kris
3d4fe2511f
This commit was generated by cvs2svn to compensate for changes in r65668,
...
which included commits to RCS files with non-trunk default branches.
2000-09-10 08:31:17 +00:00
kris
395ad657f8
Nuke RSAREF support from orbit.
...
It's the only way to be sure.
2000-09-10 00:09:37 +00:00
kris
b688db32ff
ttyname was not being passed into do_login(), so we were erroneously picking
...
up the function definition from unistd.h instead. Use s->tty instead.
Submitted by: peter
2000-09-04 08:43:05 +00:00
kris
e82b86bebd
bzero() the struct timeval for paranoia
...
Submitted by: gshapiro
2000-09-03 07:58:35 +00:00
kris
367e08bb74
Err, we weren't even compiling auth1.c with LOGIN_CAP at all. Guess nobody
...
was using this feature.
2000-09-02 07:32:05 +00:00
kris
aa3b9a47a8
Repair a broken conflict resolution in r1.2 which had the effect of nullifying
...
the login_cap and login.access checks for whether a user/host is allowed
access to the system for users other than root. But since we currently don't
have a similar check in the ssh2 code path anyway, it's um, "okay".
Submitted by: gshapiro
2000-09-02 05:40:50 +00:00
kris
aa72fb6d06
Repair my dyslexia: s/opt/otp/ in the OPIE challenge. D'oh!
...
Submitted by: gshapiro
2000-09-02 04:41:33 +00:00
kris
cbf45b2b87
Re-add missing "break" which was lost during a previous patch
...
integration. This currently has no effect.
Submitted by: gshapiro
2000-09-02 04:37:51 +00:00
kris
72765236c6
Turn on X11Forwarding by default on the server. Any risk is to the client,
...
where it is already disabled by default.
Reminded by: peter
2000-09-02 03:49:22 +00:00
kris
c35f2b0120
Increase the default value of LoginGraceTime from 60 seconds to 120
...
seconds.
PR: 20488
Submitted by: rwatson
2000-08-23 09:47:25 +00:00
kris
e7d14b45db
Respect X11BASE to derive the location of xauth(1)
...
PR: 17818
Submitted by: Bjoern Fischer <bfischer@Techfak.Uni-Bielefeld.DE>
2000-08-23 09:39:20 +00:00
kris
e5f617598c
Fix setproctitle() and syslog() vulnerabilities.
2000-08-13 05:23:23 +00:00
kris
a3b4cc13a0
This commit was generated by cvs2svn to compensate for changes in r64593,
...
which included commits to RCS files with non-trunk default branches.
2000-08-13 05:23:23 +00:00
kris
e5795f1541
Fix benign bugs due to missing format string in err() and warn().
...
Approved by: assar (vendor :-)
2000-08-13 04:46:54 +00:00
kris
d705e89ca3
This commit was generated by cvs2svn to compensate for changes in r64583,
...
which included commits to RCS files with non-trunk default branches.
2000-08-13 04:46:54 +00:00
kris
e4f947c892
Fix setproctitle() vulnerability in non-compiled code.
2000-08-13 04:35:43 +00:00
asmodai
91cbf96576
Chalk up another phkmalloc victim.
...
It seems as if uninitialised memory was the culprit.
We may want to contribute this back to the OpenSSH project.
Submitted by: Alexander Leidinger <Alexander@Leidinger.net> on -current.
2000-08-01 08:07:15 +00:00
alex
6ef8a00dbc
Crypto sources are no longer export controlled:
...
Explain, why crypto sources are still in crypto/.
Reviewed by: markm
2000-07-31 12:24:13 +00:00
asmodai
1e0ff1e9ee
Fix a weird typo, is -> are.
...
The OpenSSH maintainer probably want to contribute this back to the
real OpenSSH guys.
Submitted by: Jon Perkin <sketchy@netcraft.com>
2000-07-27 19:21:15 +00:00
marko
5b6f43012f
Fixed a minor typo in the header.
...
Pointed out by: asmodai
2000-07-27 17:21:07 +00:00
marko
bac3d432ce
Committed, Thanks!!
...
PR: 20108
Submitted by: Doug Lee
2000-07-25 16:49:48 +00:00
ume
a96fe340ba
Fix buffer size of ALIGNed buffer.
...
PR: bin/20053
Submitted by: Alex Kapranoff <alex@kapran.bitmcnit.bryansk.su>
2000-07-20 14:54:04 +00:00
assar
79387f62b0
merge in syslog fixes, do not call syslog with variabel as format string
2000-07-20 05:43:55 +00:00
peter
e9baa5cc97
Add missing $FreeBSD$ to files that are NOT still on vendor a branch.
2000-07-16 05:48:49 +00:00
nsayer
92fcc2d3d7
Fix 'telnet -X sra' coredump
...
