summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/auth2-chall.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* use the new variant log macros instead of prepending __func__ anddjm2020-10-181-19/+18
| | | | appending ssh_err(r) manually; ok markus@
* change explicit_bzero();free() to freezero()jsg2020-02-261-3/+2
| | | | | | | | While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@
* stdarg.h required more broadly; ok djmderaadt2019-11-131-1/+2
|
* lots of things were relying on libcrypto headers to transitivelydjm2019-09-061-1/+2
| | | | | include various system headers (mostly stdlib.h); include them explicitly
* treat ssh_packet_write_wait() errors as fatal; ok djm@markus2018-07-111-3/+3
|
* sshd: switch authentication to sshbuf API; ok djm@markus2018-07-091-29/+40
|
* switch auth2 to ssh_dispatch API; ok djm@markus2017-05-301-14/+17
|
* protocol handlers all get struct ssh passed; ok djm@markus2017-05-301-4/+3
|
* sshd: pass struct ssh to auth functions; ok djm@markus2017-05-301-2/+3
|
* remove ssh1 references; ok djm@markus2017-05-301-2/+1
|
* fix signed/unsigned errors reported by clang-3.7; adddjm2016-05-021-3/+3
| | | | | | sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with better safety checking; feedback and ok markus@
* only query each keyboard-interactive device once per authenticationdjm2015-07-181-3/+8
| | | | request regardless of how many times it is listed; ok markus@
* move dispatch to struct ssh; ok djm@markus2015-01-191-3/+4
|
* convert memset of potentially-private data to explicit_bzero()djm2014-02-021-2/+2
|
* replace most bzero with explicit_bzero, except a few that cna be memsettedu2014-01-311-2/+2
| | | | ok djm dtucker
* use calloc for all structure allocations; from markus@djm2013-11-081-2/+2
|
* bye, bye xfree(); ok markus@djm2013-05-171-15/+12
|
* add submethod support to AuthenticationMethods; ok and freedback djm@markus2013-03-071-4/+8
|
* Fix compilation with -Wall -Werror (trivial type fixes)djm2012-12-031-2/+3
|
* Fixes logging of partial authentication when privsep is enableddjm2012-12-021-7/+5
| | | | | | | | | | | | | Previously, we recorded "Failed xxx" since we reset authenticated before calling auth_log() in auth2.c. This adds an explcit "Partial" state. Add a "submethod" to auth_log() to report which submethod is used for keyboard-interactive. Fix multiple authentication when one of the methods is keyboard-interactive. ok markus@
* replace by-hand string building with xasprinf(); ok deraadt@djm2008-12-091-7/+3
|
* unifdef -DBSD_AUTHdjm2007-09-211-25/+1
| | | | | | | unifdef -USKEY These options have been in use for some years; ok markus@ "no objection" millert@
* spacesstevesk2007-01-031-2/+2
|
* Zap unused variables in -DSKEY code. ok djm@dtucker2006-08-051-2/+3
|
* almost entirely get rid of the culture of ".h files that include .h files"deraadt2006-08-031-3/+6
| | | | | ok djm, sort of ok stevesk makes the pain stop in one easy step
* move #include <stdio.h> out of includes.hstevesk2006-08-011-1/+2
|
* move #include <string.h> out of includes.hstevesk2006-07-221-1/+3
|
* Put $OpenBSD$ tags back (as comments) to replace the RCSID()s thatdjm2006-03-251-0/+1
| | | | Theo nuked - our scripts to sync -portable need them in the files
* introduce xcalloc() and xasprintf() failure-checked allocations functionsdjm2006-03-251-1/+1
| | | | | | | | | | and use them throughout openssh xcalloc is particularly important because malloc(nmemb * size) is a dangerous idiom (subject to integer overflow) and it is time for it to die feedback and ok deraadt@
* RCSID() can diederaadt2006-03-191-1/+0
|
* knf says that a 2nd level indent is four (not three or five) spacesdjm2005-07-171-2/+2
|
* make this -Wsign-compare clean; ok avsm@ markus@djm2005-06-171-5/+4
|
* Have keyboard-interactive code call the drivers even for responses fordtucker2005-01-191-8/+3
| | | | | | | | invalid logins. This allows the drivers themselves to decide how to handle them and prevent leaking information where possible. Existing behaviour for bsdauth is maintained by checking authctxt->valid in the bsdauth driver. Note that any third-party kbdint drivers will now need to be able to handle responses for invalid logins. ok markus@
* Remove redundant #include; ok markus@dtucker2004-06-011-2/+1
|
* minor KNFderaadt2002-06-301-2/+2
|
* make sure # of response matches # of queries, fixes int overflow; from ISSmarkus2002-06-261-6/+12
|
* KNF done automatically while reading....deraadt2002-06-191-2/+2
|
* integrate privilege separated openssh; its turned off by default for now.provos2002-03-181-1/+20
| | | | work done by me and markus@
* use buffer API and avoid static strings of fixed size; ok provos@/mouring@markus2002-01-131-8/+12
|
* use snprintf; mouring@markus2002-01-111-4/+3
|
* use strlcpy not strlcat; mouring@markus2002-01-111-3/+2
|
* remove plen from the dispatch fn. it's no longer used.markus2001-12-281-3/+3
|
* s/packet_done/packet_check_eom/ (end-of-message); ok djm@markus2001-12-281-2/+2
|
* Conformance fix: we should send failing packet sequence number whendjm2001-12-201-3/+3
| | | | | responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by yakk@yakk.dot.net; ok markus@
* basic KNF done while i was looking for something elsederaadt2001-12-191-2/+2
|
* add auth2_challenge_stop(), simplifies cleanup of kbd-int sessions,markus2001-12-091-16/+19
| | | | fixes memleak.
* typos; from solarmarkus2001-09-271-2/+2
|
* more strict prototypes. raise warning level in Makefile.inc. markus ok'editojun2001-06-231-8/+8
| | | | TODO; cleanup headers
* the challenge response device decides how to handle non-existing users.markus2001-06-031-2/+2
| | | | -> fake challenges for skey and cryptocard
* improved kbd-interactive support. work by per@appgate.com and memarkus2001-05-181-42/+237
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.