summaryrefslogtreecommitdiff
path: root/session.c
AgeCommit message (Collapse)Author
2005-02-03 - (dtucker) [Makefile.in auth.c auth.h auth1.c auth2.c loginrec.c monitor.cDarren Tucker
monitor.h monitor_wrap.c monitor_wrap.h session.c sshd.c] Bug #125: (first stage) Add audit instrumentation to sshd, currently disabled by default. with suggestions from and djm@
2005-02-02 - (dtucker) [session.c sshd.c] Bug #445: Propogate KRB5CCNAME if set to childDarren Tucker
the process. Since we also unset KRB5CCNAME at startup, if it's set after authentication it must have been set by the platform's native auth system. This was already done for AIX; this enables it for the general case.
2005-01-20 - markus@cvs.openbsd.org 2004/12/23 17:35:48Darren Tucker
[session.c] check for NULL; from mpech
2004-09-11 - (dtucker) [session.c] Bug #927: make .hushlogin silent again. ok djm@Darren Tucker
2004-09-11 - (dtucker) [auth-pam.c auth-pam.h session.c] Bug #890: Send output fromDarren Tucker
failing PAM session modules to user then exit, similar to the way /etc/nologin is handled. ok djm@
2004-08-30 - (dtucker) [session.c openbsd-compat/bsd-cygwin_util.{c,h}] Bug #915: onlyDarren Tucker
copy required environment variables on Cygwin. Patch from vinschen at redhat.com, ok djm@
2004-08-12 - markus@cvs.openbsd.org 2004/07/28 09:40:29Darren Tucker
[auth.c auth1.c auth2.c cipher.c cipher.h key.c session.c ssh.c sshconnect1.c] more s/illegal/invalid/
2004-07-17 - dtucker@cvs.openbsd.org 2004/07/17 05:31:41Darren Tucker
[monitor.c monitor_wrap.c session.c session.h sshd.c sshlogin.c] Move "Last logged in at.." message generation to the monitor, right before recording the new login. Fixes missing lastlog message when /var/log/lastlog is not world-readable and incorrect datestamp when multiple sessions are used (bz #463); much assistance & ok markus@
2004-07-17 - deraadt@cvs.openbsd.org 2004/07/11 17:48:47Darren Tucker
[channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h sshd.c ttymodes.h] spaces
2004-07-01 - (dtucker) [session.c] Call display_loginmsg again after do_pam_session.Darren Tucker
Ensures messages from PAM modules are displayed when privsep=no. Note: I did not want to just move display_loginmsg since that would change existing behaviour (order of expiry warnings, "Last Login", motd) to less like the native tools.
2004-06-30 - djm@cvs.openbsd.org 2004/06/30 08:36:59Damien Miller
[session.c] unbreak TTY break, diagnosed by darren AT dazwin.com; ok markus@
2004-06-22 - djm@cvs.openbsd.org 2004/06/21 17:53:03Darren Tucker
[session.c] fix fd leak for multiple subsystem connections; with markus@
2004-05-13 - deraadt@cvs.openbsd.org 2004/05/11 19:01:43Darren Tucker
[auth.c auth2-none.c authfile.c channels.c monitor.c monitor_mm.c packet.c packet.h progressmeter.c session.c openbsd-compat/xmmap.c] improve some code lint did not like; djm millert ok
2004-05-13 - djm@cvs.openbsd.org 2004/05/09 01:19:28Darren Tucker
[OVERVIEW auth-rsa.c auth1.c kex.c monitor.c session.c sshconnect1.c sshd.c] removed: mpaux.c mpaux.h kill some more tiny files; ok deraadt@
2004-05-02 - djm@cvs.openbsd.org 2004/04/27 09:46:37Darren Tucker
[readconf.c readconf.h servconf.c servconf.h session.c session.h ssh.c ssh_config.5 sshd_config.5] bz #815: implement ability to pass specified environment variables from the client to the server; ok markus@
2004-04-16 - (djm) [auth-krb5.c auth.h session.c] Explicitly refer to Kerberos ccacheDamien Miller
file using FILE: method, fixes problems on Mac OSX. Patch from simon@sxw.org.uk; ok dtucker@
2004-04-07 - (dtucker) [session.c] Flush stdout after displaying loginmsg. FromDarren Tucker
f_mohr at yahoo.de.
