Dag-Erling Smørgrav
8f8855cff0
Knowledgeable persons assure me that RSA is preferable to DSA and that we
...
should transition away from DSA.
2002-04-11 22:04:40 +00:00
Dag-Erling Smørgrav
6cef489c5c
Prefer DSA to RSA if both are available.
2002-04-11 16:08:48 +00:00
Dag-Erling Smørgrav
9c0adca3e7
Do not attempt to load an ssh2 RSA host key by default.
2002-04-11 16:08:02 +00:00
Ruslan Ermilov
f2f306b622
Align for const poisoning in -lutil.
2002-04-08 11:07:51 +00:00
Dag-Erling Smørgrav
5e022fc6f0
Nuke stale copy of the pam_ssh(8) source code.
2002-04-06 04:46:01 +00:00
Dag-Erling Smørgrav
5297e48d04
Revert to vendor version, what little was left of our local patches here
...
was incorrect.
Pointed out by: Markus Friedl <markus@openbsd.org>
2002-04-02 23:07:31 +00:00
Dag-Erling Smørgrav
43e73ba0c2
Change the FreeBSD version addendum to "FreeBSD-20020402". This shortens
...
the version string to 28 characters, which is below the 40-character limit
specified in the proposed SECSH standard. Some servers, however (like the
one built into the Foundry BigIron line of switches) will hang when
confronted with a version string longer than 24 characters, so some users
may need to shorten it further.
Sponsored by: DARPA, NAI Labs
2002-04-02 21:53:54 +00:00
Dag-Erling Smørgrav
9e2cbe04ff
Make the various ssh clients understand the VersionAddendum option.
...
Submitted by: pb
2002-04-02 21:48:51 +00:00
Ruslan Ermilov
2735cfee64
Switch over to using pam_login_access(8) module in sshd(8).
...
(Fixes static compilation. Reduces diffs to OpenSSH.)
Reviewed by: bde
2002-03-26 12:52:28 +00:00
Jacques Vidrine
7fd1ca3b0c
REALLY correct typo this time.
...
Noticed by: roam
2002-03-26 12:27:43 +00:00
Jacques Vidrine
26241f6368
Fix typo (missing paren) affecting KRB4 && KRB5 case.
...
Approved by: des
2002-03-25 14:55:41 +00:00
Dag-Erling Smørgrav
f0cf488b75
We keep moduli(5) in /etc/ssh, not /etc.
2002-03-23 19:26:21 +00:00
Dag-Erling Smørgrav
6b11d510fd
Correctly set PAM_RHOST so e.g. pam_login_access(8) can do its job.
...
Sponsored by: DARPA, NAI Labs
2002-03-21 12:55:21 +00:00
Dag-Erling Smørgrav
fe49ecbc93
Use the "sshd" service instead of "csshd". The latter was only needed
...
because of bugs (incorrect design decisions, actually) in Linux-PAM.
Sponsored by: DARPA, NAI Labs
2002-03-21 12:23:09 +00:00
Dag-Erling Smørgrav
da4dc1eeb5
Use PAM instead of S/Key (or OPIE) for SSH2.
...
Sponsored by: DARPA, NAI Labs
2002-03-21 12:18:27 +00:00
Dag-Erling Smørgrav
97ec1da11a
Note that portions of this software were
...
Sponsored by: DARPA, NAI Labs
2002-03-20 22:10:10 +00:00
Dag-Erling Smørgrav
3a17de1501
- Change the prompt from "S/Key Password: " to "OPIE Password: "
...
- If the user doesn't have an OPIE key, don't challenge him. This is
a workaround until I get PAM to work properly with ssh2.
Sponsored by: DARPA, NAI Labs
2002-03-20 22:02:02 +00:00
Dag-Erling Smørgrav
1d9e2b0ad5
Unbreak for KRB4 ^ KRB5 case.
...
Sponsored by: DARPA, NAI Labs
2002-03-19 16:44:11 +00:00
Dag-Erling Smørgrav
8bf26f5d41
Revive this file (which is used for opie rather than skey)
2002-03-18 10:31:33 +00:00
Dag-Erling Smørgrav
af12a3e74a
Fix conflicts.
2002-03-18 10:09:43 +00:00
Dag-Erling Smørgrav
996836565f
This commit was generated by cvs2svn to compensate for changes in r92555,
...
which included commits to RCS files with non-trunk default branches.
2002-03-18 09:55:03 +00:00
Dag-Erling Smørgrav
ae1f160d56
Vendor import of OpenSSH 3.1
2002-03-18 09:55:03 +00:00
Dag-Erling Smørgrav
a681ab0abe
Diff reduction.
...
Sponsored by: DARPA, NAI Labs
2002-03-16 08:03:48 +00:00
Jacques Vidrine
1acac5eba8
Update version string.
2002-03-07 14:36:28 +00:00
Jacques Vidrine
d96f3089f2
Fix off-by-one error.
...
Obtained from: OpenBSD
2002-03-05 14:27:19 +00:00
Brian Feldman
885a59f2e0
Use login_getpwclass() instead of login_getclass() so that default
...
mapping of user login classes works.
