Age | Commit message (Collapse) | Author | |
---|---|---|---|
2003-09-13 | Add extern __progname, needed if SSHD_PAM_SERVICE not defined | Darren Tucker | |
2003-09-13 | - (dtucker) [auth-pam.c] Use SSHD_PAM_SERVICE for PAM service name, patch | Darren Tucker | |
from cjwatson at debian.org. | |||
2003-09-02 | - (djm) Bug #423: reorder setting of PAM_TTY and calling of PAM session | Damien Miller | |
management (now done in do_setusercontext). Largely from michael_steffens AT hp.com | |||
2003-09-02 | - (djm) Don't initialise pam_conv structures inline. Avoids HP/UX compiler | Damien Miller | |
error. Part of Bug #423, patch from michael_steffens AT hp.com | |||
2003-08-26 | - (dtucker) [Makefile.in acconfig.h auth-krb5.c auth-pam.c auth-pam.h | Darren Tucker | |
configure.ac defines.h gss-serv-krb5.c session.c ssh-gss.h sshconnect1.c sshconnect2.c] Add Portable GSSAPI support, patch by Simon Wilkinson. | |||
2003-08-25 | - (djm) Bug #564: Perform PAM account checks for all authentications when | Damien Miller | |
UsePAM=yes; ok dtucker | |||
2003-08-08 | - (dtucker) [auth-pam.c] Don't set PAM_TTY if tty is null. ok djm@ | Darren Tucker | |
2003-07-30 | - (djm) [auth-pam.c] Don't use crappy APIs like sprintf. Thanks bal | Damien Miller | |
2003-06-03 | - (djm) OpenBSD CVS Sync | Damien Miller | |
- markus@cvs.openbsd.org 2003/06/02 09:17:34 [auth2-hostbased.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c] [canohost.c monitor.c servconf.c servconf.h session.c sshd_config] [sshd_config.5] deprecate VerifyReverseMapping since it's dangerous if combined with IP based access control as noted by Mike Harding; replace with a UseDNS option, UseDNS is on by default and includes the VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@ ok deraadt@, djm@ - (djm) Fix portable-specific uses of verify_reverse_mapping too | |||
2003-06-02 | - (djm) Fix segv from bad reordering in auth-pam.c | Damien Miller | |
2003-05-18 | - (djm) Return of the dreaded PAM_TTY_KLUDGE, which went missing in | Damien Miller | |
recent merge | |||
2003-05-16 | - (djm) Guard free_pam_environment against NULL argument. Works around | Damien Miller | |
HP/UX PAM problems debugged by dtucker | |||
2003-05-14 | - (djm) Die screaming if start_pam() is called when UsePAM=no | Damien Miller | |
2003-05-14 | - (djm) Add new UsePAM configuration directive to allow runtime control | Damien Miller | |
over usage of PAM. This allows non-root use of sshd when built with --with-pam | |||
2003-05-10 | - (djm) Merge FreeBSD PAM code: replaces PAM password auth kludge with | Damien Miller | |
proper challenge-response module | |||
2003-04-29 | - (djm) Add back radix.o (used by AFS support), after it went missing from | Damien Miller | |
Makefile many moons ago - (djm) Apply "owl-always-auth" patch from Openwall/Solar Designer - (djm) Fix blibpath specification for AIX/gcc - (djm) Some systems have basename in -lgen. Fix from ayamura@ayamura.org | |||
2003-04-09 | *** empty log message *** | Damien Miller | |
2003-01-22 | - (djm) Reorganise PAM & SIA password handling to eliminate some common code | Damien Miller | |
2002-07-28 | - (stevesk) [auth-pam.c] should use PAM_MSG_MEMBER(); from solar | Kevin Steves | |
2002-07-23 | - (stevesk) [auth-pam.c] typo in comment | Kevin Steves | |
2002-07-23 | - (stevesk) [auth-pam.[ch] session.c] pam_getenvlist() must be | Kevin Steves | |
freed by the caller; add free_pam_environment() and use it. | |||
2002-07-21 | - (stevesk) [auth-pam.[ch] ssh.h] move SSHD_PAM_SERVICE to auth-pam.h | Kevin Steves | |
2002-07-21 | - (stevesk) [auth-pam.c] cast to avoid initialization type mismatch | Kevin Steves | |
warning on pam_conv struct conversation function. | |||
2002-07-21 | - (stevesk) [auth-pam.c] merge rest of solar's PAM patch; | Kevin Steves | |
PAM_NEW_AUTHTOK_REQD remains in #if 0 for now. | |||
2002-07-21 | - (stevesk) [auth-pam.c] merge cosmetic changes from solar's | Kevin Steves | |
openssh-3.4p1-owl-password-changing.diff | |||
2002-07-02 | - (djm) Use PAM_MSG_MEMBER for PAM_TEXT_INFO messages, use xmalloc & | Damien Miller | |
friends consistently. Spotted by Solar Designer <solar@openwall.com> | |||
2002-05-08 | - (djm) Don't reinitialise PAM credentials before we have started PAM. | Damien Miller | |
