d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
59,850 Commits 4 Branches 49 Tags 2 GiB
02a47b1303
Commit Graph

62 Commits

Author SHA1 Message Date
nsayer
02a47b1303 Make sure the protocol actively rejects bad data rather than 
(potentially) not responding to an invalid SRA 'auth is' message.
 2001-05-16 20:24:58 +00:00
nsayer
280add2b35 srandomdev() affords us the opportunity to radically improve, and at the 
same time simplify, the random number selection code.
 2001-05-16 18:32:46 +00:00
nsayer
ca01fb27dc Catch any attempted buffer overflows. The magic numbers in this code 
(512) are a little distressing, but the method really needs to be
extended to allow server-supplied DH parameters anyway.

Submitted by:	kris
 2001-05-16 18:27:09 +00:00
nsayer
ce94eedfd7 Catch malloc return failures. This should help avoid dereferencing NULL on 
low-memory situations.

Submitted by:	kris
 2001-05-16 18:17:55 +00:00
peter
6125cb47e3 Hack to work around braindeath in libtelnet:sra.c. The sra.o file 
references global variables from telnetd, but is also linked into
telnet as well. I was tempted to back out the last sra.c change
as it is 100% bogus and should be taken out and shot, but for now
this bandaid should get world working again. :-(
 2001-05-15 09:52:03 +00:00
nsayer
2bdf180df8 If the uid of the attempted authentication is 0 and if the pty is 
insecure, do not succeed. Copied from login.c. This functionality really
should be a PAM module.
 2001-05-15 04:47:14 +00:00
nsayer
b47830be3e Pointy hat fix -- reapply the SRA PAM patch. To -current this time. 2001-05-07 20:42:02 +00:00
ru
8e59fdc98e mdoc(7) police: removed hard sentence breaks introduced in rev.1.10. 2001-04-13 08:49:52 +00:00
nsayer
311a1c9e61 Clean up telnet's argument processing a bit. autologin and encryption is 
now the default, so ignore the arguments that turn it on. Add a new -y
argument to turn off encryption in case someone wants to do that. Sync
these changes with the man page (including removing the now obsolete
statement about availability only in the US and Canada).
 2001-04-06 15:56:10 +00:00
nsayer
66051d03dc Reactivate SRA. 
Make handling of SIGINT and SIGQUIT follow SIGTSTP in TerminalNewMode().
This allows people to break out of SRA authentication if they wish to.
 2001-04-05 14:09:15 +00:00
nsayer
392858ffd3 Fix core noted in -stable with 'auth disable SRA'. 
I just mistakenly commited this to RELENG_4. I have contacted Jordan to see
about how to fix this. Pass the pointy hat.
 2001-03-18 09:44:25 +00:00
assar
c63261057a enable auto-negotiation of encrypt and decrypt 2001-03-12 03:54:48 +00:00
asmodai
bf7345c3e8 Synch: Add $FreeBSD$. 2001-02-07 21:58:16 +00:00
asmodai
7d76aced28 Fix typo: compatability -> compatibility. 
Compatability is not an existing english word.
 2001-02-06 12:05:58 +00:00
asmodai
47a2266000 Fix typo: seperate -> separate. 
Seperate does not exist in the english language.

Submitted to look at by:	kris
 2001-02-06 10:39:38 +00:00
asmodai
43450ced68 Fix typo: wierd -> weird. 
There is no such thing as wierd in the english language.
 2001-02-06 09:32:26 +00:00
ru
8c9e49b445 mdoc(7) police: split punctuation characters + misc fixes. 2001-02-01 17:12:45 +00:00
ru
a45dd3f68d Prepare for mdoc(7)NG. 2001-01-10 16:51:28 +00:00
assar
b022d1d27e (scrub_env): change to only accept a listed set of variables, 
including only non-filename contents for TERMCAP
 2000-12-10 20:50:20 +00:00
asmodai
56b0ddae6c Add more environment variables to be filtered through scrub_env(). 
Synched from normal telnet.
 2000-11-30 13:14:54 +00:00
asmodai
5c47bfad32 String paranoia fix. Synched from normal telnet. 2000-11-30 13:10:01 +00:00
asmodai
617a96fd6d String paranoia. Merged from regular telnet. 2000-11-30 10:55:25 +00:00
kris
35eec2074d Correct definition of MAXHOSTNAMELEN in ifdef'ed code. 
Submitted by:	Edwin Groothuis <mavetju@chello.nl>
PR:		bin/22787
 2000-11-26 21:37:51 +00:00
ru
71e2293ad4 mdoc(7) police: use the new features of the Nm macro. 2000-11-20 20:10:44 +00:00
kris
1a1517afe4 Fix a buffer overflow from a long local hostname. 
Obtained from:	OpenBSD
 2000-11-19 10:08:26 +00:00
ru
a6f5d950d8 Avoid use of direct troff requests in mdoc(7) manual pages. 2000-11-10 17:46:15 +00:00
kris
d2f83e4ec4 Sync with usr.bin/telnet/telnet.c r1.9 - fix buffer overflow in DISPLAY 2000-10-29 00:10:14 +00:00
ume
0abc0cfcd6 Fix buffer size of ALIGNed buffer. 
PR:		bin/20053
Submitted by:	Alex Kapranoff <alex@kapran.bitmcnit.bryansk.su>
 2000-07-20 14:54:04 +00:00
peter
e2062d0bd5 Add missing $FreeBSD$ to files that are NOT still on vendor a branch. 2000-07-16 05:48:49 +00:00
nsayer
f0ebc4fdd1 Fix 'telnet -X sra' coredump 
PR# 19835
 2000-07-11 15:04:05 +00:00
kris
a5aaf7609c Don't call printf with no format string. 2000-07-10 05:16:59 +00:00
ume
4eacfb7489 Make telnet -s work. It is corresponding to EAI_NONAME -> EAI_NODATA 
change (getaddrinfo.c rev 1.12).
 2000-07-08 05:22:00 +00:00
itojun
1fcab4244d sync with usr.bin/telnet/commands.c 1.21 -> 1.22. pierre.dampure@alveley.org 2000-07-07 12:35:05 +00:00
shin
b284df6e2f CMSG_XXX macros alignment fixes to follow RFC2292. 
Approved by: jkh
 2000-03-03 12:50:46 +00:00
markm
2cbf93e2b4 Get crypto from libcrypto, not libdes. 2000-02-24 19:28:31 +00:00
markm
fd6da7cf96 Freefall/Internat diff reducer. 2000-02-24 10:37:29 +00:00
shin
981d4a6e4b Use static buffer to save source route hostnames. 
Approved by: jkh
 2000-02-19 16:33:14 +00:00
shin
e1b335a34c Print "Trying ..." for each host. Also cleanups for error printing. 
Approved by: jkh

