Kris Kennaway
87e372b8a2
Import from vendor repository.
...
Obtained from: OpenBSD
2000-06-03 09:20:19 +00:00
Kris Kennaway
48fb0b1aa9
This commit was generated by cvs2svn to compensate for changes in r61206,
...
which included commits to RCS files with non-trunk default branches.
2000-06-03 09:20:19 +00:00
Kris Kennaway
db1cb46ca2
Bring vendor patches onto the main branch, and resolve conflicts.
2000-06-03 07:31:44 +00:00
Kris Kennaway
1ae2db81a5
Import vendor patches: the first is written by
...
Brian Feldman <green@FreeBSD.org>
* Remove the gratuitous dependency on OpenSSL 0.9.5a (preparation for MFC)
* Disable agent forwarding by default in the client (security risk)
Submitted by: green
Obtained from: OpenBSD
2000-06-03 07:18:09 +00:00
Kris Kennaway
7567fde002
This commit was generated by cvs2svn to compensate for changes in r61201,
...
which included commits to RCS files with non-trunk default branches.
2000-06-03 07:18:09 +00:00
Kris Kennaway
fcee55a281
Import vendor patch originally submitted by the below author: don't
...
treat failure to create the authentication agent directory in /tmp as
a fatal error, but disable agent forwarding.
Submitted by: Jan Koum <jkb@yahoo-inc.com>
2000-06-03 07:06:14 +00:00
Kris Kennaway
6298712178
This commit was generated by cvs2svn to compensate for changes in r61199,
...
which included commits to RCS files with non-trunk default branches.
2000-06-03 07:06:14 +00:00
Kris Kennaway
830ccf58ce
Import vendor fix: "fix key_read() for uuencoded keys w/o '='"
...
This bug caused OpenSSH not to recognise some of the DSA keys it
generated.
Submitted by: Christian Weisgerber <naddy@mips.inka.de>
Obtained from: OpenBSD
2000-06-03 06:51:30 +00:00
Kris Kennaway
4f00f8562d
Update to the version of pam_ssh corresponding to OpenSSH 2.1 (taken
...
from the openssh port)
Submitted by: Hajimu UMEMOTO <ume@mahoroba.org>
2000-05-30 09:03:15 +00:00
Jake Burkholder
e39756439c
Back out the previous change to the queue(3) interface.
...
It was not discussed and should probably not happen.
Requested by: msmith and others
2000-05-26 02:09:24 +00:00
Jake Burkholder
740a1973a6
Change the way that the queue(3) structures are declared; don't assume that
...
the type argument to *_HEAD and *_ENTRY is a struct.
Suggested by: phk
Reviewed by: phk
Approved by: mdodd
2000-05-23 20:41:01 +00:00
Andrey A. Chernov
a4bc7676d4
Turn on CheckMail to be more login-compatible by default
2000-05-23 06:06:54 +00:00
Brian Somers
73813569e4
Don't USE_PIPES
...
Spammed by: peter
Submitted by: mkn@uk.FreeBSD.org
2000-05-22 09:51:18 +00:00
Kris Kennaway
ba0c6b0830
Correct two stupid typos in the DSA key location.
...
Submitted by: Udo Schweigert <ust@cert.siemens.de>
2000-05-18 06:04:23 +00:00
Kris Kennaway
b787acb5e3
Unbreak Kerberos5 compilation. This still remains untested.
...
Noticed by: obrien
2000-05-17 08:06:20 +00:00
Kris Kennaway
e551e5eafa
Oops, rename S/Key to Opie in line with FreeBSD usage.
2000-05-15 06:11:30 +00:00
Kris Kennaway
0c11f6e187
Create a DSA host key if one does not already exist, and teach sshd_config
...
about it.
2000-05-15 05:40:27 +00:00
Kris Kennaway
e8aafc91b5
Resolve conflicts and update for FreeBSD.
2000-05-15 05:24:25 +00:00
Kris Kennaway
a04a10f891
Initial import of OpenSSH v2.1.
