d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
58,655 Commits 72 Branches 135 Tags 3.2 GiB
90b367d2b8
Commit Graph

277 Commits

Author SHA1 Message Date
green
6f515d8d34 Suggested by kris, OpenSSH shall have a version designated to note that 
it's not "plain" OpenSSH 2.3.0.
 2001-03-20 02:11:25 +00:00
green
fdce75a19b Make password attacks based on traffic analysis harder by requiring that 
"non-echoed" characters are still echoed back in a null packet, as well
as pad passwords sent to not give hints to the length otherwise.

Obtained from:	OpenBSD
 2001-03-20 02:06:40 +00:00
nsayer
dd03c3e952 Fix core noted in -stable with 'auth disable SRA'. 
I just mistakenly commited this to RELENG_4. I have contacted Jordan to see
about how to fix this. Pass the pointy hat.
 2001-03-18 09:44:25 +00:00
asmodai
38e7299ef6 Fix double mention of ssh. 
This file is already off the vendorbranch, nonetheless it needs to be
submitted back to the OpenSSH people.

PR:		25743
Submitted by:	David Wolfskill <dhw@whistle.com>
 2001-03-15 09:24:40 +00:00
green
38cdb2ac8b Don't dump core when an attempt is made to login using protocol 2 with 
an invalid user name.
 2001-03-15 03:15:18 +00:00
assar
e3bda85946 (try_krb5_authentication): simplify code. from joda@netbsd.org 2001-03-13 04:42:38 +00:00
assar
a308e4a2b4 Fix LP64 problem in Kerberos 5 TGT passing. 
Obtained from: NetBSD (done by thorpej@netbsd.org)
 2001-03-12 08:14:22 +00:00
assar
797c533a5a enable auto-negotiation of encrypt and decrypt 2001-03-12 03:54:48 +00:00
assar
e2c7ce93ff initialize pointers to NULL and sized to 0 to avoid free:ing invalid memory. 
PR:		bin/20779
 2001-03-12 03:48:03 +00:00
green
93f32c5caf Reenable the SIGPIPE signal handler default in all cases for spawned 
sessions.
 2001-03-11 02:26:57 +00:00
markm
7630080b0a Remove stuff that is really "ports material", generated files and 
stuff for other OS's. Also remove stuff (libraries) that are
already present in FreeBSD and must not get mixed up in our
code.
 2001-03-04 07:26:45 +00:00
markm
2dc08feacd Trim down the source tree a bit. We shouldn't have blatantly 
uncompilable bits in here (like X stuff), nor should we have
too much "ports material".
 2001-03-04 07:06:39 +00:00
assar
ed5525fcec Add code for being compatible with ssh.com's krb5 authentication. 
It is done by using the same ssh messages for v4 and v5 authentication
(since the ssh.com does not now anything about v4) and looking at the
contents after unpacking it to see if it is v4 or v5.
Based on code from Björn Grönvall <bg@sics.se>

PR:		misc/20504
 2001-03-04 02:22:04 +00:00
kris
6bf88336f3 Resolve conflicts 2001-02-18 03:23:30 +00:00
kris
dcb1266f53 This commit was generated by cvs2svn to compensate for changes in r72613, 
which included commits to RCS files with non-trunk default branches.
 2001-02-18 03:17:36 +00:00
kris
6447e500e7 Import of OpenSSL 0.9.6-STABLE snapshot dated 2001-02-10 2001-02-18 03:17:36 +00:00
ps
007b98e98a Make ConnectionsPerPeriod non-fatal for real. 2001-02-18 01:33:31 +00:00
markm
7d476598a6 Fix a "make world"-breaking inconsistency for those folks making 
a world with both KRB4 and KRB5.
 2001-02-14 19:54:36 +00:00
assar
25fba1c2af nuke conflict markers 2001-02-13 22:40:28 +00:00
assar
f1302e84ce update to new heimdal libkrb5 2001-02-13 16:58:04 +00:00
assar
6794f0dfb2 fix conflicts in heimdal 0.3e import 2001-02-13 16:52:56 +00:00
assar
c114d0ad93 This commit was generated by cvs2svn to compensate for changes in r72445, 
which included commits to RCS files with non-trunk default branches.
 2001-02-13 16:46:19 +00:00
assar
ebfe6dc471 import of heimdal 0.3e 2001-02-13 16:46:19 +00:00
kris
d44d42def3 Patches backported from later development version of OpenSSH which prevent 
(instead of just mitigating through connection limits) the Bleichenbacher
attack which can lead to guessing of the server key (not host key) by
regenerating it when an RSA failure is detected.

