kris
868b20c6a8
Err, we weren't even compiling auth1.c with LOGIN_CAP at all. Guess nobody
...
was using this feature.
2000-09-02 07:32:05 +00:00
kris
458b9e5882
Repair a broken conflict resolution in r1.2 which had the effect of nullifying
...
the login_cap and login.access checks for whether a user/host is allowed
access to the system for users other than root. But since we currently don't
have a similar check in the ssh2 code path anyway, it's um, "okay".
Submitted by: gshapiro
2000-09-02 05:40:50 +00:00
kris
8b99f6e1dc
Repair my dyslexia: s/opt/otp/ in the OPIE challenge. D'oh!
...
Submitted by: gshapiro
2000-09-02 04:41:33 +00:00
kris
6eee534256
Re-add missing "break" which was lost during a previous patch
...
integration. This currently has no effect.
Submitted by: gshapiro
2000-09-02 04:37:51 +00:00
kris
42ae81df48
Turn on X11Forwarding by default on the server. Any risk is to the client,
...
where it is already disabled by default.
Reminded by: peter
2000-09-02 03:49:22 +00:00
kris
3ae9606341
Increase the default value of LoginGraceTime from 60 seconds to 120
...
seconds.
PR: 20488
Submitted by: rwatson
2000-08-23 09:47:25 +00:00
kris
aba57a02e8
Respect X11BASE to derive the location of xauth(1)
...
PR: 17818
Submitted by: Bjoern Fischer <bfischer@Techfak.Uni-Bielefeld.DE>
2000-08-23 09:39:20 +00:00
kris
c433a0e2f8
This commit was generated by cvs2svn to compensate for changes in r64593,
...
which included commits to RCS files with non-trunk default branches.
2000-08-13 05:23:23 +00:00
kris
e5f617598c
Fix setproctitle() and syslog() vulnerabilities.
2000-08-13 05:23:23 +00:00
kris
cab37673f6
This commit was generated by cvs2svn to compensate for changes in r64583,
...
which included commits to RCS files with non-trunk default branches.
2000-08-13 04:46:54 +00:00
kris
e5795f1541
Fix benign bugs due to missing format string in err() and warn().
...
Approved by: assar (vendor :-)
2000-08-13 04:46:54 +00:00
kris
f7413271b5
Fix setproctitle() vulnerability in non-compiled code.
2000-08-13 04:35:43 +00:00
asmodai
5209950187
Chalk up another phkmalloc victim.
...
It seems as if uninitialised memory was the culprit.
We may want to contribute this back to the OpenSSH project.
Submitted by: Alexander Leidinger <Alexander@Leidinger.net> on -current.
2000-08-01 08:07:15 +00:00
alex
0a765c451d
Crypto sources are no longer export controlled:
...
Explain, why crypto sources are still in crypto/.
Reviewed by: markm
2000-07-31 12:24:13 +00:00
asmodai
0a6c762555
Fix a weird typo, is -> are.
...
The OpenSSH maintainer probably want to contribute this back to the
real OpenSSH guys.
Submitted by: Jon Perkin <sketchy@netcraft.com>
2000-07-27 19:21:15 +00:00
marko
1dcee686be
Fixed a minor typo in the header.
...
Pointed out by: asmodai
2000-07-27 17:21:07 +00:00
marko
674af77794
Committed, Thanks!!
...
PR: 20108
Submitted by: Doug Lee
2000-07-25 16:49:48 +00:00
ume
0abc0cfcd6
Fix buffer size of ALIGNed buffer.
...
PR: bin/20053
Submitted by: Alex Kapranoff <alex@kapran.bitmcnit.bryansk.su>
2000-07-20 14:54:04 +00:00
assar
f816d255fa
merge in syslog fixes, do not call syslog with variabel as format string
2000-07-20 05:43:55 +00:00
peter
e2062d0bd5
Add missing $FreeBSD$ to files that are NOT still on vendor a branch.
2000-07-16 05:48:49 +00:00
nsayer
f0ebc4fdd1
Fix 'telnet -X sra' coredump
...
PR# 19835
2000-07-11 15:04:05 +00:00
peter
d9df5f65de
Sync sshd_config with sshd and manapage internal defaults (Checkmail = yes)
2000-07-11 09:54:24 +00:00
peter
5f6efaa063
Sync LoginGraceTime with sshd_config = 60 seconds by default, not 600.
2000-07-11 09:52:14 +00:00
peter
772dd17b51
Fix out-of-sync defaults. PermitRootLogin is supposed to be 'no' but
...
sshd's internal default was 'yes'. (if some cracker managed to trash
/etc/ssh/sshd_config, then root logins could be reactivated)
Approved by: kris
2000-07-11 09:50:15 +00:00
peter
adeace1395
Make FallBackToRsh off by default. Falling back to rsh by default is
...
silly in this day and age.
