-
Notifications
You must be signed in to change notification settings - Fork 22
/
ChangeLog
373 lines (255 loc) · 12.3 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
Version 1.97 released
=====================
2009-04-11 Wolfgang Rosenauer
* pam_get_pass.c: CVE-2009-1273
pam_ssh used a certain prompt if a user found to exist to ask
for the SSH passphrase explicitely depending on whether the
username was valid or invalid, which made it easier for remote
attackers to enumerate usernames.
**********************************************************************
* The pam_ssh maintained on Novell's DeveloperNet got merged back *
* to SourceForge with Version 1.96 and syncs both up to the same *
* level. The DeveloperNet version isn't going to maintained further *
* http://developer.novell.com/wiki/index.php/Pam_ssh *
**********************************************************************
Version 1.96 released (Novell DeveloperNet)
=====================
2007-08-03 Wolfgang Rosenauer (merged from SF.net Andrew J. Korty <[email protected]>)
* pam_ssh.c (key_load_private_maybe): New wrapper for
key_load_private() that checks whether the private key's
passphrase is blank. If so and if allow_blank_passphrase isn't set
or the user supplied passphrase isn't empty, this function returns
NULL. This approach is necessary because key_load_private() will
load a key with a blank passphrase regardless of the passphrase
entered. Thanks to Rob Henderson for the report.
Version 1.95 released (Novell DeveloperNet)
=====================
2007-04-02 Wolfgang Rosenauer
* pam_ssh.c: if PAM returns tty_raw = NULL we shouldn't fiddle
with a per-session file. That seems to happen if the session
module is used for background system services (like cron).
https://bugzilla.novell.com/show_bug.cgi?id=251053
2006-11-24 Wolfgang Rosenauer
* pam_ssh.c: fixed double-free issue with file closing
https://bugzilla.novell.com/show_bug.cgi?id=223488
(patch by Reinhard Max)
Version 1.94 released (Novell DeveloperNet)
=====================
2006-08-03 Wolfgang Rosenauer
* pam_ssh.c: fixed some debug output, create the agent file
writable for the user to be able to recover from a system crash
and fixed a missing credential restore which caused pam to fail
for following modules in error case
Version 1.93 released (Novell DeveloperNet)
=====================
2006-06-24 Wolfgang Rosenauer
* pam_ssh.c, pam_ssh.8: nullok option to allow blank passphrases
replaces allow_blank_passphrases (which is still available for
compat reasons)
* pam_ssh.c, pam_std_option.c, pam_ssh_log.c, pam_ssh_log.h:
fixed logging and separated into a logging module
PAM option 'debug' is supported now
added more syslog output in debug mode
* pam_ssh.c: we should be able to recover now correctly after system
crashes where we are not able to run the close_session using
the machine's uptime
Version 1.92 released (Novell DeveloperNet)
=====================
2006-05-31 Wolfgang Rosenauer
* cipher.c, openpam_borrow_cred.c, openpam_restore_cred.c, pam_ssh.c:
added some needed includes
* pam_ssh.c: don't rely on authentication for the session functions
and don't save the passwd entry for them
Version 1.92 released (SourceForge)
=====================
2007-02-06 Andrew J. Korty <[email protected]>
* pam_ssh.c (key_load_private_maybe): New wrapper for
key_load_private() that checks whether the private key's
passphrase is blank. If so and if allow_blank_passphrase is set,
this function returns NULL. This approach is necessary because
key_load_private() will load a key with a blank passphrase
regardless of the passphrase entered. Thanks to Rob Henderson for
the report.
Version 1.91 released
=====================
2004-04-12 Andrew J. Korty <[email protected]>
* pam_ssh.spec: Updated for use with Fedora Core 2 Test. Thanks
to Patrice Dumas.
* pam_ssh.c (pam_sm_authenticate): We probably shouldn't allow
blank passphrases by default. Add option allow_blank_passphrase
to re-enable them. Thanks to red0x for the suggestion.
Version 1.9 released
====================
2004-02-20 Andrew J. Korty <[email protected]>
* cipher-3des.c, cipher-bf1.c, cipher-ctr.c, strnvis.c: Include
<sys/types.h> and <limits.h> in various places to appease FreeBSD.
* pam_ssh.spec (Version): Bump.
* acinclude.m4: Use AC_REPLACE_FUNCS to provide OpenPAM cred
functions.
* strnvis.c, strnvis.h, vis.c, vis.h: Rename vis -> strnvis so
AC_REPLACE_FUNCS will pick it up.
* pam_ssh.c (pam_sm_authenticate): Simplify conditional
complication for code that gets passphrase.
