openssh

mirror of git://anongit.mindrot.org/openssh.git synced 2024-12-17 07:34:34 +00:00

Author	SHA1	Message	Date
Darren Tucker	691d5235ca	- (dtucker) [README.platform auth.c configure.ac loginrec.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Bug #835: enable IPv6 on AIX where possible (see README.platform for details) and work around a misfeature of AIX's getnameinfo. ok djm@	2005-02-15 21:45:57 +11:00
Darren Tucker	2e0cf0dca2	- (dtucker) [audit.c audit.h auth.c auth1.c auth2.c loginrec.c monitor.c monitor_wrap.c monitor_wrap.h session.c sshd.c]: Prepend all of the audit defines and enums with SSH_ to prevent namespace collisions on some platforms (eg AIX).	2005-02-08 21:52:47 +11:00
Darren Tucker	40d9a63788	- (dtucker) [auth.c] Fix parens in audit log check.	2005-02-04 15:19:44 +11:00
Darren Tucker	269a1ea1c8	- (dtucker) [Makefile.in auth.c auth.h auth1.c auth2.c loginrec.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h session.c sshd.c] Bug #125: (first stage) Add audit instrumentation to sshd, currently disabled by default. with suggestions from and djm@	2005-02-03 00:20:53 +11:00
Darren Tucker	2fba993080	- (dtucker) [auth.c canohost.c canohost.h configure.ac defines.h loginrec.c] Bug #974: Teach sshd to write failed login records to btmp for failed auth attempts (currently only for password, kbdint and C/R, only on Linux and HP-UX), based on code from login.c from util-linux. With ashok_kovai at hotmail.com, ok djm@	2005-02-02 23:30:24 +11:00
Darren Tucker	42d9dc75ed	- (dtucker) [auth.c loginrec.h openbsd-compat/{bsd-cray,port-aix}.{c,h}] Make record_failed_login() call provide hostname rather than having the implementations having to do lookups themselves. Only affects AIX and UNICOS (the latter only uses the "user" parameter anyway). ok djm@	2005-02-02 17:10:11 +11:00
Darren Tucker	094cd0ba02	- dtucker@cvs.openbsd.org 2005/01/22 08:17:59 [auth.c] Log source of connections denied by AllowUsers, DenyUsers, AllowGroups and DenyGroups. bz #909, ok djm@	2005-01-24 21:56:48 +11:00
Darren Tucker	5cb30ad2ec	- markus@cvs.openbsd.org 2004/07/28 09:40:29 [auth.c auth1.c auth2.c cipher.c cipher.h key.c session.c ssh.c sshconnect1.c] more s/illegal/invalid/	2004-08-12 22:40:24 +10:00
Damien Miller	a22f2d761b	- (djm) OpenBSD CVS Sync - markus@cvs.openbsd.org 2004/07/21 08:56:12 [auth.c] s/Illegal user/Invalid user/; many requests; ok djm, millert, niklas, miod, ...	2004-07-21 20:48:24 +10:00
Darren Tucker	0a9d43d726	- (dtucker) [auth.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Move loginrestrictions test to port-aix.c, replace with a generic hook.	2004-06-23 13:45:24 +10:00
Darren Tucker	89413dbafa	- dtucker@cvs.openbsd.org 2004/05/23 23:59:53 [auth.c auth.h auth1.c auth2.c servconf.c servconf.h sshd_config sshd_config.5] Add MaxAuthTries sshd config option; ok markus@	2004-05-24 10:36:23 +10:00
Darren Tucker	1f8311c836	- deraadt@cvs.openbsd.org 2004/05/11 19:01:43 [auth.c auth2-none.c authfile.c channels.c monitor.c monitor_mm.c packet.c packet.h progressmeter.c session.c openbsd-compat/xmmap.c] improve some code lint did not like; djm millert ok	2004-05-13 16:39:33 +10:00
Darren Tucker	06f2bd8bde	- deraadt@cvs.openbsd.org 2004/05/08 00:01:37 [auth.c clientloop.c misc.h servconf.c ssh.c sshpty.h sshtty.c tildexpand.c], removed: sshtty.h tildexpand.h make two tiny header files go away; djm ok	2004-05-13 16:06:46 +10:00
