summaryrefslogtreecommitdiff
path: root/auth.c
AgeCommit message (Collapse)Author
2003-05-14 - (djm) Add new UsePAM configuration directive to allow runtime controlDamien Miller
over usage of PAM. This allows non-root use of sshd when built with --with-pam
2003-05-14 - (djm) RCSID sync w/ OpenBSDDamien Miller
2003-05-02 - (dtucker) Move handling of bad password authentications into a platformDarren Tucker
specific record_failed_login() function (affects AIX & Unicos).
2003-04-09 - (djm) Fix missed log => logit occurance (reference by function pointer)Damien Miller
2003-04-09*** empty log message ***Damien Miller
2003-01-18 - (djm) Revert fix for Bug #442 for now.Damien Miller
2003-01-08[auth.c] declare today at top of allowed_user() to keep older compilers happy.Tim Rice
2003-01-07 - (djm) Fix my fix of the fix for the Bug #442 for PAM case. Spotted byDamien Miller
dtucker@zip.com.au. Reorder for clarity too.
2003-01-07 - (djm) Bug #178: On AIX /etc/nologin wasnt't shown to users. Fix fromDamien Miller
Ralf.Wenk@fh-karlsruhe.de and dtucker@zip.com.au
2003-01-07 - (djm) Fix Bug #442 for PAM caseDamien Miller
2003-01-07 - (djm) Bug #442: Check for and deny access to accounts with lockedDamien Miller
passwords. Patch from dtucker@zip.com.au
2002-11-09 - (bal) AIX does not log login attempts for unknown users (bug #432).Ben Lindstrom
patch by dtucker@zip.com.au
2002-11-09 - markus@cvs.openbsd.org 2002/11/04 10:07:53Ben Lindstrom
[auth.c] don't compare against pw_home if realpath fails for pw_home (seen on AFS); ok djm@
2002-10-1620021015Ben Lindstrom
- (bal) Fix bug id 383 and only call loginrestrict for AIX if not root.
2002-09-22 - stevesk@cvs.openbsd.org 2002/09/20 18:41:29Damien Miller
[auth.c] log illegal user here for missing privsep case (ssh2). this is executed in the monitor. ok markus@
2002-08-20 - stevesk@cvs.openbsd.org 2002/08/08 23:54:52Ben Lindstrom
[auth.c] typo in comment
2002-07-04 - (bal) Failed password attempts don't increment counter on AIX. Bug #145Ben Lindstrom
2002-05-22unbreak (aaarrrgggh - stupid vi)Damien Miller
2002-05-22rcsid syncDamien Miller
2002-05-15 - markus@cvs.openbsd.org 2002/05/13 20:44:58Ben Lindstrom
[auth-options.c auth.c auth.h] move the packet_send_debug handling from auth-options.c to auth.c; ok provos@
2002-05-10 - (stevesk) [auth.c] Shadow account and expiration cleanup. NowKevin Steves
check for root forced expire. Still don't check for inactive.
2002-03-22 - markus@cvs.openbsd.org 2002/03/19 15:31:47Ben Lindstrom
[auth.c] check for NULL; from provos@
2002-03-22 - markus@cvs.openbsd.org 2002/03/19 14:27:39Ben Lindstrom
[auth.c auth1.c auth2.c] make getpwnamallow() allways call pwcopy()
2002-03-22 - markus@cvs.openbsd.org 2002/03/19 10:49:35Ben Lindstrom
[auth-krb5.c auth-rh-rsa.c auth.c cipher.c key.c misc.h packet.c session.c sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c ttymodes.c] KNF whitespace
2002-03-22 - provos@cvs.openbsd.org 2002/03/18 03:41:08Ben Lindstrom
[auth.c session.c] move auth_approval into getpwnamallow with help from millert@
2002-03-22 - provos@cvs.openbsd.org 2002/03/17 20:25:56Ben Lindstrom
[auth.c auth.h auth1.c auth2.c] getpwnamallow returns struct passwd * only if user valid; okay markus@
2002-03-22 - itojun@cvs.openbsd.org 2002/03/15 11:00:38Ben Lindstrom
[auth.c] fix file type checking (use S_ISREG). ok by markus
2002-03-05 - markus@cvs.openbsd.org 2002/03/01 13:12:10Ben Lindstrom
[auth.c match.c match.h] undo the 'delay hostname lookup' change match.c must not use compress.c (via canonhost.c/packet.c) thanks to wilfried@
2002-03-05 - stevesk@cvs.openbsd.org 2002/02/28 20:56:00Ben Lindstrom
[auth.c] log user not allowed details, from dwd@bell-labs.com; ok markus@
2002-03-05 - stevesk@cvs.openbsd.org 2002/02/28 19:36:28Ben Lindstrom
[auth.c match.c match.h] delay hostname lookup until we see a ``@'' in DenyUsers and AllowUsers for sshd -u0; ok markus@
