Commit Graph

324 Commits

Author SHA1 Message Date
assar
035d7fdde4 This commit was generated by cvs2svn to compensate for changes in r78527,
which included commits to RCS files with non-trunk default branches.
2001-06-21 02:12:07 +00:00
assar
0c8fa35435 import of heimdal 0.3f 2001-06-21 02:12:07 +00:00
assar
7bbbf00611 (do_authloop): handle !KRB4 && KRB5 2001-06-16 07:44:17 +00:00
markm
8ab5b668f0 Unbreak OpenSSH for the KRB5-and-no-KRB4 case. Asking for KRB5 does
not imply that you want, need or have kerberosIV headers.
2001-06-15 08:12:31 +00:00
green
9b4110c5e5 Enable Kerberos 5 support in sshd again. 2001-06-12 03:43:47 +00:00
green
d858193287 Switch to the user's uid before attempting to unlink the auth forwarding
file, nullifying the effects of a race.

Obtained from:	OpenBSD
2001-06-08 22:22:09 +00:00
obrien
d28b3020e0 Fix $FreeBSD$ style committer messed up in rev 1.7 for some reason. 2001-05-24 07:22:08 +00:00
dillon
7c9881bb6d Oops, forgot the 'u' in the getopt for the previous commit. 2001-05-24 00:14:19 +00:00
dillon
43b251fff6 A feature to allow one to telnet to a unix domain socket. (MFC from
non-crypto version)

Also update the crypto telnet's man page to reflect other options
ported from the non-crypto version.

Obtained from:   Lyndon Nerenberg <lyndon@orthanc.ab.ca>
2001-05-23 22:54:07 +00:00
kris
039bdff556 Resolve conflicts 2001-05-20 03:17:35 +00:00
kris
7e2abc47ba This commit was generated by cvs2svn to compensate for changes in r76866,
which included commits to RCS files with non-trunk default branches.
2001-05-20 03:07:21 +00:00
kris
5c3fdcff75 Initial import of OpenSSL 0.9.6a 2001-05-20 03:07:21 +00:00
obrien
c2a0af9de9 Restore the RSA host key to /etc/ssh/ssh_host_key.
Also fix $FreeBSD$ spamage in crypto/openssh/sshd_config rev. 1.16.
2001-05-18 18:10:02 +00:00
nsayer
acdba14ce0 Make the PAM user-override actually override the correect thing. 2001-05-17 16:28:11 +00:00
peter
a0f507f8ae Back out last commit. This was already fixed. This should never have
happened, this is why we have commit mail expressly delivered to
committers.
2001-05-17 03:14:42 +00:00
peter
6a2bc7f8ee Fix the latest telnet breakage. Obviously this was never compiled. 2001-05-17 03:13:00 +00:00
nsayer
48dcf3a014 Since the root-on-insecure-tty code was added to telnetd, a dependency
on char *line was added to libtelnet. Put a dummy one in to keep the
linker happy.
2001-05-16 20:34:42 +00:00
nsayer
0fc596428b Make sure the protocol actively rejects bad data rather than
(potentially) not responding to an invalid SRA 'auth is' message.
2001-05-16 20:24:58 +00:00
nsayer
e3d767bac2 srandomdev() affords us the opportunity to radically improve, and at the
same time simplify, the random number selection code.
2001-05-16 18:32:46 +00:00
nsayer
1be2f5ba52 Catch any attempted buffer overflows. The magic numbers in this code
(512) are a little distressing, but the method really needs to be
extended to allow server-supplied DH parameters anyway.

Submitted by:	kris
2001-05-16 18:27:09 +00:00
nsayer
ce33146412 Catch malloc return failures. This should help avoid dereferencing NULL on
low-memory situations.

Submitted by:	kris
2001-05-16 18:17:55 +00:00
peter
f9ccd29a6a Hack to work around braindeath in libtelnet:sra.c. The sra.o file
references global variables from telnetd, but is also linked into
telnet as well. I was tempted to back out the last sra.c change
as it is 100% bogus and should be taken out and shot, but for now
this bandaid should get world working again. :-(
2001-05-15 09:52:03 +00:00
nsayer
1a11f3f940 If the uid of the attempted authentication is 0 and if the pty is
insecure, do not succeed. Copied from login.c. This functionality really
should be a PAM module.
2001-05-15 04:47:14 +00:00
green
dc1d7c596c If a host would exceed 16 characters in the utmp entry, record only
it's IP address/base host instead.

