Displaying 16 results from an estimated 16 matches for "auth_parse_opt".
2001 Nov 20
0
Patch: 3.0.1p1: rename a conflicting variable
...ted = !quoted;
}
} else
- options = NULL;
+ optionsp = NULL;
/* Parse the key from the line. */
if (!auth_rsa_read_key(&cp, &bits, pk->e, pk->n)) {
@@ -232,7 +231,7 @@
* If our options do not allow this key to be used,
* do not send challenge.
*/
- if (!auth_parse_options(pw, options, file, linenum))
+ if (!auth_parse_options(pw, optionsp, file, linenum))
continue;
/* Perform the challenge-response dialog for this key. */
--- auth2.c.orig Mon Nov 19 16:54:10 2001
+++ auth2.c Mon Nov 19 16:55:18 2001
@@ -691,7 +691,7 @@
found = key_new(key->type);...
2001 Dec 04
0
PATCH: log key fingerprint upon successful login
...ted = !quoted;
}
} else
- options = NULL;
+ optionsp = NULL;
/* Parse the key from the line. */
if (!auth_rsa_read_key(&cp, &bits, pk->e, pk->n)) {
@@ -232,7 +232,7 @@
* If our options do not allow this key to be used,
* do not send challenge.
*/
- if (!auth_parse_options(pw, options, file, linenum))
+ if (!auth_parse_options(pw, optionsp, file, linenum))
continue;
/* Perform the challenge-response dialog for this key. */
@@ -251,6 +251,15 @@
* otherwise continue searching.
*/
authenticated = 1;
+ if (options.log_fingerprint) {
+ Key *aut...
2001 Aug 15
0
[ossh patch] principal name/patterns in authorized_keys2
...d/pattern key type support to a variety of functions,
including key_read() and key_write(), among others
- added key_match() implementation
- auth-options.h
- added void auth_set_key_env(Key *) prototype
- auth-options.c
- added auth_set_key_env() implementation
- modified auth_parse_options() to return (-1) when new deny-access
option is encountered
- auth-rsa.c
- modified auth_parse_options() return value check according to the
change made to auth_parse_options()
- auth2.c
- modified user_key_allowed() to:
- try key_match() if key_equal() fails...
2002 Jan 24
1
PATCH: krb4/krb5/... names/patterns in auth_keys entries
...d/pattern key type support to a variety of functions,
including key_read() and key_write(), among others
- added key_match() implementation
- auth-options.h
- added void auth_set_key_env(Key *) prototype
- auth-options.c
- added auth_set_key_env() implementation
- modified auth_parse_options() to return (-1) when new deny-access
option is encountered
- auth-rsa.c
- modified auth_parse_options() return value check according to the
change made to auth_parse_options()
- auth2.c
- user_key_allowed() is not static now
- modified user_key_allowed2() to:...
2003 May 12
0
Patch logging comment field of authorized key being used
...http://www.zurich.ibm.com/~nik/
CH-8803 Rueschlikon / Switzerland P: +41-1-724-8913 F: +41-1-724-8080
-------------- next part --------------
*** auth-rsa.c.orig Tue Jun 11 17:47:42 2002
--- auth-rsa.c Thu May 8 14:43:33 2003
***************
*** 257,266 ****
--- 257,270 ----
*/
if (!auth_parse_options(pw, options, file, linenum))
continue;
/* break out, this key is allowed */
+ /* Log matching key's comment after stripping '\n'. */
+ if ( strlen(cp) && ( cp[strlen(cp)-1] == '\n' ) )
+ cp[strlen(cp)-1] = '\0';
+ log("Authorized ke...
2000 Jul 12
1
Problems with Port Forwarding and Password auth
...irect_tcpip()
...
if (! no_port_forwarding_flag)
...
Basically the no_port_forwarding_flag was set to 0. Which seemed odd because I set
the GatewayPorts to yes, in the sshd_config. So I look further, and it seems that
the no_port_forwarding_flag only is set in one place inside sshd. That is in
auth_parse_options().
Unfortunately auth_parse_options() is only called by user_dsa_key_allowed() which is
in turn only called by ssh2_auth_pubkey() which due to this if statement in
input_userauth_request()
if (pw && strcmp(service, "ssh-connection")==0) {
if (strcmp(method, "none&quo...
