| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | remove PAM dependencies on old packet API | Damien Miller | 2019-01-20 | 1 | -1/+1 |
| | | | | | | Requires some caching of values, because the PAM code isn't always called with packet context. | ||||
| * | upstream: switch over to the new authorized_keys options API and | djm@openbsd.org | 2018-03-03 | 1 | -1/+3 |
| | | | | | | | | | | | | remove the legacy one. Includes a fairly big refactor of auth2-pubkey.c to retain less state between key file lines. feedback and ok markus@ OpenBSD-Commit-ID: dece6cae0f47751b9892080eb13d6625599573df | ||||
| * | Remove do_pam_set_tty which is dead code. | Darren Tucker | 2016-10-14 | 1 | -1/+0 |
| | | | | | | The callers of do_pam_set_tty were removed in 2008, so this is now dead code. bz#2604, pointed out by jjelen at redhat.com. | ||||
| * | Remove obsolete CVS $Id from source files. | Darren Tucker | 2016-08-17 | 1 | -2/+0 |
| | | | | | | Since -portable switched to git the CVS $Id tags are no longer being updated and are becoming increasingly misleading. Remove them. | ||||
| * | add --with-pam-service to specify PAM service name | Damien Miller | 2016-08-16 | 1 | -4/+0 |
| | | | | | Saves messing around with CFLAGS to do it. | ||||
| * | Handle PAM_MAXTRIES from modules. | Darren Tucker | 2016-07-18 | 1 | -0/+2 |
| | | | | | | | | | | | | bz#2249: handle the case where PAM returns PAM_MAXTRIES by ceasing to offer password and keyboard-interative authentication methods. Should prevent "sshd ignoring max retries" warnings in the log. ok djm@ It probably won't trigger with keyboard-interactive in the default configuration because the retry counter is stored in module-private storage which goes away with the sshd PAM process (see bz#688). On the other hand, those cases probably won't log a warning either. | ||||
| * | - (dtucker) [auth-pam.c auth-pam.h session.c] Bug #890: Send output from | Darren Tucker | 2004-09-11 | 1 | -1/+2 |
| | | | | | | failing PAM session modules to user then exit, similar to the way /etc/nologin is handled. ok djm@ | ||||
| * | - (dtucker) [auth-pam.c auth-pam.h auth-passwd.c]: Bug #874: Re-add PAM | Darren Tucker | 2004-05-30 | 1 | -1/+2 |
| | | | | | support for PasswordAuthentication=yes. ok djm@ | ||||
| * | - (dtucker) [auth-pam.c auth-pam.h auth1.c auth2.c monitor.c monitor_wrap.c | Darren Tucker | 2004-03-08 | 1 | -2/+2 |
| | | | | | | | | monitor_wrap.h] Bug #808: Ensure force_pwchange is correctly initialized even if keyboard-interactive is not used by the client. Prevents segfaults in some cases where the user's password is expired (note this is not considered a security exposure). ok djm@ | ||||
| * | - (dtucker) [auth-pam.c auth-pam.h session.c] Bug #14: Use do_pwchange to | Darren Tucker | 2004-02-10 | 1 | -3/+1 |
| | | | | | | change expired PAM passwords for SSHv1 connections without privsep. pam_chauthtok is still used when privsep is disabled. ok djm@ | ||||
| * | - (djm) Export environment variables from authentication subprocess to | Damien Miller | 2003-11-17 | 1 | -1/+2 |
| | | | | | parent. Part of Bug #717 | ||||
| * | - (dtucker) [auth-pam.c auth-pam.h session.c] Make PAM use the new static | Darren Tucker | 2003-10-07 | 1 | -1/+3 |
| | | | | | cleanup functions. With & ok djm@ | ||||
| * | - (djm) Bug #423: reorder setting of PAM_TTY and calling of PAM session | Damien Miller | 2003-09-02 | 1 | -2/+3 |
| | | | | | | management (now done in do_setusercontext). Largely from michael_steffens AT hp.com | ||||
| * | - (dtucker) [Makefile.in acconfig.h auth-krb5.c auth-pam.c auth-pam.h | Darren Tucker | 2003-08-26 | 1 | -1/+2 |
