summaryrefslogtreecommitdiff
path: root/cli-auth.c
Commit message (Collapse)AuthorAgeFilesLines
* Fix -q to hide the bannerMatt Johnston2022-04-011-0/+5
| | | | Got lost merging the DEBUG/TRACE level patch
* changed TRACE to DEBUG1 for dbclientHansH1112022-03-191-22/+21
|
* only show banner when cli_opts.quiet is not setHansH1112022-03-131-20/+21
|
* added option to disable trivial auth methods (#128)Manfred Kaiser2021-08-191-0/+3
| | | | | | | | * added option to disable trivial auth methods * rename argument to match with other ssh clients * fixed trivial auth detection for pubkeys
* Remove unused cli_authinitialiseMatt Johnston2020-12-031-6/+0
|
* rename some options and move some to sysoptions.hMatt Johnston2018-02-181-2/+2
|
* options: Complete the transition to numeric toggles (`#if')Michael Witten2017-07-201-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For the sake of review, this commit alters only the code; the affiliated comments within the source files also need to be updated, but doing so now would obscure the operational changes that have been made here. * All on/off options have been switched to the numeric `#if' variant; that is the only way to make this `default_options.h.in' thing work in a reasonable manner. * There is now some very minor compile-time checking of the user's choice of options. * NO_FAST_EXPTMOD doesn't seem to be used, so it has been removed. * ENABLE_USER_ALGO_LIST was supposed to be renamed DROPBEAR_USER_ALGO_LIST, and this commit completes that work. * DROPBEAR_FUZZ seems to be a relatively new, as-yet undocumented option, which was added by the following commit: commit 6e0b539e9ca0b5628c6c5a3d118ad6a2e79e8039 Author: Matt Johnston <matt@ucc.asn.au> Date: Tue May 23 22:29:21 2017 +0800 split out checkpubkey_line() separately It has now been added to `sysoptions.h' and defined as `0' by default. * The configuration option `DROPBEAR_PASSWORD_ENV' is no longer listed in `default_options.h.in'; it is no longer meant to be set by the user, and is instead left to be defined in `sysoptions.h' (where it was already being defined) as merely the name of the environment variable in question: DROPBEAR_PASSWORD To enable or disable use of that environment variable, the user must now toggle `DROPBEAR_USE_DROPBEAR_PASSWORD'. * The sFTP support is now toggled by setting `DROPBEAR_SFTPSERVER', and the path of the sFTP server program is set independently through the usual SFTPSERVER_PATH.
* Pointer parameter could be declared as pointing to constFrancois Perrad2017-08-191-1/+1
|
* message about truncated bannerMatt Johnston2016-05-041-15/+19
|
* Convert #ifdef to #if, other build changesMatt Johnston2016-05-041-14/+14
|
* refactor indentation with hard tabFrancois Perrad2015-12-311-6/+6
|
* avoid getpass when not usedMike Frysinger2015-10-211-0/+2
| | | | | | | | some systems (like android's bionic) do not provide getpass. you can disable ENABLE_CLI_PASSWORD_AUTH & ENABLE_CLI_INTERACT_AUTH to avoid its use (and rely on pubkey auth), but the link still fails because the support file calls getpass. do not define this func if both of those auth methods are not used.
* buf_getstring and buf_putstring now use non-unsigned char*Matt Johnston2015-06-041-5/+5
|
* Turn banner, methods and tok local variable into char *Ga?l PORTAY2015-05-021-5/+5
|
* Fix pointer differ in signess warnings [-Werror=pointer-sign]Ga?l PORTAY2015-05-021-3/+3
|
* Fix pubkey auth if the first key presented fails (infinite loop ofMatt Johnston2014-04-231-5/+5
| | | | auth requests). Regresssion in ff597bf2cfb0
* Disable immediate auth for delayed-zlib modeMatt Johnston2014-02-151-8/+16
|
* DROPBEAR_CLI_AUTH_IMMEDIATE fixed, now enabled by defaultMatt Johnston2014-01-171-26/+44
|
* Be a bit more careful about when we want to use CLI_AUTH_IMMEDIATEMatt Johnston2013-04-021-23/+31
| | | | Only use it if we have pubkeys to try, or we have $DROPBEAR_PASSWORD set
* Try password before interactive - bit of a hackMatt Johnston2013-04-011-10/+10
|
* Send an auth packet straight away, save another roundtripMatt Johnston2013-03-311-4/+5
| | | | This needs a bit of testing to make sure it doesn't have side-effects.