PR# 19835
2000-07-11 15:04:05 +00:00
peter
03d1c93d26
Sync sshd_config with sshd and manapage internal defaults (Checkmail = yes)
2000-07-11 09:54:24 +00:00
peter
3e605439c1
Sync LoginGraceTime with sshd_config = 60 seconds by default, not 600.
2000-07-11 09:52:14 +00:00
peter
b5823cc1e6
Fix out-of-sync defaults. PermitRootLogin is supposed to be 'no' but
...
sshd's internal default was 'yes'. (if some cracker managed to trash
/etc/ssh/sshd_config, then root logins could be reactivated)
Approved by: kris
2000-07-11 09:50:15 +00:00
peter
0edc966949
Make FallBackToRsh off by default. Falling back to rsh by default is
...
silly in this day and age.
Approved by: kris
2000-07-11 09:39:34 +00:00
kris
911669a1de
Don't call printf with no format string.
2000-07-10 05:16:59 +00:00
ume
45d8dc287b
Make telnet -s work. It is corresponding to EAI_NONAME -> EAI_NODATA
...
change (getaddrinfo.c rev 1.12).
2000-07-08 05:22:00 +00:00
itojun
51f03c2d74
sync with usr.bin/telnet/commands.c 1.21 -> 1.22. pierre.dampure@alveley.org
2000-07-07 12:35:05 +00:00
green
cd99eac545
Allow restarting on SIGHUP when the full path was not given as argv[0].
...
We do have /proc/curproc/file :)
2000-07-04 06:43:26 +00:00
green
1f01eb0f78
So /this/ is what has made OpenSSH's SSHv2 support never work right!
...
In some cases, limits did not get set to the proper class, but
instead always to "default", because not all passwd copies were
done to completion.
2000-06-27 21:16:06 +00:00
green
d58f8c6566
Also make sure to close the socket that exceeds your rate limit.
2000-06-26 23:39:26 +00:00
green
6032b3e1eb
Make rate limiting work per-listening-socket. Log better messages than
...
before for this, requiring a new function (get_ipaddr()). canohost.c
receives a $FreeBSD$ line.
Suggested by: Niels Provos <niels@OpenBSD.org>
2000-06-26 05:44:23 +00:00
markm
cf531b0a90
MFI. This is a documentation-only, diffreducing patch, that if
...
invoked will cause breakage. US Users - DO NOT try to turn on
IDEA - the sources are not included.
2000-06-24 06:50:58 +00:00
markm
f730aee9a0
Grrr. I hate CVS. These were supposed to be committed when I did the
...
IDEA fix earlier today.
Bring back IDEA from the dead (but not compiled by default).
2000-06-19 21:09:27 +00:00
markm
563a62186d
Re-add IDEA. This is not actually built unless asked for by the user.
...
(To avoid patent hassles).
2000-06-19 13:59:34 +00:00
kris
4c97df6f1d
Fix syntax error in previous commit.
...
Submitted by: Udo Schweigert <ust@cert.siemens.de>
2000-06-11 21:41:25 +00:00
kris
3040938ae2
Fix security botch in "UseLogin Yes" case: commands are executed with
...
uid 0.
Obtained from: OpenBSD
2000-06-10 22:32:57 +00:00
ru
1f394a2458
Make `ssh-agent -k' work for csh(1)-like shells.
2000-06-10 14:14:28 +00:00
green
ac5c481ad0
Allow "DenyUsers" to function.
2000-06-06 06:16:55 +00:00
kris
b8a1eb5ea1
Resolve conflicts
2000-06-03 09:58:15 +00:00
kris
3639dd9ace
Initial import of OpenSSH snapshot from 2000/05/30
...
Obtained from: OpenBSD
2000-06-03 09:52:37 +00:00
kris
1c4b02a92e
This commit was generated by cvs2svn to compensate for changes in r61209,
...
which included commits to RCS files with non-trunk default branches.
2000-06-03 09:52:37 +00:00
kris
dd1209e63c
Resolve conflicts
2000-06-03 09:23:13 +00:00
kris
585dc667de
Import from vendor repository.
...
Obtained from: OpenBSD
2000-06-03 09:20:19 +00:00
kris
8a7831d8e0
This commit was generated by cvs2svn to compensate for changes in r61206,
...
which included commits to RCS files with non-trunk default branches.
2000-06-03 09:20:19 +00:00
kris
75f296e741
Bring vendor patches onto the main branch, and resolve conflicts.
2000-06-03 07:31:44 +00:00
kris
e503398156
Import vendor patches: the first is written by
...
Brian Feldman <green@FreeBSD.org>
* Remove the gratuitous dependency on OpenSSL 0.9.5a (preparation for MFC)
* Disable agent forwarding by default in the client (security risk)
Submitted by: green
Obtained from: OpenBSD
2000-06-03 07:18:09 +00:00
kris
7b7cd4c4d3
This commit was generated by cvs2svn to compensate for changes in r61201,
...
which included commits to RCS files with non-trunk default branches.
