d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
56,827 Commits 72 Branches 135 Tags 3.2 GiB
d44d42def3
Commit Graph

254 Commits

Author SHA1 Message Date
kris
d44d42def3 Patches backported from later development version of OpenSSH which prevent 
(instead of just mitigating through connection limits) the Bleichenbacher
attack which can lead to guessing of the server key (not host key) by
regenerating it when an RSA failure is detected.

Reviewed by:	rwatson
 2001-02-12 06:44:51 +00:00
kris
a16767cc23 Note that crypto/ is not used to build in, people should see secure/ 
instead.
 2001-02-10 04:47:47 +00:00
asmodai
42be6ba036 Synch: Add $FreeBSD$. 2001-02-07 21:58:16 +00:00
asmodai
9bb829b9c2 Fix typo: compatability -> compatibility. 
Compatability is not an existing english word.
 2001-02-06 12:05:58 +00:00
asmodai
db24d83a1c Fix typo: seperate -> separate. 
Seperate does not exist in the english language.

Submitted to look at by:	kris
 2001-02-06 10:39:38 +00:00
asmodai
bd4658fe52 Fix typo: wierd -> weird. 
There is no such thing as wierd in the english language.
 2001-02-06 09:32:26 +00:00
green
0d037651fe Correctly fill in the sun_len for a sockaddr_sun. 
Submitted by:	Alexander Leidinger <Alexander@leidinger.net>
 2001-02-04 20:23:17 +00:00
green
db1cf40a27 MFS: Don't use the canonical hostname here, too. 2001-02-04 20:16:14 +00:00
green
5a0414c3f3 MFF: Make ConnectionsPerPeriod usage a warning, not fatal. 2001-02-04 20:15:53 +00:00
ru
9099bb40b9 mdoc(7) police: split punctuation characters + misc fixes. 2001-02-01 17:12:45 +00:00
green
c41e3c8f9e Actually propagate back to the rest of the application that a command 
was specified when using -t mode with the SSH client.

Submitted by:	Dima Dorfman <dima@unixfreak.org>
 2001-01-21 05:45:27 +00:00
green
8548d87c25 /Really/ deprecate ConnectionsPerPeriod, ripping out the code for it 
and giving a dire error to its lingering users.
 2001-01-13 07:57:43 +00:00
ru
225d61e4bb Prepare for mdoc(7)NG. 2001-01-10 16:51:28 +00:00
green
c15c7589b4 Fix a long-standing bug that resulted in a dropped session sometimes 
when an X11-forwarded client was closed.  For some reason, sshd didn't
disable the SIGPIPE exit handler and died a horrible death (well, okay,
a silent death really).  Set SIGPIPE's handler to SIG_IGN.
 2001-01-06 21:15:07 +00:00
assar
e09ea83e84 fix conflicts from merge 2000-12-29 21:16:01 +00:00
assar
78fdaa215a This commit was generated by cvs2svn to compensate for changes in r70494, 
which included commits to RCS files with non-trunk default branches.
 2000-12-29 21:00:22 +00:00
assar
2aa51584a1 import krb4-1.0.5 2000-12-29 21:00:22 +00:00
assar
7e5f2377be merge fix from vendor for not overwriting old ticket file 2000-12-10 21:01:33 +00:00
assar
60206056a8 This commit was generated by cvs2svn to compensate for changes in r69836, 
which included commits to RCS files with non-trunk default branches.
 2000-12-10 21:01:33 +00:00
assar
32ce969d51 merge fix from vendor for removing buffer overrun 2000-12-10 21:00:35 +00:00
assar
eef73539a5 This commit was generated by cvs2svn to compensate for changes in r69833, 
which included commits to RCS files with non-trunk default branches.
 2000-12-10 21:00:35 +00:00
assar
2fe34f87ef merge fix from vendor for not looking at environment variables 2000-12-10 20:59:35 +00:00
assar
b06a14aecd This commit was generated by cvs2svn to compensate for changes in r69830, 
which included commits to RCS files with non-trunk default branches.
 2000-12-10 20:59:35 +00:00
assar
36a2de7dc2 (scrub_env): change to only accept a listed set of variables, 
including only non-filename contents for TERMCAP
 2000-12-10 20:50:20 +00:00
green
77f12310de Update to OpenSSH 2.3.0 with FreeBSD modifications. OpenSSH 2.3.0 
new features description elided in favor of checking out their
website.

Important new FreeBSD-version stuff: PAM support has been worked
in, partially from the "Unix" OpenSSH version, and a lot due to the
work of Eivind Eklend, too.

