search for: auth_parse_opt

Displaying 16 results from an estimated 16 matches for "auth_parse_opt".

2001 Nov 20
0
Patch: 3.0.1p1: rename a conflicting variable
...ted = !quoted; } } else - options = NULL; + optionsp = NULL; /* Parse the key from the line. */ if (!auth_rsa_read_key(&cp, &bits, pk->e, pk->n)) { @@ -232,7 +231,7 @@ * If our options do not allow this key to be used, * do not send challenge. */ - if (!auth_parse_options(pw, options, file, linenum)) + if (!auth_parse_options(pw, optionsp, file, linenum)) continue; /* Perform the challenge-response dialog for this key. */ --- auth2.c.orig Mon Nov 19 16:54:10 2001 +++ auth2.c Mon Nov 19 16:55:18 2001 @@ -691,7 +691,7 @@ found = key_new(key->type);...
2001 Dec 04
0
PATCH: log key fingerprint upon successful login
...ted = !quoted; } } else - options = NULL; + optionsp = NULL; /* Parse the key from the line. */ if (!auth_rsa_read_key(&cp, &bits, pk->e, pk->n)) { @@ -232,7 +232,7 @@ * If our options do not allow this key to be used, * do not send challenge. */ - if (!auth_parse_options(pw, options, file, linenum)) + if (!auth_parse_options(pw, optionsp, file, linenum)) continue; /* Perform the challenge-response dialog for this key. */ @@ -251,6 +251,15 @@ * otherwise continue searching. */ authenticated = 1; + if (options.log_fingerprint) { + Key *aut...
2001 Aug 15
0
[ossh patch] principal name/patterns in authorized_keys2
...d/pattern key type support to a variety of functions, including key_read() and key_write(), among others - added key_match() implementation - auth-options.h - added void auth_set_key_env(Key *) prototype - auth-options.c - added auth_set_key_env() implementation - modified auth_parse_options() to return (-1) when new deny-access option is encountered - auth-rsa.c - modified auth_parse_options() return value check according to the change made to auth_parse_options() - auth2.c - modified user_key_allowed() to: - try key_match() if key_equal() fails...
2002 Jan 24
1
PATCH: krb4/krb5/... names/patterns in auth_keys entries
...d/pattern key type support to a variety of functions, including key_read() and key_write(), among others - added key_match() implementation - auth-options.h - added void auth_set_key_env(Key *) prototype - auth-options.c - added auth_set_key_env() implementation - modified auth_parse_options() to return (-1) when new deny-access option is encountered - auth-rsa.c - modified auth_parse_options() return value check according to the change made to auth_parse_options() - auth2.c - user_key_allowed() is not static now - modified user_key_allowed2() to:...
2003 May 12
0
Patch logging comment field of authorized key being used
...http://www.zurich.ibm.com/~nik/ CH-8803 Rueschlikon / Switzerland P: +41-1-724-8913 F: +41-1-724-8080 -------------- next part -------------- *** auth-rsa.c.orig Tue Jun 11 17:47:42 2002 --- auth-rsa.c Thu May 8 14:43:33 2003 *************** *** 257,266 **** --- 257,270 ---- */ if (!auth_parse_options(pw, options, file, linenum)) continue; /* break out, this key is allowed */ + /* Log matching key's comment after stripping '\n'. */ + if ( strlen(cp) && ( cp[strlen(cp)-1] == '\n' ) ) + cp[strlen(cp)-1] = '\0'; + log("Authorized ke...
2000 Jul 12
1
Problems with Port Forwarding and Password auth
...irect_tcpip() ... if (! no_port_forwarding_flag) ... Basically the no_port_forwarding_flag was set to 0. Which seemed odd because I set the GatewayPorts to yes, in the sshd_config. So I look further, and it seems that the no_port_forwarding_flag only is set in one place inside sshd. That is in auth_parse_options(). Unfortunately auth_parse_options() is only called by user_dsa_key_allowed() which is in turn only called by ssh2_auth_pubkey() which due to this if statement in input_userauth_request() if (pw && strcmp(service, "ssh-connection")==0) { if (strcmp(method, "none&quo...
