Commit Graph

46204 Commits

Author SHA1 Message Date
Peter Wemm
08c0f1c7dd Sync with internat; delete a trailing space 2000-02-25 05:35:37 +00:00
Brian Feldman
8261034302 Fix a bug that crawled in pretty recently (from the port). It made
sshd coredump :(
2000-02-25 05:22:14 +00:00
Peter Wemm
f021cab12e Fix references to crypto code to check that it exists first. Otherwise
it breaks mergemaster (and probably other things).

Submitted by:	Munehiro Matsuda <haro@tk.kubota.co.jp>
Approved by:	jkh
2000-02-25 05:16:44 +00:00
Boris Popov
ce0d1c79c3 Fix the loader to handle module dependencies properly. More fixes
will be provided after modmetadata appears in the kernel.

Reviewed by:	msmith
Approved by:	jkh
2000-02-25 05:10:44 +00:00
Peter Wemm
38ba484ce1 Fix garbage in SSH_PROGRAM (only on freefall, not internat) 2000-02-25 04:41:06 +00:00
John Polstra
7e4977c94e Fix two bugs in the fault handler for copy{in,out} and friends.
First, it was failing to reset the PCB's pcb_onfault member to NULL.
Under some really obscure circumstances this might cause a wild jump
within the kernel when a panic would otherwise occur.  Second, the
handler was loading the GP register needlessly and with an incorrect
value.

Reviewed by:	Doug Rabson <dfr>
Approved by:	Jordan Hubbard <jkh>
2000-02-25 03:26:10 +00:00
Brian Feldman
a95c122521 Make "CheckHostIP" default to off. This was proposed on -security and
earlier IRC, but despite my inital feeling against it, this seems
the more proper thing to do.

Proposed by:	rwatson
2000-02-25 03:04:29 +00:00
Brian Feldman
18a711954e The includes must be <openssl/.*\.h>, not <ssl/.*\.h>. 2000-02-25 01:53:12 +00:00
Mark Murray
b719e3c926 remove more ports crud. 2000-02-24 23:54:00 +00:00
Mark Murray
6ecb050733 remove ports junk 2000-02-24 23:46:38 +00:00
Mark Murray
1742a2be81 We have some new libraries; give them names. 2000-02-24 23:18:08 +00:00
Mark Murray
5e41278213 Use libcrypto instead of libdes. 2000-02-24 23:15:42 +00:00
Mark Murray
93e3e5e9e3 Run sshd at boot time if the sysadmin wants it. Also install
ssh[d] config files in the right place.
2000-02-24 23:12:04 +00:00
Mark Murray
0d854656e9 Add userland tweakables for OpenSSH and OpenSSL. 2000-02-24 23:08:19 +00:00
Mark Murray
84a9e747fa We have a new world order in libraries.
Goodbye libdes; Welcome libcrypto.
2000-02-24 23:03:16 +00:00
Mark Murray
51a4536595 Remove port components not needed in 4.n+
Submitted by:	Half the freaking planet....
2000-02-24 22:39:24 +00:00
Mark Murray
d3e3752170 Use libcrypto instead of libdes.
Also - OpenSSH blesses us with a module for PAM.
2000-02-24 22:24:37 +00:00
Mark Murray
96ccf174ec Use libcrypto inst=ead if libdes. 2000-02-24 21:21:15 +00:00
Mark Murray
f0ad5f0b62 Use libcrypto instead of libdes. 2000-02-24 21:18:08 +00:00
Mark Murray
fc4b5dfa38 Use libcrypto instead of libdes. Upgrade for Heimdal-0.2p 2000-02-24 21:15:14 +00:00
Mark Murray
512182f3ff Use libcrypto instead of libdes. 2000-02-24 21:10:28 +00:00
Mark Murray
0ed9356caf Use libcrypto in place of libdes. 2000-02-24 21:06:22 +00:00
Mark Murray
f499a39621 Use libcrypto instead of libdes. 2000-02-24 21:01:54 +00:00
Mark Murray
fea326b4d1 Use libcrypto in place of libdes. 2000-02-24 20:57:04 +00:00
Matthew Dillon
f8fa53397f Fix a 'freeing free block' panic in UFS. The problem occurs when the
filesystem fills up.  If the first indirect block exists and FFS is able
    to allocate deeper indirect blocks, but is not able to allocate the
    data block, FFS improperly unwinds the indirect blocks and leaves a
    block pointer hanging to a freed block.  This will cause a panic later
    when the file is removed.  The solution is to properly account for the
    first block-pointer-to-an-indirect-block we had to create in a balloc
    operation and then unwind it if a failure occurs.

