d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
71,656 Commits 4 Branches 49 Tags
Commit Graph

162 Commits

Author SHA1 Message Date
des
2423fff46f Unbreak for KRB4 ^ KRB5 case. 
Sponsored by:	DARPA, NAI Labs
 2002-03-19 16:44:11 +00:00
des
0ddd6e4b65 Revive this file (which is used for opie rather than skey) 2002-03-18 10:31:33 +00:00
des
6534271ec8 Fix conflicts. 2002-03-18 10:09:43 +00:00
des
ec85a15f0e This commit was generated by cvs2svn to compensate for changes in r92555, 
which included commits to RCS files with non-trunk default branches.
 2002-03-18 09:55:03 +00:00
des
2fc4a48897 Vendor import of OpenSSH 3.1 2002-03-18 09:55:03 +00:00
des
160859d708 Diff reduction. 
Sponsored by:	DARPA, NAI Labs
 2002-03-16 08:03:48 +00:00
nectar
f2ed33b521 Update version string. 2002-03-07 14:36:28 +00:00
nectar
6ee5449e7c Fix off-by-one error. 
Obtained from:	OpenBSD
 2002-03-05 14:27:19 +00:00
green
445306ca92 Use login_getpwclass() instead of login_getclass() so that default 
mapping of user login classes works.

Obtained from:	TrustedBSD project
Sponsored by:	DARPA, NAI Labs
 2002-02-27 22:36:30 +00:00
ru
5307ecb83c Make libssh.so useable (undefined reference to IPv4or6). 
Reviewed by:	des, markm
Approved by:	markm
 2002-01-23 15:06:47 +00:00
green
fe27adc46b Fix a coredump bug occurring if ssh-keygen attempts to change the password 
on a DSA key.

Submitted by:	ian j hart <ianjhart@ntlworld.com>
 2002-01-07 15:55:20 +00:00
nectar
d69c342a45 Update version string since we applied a fix for the UseLogin issue. 2001-12-03 22:47:51 +00:00
nectar
b0b55f7f5f Do not pass user-defined environmental variables to /usr/bin/login. 
Obtained from:	OpenBSD
Approved by:	green
 2001-12-03 00:51:47 +00:00
dwmalone
9a6b4717f3 In the "UseLogin yes" case we need env to be NULL to make sure it 
will be correctly initialised.

PR:		32065
Tested by:	The Anarcat <anarcat@anarcat.dyndns.org>
MFC after:	3 days
 2001-11-19 19:40:14 +00:00
green
e990e27894 Modify a "You don't exist" message, pretty rude for transient YP failures. 2001-09-27 18:54:42 +00:00
assar
6d29950919 fix renamed options in some of the code that was #ifdef AFS 
also print an error if krb5 ticket passing is disabled

Submitted by:	Jonathan Chen <jon@spock.org>
 2001-09-04 13:27:04 +00:00
ps
e7bdb473a8 Backout last change. I didnt follow the thread and made a mistake 
with this.  localisations is a valid spelling.  Oops
 2001-08-27 10:37:50 +00:00
ps
4e55facbeb Correctly spell localizations 2001-08-27 10:20:02 +00:00
green
9f287caebc Update the OpenSSH minor-version string. 
Requested by:	obrien
Reviewed by:	rwatson
 2001-08-16 19:26:19 +00:00
nectar
0e7f0df834 Bug fix: When the client connects to a server and Kerberos 
authentication is  enabled, the  client effectively ignores  any error
from krb5_rd_rep due to a missing branch.

In  theory  this could  result  in  an  ssh  client using  Kerberos  5
authentication accepting  a spoofed  AP-REP.  I doubt  this is  a real
possiblity, however, because  the AP-REP is passed from  the server to
the client via the SSH  encrypted channel.  Any tampering should cause
the decryption or MAC to fail.

Approved by:	green
MFC after:	1 week
 2001-07-13 18:12:13 +00:00
green
961721080a Fix an incorrect conflict resolution which prevented TISAuthentication 
from working right in 2.9.
 2001-07-07 14:19:53 +00:00
green
93a6a41112 Also add a colon to "Bad passphrase, please try again ". 2001-06-29 16:43:13 +00:00
green
5d06029221 Put in a missing colon in the "Enter passphrase" message. 2001-06-29 16:34:14 +00:00
green
fe0162ddb3 Back out the last change which is probably actually a red herring. Argh! 2001-06-26 15:15:22 +00:00
green
c3258d9fdd Don't pointlessly kill a channel because the first (forced) 
non-blocking read returns 0.