2000-05-15 04:37:24 +00:00
Kris Kennaway
fe01acb846
This commit was generated by cvs2svn to compensate for changes in r60573,
...
which included commits to RCS files with non-trunk default branches.
2000-05-15 04:37:24 +00:00
Nik Clayton
699cc2f5e1
Note that X11 Forwarding is off by default.
...
PR: docs/17566
Submitted by: Keith Stevenson <ktstev01@louisville.edu>
2000-04-30 22:41:58 +00:00
Mark Murray
79eb2b5421
MFF: catch up with FreeFall
2000-04-19 21:20:54 +00:00
Kris Kennaway
9a823cff39
If stderr is closed, report the error message about missing libraries
...
via syslog instead.
Reviewed by: jkh
2000-04-18 06:25:24 +00:00
Mark Murray
3c6b6b90c7
Internat diff reducer.
2000-04-16 17:49:31 +00:00
Mark Murray
07c567b8ec
Virgin import of OpenSSL v0.9.5a
2000-04-16 16:03:07 +00:00
Mark Murray
ef781a073e
This commit was generated by cvs2svn to compensate for changes in r59281,
...
which included commits to RCS files with non-trunk default branches.
2000-04-16 16:03:07 +00:00
Kris Kennaway
7e7159cbdc
Resolve conflicts.
2000-04-13 07:15:03 +00:00
Kris Kennaway
f579bf8ec7
Initial import of OpenSSL 0.9.5a
2000-04-13 06:33:22 +00:00
Kris Kennaway
193faf8655
This commit was generated by cvs2svn to compensate for changes in r59191,
...
which included commits to RCS files with non-trunk default branches.
2000-04-13 06:33:22 +00:00
Kris Kennaway
2d773b269e
Correct a typo and interchanged library names
...
Submitted by: Ben Rosengart <ben@narcissus.net>
Matthew D. Fuller <fullermd@futuresouth.com>
2000-04-05 04:09:51 +00:00
Kris Kennaway
e31adaffd9
Fix a memory leak.
...
PR: 17360
Submitted by: Andrew J. Korty <ajk@iu.edu>
2000-03-29 08:24:37 +00:00
Kris Kennaway
18fa3c2ec9
#include <ssl/foo.h> -> #include <openssl/foo.h>
2000-03-26 10:00:28 +00:00
Kris Kennaway
3c6ae11886
Resolve conflicts.
2000-03-26 07:37:48 +00:00
Kris Kennaway
a8f6863aa6
Virgin import of OpenSSH sources dated 2000/03/25
2000-03-26 07:07:24 +00:00
Kris Kennaway
cc99d7f2df
This commit was generated by cvs2svn to compensate for changes in r58582,
...
which included commits to RCS files with non-trunk default branches.
2000-03-26 07:07:24 +00:00
Kris Kennaway
6aae670844
Don't refer to the openssl handbook chapter by name - the doc guys keep
...
jamming new chapters in front of it :)
2000-03-25 07:28:18 +00:00
Brian Somers
727214e9b8
Use pipe() instead of socketpair() in sshd when communicating
...
with the client.
This allows ppp/ssh style tunnels to function again.
Ok'd by: markk
Submitted by: markk@knigma.org
2000-03-24 15:39:37 +00:00
Mike Pritchard
5c51cd6437
Fix a few spelling errors.
2000-03-24 02:26:54 +00:00
Sheldon Hearn
962a3f4e81
IgnoreUserKnownHosts is a boolean flag, not an integer value.
...
The fix submitted in the attributed PR is identical to the one
adopted by OpenBSD.
PR: 17027
Submitted by: David Malone <dwmalone@maths.tcd.ie>
Obtained from: OpenBSD
2000-03-22 09:36:35 +00:00
Kris Kennaway
9fd4066575
Add a new function stub to libcrypto() which resolves to a symbol in
...
the librsa* library and reports which version of the library (OpenSSL/RSAREF)
is being used.
This is then used in openssh to detect the failure case of RSAREF and a RSA key
>1024 bits, to print a more helpful error message than 'rsa_public_encrypt() fai
led.'