2002-02-05 - markus@cvs.openbsd.org 2002/01/29 14:32:03Damien Miller
[auth2.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c canohost.c servconf.c servconf.h session.c sshd.8 sshd_config] s/ReverseMappingCheck/VerifyReverseMapping/ and avoid confusion; ok stevesk@
2001-12-21 - deraadt@cvs.openbsd.org 2001/12/19 07:18:56Damien Miller
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h] [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c] [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c] [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c] [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c] [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c] [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config] [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c] basic KNF done while i was looking for something else
2001-12-06 - stevesk@cvs.openbsd.org 2001/11/17 19:14:34Ben Lindstrom
[auth2.c auth.c readconf.c servconf.c ssh-agent.c ssh-keygen.c] enum/int type cleanup where it made sense to do so; ok markus@
2001-11-12 - markus@cvs.openbsd.org 2001/11/08 20:02:24Damien Miller
[auth.c] don't print ROOT in CAPS for the authentication messages, i.e. Accepted publickey for ROOT from 127.0.0.1 port 42734 ssh2 becomes Accepted publickey for root from 127.0.0.1 port 42734 ssh2
2001-10-03 - markus@cvs.openbsd.org 2001/10/03 10:01:20Ben Lindstrom
[auth.c] use realpath() for homedir, too. from jinmei@isl.rdc.toshiba.co.jp
2001-07-14 - markus@cvs.openbsd.org 2001/07/11 18:26:15Damien Miller
[auth.c] no need to call dirname(pw->pw_dir). note that dirname(3) modifies its argument on some systems.
2001-07-14 - (djm) Revert dirname fix, a better one is on its way.Damien Miller
2001-07-11 - (djm) dirname(3) may modify its argument on glibc and other systems.Damien Miller
Patch from markus@, spotted by Tom Holroyd <tomh@po.crl.go.jp>
2001-07-04 - markus@cvs.openbsd.org 2001/06/27 04:48:53Ben Lindstrom
[auth.c match.c sshd.8] tridge@samba.org
2001-07-04 - provos@cvs.openbsd.org 2001/06/25 17:54:47Ben Lindstrom
[auth.c auth.h auth-rsa.c] terminate secure_filename checking after checking homedir. that way it works on AFS. okay markus@
2001-06-25 - markus@cvs.openbsd.org 2001/06/23 00:20:57Ben Lindstrom
[auth2.c auth.c auth.h auth-rh-rsa.c] *known_hosts2 is obsolete for hostbased authentication and only used for backward compat. merge ssh1/2 hostkey check and move it to auth.c
2001-06-10 - (bal) NeXT/MacOS X lack libgen.h and dirname(). Patch by Mark MillerBen Lindstrom
<markm@swoon.net>
2001-06-05 - markus@cvs.openbsd.org 2001/05/24 11:12:42Ben Lindstrom
[auth.c] fix comment; from jakob@
2001-06-05 - markus@cvs.openbsd.org 2001/05/20 17:20:36Ben Lindstrom
[auth-rsa.c auth.c auth.h auth2.c servconf.c servconf.h sshd.8 sshd_config] configurable authorized_keys{,2} location; originally from peter@; ok djm@
2001-03-20 - markus@cvs.openbsd.org 2001/03/19 17:07:23Damien Miller
[auth.c readconf.c] undo /etc/shell and proto 2,1 change for openssh-2.5.2
2001-03-17 - markus@cvs.openbsd.org 2001/03/17 17:27:59Ben Lindstrom
[auth.c] check /etc/shells, too
2001-03-05 - deraadt@cvs.openbsd.org 2001/03/02 18:54:31Ben Lindstrom
[atomicio.c atomicio.h auth-chall.c auth.c auth2-chall.c crc32.h scp.c serverloop.c session.c sftp-server.8 sftp.1 ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh.1 sshd.8] make copyright lines the same format
2001-03-05 - markus@cvs.openbsd.org 2001/02/22 21:59:44Ben Lindstrom
[auth.c auth.h auth1.c auth2.c misc.c misc.h ssh.c] use pwcopy in ssh.c, too
2001-03-01 - (djm) Cygwin needs pw->pw_gecos copied too. Patch from Corinna VinschenDamien Miller
<vinschen@redhat.com>
2001-02-15 - markus@cvs.openbsd.org 2001/02/12 16:16:23Ben Lindstrom
[auth-passwd.c auth.c auth.h auth1.c auth2.c servconf.c servconf.h ssh-keygen.c sshd.8] PermitRootLogin={yes,without-password,forced-commands-only,no} (before this change, root could login even if PermitRootLogin==no)