changeset | 8dc43b30c6bf |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Define _GNU_SOURCE properly, other header fixes This lets -std=c89 build for gcc 8.4.0 |
files |
changeset | 7c17995bcdfb |
---|---|
branch | |
bookmark | |
tag | |
user | Kevin Darbyshire-Bryant <6500011+ldir-EDB0@users.noreply.github.com> |
description | Improve address logging on early exit messages (#83) Change 'Early exit' and 'Exit before auth' messages to include the IP address & port as part of the message. This allows log scanning utilities such as 'fail2ban' to obtain the offending IP address as part of the failure event instead of extracting the PID from the message and then scanning the log again for match 'child connection from' messages Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> |
files |
changeset | 592a18dac250 |
---|---|
branch | |
bookmark | |
tag | |
user | Patrick Stewart <patstew@gmail.com> |
description | Support servers without multiple user support (#76) |
files |
changeset | e11ed628708b |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | - Add adaptive authentication failure delay - Rework monotonic_now/gettime_wrapper and use clock_gettime on more platforms |
files |
changeset | 1fbe598a14fb |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Merge bugfix delay invalid users |
files |
changeset | 5d2d1021ca00 |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Wait to fail invalid usernames |
files |
changeset | 768ebf737aa0 |
---|---|
branch | fuzz |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | merge from main |
files |
changeset | 02b226c2675e |
---|---|
branch | fuzz |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | clean some fuzzing conditionals |
files |
changeset | f5026f7486de |
---|---|
branch | |
bookmark | |
tag | |
user | François Perrad <francois.perrad@gadz.org> |
description | fix #endif (#59) |
files |
changeset | 2f64cb3d3007 |
---|---|
branch | fuzz |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | - #if not #ifdef for DROPBEAR_FUZZ - fix some unused variables |
files |
changeset | 61a793b6e471 |
---|---|
branch | fuzz |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | merge from main |
files |
changeset | 1acbdf64088e |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | add guard HAVE_GETGROUPLIST |
files |
changeset | bb8eaa26bc93 |
---|---|
branch | fuzz |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | merge from main |
files |
changeset | 51df3d53b050 |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | - Don't try to handle changed usernames - Avoid logging repeated failed username messages |
files |
changeset | f20038b513a5 |
---|---|
branch | |
bookmark | |
tag | |
user | François Perrad <francois.perrad@gadz.org> |
description | more linting (#58) * const parameter * fix indentation |
files |
changeset | 6a83b1944432 |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Fix restricted group code for BSDs, move to separate function |
files |
changeset | ed930fd6f60f |
---|---|
branch | |
bookmark | |
tag | |
user | stellarpower <stellarpower@googlemail.com> |
description | Added the -G option to allow logins only for users that are members of a certain group. This allows finer control of an instance on who can and cannot login over a certain instance (e.g. password and not key). Needs double-checking and ensuring it meets platform requirements. |
files |
changeset | 5916af64acd4 |
---|---|
branch | fuzz |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | merge from main |
files |
changeset | 06d52bcb8094 |
---|---|
branch | |
bookmark | |
tag | |
user | Francois Perrad <francois.perrad@gadz.org> |
description | Pointer parameter could be declared as pointing to const |
files |
changeset | 4afde04f0607 |
---|---|
branch | fuzz |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | merge up to date |
files |
changeset | ea150e3e95a6 |
---|---|
branch | fuzz |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | fix DROBPEAR_FUZZ auth delay |
files |
changeset | 517c67cbcd31 |
---|---|
branch | |
bookmark | |
tag | |
user | Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk> |
description | dropbear server: support -T max auth tries Add support for '-T n' for a run-time specification for maximum number of authentication attempts where 'n' is between 1 and compile time option MAX_AUTH_TRIES. A default number of tries can be specified at compile time using 'DEFAULT_AUTH_TRIES' which itself defaults to MAX_AUTH_TRIES for backwards compatibility. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk> |
files |
changeset | 3fdd8c5a0195 |
---|---|
branch | fuzz |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | merge main to fuzz |
files |
changeset | 5c2899e35b63 |
---|---|
branch | fuzz |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | fuzz harness |
files |
changeset | b28624698130 |
---|---|
branch | fuzz |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | copy over some fuzzing code from AFL branch |
files |
changeset | 750ec4ec4cbe |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Convert #ifdef to #if, other build changes |
files |
changeset | 9169e4e7cbee |
---|---|
branch | |
bookmark | |
tag | |
user | Francois Perrad <francois.perrad@gadz.org> |
description | fix empty C prototypes |
files |
changeset | 43a8ea69b24c |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Fix problem where auth timeout wasn't checked when waiting for ident |
files |