2004-03-27 - (dtucker) [session.c] Bug #817: Clear loginmsg after fork to preventDarren Tucker
duplicate login messages for mutli-session logins. ok djm@
2004-02-24 - (dtucker) [session.c] Bug #789: Only make setcred call for !privsep in theDarren Tucker
non-interactive path. ok djm@
2004-02-10 - (dtucker) [auth-pam.c auth-pam.h session.c] Bug #14: Use do_pwchange toDarren Tucker
change expired PAM passwords for SSHv1 connections without privsep. pam_chauthtok is still used when privsep is disabled. ok djm@
2004-02-06 - markus@cvs.openbsd.org 2004/01/30 09:48:57Darren Tucker
[auth-passwd.c auth.h pathnames.h session.c] support for password change; ok dtucker@ (set password-dead=1w in login.conf to use this). In -Portable, this is currently only platforms using bsdauth.
2004-02-06 - (dtucker) [session.c] Bug #789: Do not call do_pam_setcred as a non-rootDarren Tucker
user, since some modules might fail due to lack of privilege. ok djm@
2004-01-23 - (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c]Darren Tucker
Change AFS symbol to USE_AFS to prevent namespace collisions, do not include kafs.h unless necessary. From deengert at anl.gov. For consistency, all of the libkafs bits are now inside "#if defined(KRB5) && defined(USE_AFS)".
2004-01-23 - (djm) Do pam_session processing for systems with HAVE_LOGIN_CAP; fromDamien Miller
ralf.hack AT pipex.net; ok dtucker@
2004-01-22 - (dtucker) [session.c] Enable AFS support in conjunction with KRB5 notDarren Tucker
just HEIMDAL. Currently this will make no difference, as only Heimdal (which defines KRB5 anyway) has libkafs, however a libkafs that works with MIT may become available. In that case it will be used too.
2004-01-21 - markus@cvs.openbsd.org 2004/01/13 19:23:15Damien Miller
[compress.c session.c] -Wall; ok henning
2004-01-05 - (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c]Darren Tucker
Only enable KerberosGetAFSToken if Heimdal's libkafs is found. with jakob@
2003-12-31 - jakob@cvs.openbsd.org 2003/12/23 16:12:10Darren Tucker
[servconf.c servconf.h session.c sshd_config] implement KerberosGetAFSToken server option. ok markus@, beck@
2003-12-09 - markus@cvs.openbsd.org 2003/12/02 17:01:15Darren Tucker
[channels.c session.c ssh-agent.c ssh.h sshd.c] use SSH_LISTEN_BACKLOG (=128) in listen(2).