Approved by: kris
2000-07-11 09:39:34 +00:00
kris
a5aaf7609c
Don't call printf with no format string.
2000-07-10 05:16:59 +00:00
ume
4eacfb7489
Make telnet -s work. It is corresponding to EAI_NONAME -> EAI_NODATA
...
change (getaddrinfo.c rev 1.12).
2000-07-08 05:22:00 +00:00
itojun
1fcab4244d
sync with usr.bin/telnet/commands.c 1.21 -> 1.22. pierre.dampure@alveley.org
2000-07-07 12:35:05 +00:00
green
be6e69fbed
Allow restarting on SIGHUP when the full path was not given as argv[0].
...
We do have /proc/curproc/file :)
2000-07-04 06:43:26 +00:00
green
26efc47d38
So /this/ is what has made OpenSSH's SSHv2 support never work right!
...
In some cases, limits did not get set to the proper class, but
instead always to "default", because not all passwd copies were
done to completion.
2000-06-27 21:16:06 +00:00
green
71e9ee0209
Also make sure to close the socket that exceeds your rate limit.
2000-06-26 23:39:26 +00:00
green
9bccae4f2e
Make rate limiting work per-listening-socket. Log better messages than
...
before for this, requiring a new function (get_ipaddr()). canohost.c
receives a $FreeBSD$ line.
Suggested by: Niels Provos <niels@OpenBSD.org>
2000-06-26 05:44:23 +00:00
markm
2fe0472e39
MFI. This is a documentation-only, diffreducing patch, that if
...
invoked will cause breakage. US Users - DO NOT try to turn on
IDEA - the sources are not included.
2000-06-24 06:50:58 +00:00
markm
58b7870cc7
Grrr. I hate CVS. These were supposed to be committed when I did the
...
IDEA fix earlier today.
Bring back IDEA from the dead (but not compiled by default).
2000-06-19 21:09:27 +00:00
markm
940ce492dc
Re-add IDEA. This is not actually built unless asked for by the user.
...
(To avoid patent hassles).
2000-06-19 13:59:34 +00:00
kris
4f57b24cfd
Fix syntax error in previous commit.
...
Submitted by: Udo Schweigert <ust@cert.siemens.de>
2000-06-11 21:41:25 +00:00
kris
ad6da2a572
Fix security botch in "UseLogin Yes" case: commands are executed with
...
uid 0.
Obtained from: OpenBSD
2000-06-10 22:32:57 +00:00
ru
caf976b39e
Make `ssh-agent -k' work for csh(1)-like shells.
2000-06-10 14:14:28 +00:00
green
ba3f3c2ac7
Allow "DenyUsers" to function.
2000-06-06 06:16:55 +00:00
kris
a55fcaa060
Resolve conflicts
2000-06-03 09:58:15 +00:00
kris
0a76acd42d
This commit was generated by cvs2svn to compensate for changes in r61209,
...
which included commits to RCS files with non-trunk default branches.
2000-06-03 09:52:37 +00:00
kris
3639dd9ace
Initial import of OpenSSH snapshot from 2000/05/30
...
Obtained from: OpenBSD
2000-06-03 09:52:37 +00:00
kris
1e51208074
Resolve conflicts
2000-06-03 09:23:13 +00:00
kris
585dc667de
Import from vendor repository.
...
Obtained from: OpenBSD
2000-06-03 09:20:19 +00:00
kris
780d02839a
This commit was generated by cvs2svn to compensate for changes in r61206,
...
which included commits to RCS files with non-trunk default branches.
2000-06-03 09:20:19 +00:00
kris
66c0eb5d8c
Bring vendor patches onto the main branch, and resolve conflicts.
2000-06-03 07:31:44 +00:00
kris
e503398156
Import vendor patches: the first is written by
...
Brian Feldman <green@FreeBSD.org>
* Remove the gratuitous dependency on OpenSSL 0.9.5a (preparation for MFC)
* Disable agent forwarding by default in the client (security risk)
Submitted by: green
Obtained from: OpenBSD
2000-06-03 07:18:09 +00:00
kris
88a84bd92e
This commit was generated by cvs2svn to compensate for changes in r61201,
...
which included commits to RCS files with non-trunk default branches.
2000-06-03 07:18:09 +00:00
kris
10badcd8c7
Import vendor patch originally submitted by the below author: don't
...
treat failure to create the authentication agent directory in /tmp as
a fatal error, but disable agent forwarding.
Submitted by: Jan Koum <jkb@yahoo-inc.com>
2000-06-03 07:06:14 +00:00
kris
89aaaa3ccb
This commit was generated by cvs2svn to compensate for changes in r61199,
...
which included commits to RCS files with non-trunk default branches.
2000-06-03 07:06:14 +00:00