Submitted by: Ben Smithurst <ben@scientia.demon.co.uk>
 2000-02-19 16:17:41 +00:00
shin
77f276d5ac Fix bugs in telnet. 
Sorry there were still several bugs.
   -error retry at af missmatch was incomplete.
   -af matching for source addr option was wrong
   -socket was not freed at retry.

Approved by: jkh
 2000-02-15 15:59:12 +00:00
shin
bca215974d Add more dual stack consideration. 
-Should retry as much as possible when some of source
     routing intermediate hosts' address families missmatch
     happened.
     (such as when a host has only A record, and another host
     has each of A and AAAA record.)

    -Should retry as much as possible when dest addr and
     source addr(specified with -s option) address family
     missmatch happend

Approved by: jkh
 2000-02-10 20:06:36 +00:00
shin
67ff6efc68 Fix telnet core dump at invalid service name specified. 
Added an error check to avoid it.

Approved by: jkh

Submitted by: Robert Muir <rmuir@gibralter.net>
 2000-02-07 00:52:49 +00:00
shin
3859c2231c Add NI_NAMEREQD flag to getnameinfo() call. Without this flag, 
getnameinfo() don't return error at name resolving failure.
But it is used at doaddrlookup(-N) case in telnet, error need to be
returned to correctly initialize hostname buffer.

Discovered at checking recent KAME repository change, noticed by itojun.
 2000-01-29 18:21:05 +00:00
shin
ce15efb7c0 another tcp apps IPv6 updates.(should be make world safe) 
ftp, telnet, ftpd, faithd
  also telnet related sync with crypto, secure, kerberosIV

Obtained from: KAME project
 2000-01-27 09:28:38 +00:00
markm
05435ef431 Termcap header no longer needed. 1999-09-01 18:57:38 +00:00
peter
efabb9ccb1 $Id$ -> $FreeBSD$ 1999-08-28 01:35:59 +00:00
nsayer
6cf65828c9 According to Mark Murray, Makefiles do not belong here. I guess we're 
going to have to figure something else out.
 1999-08-16 18:59:05 +00:00
nsayer
189690bcce Add SRA authentication to src/crypto/telnet. 
SRA does a Diffie-Hellmen exchange and then DES-encrypts the
authentication data. If the authentication is successful, it also
sets up a session key for DES encryption.

SRA was originally developed at Texas A&M University.

This code is probably export restricted (despite the fact that I
originally found it at a University in Germany).

SRA is not perfect. It is vulnerable to monkey-in-the-middle attacks
and does not use tremendously large DH constants (and thus an individual
exchange probably could be factored in a few days on modern CPU
horsepower). It does not, however, require any changes in user or
administrative behavior and foils session hijacking and sniffing.
The goal of this commit is that telnet and telnetd end up in the DES
distribution and that therefore an encrypted session telnet becomes
standard issue for FreeBSD.
 1999-08-16 11:24:29 +00:00
nsayer
8528b2a710 Fix int function without return (make consistent with neighbors) 1999-08-16 02:15:29 +00:00
nik
668aec5d3d Document the "skey" command in telnet(1). 
PR:             docs/12360
Submitted by:   kjm@rins.ryukoku.ac.jp (KOJIMA Hajime)
Nagged by:      markm :-)
 1999-07-30 21:24:03 +00:00
ru
c7b22dab8b Merge from non-crypto version: 
- "-N" option
- "-E" security fix
- "-s src_addr" option

Requested by:	markm
 1999-06-17 09:24:37 +00:00