summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/auth.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* make two tiny header files go away; djm okderaadt2004-05-081-2/+1
|
* unexpand and delete whitespace at EOL; ok markus@djm2003-11-211-2/+2
|
* replace fatal_cleanup() and linked list of fatal callbacks with staticmarkus2003-09-231-9/+1
| | | | | | cleanup_exit() function. re-refine cleanup_exit() where appropriate, allocate sshd's authctxt eary to allow simpler cleanup in sshd. tested by many, ok deraadt@
* fix passwd auth for 'username leaks via timing'; with djm@, original patches from solarmarkus2003-08-261-1/+20
|
* deprecate VerifyReverseMapping since it's dangerous if combinedmarkus2003-06-021-2/+2
| | | | | | | with IP based access control as noted by Mike Harding; replace with a UseDNS option, UseDNS is on by default and includes the VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@ ok deraadt@, djm@
* rename log() into logit() to avoid name conflict. markus ok, from netbsditojun2003-04-081-13/+13
|
* don't compare against pw_home if realpath fails for pw_home (seen on AFS); ok djm@markus2002-11-041-7/+5
|
* log illegal user here for missing privsep case (ssh2).stevesk2002-09-201-2/+7
| | | | this is executed in the monitor. ok markus@
* typo in commentstevesk2002-08-081-2/+2
|
* Fix typo/thinko. Pass in as to auth_approval(), not NULL.millert2002-05-171-2/+2
| | | | Closes PR 2659.
* move the packet_send_debug handling from auth-options.c to auth.c; ok provos@markus2002-05-131-1/+47
|
* check for NULL; from provos@markus2002-03-191-2/+4
|
* make getpwnamallow() allways call pwcopy()markus2002-03-191-2/+3
|
* KNF whitespacemarkus2002-03-191-5/+5
|
* move auth_approval into getpwnamallow with help from millert@provos2002-03-181-3/+23
|
* getpwnamallow returns struct passwd * only if user valid; okay markus@provos2002-03-171-1/+13
|
* fix file type checking (use S_ISREG). ok by markusitojun2002-03-151-2/+3
|
* undo the 'delay hostname lookup' changemarkus2002-03-011-3/+9
| | | | | match.c must not use compress.c (via canonhost.c/packet.c) thanks to wilfried@
* log user not allowed details, from dwd@bell-labs.com; ok markus@stevesk2002-02-281-6/+25
|
* delay hostname lookup until we see a ``@'' in DenyUsers and AllowUsersstevesk2002-02-281-9/+3
| | | | for sshd -u0; ok markus@
* s/ReverseMappingCheck/VerifyReverseMapping/ and avoid confusion; ok stevesk@markus2002-01-291-2/+2
|
* basic KNF done while i was looking for something elsederaadt2001-12-191-4/+4
|
* enum/int type cleanup where it made sense to do so; ok markus@stevesk2001-11-171-2/+2
|
* don't print ROOT in CAPS for the authentication messages, i.e.markus2001-11-081-2/+2
| | | | | | Accepted publickey for ROOT from 127.0.0.1 port 42734 ssh2 becomes Accepted publickey for root from 127.0.0.1 port 42734 ssh2
* use realpath() for homedir, too. from jinmei@isl.rdc.toshiba.co.jpmarkus2001-10-031-3/+8
|
* no need to call dirname(pw->pw_dir).markus2001-07-111-10/+7
| | | | note that dirname(3) modifies its argument on some systems.
* tridge@samba.orgmarkus2001-06-271-3/+11
|
* terminate secure_filename checking after checking homedir. that way itprovos2001-06-251-2/+13
| | | | works on AFS. okay markus@
* *known_hosts2 is obsolete for hostbased authentication andmarkus2001-06-231-1/+42
| | | | | only used for backward compat. merge ssh1/2 hostkey check and move it to auth.c
* fix comment; from jakob@markus2001-05-241-2/+2
|
* configurable authorized_keys{,2} location; originally from peter@; ok djm@markus2001-05-201-1/+134
|
* undo /etc/shell and proto 2,1 change for openssh-2.5.2markus2001-03-191-11/+2
|
* check /etc/shells, toomarkus2001-03-171-2/+11
|
* make copyright lines the same formatderaadt2001-03-021-2/+2
|
* use pwcopy in ssh.c, toomarkus2001-02-221-16/+1
|
* PermitRootLogin={yes,without-password,forced-commands-only,no}markus2001-02-121-11/+18
| | | | (before this change, root could login even if PermitRootLogin==no)
* unexpand and remove end-of-line whitespace; ok markus@stevesk2001-02-041-4/+4
|
* make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@markus2001-02-031-2/+2
|
* split ssh.h and try to cleanup the #include mess. remove unnecessary #includes.markus2001-01-211-4/+4
| | | | rename util.[ch] -> misc.[ch]
* 1) removes fake skey from sshd, since this will be muchmarkus2001-01-181-22/+72
| | | | | | | harder with /usr/libexec/auth/login_XXX 2) share/unify code used in ssh-1 and ssh-2 authentication (server side) 3) make addition of BSD_AUTH and other challenge reponse methods easier.
* support supplementary group in {Allow,Deny}Groupsmarkus2001-01-131-33/+23
| | | | from stevesk@pobox.com
* new cipher frameworkmarkus2000-10-111-2/+1
|
* some more Copyright fixesmarkus2000-09-071-2/+1
|
* cleanup copyright notices on all files. I have attempted to be accurate withderaadt2000-09-071-1/+29
| | | | | | | the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
* unusedmarkus2000-08-041-3/+1
|
* accept an empty shell in authentication; bug reported by chris@tinker.ucr.eduderaadt2000-05-171-2/+9
|
* split auth/sshconnect in one file per protocol versionmarkus2000-04-261-826/+2
|
* add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX]markus2000-04-261-49/+249
| | | | | for trading keys with the real and the original SSH, directly from the people who invented the SSH protocol.
* whitespace cleanupmarkus2000-04-141-23/+23
|
* check payload for (illegal) extra datamarkus2000-04-141-5/+15
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.