Darren Tucker	15ee748f28	- (dtucker) [auth-shadow.c auth.c auth.h] Move shadow account expiry test to auth-shadow.c, no functional change. ok djm@	2004-02-22 09:43:15 +11:00
Darren Tucker	9df3defdbb	- (dtucker) [LICENCE Makefile.in auth-passwd.c auth-shadow.c auth.c auth.h defines.h] Bug #14: Use do_pwchange to support password expiry and force change for platforms using /etc/shadow. ok djm@	2004-02-10 13:01:14 +11:00
Damien Miller	787b2ec18c	more whitespace (tabs this time)	2003-11-21 23:56:47 +11:00
Damien Miller	a8e06cef35	- djm@cvs.openbsd.org 2003/11/21 11:57:03 [everything] unexpand and delete whitespace at EOL; ok markus@ (done locally and RCS IDs synced)	2003-11-21 23:48:55 +11:00
Darren Tucker	c6020651ba	- (dtucker) [auth.c] Check for disabled password expiry on HP-UX Trusted Mode.	2003-10-15 17:48:20 +10:00
Darren Tucker	3e33cecf71	- markus@cvs.openbsd.org 2003/09/23 20:17:11 [Makefile.in auth1.c auth2.c auth.c auth.h auth-krb5.c canohost.c cleanup.c clientloop.c fatal.c gss-serv.c log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h packet.c serverloop.c session.c session.h ssh-agent.c sshd.c] replace fatal_cleanup() and linked list of fatal callbacks with static cleanup_exit() function. re-refine cleanup_exit() where appropriate, allocate sshd's authctxt eary to allow simpler cleanup in sshd. tested by many, ok deraadt@	2003-10-02 16:12:36 +10:00
Damien Miller	856f0be669	- markus@cvs.openbsd.org 2003/08/26 09:58:43 [auth-passwd.c auth.c auth.h auth1.c auth2-none.c auth2-passwd.c] [auth2.c monitor.c] fix passwd auth for 'username leaks via timing'; with djm@, original patches from solar	2003-09-03 07:32:45 +10:00
Darren Tucker	43a0dc6653	- (dtucker) [auth.c] Do not check for locked accounts when PAM is enabled.	2003-08-26 14:22:12 +10:00
Darren Tucker	e41bba5847	- (dtucker) [acconfig.h auth.c configure.ac sshd.8] Bug #422 again: deny any access to locked accounts. ok djm@	2003-08-25 11:51:19 +10:00
Darren Tucker	b9aa0a0baa	- (dtucker) [auth-passwd.c auth.c session.c sshd.c port-aix.c port-aix.h] Convert aixloginmsg into platform-independant Buffer loginmsg.	2003-07-08 22:59:59 +10:00
Damien Miller	3a961dc0d3	- (djm) OpenBSD CVS Sync - markus@cvs.openbsd.org 2003/06/02 09:17:34 [auth2-hostbased.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c] [canohost.c monitor.c servconf.c servconf.h session.c sshd_config] [sshd_config.5] deprecate VerifyReverseMapping since it's dangerous if combined with IP based access control as noted by Mike Harding; replace with a UseDNS option, UseDNS is on by default and includes the VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@ ok deraadt@, djm@ - (djm) Fix portable-specific uses of verify_reverse_mapping too	2003-06-03 10:25:48 +10:00
Damien Miller	4e448a31ae	- (djm) Add new UsePAM configuration directive to allow runtime control over usage of PAM. This allows non-root use of sshd when built with --with-pam	2003-05-14 15:11:48 +10:00
Damien Miller	d558092522	- (djm) RCSID sync w/ OpenBSD	2003-05-14 13:40:06 +10:00
Darren Tucker	97363a8b24	- (dtucker) Move handling of bad password authentications into a platform specific record_failed_login() function (affects AIX & Unicos).	2003-05-02 23:42:25 +10:00
Damien Miller	2a3f20e397	- (djm) Fix missed log => logit occurance (reference by function pointer)	2003-04-09 21:12:00 +10:00
