History log of /openssh-portable/auth2.c (Results 1 – 25 of 199)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
Revision tags: V_8_6_P1
# 31d8d231 03-Apr-2021 djm@openbsd.org

upstream: highly polished whitespace, mostly fixing spaces-for-tab

and bad indentation on continuation lines. Prompted by GHPR#185

OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9


Revision tags: V_8_5_P1
# 39be3dc2 27-Jan-2021 djm@openbsd.org

upstream: make ssh->kex->session_id a sshbuf instead of u_char*/size_t

and use that instead of global variables containing copies of it. feedback/ok
markus@

OpenBSD-Commit-ID: a4b1b1ca4afd2e37cb9f6

upstream: make ssh->kex->session_id a sshbuf instead of u_char*/size_t

and use that instead of global variables containing copies of it. feedback/ok
markus@

OpenBSD-Commit-ID: a4b1b1ca4afd2e37cb9f64f737b30a6a7f96af68

show more ...


# 816036f1 18-Oct-2020 djm@openbsd.org

upstream: use the new variant log macros instead of prepending

__func__ and appending ssh_err(r) manually; ok markus@

OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8


Revision tags: V_8_4_P1
# ed6bef77 07-Aug-2020 Darren Tucker

Always send any PAM account messages.

If the PAM account stack reaturns any messages, send them to the user
not just if the check succeeds. bz#2049, ok djm@


Revision tags: V_8_3_P1
# 16d4f996 06-Mar-2020 markus@openbsd.org

upstream: exit on parse failures in input_service_request; ok djm

OpenBSD-Commit-ID: 6a7e1bfded26051d5aa893c030229b1ee6a0d5d2


Revision tags: V_8_2_P1, V_8_1_P1
# edd1d3a6 01-Oct-2019 Damien Miller

remove duplicate #includes

Prompted by Jakub Jelen


# be02d7cb 06-Sep-2019 djm@openbsd.org

upstream: lots of things were relying on libcrypto headers to

transitively include various system headers (mostly stdlib.h); include them
explicitly

OpenBSD-Commit-ID: 5b522f4f2d844f78bf1cc4f3f4cc3

upstream: lots of things were relying on libcrypto headers to

transitively include various system headers (mostly stdlib.h); include them
explicitly

OpenBSD-Commit-ID: 5b522f4f2d844f78bf1cc4f3f4cc392e177b2080

show more ...


# e8c97404 28-Jun-2019 deraadt@openbsd.org

upstream: asprintf returns -1, not an arbitrary value < 0. Also

upon error the (very sloppy specification) leaves an undefined value in *ret,
so it is wrong to inspect it, the error condition is eno

upstream: asprintf returns -1, not an arbitrary value < 0. Also

upon error the (very sloppy specification) leaves an undefined value in *ret,
so it is wrong to inspect it, the error condition is enough. discussed a
little with nicm, and then much more with millert until we were exasperated

OpenBSD-Commit-ID: 29258fa51edf8115d244b9d4b84028487bf8923e

show more ...


Revision tags: V_8_0_P1
# 4f0019a9 25-Mar-2019 djm@openbsd.org

upstream: Fix authentication failures when "AuthenticationMethods

any" in a Match block overrides a more restrictive global default.

Spotted by jmc@, ok markus@

OpenBSD-Commit-ID: a90a4fe2ab81d0ee

upstream: Fix authentication failures when "AuthenticationMethods

any" in a Match block overrides a more restrictive global default.

Spotted by jmc@, ok markus@

OpenBSD-Commit-ID: a90a4fe2ab81d0eeeb8fdfc21af81f7eabda6666

show more ...


# 9b655dc9 19-Jan-2019 Damien Miller

last bits of old packet API / active_state global


# 3f0786bb 19-Jan-2019 Damien Miller

remove PAM dependencies on old packet API

Requires some caching of values, because the PAM code isn't
always called with packet context.