2000-06-03 07:18:09 +00:00
kris
10badcd8c7
Import vendor patch originally submitted by the below author: don't
...
treat failure to create the authentication agent directory in /tmp as
a fatal error, but disable agent forwarding.
Submitted by: Jan Koum <jkb@yahoo-inc.com>
2000-06-03 07:06:14 +00:00
kris
af709005df
This commit was generated by cvs2svn to compensate for changes in r61199,
...
which included commits to RCS files with non-trunk default branches.
2000-06-03 07:06:14 +00:00
kris
e1e1f53651
Import vendor fix: "fix key_read() for uuencoded keys w/o '='"
...
This bug caused OpenSSH not to recognise some of the DSA keys it
generated.
Submitted by: Christian Weisgerber <naddy@mips.inka.de>
Obtained from: OpenBSD
2000-06-03 06:51:30 +00:00
kris
bb0b65f065
Update to the version of pam_ssh corresponding to OpenSSH 2.1 (taken
...
from the openssh port)
Submitted by: Hajimu UMEMOTO <ume@mahoroba.org>
2000-05-30 09:03:15 +00:00
jake
5e208b0c18
Back out the previous change to the queue(3) interface.
...
It was not discussed and should probably not happen.
Requested by: msmith and others
2000-05-26 02:09:24 +00:00
jake
1d685644e0
Change the way that the queue(3) structures are declared; don't assume that
...
the type argument to *_HEAD and *_ENTRY is a struct.
Suggested by: phk
Reviewed by: phk
Approved by: mdodd
2000-05-23 20:41:01 +00:00
ache
051bad99a3
Turn on CheckMail to be more login-compatible by default
2000-05-23 06:06:54 +00:00
brian
0beebe9f7b
Don't USE_PIPES
...
Spammed by: peter
Submitted by: mkn@uk.FreeBSD.org
2000-05-22 09:51:18 +00:00
kris
e109927403
Correct two stupid typos in the DSA key location.
...
Submitted by: Udo Schweigert <ust@cert.siemens.de>
2000-05-18 06:04:23 +00:00
kris
4480fb101d
Unbreak Kerberos5 compilation. This still remains untested.
...
Noticed by: obrien
2000-05-17 08:06:20 +00:00
kris
35e5917a75
Oops, rename S/Key to Opie in line with FreeBSD usage.
2000-05-15 06:11:30 +00:00
kris
0be7f3c2c4
Create a DSA host key if one does not already exist, and teach sshd_config
...
about it.
2000-05-15 05:40:27 +00:00
kris
a5c6208127
Resolve conflicts and update for FreeBSD.
2000-05-15 05:24:25 +00:00
kris
4dc8aa85ce
Initial import of OpenSSH v2.1.
2000-05-15 04:37:24 +00:00
kris
9b4130bcbc
This commit was generated by cvs2svn to compensate for changes in r60573,
...
which included commits to RCS files with non-trunk default branches.
2000-05-15 04:37:24 +00:00
nik
5001aa5ad5
Note that X11 Forwarding is off by default.
...
PR: docs/17566
Submitted by: Keith Stevenson <ktstev01@louisville.edu>
2000-04-30 22:41:58 +00:00
markm
251b3b6e8f
MFF: catch up with FreeFall
2000-04-19 21:20:54 +00:00
kris
5fb3d480bd
If stderr is closed, report the error message about missing libraries
...
via syslog instead.
Reviewed by: jkh
2000-04-18 06:25:24 +00:00
markm
780b7ecb0c
Internat diff reducer.
2000-04-16 17:49:31 +00:00
markm
48457cbba4
Virgin import of OpenSSL v0.9.5a
2000-04-16 16:03:07 +00:00
markm
f203f01833
This commit was generated by cvs2svn to compensate for changes in r59281,
...
which included commits to RCS files with non-trunk default branches.
2000-04-16 16:03:07 +00:00
kris
3bb46af2e4
Resolve conflicts.
2000-04-13 07:15:03 +00:00
kris
50bc915a9f
Initial import of OpenSSL 0.9.5a
2000-04-13 06:33:22 +00:00
kris
29b7124027
This commit was generated by cvs2svn to compensate for changes in r59191,
...
which included commits to RCS files with non-trunk default branches.
2000-04-13 06:33:22 +00:00
kris
cd3ffade07
Correct a typo and interchanged library names
...
Submitted by: Ben Rosengart <ben@narcissus.net>
Matthew D. Fuller <fullermd@futuresouth.com>
2000-04-05 04:09:51 +00:00
kris
ccb2bb86c9
Fix a memory leak.
...
