search for: auth1

--- auth1.c.orig Sat Feb 3 18:17:53 2001 Bringa AIX modes in line with latest changes to auth1.c +++ auth1.c Sat Feb 3 18:19:15 2001 @@ -347,7 +347,7 @@ if (authctxt->failures++ > AUTH_FAIL_MAX) { #ifdef WITH_AIXAUTHENTICATE - loginfailed(user,get...

If I configure openssh-2.1.1p4 with the --with-skey option on a Redhat Linux 6.2 system which has openssl-0.9.5a and skey (the logdaemon 6.2 version) installed, the compile fails with the following errors: auth1.c: In function `do_authloop': auth1.c:331: warning: implicit declaration of function `skey_keyinfo' auth1.c:331: warning: initialization makes pointer from integer without a cast auth1.c:353: warning: implicit declaration of function `skey_haskey' auth1.c:354: warning: implicit declarat...

http://bugzilla.mindrot.org/show_bug.cgi?id=191 Summary: compilation faills in auth1.c:392 `pw' undeclared when USE_PAM is on Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: critical Priority: P2 Component: Miscellaneous...

http://bugzilla.mindrot.org/show_bug.cgi?id=191 mouring at eviladmin.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WORKSFORME ------- Additional Comments From mouring at eviladmin.org

When I attempt to authenticate a user from another domain, I am seeing some strange issues. My winbindd.log shows that I am indeed already trusting the other domain. (I am a member of the na.uis.unisys.com domain.) However, when I try to gain access to a share where the username EU\INBLR-AUTH1 has access, I get prompted for a username and password over and over. Obviously, it can't authenticate the user. I have included the errors from the appropriate log below. Can anyone point me towards a working solution? >From the winbindd.log [2006/02/16 10:18:02, 2] nsswitch/winb...

...mentation violation. The client side encounters an immediate disconnect ("Connection reset by peer"). This could be used by a malicious remote client to enumerate the user names on the Cygwin server machine. The cause is that the Cygwin specific function check_nt_auth() is called in auth1.c and auth2.c with implicitly dereferencing the pointer to struct passwd to get the pw_uid member as parameter. This struct passwd pointer can be NULL if the user isn't found in /etc/passwd. Other similar funcs as auth_pam_password() are called getting the structy passwd pointer itself as par...

Is anyone maintaining the OSF_SIA support in openssh? This seems to be an obvious bug triggered if you try to connect as a non-existant user. >From auth1.c line 459 #elif defined(HAVE_OSF_SIA) (sia_validate_user(NULL, saved_argc, saved_argv, get_canonical_hostname(), pw->pw_name, NULL, 0, NULL, "") == SIASUCCESS)) { #else /* !HAVE_OSF_SIA && !USE_PAM */ At this stage pw could be NULL...

http://bugzilla.mindrot.org/show_bug.cgi?id=98 ------- Additional Comments From wendyp at cray.com 2002-04-23 08:41 ------- updated patch for 22 april snapshot: --- auth1.c.orig Mon Apr 22 14:28:12 2002 +++ auth1.c Mon Apr 22 14:29:48 2002 @@ -26,6 +26,9 @@ #include "session.h" #include "uidswap.h" #include "monitor_wrap.h" +#ifdef _CRAY +#include <ia.h> +#endif /* _CRAY */ /* import */ extern ServerOptions optio...

...Makefile.in openssh-2.2.0p1/Makefile.in --- openssh-2.2.0p1-dist/Makefile.in Tue Aug 22 19:46:23 2000 +++ openssh-2.2.0p1/Makefile.in Sat Oct 14 19:34:08 2000 @@ -40,7 +40,7 @@ SSHOBJS= ssh.o sshconnect.o sshconnect1.o sshconnect2.o log-client.o readconf.o clientloop.o -SSHDOBJS= sshd.o auth.o auth1.o auth2.o auth-rhosts.o auth-options.o auth-krb4.o auth-pam.o auth-passwd.o auth-rsa.o auth-rh-rsa.o pty.o log-server.o login.o loginrec.o servconf.o serverloop.o md5crypt.o session.o +SSHDOBJS= sshd.o auth.o auth1.o auth2.o auth-rhosts.o auth-options.o auth-krb4.o auth-pam.o auth-passwd.o auth-rsa...

https://bugzilla.mindrot.org/show_bug.cgi?id=2541 Bug ID: 2541 Summary: Add explicit_bzero() before free() in OpenSSH-7.1p2 for auth1.c/auth2.c/auth2-hostbased.c Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org R...

OpenBSD tree is heading into a lock and this includes OpenSSH. So we are winding up for a 3.5 release. If we can get people to test the current snapshots and report any problems that would improve the odds that your platform won't be broke for 3.5. Issues I know off of right now. 1. I can't test NeXT. So I TRULY need someone in that community to test for me. Last I heard there was

...Is Exim neccesary to use SSL(TLS) for authorization of outgoing SMTP? Configuration files is as follows; - Exim ---------------------------------------------------------- dovecot_login: driver = dovecot public_name = LOGIN server_socket = /var/run/dovecot/auth-client server_set_id = $auth1 dovecot_plain: driver = dovecot public_name = PLAIN server_socket = /var/run/dovecot/auth-client server_set_id = $auth2 ---------------------------------------------------------- - Dovecot ---------------------------------------------------------- auth default { mechanisms = plain...

