Darren Tucker
622d5c561b
- (dtucker) [auth-pam.c] Bug #1534 : move the deletion of PAM credentials on
...
logout to after the session close. Patch from Anicka Bernathova, ok djm.
2009-07-12 22:07:21 +10:00
Darren Tucker
52358d6df3
- (dtucker) [auth-pam.c monitor.c session.c sshd.c] Bug #926 : Move
...
pam_open_session and pam_close_session into the privsep monitor, which
will ensure that pam_session_close is called as root. Patch from Tomas
Mraz.
2008-03-11 22:58:25 +11:00
Darren Tucker
57d4ca9681
- (dtucker) [auth-pam.c] Use sigdie here too. ok djm@
2007-08-10 14:32:34 +10:00
Darren Tucker
2216471510
- (dtucker) [auth-pam.c] Return empty string if fgets fails in
...
sshpam_tty_conv. Patch from ldv at altlinux.org.
2007-05-20 15:26:07 +10:00
Darren Tucker
29171e9f5c
- (dtucker) [auth-pam.c] malloc+memset -> calloc. Patch from
...
ldv at altlinux.org.
2007-05-20 15:20:08 +10:00
Darren Tucker
54e1b2291c
- (dtucker) [auth-pam.c] Propogate TZ environment variable to PAM auth
...
process so that any logging it does is with the right timezone. From
Scott Strickler, ok djm@.
2006-09-17 11:57:46 +10:00
Damien Miller
ded319cca2
- (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]
...
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
[auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
[cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
[dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
[kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
[md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
[scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
[ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
[sshconnect1.c sshconnect2.c sshd.c rc4.diff]
[openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
[openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
[openbsd-compat/port-uw.c]
Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
compile problems reported by rac AT tenzing.org
2006-09-01 15:38:36 +10:00
Damien Miller
75bb664458
- (djm) [auth-pam.c auth-shadow.c auth2-none.c cleanup.c sshd.c]
...
[openbsd-compat/port-tun.c openbsd-compat/port-tun.h] Sprinkle more
includes for Linux in
2006-08-05 14:07:20 +10:00
Damien Miller
4cbfe8ebeb
- (djm) [auth-pam.c auth.c bufaux.h entropy.c openbsd-compat/port-tun.c]
...
remove last traces of bufaux.h - it was merged into buffer.h in the big
includes.h commit
2006-08-05 12:49:30 +10:00
Damien Miller
2ab323e0bd
- (djm) [auth-pam.c defines.h] Move PAM related bits to auth-pam.c
2006-08-05 12:43:32 +10:00
Damien Miller
b8fe89c4d9
- (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c]
...
[canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c]
[gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c]
[servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c]
[ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c]
[openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c]
[openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c]
[openbsd-compat/mktemp.c openbsd-compat/port-linux.c]
[openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c]
[openbsd-compat/setproctitle.c openbsd-compat/xmmap.c]
make the portable tree compile again - sprinkle unistd.h and string.h
back in. Don't redefine __unused, as it turned out to be used in
headers on Linux, and replace its use in auth-pam.c with ARGSUSED
2006-07-24 14:51:00 +10:00
Darren Tucker
341dae59c8
- (dtucker) [auth-krb5.c auth-pam.c] Still more errno.h
2006-07-13 08:45:14 +10:00
Darren Tucker
2c77b7f1c1
- (dtucker) [auth-pam.c] Bug #1188 : pass result of do_pam_account back and
...
do not allow kbdint again after the PAM account check fails. ok djm@
2006-05-15 17:22:33 +10:00
Darren Tucker
d8093e49bf
- (dtucker) [auth-pam.c groupaccess.c monitor.c monitor_wrap.c scard-opensc.c
...
session.c ssh-rand-helper.c sshd.c openbsd-compat/bsd-cygwin_util.c
openbsd-compat/setproctitle.c] Convert malloc(foo*bar) -> calloc(foo,bar)
in Portable-only code; since calloc zeros, remove now-redundant memsets.
Also add a couple of sanity checks. With & ok djm@
2006-05-04 16:24:34 +10:00
Damien Miller
36812092ec
- djm@cvs.openbsd.org 2006/03/25 01:13:23
...
[buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c]
[sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c]
[uidswap.c]
change OpenSSH's xrealloc() function from being xrealloc(p, new_size)
to xrealloc(p, new_nmemb, new_itemsize).
realloc is particularly prone to integer overflows because it is
almost always allocating "n * size" bytes, so this is a far safer
API; ok deraadt@
2006-03-26 14:22:47 +11:00
Damien Miller
b0fb6872ed
- deraadt@cvs.openbsd.org 2006/03/19 18:51:18
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
[auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
[auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
[auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
[auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
[canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
[cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
[compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
[groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
[kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
[loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
[monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
[nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
[scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
[sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
[ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
[ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
[openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
[openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
[openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
[openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
RCSID() can die
2006-03-26 00:03:21 +11:00
Damien Miller
66f9eb65ff
- (djm) [auth-pam.c] Fix memleak in error path, from Coverity via
...
elad AT NetBSD.org
2006-03-18 23:04:49 +11:00
Damien Miller
6645e7a70d
- (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c]
...
[sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c]
[sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c]
[openbsd-compat/glob.c openbsd-compat/mktemp.c]
[openbsd-compat/readpassphrase.c] Lots of include fixes for
OpenSolaris
2006-03-15 14:42:54 +11:00
Darren Tucker
1d4ebbf143
Correct format in debug message
2006-01-29 16:46:13 +11:00
Darren Tucker
7b1e695846
- (dtucker) [auth-pam.c] Bug #1028 : send final non-query messages from
...
PAM via keyboard-interactive. Patch tested by the folks at Vintela.
2005-09-28 22:33:27 +10:00
Damien Miller
37294fb630
- (djm) [auth-pam.c sftp.c] spaces vs. tabs at start of line
2005-07-17 17:18:49 +10:00
Damien Miller
94cf4c8448
- (djm) [acss.c auth-pam.c auth-shadow.c auth-skey.c auth1.c canohost.c]
...
[cipher-acss.c loginrec.c ssh-rand-helper.c sshd.c] Fix whitespace at EOL
in portable too ("perl -p -i -e 's/\s+$/\n/' *.[ch]")
2005-07-17 17:04:47 +10:00
Darren Tucker
4f1adad4f6
- (dtucker) [auth-pam.c] Ensure that only one side of the authentication
...
socketpair stays open on in both the monitor and PAM process. Patch from
Joerg Sonnenberger.
2005-07-16 11:33:06 +10:00
Darren Tucker
f08bdb5a7e
- (dtucker) [auth-pam.c] Bug #1033 : Fix warnings building with PAM on Linux:
...
warning: dereferencing type-punned pointer will break strict-aliasing rules
warning: passing arg 3 of `pam_get_item' from incompatible pointer type
The type-punned pointer fix is based on a patch from SuSE's rpm. ok djm@
2005-05-26 19:59:48 +10:00
Darren Tucker
328118aa79
- (dtucker) [auth-pam.c] Since people don't seem to be getting the message
...
that USE_POSIX_THREADS is unsupported, not recommended and generally a bad
idea, it is now known as UNSUPPORTED_POSIX_THREADS_HACK. Attempting to use
USE_POSIX_THREADS will now generate an error so we don't silently change
behaviour. ok djm@
2005-05-25 16:18:09 +10:00
Darren Tucker
d5bfa8f9d8
Oops, did not intend to commit this yet
2005-01-20 13:29:51 +11:00
Darren Tucker
d231186fd0
- djm@cvs.openbsd.org 2004/12/22 02:13:19
...
[cipher-ctr.c cipher.c]
remove fallback AES support for old OpenSSL, as OpenBSD has had it for
many years now; ok deraadt@
(Id sync only: Portable will continue to support older OpenSSLs)
2005-01-20 13:27:56 +11:00
Darren Tucker
36a3d60347
- (dtucker) [auth-pam.c] Bug #971 : Prevent leaking information about user
...
existence via keyboard-interactive/pam, in conjunction with previous
auth2-chall.c change; with Colin Watson and djm.
2005-01-20 12:43:38 +11:00
Damien Miller
daffc6a115
- (djm) [auth-pam.c] snprintf->strl*, fix server message length calculations
2004-10-16 18:52:44 +10:00
Darren Tucker
77fc29eeb3
- (dtucker) [auth-pam.c auth.h auth2-none.c auth2.c monitor.c monitor_wrap.c]
...
Bug #892 : Send messages from failing PAM account modules to the client via
SSH2_MSG_USERAUTH_BANNER messages. Note that this will not happen with
SSH2 kbdint authentication, which need to be dealt with separately. ok djm@
2004-09-11 23:07:03 +10:00
Darren Tucker
0a7e3c6c89
- (dtucker) [auth-pam.c] Relocate sshpam_store_conv(), no code change.