Detective work by: Ian Dowse <iedowse@maths.tcd.ie>
Reviewed by: mckusick, Ian Dowse <iedowse@maths.tcd.ie>
Approved by: jkh
2000-02-24 20:43:20 +00:00
Wilko Bulte
46b37d4e26 Add some info on DP264. People familiar with this beast: please review
for correctness
2000-02-24 20:35:46 +00:00
Mark Murray
c7aee9a208 Use libcrypto instead of libdes. 2000-02-24 20:21:16 +00:00
Mark Murray
bfb672b22a RIP libdes. All hail libcrypto! 2000-02-24 19:35:08 +00:00
Mark Murray
bf4f84d44c Get crypto from libcrypto, not libdes. 2000-02-24 19:28:31 +00:00
Yoshinobu Inoue
0b97e97cd2 Add length check to sbcreatecontrol().
Now this check is necessary because IPv6 source routing might use
  control data bigger than MLEN. (e.g. 16bytes IPv6 addr x 23 hops)
  Actually mbuf cluster should be used in uipc_socket.c:sbcreatecontrol()
  and uipc_syscalls.c:sockargs() when data size is bigger then MLEN,
  and such patches were already in KAME environment and have been
  confirmed to work well. I just forgot to merge them into 4.0, sorry.

  For safety, I'll postpone such patches until after 4.0 release.
  The effect of postponement is followings.
    -Ping6 source routing hops are limitted to around 6 or so.
    -If some apps do setsockopt IPV6_RTHDR and try to receive
     incoming IPv6 source routing info, it can't receive more
     than 6 hops source routing info.
     (But currently, no apps seems to be doing it.)

Approved by: jkh
2000-02-24 19:21:26 +00:00
Mark Murray
b87f0bc988 libdes is OBE 2000-02-24 19:08:24 +00:00
Yoshinobu Inoue
53c9088f68 Security fixes. (Just same as sbin/ping and usr.sbin/traceroute)
-Open socket() at first and then setuid() to actual user.
  -Allow ping6 preload option only for root.

Approved by: jkh

Submitted by: Neil Blakey-Milner <nbm@mithrandr.moria.org>
2000-02-24 19:06:05 +00:00
Yoshinobu Inoue
88a845c11d Correctly print out "Connected to" hostname.
Temporal buffer was used for the hostname and freed before actually used.

Specified by: ru
Approved by: jkh
2000-02-24 19:01:38 +00:00
Mark Murray
c9f2d5f483 Build everything properly. This means:
o Don't b uild libdes.

o Crypto is now housed in libcrypto (with a compatability symlink to
  libdes)

o RSA may depend on RSAREF at your locale.

o OpenSSH is now a part of the base system.
2000-02-24 18:59:34 +00:00
Yoshinobu Inoue
93f80500f6 -Remove IPv6 initialization failed interfaces from the list of
interfaces passed to rtadvd
-Comment out example sentences more completely
-Redirect error message of ifconfig output into /dev/null, to correctly
 find out working IPv6 interfaces

Approved by: jkh
2000-02-24 18:52:58 +00:00
Yoshinobu Inoue
93eff08412 Print ifname when sendmsg failed.
Approved by: jkh
2000-02-24 18:46:51 +00:00
Mark Murray
c23e256eef Add the OpenSSH userland-building Makefiles. 2000-02-24 17:00:55 +00:00
Luigi Rizzo
843c5d4993 Record and pack together all ipfw changes.
Approved-by: jordan
2000-02-24 16:20:37 +00:00
Mark Murray
42f71286cd Add the patches fom ports (QV: ports/security/openssh/patches/patch-*) 2000-02-24 15:29:42 +00:00
Mark Murray
8e3e42fe07 This commit was generated by cvs2svn to compensate for changes in r57429,
which included commits to RCS files with non-trunk default branches.
2000-02-24 14:29:47 +00:00
Mark Murray
511b41d2a1 Vendor import of OpenSSH. 2000-02-24 14:29:47 +00:00
Mark Murray
8ceb13ade4 Merge conflicts. 2000-02-24 13:37:41 +00:00
Mark Murray
c97e282188 Oops; forgot to add this. 2000-02-24 13:20:48 +00:00
Mark Murray
b98bf15079 Get this to the same level of functionality as old libdes. 2000-02-24 13:20:15 +00:00
Mark Murray
957428c77a This commit was generated by cvs2svn to compensate for changes in r57422,
which included commits to RCS files with non-trunk default branches.
2000-02-24 11:28:20 +00:00
Mark Murray
d61f1c7965 Vendor import of Heimdal 0.2p 2000-02-24 11:28:20 +00:00
Mark Murray
b50c40f67b This commit was generated by cvs2svn to compensate for changes in r57419,
which included commits to RCS files with non-trunk default branches.
2000-02-24 11:19:29 +00:00
Mark Murray
283d988c23 Vendor import of Heimdal 0.2o 2000-02-24 11:19:29 +00:00
Mark Murray
270628b77a This commit was generated by cvs2svn to compensate for changes in r57416,
which included commits to RCS files with non-trunk default branches.
2000-02-24 11:07:16 +00:00
Mark Murray
13e3f4d6d9 Vendor import of Heimdal 0.2n 2000-02-24 11:07:16 +00:00