...uot; ./configure --prefix=/usr/local/openssh-2.0.0beta1 --sysconfdir=/usr/local/openssh-2.0.0beta1/etc --with-ssl-dir=/usr/local/openssl-0.9.5a/lib --with-skey --with-tcp-wrappers a subsequent make will eventually die with: gcc -o sshd sshd.o auth.o auth1.o auth2.o auth-rhosts.o auth-krb4.o auth-pam.o auth-passwd.o auth-rsa.o auth-rh-rsa.o pty.o log-server.o login.o servconf.o serverloop.o bsd-login.o md5crypt.o session.o -L. -L/usr/local/openssl-0.9.5a/lib -L/usr/local/skey-1.1/lib -lssh -ldl -lnsl -lz -lutil -lpam -lcrypto -lskey -lwrap auth1.o:...

...t; debug1: Trying to reverse map address 127.0.0.1. debug1: PAM setting rhost to "localhost" debug1: Attempting authentication for stevesk. debug1: PAM Password authentication for "stevesk" failed[9]: Authentication failed Failed rsa for stevesk from 127.0.0.1 port 49568 Index: auth1.c =================================================================== RCS file: /var/cvs/openssh/auth1.c,v retrieving revision 1.30 diff -u -r1.30 auth1.c --- auth1.c 2001/02/12 07:02:24 1.30 +++ auth1.c 2001/02/12 18:58:22 @@ -97,7 +97,7 @@ (!options.kerberos_authentication || options.kerber...

http://bugzilla.mindrot.org/show_bug.cgi?id=98 wendyp at cray.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID ------- Additional Comments From wendyp at cray.com 2002-07-23 08:43

...SH 3.8.1p1 on Linux. With an account that has an empty password and with PAM and Privilege Separation turned on through the SSH1 protocol, the login fails with: fatal: mm_request_receive_expect: read: rtype 24 != type 46 I believe the problem is a missing do_pam_account() call. The patch below to auth1.c fixes the problem. If this is correct, can someone please commit this? Thanks, Dave. --- auth1.c 19 Jun 2004 00:51:06 -0000 1.1 +++ auth1.c 22 Jun 2004 04:07:38 -0000 1.5 @@ -81,8 +81,13 @@ (!options.kerberos_authentication || options.kerberos_or_local_passwd) && #endif PR...

...egal user %.100s from %.100s", user, get_remote_ipaddr()); -#ifdef WITH_AIXAUTHENTICATE - loginfailed(user, + record_failed_login(user, get_canonical_hostname(options.verify_reverse_mapping), "ssh"); -#endif return (NULL); } if (!allowed_user(pw)) Index: auth1.c =================================================================== RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/auth1.c,v retrieving revision 1.79 diff -u -r1.79 auth1.c --- auth1.c 24 Feb 2003 00:59:27 -0000 1.79 +++ auth1.c 25 Feb 2003 09:45:10 -0000 @@ -311,8 +311,6 @@ au...

...egal user %.100s from %.100s", user, get_remote_ipaddr()); -#ifdef WITH_AIXAUTHENTICATE - loginfailed(user, + record_failed_login(user, get_canonical_hostname(options.verify_reverse_mapping), "ssh"); -#endif return (NULL); } if (!allowed_user(pw)) Index: auth1.c =================================================================== RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/auth1.c,v retrieving revision 1.79 diff -u -r1.79 auth1.c --- auth1.c 24 Feb 2003 00:59:27 -0000 1.79 +++ auth1.c 25 Feb 2003 09:45:10 -0000 @@ -311,8 +311,6 @@ au...

Folks, During testing, we found a couple of issues with openssh3.0.2p1: 1. In userauth_finish() in auth2.c (as well as in do_authloop in auth1.c), the foll. check: if (authctxt->failures++ > AUTH_FAIL_MAX) is never satisfied and thus packet_disconnect() never gets called. I suspect the code just drops out of the dispatch_run function list instead. This should be an == instead of >. While looking at the debug output when delib...

...egal user %.100s from %.100s", user, get_remote_ipaddr()); -#ifdef WITH_AIXAUTHENTICATE - loginfailed(user, + record_failed_login(user, get_canonical_hostname(options.verify_reverse_mapping), "ssh"); -#endif return (NULL); } if (!allowed_user(pw)) Index: auth1.c =================================================================== RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/auth1.c,v retrieving revision 1.78 diff -u -r1.78 auth1.c --- auth1.c 23 Jan 2003 06:41:20 -0000 1.78 +++ auth1.c 27 Jan 2003 10:51:39 -0000 @@ -311,8 +311,6 @@ au...