freebsd-skq

Author	SHA1	Message	Date
dwmalone	9a6b4717f3	In the "UseLogin yes" case we need env to be NULL to make sure it will be correctly initialised. PR: 32065 Tested by: The Anarcat <anarcat@anarcat.dyndns.org> MFC after: 3 days	2001-11-19 19:40:14 +00:00
green	e990e27894	Modify a "You don't exist" message, pretty rude for transient YP failures.	2001-09-27 18:54:42 +00:00
assar	6d29950919	fix renamed options in some of the code that was #ifdef AFS also print an error if krb5 ticket passing is disabled Submitted by: Jonathan Chen <jon@spock.org>	2001-09-04 13:27:04 +00:00
ps	e7bdb473a8	Backout last change. I didnt follow the thread and made a mistake with this. localisations is a valid spelling. Oops	2001-08-27 10:37:50 +00:00
ps	4e55facbeb	Correctly spell localizations	2001-08-27 10:20:02 +00:00
green	9f287caebc	Update the OpenSSH minor-version string. Requested by: obrien Reviewed by: rwatson	2001-08-16 19:26:19 +00:00
nectar	0e7f0df834	Bug fix: When the client connects to a server and Kerberos authentication is enabled, the client effectively ignores any error from krb5_rd_rep due to a missing branch. In theory this could result in an ssh client using Kerberos 5 authentication accepting a spoofed AP-REP. I doubt this is a real possiblity, however, because the AP-REP is passed from the server to the client via the SSH encrypted channel. Any tampering should cause the decryption or MAC to fail. Approved by: green MFC after: 1 week	2001-07-13 18:12:13 +00:00
green	961721080a	Fix an incorrect conflict resolution which prevented TISAuthentication from working right in 2.9.	2001-07-07 14:19:53 +00:00
green	93a6a41112	Also add a colon to "Bad passphrase, please try again ".	2001-06-29 16:43:13 +00:00
green	5d06029221	Put in a missing colon in the "Enter passphrase" message.	2001-06-29 16:34:14 +00:00
green	fe0162ddb3	Back out the last change which is probably actually a red herring. Argh!	2001-06-26 15:15:22 +00:00
green	c3258d9fdd	Don't pointlessly kill a channel because the first (forced) non-blocking read returns 0. Now I can finally tunnel CVSUP again...	2001-06-26 14:17:35 +00:00
assar	116337ea17	(do_authloop): handle !KRB4 && KRB5	2001-06-16 07:44:17 +00:00
markm	5fa9d6f739	Unbreak OpenSSH for the KRB5-and-no-KRB4 case. Asking for KRB5 does not imply that you want, need or have kerberosIV headers.	2001-06-15 08:12:31 +00:00
green	fdb0c1688a	Enable Kerberos 5 support in sshd again.	2001-06-12 03:43:47 +00:00
green	45d207659b	Switch to the user's uid before attempting to unlink the auth forwarding file, nullifying the effects of a race. Obtained from: OpenBSD	2001-06-08 22:22:09 +00:00
obrien	a26134411c	Fix $FreeBSD$ style committer messed up in rev 1.7 for some reason.	2001-05-24 07:22:08 +00:00
obrien	bac609c202	Restore the RSA host key to /etc/ssh/ssh_host_key. Also fix $FreeBSD$ spamage in crypto/openssh/sshd_config rev. 1.16.	2001-05-18 18:10:02 +00:00
green	a407780211	If a host would exceed 16 characters in the utmp entry, record only it's IP address/base host instead. Submitted by: brian	2001-05-15 01:50:40 +00:00
ru	3add9296c0	mdoc(7) police: finished fixing conflicts in revision 1.18.	2001-05-14 18:13:34 +00:00
markm	cdb0cb9ccd	Fix make world in the kerberosIV case.	2001-05-11 09:36:17 +00:00
alfred	bd16bfd06f	Fix some of the handling in the pam module, don't unregister things that were never registered. At the same time handle a failure from pam_setcreds with a bit more paranioa than the previous fix. Sync a bit with the "Portable OpenSSH" work to make comparisons a easier.	2001-05-09 03:40:37 +00:00
green	9c961719a9	Since PAM is broken, let pam_setcred() failure be non-fatal.	2001-05-08 22:30:18 +00:00
