d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
49,159 Commits 4 Branches 49 Tags
Commit Graph

160 Commits

Author SHA1 Message Date
shin
1b7dce690e Replace structure copy form ifreq obtained by SIOCGIFADDR 
to memcpy(), to avoid unaligned access trap on alpha.

Approved by: jkh
 2000-03-03 13:05:00 +00:00
shin
b284df6e2f CMSG_XXX macros alignment fixes to follow RFC2292. 
Approved by: jkh
 2000-03-03 12:50:46 +00:00
green
ead1658802 Turn off X11 forwarding in the client. X11 forwarding in the server by 
default should probably also get turned on, now.

Requested by:	kris
Obtained from:	OpenBSD
 2000-03-03 05:58:39 +00:00
kris
b3d817cd57 Update the wording on the error message when libcrypto.so can't find an 
RSA library.

Reviewed by:	peter, jkh
 2000-03-02 06:21:02 +00:00
ume
1294a0b6cf Enable connection logging. FreeBSD's libwrap is IPv6 ready. 
OpenSSH is in our source tree, now.  It's a time to enable it.

Reviewed by:	markm, shin
Approved by:	jkh
 2000-02-29 19:37:04 +00:00
markm
37dce23afc 1) Add kerberos5 functionality. 
by Daniel Kouril <kouril@informatics.muni.cz>
2) Add full LOGIN_CAP capability
   by Andrey Chernov
 2000-02-28 19:03:50 +00:00
brian
499e159c08 Don't put truncated hostnames in utmp 
Approved by: jkh
 2000-02-28 18:51:30 +00:00
peter
4f3a50153f Sync with internat.freebsd.org; weak symbols vs static libs == trouble 2000-02-26 16:57:17 +00:00
peter
8d6551c752 Merge from internat.freebsd.org; move VERBOSE_STUBS to a better spot. 2000-02-26 14:20:18 +00:00
peter
95cacb19a9 Merge from internat.freebsd.org repo, minus change to rsa_eay.c (missing) 
Reorganize and unify libcrypto's interface so that the RSA implementation
is chosen at runtime via dlopen().

This is a checkpoint and may require more tweaks still.
 2000-02-26 13:19:18 +00:00
peter
58c2a78aa2 Merge from internat.freebsd.org repo, minus change to rsa_eay.c (missing) 
Reorganize and unify libcrypto's interface so that the RSA implementation
is chosen at runtime via dlopen().

This is a checkpoint and may require more tweaks still.
 2000-02-26 13:13:03 +00:00
peter
527ba28c8f At great personal risk (to my already fragile sanity), reorganize 
the rsa stubs for libcrypto.  libcrypto.so now uses dlopen() to
implement the backends for either the native or rsaref implemented
RSA code.
This involves:
- unifying the libcrypto and openssl(1) source so there is no
  #ifdef RSAref variations.
- using weak symbols and dlopen()/dlsym() routines to access the
  rsa method vectors.

Releases will enable the user to choose International, US (rsaref) or
no RSA code at install time.
'make world' will DTRT depending on whether you have the international
or US source.  For US users, you must either install rsaref (the port
or package) or (if you don't fear RSA Inc) use the (superior)
International rsa_eay.c code.

This has been discussed at great length by the affected folks and even
we have a great deal of confusion.  This is a checkpoint so we can tune
the results.  This works for me in all permutations I can think of and
should result in a CD/ftp 'release' just about doing the right thing now.
 2000-02-26 13:06:55 +00:00
peter
eb77fcb95c Redo this with a repo copy from the original file and reset the 
__PREFIX__ markers.
 2000-02-26 09:59:14 +00:00
peter
18bcb8d297 oops, update path to /etc/ssh/ssh_host_key 2000-02-26 02:24:38 +00:00
peter
7abc89037f Merge from internat.freebsd.org; move ssh files from /etc to /etc/ssh 2000-02-25 14:25:10 +00:00
peter
7caf65d2f4 Don't use the dlopen() stubs if comiling with PIC. This still 
needs some more thought for the static case.  Should we provide weak
error-generating stubs for static binaries if -lrsaref was forgotten?
 2000-02-25 08:13:50 +00:00
green
522f06fd77 Fix a bug that crawled in pretty recently (from the port). It made 
sshd coredump :(
 2000-02-25 05:22:14 +00:00
peter
8e4001f110 Fix garbage in SSH_PROGRAM (only on freefall, not internat) 2000-02-25 04:41:06 +00:00
green
83bac1a374 Make "CheckHostIP" default to off. This was proposed on -security and 
earlier IRC, but despite my inital feeling against it, this seems
the more proper thing to do.

