peter
a0f507f8ae
Back out last commit. This was already fixed. This should never have
...
happened, this is why we have commit mail expressly delivered to
committers.
2001-05-17 03:14:42 +00:00
peter
6a2bc7f8ee
Fix the latest telnet breakage. Obviously this was never compiled.
2001-05-17 03:13:00 +00:00
nsayer
48dcf3a014
Since the root-on-insecure-tty code was added to telnetd, a dependency
...
on char *line was added to libtelnet. Put a dummy one in to keep the
linker happy.
2001-05-16 20:34:42 +00:00
nsayer
0fc596428b
Make sure the protocol actively rejects bad data rather than
...
(potentially) not responding to an invalid SRA 'auth is' message.
2001-05-16 20:24:58 +00:00
nsayer
e3d767bac2
srandomdev() affords us the opportunity to radically improve, and at the
...
same time simplify, the random number selection code.
2001-05-16 18:32:46 +00:00
nsayer
1be2f5ba52
Catch any attempted buffer overflows. The magic numbers in this code
...
(512) are a little distressing, but the method really needs to be
extended to allow server-supplied DH parameters anyway.
Submitted by: kris
2001-05-16 18:27:09 +00:00
nsayer
ce33146412
Catch malloc return failures. This should help avoid dereferencing NULL on
...
low-memory situations.
Submitted by: kris
2001-05-16 18:17:55 +00:00
peter
f9ccd29a6a
Hack to work around braindeath in libtelnet:sra.c. The sra.o file
...
references global variables from telnetd, but is also linked into
telnet as well. I was tempted to back out the last sra.c change
as it is 100% bogus and should be taken out and shot, but for now
this bandaid should get world working again. :-(
2001-05-15 09:52:03 +00:00
nsayer
1a11f3f940
If the uid of the attempted authentication is 0 and if the pty is
...
insecure, do not succeed. Copied from login.c. This functionality really
should be a PAM module.
2001-05-15 04:47:14 +00:00
green
dc1d7c596c
If a host would exceed 16 characters in the utmp entry, record only
...
it's IP address/base host instead.
Submitted by: brian
2001-05-15 01:50:40 +00:00
ru
d9bf66e32a
mdoc(7) police: finished fixing conflicts in revision 1.18.
2001-05-14 18:13:34 +00:00
markm
59bdfd4c78
Fix make world in the kerberosIV case.
2001-05-11 09:36:17 +00:00
assar
d949912a40
merge imported changes into HEAD
2001-05-11 00:14:02 +00:00
alfred
87b6cfa403
Fix some of the handling in the pam module, don't unregister things
...
that were never registered. At the same time handle a failure from
pam_setcreds with a bit more paranioa than the previous fix.
Sync a bit with the "Portable OpenSSH" work to make comparisons a easier.
2001-05-09 03:40:37 +00:00
green
4c53600da0
Since PAM is broken, let pam_setcred() failure be non-fatal.
2001-05-08 22:30:18 +00:00
assar
6dec691f65
This commit was generated by cvs2svn to compensate for changes in r76371,
...
which included commits to RCS files with non-trunk default branches.
2001-05-08 14:57:13 +00:00
assar
a4ee56e2bb
mdoc(ng) fixes
...
Submitted by: ru
2001-05-08 14:57:13 +00:00
assar
06c859ecf5
mdoc(ng) fixes
...
Submitted by: ru
2001-05-08 14:57:13 +00:00
nsayer
432133a6fe
Pointy hat fix -- reapply the SRA PAM patch. To -current this time.
2001-05-07 20:42:02 +00:00
green
ef95bdcf09
sshd_config should still be keeping ssh host keys in /etc/ssh, not /etc.
2001-05-05 13:48:13 +00:00
green
4850c61e14
Finish committing _more_ somehow-uncommitted OpenSSH 2.9 updates.
...
(Missing Delta Brigade, tally-ho!)
2001-05-05 01:12:45 +00:00
green
f578998009
Get ssh(1) compiling with MAKE_KERBEROS5.
2001-05-04 04:37:49 +00:00
green
5c19fbfcf3
Remove obsoleted files.
2001-05-04 04:15:22 +00:00
green
e1b74d5cfc
Fix conflicts for OpenSSH 2.9.
2001-05-04 04:14:23 +00:00
green
0ba1971539
This commit was generated by cvs2svn to compensate for changes in r76259,
...
which included commits to RCS files with non-trunk default branches.
2001-05-04 03:57:05 +00:00
green
bff216029e
Say "hi" to the latest in the OpenSSH series, version 2.9!
...