This is a 4.0-RELEASE candidate.
2000-03-13 09:55:53 +00:00
Kris Kennaway
6a8633db4e
Various manpage style/grammar/formatting cleanups
...
Submitted by: Peter Jeremy <peter.jeremy@alcatel.com.au>, jedgar
PR: 17292 (remainder of)
2000-03-13 00:17:43 +00:00
Nik Clayton
8ff0a8c302
- typos
...
- Add double spaces following full stops to improve typeset output
- mdoc-ification. (Though I'm uncertain whether option values and
contents should be .Dq or something else).
- Fix a missed /etc/ssh change
- Expand wording on RandomSeed and behaviour when X11 isn't forwarded.
- Change examples to literal mode.
- Trim trailing whitespace
PR: docs/17292
Submitted by: Peter Jeremy <peter.jeremy@alcatel.com.au>
2000-03-10 11:48:49 +00:00
Mark Murray
c59bf09996
Make LOGIN_CAP work properly.
2000-03-09 14:52:31 +00:00
Kris Kennaway
2134165c54
/etc -> /etc/ssh
...
Submitted by: Ben Smithurst <ben@scientia.demon.co.uk>
2000-03-08 03:44:00 +00:00
John Hay
2216ad9c7e
MFI: Use krb5 functions in krb5 files.
...
Reviewed by: markm
2000-03-03 20:31:58 +00:00
Yoshinobu Inoue
137d85e410
Replace structure copy form ifreq obtained by SIOCGIFADDR
...
to memcpy(), to avoid unaligned access trap on alpha.
Approved by: jkh
2000-03-03 13:05:00 +00:00
Yoshinobu Inoue
46ad1c2366
CMSG_XXX macros alignment fixes to follow RFC2292.
...
Approved by: jkh
2000-03-03 12:50:46 +00:00
Brian Feldman
5dc73ebebe
Turn off X11 forwarding in the client. X11 forwarding in the server by
...
default should probably also get turned on, now.
Requested by: kris
Obtained from: OpenBSD
2000-03-03 05:58:39 +00:00
Kris Kennaway
1d32417468
Update the wording on the error message when libcrypto.so can't find an
...
RSA library.
Reviewed by: peter, jkh
2000-03-02 06:21:02 +00:00
Hajimu UMEMOTO
e51ec40ec8
Enable connection logging. FreeBSD's libwrap is IPv6 ready.
...
OpenSSH is in our source tree, now. It's a time to enable it.
Reviewed by: markm, shin
Approved by: jkh
2000-02-29 19:37:04 +00:00
Mark Murray
fe5fd0173b
1) Add kerberos5 functionality.
...
by Daniel Kouril <kouril@informatics.muni.cz>
2) Add full LOGIN_CAP capability
by Andrey Chernov
2000-02-28 19:03:50 +00:00
Brian Somers
ccd16b43ed
Don't put truncated hostnames in utmp
...
Approved by: jkh
2000-02-28 18:51:30 +00:00
Peter Wemm
6f35016f23
Sync with internat.freebsd.org; weak symbols vs static libs == trouble
2000-02-26 16:57:17 +00:00
Peter Wemm
7d8acc815a
Merge from internat.freebsd.org; move VERBOSE_STUBS to a better spot.
2000-02-26 14:20:18 +00:00
Peter Wemm
4198e0cb8b
Merge from internat.freebsd.org repo, minus change to rsa_eay.c (missing)
...
Reorganize and unify libcrypto's interface so that the RSA implementation
is chosen at runtime via dlopen().
This is a checkpoint and may require more tweaks still.
2000-02-26 13:19:18 +00:00
Peter Wemm
9fa5f5fd96
Merge from internat.freebsd.org repo, minus change to rsa_eay.c (missing)
...
Reorganize and unify libcrypto's interface so that the RSA implementation
is chosen at runtime via dlopen().
This is a checkpoint and may require more tweaks still.