PR: 17360
Submitted by: Andrew J. Korty <ajk@iu.edu>
2000-03-29 08:24:37 +00:00
kris
9ff72212a8
#include <ssl/foo.h> -> #include <openssl/foo.h>
2000-03-26 10:00:28 +00:00
kris
cea45abfda
Resolve conflicts.
2000-03-26 07:37:48 +00:00
kris
b201b15ee1
Virgin import of OpenSSH sources dated 2000/03/25
2000-03-26 07:07:24 +00:00
kris
09dfa7dfb4
This commit was generated by cvs2svn to compensate for changes in r58582,
...
which included commits to RCS files with non-trunk default branches.
2000-03-26 07:07:24 +00:00
kris
3f482ce298
Don't refer to the openssl handbook chapter by name - the doc guys keep
...
jamming new chapters in front of it :)
2000-03-25 07:28:18 +00:00
brian
85a39e63a4
Use pipe() instead of socketpair() in sshd when communicating
...
with the client.
This allows ppp/ssh style tunnels to function again.
Ok'd by: markk
Submitted by: markk@knigma.org
2000-03-24 15:39:37 +00:00
mpp
fdd7999364
Fix a few spelling errors.
2000-03-24 02:26:54 +00:00
sheldonh
48fa6a51df
IgnoreUserKnownHosts is a boolean flag, not an integer value.
...
The fix submitted in the attributed PR is identical to the one
adopted by OpenBSD.
PR: 17027
Submitted by: David Malone <dwmalone@maths.tcd.ie>
Obtained from: OpenBSD
2000-03-22 09:36:35 +00:00
kris
bd1f80cef9
Add a new function stub to libcrypto() which resolves to a symbol in
...
the librsa* library and reports which version of the library (OpenSSL/RSAREF)
is being used.
This is then used in openssh to detect the failure case of RSAREF and a RSA key
>1024 bits, to print a more helpful error message than 'rsa_public_encrypt() fai
led.'
This is a 4.0-RELEASE candidate.
2000-03-13 09:55:53 +00:00
kris
afbc4bd1fb
Various manpage style/grammar/formatting cleanups
...
Submitted by: Peter Jeremy <peter.jeremy@alcatel.com.au>, jedgar
PR: 17292 (remainder of)
2000-03-13 00:17:43 +00:00
nik
81a3105a72
- typos
...
- Add double spaces following full stops to improve typeset output
- mdoc-ification. (Though I'm uncertain whether option values and
contents should be .Dq or something else).
- Fix a missed /etc/ssh change
- Expand wording on RandomSeed and behaviour when X11 isn't forwarded.
- Change examples to literal mode.
- Trim trailing whitespace
PR: docs/17292
Submitted by: Peter Jeremy <peter.jeremy@alcatel.com.au>
2000-03-10 11:48:49 +00:00
markm
43d424cab0
Make LOGIN_CAP work properly.
2000-03-09 14:52:31 +00:00
kris
cd40b5e1ea
/etc -> /etc/ssh
...
Submitted by: Ben Smithurst <ben@scientia.demon.co.uk>
2000-03-08 03:44:00 +00:00
jhay
69eb79866d
MFI: Use krb5 functions in krb5 files.
...
Reviewed by: markm
2000-03-03 20:31:58 +00:00
shin
c1e729a062
Replace structure copy form ifreq obtained by SIOCGIFADDR
...
to memcpy(), to avoid unaligned access trap on alpha.
Approved by: jkh
2000-03-03 13:05:00 +00:00
shin
bd3c73b28d
CMSG_XXX macros alignment fixes to follow RFC2292.
...
Approved by: jkh
2000-03-03 12:50:46 +00:00
green
42e845e2dd
Turn off X11 forwarding in the client. X11 forwarding in the server by
...
default should probably also get turned on, now.
Requested by: kris
Obtained from: OpenBSD
2000-03-03 05:58:39 +00:00
kris
76dfe94f1d
Update the wording on the error message when libcrypto.so can't find an
...
RSA library.
Reviewed by: peter, jkh
2000-03-02 06:21:02 +00:00
ume
2b52652a6f
Enable connection logging. FreeBSD's libwrap is IPv6 ready.
...
OpenSSH is in our source tree, now. It's a time to enable it.
Reviewed by: markm, shin
Approved by: jkh
2000-02-29 19:37:04 +00:00
markm
e54fe4cc8e
1) Add kerberos5 functionality.
...
by Daniel Kouril <kouril@informatics.muni.cz>
2) Add full LOGIN_CAP capability
by Andrey Chernov
2000-02-28 19:03:50 +00:00
brian
ab78b29233
Don't put truncated hostnames in utmp
...
Approved by: jkh
2000-02-28 18:51:30 +00:00
peter
0286586eca
Sync with internat.freebsd.org; weak symbols vs static libs == trouble
2000-02-26 16:57:17 +00:00
peter
c24810468d
Merge from internat.freebsd.org; move VERBOSE_STUBS to a better spot.