2012 Jul 20
5
[Bug 2027] New: SSH generates misleading errors when using public key authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=2027 Priority: P5 Bug ID: 2027 Assignee: unassigned-bugs at mindrot.org Summary: SSH generates misleading errors when using public key authentication Severity: normal Classification: Unclassified OS: Linux Reporter: xavier.jodoin at corp.ovh.com
2002 Jan 29
2
Key fingerprint logging
..._key(&cp, &bits, pk->e, pk->n)) { debug("%.100s, line %lu: non ssh1 key syntax", file, linenum); @@ -230,11 +230,11 @@ /* We have found the desired key. */ /* * If our options do not allow this key to be used, * do not send challenge. */ - if (!auth_parse_options(pw, options, file, linenum)) + if (!auth_parse_options(pw, key_options, file, linenum)) continue; /* Perform the challenge-response dialog for this key. */ if (!auth_rsa_challenge_dialog(pk)) { /* Wrong response. */ @@ -249,10 +249,19 @@ * authentication to be rejected....
2010 Apr 29
12
[Bug 1765] New: Error message if key not first in authorized_keys file
https://bugzilla.mindrot.org/show_bug.cgi?id=1765 Summary: Error message if key not first in authorized_keys file Product: Portable OpenSSH Version: 5.5p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: unassigned-bugs at mindrot.org
2001 Feb 09
1
Bug in auth-options.c
...pplied to all subsequent lines without options. IMNSHO this clearly shows the evil of global variables, and using extern whatever as a means of information sharing. Cheers, Han Holl --- auth-options.c.orig Fri Feb 9 14:14:51 2001 +++ auth-options.c Fri Feb 9 14:18:43 2001 @@ -57,11 +57,12 @@ auth_parse_options(struct passwd *pw, char *options, unsigned long linenum) { const char *cp; - if (!options) - return 1; /* reset options */ auth_clear_options(); + + if (!options) + return 1; while (*options && *options != ' ' && *options != '\t') { cp = "n...
2001 May 17
0
Patch: Set SSH_AUTHKEY to key id used to authenticate.
...UD, Firewalls, Python -------------- next part -------------- diff -ur openssh-2.9p1/auth2.c openssh-2.9p1authdata/auth2.c --- openssh-2.9p1/auth2.c Wed Apr 25 06:44:15 2001 +++ openssh-2.9p1authdata/auth2.c Thu May 17 00:56:38 2001 @@ -771,6 +771,7 @@ if (key_equal(found, key) && auth_parse_options(pw, options, file, linenum) == 1) { found_key = 1; + key_matching_data(cp); debug("matching key found: file %s, line %ld", file, linenum); break; diff -ur openssh-2.9p1/key.c openssh-2.9p1authdata/key.c --- openssh-2.9p1/key.c Tue Apr 17 12:11:37 2001 +++ openssh...
2008 May 26
4
[Bug 1472] New: Authentication options not cleared in privileged process
...ntication options are only cleared in the monitor rather than in the privileged process. The obvious fix seems to be to clear them in both processes. This is implemented by the attached patch. This is only reproducible if the last key offered by the client is the one with the forced command, since auth_parse_options calls auth_clear_options on entry and that's called in the privileged process. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching the assignee of the bug.
2011 Feb 01
2
Multiple forced commands being executed
Hi, Sorry to post this here again, I already posted it in the users mailing list but haven't got very far. I really need to get this resolved ASAP, as it's causing a big security headache for us. If anyone can help that would be wonderful. The original thread is here: http://marc.info/?l=secure-shell&m=129562817820176&w=2 I am having a very strange problem with SSH. Essentially,
2006 Mar 08
4
[Bug 1172] [PATCH] Restrict public key authentication to scp access only
http://bugzilla.mindrot.org/show_bug.cgi?id=1172 Summary: [PATCH] Restrict public key authentication to scp access only Product: Portable OpenSSH Version: 4.3p2 Platform: All OS/Version: Linux Status: NEW Keywords: patch Severity: enhancement Priority: P2 Component: scp
2011 Oct 08
3
[PATCH] add log= directive to authorized_hosts
Attached is a patch which adds a log= directive to authorized_keys. The text in the log="text" directive is appended to the log line, so you can easily tell which key is matched. For instance the line: log="hello world!",no-agent-forwarding,command="/bin/true",no-pty, no-user-rc,no-X11-forwarding,permitopen="127.0.0.1:7" ssh-rsa AAAAB3Nza....xcgaK9xXoU=
2007 Jun 05
9
[Bug 1319] New: ssh-keygen does not properly handle multiple keys
http://bugzilla.mindrot.org/show_bug.cgi?id=1319 Summary: ssh-keygen does not properly handle multiple keys Product: Portable OpenSSH Version: 4.5p1 Platform: Other OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh-keygen AssignedTo: bitbucket at mindrot.org