changeset | aaf576b27a10 |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Merge pull request #13 from gazoo74/fix-warnings Fix warnings |
files |
changeset | 7b84c3492a95 |
---|---|
branch | |
bookmark | |
tag | |
user | Gaël PORTAY <gael.portay@gmail.com> |
description | Turn username, servicename and methodname local variables into char * Changing checkusername()'s username argument into char * as well. |
files |
changeset | c45d65392c1a |
---|---|
branch | |
bookmark | |
tag | |
user | Gaël PORTAY <gael.portay@gmail.com> |
description | Fix pointer differ in signess warnings [-Werror=pointer-sign] |
files |
changeset | 73ea0dce9a57 |
---|---|
branch | pam |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Merge up to date |
files |
changeset | e9dfb6d15193 |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Fix auth timeout regression |
files |
changeset | bae0b34bc059 |
---|---|
branch | pam |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Better PAM through recursion |
files |
changeset | 220f55d540ae |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | rename random.h to dbrandom.h since some OSes have a system random.h |
files |
changeset | 7540c0822374 |
---|---|
branch | ecc |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Various cleanups and fixes for warnings |
files |
changeset | 4095b6d7c9fc |
---|---|
branch | ecc |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Merge in changes from the past couple of releases |
files |
changeset | 8fe36617bf4e |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Send PAM error messages as a banner messages Patch from Martin Donnelly, modified. |
files |
changeset | d7784616409a |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | improve auth failure delays to avoid indicating which users exist |
files |
changeset | 7dcb46da72d9 |
---|---|
branch | ecc |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | merge in HEAD |
files |
changeset | e0084f136cb8 |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | If running as non-root only allow that user to log in |
files |
changeset | a78a38e402d1 |
---|---|
branch | ecc |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | - Fix various hardcoded uses of SHA1 - rename curves to nistp256 etc - fix svr-auth.c TRACE problem |
files |
changeset | ac2158e3e403 |
---|---|
branch | ecc |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | ecc kind of works, needs fixing/testing |
files |
changeset | c58a15983808 |
---|---|
branch | |
bookmark | |
tag | |
user | Paul Eggleton <paul.eggleton@linux.intel.com> |
description | Allow configuring "allow blank password option" at runtime Changes this from a compile-time switch to a command-line option. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> |
files |
changeset | 6e0899b56ac4 |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Don't TRACE() the pw_passwd |
files |
changeset | 55b84e59aaad |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Fix empty password immediate login |
files |
changeset | 0edf08895a33 |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Return immediate success for blank passwords if allowed |
files |
changeset | d40f3cc47aed |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | - Add ALLOW_BLANK_PASSWORD option - Don't reject blank-password logins via public key |
files |
changeset | a98a2138364a |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Improve capitalisation for all logged strings |
files |
changeset | d3ea8b9672f0 |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | - Test for pam_fail_delay() function in configure - Recognise "username:" as a PAM prompt - Add some randomness to the auth-failure delay - Fix wrongly committed options.h/debug.h |
files |
changeset | d58c478bd399 |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Add support for zlib@openssh.com delayed compression. Are still advertising 'zlib' for the server, need to allow delayed-only as an option |
files |
changeset | 738313e73b1c |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. |
files |
changeset | f33b0898aaa6 |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | fill_passwd() doesn't have a return value |
files |
changeset | 4317be8b7cf9 |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Make a copy of passwd fields since getpwnam()'s retval isn't safe to keep |
files |
changeset | 7e43f5e473b9 |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | - Add -K keepalive flag for dropbear and dbclient - Try to reduce the frequency of select() timeouts - Add a max receive window size of 1MB |
files |
changeset | dc6173e09ff7 |
---|---|
branch | ucc-axis-hack |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | smaller yet again |
files |
changeset | 474c1a700b67 |
---|---|
branch | ucc-axis-hack |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | add inetd server mode |
files |
changeset | 24b19535264b |
---|---|
branch | ucc-axis-hack |
bookmark | |
tag | |
user | matt-ucc@ucc.asn.au |
description | progress for serial logins |
files |
changeset | 973fccb59ea4 |
---|---|
branch | ucc-axis-hack |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | propagate from branch 'au.asn.ucc.matt.dropbear' (head 11034278bd1917bebcbdc69cf53b1891ce9db121) to branch 'au.asn.ucc.matt.dropbear.ucc-axis-hack' (head 10a1f614fec73d0820c3f61160d9db409b9beb46) |
files |
changeset | baea1d43e7eb |
---|---|
branch | |
bookmark | |
tag | |
user | Matt Johnston <matt@ucc.asn.au> |
description | Some cleanups/fixes for various TRACE statements |
files |