* - Only request "none" cipher after auth has succeededinsecure-nocryptoMatt Johnston2012-05-171-10/+2
|
* Add ALLOW_NONE_PASSWORD_AUTH optionMatt Johnston2012-05-171-2/+8
|
* Update insecure-nocrypto to current headMatt Johnston2012-05-161-2/+8
|\
| * propagate from branch 'au.asn.ucc.matt.dropbear' (head ↵Matt Johnston2008-11-061-2/+8
| |\ | | | | | | | | | | | | | | | cdcc3c729e29544e8b98a408e2dc60e4483dfd2a) to branch 'au.asn.ucc.matt.dropbear.insecure-nocrypto' (head 0ca38a1cf349f7426ac9de34ebe4c3e3735effab)
| | * propagate from branch 'au.asn.ucc.matt.dropbear' (head ↵Matt Johnston2006-03-101-2/+8
| | |\ | | | | | | | | | | | | | | | | | | | | 7ad1775ed65e75dbece27fe6b65bf1a234db386a) to branch 'au.asn.ucc.matt.dropbear.insecure-nocrypto' (head 88ed2b94d9bfec9a4f661caf592ed01da5eb3b6a)
| | | * - a hack for grahame to run dropbear with "none" cipher.Matt Johnston2005-09-231-2/+8
| | | | | | | | | | | | | | | | | | | | DO NOT USE IF YOU DON'T KNOW THE CONSEQUENCES Here is your noose. Use it wisely.
* | | | - Client auth using an agent's key works. Still need to implement clientMatt Johnston2009-07-061-0/+4
| | | | | | | | | | | | | | | | agent forwarding.
* | | | - Print banner to stderr. Probably the right way, and avoidsMatt Johnston2009-06-161-1/+1
|/ / / | | | | | | | | | bad interactions with multihop or netcat-alike mode.
* | | Add support for zlib@openssh.com delayed compression.Matt Johnston2008-09-291-0/+2
| | | | | | | | | | | | | | | Are still advertising 'zlib' for the server, need to allow delayed-only as an option
* | | Allow reading dbclient password from an environment varMatt Johnston2007-03-171-0/+9
| | |
* | | Make the dbclient password prompt more usefulMatt Johnston2006-06-121-2/+2
| | |
* | | Some cleanups/fixes for various TRACE statementsMatt Johnston2006-03-251-1/+1
|/ /
* | Cancel a dbclient password prompt if the user presses ctrl-c.Matt Johnston2006-01-151-0/+15
|/ | | | Enter still has to be pressed since glibc blocks ctrl-c in getpass()
* added keyboard-interactive client supportMatt Johnston2005-09-201-5/+73
|
* * fix longstanding bug with connections being closed on failure toMatt Johnston2005-03-131-1/+1
| | | | | | | connect to auth socket (server) * differentiate between get_byte and get_bool * get rid of some // comments * general tidying
* Fixed DEBUG_TRACE macro so that we don't get semicolons left about the placeMatt Johnston2005-01-021-15/+15
|
* Leak found with MallocDebug - it's kinda usefulMatt Johnston2004-08-301-0/+2
|
* License boilerplate etc, add Mihnea as an author to some of the filesMatt Johnston2004-08-141-0/+25
|
* cleaning up the pubkey definesMatt Johnston2004-08-121-5/+5
|
* Pubkey auth is mostly there for the client. Something strange withMatt Johnston2004-08-031-3/+16
| | | | remote hostkey verification though.
* Banner printingMatt Johnston2004-08-021-0/+42
|
* - Added terminal mode handling etc for the client, and window changeMatt Johnston2004-08-011-0/+2
| | | | | - Refactored the terminal-mode handling for the server - Improved session closing for the client
* we're nearly there yetMatt Johnston2004-07-301-0/+1
|
* set the isserver flag (oops)Matt Johnston2004-07-291-23/+2
| | | | fix password auth for the server
* Client mostly works up to password authMatt Johnston2004-07-281-5/+5
| | | | Need to rework algo-choosing etc, since server is now broken.
* Progressing client supportMatt Johnston2004-07-271-0/+148
View Lorry Controller Status