# 08f66d9f 19-Jan-2019 Damien Miller

remove vestiges of old packet API from loginrec.c


# 3a00a921 19-Jan-2019 djm@openbsd.org

upstream: convert auth.c to new packet API

with & ok markus@

OpenBSD-Commit-ID: 7e10359f614ff522b52a3f05eec576257794e8e4


# 5ebce136 19-Jan-2019 Damien Miller

upstream: convert auth2.c to new packet API

OpenBSD-Commit-ID: ed831bb95ad228c6791bc18b60ce7a2edef2c999


# 0fa174eb 19-Jan-2019 djm@openbsd.org

upstream: begin landing remaining refactoring of packet parsing

API, started almost exactly six years ago.

This change stops including the old packet_* API by default and makes
each file that requi

upstream: begin landing remaining refactoring of packet parsing

API, started almost exactly six years ago.

This change stops including the old packet_* API by default and makes
each file that requires the old API include it explicitly. We will
commit file-by-file refactoring to remove the old API in consistent
steps.

with & ok markus@

OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4

show more ...


# 943d0965 16-Jan-2019 djm@openbsd.org

upstream: include time.h for time(3)/nanosleep(2); from Ian

McKellar

OpenBSD-Commit-ID: 6412ccd06a88f65b207a1089345f51fa1244ea51


Revision tags: V_7_9_P1
# 482d23bc 12-Sep-2018 djm@openbsd.org

upstream: hold our collective noses and use the openssl-1.1.x API in

OpenSSH; feedback and ok tb@ jsing@ markus@

OpenBSD-Commit-ID: cacbcac87ce5da0d3ca7ef1b38a6f7fb349e4417


Revision tags: V_7_8_P1
# 5467fbcb 11-Jul-2018 markus@openbsd.org

upstream: remove legacy key emulation layer; ok djm@

OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d


# 120a1ec7 10-Jul-2018 Damien Miller

Adapt portable to legacy buffer API removal


# c7d39ac8 09-Jul-2018 markus@openbsd.org

upstream: sshd: switch authentication to sshbuf API; ok djm@

OpenBSD-Commit-ID: 880aa06bce4b140781e836bb56bec34873290641


# fdba503f 10-May-2018 dtucker@openbsd.org

upstream: Explicit cast when snprintf'ing an uint64. Prevents

warnings on platforms where int64 is long not long long. ok djm@

OpenBSD-Commit-ID: 9c5359e2fbfce11dea2d93f7bc257e84419bd001


# e9d910b0 12-Apr-2018 dtucker@openbsd.org

upstream: Defend against user enumeration timing attacks. This

establishes a minimum time for each failed authentication attempt (5ms) and
adds a per-user constant derived from a host secret (0-4ms)

upstream: Defend against user enumeration timing attacks. This

establishes a minimum time for each failed authentication attempt (5ms) and
adds a per-user constant derived from a host secret (0-4ms). Based on work
by joona.kannisto at tut.fi, ok markus@ djm@.

OpenBSD-Commit-ID: b7845b355bb7381703339c8fb0e57e81a20ae5ca

show more ...


Revision tags: V_7_7_P1
# 7c856857 02-Mar-2018 djm@openbsd.org

upstream: switch over to the new authorized_keys options API and

remove the legacy one.

Includes a fairly big refactor of auth2-pubkey.c to retain less state
between key file lines.

feedback and o

upstream: switch over to the new authorized_keys options API and

remove the legacy one.

Includes a fairly big refactor of auth2-pubkey.c to retain less state
between key file lines.

feedback and ok markus@

OpenBSD-Commit-ID: dece6cae0f47751b9892080eb13d6625599573df

show more ...


# ddc0f381 12-Feb-2018 Darren Tucker

Remove UNICOS support.

The code required to support it is quite invasive to the mainline
code that is synced with upstream and is an ongoing maintenance burden.
Both the hardware and software are li

Remove UNICOS support.

The code required to support it is quite invasive to the mainline
code that is synced with upstream and is an ongoing maintenance burden.
Both the hardware and software are literal museum pieces these days and
we could not find anyone still running OpenSSH on one.

show more ...


# 552ea155 23-Jan-2018 Damien Miller

one SSH_BUG_BANNER instance that got away


12345678