This requires at least the following in pam.conf:

sshd    auth    sufficient      pam_skey.so
sshd    auth    required        pam_unix.so                     try_first_pass
sshd    session required        pam_permit.so

Parts by:	Eivind Eklend <eivind@FreeBSD.org>
 2000-12-05 02:55:12 +00:00
green
705c28942c Forgot to remove the old line in the last commit. 2000-12-05 02:41:01 +00:00
green
8b63a886a4 This commit was generated by cvs2svn to compensate for changes in r69587, 
which included commits to RCS files with non-trunk default branches.
 2000-12-05 02:20:19 +00:00
green
2aecee364f Import of OpenSSH 2.3.0 (virgin OpenBSD source release). 2000-12-05 02:20:19 +00:00
brian
d71631cdd5 Remove duplicate line 
Not responded to by: kris, then green
 2000-12-04 22:57:53 +00:00
asmodai
f9ee1b3035 Add more environment variables to be filtered through scrub_env(). 
Synched from normal telnet.
 2000-11-30 13:14:54 +00:00
asmodai
17ac8dd5ff String paranoia fix. Synched from normal telnet. 2000-11-30 13:10:01 +00:00
asmodai
d8be929ac8 String paranoia. Merged from regular telnet. 2000-11-30 10:55:25 +00:00
kris
9ed2dafdd6 Correct definition of MAXHOSTNAMELEN in ifdef'ed code. 
Submitted by:	Edwin Groothuis <mavetju@chello.nl>
PR:		bin/22787
 2000-11-26 21:37:51 +00:00
green
31543fcdcc In env_destroy(), it is a bad idea to env_swap(self, 0) to switch 
back to the original environ unconditionally.  The setting of the
variable to save the previous environ is conditional; it happens when
ENV.e_committed is set.  Therefore, don't try to swap the env back
unless the previous env has been initialized.

PR:		bin/22670
Submitted by:	Takanori Saneto <sanewo@ba2.so-net.ne.jp>
 2000-11-25 02:00:35 +00:00
billf
f9709d079b Correct an arguement to ssh_add_identity, this matches what is currently 
in ports/security/openssh/files/pam_ssh.c

PR:		22164
Submitted by:	Takanori Saneto <sanewo@ba2.so-net.ne.jp>
Reviewed by:	green
Approved by:	green
 2000-11-25 01:55:42 +00:00
ru
c3189e713e mdoc(7) police: use the new features of the Nm macro. 2000-11-20 20:10:44 +00:00
kris
5b3403165c Fix a buffer overflow from a long local hostname. 
Obtained from:	OpenBSD
 2000-11-19 10:08:26 +00:00
green
b95cf8b09c Add login_cap and login_access support. Previously, these FreeBSD-local 
checks were only made when using the 1.x protocol.
 2000-11-14 04:35:03 +00:00
green
100d82038d Import a security fix: the client would allow a server to use its 
ssh-agent or X11 forwarding even if it was disabled.

This is the vendor fix provided, not an actual revision of clientloop.c.

Submitted by:	Markus Friedl <markus@OpenBSD.org> via kris
 2000-11-14 03:51:53 +00:00
green
0ca278a6c8 This commit was generated by cvs2svn to compensate for changes in r68700, 
which included commits to RCS files with non-trunk default branches.
 2000-11-14 03:51:53 +00:00
kris
6a70ee8741 Update list of files to remove prior to import 2000-11-13 07:46:20 +00:00
kris
9fe6127c90 Resolve conflicts, and garbage collect some local changes that are no 
longer required
 2000-11-13 02:20:29 +00:00
kris
a20ace197e This commit was generated by cvs2svn to compensate for changes in r68651, 
which included commits to RCS files with non-trunk default branches.
 2000-11-13 01:03:58 +00:00
kris
c2775125a7 Initial import of OpenSSL 0.9.6 2000-11-13 01:03:58 +00:00
ru
f9c7198049 Avoid use of direct troff requests in mdoc(7) manual pages. 2000-11-10 17:46:15 +00:00
dougb
98b45016b2 Add a CVS Id tag 2000-10-29 10:00:58 +00:00
kris
3fa82411eb Sync with usr.bin/telnet/telnet.c r1.9 - fix buffer overflow in DISPLAY 2000-10-29 00:10:14 +00:00
green
15f43d12d9 Fix a few style oddities. 2000-09-10 18:04:12 +00:00
green
9b66eed210 Fix a goof in timevaldiff. 2000-09-10 18:03:46 +00:00
kris
2a84d96bfa Remove files no longer present in OpenSSH 2.2.0 and beyond 2000-09-10 10:26:07 +00:00