* Makefile.am (pam_ssh_la_SOURCES): Move header files for
replacement functions to EXTRA_pam_ssh_la_SOURCES.
* configure.ac: Use AC_REPLACE_FUNCS to provide strnvis if needed.
* log.c: Include the right header for strnvis().
* Makefile.am (EXTRA_DIST): Add bootstrap.sh and pam_test.c.
2004-02-19 Andrew J. Korty <[email protected]>
* pam_test.c: Test dlopening pam_ssh.so and print any resulting
error messages.
* pam.conf.example: Example PAM configuration.
* pam_ssh.c (add_keys, auth_via_key, pam_sm_authenticate): Improve
integer handling.
* ltconfig: Deleted this file because -avoid-version is all we
need.
* atomicio.c, authfd.c, authfile.c, bufaux.c, buffer.c, cipher.c,
cipher-3des1.c, cipher-bf1.c, cipher-ctr.c, key.c, log.c,
openpam_borrow_cred.c, openpam_restore_cred.c, pam_get_pass.c,
pam_ssh.c, pam_std_option.c, vis.c, xmalloc.c: Use autoheader.
* atomicio.c, atomicio.h, authfd.c, authfd.h, authfile.c,
authfile.h, bufaux.c, buffer.c, buffer.h, cipher.c,
cipher-3des1.c, cipher-bf1.c, cipher-ctr.c, kex.h, key.c, key.h,
log.c, log.h, rijndael.c rijndael.h, vis.c, vis.h, xmalloc.c,
xmalloc.h: Updated to OpenSSH 3.7.1p2.
* Makefile.am: Use -avoid-version flag to suppress version numbers
on installed module. Add more source files from OpenSSH.
* openpam_restore_cred.c (openpam_restore_cred), pam_ssh.c: Use
some voodoo to suppress strict aliasing warnings.
* acinclude.m4: Link against pam_misc if necessary. Square
brackets in AC_CHECK_LIB clauses avoid syntax error when running
configure. Use full options to AC_DEFINE to make autoheader
happy.
* configure.ac: Use autoheader. Update with autoupdate. Bump
version number. Check for strnvis() and vis.h.
* bootstrap.sh: Script to bootstrap configure.ac and friends.
Version 1.8 released
====================
2002-12-04 Andrew J. Korty <[email protected]>
* pam_ssh.c: Add NAI copyright message, which was always there in
the manual page but omitted from this source file. When the
OpenPAM support code was introduced, we credited the FreeBSD
project in general. Specifically, Dag-Erling Smorgrav developed
this code with funding from NAI and DARPA.
2002-11-05 Michael Kiernan
* pam_ssh.c, configure.ac: Use fork() instead of vfork(), which
doesn't like us to call anything before execve() on some systems.
2002-11-04 Patrice Dumas
* Makefile.am: Add new files to SOURCES.
2002-11-04 Andrew J. Korty <[email protected]>
* log.h: Define function name macros for systems that don't have them.
2002-11-04 Michael Kiernan
* pam_ssh.c: System V won't let us use setuid() unless euid == 0,
so we temporarily regain root privileges first with
openpam_restore_cred() (which calls seteuid()).
2002-10-30 Andrew J. Korty <[email protected]>
* pam_ssh.c: Change real user ID to that of user before executing
ssh-agent. ssh-agent in OpenSSH 3.5 doesn't like the real and
effective user IDs to be different but doesn't treat the error as
fatal and keeps on running in a weird state.
2002-09-23 Andrew J. Korty <[email protected]>
* pam_ssh.c: Prepare options parsing code for when we have more
than one custom option.
* authfd.c, strlcpy.h, xmalloc.c: Include strlcpy() declaration on
platforms that don't have it.
* acinclude.m4, openpam_cred.h, pam_ssh.c: Portability changes.
* pam_ssh.h: Obsoleted--moved into pam_ssh.c.
2002-09-23 Patrice DUMAS
* pam_ssh.spec: Adjust to work with new install target (which uses
libtool).
2002-09-23 Andrew J. Korty <[email protected]>
* Makefile.am, acinclude.m4, configure.ac, openpam_borrow_cred.c,
openpam_cred.h, openpam_restore_cred.c, pam_get_pass.c,
pam_get_pass.h, pam_option.h, pam_opttab.h, pam_ssh.c,
pam_std_option.c: Now builds and seems to work on Mac OS X.
2002-09-13 Andrew J. Korty <[email protected]>
* Makefile.am, configure.ac, ltconfig: Let libtool install the PAM
module.
