Commit Graph

153 Commits

Author SHA1 Message Date
Damien Miller
3fcdfd55a3 - OpenBSD CVS Sync
- djm@cvs.openbsd.org 2011/03/10 02:52:57
     [auth2-gss.c auth2.c]
     allow GSSAPI authentication to detect when a server-side failure causes
     authentication failure and don't count such failures against MaxAuthTries;
     bz#1244 from simon AT sxw.org.uk; ok markus@ before lock
2011-05-05 14:04:11 +10:00
Damien Miller
da108ece68 - djm@cvs.openbsd.org 2010/08/31 09:58:37
[auth-options.c auth1.c auth2.c bufaux.c buffer.h kex.c key.c packet.c]
     [packet.h ssh-dss.c ssh-rsa.c]
     Add buffer_get_cstring() and related functions that verify that the
     string extracted from the buffer contains no embedded \0 characters*
     This prevents random (possibly malicious) crap from being appended to
     strings where it would not be noticed if the string is used with
     a string(3) function.

     Use the new API in a few sensitive places.

     * actually, we allow a single one at the end of the string for now because
     we don't know how many deployed implementations get this wrong, but don't
     count on this to remain indefinitely.
2010-08-31 22:36:39 +10:00
Darren Tucker
821d3dbe36 - dtucker@cvs.openbsd.org 2009/06/22 05:39:28
[monitor_wrap.c monitor_mm.c ssh-keygen.c auth2.c gss-genr.c sftp-client.c]
     alphabetize includes; reduces diff vs portable and style(9).
     ok stevesk djm
     (Id sync only; these were already in order in -portable)
2009-06-22 16:11:06 +10:00
Darren Tucker
43e7a358ff - (dtucker) [auth2-jpake.c auth2.c canohost.h session.c] Whitespace and
header-order changes to reduce diff vs OpenBSD.
2009-06-21 19:50:08 +10:00
Damien Miller
01ed2272a1 - djm@cvs.openbsd.org 2008/11/04 08:22:13
[auth.h auth2.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h]
     [readconf.c readconf.h servconf.c servconf.h ssh2.h ssh_config.5]
     [sshconnect2.c sshd_config.5 jpake.c jpake.h schnorr.c auth2-jpake.c]
     [Makefile.in]
     Add support for an experimental zero-knowledge password authentication
     method using the J-PAKE protocol described in F. Hao, P. Ryan,
     "Password Authenticated Key Exchange by Juggling", 16th Workshop on
     Security Protocols, Cambridge, April 2008.

     This method allows password-based authentication without exposing
     the password to the server. Instead, the client and server exchange
     cryptographic proofs to demonstrate of knowledge of the password while
     revealing nothing useful to an attacker or compromised endpoint.

     This is experimental, work-in-progress code and is presently
     compiled-time disabled (turn on -DJPAKE in Makefile.inc).

