summaryrefslogtreecommitdiffstats
path: root/auth2.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* upstream: Start the process of splitting sshd into separatedjm@openbsd.org2024-05-171-70/+21
| | | | | | | | | | | | | | | | | | | | binaries. This step splits sshd into a listener and a session binary. More splits are planned. After this changes, the listener binary will validate the configuration, load the hostkeys, listen on port 22 and manage MaxStartups only. All session handling will be performed by a new sshd-session binary that the listener fork+execs. This reduces the listener process to the minimum necessary and sets us up for future work on the sshd-session binary. feedback/ok markus@ deraadt@ NB. if you're updating via source, please restart sshd after installing, otherwise you run the risk of locking yourself out. OpenBSD-Commit-ID: 43c04a1ab96cdbdeb53d2df0125a6d42c5f19934
* upstream: add "ext-info-in-auth@openssh.com" extensiondjm@openbsd.org2023-12-181-1/+7
| | | | | | | | | | | | | | | This adds another transport protocol extension to allow a sshd to send SSH2_MSG_EXT_INFO during user authentication, after the server has learned the username that is being logged in to. This lets sshd to update the acceptable signature algoritms for public key authentication, and allows these to be varied via sshd_config(5) "Match" directives, which are evaluated after the server learns the username being authenticated. Full details in the PROTOCOL file OpenBSD-Commit-ID: 1de7da7f2b6c32a46043d75fcd49b0cbb7db7779
* upstream: limit artificial login delay to a reasonable maximum (5s)djm@openbsd.org2023-08-281-2/+9
| | | | | | | and don't delay at all for the "none" authentication mechanism. Patch by Dmitry Belyavskiy in bz3602 with polish/ok dtucker@ OpenBSD-Commit-ID: 85b364676dd84cf1de0e98fc2fbdcb1a844ce515
* upstream: Delete obsolete /* ARGSUSED */ lint comments.guenther@openbsd.org2023-03-081-3/+1
| | | | | | ok miod@ millert@ OpenBSD-Commit-ID: 7be168a570264d59e96a7d2d22e927d45fee0e4c
* upstream: Remove unused compat.h includes.dtucker@openbsd.org2023-03-051-2/+1
| | | | | | | | We've previously removed a lot of the really old compatibility code, and with it went the need to include compat.h in most of the files that have it. OpenBSD-Commit-ID: 5af8baa194be00a3092d17598e88a5b29f7ea2b4
* upstream: avoid integer overflow of auth attempts (harmless, caughtdjm@openbsd.org2022-02-231-1/+4
| | | | | | by monitor) OpenBSD-Commit-ID: 488ad570b003b21e0cd9e7a00349cfc1003b4d86
* upstream: split method list search functionality fromdjm@openbsd.org2021-12-271-16/+35
| | | | | | | | | | | | authmethod_lookup() into a separate authmethod_byname(), for cases where we don't need to check whether a method is enabled, etc. use this to fix the "none" authentication method regression reported by Nam Nguyen via bugs@ ok deraadt@ OpenBSD-Commit-ID: 8cd188dc3a83aa8abe5b7693e762975cd8ea8a17
* upstream: prepare for multiple names for authmethodsdjm@openbsd.org2021-12-191-9/+19
| | | | | | | | | | | | | | | | | allow authentication methods to have one additional name beyond their primary name. allow lookup by this synonym Use primary name for authentication decisions, e.g. for PermitRootLogin=publickey Pass actual invoked name to the authmethods, so they can tell whether they were requested via the their primary name or synonym. ok markus@ OpenBSD-Commit-ID: 9e613fcb44b8168823195602ed3d09ffd7994559
* upstream: highly polished whitespace, mostly fixing spaces-for-tabdjm@openbsd.org2021-04-031-3/+3
| | | | | | and bad indentation on continuation lines. Prompted by GHPR#185 OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
* upstream: make ssh->kex->session_id a sshbuf instead of u_char*/size_tdjm@openbsd.org2021-01-271-3/+1
| | | | | | | and use that instead of global variables containing copies of it. feedback/ok markus@ OpenBSD-Commit-ID: a4b1b1ca4afd2e37cb9f64f737b30a6a7f96af68
* upstream: use the new variant log macros instead of prependingdjm@openbsd.org2020-10-181-29/+27
| | | | | | __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
* Always send any PAM account messages.Darren Tucker2020-08-071-13/+13
| | | | | If the PAM account stack reaturns any messages, send them to the user not just if the check succeeds. bz#2049, ok djm@
* upstream: exit on parse failures in input_service_request; ok djmmarkus@openbsd.org2020-03-131-2/+2
| | | | OpenBSD-Commit-ID: 6a7e1bfded26051d5aa893c030229b1ee6a0d5d2
* remove duplicate #includesDamien Miller2019-10-021-3/+0
| | | | Prompted by Jakub Jelen
* upstream: lots of things were relying on libcrypto headers todjm@openbsd.org2019-09-061-1/+2
| | | | | | | transitively include various system headers (mostly stdlib.h); include them explicitly OpenBSD-Commit-ID: 5b522f4f2d844f78bf1cc4f3f4cc392e177b2080
* upstream: asprintf returns -1, not an arbitrary value < 0. Alsoderaadt@openbsd.org2019-07-021-2/+2
| | | | | | | | upon error the (very sloppy specification) leaves an undefined value in *ret, so it is wrong to inspect it, the error condition is enough. discussed a little with nicm, and then much more with millert until we were exasperated OpenBSD-Commit-ID: 29258fa51edf8115d244b9d4b84028487bf8923e
* upstream: Fix authentication failures when "AuthenticationMethodsdjm@openbsd.org2019-03-261-1/+9
| | | | | | | | any" in a Match block overrides a more restrictive global default. Spotted by jmc@, ok markus@ OpenBSD-Commit-ID: a90a4fe2ab81d0eeeb8fdfc21af81f7eabda6666
* last bits of old packet API / active_state globalDamien Miller2019-01-201-3/+3
|
* remove PAM dependencies on old packet APIDamien Miller2019-01-201-1/+1
| | | | | Requires some caching of values, because the PAM code isn't always called with packet context.