2012 Jul 20
5
[Bug 2027] New: SSH generates misleading errors when using public key authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=2027
Priority: P5
Bug ID: 2027
Assignee: unassigned-bugs at mindrot.org
Summary: SSH generates misleading errors when using public key
authentication
Severity: normal
Classification: Unclassified
OS: Linux
Reporter: xavier.jodoin at corp.ovh.com
2002 Jan 29
2
Key fingerprint logging
..._key(&cp, &bits, pk->e, pk->n)) {
debug("%.100s, line %lu: non ssh1 key syntax",
file, linenum);
@@ -230,11 +230,11 @@
/* We have found the desired key. */
/*
* If our options do not allow this key to be used,
* do not send challenge.
*/
- if (!auth_parse_options(pw, options, file, linenum))
+ if (!auth_parse_options(pw, key_options, file, linenum))
continue;
/* Perform the challenge-response dialog for this key. */
if (!auth_rsa_challenge_dialog(pk)) {
/* Wrong response. */
@@ -249,10 +249,19 @@
* authentication to be rejected....
2010 Apr 29
12
[Bug 1765] New: Error message if key not first in authorized_keys file
https://bugzilla.mindrot.org/show_bug.cgi?id=1765
Summary: Error message if key not first in authorized_keys file
Product: Portable OpenSSH
Version: 5.5p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
2001 Feb 09
1
Bug in auth-options.c
...pplied to all subsequent lines without
options.
IMNSHO this clearly shows the evil of global variables, and using
extern whatever as a means of information sharing.
Cheers,
Han Holl
--- auth-options.c.orig Fri Feb 9 14:14:51 2001
+++ auth-options.c Fri Feb 9 14:18:43 2001
@@ -57,11 +57,12 @@
auth_parse_options(struct passwd *pw, char *options, unsigned long linenum)
{
const char *cp;
- if (!options)
- return 1;
/* reset options */
auth_clear_options();
+
+ if (!options)
+ return 1;
while (*options && *options != ' ' && *options != '\t') {
cp = "n...
2001 May 17
0
Patch: Set SSH_AUTHKEY to key id used to authenticate.
...UD, Firewalls, Python
-------------- next part --------------
diff -ur openssh-2.9p1/auth2.c openssh-2.9p1authdata/auth2.c
--- openssh-2.9p1/auth2.c Wed Apr 25 06:44:15 2001
+++ openssh-2.9p1authdata/auth2.c Thu May 17 00:56:38 2001
@@ -771,6 +771,7 @@
if (key_equal(found, key) &&
auth_parse_options(pw, options, file, linenum) == 1) {
found_key = 1;
+ key_matching_data(cp);
debug("matching key found: file %s, line %ld",
file, linenum);
break;
diff -ur openssh-2.9p1/key.c openssh-2.9p1authdata/key.c
--- openssh-2.9p1/key.c Tue Apr 17 12:11:37 2001
+++ openssh...
2008 May 26
4
[Bug 1472] New: Authentication options not cleared in privileged process
...ntication options are only cleared in the monitor rather
than in the privileged process. The obvious fix seems to be to clear
them in both processes. This is implemented by the attached patch.
This is only reproducible if the last key offered by the client is the
one with the forced command, since auth_parse_options calls
auth_clear_options on entry and that's called in the privileged
process.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
2011 Feb 01
2
Multiple forced commands being executed
Hi,
Sorry to post this here again, I already posted it in the users
mailing list but haven't got very far. I really need to get this
resolved ASAP, as it's causing a big security headache for us. If
anyone can help that would be wonderful. The original thread is here:
http://marc.info/?l=secure-shell&m=129562817820176&w=2
I am having a very strange problem with SSH. Essentially,
2006 Mar 08
4
[Bug 1172] [PATCH] Restrict public key authentication to scp access only
http://bugzilla.mindrot.org/show_bug.cgi?id=1172
Summary: [PATCH] Restrict public key authentication to scp access
only
Product: Portable OpenSSH
Version: 4.3p2
Platform: All
OS/Version: Linux
Status: NEW
Keywords: patch
Severity: enhancement
Priority: P2
Component: scp
2011 Oct 08
3
[PATCH] add log= directive to authorized_hosts
Attached is a patch which adds a log= directive to authorized_keys. The text
in the log="text" directive is appended to the log line, so you can easily
tell which key is matched.
For instance the line:
log="hello world!",no-agent-forwarding,command="/bin/true",no-pty,
no-user-rc,no-X11-forwarding,permitopen="127.0.0.1:7"
ssh-rsa AAAAB3Nza....xcgaK9xXoU=
2007 Jun 05
9
[Bug 1319] New: ssh-keygen does not properly handle multiple keys
http://bugzilla.mindrot.org/show_bug.cgi?id=1319
Summary: ssh-keygen does not properly handle multiple keys
Product: Portable OpenSSH
Version: 4.5p1
Platform: Other
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh-keygen
AssignedTo: bitbucket at mindrot.org