Obtained from: TrustedBSD project
Sponsored by: DARPA, NAI Labs
2002-02-27 22:36:30 +00:00
Jacques Vidrine
eacee0ff7e
Update build after import of Heimdal Kerberos 2002/02/17.
2002-02-19 15:53:33 +00:00
Jacques Vidrine
70d0374720
Remove files that were dropped from Heimdal Kerberos 2002/02/17.
2002-02-19 15:51:09 +00:00
Jacques Vidrine
bc865db654
Resolve conflicts after import of Heimdal Kerberos 2002/02/17.
2002-02-19 15:50:30 +00:00
Jacques Vidrine
50d8893512
This commit was generated by cvs2svn to compensate for changes in r90926,
...
which included commits to RCS files with non-trunk default branches.
2002-02-19 15:46:56 +00:00
Jacques Vidrine
4137ff4cc1
Import of Heimdal Kerberos from KTH repository circa 2002/02/17.
2002-02-19 15:46:56 +00:00
Sheldon Hearn
fa3e900453
Don't use non-signal-safe functions (exit(3) in this case) in
...
signal handlers. In this case, use _exit(2) instead, following
the call to shutdown(2).
This fixes rare telnetd hangs.
PR: misc/33672
Submitted by: Umesh Krishnaswamy <umesh@juniper.net>
MFC after: 1 month
2002-02-05 15:20:02 +00:00
Kris Kennaway
c21ce79893
Resolve conflicts.
2002-01-27 03:17:13 +00:00
Kris Kennaway
a61825c7f3
This commit was generated by cvs2svn to compensate for changes in r89837,
...
which included commits to RCS files with non-trunk default branches.
2002-01-27 03:13:07 +00:00
Kris Kennaway
a21b1b381e
Initial import of OpenSSL 0.9.6c
2002-01-27 03:13:07 +00:00
Ruslan Ermilov
fd4ca9e02d
Make libssh.so useable (undefined reference to IPv4or6).
...
Reviewed by: des, markm
Approved by: markm
2002-01-23 15:06:47 +00:00
Jacques Vidrine
5a83b025a9
Don't use getlogin() to determine whether we are root.
...
(Import of vendor fix.)
2002-01-15 19:25:55 +00:00
Jacques Vidrine
282fee498c
This commit was generated by cvs2svn to compensate for changes in r89402,
...
which included commits to RCS files with non-trunk default branches.
2002-01-15 19:25:55 +00:00
Brian Feldman
27e5f9f620
Fix a coredump bug occurring if ssh-keygen attempts to change the password
...
on a DSA key.
Submitted by: ian j hart <ianjhart@ntlworld.com>
2002-01-07 15:55:20 +00:00
Ruslan Ermilov
3f36940560
mdoc(7) police: remove -r from SYNOPSIS, sort -p in DESCRIPTION.
2001-12-14 14:41:07 +00:00
Jordan K. Hubbard
d1f21093cd
Don't assume that the number of fds to select on is known quantity (in
...
this case 16). Use dynamic FD_SETs and calculated high-water marks
throughout. There are also too many versions of telnet in the tree.
Obtained from: OpenBSD and Apple's Radar database
MFC after: 2 days
2001-12-09 09:53:27 +00:00
Ruslan Ermilov
5c5c92aff0
Fixed bugs from previous revision.
...
Removed -s from SYNOPSIS and restored -S in DESCRIPTION.
2001-12-04 16:02:36 +00:00
Jacques Vidrine
eb5bc300e8
Update version string since we applied a fix for the UseLogin issue.
2001-12-03 22:47:51 +00:00
John Hay
de0dff907e
Protect variables and function prototypes that are only used in the INET6
...
case with an ifdef INET6.
This make the fixit floppy compile again.
Reviewed by: markm
2001-12-03 17:42:02 +00:00
Mark Murray
5eb2b33ad8
More help for alpha WARNS=2. This code is, erm, unusual. Anyone who
...
feels like rewriting it will meet no objection from me.
2001-12-03 12:16:40 +00:00
Mark Murray
54ab3ed82b
help the alphas out with the WARNS=2 stuff.
2001-12-03 12:13:18 +00:00
Jacques Vidrine
1c5093bbbc
Do not pass user-defined environmental variables to /usr/bin/login.
...
Obtained from: OpenBSD
Approved by: green
2001-12-03 00:51:47 +00:00
Mark Murray
5a12e441eb
Protect names that are used elsewhere. This fixes WARNS=2 breakage
...
in crypto telnet.
2001-12-01 18:48:36 +00:00
Mark Murray
3138440a79
Damn. The previous mega-commit was incomplete WRT ANSIfication. This
...
fixes that.
2001-11-30 22:28:07 +00:00
Mark Murray
8fa113e5fc
Very large style makeover.
...
1) ANSIfy.
2) Clean up ifdefs so that
a) ones that never/always apply are appropriately either
fully removed, or just the #if junk is removed.
b) change #if defined(FOO) for appropiate values of FOO.
(currently AUTHENTICATION and ENCRYPTION)
3) WARNS=2 fixing
4) GC other unused stuff
This code can now be unifdef(1)ed to make non-crypto telnet.
2001-11-30 21:06:38 +00:00