Damien Miller	996acd2476	* empty log message *	2003-04-09 20:59:48 +10:00
Damien Miller	e443e9398e	- (djm) Revert fix for Bug #442 for now.	2003-01-18 16:24:06 +11:00
Tim Rice	458c6bfa10	[auth.c] declare today at top of allowed_user() to keep older compilers happy.	2003-01-08 20:04:27 -08:00
Damien Miller	06817f9cd3	- (djm) Fix my fix of the fix for the Bug #442 for PAM case. Spotted by dtucker@zip.com.au. Reorder for clarity too.	2003-01-07 23:55:59 +11:00
Damien Miller	f25c18d7e8	- (djm) Bug #178 : On AIX /etc/nologin wasnt't shown to users. Fix from Ralf.Wenk@fh-karlsruhe.de and dtucker@zip.com.au	2003-01-07 17:38:58 +11:00
Damien Miller	64004b5566	- (djm) Fix Bug #442 for PAM case	2003-01-07 16:15:20 +11:00
Damien Miller	48cb8aa935	- (djm) Bug #442 : Check for and deny access to accounts with locked passwords. Patch from dtucker@zip.com.au	2003-01-07 12:19:32 +11:00
Ben Lindstrom	f5397c081d	- (bal) AIX does not log login attempts for unknown users (bug #432 ). patch by dtucker@zip.com.au	2002-11-09 16:11:10 +00:00
Ben Lindstrom	485075e8fa	- markus@cvs.openbsd.org 2002/11/04 10:07:53 [auth.c] don't compare against pw_home if realpath fails for pw_home (seen on AFS); ok djm@	2002-11-09 15:45:12 +00:00
Ben Lindstrom	97e38d8667	20021015 - (bal) Fix bug id 383 and only call loginrestrict for AIX if not root.	2002-10-16 00:13:52 +00:00
Damien Miller	6f0a188857	- stevesk@cvs.openbsd.org 2002/09/20 18:41:29 [auth.c] log illegal user here for missing privsep case (ssh2). this is executed in the monitor. ok markus@	2002-09-22 01:26:51 +10:00
Ben Lindstrom	d4ee3497ca	- stevesk@cvs.openbsd.org 2002/08/08 23:54:52 [auth.c] typo in comment	2002-08-20 18:42:13 +00:00
Ben Lindstrom	e06eb68226	- (bal) Failed password attempts don't increment counter on AIX. Bug #145	2002-07-04 00:27:21 +00:00
Damien Miller	116e6dfaad	unbreak (aaarrrgggh - stupid vi)	2002-05-22 15:06:28 +10:00
Damien Miller	13e35a0ea2	rcsid sync	2002-05-22 14:04:11 +10:00
Ben Lindstrom	a574cda45b	- markus@cvs.openbsd.org 2002/05/13 20:44:58 [auth-options.c auth.c auth.h] move the packet_send_debug handling from auth-options.c to auth.c; ok provos@	2002-05-15 16:16:14 +00:00
Kevin Steves	f98fb721a0	- (stevesk) [auth.c] Shadow account and expiration cleanup. Now check for root forced expire. Still don't check for inactive.	2002-05-10 15:48:52 +00:00
Ben Lindstrom	f34e4eb6c7	- markus@cvs.openbsd.org 2002/03/19 15:31:47 [auth.c] check for NULL; from provos@	2002-03-22 03:08:30 +00:00
Ben Lindstrom	7ebb635d81	- markus@cvs.openbsd.org 2002/03/19 14:27:39 [auth.c auth1.c auth2.c] make getpwnamallow() allways call pwcopy()	2002-03-22 03:04:08 +00:00
Ben Lindstrom	6328ab3989	- markus@cvs.openbsd.org 2002/03/19 10:49:35 [auth-krb5.c auth-rh-rsa.c auth.c cipher.c key.c misc.h packet.c session.c sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c ttymodes.c] KNF whitespace	2002-03-22 02:54:23 +00:00
Ben Lindstrom	b481e1323e	- provos@cvs.openbsd.org 2002/03/18 03:41:08 [auth.c session.c] move auth_approval into getpwnamallow with help from millert@	2002-03-22 01:35:47 +00:00
Ben Lindstrom	2ae18f40a7	- provos@cvs.openbsd.org 2002/03/17 20:25:56 [auth.c auth.h auth1.c auth2.c] getpwnamallow returns struct passwd * only if user valid; okay markus@	2002-03-22 01:24:38 +00:00

1 2

96 Commits