2000-02-26 13:13:03 +00:00
Peter Wemm
b70ab85b2b
At great personal risk (to my already fragile sanity), reorganize
...
the rsa stubs for libcrypto. libcrypto.so now uses dlopen() to
implement the backends for either the native or rsaref implemented
RSA code.
This involves:
- unifying the libcrypto and openssl(1) source so there is no
#ifdef RSAref variations.
- using weak symbols and dlopen()/dlsym() routines to access the
rsa method vectors.
Releases will enable the user to choose International, US (rsaref) or
no RSA code at install time.
'make world' will DTRT depending on whether you have the international
or US source. For US users, you must either install rsaref (the port
or package) or (if you don't fear RSA Inc) use the (superior)
International rsa_eay.c code.
This has been discussed at great length by the affected folks and even
we have a great deal of confusion. This is a checkpoint so we can tune
the results. This works for me in all permutations I can think of and
should result in a CD/ftp 'release' just about doing the right thing now.
2000-02-26 13:06:55 +00:00
Peter Wemm
2307080405
Redo this with a repo copy from the original file and reset the
...
__PREFIX__ markers.
2000-02-26 09:59:14 +00:00
Peter Wemm
4d3289a849
oops, update path to /etc/ssh/ssh_host_key
2000-02-26 02:24:38 +00:00
Peter Wemm
9ceffc938a
Merge from internat.freebsd.org; move ssh files from /etc to /etc/ssh
2000-02-25 14:25:10 +00:00
Peter Wemm
150f7c198f
Don't use the dlopen() stubs if comiling with PIC. This still
...
needs some more thought for the static case. Should we provide weak
error-generating stubs for static binaries if -lrsaref was forgotten?
2000-02-25 08:13:50 +00:00
Brian Feldman
8261034302
Fix a bug that crawled in pretty recently (from the port). It made
...
sshd coredump :(
2000-02-25 05:22:14 +00:00
Peter Wemm
38ba484ce1
Fix garbage in SSH_PROGRAM (only on freefall, not internat)
2000-02-25 04:41:06 +00:00
Brian Feldman
a95c122521
Make "CheckHostIP" default to off. This was proposed on -security and
...
earlier IRC, but despite my inital feeling against it, this seems
the more proper thing to do.
Proposed by: rwatson
2000-02-25 03:04:29 +00:00
Brian Feldman
18a711954e
The includes must be <openssl/.*\.h>, not <ssl/.*\.h>.
2000-02-25 01:53:12 +00:00
Mark Murray
b719e3c926
remove more ports crud.
2000-02-24 23:54:00 +00:00
Mark Murray
6ecb050733
remove ports junk
2000-02-24 23:46:38 +00:00
Mark Murray
c7aee9a208
Use libcrypto instead of libdes.
2000-02-24 20:21:16 +00:00
Mark Murray
bfb672b22a
RIP libdes. All hail libcrypto!
2000-02-24 19:35:08 +00:00
Mark Murray
bf4f84d44c
Get crypto from libcrypto, not libdes.
2000-02-24 19:28:31 +00:00
Mark Murray
42f71286cd
Add the patches fom ports (QV: ports/security/openssh/patches/patch-*)
2000-02-24 15:29:42 +00:00
Mark Murray
511b41d2a1
Vendor import of OpenSSH.
2000-02-24 14:29:47 +00:00
Mark Murray
8e3e42fe07
This commit was generated by cvs2svn to compensate for changes in r57429,
...
which included commits to RCS files with non-trunk default branches.
2000-02-24 14:29:47 +00:00
Mark Murray
8ceb13ade4
Merge conflicts.
2000-02-24 13:37:41 +00:00
Mark Murray
c97e282188
Oops; forgot to add this.
2000-02-24 13:20:48 +00:00
Mark Murray
b98bf15079
Get this to the same level of functionality as old libdes.
2000-02-24 13:20:15 +00:00
Mark Murray
d61f1c7965
Vendor import of Heimdal 0.2p
2000-02-24 11:28:20 +00:00
Mark Murray
957428c77a
This commit was generated by cvs2svn to compensate for changes in r57422,
...
which included commits to RCS files with non-trunk default branches.
