Commit Graph

138 Commits

Author SHA1 Message Date
Kris Kennaway
0c11f6e187 Create a DSA host key if one does not already exist, and teach sshd_config
about it.
2000-05-15 05:40:27 +00:00
Kris Kennaway
e8aafc91b5 Resolve conflicts and update for FreeBSD. 2000-05-15 05:24:25 +00:00
Kris Kennaway
fe01acb846 This commit was generated by cvs2svn to compensate for changes in r60573,
which included commits to RCS files with non-trunk default branches.
2000-05-15 04:37:24 +00:00
Kris Kennaway
a04a10f891 Initial import of OpenSSH v2.1. 2000-05-15 04:37:24 +00:00
Nik Clayton
699cc2f5e1 Note that X11 Forwarding is off by default.
PR:             docs/17566
Submitted by:   Keith Stevenson <ktstev01@louisville.edu>
2000-04-30 22:41:58 +00:00
Mark Murray
79eb2b5421 MFF: catch up with FreeFall 2000-04-19 21:20:54 +00:00
Kris Kennaway
9a823cff39 If stderr is closed, report the error message about missing libraries
via syslog instead.

Reviewed by:	jkh
2000-04-18 06:25:24 +00:00
Mark Murray
3c6b6b90c7 Internat diff reducer. 2000-04-16 17:49:31 +00:00
Mark Murray
ef781a073e This commit was generated by cvs2svn to compensate for changes in r59281,
which included commits to RCS files with non-trunk default branches.
2000-04-16 16:03:07 +00:00
Mark Murray
07c567b8ec Virgin import of OpenSSL v0.9.5a 2000-04-16 16:03:07 +00:00
Kris Kennaway
7e7159cbdc Resolve conflicts. 2000-04-13 07:15:03 +00:00
Kris Kennaway
f579bf8ec7 Initial import of OpenSSL 0.9.5a 2000-04-13 06:33:22 +00:00
Kris Kennaway
193faf8655 This commit was generated by cvs2svn to compensate for changes in r59191,
which included commits to RCS files with non-trunk default branches.
2000-04-13 06:33:22 +00:00
Kris Kennaway
2d773b269e Correct a typo and interchanged library names
Submitted by:	Ben Rosengart <ben@narcissus.net>
		Matthew D. Fuller <fullermd@futuresouth.com>
2000-04-05 04:09:51 +00:00
Kris Kennaway
e31adaffd9 Fix a memory leak.
PR:		17360
Submitted by:	Andrew J. Korty <ajk@iu.edu>
2000-03-29 08:24:37 +00:00
Kris Kennaway
18fa3c2ec9 #include <ssl/foo.h> -> #include <openssl/foo.h> 2000-03-26 10:00:28 +00:00
Kris Kennaway
3c6ae11886 Resolve conflicts. 2000-03-26 07:37:48 +00:00
Kris Kennaway
a8f6863aa6 Virgin import of OpenSSH sources dated 2000/03/25 2000-03-26 07:07:24 +00:00
Kris Kennaway
cc99d7f2df This commit was generated by cvs2svn to compensate for changes in r58582,
which included commits to RCS files with non-trunk default branches.
2000-03-26 07:07:24 +00:00
Kris Kennaway
6aae670844 Don't refer to the openssl handbook chapter by name - the doc guys keep
jamming new chapters in front of it :)
2000-03-25 07:28:18 +00:00
Brian Somers
727214e9b8 Use pipe() instead of socketpair() in sshd when communicating
with the client.
This allows ppp/ssh style tunnels to function again.

Ok'd by:	markk
Submitted by:	markk@knigma.org
2000-03-24 15:39:37 +00:00
Mike Pritchard
5c51cd6437 Fix a few spelling errors. 2000-03-24 02:26:54 +00:00
Sheldon Hearn
962a3f4e81 IgnoreUserKnownHosts is a boolean flag, not an integer value.
The fix submitted in the attributed PR is identical to the one
adopted by OpenBSD.

PR:		17027
Submitted by:	David Malone <dwmalone@maths.tcd.ie>
Obtained from:	OpenBSD
2000-03-22 09:36:35 +00:00
Kris Kennaway
9fd4066575 Add a new function stub to libcrypto() which resolves to a symbol in
the librsa* library and reports which version of the library (OpenSSL/RSAREF)
is being used.

This is then used in openssh to detect the failure case of RSAREF and a RSA key
>1024 bits, to print a more helpful error message than 'rsa_public_encrypt() fai
led.'

This is a 4.0-RELEASE candidate.
2000-03-13 09:55:53 +00:00
Kris Kennaway
6a8633db4e Various manpage style/grammar/formatting cleanups
Submitted by:	Peter Jeremy <peter.jeremy@alcatel.com.au>, jedgar
PR:		17292 (remainder of)
2000-03-13 00:17:43 +00:00
Nik Clayton
8ff0a8c302 - typos
- Add double spaces following full stops to improve typeset output
- mdoc-ification.  (Though I'm uncertain whether option values and
  contents should be .Dq or something else).
- Fix a missed /etc/ssh change
- Expand wording on RandomSeed and behaviour when X11 isn't forwarded.
- Change examples to literal mode.
- Trim trailing whitespace

PR:		docs/17292
Submitted by:	Peter Jeremy <peter.jeremy@alcatel.com.au>
2000-03-10 11:48:49 +00:00
Mark Murray
c59bf09996 Make LOGIN_CAP work properly. 2000-03-09 14:52:31 +00:00
Kris Kennaway
2134165c54 /etc -> /etc/ssh
Submitted by:	Ben Smithurst <ben@scientia.demon.co.uk>
2000-03-08 03:44:00 +00:00
John Hay
2216ad9c7e MFI: Use krb5 functions in krb5 files.
Reviewed by:	markm
2000-03-03 20:31:58 +00:00
Yoshinobu Inoue
137d85e410 Replace structure copy form ifreq obtained by SIOCGIFADDR
to memcpy(), to avoid unaligned access trap on alpha.