2002-09-12 Andrew J. Korty <[email protected]>
* Makefile.am, acinclude.m4, openpam_borrow_cred.c,
openpam_restore_cred.c, pam_get_pass.c, pam_ssh.c,
pam_std_option.c, pam_test_option.c: Minor changes for Mac OS X
compatibility (support for Mac OS X still doesn't quite work).
2002-09-09 Andrew J. Korty <[email protected]>
* pam_ssh.c: Try to stay on borrowed creds as long as possible.
2002-09-01 Andrew J. Korty <[email protected]>
* pam_ssh.c: Make the agent only produce Bourne-style shell
commands. Unfortunately that makes the environment file useless
for users of other csh-style shells, but since we're parsing the
file now, we need it to be consistent. Maybe we should learn how
to parse either file, or to translate the commands into those
appropriate for the user's shell.
2002-08-22 Patrice DUMAS
* Makefile.am, pam_ssh.spec: RPM specfile.
2002-08-14 Patrice DUMAS
* pam_ssh.c: Do the fork/exec ourselves instead of calling
popen().
2002-08-11 Roderick Schertler
* pam_ssh.8: Document the "keyfiles" option.
* pam_ssh.c: Check strdup() return values and avoid errno when it
can't be trusted). Also, don't use openpam_log() even if its
available.
2002-08-10 Roderick Schertler
* pam_ssh.c: Two bug fixes: handle asprintf error values correctly
and substitute for slashes in tty names when creating the agent
environment file.
Version 1.7 released
====================
2002-08-09 Andrew J. Korty <[email protected]>
* authfd.c, authfd.h, authfile.c, authfile.h bufaux.c, bufaux.h,
buffer.c, buffer.h, cipher.c, cipher.h, getput.h, kex.h, key.c,
key.h, log.c, log.h, pam_ssh.c, rijndael.c, rijndael.h: Import
changes from OpenSSH 3.4p1.
* pam_ssh.c: Import changes from FreeBSD: remove extraneous
free()s, add __unused qualifiers, add support for OpenPAM, add
support for pam_std_option(). Retire old options mechanism.
* pam_std_option.c: Import from FreeBSD for platforms that need
it.
* pam_get_pass.c, pam_mod_misc.h: Imported changes from FreeBSD.
* openpam_borrow_cred.c, openpam_restore_cred.c: Imported from
FreeBSD--use these functions for dropping and restoring
privileges.
* acinclude.m4: Provide pam_std_option() if needed.
* Makefile.am, acinclude.m4: Support modern versions of automake
and autoconf.
2002-04-09 Andrew J. Korty <[email protected]>
* pam_ssh.h: FreeBSD changed the keyfile separator to ",". I
don't know why they did this, but I don't really care, so I'll
change it too to remain consistent.
* pam_ssh.8: Import of manual page from FreeBSD.
* pam_ssh.c: Import changes from FreeBSD--mostly bugfixes. Define
null PAM methods for phases we don't support. Also, avoid freeing
data referenced by PAM--thanks to Michael Tokarev and Thomas
Moestl for pointing out this bug.
2002-04-07 Andrew J. Korty <[email protected]>
* Makefile: Makefile is no longer needed--we use Autoconf and
Automake.
* pam_get_pass.c, pam_mod_misc.h, strlcpy.c: Provided for systems
which lack these facilities.
* acinclude.m4: Our own M4 macros for Autoconf. Just one macro
for checking PAM, actually.
* Makefile.am, configure.in: Input files for Automake and
Autoconf.
* AUTHORS, COPYING, INSTALL, README: Documentation files required
by GNU Coding Standards.
* pam_ssh.h: Add copyright notice.
* pam_ssh.c: For portability, check for existence of certain
header files and macros before trying to use them.
Version 1.6 released
====================
2001-08-19 Andrew J. Korty <[email protected]>
* authfd.c: Remove code that dealt with environment variables
(obsoleted by argument passing) which had previously been ifdeffed
out.
* pam_ssh.c, pam_ssh.h: Added keyfiles option to specify which key
files to use for authentication. Only these keys will be given to
the agent in the session phase.
* log-client.c, log-client.h: Removed--moved functionality into
log.c and log.h.
* authfd.c, authfd.h, authfile.c, authfile.h, cipher.c, key.c,
key.h, log.c, log.h, rijndael.c, rijndael.h, xmalloc.c: Updated
OpenSSH files to version 2.9p2.
2001-08-19 Andrew J. Korty <[email protected]>
* pam_ssh.c: Only start one agent per user per host. Thanks to
[email protected] for the idea. Keep a reference count by hard
linking files to the env file.