freebsd-skq

Author	SHA1	Message	Date
assar	2fe34f87ef	merge fix from vendor for not looking at environment variables	2000-12-10 20:59:35 +00:00
assar	1419c7c47a	This commit was generated by cvs2svn to compensate for changes in r69830, which included commits to RCS files with non-trunk default branches.	2000-12-10 20:59:35 +00:00
assar	b022d1d27e	(scrub_env): change to only accept a listed set of variables, including only non-filename contents for TERMCAP	2000-12-10 20:50:20 +00:00
cvs2svn	5bcde1229c	This commit was manufactured by cvs2svn to create branch 'VENDOR-crypto-openssh'.	2000-12-05 02:55:13 +00:00
green	ab6b35a1d6	Update to OpenSSH 2.3.0 with FreeBSD modifications. OpenSSH 2.3.0 new features description elided in favor of checking out their website. Important new FreeBSD-version stuff: PAM support has been worked in, partially from the "Unix" OpenSSH version, and a lot due to the work of Eivind Eklend, too. This requires at least the following in pam.conf: sshd auth sufficient pam_skey.so sshd auth required pam_unix.so try_first_pass sshd session required pam_permit.so Parts by: Eivind Eklend <eivind@FreeBSD.org>	2000-12-05 02:55:12 +00:00
green	6202ac1614	Forgot to remove the old line in the last commit.	2000-12-05 02:41:01 +00:00
green	2aecee364f	Import of OpenSSH 2.3.0 (virgin OpenBSD source release).	2000-12-05 02:20:19 +00:00
green	1c5144a169	This commit was generated by cvs2svn to compensate for changes in r69587, which included commits to RCS files with non-trunk default branches.	2000-12-05 02:20:19 +00:00
brian	17a750ff36	Remove duplicate line Not responded to by: kris, then green	2000-12-04 22:57:53 +00:00
asmodai	56b0ddae6c	Add more environment variables to be filtered through scrub_env(). Synched from normal telnet.	2000-11-30 13:14:54 +00:00
asmodai	5c47bfad32	String paranoia fix. Synched from normal telnet.	2000-11-30 13:10:01 +00:00
asmodai	617a96fd6d	String paranoia. Merged from regular telnet.	2000-11-30 10:55:25 +00:00
kris	35eec2074d	Correct definition of MAXHOSTNAMELEN in ifdef'ed code. Submitted by: Edwin Groothuis <mavetju@chello.nl> PR: bin/22787	2000-11-26 21:37:51 +00:00
green	163406c6e5	In env_destroy(), it is a bad idea to env_swap(self, 0) to switch back to the original environ unconditionally. The setting of the variable to save the previous environ is conditional; it happens when ENV.e_committed is set. Therefore, don't try to swap the env back unless the previous env has been initialized. PR: bin/22670 Submitted by: Takanori Saneto <sanewo@ba2.so-net.ne.jp>	2000-11-25 02:00:35 +00:00
billf	de5ab7abc1	Correct an arguement to ssh_add_identity, this matches what is currently in ports/security/openssh/files/pam_ssh.c PR: 22164 Submitted by: Takanori Saneto <sanewo@ba2.so-net.ne.jp> Reviewed by: green Approved by: green	2000-11-25 01:55:42 +00:00
ru	71e2293ad4	mdoc(7) police: use the new features of the Nm macro.	2000-11-20 20:10:44 +00:00
kris	1a1517afe4	Fix a buffer overflow from a long local hostname. Obtained from: OpenBSD	2000-11-19 10:08:26 +00:00
green	0bc5843790	Add login_cap and login_access support. Previously, these FreeBSD-local checks were only made when using the 1.x protocol.	2000-11-14 04:35:03 +00:00
green	100d82038d	Import a security fix: the client would allow a server to use its ssh-agent or X11 forwarding even if it was disabled. This is the vendor fix provided, not an actual revision of clientloop.c. Submitted by: Markus Friedl <markus@OpenBSD.org> via kris	2000-11-14 03:51:53 +00:00
green	fb253173ae	This commit was generated by cvs2svn to compensate for changes in r68700, which included commits to RCS files with non-trunk default branches.	2000-11-14 03:51:53 +00:00
kris	4b15a516e7	Update list of files to remove prior to import	2000-11-13 07:46:20 +00:00
kris	76c54c9ba3	Resolve conflicts, and garbage collect some local changes that are no longer required	2000-11-13 02:20:29 +00:00
kris	539b977eff	Initial import of OpenSSL 0.9.6	2000-11-13 01:03:58 +00:00