2000-02-24 11:28:20 +00:00
Mark Murray
283d988c23
Vendor import of Heimdal 0.2o
2000-02-24 11:19:29 +00:00
Mark Murray
b50c40f67b
This commit was generated by cvs2svn to compensate for changes in r57419,
...
which included commits to RCS files with non-trunk default branches.
2000-02-24 11:19:29 +00:00
Mark Murray
13e3f4d6d9
Vendor import of Heimdal 0.2n
2000-02-24 11:07:16 +00:00
Mark Murray
270628b77a
This commit was generated by cvs2svn to compensate for changes in r57416,
...
which included commits to RCS files with non-trunk default branches.
2000-02-24 11:07:16 +00:00
Mark Murray
9a843541e2
freefall/internat diff reducer
2000-02-24 10:38:40 +00:00
Mark Murray
228c5a5af7
Freefall/Internat diff reducer.
2000-02-24 10:37:29 +00:00
Jordan K. Hubbard
6895862c18
Add call stubs for dynamic rsaref loading. This isn't enabled for now
...
but simply lets us sync up on the solution as it's evolved.
2000-02-22 06:22:54 +00:00
Yoshinobu Inoue
81edae92ed
Use static buffer to save source route hostnames.
...
Approved by: jkh
2000-02-19 16:33:14 +00:00
Yoshinobu Inoue
a82a4df889
Print "Trying ..." for each host. Also cleanups for error printing.
...
Approved by: jkh
Submitted by: Ben Smithurst <ben@scientia.demon.co.uk>
2000-02-19 16:17:41 +00:00
Yoshinobu Inoue
1d1ade86f0
Fix bugs in telnet.
...
Sorry there were still several bugs.
-error retry at af missmatch was incomplete.
-af matching for source addr option was wrong
-socket was not freed at retry.
Approved by: jkh
2000-02-15 15:59:12 +00:00
Yoshinobu Inoue
960e15a70b
Add more dual stack consideration.
...
-Should retry as much as possible when some of source
routing intermediate hosts' address families missmatch
happened.
(such as when a host has only A record, and another host
has each of A and AAAA record.)
-Should retry as much as possible when dest addr and
source addr(specified with -s option) address family
missmatch happend
Approved by: jkh
2000-02-10 20:06:36 +00:00
Yoshinobu Inoue
f306e0c85f
Fix telnet core dump at invalid service name specified.
...
Added an error check to avoid it.
Approved by: jkh
Submitted by: Robert Muir <rmuir@gibralter.net>
2000-02-07 00:52:49 +00:00
Yoshinobu Inoue
0bd288cd6c
Add NI_NAMEREQD flag to getnameinfo() call. Without this flag,
...
getnameinfo() don't return error at name resolving failure.
But it is used at doaddrlookup(-N) case in telnet, error need to be
returned to correctly initialize hostname buffer.
Discovered at checking recent KAME repository change, noticed by itojun.
2000-01-29 18:21:05 +00:00
Yoshinobu Inoue
4dd8b5ab79
another tcp apps IPv6 updates.(should be make world safe)
...
ftp, telnet, ftpd, faithd
also telnet related sync with crypto, secure, kerberosIV
Obtained from: KAME project
2000-01-27 09:28:38 +00:00
Kris Kennaway
97b2ed56f8
Import the RSA support code. There shouldn't be any actual RSA
...
cryptography here.
2000-01-16 05:14:57 +00:00
Kris Kennaway
72b2312537
This commit was generated by cvs2svn to compensate for changes in r56083,
...
which included commits to RCS files with non-trunk default branches.
2000-01-16 05:14:57 +00:00
Kris Kennaway
d9d4eec9ea
Fix for missing symbol in -DRSAref case.
2000-01-16 04:45:18 +00:00
Kris Kennaway
ce600b6ae6
Fix breakage when NO_RSA specified.
...
