summaryrefslogtreecommitdiff
path: root/auth-pam.c
AgeCommit message (Collapse)Author
2006-03-26 - djm@cvs.openbsd.org 2006/03/25 01:13:23Damien Miller
[buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c] [sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c] [uidswap.c] change OpenSSH's xrealloc() function from being xrealloc(p, new_size) to xrealloc(p, new_nmemb, new_itemsize). realloc is particularly prone to integer overflows because it is almost always allocating "n * size" bytes, so this is a far safer API; ok deraadt@
2006-03-26 - deraadt@cvs.openbsd.org 2006/03/19 18:51:18Damien Miller
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c] [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c] [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c] [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c] [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c] [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c] [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c] [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c] [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c] [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c] [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c] [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c] [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c] [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c] [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c] [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c] [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c] [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c] [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c] RCSID() can die
2006-03-18- (djm) [auth-pam.c] Fix memleak in error path, from Coverity viaDamien Miller
elad AT NetBSD.org
2006-03-15 - (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c]Damien Miller
[sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c] [sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c] [openbsd-compat/glob.c openbsd-compat/mktemp.c] [openbsd-compat/readpassphrase.c] Lots of include fixes for OpenSolaris
2006-01-29Correct format in debug messageDarren Tucker
2005-09-28 - (dtucker) [auth-pam.c] Bug #1028: send final non-query messages fromDarren Tucker
PAM via keyboard-interactive. Patch tested by the folks at Vintela.
2005-07-17 - (djm) [auth-pam.c sftp.c] spaces vs. tabs at start of lineDamien Miller
2005-07-17 - (djm) [acss.c auth-pam.c auth-shadow.c auth-skey.c auth1.c canohost.c]Damien Miller
[cipher-acss.c loginrec.c ssh-rand-helper.c sshd.c] Fix whitespace at EOL in portable too ("perl -p -i -e 's/\s+$/\n/' *.[ch]")
2005-07-16 - (dtucker) [auth-pam.c] Ensure that only one side of the authenticationDarren Tucker
socketpair stays open on in both the monitor and PAM process. Patch from Joerg Sonnenberger.
2005-05-26 - (dtucker) [auth-pam.c] Bug #1033: Fix warnings building with PAM on Linux:Darren Tucker
warning: dereferencing type-punned pointer will break strict-aliasing rules warning: passing arg 3 of `pam_get_item' from incompatible pointer type The type-punned pointer fix is based on a patch from SuSE's rpm. ok djm@
2005-05-25 - (dtucker) [auth-pam.c] Since people don't seem to be getting the messageDarren Tucker
that USE_POSIX_THREADS is unsupported, not recommended and generally a bad idea, it is now known as UNSUPPORTED_POSIX_THREADS_HACK. Attempting to use USE_POSIX_THREADS will now generate an error so we don't silently change behaviour. ok djm@
2005-01-20Oops, did not intend to commit this yetDarren Tucker
2005-01-20 - djm@cvs.openbsd.org 2004/12/22 02:13:19Darren Tucker
[cipher-ctr.c cipher.c] remove fallback AES support for old OpenSSL, as OpenBSD has had it for many years now; ok deraadt@ (Id sync only: Portable will continue to support older OpenSSLs)
2005-01-20 - (dtucker) [auth-pam.c] Bug #971: Prevent leaking information about userDarren Tucker
existence via keyboard-interactive/pam, in conjunction with previous auth2-chall.c change; with Colin Watson and djm.
2004-10-16 - (djm) [auth-pam.c] snprintf->strl*, fix server message length calculationsDamien Miller
2004-09-11 - (dtucker) [auth-pam.c auth.h auth2-none.c auth2.c monitor.c monitor_wrap.c]Darren Tucker
Bug #892: Send messages from failing PAM account modules to the client via SSH2_MSG_USERAUTH_BANNER messages. Note that this will not happen with SSH2 kbdint authentication, which need to be dealt with separately. ok djm@
2004-09-11 - (dtucker) [auth-pam.c] Relocate sshpam_store_conv(), no code change.Darren Tucker
2004-09-11 - (dtucker) [auth-pam.c auth-pam.h session.c] Bug #890: Send output fromDarren Tucker
failing PAM session modules to user then exit, similar to the way /etc/nologin is handled. ok djm@
2004-08-16 - (dtucker) [acconfig.h auth-pam.c configure.ac] Set real uid to non-rootDarren Tucker
to convince Solaris PAM to honour password complexity rules. ok djm@
2004-07-21 - (djm) [auth-pam.c] Portable parts of bz#899: Don't display invalidDamien Miller
usernames in setproctitle from peak AT argo.troja.mff.cuni.cz;
2004-07-19 - (djm) [auth-pam.c] Avoid use of xstrdup and friends in conversation function,Damien Miller
instead return PAM_CONV_ERR, avoiding another path to fatal(); ok dtucker@
2004-07-11 - (dtucker) [auth-pam.c] Check for zero from waitpid() too, which allowsDarren Tucker
the monitor to properly clean up the PAM thread (Debian bug #252676).