kris	f648020584	This commit was generated by cvs2svn to compensate for changes in r68651, which included commits to RCS files with non-trunk default branches.	2000-11-13 01:03:58 +00:00
ru	a6f5d950d8	Avoid use of direct troff requests in mdoc(7) manual pages.	2000-11-10 17:46:15 +00:00
dougb	353f00f96c	Add a CVS Id tag	2000-10-29 10:00:58 +00:00
kris	d2f83e4ec4	Sync with usr.bin/telnet/telnet.c r1.9 - fix buffer overflow in DISPLAY	2000-10-29 00:10:14 +00:00
green	3c8715d5d7	Fix a few style oddities.	2000-09-10 18:04:12 +00:00
green	bb24bb397b	Fix a goof in timevaldiff.	2000-09-10 18:03:46 +00:00
kris	c5a4794750	Remove files no longer present in OpenSSH 2.2.0 and beyond	2000-09-10 10:26:07 +00:00
kris	24372e6c10	Resolve conflicts and update for OpenSSH 2.2.0 Reviewed by: gshapiro, peter, green	2000-09-10 09:35:38 +00:00
kris	0ca2bdc2f7	Initial import of OpenSSH post-2.2.0 snapshot dated 2000-09-09	2000-09-10 08:31:17 +00:00
kris	f2912c8208	This commit was generated by cvs2svn to compensate for changes in r65668, which included commits to RCS files with non-trunk default branches.	2000-09-10 08:31:17 +00:00
kris	e4a753d311	Nuke RSAREF support from orbit. It's the only way to be sure.	2000-09-10 00:09:37 +00:00
kris	2450bc1f18	ttyname was not being passed into do_login(), so we were erroneously picking up the function definition from unistd.h instead. Use s->tty instead. Submitted by: peter	2000-09-04 08:43:05 +00:00
kris	175e5fe4dd	bzero() the struct timeval for paranoia Submitted by: gshapiro	2000-09-03 07:58:35 +00:00
kris	868b20c6a8	Err, we weren't even compiling auth1.c with LOGIN_CAP at all. Guess nobody was using this feature.	2000-09-02 07:32:05 +00:00
kris	458b9e5882	Repair a broken conflict resolution in r1.2 which had the effect of nullifying the login_cap and login.access checks for whether a user/host is allowed access to the system for users other than root. But since we currently don't have a similar check in the ssh2 code path anyway, it's um, "okay". Submitted by: gshapiro	2000-09-02 05:40:50 +00:00
kris	8b99f6e1dc	Repair my dyslexia: s/opt/otp/ in the OPIE challenge. D'oh! Submitted by: gshapiro	2000-09-02 04:41:33 +00:00
kris	6eee534256	Re-add missing "break" which was lost during a previous patch integration. This currently has no effect. Submitted by: gshapiro	2000-09-02 04:37:51 +00:00
kris	42ae81df48	Turn on X11Forwarding by default on the server. Any risk is to the client, where it is already disabled by default. Reminded by: peter	2000-09-02 03:49:22 +00:00
kris	3ae9606341	Increase the default value of LoginGraceTime from 60 seconds to 120 seconds. PR: 20488 Submitted by: rwatson	2000-08-23 09:47:25 +00:00
kris	aba57a02e8	Respect X11BASE to derive the location of xauth(1) PR: 17818 Submitted by: Bjoern Fischer <bfischer@Techfak.Uni-Bielefeld.DE>	2000-08-23 09:39:20 +00:00
kris	e5f617598c	Fix setproctitle() and syslog() vulnerabilities.	2000-08-13 05:23:23 +00:00
kris	c433a0e2f8	This commit was generated by cvs2svn to compensate for changes in r64593, which included commits to RCS files with non-trunk default branches.	2000-08-13 05:23:23 +00:00
kris	e5795f1541	Fix benign bugs due to missing format string in err() and warn(). Approved by: assar (vendor :-)	2000-08-13 04:46:54 +00:00
kris	cab37673f6	This commit was generated by cvs2svn to compensate for changes in r64583, which included commits to RCS files with non-trunk default branches.	2000-08-13 04:46:54 +00:00
kris	f7413271b5	Fix setproctitle() vulnerability in non-compiled code.	2000-08-13 04:35:43 +00:00
asmodai	5209950187	Chalk up another phkmalloc victim. It seems as if uninitialised memory was the culprit. We may want to contribute this back to the OpenSSH project. Submitted by: Alexander Leidinger <Alexander@Leidinger.net> on -current.	2000-08-01 08:07:15 +00:00
alex	0a765c451d	Crypto sources are no longer export controlled: Explain, why crypto sources are still in crypto/. Reviewed by: markm	2000-07-31 12:24:13 +00:00

1 2 3 4 5 ...

334 Commits