Reviewed by: Ben Laurie <ben@openssl.org>
2000-01-14 05:24:08 +00:00
Kris Kennaway
62410b5785
Zap NO_IDEA
2000-01-10 06:28:04 +00:00
cvs2svn
2b11cf855f
This commit was manufactured by cvs2svn to create branch
...
'VENDOR-crypto-openssl'.
2000-01-10 06:27:13 +00:00
Kris Kennaway
196e8792a2
List of files to nuke prior to import.
2000-01-10 06:27:12 +00:00
Kris Kennaway
7466462628
Initial import of OpenSSL 0.9.4, sans IDEA and RSA code for patent
...
infringement reasons.
2000-01-10 06:22:05 +00:00
Kris Kennaway
07bb8677bb
This commit was generated by cvs2svn to compensate for changes in r55714,
...
which included commits to RCS files with non-trunk default branches.
2000-01-10 06:22:05 +00:00
Kris Kennaway
808811401e
Zap the IDEA stuff - it's patented internationally (at least in some
...
places), and we don't want people to get in trouble just for having it.
2000-01-10 05:36:35 +00:00
Mark Murray
b528cefc6b
Import KTH Heimdal, which will be the core of our Kerberos5.
...
Userland to follow.
2000-01-09 20:58:00 +00:00
Mark Murray
5f1c68f748
This commit was generated by cvs2svn to compensate for changes in r55682,
...
which included commits to RCS files with non-trunk default branches.
2000-01-09 20:58:00 +00:00
Mark Murray
660a5f4353
Fix path.
2000-01-09 13:52:56 +00:00
Mark Murray
0f2b69ce58
resolve conflicts.
2000-01-09 08:53:35 +00:00
Mark Murray
8e2795854b
Clean import of KTH Kerberos (eBones) v1.0.
2000-01-09 08:31:47 +00:00
Mark Murray
38392ffddd
This commit was generated by cvs2svn to compensate for changes in r55643,
...
which included commits to RCS files with non-trunk default branches.
2000-01-09 08:31:47 +00:00
Brian Feldman
0e17bca17c
Upgrade to the pam_ssh module, version 1.1..
...
(From the author:)
Primarily, I have added built-in functions for manipulating the
environment, so putenv() is no longer used. XDM and its variants
should now work without modification. Note that the new code uses
the macros in <sys/queue.h>.
Submitted by: Andrew J. Korty <ajk@iu.edu>
1999-12-28 05:32:54 +00:00
Kris Kennaway
f595284587
Initial import of OpenSSL v0.9.4
1999-12-25 16:37:36 +00:00
Kris Kennaway
77142bf48c
This commit was generated by cvs2svn to compensate for changes in r55099,
...
which included commits to RCS files with non-trunk default branches.
1999-12-25 16:37:36 +00:00
Brian Feldman
b71e3dafa5
Add the PAM SSH RSA key authentication module. For example, you can add,
...
"login auth sufficient pam_ssh.so" to your /etc/pam.conf, and
users with a ~/.ssh/identity can login(1) with their SSH key :)
PR: 15158
Submitted by: Andrew J. Korty <ajk@waterspout.com>
Reviewed by: obrien
1999-11-29 07:09:44 +00:00
Mark Murray
99a2afa8ae
Merge anf fix for build.
1999-09-19 21:56:09 +00:00
Mark Murray
f4c5d10e69
Clean import of KTH krb4-0.10.1.
1999-09-19 14:19:32 +00:00
Mark Murray
3766ed332b
This commit was generated by cvs2svn to compensate for changes in r51415,
...
which included commits to RCS files with non-trunk default branches.
1999-09-19 14:19:32 +00:00
Mark Murray
e0706c85f3
Big OpenSSL/KTH/FreeBSD merge, badly poisoned by $FreeBSD$'s.
1999-09-19 13:04:49 +00:00
Mark Murray
056bcb03a1
This commit was generated by cvs2svn to compensate for changes in r50894,
...
which included commits to RCS files with non-trunk default branches.