2000-02-26 14:20:18 +00:00
peter
137a543a24
Merge from internat.freebsd.org repo, minus change to rsa_eay.c (missing)
...
Reorganize and unify libcrypto's interface so that the RSA implementation
is chosen at runtime via dlopen().
This is a checkpoint and may require more tweaks still.
2000-02-26 13:19:18 +00:00
peter
5103c5ef45
Merge from internat.freebsd.org repo, minus change to rsa_eay.c (missing)
...
Reorganize and unify libcrypto's interface so that the RSA implementation
is chosen at runtime via dlopen().
This is a checkpoint and may require more tweaks still.
2000-02-26 13:13:03 +00:00
peter
b69d693a40
At great personal risk (to my already fragile sanity), reorganize
...
the rsa stubs for libcrypto. libcrypto.so now uses dlopen() to
implement the backends for either the native or rsaref implemented
RSA code.
This involves:
- unifying the libcrypto and openssl(1) source so there is no
#ifdef RSAref variations.
- using weak symbols and dlopen()/dlsym() routines to access the
rsa method vectors.
Releases will enable the user to choose International, US (rsaref) or
no RSA code at install time.
'make world' will DTRT depending on whether you have the international
or US source. For US users, you must either install rsaref (the port
or package) or (if you don't fear RSA Inc) use the (superior)
International rsa_eay.c code.
This has been discussed at great length by the affected folks and even
we have a great deal of confusion. This is a checkpoint so we can tune
the results. This works for me in all permutations I can think of and
should result in a CD/ftp 'release' just about doing the right thing now.
2000-02-26 13:06:55 +00:00
peter
79f9c20da4
Redo this with a repo copy from the original file and reset the
...
__PREFIX__ markers.
2000-02-26 09:59:14 +00:00
peter
1da669849f
oops, update path to /etc/ssh/ssh_host_key
2000-02-26 02:24:38 +00:00
peter
dcf3a91439
Merge from internat.freebsd.org; move ssh files from /etc to /etc/ssh
2000-02-25 14:25:10 +00:00
peter
14a676ed85
Don't use the dlopen() stubs if comiling with PIC. This still
...
needs some more thought for the static case. Should we provide weak
error-generating stubs for static binaries if -lrsaref was forgotten?
2000-02-25 08:13:50 +00:00
green
c0842053cb
Fix a bug that crawled in pretty recently (from the port). It made
...
sshd coredump :(
2000-02-25 05:22:14 +00:00
peter
429016de0e
Fix garbage in SSH_PROGRAM (only on freefall, not internat)
2000-02-25 04:41:06 +00:00
green
c371f84297
Make "CheckHostIP" default to off. This was proposed on -security and
...
earlier IRC, but despite my inital feeling against it, this seems
the more proper thing to do.
Proposed by: rwatson
2000-02-25 03:04:29 +00:00
green
0366d2c301
The includes must be <openssl/.*\.h>, not <ssl/.*\.h>.
2000-02-25 01:53:12 +00:00
markm
21fb36353a
remove more ports crud.
2000-02-24 23:54:00 +00:00
markm
5c706b5439
remove ports junk
2000-02-24 23:46:38 +00:00
markm
94f010f5ed
Use libcrypto instead of libdes.
2000-02-24 20:21:16 +00:00
markm
b2ea89bb34
RIP libdes. All hail libcrypto!
2000-02-24 19:35:08 +00:00
markm
96cd3aa523
Get crypto from libcrypto, not libdes.
2000-02-24 19:28:31 +00:00
markm
34f04f23e7
Add the patches fom ports (QV: ports/security/openssh/patches/patch-*)
2000-02-24 15:29:42 +00:00
markm
fc557ff7d9
Vendor import of OpenSSH.
2000-02-24 14:29:47 +00:00
markm
b0392a39dd
This commit was generated by cvs2svn to compensate for changes in r57429,
...
which included commits to RCS files with non-trunk default branches.
2000-02-24 14:29:47 +00:00
markm
54384d50aa
Merge conflicts.
2000-02-24 13:37:41 +00:00
markm
1ee7ac4f2e
Oops; forgot to add this.
2000-02-24 13:20:48 +00:00
markm
b496c18f68
Get this to the same level of functionality as old libdes.
2000-02-24 13:20:15 +00:00
markm
5ed96cd5da
Vendor import of Heimdal 0.2p
2000-02-24 11:28:20 +00:00
markm
99a3e2ff44
This commit was generated by cvs2svn to compensate for changes in r57422,
...
which included commits to RCS files with non-trunk default branches.
