Displaying 20 results from an estimated 77 matches for "get_canonical_hostname".
2001 Feb 04
1
minor aix patch to auth1.c
...th1.c.orig Sat Feb 3 18:17:53 2001
Bringa AIX modes in line with latest changes to auth1.c
+++ auth1.c Sat Feb 3 18:19:15 2001
@@ -347,7 +347,7 @@
if (authctxt->failures++ > AUTH_FAIL_MAX) {
#ifdef WITH_AIXAUTHENTICATE
- loginfailed(user,get_canonical_hostname(),"ssh");
+
loginfailed(authctxt->user,get_canonical_hostname(),"ssh");
#endif /* WITH_AIXAUTHENTICATE */
packet_disconnect(AUTH_FAIL_MSG, authctxt->user);
}
2000 Oct 15
1
Patch for Digital Unix SIA authentication
...+#include "ssh.h"
+
+#include <sia.h>
+#include <siad.h>
+
+extern int saved_argc;
+extern char **saved_argv;
+
+int
+auth_sia_password (user, pass)
+ char *user;
+ char *pass;
+{
+ SIAENTITY *ent = NULL;
+ int ret;
+
+ if (sia_ses_init (&ent, saved_argc, saved_argv,
+ get_canonical_hostname(), user, NULL, 0, NULL) != SIASUCCESS)
+ return 0;
+ if ((ret = sia_ses_authent (NULL, pass, ent)) != SIASUCCESS) {
+ if (ret & SIASTOP)
+ sia_ses_release (&ent);
+ return 0;
+ }
+ if (sia_ses_estab (NULL, ent) != SIASUCCESS)
+ return 0;
+ sia_ses_release (&ent);
+ return 1;
+}
+...
2000 May 15
1
AIX authenticate patches
...to log on... */
--- auth1.c.orig Wed May 10 15:53:51 2000
+++ auth1.c Thu May 11 15:13:37 2000
@@ -66,9 +66,7 @@
get_remote_port());
#ifdef WITH_AIXAUTHENTICATE
- if (strncmp(get_authname(type),"password",
- strlen(get_authname(type))) == 0)
- loginfailed(pw->pw_name,get_canonical_hostname(),"ssh");
+ loginfailed(user,get_canonical_hostname(),"ssh");
#endif /* WITH_AIXAUTHENTICATE */
/* Indicate that authentication is needed. */
@@ -408,8 +406,12 @@
client_user = NULL;
}
- if (attempt > AUTH_FAIL_MAX)
+ if (attempt > AUTH_FAIL_MAX) {
+#ifdef...
2001 Feb 12
2
OSF_SIA bug in 2.3.0p1
Is anyone maintaining the OSF_SIA support in openssh? This seems to be an
obvious bug triggered if you try to connect as a non-existant user.
>From auth1.c line 459
#elif defined(HAVE_OSF_SIA)
(sia_validate_user(NULL, saved_argc, saved_argv,
get_canonical_hostname(), pw->pw_name, NULL, 0,
NULL, "") == SIASUCCESS)) {
#else /* !HAVE_OSF_SIA && !USE_PAM */
At this stage pw could be NULL so obviously pw->pw_name isn't a valid
thing to do. Should this just be 'user'? I'm not even 100% sure of the
vali...
2001 Feb 10
1
[PATCH] Tell PAM about remote host earlier
...nes
before the patch.)
--
Andrew Bartlett
abartlet at pcug.org.au
-------------- next part --------------
--- auth-pam.c.orig Sat Feb 10 13:01:35 2001
+++ auth-pam.c Sat Feb 10 14:14:53 2001
@@ -191,14 +191,6 @@
{
int pam_retval;
- debug("PAM setting rhost to \"%.200s\"", get_canonical_hostname());
- pam_retval = pam_set_item(pamh, PAM_RHOST,
- get_canonical_hostname());
- if (pam_retval != PAM_SUCCESS) {
- fatal("PAM set rhost failed[%d]: %.200s",
- pam_retval, PAM_STRERROR(pamh, pam_retval));
- }
-
if (remote_user != NULL) {
debug("PAM setting ruser to \"%...
2002 Jul 18
2
[Bug 312] canhost.h needs to be included
http://bugzilla.mindrot.org/show_bug.cgi?id=312
------- Additional Comments From stevesk at pobox.com 2002-07-18 14:07 -------
why is it required?
i don't see any canohost.h functions in those files.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2000 Oct 07
0
OpenSSH changes for BSD/OS
...gt;pw_dir);
pwcopy.pw_shell = xstrdup(pw->pw_shell);
+ #if defined(BSD) && BSD >= 199506
+ pwcopy.pw_class = xstrdup(pw->pw_class);
+ #endif
pw = &pwcopy;
#ifdef USE_PAM
***************
*** 508,514 ****
(sia_validate_user(NULL, saved_argc, saved_argv,
get_canonical_hostname(), pw->pw_name, NULL, 0, NULL,
"") == SIASUCCESS)) {
! #else /* !HAVE_OSF_SIA && !USE_PAM */
auth_password(pw, "")) {
#endif /* USE_PAM */
/* Authentication with empty password succeeded. */
--- 529,537 ----
(sia_validate_user(NULL, saved_a...