1999-09-04 12:45:43 +00:00
Mark Murray
68084c2752
Vendor import EAY's LIBSSL to fix comments, etc.
1999-09-04 12:45:43 +00:00
Mark Murray
ddf3225c81
Add macro originally provided externally.
1999-09-04 11:06:07 +00:00
Mark Murray
b711a41f78
Add includes to to silence warnings. Bit hackish.
1999-09-04 11:03:01 +00:00
Mark Murray
68212f753a
Add some includes to shut up warnings.
1999-09-04 10:46:27 +00:00
Mark Murray
21424c1a5c
Drat. Import this into the right place. Pass me the pointy hat.
1999-09-01 19:59:25 +00:00
Mark Murray
778981c288
This commit was generated by cvs2svn to compensate for changes in r50760,
...
which included commits to RCS files with non-trunk default branches.
1999-09-01 19:59:25 +00:00
Mark Murray
2d8a17c768
Termcap header no longer needed.
1999-09-01 18:57:38 +00:00
Peter Wemm
97d92980a9
$Id$ -> $FreeBSD$
1999-08-28 01:35:59 +00:00
Mark Murray
c6e775b83f
Add virtual MAINTAINER line.
1999-08-16 19:05:02 +00:00
Nick Sayer
610fe6066a
According to Mark Murray, Makefiles do not belong here. I guess we're
...
going to have to figure something else out.
1999-08-16 18:59:05 +00:00
Nick Sayer
0f8c8396c5
Add SRA authentication to src/crypto/telnet.
...
SRA does a Diffie-Hellmen exchange and then DES-encrypts the
authentication data. If the authentication is successful, it also
sets up a session key for DES encryption.
SRA was originally developed at Texas A&M University.
This code is probably export restricted (despite the fact that I
originally found it at a University in Germany).
SRA is not perfect. It is vulnerable to monkey-in-the-middle attacks
and does not use tremendously large DH constants (and thus an individual
exchange probably could be factored in a few days on modern CPU
horsepower). It does not, however, require any changes in user or
administrative behavior and foils session hijacking and sniffing.
The goal of this commit is that telnet and telnetd end up in the DES
distribution and that therefore an encrypted session telnet becomes
standard issue for FreeBSD.
1999-08-16 11:24:29 +00:00
Nick Sayer
c6a00c4589
Fix int function without return (make consistent with neighbors)
1999-08-16 02:15:29 +00:00
Nik Clayton
8c47947a95
Document the "skey" command in telnet(1).
...
PR: docs/12360
Submitted by: kjm@rins.ryukoku.ac.jp (KOJIMA Hajime)
Nagged by: markm :-)
1999-07-30 21:24:03 +00:00
Ruslan Ermilov
42cf8219dc
Merge from non-crypto version:
...
- "-N" option
- "-E" security fix
- "-s src_addr" option
Requested by: markm
1999-06-17 09:24:37 +00:00
Brian Somers
4560ea546c
MF libexec/telnetd: Determine the host name using an array size of
...
MAXHOSTNAMELEN and call trimdomain() before implementing
the -u option.
1999-04-08 21:39:34 +00:00
Brian Somers
22e99a4288
MF libexec/telnetd: MAXHOSTNAMELEN & -u fixes.
1999-04-07 10:17:24 +00:00
Brian Somers
9c5cc7136c
Use realhostname().
1999-04-06 23:35:21 +00:00
Brian Somers
3bfc6c798d
MF src/libexec/telnetd: Verify the reverse DNS lookup
...
ala rlogind.
Suggested by: markm
1999-04-06 12:41:27 +00:00
Peter Wemm
8d0a3d19f7
Old stuff laying around: Don't use getstr which can conflict with some
...
curses/termcap/terminfo implementations and causes recursion.
1998-12-16 06:06:06 +00:00
Peter Wemm
3f0340f838
Old stuff from a source tree: copy (verbatum) the code to expand the
...
%s/%m in the default /etc/gettytab.