     "just commit it.  It isn't too intrusive." deraadt@
2008-11-05 16:20:46 +11:00
Damien Miller
0b4d48ba74 - djm@cvs.openbsd.org 2008/07/04 23:30:16
[auth1.c auth2.c]
     Make protocol 1 MaxAuthTries logic match protocol 2's.
     Do not treat the first protocol 2 authentication attempt as
     a failure IFF it is for method "none".
     Makes MaxAuthTries' user-visible behaviour identical for
     protocol 1 vs 2.
     ok dtucker@
2008-07-05 09:44:53 +10:00
Darren Tucker
7c99b1ceda - djm@cvs.openbsd.org 2008/07/02 13:30:34
[auth2.c]
     really really remove the freebie "none" auth try for protocol 2
2008-07-04 12:53:23 +10:00
Darren Tucker
4230a5dc30 - djm@cvs.openbsd.org 2008/07/02 12:36:39
[auth2-none.c auth2.c]
     Make protocol 2 MaxAuthTries behaviour a little more sensible:
     Check whether client has exceeded MaxAuthTries before running
     an authentication method and skip it if they have, previously it
     would always allow one try (for "none" auth).
     Preincrement failure count before post-auth test - previously this
     checked and postincremented, also to allow one "none" try.
     Together, these two changes always count the "none" auth method
     which could be skipped by a malicious client (e.g. an SSH worm)
     to get an extra attempt at a real auth method. They also make
     MaxAuthTries=0 a useful way to block users entirely (esp. in a
     sshd_config Match block).
     Also, move sending of any preauth banner from "none" auth method
     to the first call to input_userauth_request(), so worms that skip
     the "none" method get to see it too.
2008-07-02 22:56:09 +10:00
Damien Miller
b8c9807628 - dtucker@cvs.openbsd.org 2007/09/29 00:25:51
[auth2.c]
     Remove unused prototype.  ok djm@
2007-10-26 14:26:15 +10:00
Darren Tucker
208ac57c30 - stevesk@cvs.openbsd.org 2007/04/14 22:01:58
[auth2.c]
     remove unused macro; from Dmitry V. Levin <ldv@altlinux.org>
2007-05-20 14:58:41 +10:00
Darren Tucker
1d75f22c5d - dtucker@cvs.openbsd.org 2007/03/01 10:28:02
[auth2.c sshd_config.5 servconf.c]
     Remove ChallengeResponseAuthentication support inside a Match
     block as its interaction with KbdInteractive makes it difficult to
     support.  Also, relocate the CR/kbdint option special-case code into
     servconf.  "please commit" djm@, ok markus@ for the relocation.
2007-03-01 21:31:28 +11:00
Damien Miller
d783435315 - deraadt@cvs.openbsd.org 2006/08/03 03:34:42
[OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
     [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
     [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
     [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
     [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
     [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
     [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
     [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
     [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
     [serverloop.c session.c session.h sftp-client.c sftp-common.c]
     [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
     [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
     [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
     [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
     almost entirely get rid of the culture of ".h files that include .h files"
     ok djm, sort of ok stevesk
     makes the pain stop in one easy step
     NB. portable commit contains everything *except* removing includes.h, as
     that will take a fair bit more work as we move headers that are required
     for portability workarounds to defines.h. (also, this step wasn't "easy")
2006-08-05 12:39:39 +10:00
Damien Miller
e3476ed03b - stevesk@cvs.openbsd.org 2006/07/22 20:48:23
[atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
     [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
     [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
     [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
     [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
     [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
     [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
     move #include <string.h> out of includes.h
2006-07-24 14:13:33 +10:00
Damien Miller
9f2abc47eb - stevesk@cvs.openbsd.org 2006/07/06 16:03:53
[auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c]
     [auth-rhosts.c auth-rsa.c auth.c auth.h auth2-hostbased.c]
     [auth2-pubkey.c auth2.c includes.h misc.c misc.h monitor.c]
     [monitor_wrap.c monitor_wrap.h scp.c serverloop.c session.c]
     [session.h sftp-common.c ssh-add.c ssh-keygen.c ssh-keysign.c]
     [ssh.c sshconnect.c sshconnect.h sshd.c sshpty.c sshpty.h uidswap.c]
     [uidswap.h]
     move #include <pwd.h> out of includes.h; ok markus@
2006-07-10 20:53:08 +10:00
Damien Miller
