mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-12-27 12:22:09 +00:00
- dtucker@cvs.openbsd.org 2007/03/01 10:28:02
[auth2.c sshd_config.5 servconf.c] Remove ChallengeResponseAuthentication support inside a Match block as its interaction with KbdInteractive makes it difficult to support. Also, relocate the CR/kbdint option special-case code into servconf. "please commit" djm@, ok markus@ for the relocation.
This commit is contained in:
parent
cf0d2db2fa
commit
1d75f22c5d
11
ChangeLog
11
ChangeLog
@ -1,3 +1,12 @@
|
||||
20070301
|
||||
- (dtucker) OpenBSD CVS Sync
|
||||
- dtucker@cvs.openbsd.org 2007/03/01 10:28:02
|
||||
[auth2.c sshd_config.5 servconf.c]
|
||||
Remove ChallengeResponseAuthentication support inside a Match
|
||||
block as its interaction with KbdInteractive makes it difficult to
|
||||
support. Also, relocate the CR/kbdint option special-case code into
|
||||
servconf. "please commit" djm@, ok markus@ for the relocation.
|
||||
|
||||
20070228
|
||||
- (dtucker) OpenBSD CVS Sync
|
||||
- dtucker@cvs.openbsd.org 2007/02/28 00:55:30
|
||||
@ -2773,4 +2782,4 @@
|
||||
OpenServer 6 and add osr5bigcrypt support so when someone migrates
|
||||
passwords between UnixWare and OpenServer they will still work. OK dtucker@
|
||||
|
||||
$Id: ChangeLog,v 1.4624 2007/02/28 10:19:58 dtucker Exp $
|
||||
$Id: ChangeLog,v 1.4625 2007/03/01 10:31:28 dtucker Exp $
|
||||
|
6
auth2.c
6
auth2.c
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: auth2.c,v 1.113 2006/08/03 03:34:41 deraadt Exp $ */
|
||||
/* $OpenBSD: auth2.c,v 1.114 2007/03/01 10:28:02 dtucker Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||
*
|
||||
@ -96,10 +96,6 @@ int user_key_allowed(struct passwd *, Key *);
|
||||
void
|
||||
do_authentication2(Authctxt *authctxt)
|
||||
{
|
||||
/* challenge-response is implemented via keyboard interactive */
|
||||
if (options.challenge_response_authentication)
|
||||
options.kbd_interactive_authentication = 1;
|
||||
|
||||
dispatch_init(&dispatch_protocol_error);
|
||||
dispatch_set(SSH2_MSG_SERVICE_REQUEST, &input_service_request);
|
||||
dispatch_run(DISPATCH_BLOCK, &authctxt->success, authctxt);
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: servconf.c,v 1.169 2007/02/22 12:58:40 dtucker Exp $ */
|
||||
/* $OpenBSD: servconf.c,v 1.170 2007/03/01 10:28:02 dtucker Exp $ */
|
||||
/*
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
* All rights reserved
|
||||
@ -357,7 +357,7 @@ static struct {
|
||||
#endif
|
||||
{ "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
|
||||
{ "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
|
||||
{ "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_ALL },
|
||||
{ "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL },
|
||||
{ "skeyauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, /* alias */
|
||||
{ "checkmail", sDeprecated, SSHCFG_GLOBAL },
|
||||
{ "listenaddress", sListenAddress, SSHCFG_GLOBAL },
|
||||
@ -1350,7 +1350,6 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
|
||||
M_CP_INTOPT(kerberos_authentication);
|
||||
M_CP_INTOPT(hostbased_authentication);
|
||||
M_CP_INTOPT(kbd_interactive_authentication);
|
||||
M_CP_INTOPT(challenge_response_authentication);
|
||||
|
||||
M_CP_INTOPT(allow_tcp_forwarding);
|
||||
M_CP_INTOPT(gateway_ports);
|
||||
@ -1388,4 +1387,8 @@ parse_server_config(ServerOptions *options, const char *filename, Buffer *conf,
|
||||
if (bad_options > 0)
|
||||
fatal("%s: terminating, %d bad configuration options",
|
||||
filename, bad_options);
|
||||
|
||||
/* challenge-response is implemented via keyboard interactive */
|
||||
if (options->challenge_response_authentication == 1)
|
||||
options->kbd_interactive_authentication = 1;
|
||||
}
|
||||
|
@ -34,7 +34,7 @@
|
||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $OpenBSD: sshd_config.5,v 1.72 2007/02/19 10:45:58 dtucker Exp $
|
||||
.\" $OpenBSD: sshd_config.5,v 1.73 2007/03/01 10:28:02 dtucker Exp $
|
||||
.Dd September 25, 1999
|
||||
.Dt SSHD_CONFIG 5
|
||||
.Os
|
||||
@ -513,12 +513,11 @@ keyword.
|
||||
Available keywords are
|
||||
.Cm AllowTcpForwarding ,
|
||||
.Cm Banner ,
|
||||
.Cm ChallengeResponseAuthentication ,
|
||||
.Cm ForceCommand ,
|
||||
.Cm GatewayPorts ,
|
||||
.Cm GSSApiAuthentication ,
|
||||
.Cm KerberosAuthentication ,
|
||||
.Cm KeyboardInteractiveAuthentication ,
|
||||
.Cm KbdInteractiveAuthentication ,
|
||||
.Cm PasswordAuthentication ,
|
||||
.Cm PermitOpen ,
|
||||
.Cm RhostsRSAAuthentication ,
|
||||
|
Loading…
Reference in New Issue
Block a user