Displaying 2 results from an estimated 2 matches for "abandon_challenge_response".
2003 Mar 31
1
resource leak in ssh1 challenge-response authentication
...switches to some
other authentication method, verify_response() will never run, and the
kbdint device context will never be freed. In some cases (such as
when the FreeBSD PAM authentication code is being used) this may cause
a resource leak leading to a denial of service.
The attached patch adds abandon_challenge_response() to auth-chall.c,
and code to auth1.c to call it if challenge-response authentication
was initiated but not completed.
DES
--
Dag-Erling Sm?rgrav - des at ofug.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sshd-auth-chall.diff
Type: text/x-patch
Size: 2...
2003 May 10
4
New PAM code landing (at last)
Hello all,
The long-mooted PAM merge from FreeBSD is starting _now_. This replaces
the PAM password auth kludge that we have used until now with a discrete
challenge-response module. This module is invoked via
keyboard-interactive for protocol 2 or TIS auth for protocol 1.
Warning: this is a large change and will probably break things. It has
only been tested with basic password auth modules and