2000-02-24 11:28:20 +00:00
markm
69414e22b9
Vendor import of Heimdal 0.2o
2000-02-24 11:19:29 +00:00
markm
6ec6c4e167
This commit was generated by cvs2svn to compensate for changes in r57419,
...
which included commits to RCS files with non-trunk default branches.
2000-02-24 11:19:29 +00:00
markm
fa8b1a96d3
Vendor import of Heimdal 0.2n
2000-02-24 11:07:16 +00:00
markm
4876f62e0a
This commit was generated by cvs2svn to compensate for changes in r57416,
...
which included commits to RCS files with non-trunk default branches.
2000-02-24 11:07:16 +00:00
markm
547c22eb53
freefall/internat diff reducer
2000-02-24 10:38:40 +00:00
markm
1d4cb5c450
Freefall/Internat diff reducer.
2000-02-24 10:37:29 +00:00
jkh
06661a5278
Add call stubs for dynamic rsaref loading. This isn't enabled for now
...
but simply lets us sync up on the solution as it's evolved.
2000-02-22 06:22:54 +00:00
shin
a8893d4efd
Use static buffer to save source route hostnames.
...
Approved by: jkh
2000-02-19 16:33:14 +00:00
shin
9659fa5515
Print "Trying ..." for each host. Also cleanups for error printing.
...
Approved by: jkh
Submitted by: Ben Smithurst <ben@scientia.demon.co.uk>
2000-02-19 16:17:41 +00:00
shin
d5883cc0eb
Fix bugs in telnet.
...
Sorry there were still several bugs.
-error retry at af missmatch was incomplete.
-af matching for source addr option was wrong
-socket was not freed at retry.
Approved by: jkh
2000-02-15 15:59:12 +00:00
shin
68cae17428
Add more dual stack consideration.
...
-Should retry as much as possible when some of source
routing intermediate hosts' address families missmatch
happened.
(such as when a host has only A record, and another host
has each of A and AAAA record.)
-Should retry as much as possible when dest addr and
source addr(specified with -s option) address family
missmatch happend
Approved by: jkh
2000-02-10 20:06:36 +00:00
shin
969f5cb6ff
Fix telnet core dump at invalid service name specified.
...
Added an error check to avoid it.
Approved by: jkh
Submitted by: Robert Muir <rmuir@gibralter.net>
2000-02-07 00:52:49 +00:00
shin
f3aa8fcf5d
Add NI_NAMEREQD flag to getnameinfo() call. Without this flag,
...
getnameinfo() don't return error at name resolving failure.
But it is used at doaddrlookup(-N) case in telnet, error need to be
returned to correctly initialize hostname buffer.
Discovered at checking recent KAME repository change, noticed by itojun.
2000-01-29 18:21:05 +00:00
shin
d0fbbcbc0f
another tcp apps IPv6 updates.(should be make world safe)
...
ftp, telnet, ftpd, faithd
also telnet related sync with crypto, secure, kerberosIV
Obtained from: KAME project
2000-01-27 09:28:38 +00:00
kris
7ee007f490
Import the RSA support code. There shouldn't be any actual RSA
...
cryptography here.
2000-01-16 05:14:57 +00:00
kris
3cd1ecedd0
This commit was generated by cvs2svn to compensate for changes in r56083,
...
which included commits to RCS files with non-trunk default branches.
2000-01-16 05:14:57 +00:00
kris
13931e7181
Fix for missing symbol in -DRSAref case.
2000-01-16 04:45:18 +00:00
kris
d010dabaef
Fix breakage when NO_RSA specified.
...
Reviewed by: Ben Laurie <ben@openssl.org>
2000-01-14 05:24:08 +00:00
kris
b8f4b7d960
Zap NO_IDEA
2000-01-10 06:28:04 +00:00
cvs2svn
dfbbfe4574
This commit was manufactured by cvs2svn to create branch
...
'VENDOR-crypto-openssl'.
2000-01-10 06:27:13 +00:00
kris
3f05fce0a6
List of files to nuke prior to import.
2000-01-10 06:27:12 +00:00
kris
2e467dc342
Initial import of OpenSSL 0.9.4, sans IDEA and RSA code for patent
...
infringement reasons.
2000-01-10 06:22:05 +00:00
kris
cc0bf82857
This commit was generated by cvs2svn to compensate for changes in r55714,
...
which included commits to RCS files with non-trunk default branches.
2000-01-10 06:22:05 +00:00
kris
39cf34bd31
Zap the IDEA stuff - it's patented internationally (at least in some
...
places), and we don't want people to get in trouble just for having it.
2000-01-10 05:36:35 +00:00
markm
4ecbd6db44
Import KTH Heimdal, which will be the core of our Kerberos5.
...
Userland to follow.
2000-01-09 20:58:00 +00:00
markm
b8523d7da0
This commit was generated by cvs2svn to compensate for changes in r55682,
...
which included commits to RCS files with non-trunk default branches.