* remove vestiges of old packet API from loginrec.cDamien Miller2019-01-191-1/+4
|
* upstream: convert auth.c to new packet APIdjm@openbsd.org2019-01-191-4/+4
| | | | | | with & ok markus@ OpenBSD-Commit-ID: 7e10359f614ff522b52a3f05eec576257794e8e4
* upstream: convert auth2.c to new packet APIDamien Miller2019-01-191-47/+59
| | | | OpenBSD-Commit-ID: ed831bb95ad228c6791bc18b60ce7a2edef2c999
* upstream: begin landing remaining refactoring of packet parsingdjm@openbsd.org2019-01-191-1/+4
| | | | | | | | | | | | | API, started almost exactly six years ago. This change stops including the old packet_* API by default and makes each file that requires the old API include it explicitly. We will commit file-by-file refactoring to remove the old API in consistent steps. with & ok markus@ OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4
* upstream: include time.h for time(3)/nanosleep(2); from Iandjm@openbsd.org2019-01-171-1/+2
| | | | | | McKellar OpenBSD-Commit-ID: 6412ccd06a88f65b207a1089345f51fa1244ea51
* upstream: hold our collective noses and use the openssl-1.1.x API indjm@openbsd.org2018-09-131-2/+2
| | | | | | OpenSSH; feedback and ok tb@ jsing@ markus@ OpenBSD-Commit-ID: cacbcac87ce5da0d3ca7ef1b38a6f7fb349e4417
* upstream: remove legacy key emulation layer; ok djm@markus@openbsd.org2018-07-121-2/+2
| | | | OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
* Adapt portable to legacy buffer API removalDamien Miller2018-07-101-5/+10
|
* upstream: sshd: switch authentication to sshbuf API; ok djm@markus@openbsd.org2018-07-101-11/+11
| | | | OpenBSD-Commit-ID: 880aa06bce4b140781e836bb56bec34873290641
* upstream: Explicit cast when snprintf'ing an uint64. Preventsdtucker@openbsd.org2018-05-111-2/+3
| | | | | | warnings on platforms where int64 is long not long long. ok djm@ OpenBSD-Commit-ID: 9c5359e2fbfce11dea2d93f7bc257e84419bd001
* upstream: Defend against user enumeration timing attacks. Thisdtucker@openbsd.org2018-04-131-1/+42
| | | | | | | | establishes a minimum time for each failed authentication attempt (5ms) and adds a per-user constant derived from a host secret (0-4ms). Based on work by joona.kannisto at tut.fi, ok markus@ djm@. OpenBSD-Commit-ID: b7845b355bb7381703339c8fb0e57e81a20ae5ca
* upstream: switch over to the new authorized_keys options API anddjm@openbsd.org2018-03-031-2/+2
| | | | | | | | | | | remove the legacy one. Includes a fairly big refactor of auth2-pubkey.c to retain less state between key file lines. feedback and ok markus@ OpenBSD-Commit-ID: dece6cae0f47751b9892080eb13d6625599573df
* Remove UNICOS support.Darren Tucker2018-02-151-8/+0
| | | | | | | The code required to support it is quite invasive to the mainline code that is synced with upstream and is an ongoing maintenance burden. Both the hardware and software are literal museum pieces these days and we could not find anyone still running OpenSSH on one.