Approved by: jkh
2000-03-03 13:05:00 +00:00
Yoshinobu Inoue
46ad1c2366 CMSG_XXX macros alignment fixes to follow RFC2292.
Approved by: jkh
2000-03-03 12:50:46 +00:00
Brian Feldman
5dc73ebebe Turn off X11 forwarding in the client. X11 forwarding in the server by
default should probably also get turned on, now.

Requested by:	kris
Obtained from:	OpenBSD
2000-03-03 05:58:39 +00:00
Kris Kennaway
1d32417468 Update the wording on the error message when libcrypto.so can't find an
RSA library.

Reviewed by:	peter, jkh
2000-03-02 06:21:02 +00:00
Hajimu UMEMOTO
e51ec40ec8 Enable connection logging. FreeBSD's libwrap is IPv6 ready.
OpenSSH is in our source tree, now.  It's a time to enable it.

Reviewed by:	markm, shin
Approved by:	jkh
2000-02-29 19:37:04 +00:00
Mark Murray
fe5fd0173b 1) Add kerberos5 functionality.
by Daniel Kouril <kouril@informatics.muni.cz>
2) Add full LOGIN_CAP capability
   by Andrey Chernov
2000-02-28 19:03:50 +00:00
Brian Somers
ccd16b43ed Don't put truncated hostnames in utmp
Approved by: jkh
2000-02-28 18:51:30 +00:00
Peter Wemm
6f35016f23 Sync with internat.freebsd.org; weak symbols vs static libs == trouble 2000-02-26 16:57:17 +00:00
Peter Wemm
7d8acc815a Merge from internat.freebsd.org; move VERBOSE_STUBS to a better spot. 2000-02-26 14:20:18 +00:00
Peter Wemm
4198e0cb8b Merge from internat.freebsd.org repo, minus change to rsa_eay.c (missing)
Reorganize and unify libcrypto's interface so that the RSA implementation
is chosen at runtime via dlopen().

This is a checkpoint and may require more tweaks still.
2000-02-26 13:19:18 +00:00
Peter Wemm
9fa5f5fd96 Merge from internat.freebsd.org repo, minus change to rsa_eay.c (missing)
Reorganize and unify libcrypto's interface so that the RSA implementation
is chosen at runtime via dlopen().

This is a checkpoint and may require more tweaks still.
2000-02-26 13:13:03 +00:00
Peter Wemm
b70ab85b2b At great personal risk (to my already fragile sanity), reorganize
the rsa stubs for libcrypto.  libcrypto.so now uses dlopen() to
implement the backends for either the native or rsaref implemented
RSA code.
This involves:
- unifying the libcrypto and openssl(1) source so there is no
  #ifdef RSAref variations.
- using weak symbols and dlopen()/dlsym() routines to access the
  rsa method vectors.

Releases will enable the user to choose International, US (rsaref) or
no RSA code at install time.
'make world' will DTRT depending on whether you have the international
or US source.  For US users, you must either install rsaref (the port
or package) or (if you don't fear RSA Inc) use the (superior)
International rsa_eay.c code.

This has been discussed at great length by the affected folks and even
we have a great deal of confusion.  This is a checkpoint so we can tune
the results.  This works for me in all permutations I can think of and
should result in a CD/ftp 'release' just about doing the right thing now.
2000-02-26 13:06:55 +00:00
Peter Wemm
2307080405 Redo this with a repo copy from the original file and reset the
__PREFIX__ markers.
2000-02-26 09:59:14 +00:00
Peter Wemm
4d3289a849 oops, update path to /etc/ssh/ssh_host_key 2000-02-26 02:24:38 +00:00
Peter Wemm
9ceffc938a Merge from internat.freebsd.org; move ssh files from /etc to /etc/ssh 2000-02-25 14:25:10 +00:00
Peter Wemm
150f7c198f Don't use the dlopen() stubs if comiling with PIC. This still
needs some more thought for the static case.  Should we provide weak
error-generating stubs for static binaries if -lrsaref was forgotten?
2000-02-25 08:13:50 +00:00
Brian Feldman
8261034302 Fix a bug that crawled in pretty recently (from the port). It made
sshd coredump :(
2000-02-25 05:22:14 +00:00
Peter Wemm
38ba484ce1 Fix garbage in SSH_PROGRAM (only on freefall, not internat) 2000-02-25 04:41:06 +00:00
Brian Feldman
a95c122521 Make "CheckHostIP" default to off. This was proposed on -security and
earlier IRC, but despite my inital feeling against it, this seems
the more proper thing to do.

Proposed by:	rwatson
2000-02-25 03:04:29 +00:00
Brian Feldman
18a711954e The includes must be <openssl/.*\.h>, not <ssl/.*\.h>. 2000-02-25 01:53:12 +00:00
Mark Murray
b719e3c926 remove more ports crud. 2000-02-24 23:54:00 +00:00