2000-01-09 20:58:00 +00:00
markm
55df8ab45d
Fix path.
2000-01-09 13:52:56 +00:00
markm
41ef09269c
resolve conflicts.
2000-01-09 08:53:35 +00:00
markm
ca616c603d
Clean import of KTH Kerberos (eBones) v1.0.
2000-01-09 08:31:47 +00:00
markm
947b749f81
This commit was generated by cvs2svn to compensate for changes in r55643,
...
which included commits to RCS files with non-trunk default branches.
2000-01-09 08:31:47 +00:00
green
332c203529
Upgrade to the pam_ssh module, version 1.1..
...
(From the author:)
Primarily, I have added built-in functions for manipulating the
environment, so putenv() is no longer used. XDM and its variants
should now work without modification. Note that the new code uses
the macros in <sys/queue.h>.
Submitted by: Andrew J. Korty <ajk@iu.edu>
1999-12-28 05:32:54 +00:00
kris
e829abb179
Initial import of OpenSSL v0.9.4
1999-12-25 16:37:36 +00:00
kris
a60fdeef2a
This commit was generated by cvs2svn to compensate for changes in r55099,
...
which included commits to RCS files with non-trunk default branches.
1999-12-25 16:37:36 +00:00
green
8914ab4a62
Add the PAM SSH RSA key authentication module. For example, you can add,
...
"login auth sufficient pam_ssh.so" to your /etc/pam.conf, and
users with a ~/.ssh/identity can login(1) with their SSH key :)
PR: 15158
Submitted by: Andrew J. Korty <ajk@waterspout.com>
Reviewed by: obrien
1999-11-29 07:09:44 +00:00
markm
054cebb488
Merge anf fix for build.
1999-09-19 21:56:09 +00:00
markm
fe83e8abf3
Clean import of KTH krb4-0.10.1.
1999-09-19 14:19:32 +00:00
markm
a51de61dc9
This commit was generated by cvs2svn to compensate for changes in r51415,
...
which included commits to RCS files with non-trunk default branches.
1999-09-19 14:19:32 +00:00
markm
9f9c3da806
Big OpenSSL/KTH/FreeBSD merge, badly poisoned by $FreeBSD$'s.
1999-09-19 13:04:49 +00:00
markm
80977bf403
This commit was generated by cvs2svn to compensate for changes in r50894,
...
which included commits to RCS files with non-trunk default branches.
1999-09-04 12:45:43 +00:00
markm
aebb972b81
Vendor import EAY's LIBSSL to fix comments, etc.
1999-09-04 12:45:43 +00:00
markm
8814dde458
Add macro originally provided externally.
1999-09-04 11:06:07 +00:00
markm
d92725e057
Add includes to to silence warnings. Bit hackish.
1999-09-04 11:03:01 +00:00
markm
35eb38f0fd
Add some includes to shut up warnings.
1999-09-04 10:46:27 +00:00
markm
145a94070b
Drat. Import this into the right place. Pass me the pointy hat.
1999-09-01 19:59:25 +00:00
markm
dbda8514fa
This commit was generated by cvs2svn to compensate for changes in r50760,
...
which included commits to RCS files with non-trunk default branches.
1999-09-01 19:59:25 +00:00
markm
10d1bec279
Termcap header no longer needed.
1999-09-01 18:57:38 +00:00
peter
b6784c4210
$Id$ -> $FreeBSD$
1999-08-28 01:35:59 +00:00
markm
5b6ba80613
Add virtual MAINTAINER line.
1999-08-16 19:05:02 +00:00
nsayer
11c73babe3
According to Mark Murray, Makefiles do not belong here. I guess we're
...
going to have to figure something else out.
1999-08-16 18:59:05 +00:00
nsayer
ff5ef9020c
Add SRA authentication to src/crypto/telnet.
...
SRA does a Diffie-Hellmen exchange and then DES-encrypts the
authentication data. If the authentication is successful, it also
sets up a session key for DES encryption.
SRA was originally developed at Texas A&M University.
This code is probably export restricted (despite the fact that I
originally found it at a University in Germany).
SRA is not perfect. It is vulnerable to monkey-in-the-middle attacks
and does not use tremendously large DH constants (and thus an individual
exchange probably could be factored in a few days on modern CPU
horsepower). It does not, however, require any changes in user or
administrative behavior and foils session hijacking and sniffing.
The goal of this commit is that telnet and telnetd end up in the DES
distribution and that therefore an encrypted session telnet becomes
standard issue for FreeBSD.
1999-08-16 11:24:29 +00:00
nsayer
a664d636c3
Fix int function without return (make consistent with neighbors)
1999-08-16 02:15:29 +00:00
nik
d8ab1ceb66
Document the "skey" command in telnet(1).
...