57c30117c1 - djm@cvs.openbsd.org 2006/03/25 13:17:03
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
     [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
     [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
     [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
     [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
     [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
     [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
     [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
     [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c]
     Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
     Theo nuked - our scripts to sync -portable need them in the files
2006-03-26 14:24:48 +11:00
Damien Miller
91d4b12fcb - deraadt@cvs.openbsd.org 2006/03/20 18:17:20
[auth1.c auth2.c sshd.c]
     sprinkle some ARGSUSED for table driven functions (which sometimes
     must ignore their args)
2006-03-26 14:05:20 +11:00
Damien Miller
b0fb6872ed - deraadt@cvs.openbsd.org 2006/03/19 18:51:18
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
     [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
     [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
     [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
     [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
     [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
     [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
     [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
     [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
     [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
     [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
     [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
     [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
     [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
     [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
     [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
     RCSID() can die
2006-03-26 00:03:21 +11:00
Darren Tucker
d3eff2bfa5 - (dtucker) [auth2.c] Move start_pam() calls out of if-else block to remove
duplicate call.  ok djm@
2005-09-24 12:43:51 +10:00
Damien Miller
b6f72f5294 -(djm) [audit.c auth1.c auth2.c entropy.c loginrec.c serverloop.c]
[ssh-rand-helper.c] fix portable 2nd level indents at 4 spaces too
2005-07-17 17:26:43 +10:00
Darren Tucker
2e0cf0dca2 - (dtucker) [audit.c audit.h auth.c auth1.c auth2.c loginrec.c monitor.c
monitor_wrap.c monitor_wrap.h session.c sshd.c]: Prepend all of the audit
   defines and enums with SSH_ to prevent namespace collisions on some
   platforms (eg AIX).
2005-02-08 21:52:47 +11:00
Darren Tucker
269a1ea1c8 - (dtucker) [Makefile.in auth.c auth.h auth1.c auth2.c loginrec.c monitor.c
monitor.h monitor_wrap.c monitor_wrap.h session.c sshd.c] Bug #125:
   (first stage) Add audit instrumentation to sshd, currently disabled by
   default.  with suggestions from and djm@
2005-02-03 00:20:53 +11:00
Darren Tucker
c13866719f - (dtucker) [auth1.c auth2.c] If the user successfully authenticates but is
subsequently denied by the PAM auth stack, send the PAM message to the
   user via packet_disconnect (Protocol 1) or userauth_banner (Protocol 2).
   ok djm@
2004-12-03 14:33:47 +11:00
Darren Tucker
77fc29eeb3 - (dtucker) [auth-pam.c auth.h auth2-none.c auth2.c monitor.c monitor_wrap.c]
Bug #892: Send messages from failing PAM account modules to the client via
   SSH2_MSG_USERAUTH_BANNER messages.  Note that this will not happen with
   SSH2 kbdint authentication, which need to be dealt with separately.  ok djm@
2004-09-11 23:07:03 +10:00
Darren Tucker
5cb30ad2ec - markus@cvs.openbsd.org 2004/07/28 09:40:29
[auth.c auth1.c auth2.c cipher.c cipher.h key.c session.c ssh.c
     sshconnect1.c]
     more s/illegal/invalid/
2004-08-12 22:40:24 +10:00
Damien Miller
30d1f84911 - djm@cvs.openbsd.org 2004/07/21 10:33:31
[auth1.c auth2.c]
     bz#899: Don't display invalid usernames in setproctitle
2004-07-21 20:48:53 +10:00
Darren Tucker
89413dbafa - dtucker@cvs.openbsd.org 2004/05/23 23:59:53
[auth.c auth.h auth1.c auth2.c servconf.c servconf.h sshd_config sshd_config.5]
     Add MaxAuthTries sshd config option; ok markus@
2004-05-24 10:36:23 +10:00
Darren Tucker
dbf7a74ee5 - (dtucker) [auth-pam.c auth-pam.h auth1.c auth2.c monitor.c monitor_wrap.c
monitor_wrap.h] Bug #808: Ensure force_pwchange is correctly initialized
   even if keyboard-interactive is not used by the client.  Prevents segfaults
   in some cases where the user's password is expired (note this is not
   considered a security exposure).  ok djm@
2004-03-08 23:04:06 +11:00
Damien Miller
3e3b5145e5 - djm@cvs.openbsd.org 2003/11/04 08:54:09
[auth1.c auth2.c auth2-pubkey.c auth.h auth-krb5.c auth-passwd.c]
     [auth-rhosts.c auth-rh-rsa.c auth-rsa.c monitor.c serverloop.c]
     [session.c]