2001 Dec 19
0
Patch for DU SIA auth
...on Apr 16 04:37:05 2001
--- openssh-3.0.2p1-tschroed/auth-sia.c Thu Dec 6 13:02:26 2001
***************
*** 21,32 ****
extern char **saved_argv;
extern int errno;
int
auth_sia_password(char *user, char *pass)
{
int ret;
- SIAENTITY *ent = NULL;
const char *host;
host = get_canonical_hostname(options.reverse_mapping_check);
--- 21,32 ----
extern char **saved_argv;
extern int errno;
+ SIAENTITY *__sia_ent = NULL;
int
auth_sia_password(char *user, char *pass)
{
int ret;
const char *host;
host = get_canonical_hostname(options.reverse_mapping_check);
************...
2005 Jan 20
27
[Bug 974] Record Badlogins for all supported Authentication methods
http://bugzilla.mindrot.org/show_bug.cgi?id=974
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
Severity|normal |enhancement
Platform|HPPA |All
Summary|Enhancement : Record |Record Badlogins for
2006 Sep 14
3
[PATCH] PermitRootLogin woes
...penssh/openssh_cvs/auth-sia.c,v
retrieving revision 1.18
diff -u -r1.18 auth-sia.c
--- auth-sia.c 7 Sep 2006 23:54:41 -0000 1.18
+++ auth-sia.c 14 Sep 2006 10:54:12 -0000
@@ -55,12 +55,14 @@
int ret;
SIAENTITY *ent = NULL;
const char *host;
+ struct passwd * pw = authctxt->pw;
- host = get_canonical_hostname(options.use_dns);
-
+ if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
+ return (0);
if (!authctxt->user || pass == NULL || pass[0] == '\0')
return (0);
+ host = get_canonical_hostname(options.use_dns);
if (sia_ses_init(&ent, saved_argc, saved_ar...
2003 Feb 28
0
[PATCH] Clean up failed login logging.
...7 auth.c
--- auth.c 18 Jan 2003 05:24:06 -0000 1.67
+++ auth.c 25 Feb 2003 09:52:31 -0000
@@ -268,13 +268,10 @@
get_remote_port(),
info);
-#ifdef WITH_AIXAUTHENTICATE
if (authenticated == 0 && strcmp(method, "password") == 0)
- loginfailed(authctxt->user,
- get_canonical_hostname(options.verify_reverse_mapping),
- "ssh");
-#endif /* WITH_AIXAUTHENTICATE */
-
+ record_failed_login(authctxt->user,
+ get_canonical_hostname(options.verify_reverse_mapping),
+ "ssh");
}
/*
@@ -496,11 +493,9 @@
if (pw == NULL) {
log("Illegal user %...
2003 Apr 03
0
[PATCH re-send]: Clean up logging of failed logins.
...7 auth.c
--- auth.c 18 Jan 2003 05:24:06 -0000 1.67
+++ auth.c 25 Feb 2003 09:52:31 -0000
@@ -268,13 +268,10 @@
get_remote_port(),
info);
-#ifdef WITH_AIXAUTHENTICATE
if (authenticated == 0 && strcmp(method, "password") == 0)
- loginfailed(authctxt->user,
- get_canonical_hostname(options.verify_reverse_mapping),
- "ssh");
-#endif /* WITH_AIXAUTHENTICATE */
-
+ record_failed_login(authctxt->user,
+ get_canonical_hostname(options.verify_reverse_mapping),
+ "ssh");
}
/*
@@ -496,11 +493,9 @@
if (pw == NULL) {
log("Illegal user %...
2002 Sep 04
2
uid transition and post-auth privsep (WAS Re: possible fundamental problem with tru64 patch) (fwd)
...> extern char **saved_argv;
>
> -extern int errno;
> -
> int
> auth_sia_password(Authctxt *authctxt, char *pass)
> {
> int ret;
> SIAENTITY *ent = NULL;
> const char *host;
> - char *user = authctxt->user;
>
> host = get_canonical_hostname(options.verify_reverse_mapping);
>
> - if (!user || !pass || pass[0] == '\0')
> + if (!authctxt->user || !pass || pass[0] == '\0')
> return(0);
>
> - if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, NULL, 0,
> - NULL) !=...
2003 Jan 27
1
[PATCH] Creation of record_failed_login() in sshlogin.c
...7 auth.c
--- auth.c 18 Jan 2003 05:24:06 -0000 1.67
+++ auth.c 27 Jan 2003 11:39:07 -0000
@@ -268,13 +268,11 @@
get_remote_port(),
info);
-#ifdef WITH_AIXAUTHENTICATE
- if (authenticated == 0 && strcmp(method, "password") == 0)
- loginfailed(authctxt->user,
- get_canonical_hostname(options.verify_reverse_mapping),
- "ssh");
-#endif /* WITH_AIXAUTHENTICATE */
-
+ if (geteuid() == 0 && authenticated == 0 &&
+ strcmp(method, "password") == 0)
+ record_failed_login(authctxt->user,
+ get_canonical_hostname(options.verify_reverse_m...