* one SSH_BUG_BANNER instance that got awayDamien Miller2018-01-231-3/+0
|
* upstream commitdjm@openbsd.org2018-01-231-2/+2
| | | | | | | | | | | | | Drop compatibility hacks for some ancient SSH implementations, including ssh.com <=2.* and OpenSSH <= 3.*. These versions were all released in or before 2001 and predate the final SSH RFCs. The hacks in question aren't necessary for RFC- compliant SSH implementations. ok markus@ OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138
* upstream commitdjm@openbsd.org2017-06-241-1/+132
| | | | | | | | | | | refactor authentication logging optionally record successful auth methods and public credentials used in a file accessible to user sessions feedback and ok markus@ Upstream-ID: 090b93036967015717b9a54fd0467875ae9d32fb
* upstream commitmarkus@openbsd.org2017-06-011-2/+2
| | | | | | remove now obsolete ctx from ssh_dispatch_run; ok djm@ Upstream-ID: 9870aabf7f4d71660c31fda91b942b19a8e68d29
* upstream commitmarkus@openbsd.org2017-05-311-2/+2
| | | | | | use the ssh_dispatch_run_fatal variant Upstream-ID: 28c5b364e37c755d1b22652b8cd6735a05c625d8
* upstream commitmarkus@openbsd.org2017-05-311-13/+13
| | | | | | switch auth2 to ssh_dispatch API; ok djm@ Upstream-ID: a752ca19e2782900dd83060b5c6344008106215f
* upstream commitmarkus@openbsd.org2017-05-311-7/+5
| | | | | | protocol handlers all get struct ssh passed; ok djm@ Upstream-ID: 0ca9ea2a5d01a6d2ded94c5024456a930c5bfb5d
* upstream commitmarkus@openbsd.org2017-05-311-5/+9
| | | | | | sshd: pass struct ssh to auth functions; ok djm@ Upstream-ID: b00a80c3460884ebcdd14ef550154c761aebe488
* upstream commitdjm@openbsd.org2017-02-041-3/+9
| | | | | | | | | | | use ssh_packet_set_log_preamble() to include connection username in packet log messages, e.g. Connection closed by invalid user foo 10.1.1.1 port 44056 [preauth] ok markus@ bz#113 Upstream-ID: 3591b88bdb5416d6066fb3d49d8fff2375bf1a15
* upstream commitdjm@openbsd.org2016-05-021-3/+3
| | | | | | | | fix signed/unsigned errors reported by clang-3.7; add sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with better safety checking; feedback and ok markus@ Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
* upstream commitmarkus@openbsd.org2015-01-191-5/+7
| | | | move dispatch to struct ssh; ok djm@
* upstream commitdjm@openbsd.org2014-12-221-4/+2
| | | | | | | | | make internal handling of filename arguments of "none" more consistent with ssh. "none" arguments are now replaced with NULL when the configuration is finalised. Simplifies checking later on (just need to test not-NULL rather than that + strcmp) and cleans up some inconsistencies. ok markus@
* upstream commitdjm@openbsd.org2014-12-211-2/+2
| | | | | don't count partial authentication success as a failure against MaxAuthTries; ok deraadt@
* - millert@cvs.openbsd.org 2014/07/15 15:54:14Damien Miller2014-07-181-1/+2
| | | | | | | | | | | | | | | | [PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h] [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c] [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c] [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c] [sshd_config.5 sshlogin.c] Add support for Unix domain socket forwarding. A remote TCP port may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
* - djm@cvs.openbsd.org 2014/07/03 11:16:55Damien Miller2014-07-031-2/+2
| | | | | | | [auth.c auth.h auth1.c auth2.c] make the "Too many authentication failures" message include the user, source address, port and protocol in a format similar to the authentication success / failure messages; bz#2199, ok dtucker
* - djm@cvs.openbsd.org 2014/01/29 06:18:35Damien Miller2014-02-041-10/+1
| | | | | | | [Makefile.in auth.h auth2-jpake.c auth2.c jpake.c jpake.h monitor.c] [monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h] [schnorr.c schnorr.h servconf.c servconf.h ssh2.h sshconnect2.c] remove experimental, never-enabled JPAKE code; ok markus@
* - djm@cvs.openbsd.org 2013/05/19 02:42:42Darren Tucker2013-06-011-2/+2
| | | | | | | | | | | [auth.h auth.c key.c monitor.c auth-rsa.c auth2.c auth1.c key.h] Standardise logging of supplemental information during userauth. Keys and ruser is now logged in the auth success/failure message alongside the local username, remote host/port and protocol in use. Certificates contents and CA are logged too. Pushing all logging onto a single line simplifies log analysis as it is no longer necessary to relate information scattered across multiple log entries. "I like it" markus@
* - djm@cvs.openbsd.org 2013/05/17 00:13:13Darren Tucker2013-06-011-9/+8
| | | | | | | | | | | | | | | | | | [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c dns.c packet.c readpass.c authfd.c moduli.c] bye, bye xfree(); ok markus@
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-30 04:38:05 +0100