     standardise arguments to auth methods - they should all take authctxt.
     check authctxt->valid rather then pw != NULL; ok markus@
2003-11-17 21:13:40 +11:00
Darren Tucker
3e33cecf71 - markus@cvs.openbsd.org 2003/09/23 20:17:11
[Makefile.in auth1.c auth2.c auth.c auth.h auth-krb5.c canohost.c
     cleanup.c clientloop.c fatal.c gss-serv.c log.c log.h monitor.c monitor.h
     monitor_wrap.c monitor_wrap.h packet.c serverloop.c session.c session.h
     ssh-agent.c sshd.c]
     replace fatal_cleanup() and linked list of fatal callbacks with static
     cleanup_exit() function.  re-refine cleanup_exit() where appropriate,
     allocate sshd's authctxt eary to allow simpler cleanup in sshd.
     tested by many, ok deraadt@
2003-10-02 16:12:36 +10:00
Damien Miller
856f0be669 - markus@cvs.openbsd.org 2003/08/26 09:58:43
[auth-passwd.c auth.c auth.h auth1.c auth2-none.c auth2-passwd.c]
     [auth2.c monitor.c]
     fix passwd auth for 'username leaks via timing'; with djm@, original
     patches from solar
2003-09-03 07:32:45 +10:00
Darren Tucker
1e66a39e40 - markus@cvs.openbsd.org 2003/08/22 13:22:27
[auth2.c] (auth2-krb5.c removed)
     nuke "kerberos-2@ssh.com"
2003-08-26 12:08:15 +10:00
Darren Tucker
0efd155c3c - markus@cvs.openbsd.org 2003/08/22 10:56:09
[auth2.c auth2-gss.c auth.h compat.c compat.h gss-genr.c gss-serv-krb5.c
     gss-serv.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c
     readconf.h servconf.c servconf.h session.c session.h ssh-gss.h
     ssh_config.5 sshconnect2.c sshd_config sshd_config.5]
     support GSS API user authentication; patches from Simon Wilkinson,
     stripped down and tested by Jakob and myself.
2003-08-26 11:49:55 +10:00
Damien Miller
1f499fd368 - (djm) Bug #564: Perform PAM account checks for all authentications when
UsePAM=yes; ok dtucker
2003-08-25 13:08:49 +10:00
Darren Tucker
502d384b74 - markus@cvs.openbsd.org 2003/06/24 08:23:46
[auth2-hostbased.c auth2-pubkey.c auth2.c channels.c key.c key.h
      monitor.c packet.c packet.h serverloop.c sshconnect2.c sshd.c]
     int -> u_int; ok djm@, deraadt@, mouring@
2003-06-28 12:38:01 +10:00
Damien Miller
4e448a31ae - (djm) Add new UsePAM configuration directive to allow runtime control
over usage of PAM. This allows non-root use of sshd when built with
   --with-pam
2003-05-14 15:11:48 +10:00
Damien Miller
3ab496b3dd - markus@cvs.openbsd.org 2003/05/14 02:15:47
[auth2.c monitor.c sshconnect2.c auth2-krb5.c]
     implement kerberos over ssh2 ("kerberos-2@ssh.com"); tested with jakob@
     server interops with commercial client; ok jakob@ djm@
2003-05-14 13:47:37 +10:00
Damien Miller
d558092522 - (djm) RCSID sync w/ OpenBSD 2003-05-14 13:40:06 +10:00
Damien Miller
1a27a1ee8c - (djm) Bug #117: Don't lie to PAM about username 2003-05-14 10:27:09 +10:00
Darren Tucker
97363a8b24 - (dtucker) Move handling of bad password authentications into a platform
specific record_failed_login() function (affects AIX & Unicos).
2003-05-02 23:42:25 +10:00
Ben Lindstrom
f50ad1fd04 - (bal) auth2.c same changed as above. 2003-04-27 18:44:31 +00:00
Damien Miller
996acd2476 *** empty log message *** 2003-04-09 20:59:48 +10:00
Damien Miller
556f9315a5 - markus@cvs.openbsd.org 2003/02/06 21:22:43
[auth1.c auth2.c]
     undo broken fix for #387, fixes #486
2003-02-24 11:59:26 +11:00
Tim Rice
81ed518b9b Cray fixes (bug 367) based on patch from Wendy Palm @ cray.
This does not include the deattack.c fixes.
2002-09-25 17:38:46 -07:00
Damien Miller
de6f2de8ad - markus@cvs.openbsd.org 2002/08/22 21:33:58
[auth1.c auth2.c]
     auth_root_allowed() is handled by the monitor in the privsep case,
     so skip this for use_privsep, ok stevesk@, fixes bugzilla #387/325
2002-09-04 16:37:26 +10:00
Ben Lindstrom
e06eb68226 - (bal) Failed password attempts don't increment counter on AIX. Bug #145 2002-07-04 00:27:21 +00:00
Ben Lindstrom
5a9d0eaba6 - deraadt@cvs.openbsd.org 2002/06/30 21:54:16
[auth2.c session.c sshd.c]
     lint asks that we use names that do not overlap
2002-07-04 00:12:53 +00:00
Damien Miller
43cecc1392 some xxx's for future privsep cleanup 2002-06-21 16:21:11 +10:00
Ben Lindstrom
b85ab30a6e - (bal) Refixed auth2.c. It was never fully commited while spliting out
authentication to different files.
2002-06-07 02:05:25 +00:00
Ben Lindstrom
511bb24c5b - markus@cvs.openbsd.org 2002/05/31 11:35:15
[auth.h auth2.c]
     move Authmethod definitons to per-method file.

NOTE: The rest of this patch is with the import of the auth2-*.c files.
2002-06-06 20:52:37 +00:00
Ben Lindstrom
855bf3ac3c - markus@cvs.openbsd.org 2002/05/25 18:51:07
[auth.h auth2.c auth2-hostbased.c auth2-kbdint.c auth2-none.c
      auth2-passwd.c auth2-pubkey.c Makefile.in]
     split auth2.c into one file per method; ok provos@/deraadt@

NOTE: Merged back noticable cygwin and pam stuff.  May need review to
ensure I did not miss anything.
2002-06-06 20:27:55 +00:00