2001 Feb 16
1
OpenSSH 2.3.0p1 port to BSDI BSD/OS
...sduser = xstrdup(user);
+ if ((p = strchr(user, ':')) != NULL)
+ *p = '\0';
+ }
+#endif
pw = getpwnam(user);
if (pw && allowed_user(pw)) {
/* Take a copy of the returned structure. */
@@ -460,7 +482,9 @@
(sia_validate_user(NULL, saved_argc, saved_argv,
get_canonical_hostname(), pw->pw_name, NULL, 0,
NULL, "") == SIASUCCESS)) {
-#else /* !HAVE_OSF_SIA && !USE_PAM */
+#elif defined(HAVE_BSD_AUTH_H)
+ auth_userokay(bsduser, NULL, "auth-ssh", "" )) {
+#else /* !HAVE_OSF_SIA && !USE_PAM && !HAVE_BSD_AUTH_H */...
2003 Feb 27
0
Update for Tru64 Unix
...+ openssh/auth-sia.c Wed Feb 26 19:46:17 2003
@@ -45,27 +45,25 @@
extern int saved_argc;
extern char **saved_argv;
-extern int errno;
-
int
auth_sia_password(Authctxt *authctxt, char *pass)
{
int ret;
SIAENTITY *ent = NULL;
const char *host;
- char *user = authctxt->user;
host = get_canonical_hostname(options.verify_reverse_mapping);
- if (pass[0] == '\0')
+ if (!authctxt->user || !pass || pass[0] == '\0')
return(0);
- if (sia_ses_init(&ent, saved_argc, saved_argv, host, user, NULL, 0,
- NULL) != SIASUCCESS)
+ if (sia_ses_init(&ent, saved_argc, saved_argv, h...
2000 Feb 27
0
[PATCH] Fix login.conf, expiration, BSD compatibility in OpenSSH
...*lc;
+ char *hosts;
+ const char *from_host, *from_ip;
+ int denied;
+#endif /* LOGIN_CAP */
/* Get the name of the user that we wish to log in as. */
packet_read_expect(&plen, SSH_CMSG_USER);
@@ -1338,6 +1345,38 @@
packet_disconnect("ROOT LOGIN REFUSED FROM %.200s",
get_canonical_hostname());
}
+
+#ifdef LOGIN_CAP
+ lc = login_getpwclass(pw);
+ if (lc == NULL)
+ lc = login_getclassbyname(NULL, pw);
+ from_host = get_canonical_hostname();
+ from_ip = get_remote_ipaddr();
+
+ denied = 0;
+ if ((hosts = login_getcapstr(lc, "host.deny", NULL, NULL)) != NULL) {
+ denied = m...
2016 Aug 04
0
[Bug 1008] GSSAPI authentication fails with Round Robin DNS hosts
...ent #14 from Mike Frysinger <vapier at gentoo.org> ---
(In reply to Darren Tucker from comment #13)
the original patch written in 2006 was against openbsd cvs, and it
included a config option to turn it on/off (with the default being
off). it largely applied cleanly up through 7.2 until the
get_canonical_hostname refactor.
since that func only lives in auth.c now, how do you want it to work ?
basically have to revert the get_canonical_hostname ->
auth_get_canonical_hostname change to make it work.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching someone on th...
2016 Aug 07
0
[Bug 1008] GSSAPI authentication fails with Round Robin DNS hosts
...--- Comment #15 from Colin Watson <cjwatson at debian.org> ---
I think it would make a degree of sense to move remote_hostname back to
canohost.c and give it external linkage. The commit message for that
refactoring said that it was removing all the caching from canohost.c,
but only (auth_)get_canonical_hostname has that, not the underlying
remote_hostname function.
Given that, it's easy to make the GSSAPI bits use remote_hostname
rather than get_canonical_hostname, although I think it's best to also
make kex->gss_host be allocated rather than relying on sharing memory
with something else. I...
2016 Aug 19
0
[Bug 1008] GSSAPI authentication fails with Round Robin DNS hosts
https://bugzilla.mindrot.org/show_bug.cgi?id=1008
--- Comment #17 from Darren Tucker <dtucker at zip.com.au> ---
(In reply to kgizdov from comment #16)
> I hope this helps.
Not really. Those have a lot of other changes (mostly the GSSAPI key
exchange support) and it still uses get_canonical_hostname() which is
currently not available in the client.
According to Damien reasoning behind moving get_canonical_hostname was
to remove anything that maintained state from canohost.c to make more
useable in library code. We'll have a look at making it available in
the client somehow.
--
You are...