d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
73,788 Commits 4 Branches 49 Tags
Commit Graph

26 Commits

Author SHA1 Message Date
des
ad8d1ef864 Don't report last login time in PAM case. (perforce change 10057) 
Sponsored by:	DARPA, NAI Labs
 2002-04-22 06:26:29 +00:00
ache
ac2b640032 Move LOGIN_CAP calls before all file descriptors are closed hard, since some 
descriptors may be used by LOGIN_CAP internally, add login_close().

Use "nocheckmail" LOGIN_CAP capability too like our login does.
 2002-04-21 13:31:56 +00:00
ache
b8f64a3c9b Fix TZ & TERM handling for use_login case of rev. 1.24 2002-04-20 09:56:10 +00:00
ache
a9f47835a0 1) Surprisingly, "CheckMail" handling code completely removed from this 
version, so documented "CheckMail" option exists but does nothing.
Bring it back to life adding code back.

2) Cosmetique. Reduce number of args in do_setusercontext()
 2002-04-20 09:26:43 +00:00
ache
4c135df5a2 1) Fix overlook in my prev. commit - forget HAVE_ prefix in one place in old 
code merge.

2) In addition honor "timezone" and "term" capabilities from login.conf,
not overwrite them once they set (they are TZ and TERM variables).
 2002-04-20 05:44:36 +00:00
ache
9cec8df7cf Please repeat after me: setusercontext() modifies _current_ environment, but 
sshd uses separate child_env. So, to make setusercontext() really does
something, environment must be switched before call and passed to child_env
back after it.

The error here was that modified environment not passed back to child_env,
so all variables that setusercontext() adds are lost, including ones from
~/.login_conf
 2002-04-20 04:38:07 +00:00
des
67bfdd081a Fix some warnings. Don't record logins twice in USE_PAM case. Strip 
"/dev/" off the tty name before passing it to auth_ttyok or PAM.

Inspired by:	dinoex
Sponsored by:	DARPA, NAI Labs
 2002-04-14 16:24:36 +00:00
ru
54bcb55671 Align for const poisoning in -lutil. 2002-04-08 11:07:51 +00:00
des
6534271ec8 Fix conflicts. 2002-03-18 10:09:43 +00:00
green
445306ca92 Use login_getpwclass() instead of login_getclass() so that default 
mapping of user login classes works.

Obtained from:	TrustedBSD project
Sponsored by:	DARPA, NAI Labs
 2002-02-27 22:36:30 +00:00
nectar
b0b55f7f5f Do not pass user-defined environmental variables to /usr/bin/login. 
Obtained from:	OpenBSD
Approved by:	green
 2001-12-03 00:51:47 +00:00
dwmalone
9a6b4717f3 In the "UseLogin yes" case we need env to be NULL to make sure it 
will be correctly initialised.

PR:		32065
Tested by:	The Anarcat <anarcat@anarcat.dyndns.org>
MFC after:	3 days
 2001-11-19 19:40:14 +00:00
green
45d207659b Switch to the user's uid before attempting to unlink the auth forwarding 
file, nullifying the effects of a race.

Obtained from:	OpenBSD
 2001-06-08 22:22:09 +00:00
green
119a11eb6b Fix conflicts for OpenSSH 2.9. 2001-05-04 04:14:23 +00:00
green
f261519030 Reenable the SIGPIPE signal handler default in all cases for spawned 
sessions.
 2001-03-11 02:26:57 +00:00
green
42801d85d9 Actually propagate back to the rest of the application that a command 
was specified when using -t mode with the SSH client.

Submitted by:	Dima Dorfman <dima@unixfreak.org>
 2001-01-21 05:45:27 +00:00
green
ab6b35a1d6 Update to OpenSSH 2.3.0 with FreeBSD modifications. OpenSSH 2.3.0 
new features description elided in favor of checking out their
website.

Important new FreeBSD-version stuff: PAM support has been worked
in, partially from the "Unix" OpenSSH version, and a lot due to the
work of Eivind Eklend, too.

This requires at least the following in pam.conf:

sshd    auth    sufficient      pam_skey.so
sshd    auth    required        pam_unix.so                     try_first_pass
sshd    session required        pam_permit.so

Parts by:	Eivind Eklend <eivind@FreeBSD.org>
 2000-12-05 02:55:12 +00:00
kris
24372e6c10 Resolve conflicts and update for OpenSSH 2.2.0 
Reviewed by:	gshapiro, peter, green
 2000-09-10 09:35:38 +00:00
kris
2450bc1f18 ttyname was not being passed into do_login(), so we were erroneously picking 
up the function definition from unistd.h instead. Use s->tty instead.

Submitted by:	peter
 2000-09-04 08:43:05 +00:00
kris
868b20c6a8 Err, we weren't even compiling auth1.c with LOGIN_CAP at all. Guess nobody 
was using this feature.
 2000-09-02 07:32:05 +00:00
kris
4f57b24cfd Fix syntax error in previous commit. 
Submitted by:	Udo Schweigert <ust@cert.siemens.de>
 2000-06-11 21:41:25 +00:00
kris
ad6da2a572 Fix security botch in "UseLogin Yes" case: commands are executed with 
uid 0.

Obtained from:	OpenBSD
 2000-06-10 22:32:57 +00:00
kris
66c0eb5d8c Bring vendor patches onto the main branch, and resolve conflicts. 2000-06-03 07:31:44 +00:00
kris
de71a10db8 Unbreak Kerberos5 compilation. This still remains untested. 
Noticed by:	obrien
 2000-05-17 08:06:20 +00:00
kris
a632b4789c Resolve conflicts and update for FreeBSD. 2000-05-15 05:24:25 +00:00
kris
4dc8aa85ce Initial import of OpenSSH v2.1. 2000-05-15 04:37:24 +00:00