Now I can finally tunnel CVSUP again...
 2001-06-26 14:17:35 +00:00
assar
116337ea17 (do_authloop): handle !KRB4 && KRB5 2001-06-16 07:44:17 +00:00
markm
5fa9d6f739 Unbreak OpenSSH for the KRB5-and-no-KRB4 case. Asking for KRB5 does 
not imply that you want, need or have kerberosIV headers.
 2001-06-15 08:12:31 +00:00
green
fdb0c1688a Enable Kerberos 5 support in sshd again. 2001-06-12 03:43:47 +00:00
green
45d207659b Switch to the user's uid before attempting to unlink the auth forwarding 
file, nullifying the effects of a race.

Obtained from:	OpenBSD
 2001-06-08 22:22:09 +00:00
obrien
a26134411c Fix $FreeBSD$ style committer messed up in rev 1.7 for some reason. 2001-05-24 07:22:08 +00:00
obrien
bac609c202 Restore the RSA host key to /etc/ssh/ssh_host_key. 
Also fix $FreeBSD$ spamage in crypto/openssh/sshd_config rev. 1.16.
 2001-05-18 18:10:02 +00:00
green
a407780211 If a host would exceed 16 characters in the utmp entry, record only 
it's IP address/base host instead.

Submitted by:	brian
 2001-05-15 01:50:40 +00:00
ru
3add9296c0 mdoc(7) police: finished fixing conflicts in revision 1.18. 2001-05-14 18:13:34 +00:00
markm
cdb0cb9ccd Fix make world in the kerberosIV case. 2001-05-11 09:36:17 +00:00
alfred
bd16bfd06f Fix some of the handling in the pam module, don't unregister things 
that were never registered.  At the same time handle a failure from
pam_setcreds with a bit more paranioa than the previous fix.

Sync a bit with the "Portable OpenSSH" work to make comparisons a easier.
 2001-05-09 03:40:37 +00:00
green
9c961719a9 Since PAM is broken, let pam_setcred() failure be non-fatal. 2001-05-08 22:30:18 +00:00
green
3f59c74031 sshd_config should still be keeping ssh host keys in /etc/ssh, not /etc. 2001-05-05 13:48:13 +00:00
green
094816f4b2 Finish committing _more_ somehow-uncommitted OpenSSH 2.9 updates. 
(Missing Delta Brigade, tally-ho!)
 2001-05-05 01:12:45 +00:00
green
729aac1a81 Get ssh(1) compiling with MAKE_KERBEROS5. 2001-05-04 04:37:49 +00:00
green
d1f65ecd2b Remove obsoleted files. 2001-05-04 04:15:22 +00:00
green
119a11eb6b Fix conflicts for OpenSSH 2.9. 2001-05-04 04:14:23 +00:00
green
8acd87ac47 Say "hi" to the latest in the OpenSSH series, version 2.9! 
Happy birthday to:	rwatson
 2001-05-04 03:57:05 +00:00
green
08fd06354d This commit was generated by cvs2svn to compensate for changes in r76259, 
which included commits to RCS files with non-trunk default branches.
 2001-05-04 03:57:05 +00:00
green
461d7e1472 Add a "VersionAddendum" configuration setting for sshd which allows 
anyone to easily change the part of the OpenSSH version after the main
version number.  The FreeBSD-specific version banner could be disabled
that way, for example:

# Call ourselves plain OpenSSH
VersionAddendum
 2001-05-03 00:29:28 +00:00
green
6d6d6e45ee Backout completely canonical lookup modifications. 2001-05-03 00:26:47 +00:00
green
b9a62213ae Suggested by kris, OpenSSH shall have a version designated to note that 
it's not "plain" OpenSSH 2.3.0.
 2001-03-20 02:11:25 +00:00
green
e1c06db961 Make password attacks based on traffic analysis harder by requiring that 
"non-echoed" characters are still echoed back in a null packet, as well
as pad passwords sent to not give hints to the length otherwise.

Obtained from:	OpenBSD
 2001-03-20 02:06:40 +00:00
asmodai
355885cfa7 Fix double mention of ssh. 
This file is already off the vendorbranch, nonetheless it needs to be
submitted back to the OpenSSH people.

PR:		25743
Submitted by:	David Wolfskill <dhw@whistle.com>
 2001-03-15 09:24:40 +00:00
green
8b51db0ce8 Don't dump core when an attempt is made to login using protocol 2 with 
an invalid user name.
 2001-03-15 03:15:18 +00:00
assar
95047bd0c5 (try_krb5_authentication): simplify code. from joda@netbsd.org 2001-03-13 04:42:38 +00:00