Happy birthday to: rwatson
2001-05-04 03:57:05 +00:00
green
6d82450791
Add a "VersionAddendum" configuration setting for sshd which allows
...
anyone to easily change the part of the OpenSSH version after the main
version number. The FreeBSD-specific version banner could be disabled
that way, for example:
# Call ourselves plain OpenSSH
VersionAddendum
2001-05-03 00:29:28 +00:00
green
80585512e4
Backout completely canonical lookup modifications.
2001-05-03 00:26:47 +00:00
markm
620e961deb
Toss into attic stuff we don't use.
2001-04-14 09:48:26 +00:00
ru
36beb8b59e
mdoc(7) police: removed hard sentence breaks introduced in rev.1.10.
2001-04-13 08:49:52 +00:00
nsayer
51675c2712
Clean up telnet's argument processing a bit. autologin and encryption is
...
now the default, so ignore the arguments that turn it on. Add a new -y
argument to turn off encryption in case someone wants to do that. Sync
these changes with the man page (including removing the now obsolete
statement about availability only in the US and Canada).
2001-04-06 15:56:10 +00:00
nsayer
7f0bcdb794
Reactivate SRA.
...
Make handling of SIGINT and SIGQUIT follow SIGTSTP in TerminalNewMode().
This allows people to break out of SRA authentication if they wish to.
2001-04-05 14:09:15 +00:00
green
6f515d8d34
Suggested by kris, OpenSSH shall have a version designated to note that
...
it's not "plain" OpenSSH 2.3.0.
2001-03-20 02:11:25 +00:00
green
fdce75a19b
Make password attacks based on traffic analysis harder by requiring that
...
"non-echoed" characters are still echoed back in a null packet, as well
as pad passwords sent to not give hints to the length otherwise.
Obtained from: OpenBSD
2001-03-20 02:06:40 +00:00
nsayer
dd03c3e952
Fix core noted in -stable with 'auth disable SRA'.
...
I just mistakenly commited this to RELENG_4. I have contacted Jordan to see
about how to fix this. Pass the pointy hat.
2001-03-18 09:44:25 +00:00
asmodai
38e7299ef6
Fix double mention of ssh.
...
This file is already off the vendorbranch, nonetheless it needs to be
submitted back to the OpenSSH people.
PR: 25743
Submitted by: David Wolfskill <dhw@whistle.com>
2001-03-15 09:24:40 +00:00
green
38cdb2ac8b
Don't dump core when an attempt is made to login using protocol 2 with
...
an invalid user name.
2001-03-15 03:15:18 +00:00
assar
e3bda85946
(try_krb5_authentication): simplify code. from joda@netbsd.org
2001-03-13 04:42:38 +00:00
assar
a308e4a2b4
Fix LP64 problem in Kerberos 5 TGT passing.
...
Obtained from: NetBSD (done by thorpej@netbsd.org )
2001-03-12 08:14:22 +00:00
assar
797c533a5a
enable auto-negotiation of encrypt and decrypt
2001-03-12 03:54:48 +00:00
assar
e2c7ce93ff
initialize pointers to NULL and sized to 0 to avoid free:ing invalid memory.
...
PR: bin/20779
2001-03-12 03:48:03 +00:00
green
93f32c5caf
Reenable the SIGPIPE signal handler default in all cases for spawned
...
sessions.
2001-03-11 02:26:57 +00:00
markm
7630080b0a
Remove stuff that is really "ports material", generated files and
...
stuff for other OS's. Also remove stuff (libraries) that are
already present in FreeBSD and must not get mixed up in our
code.
2001-03-04 07:26:45 +00:00
markm
2dc08feacd
Trim down the source tree a bit. We shouldn't have blatantly
...
uncompilable bits in here (like X stuff), nor should we have
too much "ports material".
2001-03-04 07:06:39 +00:00
assar
ed5525fcec
Add code for being compatible with ssh.com's krb5 authentication.
...
It is done by using the same ssh messages for v4 and v5 authentication
(since the ssh.com does not now anything about v4) and looking at the
contents after unpacking it to see if it is v4 or v5.
Based on code from Björn Grönvall <bg@sics.se>
PR: misc/20504
2001-03-04 02:22:04 +00:00
kris
6bf88336f3
Resolve conflicts
2001-02-18 03:23:30 +00:00
kris
dcb1266f53
This commit was generated by cvs2svn to compensate for changes in r72613,
...
which included commits to RCS files with non-trunk default branches.
2001-02-18 03:17:36 +00:00
kris
6447e500e7
Import of OpenSSL 0.9.6-STABLE snapshot dated 2001-02-10
2001-02-18 03:17:36 +00:00
ps
007b98e98a
Make ConnectionsPerPeriod non-fatal for real.
2001-02-18 01:33:31 +00:00
markm
7d476598a6
Fix a "make world"-breaking inconsistency for those folks making
...
a world with both KRB4 and KRB5.
2001-02-14 19:54:36 +00:00