Displaying 6 results from an estimated 6 matches for "auth2_challenge_stop".
2003 Sep 22
9
[Bug 702] dont call userauth_finish after auth2_challenge_stop
http://bugzilla.mindrot.org/show_bug.cgi?id=702
Summary: dont call userauth_finish after auth2_challenge_stop
Product: Portable OpenSSH
Version: 3.7.1p1
Platform: UltraSparc
OS/Version: Solaris
Status: NEW
Severity: major
Priority: P2
Component: PAM support
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: pa...
2003 Mar 31
1
resource leak in ssh1 challenge-response authentication
If an ssh1 client initiates challenge-response authentication but does
not submit a response to the challenge, and instead switches to some
other authentication method, verify_response() will never run, and the
kbdint device context will never be freed. In some cases (such as
when the FreeBSD PAM authentication code is being used) this may cause
a resource leak leading to a denial of service.
2002 Mar 28
1
[PATCH] Feature addition: user access control per auth method
..._users;
+ char **deny_users;
+ int num_allow_groups;
+ char **allow_groups;
+ int num_deny_groups;
+ char **deny_groups;
+};
+
+
/*
* Keyboard interactive device:
* init_ctx returns: non NULL upon success
@@ -133,6 +147,7 @@
void auth2_challenge_stop(Authctxt *);
int allowed_user(struct passwd *);
+int auth_allowed_user(struct passwd *, Authaccess);
char *get_challenge(Authctxt *);
int verify_response(Authctxt *, const char *);
Index: auth2.c
===================================================================
RCS file: /cvs/openssh/auth2...
2012 Feb 04
8
Potential memory leak in sshd [detected by melton]
Hi all,
After the memory leaks (bug 1967
<https://bugzilla.mindrot.org/show_bug.cgi?id=1967>) I reported in
bugzilla are fixed,
I also applied melton(http://lcs.ios.ac.cn/~xuzb/melton.html)
to detect the potential bugs in sshd (openssh-5.9p1).
The url below is the index of bug reports that are checked as real
bugs manually.
2003 Oct 28
2
Privilege separation
...-3.7.1p2.privsep/auth.h Wed Sep 3 06:11:30 2003
+++ openssh-3.7.1p2/auth.h Sat Oct 4 22:49:24 2003
@@ -133,7 +133,9 @@
char *auth2_read_banner(void);
+#ifndef DISABLE_PRIVSEP
void privsep_challenge_enable(void);
+#endif /* DISABLE_PRIVSEP */
int auth2_challenge(Authctxt *, char *);
void auth2_challenge_stop(Authctxt *);
diff -adurN openssh-3.7.1p2.privsep/auth1.c openssh-3.7.1p2/auth1.c
--- openssh-3.7.1p2.privsep/auth1.c Wed Sep 3 01:32:46 2003
+++ openssh-3.7.1p2/auth1.c Sat Oct 4 23:08:43 2003
@@ -304,8 +304,12 @@
authctxt->pw = fakepw();
}
+#ifndef DISABLE_PRIVSEP
setproctitle("...
2003 Aug 10
9
updated gssapi diff
...#endif
+#ifdef GSSAPI
+extern Authmethod method_gssapi;
+#endif
Authmethod *authmethods[] = {
&method_none,
&method_pubkey,
+#ifdef GSSAPI
+ &method_gssapi,
+#endif
&method_passwd,
&method_kbdint,
&method_hostbased,
@@ -176,6 +186,12 @@
}
/* reset state */
auth2_challenge_stop(authctxt);
+
+#ifdef GSSAPI
+ dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL);
+ dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_EXCHANGE_COMPLETE, NULL);
+#endif
+
authctxt->postponed = 0;
/* try to authenticate user */
Index: compat.c
=============================================================...