2004-07-01 - (dtucker) [auth-pam.c] Bug #559 (last piece): Pass DISALLOW_NULL_AUTHTOKDarren Tucker
to pam_authenticate for challenge-response auth too. Originally from fcusack at fcusack.com, ok djm@
2004-07-01 - (dtucker) [auth-pam.c] Bug #705: Make arguments match PAM specs, fixesDarren Tucker
warnings on compliant platforms. From paul.a.bolton at bt.com. ok djm@
2004-06-30 - (dtucker) [auth-pam.c] Check for buggy PAM modules that return a NULLDarren Tucker
appdata_ptr to the conversation function. ok djm@ By rights we should free the messages too, but if this happens then one of the modules has already proven itself to be buggy so can we trust the messages?
2004-06-19 - (dtucker) [auth-pam.c] Don't use PAM namespace forDarren Tucker
pam_password_change_required either.
2004-06-03 - (dtucker) [auth-pam.c] Don't use pam_* namespace for sshd's PAM functions.Darren Tucker
ok djm@
2004-06-01 - (djm) [auth-pam.c] Add copyright for local changesDamien Miller
2004-05-30 - (dtucker) [auth-pam.c] Use an invalid password for root ifDarren Tucker
PermitRootLogin != yes or the login is invalid, to prevent leaking information. Based on Openwall's owl-always-auth patch. ok djm@
2004-05-30 - (dtucker) [auth-pam.c auth-pam.h auth-passwd.c]: Bug #874: Re-add PAMDarren Tucker
support for PasswordAuthentication=yes. ok djm@
2004-05-24 - (dtucker) [auth-pam.c] Bug #839: Ensure that pam authentication "thread"Darren Tucker
is terminated if the privsep slave exits during keyboard-interactive authentication. ok djm@
2004-05-13 - (dtucker) [auth-pam.c scard-opensc.c] Tinderbox says auth-pam.c usesDarren Tucker
readpass.h, grep says scard-opensc.c does too. Replace with misc.h.
2004-04-18 - (dtucker) [auth-pam.c] Log username and source host for failed PAMDarren Tucker
authentication attempts. With & ok djm@
2004-03-30 - (dtucker) [auth-pam.c] rename the_authctxt to sshpam_authctxt in auth-pam.cDarren Tucker
to reduce potential confusion with the one in sshd.c. ok djm@
2004-03-08 - (dtucker) [auth-pam.c auth-pam.h auth1.c auth2.c monitor.c monitor_wrap.cDarren Tucker
monitor_wrap.h] Bug #808: Ensure force_pwchange is correctly initialized even if keyboard-interactive is not used by the client. Prevents segfaults in some cases where the user's password is expired (note this is not considered a security exposure). ok djm@
2004-03-04 - (dtucker) [auth-pam.c] Reset signal status when starting pam auth thread,Darren Tucker
prevent hanging during PAM keyboard-interactive authentications. ok djm@
2004-03-04 - (dtucker) [auth-pam.c] Don't try to export PAM when compiled withDarren Tucker
-DUSE_POSIX_THREADS. From antoine.verheijen at ualbert ca. ok djm@
2004-02-17 - (dtucker) [auth-pam.c] Store output from pam_session and pam_setcred forDarren Tucker
display after login. Should fix problems like pam_motd not displaying anything, noticed by cjwatson at debian.org. ok djm@
2004-02-17 - (dtucker) [auth-pam.c] Tidy up PAM debugging. ok djm@Darren Tucker
2004-02-10 - (dtucker) [auth-pam.c auth-pam.h session.c] Bug #14: Use do_pwchange toDarren Tucker
change expired PAM passwords for SSHv1 connections without privsep. pam_chauthtok is still used when privsep is disabled. ok djm@
2004-01-15 - (dtucker) [auth-pam.c] Add minor debugging.Darren Tucker
2004-01-14 - (dtucker) [auth-pam.c] Reset signal handler in pthread_cancel too, addDarren Tucker
test for case where cleanup has already run.
2004-01-14 - (dtucker) [auth-pam.c] Have monitor die if PAM authentication thread exitsDarren Tucker
unexpectedly. with & ok djm@
2004-01-13 - (dtucker) [auth-pam.c] Relocate struct pam_ctxt and prototypes. NoDarren Tucker
functional changes. This is in preparation for a change to catch the authentication thread exitting unexpectedly, to split functional and cosmetic changes.
2004-01-08 - (dtucker) [auth-pam.c defines.h] Bug #783: move __unused to defines.h andDarren Tucker
only define if not already. From des at freebsd.org.
2004-01-02 - (djm) OSX/Darwin put the PAM headers in a different place, detect this.Damien Miller
Report from jakob@
2003-12-18Enable commented-out "if (compat20)" test. (Should not have been committed.)Darren Tucker
2003-12-18 - (dtucker) [auth-pam.c] Do PAM chauthtok during SSH2 keyboard-interactiveDarren Tucker
authentication. Partially fixes bug #423. Feedback & ok djm@ Some background on why this is the way it is: * Solaris 8's pam_chauthtok ignores the CHANGE_EXPIRED_AUTHTOK flag, so we must call do_pam_account() to figure out if the password is expired. * AIX 5.2 does not like having pam_acct_mgmt() called twice, once from the authentication thread and once from the main shell child, so we cache the result, which must be passed from the authentication thread back to the monitor.
2003-11-21more whitespace (tabs this time)Damien Miller
2003-11-21 - djm@cvs.openbsd.org 2003/11/21 11:57:03Damien Miller
[everything] unexpand and delete whitespace at EOL; ok markus@ (done locally and RCS IDs synced)