2003-11-22sync whitespace - no code changeDamien Miller
2003-11-21more whitespace (tabs this time)Damien Miller
2003-11-21 - djm@cvs.openbsd.org 2003/11/21 11:57:03Damien Miller
[everything] unexpand and delete whitespace at EOL; ok markus@ (done locally and RCS IDs synced)
2003-11-17 - (djm) Export environment variables from authentication subprocess toDamien Miller
parent. Part of Bug #717
2003-11-17 - djm@cvs.openbsd.org 2003/11/04 08:54:09Damien Miller
[auth1.c auth2.c auth2-pubkey.c auth.h auth-krb5.c auth-passwd.c] [auth-rhosts.c auth-rh-rsa.c auth-rsa.c monitor.c serverloop.c] [session.c] standardise arguments to auth methods - they should all take authctxt. check authctxt->valid rather then pw != NULL; ok markus@
2003-10-15 - markus@cvs.openbsd.org 2003/10/14 19:54:39Darren Tucker
[session.c ssh-agent.c] 10X for mkdtemp; djm@
2003-10-07 - (dtucker) [auth-pam.c auth-pam.h session.c] Make PAM use the new staticDarren Tucker
cleanup functions. With & ok djm@
2003-10-02 - (dtucker) [session.c] Fix bus errors on some 64-bit Solaris configurations.Darren Tucker
Based on patches by Matthias Koeppe and Thomas Baden. ok djm@
2003-10-02 - markus@cvs.openbsd.org 2003/09/23 20:17:11Darren Tucker
[Makefile.in auth1.c auth2.c auth.c auth.h auth-krb5.c canohost.c cleanup.c clientloop.c fatal.c gss-serv.c log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h packet.c serverloop.c session.c session.h ssh-agent.c sshd.c] replace fatal_cleanup() and linked list of fatal callbacks with static cleanup_exit() function. re-refine cleanup_exit() where appropriate, allocate sshd's authctxt eary to allow simpler cleanup in sshd. tested by many, ok deraadt@
2003-09-22 - markus@cvs.openbsd.org 2003/09/18 08:49:45Darren Tucker
[deattack.c misc.c session.c ssh-agent.c] more buffer allocation fixes; from Solar Designer; CAN-2003-0682; ok millert@
2003-09-19 - (dtucker) [session.c] Bug #643: Fix size_t -> u_int and fix null derefDarren Tucker
when /etc/default/login doesn't exist or isn't readable. Fixes from jparsons-lists at saffron.net and georg.oppenberg at deu mci com.
2003-09-16 - (dtucker) [acconfig.h configure.ac defines.h session.c] Bug #252: RetrieveDarren Tucker
PATH (or SUPATH) and UMASK from /etc/default/login on platforms that have it (eg Solaris, Reliant Unix). Patch from Robert.Dahlem at siemens.com. ok djm@
2003-09-02 - (djm) Bug #423: reorder setting of PAM_TTY and calling of PAM sessionDamien Miller
management (now done in do_setusercontext). Largely from michael_steffens AT hp.com
2003-09-02 - markus@cvs.openbsd.org 2003/08/31 13:29:05Damien Miller
[session.c] call ssh_gssapi_storecreds conditionally from do_exec(); with sxw@inf.ed.ac.uk
2003-09-02 - markus@cvs.openbsd.org 2003/08/28 12:54:34Damien Miller
[auth-krb5.c auth.h auth1.c monitor.c monitor.h monitor_wrap.c] [monitor_wrap.h readconf.c servconf.c session.c ssh_config.5] [sshconnect1.c sshd.c sshd_config sshd_config.5] remove kerberos support from ssh1, since it has been replaced with GSSAPI; but keep kerberos passwd auth for ssh1 and 2; ok djm, hin, henning, ...
2003-08-26 - (dtucker) [Makefile.in acconfig.h auth-krb5.c auth-pam.c auth-pam.hDarren Tucker
configure.ac defines.h gss-serv-krb5.c session.c ssh-gss.h sshconnect1.c sshconnect2.c] Add Portable GSSAPI support, patch by Simon Wilkinson.
2003-08-26 - markus@cvs.openbsd.org 2003/08/22 10:56:09Darren Tucker
[auth2.c auth2-gss.c auth.h compat.c compat.h gss-genr.c gss-serv-krb5.c gss-serv.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c session.h ssh-gss.h ssh_config.5 sshconnect2.c sshd_config sshd_config.5] support GSS API user authentication; patches from Simon Wilkinson, stripped down and tested by Jakob and myself.
2003-08-25 - (djm) Bug #564: Perform PAM account checks for all authentications whenDamien Miller
UsePAM=yes; ok dtucker
2003-08-13 - markus@cvs.openbsd.org 2003/08/13 08:33:02Darren Tucker
[session.c] use more portable tcsendbreak(3) and ignore break_length; ok deraadt, millert
2003-08-13 - (dtucker) [session.c] Remove #ifdef TIOCSBRK kludge.Darren Tucker
2003-08-07 - (dtucker) [session.c openbsd-compat/bsd-cygwin_util.h] Move CygwinDarren Tucker
specific defines and includes to bsd-cygwin_util.h. Fixes build error too.