Report from Pekka Savola <pekkas@netcore.fi> | |||
2002-04-26 | - (djm) Disable PAM password expiry until a complete fix for bug #188 exists | Damien Miller | |
2002-04-23 | - (djm) Make privsep work with PAM (still experimental) | Damien Miller | |
2002-04-04 | - (stevesk) [auth-pam.c auth-pam.h auth-passwd.c auth-sia.c auth-sia.h | Kevin Steves | |
auth1.c auth2.c] PAM, OSF_SIA password auth cleanup; from djm. | |||
2002-02-05 | - (djm) Cleanup after sync: | Damien Miller | |
- :%s/reverse_mapping_check/verify_reverse_mapping/g | |||
2001-11-09 | - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK) | Kevin Steves | |
if permit_empty_passwd == 0 so null password check cannot be bypassed. jayaraj@amritapuri.com OpenBSD bug 2168 | |||
2001-10-28 | - (stevesk) Fix compile problem with PAM password change fix | Kevin Steves | |
2001-10-28 | - (djm) Fix for PAM password changes being echoed (from stevesk) | Damien Miller | |
2001-10-28 | - (djm) Avoid bug in Solaris PAM libs | Damien Miller | |
2001-04-23 | - (stevesk) auth-pam.c: use PERMIT_NO_PASSWD | Kevin Steves | |
2001-04-23 | - (stevesk) pam_start() doesn't use DNS now for sshd -u0. | Kevin Steves | |
2001-04-20 | - (stevesk) set the default PAM service name to __progname instead | Kevin Steves | |
of the hard-coded value "sshd"; from Mark D. Roth <roth@feep.net> | |||
2001-03-27 | - (djm) Reestablish PAM credentials (which can be supplemental group | Damien Miller | |
memberships) after initgroups() blows them away. Report and suggested fix from Nalin Dahyabhai <nalin@redhat.com> | |||
2001-03-21 | - (djm) Don't loop forever when changing password via PAM. Patch | Damien Miller | |
from Solar Designer <solar@openwall.com> | |||
2001-03-21 | - (djm) Make sure pam_retval is initialised on call to pam_end. Patch | Damien Miller | |
from Solar Designer <solar@openwall.com> | |||
2001-03-01 | - (djm) Force standard PAM conversation function in a few more places. | Damien Miller | |
Patch from Redhat 2.5.1p1-2 RPM, probably Nalin Dahyabhai <nalin@redhat.com> | |||
2001-02-27 | whitspace | Damien Miller | |
2001-02-15 | - (djm) Clean up PAM namespace. Suggested by Darren Moffat | Damien Miller | |
<Darren.Moffat@eng.sun.com> | |||
2001-02-14 | - (djm) Don't try to close PAM session or delete credentials if the | Damien Miller | |
session has not been open or credentials not set. Based on patch from Andrew Bartlett <abartlet@pcug.org.au> | |||
2001-02-11 | Oops - missed a bit of previous diff | Damien Miller | |
2001-02-11 | - (djm) Set PAM_RHOST earlier, patch from Andrew Bartlett | Damien Miller | |
<abartlet@pcug.org.au> | |||
2001-02-07 | - (djm) Much KNF on PAM code | Damien Miller | |
- (djm) Revise auth-pam.c conversation function to be a little more readable. - (djm) Revise kbd-int PAM conversation function to fold all text messages to before first prompt. Fixes hangs if last pam_message did not require a reply. - (djm) Fix password changing when using PAM kbd-int authentication | |||
2001-02-05 | - stevesk@cvs.openbsd.org 2001/02/04 08:32:27 | Kevin Steves | |
[many files; did this manually to our top-level source dir] unexpand and remove end-of-line whitespace; ok markus@ | |||
2001-02-04 | NB: big update - may break stuff. Please test! | Damien Miller | |
- (djm) OpenBSD CVS sync: - markus@cvs.openbsd.org 2001/02/03 03:08:38 [auth-options.c auth-rh-rsa.c auth-rhosts.c auth.c canohost.c] [canohost.h servconf.c servconf.h session.c sshconnect1.c sshd.8] [sshd_config] make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@ - markus@cvs.openbsd.org 2001/02/03 03:19:51 [ssh.1 sshd.8 sshd_config] Skey is now called ChallengeResponse - markus@cvs.openbsd.org 2001/02/03 03:43:09 [sshd.8] use no-pty option in .ssh/authorized_keys* if you need a 8-bit clean channel. note from Erik.Anggard@cygate.se (pr/1659) - stevesk@cvs.openbsd.org 2001/02/03 10:03:06 [ssh.1] typos; ok markus@ - djm@cvs.openbsd.org 2001/02/04 04:11:56 [scp.1 sftp-server.c ssh.1 sshd.8 sftp-client.c sftp-client.h] [sftp-common.c sftp-common.h sftp-int.c sftp-int.h sftp.1 sftp.c] Basic interactive sftp client; ok theo@ - (djm) Update RPM specs for new sftp binary - (djm) Update several bits for new optional reverse lookup stuff. I think I got them all. |