PR: docs/12360
Submitted by: kjm@rins.ryukoku.ac.jp (KOJIMA Hajime)
Nagged by: markm :-)
1999-07-30 21:24:03 +00:00
ru
39880a4759
Merge from non-crypto version:
...
- "-N" option
- "-E" security fix
- "-s src_addr" option
Requested by: markm
1999-06-17 09:24:37 +00:00
brian
dbeac496cb
MF libexec/telnetd: Determine the host name using an array size of
...
MAXHOSTNAMELEN and call trimdomain() before implementing
the -u option.
1999-04-08 21:39:34 +00:00
brian
791b929637
MF libexec/telnetd: MAXHOSTNAMELEN & -u fixes.
1999-04-07 10:17:24 +00:00
brian
940b403e74
Use realhostname().
1999-04-06 23:35:21 +00:00
brian
f0f0d422fa
MF src/libexec/telnetd: Verify the reverse DNS lookup
...
ala rlogind.
Suggested by: markm
1999-04-06 12:41:27 +00:00
peter
f713504ee7
Old stuff laying around: Don't use getstr which can conflict with some
...
curses/termcap/terminfo implementations and causes recursion.
1998-12-16 06:06:06 +00:00
peter
b3ca2b65dd
Old stuff from a source tree: copy (verbatum) the code to expand the
...
%s/%m in the default /etc/gettytab.
1998-12-16 06:01:33 +00:00
gpalmer
9539a89e52
Remove redundant decl. of time(). Causes problems on alpha
1998-09-01 15:17:28 +00:00
jdp
aab9f2013a
Remove a work-around for an assembler bug that has been fixed since
...
April, 1997. The work-around causes problems under ELF.
1998-08-31 20:01:48 +00:00
markm
aa53354d73
Fix nasty typo that randomly caused kinit to not properly deduce the
...
user's username when this was not specified.
Reported by: Sean Eric Fagan
1998-03-29 07:27:43 +00:00
markm
e0f5a5339e
Make the ticket filename the same as for our old eBones. I am going to
...
kerberize xdm again, and it will be a pain to maintain two different
sets of patches (for 2.2 and 3.0).
1998-02-16 12:39:25 +00:00
markm
ddcef2c500
Bring back the old behaviour of kinit; if no username is mentioned on
...
the command line, attempt to get a ticket for the current uid (or
<uid>.root if we are already su'ed).
Requested By: Garrett Wollman
1998-02-16 12:36:49 +00:00
imp
1f95c98c78
MFC: sprintf paranoia
1998-01-22 00:04:57 +00:00
charnier
e76bb0fc60
MFC: no \n in syslog strings. Change -P to -p in flags. EOF -> -1. Use err(3).
1997-12-08 07:41:13 +00:00
markm
5472ed630c
kinit(1) and its man page do not agre on what is reported with -v. Fix this.
...
Submitted by: Sheldon Hearn.
1997-11-25 21:12:37 +00:00
uhclem
2c0d4ae524
PR: bin/771 and bin/1037 are resolved by this change
...
This change changes the default handling of linemode so that older and/or
stupider telnet clients can still get wakeup characters like <ESC> and
<CTRL>D to work correctly multiple times on the same line, as in csh
"set filec" operations. It also causes CR and LF characters to be read by
apps in certain terminal modes consistently, as opposed to returning
CR sometimes and LF sometimes, which broke existing apps. The change
was shown to fix the problem demonstrated in the FreeBSD telnet client,
along with the telnet client in Solaris, SCO, Windows '95 & NT, DEC OSF,
NCSA, and others.
A similar change was incorporated in the non-crypto version of telnetd.
This resolves bin/771 and bin/1037.
1997-10-08 03:14:34 +00:00
wosch
b215fc2e1e
Sort cross refereces in section SEE ALSO.
1997-09-29 19:11:55 +00:00
markm
6d93c0c4cb
FreeBSD's original passwd helper is needed here.
1997-09-21 17:37:08 +00:00
markm
a0086a36c8
Bring the FreeBSD changes to the virgin sources.
1997-09-07 07:02:53 +00:00
markm
a24e6d379a
FreeBSD specific schanges - mainly religious issues about where to put
...
stuff.
1997-09-04 21:37:57 +00:00
markm
4907786914
This commit was generated by cvs2svn to compensate for changes in r29088,
...
which included commits to RCS files with non-trunk default branches.
1997-09-04 06:11:16 +00:00
markm
2ea49f693f
Initial import of BSD telnet. This will be used to build the kerberised
...
telnet, and after userland diffs have been merged in, will be used to
build the non-kerberised sources as well. (See unifdef(1) for details)
1997-09-04 06:11:16 +00:00
markm
a8a89cfaf9
Initial import of KTH eBones. This has been cleaned up to only include
...
the "core" Kerberos functionality. The rest of the userland will get their
own changes later.
1997-09-04 06:04:33 +00:00