07-21 23:59:39 +00:00
Kevin Steves 3429a1bf60 - (stevesk) [auth-pam.c] cast to avoid initialization type mismatch 
warning on pam_conv struct conversation function.
 2002-07-21 22:49:47 +00:00
Kevin Steves 63007d42ee - (stevesk) [auth-pam.c] merge rest of solar's PAM patch; 
PAM_NEW_AUTHTOK_REQD remains in #if 0 for now.
 2002-07-21 17:57:01 +00:00
Kevin Steves 6cdecd0892 - (stevesk) [auth-pam.c] merge cosmetic changes from solar's 
openssh-3.4p1-owl-password-changing.diff
 2002-07-21 17:26:54 +00:00
Damien Miller 23fe57c51c - (djm) Use PAM_MSG_MEMBER for PAM_TEXT_INFO messages, use xmalloc & 
friends consistently. Spotted by Solar Designer <solar@openwall.com>
 2002-07-02 17:08:23 +10:00
Damien Miller f762a4bea5 - (djm) Don't reinitialise PAM credentials before we have started PAM. 
Report from Pekka Savola <pekkas@netcore.fi>
 2002-05-08 12:27:55 +10:00
Damien Miller ae9d5af0de - (djm) Disable PAM password expiry until a complete fix for bug #188 exists 2002-04-26 11:27:24 +10:00
Damien Miller 7941855f09 - (djm) Make privsep work with PAM (still experimental) 2002-04-23 20:28:48 +10:00
Kevin Steves e683e76439 - (stevesk) [auth-pam.c auth-pam.h auth-passwd.c auth-sia.c auth-sia.h 
auth1.c auth2.c] PAM, OSF_SIA password auth cleanup; from djm.
 2002-04-04 19:02:28 +00:00
Damien Miller f3451a2181 - (djm) Cleanup after sync: 
- :%s/reverse_mapping_check/verify_reverse_mapping/g
 2002-02-05 12:40:46 +11:00
Kevin Steves de77b464c6 - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK) 
if permit_empty_passwd == 0 so null password check cannot be bypassed.
   jayaraj@amritapuri.com OpenBSD bug 2168
 2001-11-09 20:22:16 +00:00
Kevin Steves fe2f4a1e37 - (stevesk) Fix compile problem with PAM password change fix 2001-10-28 17:32:38 +00:00
Damien Miller 092564869a - (djm) Fix for PAM password changes being echoed (from stevesk) 2001-10-28 22:36:55 +11:00
Damien Miller 33cdd9ee7b - (djm) Avoid bug in Solaris PAM libs 2001-10-28 22:33:48 +11:00
Kevin Steves 706e7a9cf9 - (stevesk) auth-pam.c: use PERMIT_NO_PASSWD 2001-04-23 18:38:37 +00:00
Kevin Steves 5f3b9b9091 - (stevesk) pam_start() doesn't use DNS now for sshd -u0. 2001-04-23 17:28:28 +00:00
Kevin Steves 85ecbe767e - (stevesk) set the default PAM service name to __progname instead 
of the hard-coded value "sshd"; from Mark D. Roth <roth@feep.net>
 2001-04-20 17:43:47 +00:00
Damien Miller f9e9300947 - (djm) Reestablish PAM credentials (which can be supplemental group 
memberships) after initgroups() blows them away. Report and suggested
   fix from Nalin Dahyabhai <nalin@redhat.com>
 2001-03-27 16:12:24 +10:00
Damien Miller ec7e1b1d0f - (djm) Don't loop forever when changing password via PAM. Patch 
from Solar Designer <solar@openwall.com>
 2001-03-21 13:01:35 +11:00
Damien Miller 2e9adb27e9 - (djm) Make sure pam_retval is initialised on call to pam_end. Patch 
from Solar Designer <solar@openwall.com>
 2001-03-21 12:16:24 +11:00