Proposed by:	rwatson
 2000-02-25 03:04:29 +00:00
green
129e6a7558 The includes must be <openssl/.*\.h>, not <ssl/.*\.h>. 2000-02-25 01:53:12 +00:00
markm
ccef1c20fc remove more ports crud. 2000-02-24 23:54:00 +00:00
markm
190eabf199 remove ports junk 2000-02-24 23:46:38 +00:00
markm
881ec50548 Use libcrypto instead of libdes. 2000-02-24 20:21:16 +00:00
markm
443e3df9fc RIP libdes. All hail libcrypto! 2000-02-24 19:35:08 +00:00
markm
2cbf93e2b4 Get crypto from libcrypto, not libdes. 2000-02-24 19:28:31 +00:00
markm
37a38e6638 Add the patches fom ports (QV: ports/security/openssh/patches/patch-*) 2000-02-24 15:29:42 +00:00
markm
fc557ff7d9 Vendor import of OpenSSH. 2000-02-24 14:29:47 +00:00
markm
606d31b1ec This commit was generated by cvs2svn to compensate for changes in r57429, 
which included commits to RCS files with non-trunk default branches.
 2000-02-24 14:29:47 +00:00
markm
be16c6202a Merge conflicts. 2000-02-24 13:37:41 +00:00
markm
4d2ec46519 Oops; forgot to add this. 2000-02-24 13:20:48 +00:00
markm
3aaee576c1 Get this to the same level of functionality as old libdes. 2000-02-24 13:20:15 +00:00
markm
4f25fdd792 This commit was generated by cvs2svn to compensate for changes in r57422, 
which included commits to RCS files with non-trunk default branches.
 2000-02-24 11:28:20 +00:00
markm
5ed96cd5da Vendor import of Heimdal 0.2p 2000-02-24 11:28:20 +00:00
markm
1a9f61a7f9 This commit was generated by cvs2svn to compensate for changes in r57419, 
which included commits to RCS files with non-trunk default branches.
 2000-02-24 11:19:29 +00:00
markm
69414e22b9 Vendor import of Heimdal 0.2o 2000-02-24 11:19:29 +00:00
markm
50efcd9b31 This commit was generated by cvs2svn to compensate for changes in r57416, 
which included commits to RCS files with non-trunk default branches.
 2000-02-24 11:07:16 +00:00
markm
fa8b1a96d3 Vendor import of Heimdal 0.2n 2000-02-24 11:07:16 +00:00
markm
d99784ddf1 freefall/internat diff reducer 2000-02-24 10:38:40 +00:00
markm
fd6da7cf96 Freefall/Internat diff reducer. 2000-02-24 10:37:29 +00:00
jkh
c99b4c1afc Add call stubs for dynamic rsaref loading. This isn't enabled for now 
but simply lets us sync up on the solution as it's evolved.
 2000-02-22 06:22:54 +00:00
shin
981d4a6e4b Use static buffer to save source route hostnames. 
Approved by: jkh
 2000-02-19 16:33:14 +00:00
shin
e1b335a34c Print "Trying ..." for each host. Also cleanups for error printing. 
Approved by: jkh

Submitted by: Ben Smithurst <ben@scientia.demon.co.uk>
 2000-02-19 16:17:41 +00:00
shin
77f276d5ac Fix bugs in telnet. 
Sorry there were still several bugs.
   -error retry at af missmatch was incomplete.
   -af matching for source addr option was wrong
   -socket was not freed at retry.

Approved by: jkh
 2000-02-15 15:59:12 +00:00
shin
bca215974d Add more dual stack consideration. 
-Should retry as much as possible when some of source
     routing intermediate hosts' address families missmatch
     happened.
     (such as when a host has only A record, and another host
     has each of A and AAAA record.)

    -Should retry as much as possible when dest addr and
     source addr(specified with -s option) address family
     missmatch happend

Approved by: jkh
 2000-02-10 20:06:36 +00:00
shin
67ff6efc68 Fix telnet core dump at invalid service name specified. 
Added an error check to avoid it.

Approved by: jkh

Submitted by: Robert Muir <rmuir@gibralter.net>
 2000-02-07 00:52:49 +00:00
shin
3859c2231c Add NI_NAMEREQD flag to getnameinfo() call. Without this flag, 
getnameinfo() don't return error at name resolving failure.
But it is used at doaddrlookup(-N) case in telnet, error need to be
returned to correctly initialize hostname buffer.

Discovered at checking recent KAME repository change, noticed by itojun.
 2000-01-29 18:21:05 +00:00
shin
ce15efb7c0 another tcp apps IPv6 updates.(should be make world safe) 
ftp, telnet, ftpd, faithd
  also telnet related sync with crypto, secure, kerberosIV

Obtained from: KAME project
 2000-01-27 09:28:38 +00:00
kris
7e4e44947b Import the RSA support code. There shouldn't be any actual RSA 
cryptography here.
 2000-01-16 05:14:57 +00:00
kris
2e01efe7c1 This commit was generated by cvs2svn to compensate for changes in r56083, 
which included commits to RCS files with non-trunk default branches.
 2000-01-16 05:14:57 +00:00
kris
f389ea9752 Fix for missing symbol in -DRSAref case. 2000-01-16 04:45:18 +00:00