Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-03-18 | Improve address logging on early exit messages (#83) | Kevin Darbyshire-Bryant | |
Change 'Early exit' and 'Exit before auth' messages to include the IP address & port as part of the message. This allows log scanning utilities such as 'fail2ban' to obtain the offending IP address as part of the failure event instead of extracting the PID from the message and then scanning the log again for match 'child connection from' messages Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> | |||
2019-03-20 | Support servers without multiple user support (#76) | Patrick Stewart | |
2018-11-05 | - Add adaptive authentication failure delay | Matt Johnston | |
- Rework monotonic_now/gettime_wrapper and use clock_gettime on more platforms | |||
2018-08-23 | Merge bugfix delay invalid users | Matt Johnston | |
2018-08-23 | Wait to fail invalid usernames | Matt Johnston | |
2018-02-28 | merge from main | Matt Johnston | |
--HG-- branch : fuzz | |||
2018-02-28 | clean some fuzzing conditionals | Matt Johnston | |
--HG-- branch : fuzz | |||
2018-02-28 | fix #endif (#59) | François Perrad | |
2018-02-28 | fix #endif (#59) | François Perrad | |
2018-02-28 | - #if not #ifdef for DROPBEAR_FUZZ | Matt Johnston | |
- fix some unused variables --HG-- branch : fuzz | |||
2018-02-28 | merge from main | Matt Johnston | |
--HG-- branch : fuzz | |||
2018-02-27 | add guard HAVE_GETGROUPLIST | Matt Johnston | |
2018-02-26 | merge from main | Matt Johnston | |
--HG-- branch : fuzz | |||
2018-02-26 | - Don't try to handle changed usernames | Matt Johnston | |
- Avoid logging repeated failed username messages | |||
2018-02-26 | more linting (#58) | François Perrad | |
* const parameter * fix indentation | |||
2018-02-26 | Fix restricted group code for BSDs, move to separate function | Matt Johnston | |
2018-02-20 | Added the -G option to allow logins only for users that are members of a ↵ | stellarpower | |
certain group. This allows finer control of an instance on who can and cannot login over a certain instance (e.g. password and not key). Needs double-checking and ensuring it meets platform requirements. | |||
2018-02-17 | merge from main | Matt Johnston | |
--HG-- branch : fuzz | |||
2018-01-23 | merge up to date | Matt Johnston | |
--HG-- branch : fuzz | |||
2017-08-19 | Pointer parameter could be declared as pointing to const | Francois Perrad | |
2017-06-30 | fix DROBPEAR_FUZZ auth delay | Matt Johnston | |
--HG-- branch : fuzz | |||
2017-06-25 | dropbear server: support -T max auth tries | Kevin Darbyshire-Bryant | |
Add support for '-T n' for a run-time specification for maximum number of authentication attempts where 'n' is between 1 and compile time option MAX_AUTH_TRIES. A default number of tries can be specified at compile time using 'DEFAULT_AUTH_TRIES' which itself defaults to MAX_AUTH_TRIES for backwards compatibility. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk> | |||
2017-05-18 | merge main to fuzz | Matt Johnston | |
--HG-- branch : fuzz | |||
2017-05-13 | fuzz harness | Matt Johnston | |
--HG-- branch : fuzz | |||
2017-05-12 | copy over some fuzzing code from AFL branch | Matt Johnston | |
--HG-- branch : fuzz | |||
2016-05-04 | Convert #ifdef to #if, other build changes | Matt Johnston | |
2016-03-16 | fix empty C prototypes | Francois Perrad | |
2015-08-03 | Fix problem where auth timeout wasn't checked when waiting for ident | Matt Johnston | |
2015-06-04 | buf_getstring and buf_putstring now use non-unsigned char* | Matt Johnston | |
2015-05-05 | Turn username, servicename and methodname local variables into char * | Gaël PORTAY | |
Changing checkusername()'s username argument into char * as well. | |||
2015-05-05 | Fix pointer differ in signess warnings [-Werror=pointer-sign] | Gaël PORTAY | |
2014-07-09 | Fix auth timeout regression | Matt Johnston | |
2013-11-14 | rename random.h to dbrandom.h since some OSes have a system random.h | Matt Johnston | |
--HG-- rename : random.c => dbrandom.c rename : random.h => dbrandom.h | |||
2013-11-12 | Various cleanups and fixes for warnings | Matt Johnston | |
--HG-- branch : ecc | |||
2013-10-18 | Merge in changes from the past couple of releases | Matt Johnston | |
--HG-- branch : ecc | |||
2013-10-03 | Send PAM error messages as a banner messages | Matt Johnston | |
Patch from Martin Donnelly, modified. | |||
2013-05-26 | improve auth failure delays to avoid indicating which users exist | Matt Johnston | |
2013-05-21 | merge in HEAD | Matt Johnston | |
--HG-- branch : ecc | |||
2013-04-17 | If running as non-root only allow that user to log in | Matt Johnston | |
2013-04-08 | - Fix various hardcoded uses of SHA1 | Matt Johnston | |
- rename curves to nistp256 etc - fix svr-auth.c TRACE problem --HG-- branch : ecc | |||
2013-04-07 | ecc kind of works, needs fixing/testing | Matt Johnston | |
--HG-- branch : ecc | |||
2013-02-12 | Allow configuring "allow blank password option" at runtime | Paul Eggleton | |
Changes this from a compile-time switch to a command-line option. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> | |||
2012-05-09 | Don't TRACE() the pw_passwd | Matt Johnston | |
2012-05-09 | Fix empty password immediate login | Matt Johnston | |
2012-05-09 | Return immediate success for blank passwords if allowed | Matt Johnston | |
2011-10-26 | - Add ALLOW_BLANK_PASSWORD option | Matt Johnston | |
- Don't reject blank-password logins via public key --HG-- extra : convert_revision : 2d4bb3ecb013a7be47a7b470fc6b23e653a43dfb | |||
2011-02-23 | Improve capitalisation for all logged strings | Matt Johnston | |
--HG-- extra : convert_revision : 997e53cec7a9efb7413ac6e17b6be60a5597bd2e | |||
2009-09-08 | - Test for pam_fail_delay() function in configure | Matt Johnston | |
- Recognise "username:" as a PAM prompt - Add some randomness to the auth-failure delay - Fix wrongly committed options.h/debug.h --HG-- extra : convert_revision : f242f0e66fb0ea5d3b374995d2f548d37dd8f3a3 | |||
2008-09-29 | Add support for zlib@openssh.com delayed compression. | Matt Johnston | |
Are still advertising 'zlib' for the server, need to allow delayed-only as an option --HG-- extra : convert_revision : 319df675cc3c9b35a10b7d8357c94f33fdab1a46 | |||
2008-09-15 | - "-J 'nc localhost 22'" kind of works, needs fixing hostkeys, ptys etc. | Matt Johnston | |
--HG-- extra : convert_revision : 45069dd007ebf414330e0a7abf4fb7e0727049c3 |