2004-09-11 22:28:01 +10:00
Darren Tucker
69687f4b65
- (dtucker) [auth-pam.c auth-pam.h session.c] Bug #890 : Send output from
...
failing PAM session modules to user then exit, similar to the way
/etc/nologin is handled. ok djm@
2004-09-11 22:17:26 +10:00
Darren Tucker
21dd0897d5
- (dtucker) [acconfig.h auth-pam.c configure.ac] Set real uid to non-root
...
to convince Solaris PAM to honour password complexity rules. ok djm@
2004-08-16 23:12:05 +10:00
Damien Miller
2d2ed3d633
- (djm) [auth-pam.c] Portable parts of bz#899: Don't display invalid
...
usernames in setproctitle from peak AT argo.troja.mff.cuni.cz;
2004-07-21 20:54:47 +10:00
Damien Miller
a6fb77fd6c
- (djm) [auth-pam.c] Avoid use of xstrdup and friends in conversation function,
...
instead return PAM_CONV_ERR, avoiding another path to fatal(); ok dtucker@
2004-07-19 09:39:11 +10:00
Darren Tucker
5d423f4ece
- (dtucker) [auth-pam.c] Check for zero from waitpid() too, which allows
...
the monitor to properly clean up the PAM thread (Debian bug #252676 ).
2004-07-11 16:54:08 +10:00
Darren Tucker
1f7e40864f
- (dtucker) [auth-pam.c] Bug #559 (last piece): Pass DISALLOW_NULL_AUTHTOK
...
to pam_authenticate for challenge-response auth too. Originally from
fcusack at fcusack.com, ok djm@
2004-07-01 14:00:14 +10:00
Darren Tucker
e2ba9c2e83
- (dtucker) [auth-pam.c] Bug #705 : Make arguments match PAM specs, fixes
...
warnings on compliant platforms. From paul.a.bolton at bt.com. ok djm@
2004-07-01 12:38:14 +10:00
Darren Tucker
59e06026d7
- (dtucker) [auth-pam.c] Check for buggy PAM modules that return a NULL
...
appdata_ptr to the conversation function. ok djm@
By rights we should free the messages too, but if this happens then one
of the modules has already proven itself to be buggy so can we trust
the messages?
2004-06-30 20:34:31 +10:00
Darren Tucker
17db1c47cf
- (dtucker) [auth-pam.c] Don't use PAM namespace for
...
pam_password_change_required either.
2004-06-19 12:54:38 +10:00
Darren Tucker
94befab9dd
- (dtucker) [auth-pam.c] Don't use pam_* namespace for sshd's PAM functions.
...
ok djm@
2004-06-03 14:53:12 +10:00
Damien Miller
26314f6354
- (djm) [auth-pam.c] Add copyright for local changes
2004-06-01 11:28:20 +10:00
Darren Tucker
e061b1598a
- (dtucker) [auth-pam.c] Use an invalid password for root if
...
PermitRootLogin != yes or the login is invalid, to prevent leaking
information. Based on Openwall's owl-always-auth patch. ok djm@
2004-05-30 22:04:56 +10:00
Darren Tucker
450a158d7e
- (dtucker) [auth-pam.c auth-pam.h auth-passwd.c]: Bug #874 : Re-add PAM
...
support for PasswordAuthentication=yes. ok djm@
2004-05-30 20:43:59 +10:00
Darren Tucker
b53355eca5
- (dtucker) [auth-pam.c] Bug #839 : Ensure that pam authentication "thread"
...
is terminated if the privsep slave exits during keyboard-interactive
authentication. ok djm@
2004-05-24 11:55:36 +10:00
Darren Tucker
b6db172a79
- (dtucker) [auth-pam.c scard-opensc.c] Tinderbox says auth-pam.c uses
...
readpass.h, grep says scard-opensc.c does too. Replace with misc.h.
2004-05-13 17:29:35 +10:00
Darren Tucker
2a9bf4b3d3
- (dtucker) [auth-pam.c] Log username and source host for failed PAM
...
authentication attempts. With & ok djm@
2004-04-18 11:00:26 +10:00
Darren Tucker
17addf0463
- (dtucker) [auth-pam.c] rename the_authctxt to sshpam_authctxt in auth-pam.c
...
to reduce potential confusion with the one in sshd.c. ok djm@
2004-03-30 20:57:57 +10:00
Darren Tucker
dbf7a74ee5
- (dtucker) [auth-pam.c auth-pam.h auth1.c auth2.c monitor.c monitor_wrap.c
...
monitor_wrap.h] Bug #808 : Ensure force_pwchange is correctly initialized
even if keyboard-interactive is not used by the client. Prevents segfaults
in some cases where the user's password is expired (note this is not
considered a security exposure). ok djm@
2004-03-08 23:04:06 +11:00
Darren Tucker
b9b6021667
- (dtucker) [auth-pam.c] Reset signal status when starting pam auth thread,
...
prevent hanging during PAM keyboard-interactive authentications. ok djm@
2004-03-04 20:03:54 +11:00