| | | | | | | configure.ac defines.h gss-serv-krb5.c session.c ssh-gss.h sshconnect1.c sshconnect2.c] Add Portable GSSAPI support, patch by Simon Wilkinson. | ||||
| * | - (djm) Bug #564: Perform PAM account checks for all authentications when | Damien Miller | 2003-08-25 | 1 | -2/+2 |
| | | | | | UsePAM=yes; ok dtucker | ||||
| * | - (djm) Sync auth-pam.h with what we actually implement | Damien Miller | 2003-05-19 | 1 | -12/+8 |
| | | |||||
| * | - (djm) Merge FreeBSD PAM code: replaces PAM password auth kludge withAFTER_FREEBSD_PAM_MERGE | Damien Miller | 2003-05-10 | 1 | -3/+3 |
| | | | | | proper challenge-response module | ||||
| * | - (stevesk) [auth-pam.[ch] session.c] pam_getenvlist() must be | Kevin Steves | 2002-07-23 | 1 | -1/+2 |
| | | | | | freed by the caller; add free_pam_environment() and use it. | ||||
| * | - (stevesk) [auth-pam.[ch] ssh.h] move SSHD_PAM_SERVICE to auth-pam.h | Kevin Steves | 2002-07-22 | 1 | -1/+5 |
| | | |||||
| * | - (stevesk) [auth-pam.h] unneeded include | Kevin Steves | 2002-07-22 | 1 | -3/+1 |
| | | |||||
| * | - (stevesk) [auth-pam.h] license | Kevin Steves | 2002-07-22 | 1 | -1/+25 |
| | | |||||
| * | - (stevesk) [auth-pam.c auth-pam.h auth-passwd.c auth-sia.c auth-sia.h | Kevin Steves | 2002-04-04 | 1 | -2/+2 |
| | | | | | auth1.c auth2.c] PAM, OSF_SIA password auth cleanup; from djm. | ||||
| * | - (djm) Reestablish PAM credentials (which can be supplemental group | Damien Miller | 2001-03-27 | 1 | -2/+2 |
| | | | | | | memberships) after initgroups() blows them away. Report and suggested fix from Nalin Dahyabhai <nalin@redhat.com> | ||||
| * | - (djm) Clean up PAM namespace. Suggested by Darren Moffat | Damien Miller | 2001-02-15 | 1 | -3/+3 |
| | | | | | <Darren.Moffat@eng.sun.com> | ||||
| * | - (djm) Add CVS Id's to files that we have missed | Damien Miller | 2001-02-09 | 1 | -0/+2 |
| | | |||||
| * | - (djm) Much KNF on PAM code | Damien Miller | 2001-02-07 | 1 | -0/+1 |
| | | | | | | | | | - (djm) Revise auth-pam.c conversation function to be a little more readable. - (djm) Revise kbd-int PAM conversation function to fold all text messages to before first prompt. Fixes hangs if last pam_message did not require a reply. - (djm) Fix password changing when using PAM kbd-int authentication | ||||
| * | - (djm) Merge patch from Tim Waugh (via Nalin Dahyabhai <nalin@redhat.com>) | Damien Miller | 2001-01-19 | 1 | -1/+1 |
| | | | | | to fix NULL pointer deref and fake authloop breakage in PAM code. | ||||
| * | - (djm) Added patch from Nalin Dahyabhai <nalin@redhat.com> to enable | Damien Miller | 2000-12-03 | 1 | -0/+2 |
| | | | | | | PAM authentication using KbdInteractive. - (djm) Added another TODO | ||||
| * | function prototype and definition consistency cleanup. | Kevin Steves | 2000-10-14 | 1 | -2/+2 |
| | | |||||
| * | - (stevesk) ~/.hushlogin shouldn't cause required password change to | Kevin Steves | 2000-10-14 | 1 | -0/+1 |
| | | | | | be bypassed. | ||||
| * | - (djm) Add Steve VanDevender's <stevev@darkwing.uoregon.edu> PAM | Damien Miller | 2000-09-16 | 1 | -0/+1 |
| | | | | | | password change patch. - (djm) Bring licenses on my stuff in line with OpenBSD's | ||||
| * | Add const to suppress compiler warning | Damien Miller | 2000-01-27 | 1 | -1/+1 |
| | | |||||
| * | - Removed most of the pam code into its own file auth-pam.[ch]. This | Damien Miller | 1999-12-30 | 1 | -0/+15 |
| cleaned up sshd.c up significantly. - Several other cleanups | |||||
 |
index : openssh | |
| openssh | Fast-forward packages |
| summaryrefslogtreecommitdiffstats |