diff options
| author | Colin Watson <cjwatson@debian.org> | 2007-12-24 10:29:57 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2007-12-24 10:29:57 +0000 |
| commit | c3e531b12b2335b7fa5a6bcc9a309d3c523ff64b (patch) | |
| tree | b72c0867348e7e7914d64af6fc5e25c728922e03 /auth-pam.c | |
| parent | 6b222fdf3cb54c11a446df38e027fe7acf2220cb (diff) | |
| parent | 70847d299887abb96f8703ca99db6d817b78960e (diff) | |
* New upstream release (closes: #453367).
- CVE-2007-4752: Prevent ssh(1) from using a trusted X11 cookie if
creation of an untrusted cookie fails; found and fixed by Jan Pechanec
(closes: #444738).
- sshd(8) in new installations defaults to SSH Protocol 2 only. Existing
installations are unchanged.
- The SSH channel window size has been increased, and both ssh(1)
sshd(8) now send window updates more aggressively. These improves
performance on high-BDP (Bandwidth Delay Product) networks.
- ssh(1) and sshd(8) now preserve MAC contexts between packets, which
saves 2 hash calls per packet and results in 12-16% speedup for
arcfour256/hmac-md5.
- A new MAC algorithm has been added, UMAC-64 (RFC4418) as
"umac-64@openssh.com". UMAC-64 has been measured to be approximately
20% faster than HMAC-MD5.
- Failure to establish a ssh(1) TunnelForward is now treated as a fatal
error when the ExitOnForwardFailure option is set.
- ssh(1) returns a sensible exit status if the control master goes away
without passing the full exit status.
- When using a ProxyCommand in ssh(1), set the outgoing hostname with
gethostname(2), allowing hostbased authentication to work.
- Make scp(1) skip FIFOs rather than hanging (closes: #246774).
- Encode non-printing characters in scp(1) filenames. These could cause
copies to be aborted with a "protocol error".
- Handle SIGINT in sshd(8) privilege separation child process to ensure
that wtmp and lastlog records are correctly updated.
- Report GSSAPI mechanism in errors, for libraries that support multiple
mechanisms.
- Improve documentation for ssh-add(1)'s -d option.
- Rearrange and tidy GSSAPI code, removing server-only code being linked
into the client.
- Delay execution of ssh(1)'s LocalCommand until after all forwardings
have been established.
- In scp(1), do not truncate non-regular files.
- Improve exit message from ControlMaster clients.
- Prevent sftp-server(8) from reading until it runs out of buffer space,
whereupon it would exit with a fatal error (closes: #365541).
- pam_end() was not being called if authentication failed
(closes: #405041).
- Manual page datestamps updated (closes: #433181).
Diffstat (limited to 'auth-pam.c')
| -rw-r--r-- | auth-pam.c | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/auth-pam.c b/auth-pam.c index c08d47229..a07f1fe77 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
| @@ -161,9 +161,9 @@ sshpam_sigchld_handler(int sig) | |||
| 161 | WTERMSIG(sshpam_thread_status) == SIGTERM) | 161 | WTERMSIG(sshpam_thread_status) == SIGTERM) |
| 162 | return; /* terminated by pthread_cancel */ | 162 | return; /* terminated by pthread_cancel */ |
| 163 | if (!WIFEXITED(sshpam_thread_status)) | 163 | if (!WIFEXITED(sshpam_thread_status)) |
| 164 | fatal("PAM: authentication thread exited unexpectedly"); | 164 | sigdie("PAM: authentication thread exited unexpectedly"); |
| 165 | if (WEXITSTATUS(sshpam_thread_status) != 0) | 165 | if (WEXITSTATUS(sshpam_thread_status) != 0) |
| 166 | fatal("PAM: authentication thread exited uncleanly"); | 166 | sigdie("PAM: authentication thread exited uncleanly"); |
| 167 | } | 167 | } |
| 168 | 168 | ||
| 169 | /* ARGSUSED */ | 169 | /* ARGSUSED */ |
| @@ -686,8 +686,7 @@ sshpam_init_ctx(Authctxt *authctxt) | |||
| 686 | return (NULL); | 686 | return (NULL); |
| 687 | } | 687 | } |
| 688 | 688 | ||
| 689 | ctxt = xmalloc(sizeof *ctxt); | 689 | ctxt = xcalloc(1, sizeof *ctxt); |
| 690 | memset(ctxt, 0, sizeof(*ctxt)); | ||
| 691 | 690 | ||
| 692 | /* Start the authentication thread */ | 691 | /* Start the authentication thread */ |
| 693 | if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, socks) == -1) { | 692 | if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, socks) == -1) { |
| @@ -985,7 +984,8 @@ sshpam_tty_conv(int n, sshpam_const struct pam_message **msg, | |||
| 985 | break; | 984 | break; |
| 986 | case PAM_PROMPT_ECHO_ON: | 985 | case PAM_PROMPT_ECHO_ON: |
| 987 | fprintf(stderr, "%s\n", PAM_MSG_MEMBER(msg, i, msg)); | 986 | fprintf(stderr, "%s\n", PAM_MSG_MEMBER(msg, i, msg)); |
| 988 | fgets(input, sizeof input, stdin); | 987 | if (fgets(input, sizeof input, stdin) == NULL) |
| 988 | input[0] = '\0'; | ||
| 989 | if ((reply[i].resp = strdup(input)) == NULL) | 989 | if ((reply[i].resp = strdup(input)) == NULL) |
| 990 | goto fail; | 990 | goto fail; |
| 991 | reply[i].resp_retcode = PAM_SUCCESS; | 991 | reply[i].resp_retcode = PAM_SUCCESS; |
| @@ -1130,9 +1130,8 @@ sshpam_passwd_conv(int n, sshpam_const struct pam_message **msg, | |||
| 1130 | if (n <= 0 || n > PAM_MAX_NUM_MSG) | 1130 | if (n <= 0 || n > PAM_MAX_NUM_MSG) |
| 1131 | return (PAM_CONV_ERR); | 1131 | return (PAM_CONV_ERR); |
| 1132 | 1132 | ||
| 1133 | if ((reply = malloc(n * sizeof(*reply))) == NULL) | 1133 | if ((reply = calloc(n, sizeof(*reply))) == NULL) |
| 1134 | return (PAM_CONV_ERR); | 1134 | return (PAM_CONV_ERR); |
| 1135 | memset(reply, 0, n * sizeof(*reply)); | ||
| 1136 | 1135 | ||
| 1137 | for (i = 0; i < n; ++i) { | 1136 | for (i = 0; i < n; ++i) { |
| 1138 | switch (PAM_MSG_MEMBER(msg, i, msg_style)) { | 1137 | switch (PAM_MSG_MEMBER(msg, i, msg_style)) { |