1998-12-16 06:01:33 +00:00
Gary Palmer
f58619de89
Remove redundant decl. of time(). Causes problems on alpha
1998-09-01 15:17:28 +00:00
John Polstra
f55ccce3ca
Remove a work-around for an assembler bug that has been fixed since
...
April, 1997. The work-around causes problems under ELF.
1998-08-31 20:01:48 +00:00
Mark Murray
a783721299
Fix nasty typo that randomly caused kinit to not properly deduce the
...
user's username when this was not specified.
Reported by: Sean Eric Fagan
1998-03-29 07:27:43 +00:00
Mark Murray
22b8189d67
Make the ticket filename the same as for our old eBones. I am going to
...
kerberize xdm again, and it will be a pain to maintain two different
sets of patches (for 2.2 and 3.0).
1998-02-16 12:39:25 +00:00
Mark Murray
879e5f26e8
Bring back the old behaviour of kinit; if no username is mentioned on
...
the command line, attempt to get a ticket for the current uid (or
<uid>.root if we are already su'ed).
Requested By: Garrett Wollman
1998-02-16 12:36:49 +00:00
Warner Losh
d82dcd5eaf
MFC: sprintf paranoia
1998-01-22 00:04:57 +00:00
Philippe Charnier
81e04eaec0
MFC: no \n in syslog strings. Change -P to -p in flags. EOF -> -1. Use err(3).
1997-12-08 07:41:13 +00:00
Mark Murray
b50a9aa790
kinit(1) and its man page do not agre on what is reported with -v. Fix this.
...
Submitted by: Sheldon Hearn.
1997-11-25 21:12:37 +00:00
Frank Durda IV
bf7bcc34e1
PR: bin/771 and bin/1037 are resolved by this change
...
This change changes the default handling of linemode so that older and/or
stupider telnet clients can still get wakeup characters like <ESC> and
<CTRL>D to work correctly multiple times on the same line, as in csh
"set filec" operations. It also causes CR and LF characters to be read by
apps in certain terminal modes consistently, as opposed to returning
CR sometimes and LF sometimes, which broke existing apps. The change
was shown to fix the problem demonstrated in the FreeBSD telnet client,
along with the telnet client in Solaris, SCO, Windows '95 & NT, DEC OSF,
NCSA, and others.
A similar change was incorporated in the non-crypto version of telnetd.
This resolves bin/771 and bin/1037.
1997-10-08 03:14:34 +00:00
Wolfram Schneider
bf5cbf3551
Sort cross refereces in section SEE ALSO.
1997-09-29 19:11:55 +00:00
Mark Murray
9bfd2669e9
FreeBSD's original passwd helper is needed here.
1997-09-21 17:37:08 +00:00
Mark Murray
04c426cce3
Bring the FreeBSD changes to the virgin sources.
1997-09-07 07:02:53 +00:00
Mark Murray
f48c26f183
FreeBSD specific schanges - mainly religious issues about where to put
...
stuff.
1997-09-04 21:37:57 +00:00
Mark Murray
81cb6ddccd
Initial import of BSD telnet. This will be used to build the kerberised
...
telnet, and after userland diffs have been merged in, will be used to
build the non-kerberised sources as well. (See unifdef(1) for details)
1997-09-04 06:11:16 +00:00
Mark Murray
03656ac1b0
Initial import of KTH eBones. This has been cleaned up to only include
...
the "core" Kerberos functionality. The rest of the userland will get their
own changes later.
1997-09-04 06:04:33 +00:00
Mark Murray
4a1db16b66
This commit was generated by cvs2svn to compensate for changes in r29085,
...
which included commits to RCS files with non-trunk default branches.
1997-09-04 06:04:33 +00:00
Mark Murray
f3a5dfab63
Bring in the Starter files for the contrib-crypto dir.
...
I am not going to commit anything to this area for a few days.
This is because
1) I want everyone to be DARN sure there is no export of crypto
that may get our USA friends it trouble.
2) I have been asked by the folk developing KTH-eBones to hold off
for their new release.
Worked with: rkw, jdp
CVS:
CVS:
1997-05-03 09:16:07 +00:00