similar to: [PATCH] auth2-chall: Fix selection of the keyboard-interactive device

From: Marco Trevisan (Trevi?o) <mail at 3v1n0.net> kbdint result vfunc may return various values, so use an enum to make it clearer what each result means without having to dig into the struct documentation. --- auth-bsdauth.c | 2 +- auth-pam.c | 10 +++++----- auth.h | 5 +++++ auth2-chall.c | 4 ++-- 4 files changed, 13 insertions(+), 8 deletions(-) diff --git

From: "Marco Trevisan" <marco at ubuntu.com> This serie of patches have been already submitted via [1], but i'm sending them again to the ML, to see if they can get some more traction. The patches are already part of Ubuntu openssh since 24.04, and they basically allow proper immediate instruction reporting to clients using PAM (as per RFC4256). This follows the approach

If the info_response code is going to test that the # of responses is < 100, then the info_request code should check that < 100 prompts are sent. It would be rude to send 101 prompts and then fail when the responses come back. I actually think the test should be removed altogether, the limit seems quite arbitrary, but here is a patch to not send > 100 prompts. With this patch, the test

I'm trying to understand the code around PAM support in auth2.c and auth2-chall.c. I'm working with the OpenSSH 3.7.1p2 sources on FreeBSD 4.x. The scenario I'm trying to make work is SSH login to a captive accout for users in a RADIUS database but whose login does not appear in /etc/passwd or getpwnam(). I understand that if the username is not found in getpwnam(), then the

https://bugzilla.mindrot.org/show_bug.cgi?id=2410 Bug ID: 2410 Summary: auth-chall.c - "<stdarg.h>" #included twice Product: Portable OpenSSH Version: 6.8p1 Hardware: Other OS: Other Status: NEW Severity: enhancement Priority: P5 Component: Miscellaneous

On Thu, Feb 13, 2025 at 05:45:47PM +0100, Marco Trevisan wrote: > From: Marco Trevisan (Trevi?o) <mail at 3v1n0.net> > > PAM modules can change the user during their execution, in such case ssh > would still use the user that has been provided giving potentially > access to another user with the credentials of another one. > > So prevent this to happen, by ensuring

Hello all, during tests of my SecurID patch I found a small mistake (maybe) in initialization of kbd-int devices. When kbdintctxt->device->init_ctx(authctxt) returns NULL whole challenge response authentication is stopped regardless availability of next devices. Small patch solving this situation is attached. ____________________________________________________________ Vyzkou?ejte pohodl?

From: Marco Trevisan (Trevi?o) <mail at 3v1n0.net> PAM modules can change the user during their execution, in such case ssh would still use the user that has been provided giving potentially access to another user with the credentials of another one. So prevent this to happen, by ensuring that the final PAM user is matching the one that initiated the transaction. See also:

From: Marco Trevisan (Trevi?o) <mail at 3v1n0.net> Makes things more readable and easier to extend --- auth-pam.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/auth-pam.c b/auth-pam.c index 5dfa69202..ba01dfb0c 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -132,11 +132,16 @@ typedef pid_t sp_pthread_t; #define pthread_join fake_pthread_join #endif

From: Marco Trevisan (Trevi?o) <mail at 3v1n0.net> --- auth-pam.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/auth-pam.c b/auth-pam.c index ba01dfb0c..932c7e1e2 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -446,6 +446,9 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg, break; case PAM_ERROR_MSG: case PAM_TEXT_INFO: + debug3("PAM: Got message of

From: Marco Trevisan (Trevi?o) <mail at 3v1n0.net> Info messages that are coming from the server aren't properly escaping sequences they contains, leading to messages not being properly rendered by the client. So for example a message containing "\" was represented as "\\" and similarly for all the other C escape sequences. This was leading to more problems when it

As posted, here is an updated patch which allows openssh to be built with non-selinux config. (Hi openssh guys, forwarding this to you incase you interested including it into the devel version of openssh. Please let us know if you have any suggestions or changes that need to be made) Regards Nigel Kukard On Thu, Sep 02, 2004 at 04:11:54PM -0400, Daniel J Walsh wrote: > New SSH patch. >

1. Versions affected: All versions of OpenSSH's sshd between 2.9.9 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. OpenSSH 3.4 and later are not affected. OpenSSH 3.2 and later prevent privilege escalation if UsePrivilegeSeparation is enabled in sshd_config. OpenSSH 3.3 enables

This is the 2nd revision of the Advisory. 1. Versions affected: Serveral versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. All versions between 2.3.1 and 3.3 contain a bug in the PAMAuthenticationViaKbdInt code. All versions between 2.9.9 and 3.3

This is the 2nd revision of the Advisory. 1. Versions affected: Serveral versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. All versions between 2.3.1 and 3.3 contain a bug in the PAMAuthenticationViaKbdInt code. All versions between 2.9.9 and 3.3

1. Versions affected: All versions of OpenSSH's sshd between 2.9.9 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. OpenSSH 3.4 and later are not affected. OpenSSH 3.2 and later prevent privilege escalation if UsePrivilegeSeparation is enabled in sshd_config. OpenSSH 3.3 enables

Hi, We have updated our TIS authserv support patch for OpenSSH 2.5.1p2. You'll find it attached to my message. -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1 -------------- next part -------------- diff -urN openssh-2.5.1p2/Makefile.in openssh-2.5.1p2-tis/Makefile.in --- openssh-2.5.1p2/Makefile.in Sun Feb 18 20:13:33 2001 +++

I redid my previous OPIE patch for the current ssh tree. It seems to work fine here, and I'ld love to see it merged before the 3.0 release. Wichert. diff -x CVS -wNur ../cvs/other/openssh_cvs/Makefile.in openssh_cvs/Makefile.in --- ../cvs/other/openssh_cvs/Makefile.in Mon Oct 22 02:53:59 2001 +++ openssh_cvs/Makefile.in Sun Nov 4 01:18:19 2001 @@ -50,7 +50,7 @@ SSHOBJS= ssh.o

I just cobbled up a little patch to add support for OPIE to OpenSSH. Currently untested, but feedback is welcome. Wichert. -- _________________________________________________________________ / Nothing is fool-proof to a sufficiently talented fool \ | wichert at cistron.nl http://www.liacs.nl/~wichert/ | | 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0 2805 3CB8 9250

This is the 4th revision of the Advisory. This document can be found at: http://www.openssh.com/txt/preauth.adv 1. Versions affected: Serveral versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. All versions between 2.3.1 and 3.3 contain a bug in the