Reviewed by:	rwatson
 2001-02-12 06:44:51 +00:00
kris
a16767cc23 Note that crypto/ is not used to build in, people should see secure/ 
instead.
 2001-02-10 04:47:47 +00:00
asmodai
42be6ba036 Synch: Add $FreeBSD$. 2001-02-07 21:58:16 +00:00
asmodai
9bb829b9c2 Fix typo: compatability -> compatibility. 
Compatability is not an existing english word.
 2001-02-06 12:05:58 +00:00
asmodai
db24d83a1c Fix typo: seperate -> separate. 
Seperate does not exist in the english language.

Submitted to look at by:	kris
 2001-02-06 10:39:38 +00:00
asmodai
bd4658fe52 Fix typo: wierd -> weird. 
There is no such thing as wierd in the english language.
 2001-02-06 09:32:26 +00:00
green
0d037651fe Correctly fill in the sun_len for a sockaddr_sun. 
Submitted by:	Alexander Leidinger <Alexander@leidinger.net>
 2001-02-04 20:23:17 +00:00
green
db1cf40a27 MFS: Don't use the canonical hostname here, too. 2001-02-04 20:16:14 +00:00
green
5a0414c3f3 MFF: Make ConnectionsPerPeriod usage a warning, not fatal. 2001-02-04 20:15:53 +00:00
ru
9099bb40b9 mdoc(7) police: split punctuation characters + misc fixes. 2001-02-01 17:12:45 +00:00
green
c41e3c8f9e Actually propagate back to the rest of the application that a command 
was specified when using -t mode with the SSH client.

Submitted by:	Dima Dorfman <dima@unixfreak.org>
 2001-01-21 05:45:27 +00:00
green
8548d87c25 /Really/ deprecate ConnectionsPerPeriod, ripping out the code for it 
and giving a dire error to its lingering users.
 2001-01-13 07:57:43 +00:00
ru
225d61e4bb Prepare for mdoc(7)NG. 2001-01-10 16:51:28 +00:00
green
c15c7589b4 Fix a long-standing bug that resulted in a dropped session sometimes 
when an X11-forwarded client was closed.  For some reason, sshd didn't
disable the SIGPIPE exit handler and died a horrible death (well, okay,
a silent death really).  Set SIGPIPE's handler to SIG_IGN.
 2001-01-06 21:15:07 +00:00
assar
e09ea83e84 fix conflicts from merge 2000-12-29 21:16:01 +00:00
assar
78fdaa215a This commit was generated by cvs2svn to compensate for changes in r70494, 
which included commits to RCS files with non-trunk default branches.
 2000-12-29 21:00:22 +00:00
assar
2aa51584a1 import krb4-1.0.5 2000-12-29 21:00:22 +00:00
assar
7e5f2377be merge fix from vendor for not overwriting old ticket file 2000-12-10 21:01:33 +00:00
assar
60206056a8 This commit was generated by cvs2svn to compensate for changes in r69836, 
which included commits to RCS files with non-trunk default branches.
 2000-12-10 21:01:33 +00:00
assar
32ce969d51 merge fix from vendor for removing buffer overrun 2000-12-10 21:00:35 +00:00
assar
eef73539a5 This commit was generated by cvs2svn to compensate for changes in r69833, 
which included commits to RCS files with non-trunk default branches.
 2000-12-10 21:00:35 +00:00
assar
2fe34f87ef merge fix from vendor for not looking at environment variables 2000-12-10 20:59:35 +00:00
assar
b06a14aecd This commit was generated by cvs2svn to compensate for changes in r69830, 
which included commits to RCS files with non-trunk default branches.
 2000-12-10 20:59:35 +00:00
assar
36a2de7dc2 (scrub_env): change to only accept a listed set of variables, 
including only non-filename contents for TERMCAP
 2000-12-10 20:50:20 +00:00
green
77f12310de Update to OpenSSH 2.3.0 with FreeBSD modifications. OpenSSH 2.3.0 
new features description elided in favor of checking out their
website.

Important new FreeBSD-version stuff: PAM support has been worked
in, partially from the "Unix" OpenSSH version, and a lot due to the
work of Eivind Eklend, too.

This requires at least the following in pam.conf:

sshd    auth    sufficient      pam_skey.so
sshd    auth    required        pam_unix.so                     try_first_pass
sshd    session required        pam_permit.so

Parts by:	Eivind Eklend <eivind@FreeBSD.org>
 2000-12-05 02:55:12 +00:00
green
705c28942c Forgot to remove the old line in the last commit. 2000-12-05 02:41:01 +00:00
green
8b63a886a4 This commit was generated by cvs2svn to compensate for changes in r69587, 
which included commits to RCS files with non-trunk default branches.
 2000-12-05 02:20:19 +00:00