Submitted by:	brian
2001-05-15 01:50:40 +00:00
ru
d9bf66e32a mdoc(7) police: finished fixing conflicts in revision 1.18. 2001-05-14 18:13:34 +00:00
markm
59bdfd4c78 Fix make world in the kerberosIV case. 2001-05-11 09:36:17 +00:00
assar
d949912a40 merge imported changes into HEAD 2001-05-11 00:14:02 +00:00
alfred
87b6cfa403 Fix some of the handling in the pam module, don't unregister things
that were never registered.  At the same time handle a failure from
pam_setcreds with a bit more paranioa than the previous fix.

Sync a bit with the "Portable OpenSSH" work to make comparisons a easier.
2001-05-09 03:40:37 +00:00
green
4c53600da0 Since PAM is broken, let pam_setcred() failure be non-fatal. 2001-05-08 22:30:18 +00:00
assar
06c859ecf5 mdoc(ng) fixes
Submitted by:	ru
2001-05-08 14:57:13 +00:00
assar
6dec691f65 This commit was generated by cvs2svn to compensate for changes in r76371,
which included commits to RCS files with non-trunk default branches.
2001-05-08 14:57:13 +00:00
assar
a4ee56e2bb mdoc(ng) fixes
Submitted by:	ru
2001-05-08 14:57:13 +00:00
nsayer
432133a6fe Pointy hat fix -- reapply the SRA PAM patch. To -current this time. 2001-05-07 20:42:02 +00:00
green
ef95bdcf09 sshd_config should still be keeping ssh host keys in /etc/ssh, not /etc. 2001-05-05 13:48:13 +00:00
green
4850c61e14 Finish committing _more_ somehow-uncommitted OpenSSH 2.9 updates.
(Missing Delta Brigade, tally-ho!)
2001-05-05 01:12:45 +00:00
green
f578998009 Get ssh(1) compiling with MAKE_KERBEROS5. 2001-05-04 04:37:49 +00:00
green
5c19fbfcf3 Remove obsoleted files. 2001-05-04 04:15:22 +00:00
green
e1b74d5cfc Fix conflicts for OpenSSH 2.9. 2001-05-04 04:14:23 +00:00
green
0ba1971539 This commit was generated by cvs2svn to compensate for changes in r76259,
which included commits to RCS files with non-trunk default branches.
2001-05-04 03:57:05 +00:00
green
bff216029e Say "hi" to the latest in the OpenSSH series, version 2.9!
Happy birthday to:	rwatson
2001-05-04 03:57:05 +00:00
green
6d82450791 Add a "VersionAddendum" configuration setting for sshd which allows
anyone to easily change the part of the OpenSSH version after the main
version number.  The FreeBSD-specific version banner could be disabled
that way, for example:

# Call ourselves plain OpenSSH
VersionAddendum
2001-05-03 00:29:28 +00:00
green
80585512e4 Backout completely canonical lookup modifications. 2001-05-03 00:26:47 +00:00
markm
620e961deb Toss into attic stuff we don't use. 2001-04-14 09:48:26 +00:00
ru
36beb8b59e mdoc(7) police: removed hard sentence breaks introduced in rev.1.10. 2001-04-13 08:49:52 +00:00
nsayer
51675c2712 Clean up telnet's argument processing a bit. autologin and encryption is
now the default, so ignore the arguments that turn it on. Add a new -y
argument to turn off encryption in case someone wants to do that. Sync
these changes with the man page (including removing the now obsolete
statement about availability only in the US and Canada).
2001-04-06 15:56:10 +00:00
nsayer
7f0bcdb794 Reactivate SRA.
Make handling of SIGINT and SIGQUIT follow SIGTSTP in TerminalNewMode().
This allows people to break out of SRA authentication if they wish to.
2001-04-05 14:09:15 +00:00
green
6f515d8d34 Suggested by kris, OpenSSH shall have a version designated to note that
it's not "plain" OpenSSH 2.3.0.
2001-03-20 02:11:25 +00:00
green
fdce75a19b Make password attacks based on traffic analysis harder by requiring that
"non-echoed" characters are still echoed back in a null packet, as well
as pad passwords sent to not give hints to the length otherwise.

Obtained from:	OpenBSD
2001-03-20 02:06:40 +00:00
nsayer
dd03c3e952 Fix core noted in -stable with 'auth disable SRA'.
I just mistakenly commited this to RELENG_4. I have contacted Jordan to see
about how to fix this. Pass the pointy hat.
2001-03-18 09:44:25 +00:00
asmodai
38e7299ef6 Fix double mention of ssh.
This file is already off the vendorbranch, nonetheless it needs to be
submitted back to the OpenSSH people.

PR:		25743
Submitted by:	David Wolfskill <dhw@whistle.com>
2001-03-15 09:24:40 +00:00