green	3f59c74031	sshd_config should still be keeping ssh host keys in /etc/ssh, not /etc.	2001-05-05 13:48:13 +00:00
green	094816f4b2	Finish committing _more_ somehow-uncommitted OpenSSH 2.9 updates. (Missing Delta Brigade, tally-ho!)	2001-05-05 01:12:45 +00:00
green	729aac1a81	Get ssh(1) compiling with MAKE_KERBEROS5.	2001-05-04 04:37:49 +00:00
green	d1f65ecd2b	Remove obsoleted files.	2001-05-04 04:15:22 +00:00
green	119a11eb6b	Fix conflicts for OpenSSH 2.9.	2001-05-04 04:14:23 +00:00
green	08fd06354d	This commit was generated by cvs2svn to compensate for changes in r76259, which included commits to RCS files with non-trunk default branches.	2001-05-04 03:57:05 +00:00
green	8acd87ac47	Say "hi" to the latest in the OpenSSH series, version 2.9! Happy birthday to: rwatson	2001-05-04 03:57:05 +00:00
green	461d7e1472	Add a "VersionAddendum" configuration setting for sshd which allows anyone to easily change the part of the OpenSSH version after the main version number. The FreeBSD-specific version banner could be disabled that way, for example: # Call ourselves plain OpenSSH VersionAddendum	2001-05-03 00:29:28 +00:00
green	6d6d6e45ee	Backout completely canonical lookup modifications.	2001-05-03 00:26:47 +00:00
green	b9a62213ae	Suggested by kris, OpenSSH shall have a version designated to note that it's not "plain" OpenSSH 2.3.0.	2001-03-20 02:11:25 +00:00
green	e1c06db961	Make password attacks based on traffic analysis harder by requiring that "non-echoed" characters are still echoed back in a null packet, as well as pad passwords sent to not give hints to the length otherwise. Obtained from: OpenBSD	2001-03-20 02:06:40 +00:00
asmodai	355885cfa7	Fix double mention of ssh. This file is already off the vendorbranch, nonetheless it needs to be submitted back to the OpenSSH people. PR: 25743 Submitted by: David Wolfskill <dhw@whistle.com>	2001-03-15 09:24:40 +00:00
green	8b51db0ce8	Don't dump core when an attempt is made to login using protocol 2 with an invalid user name.	2001-03-15 03:15:18 +00:00
assar	95047bd0c5	(try_krb5_authentication): simplify code. from joda@netbsd.org	2001-03-13 04:42:38 +00:00
assar	07c5543bb1	Fix LP64 problem in Kerberos 5 TGT passing. Obtained from: NetBSD (done by thorpej@netbsd.org)	2001-03-12 08:14:22 +00:00
green	f261519030	Reenable the SIGPIPE signal handler default in all cases for spawned sessions.	2001-03-11 02:26:57 +00:00
assar	4e2eb78eca	Add code for being compatible with ssh.com's krb5 authentication. It is done by using the same ssh messages for v4 and v5 authentication (since the ssh.com does not now anything about v4) and looking at the contents after unpacking it to see if it is v4 or v5. Based on code from Björn Grönvall <bg@sics.se> PR: misc/20504	2001-03-04 02:22:04 +00:00
ps	4abb31bd7d	Make ConnectionsPerPeriod non-fatal for real.	2001-02-18 01:33:31 +00:00
assar	e25a9ea1d2	update to new heimdal libkrb5	2001-02-13 16:58:04 +00:00
kris	94cb603894	Patches backported from later development version of OpenSSH which prevent (instead of just mitigating through connection limits) the Bleichenbacher attack which can lead to guessing of the server key (not host key) by regenerating it when an RSA failure is detected. Reviewed by: rwatson	2001-02-12 06:44:51 +00:00
green	c0460ef928	Correctly fill in the sun_len for a sockaddr_sun. Submitted by: Alexander Leidinger <Alexander@leidinger.net>	2001-02-04 20:23:17 +00:00
green	007d3cc3ed	MFS: Don't use the canonical hostname here, too.	2001-02-04 20:16:14 +00:00
green	8ae23e3ef8	MFF: Make ConnectionsPerPeriod usage a warning, not fatal.	2001-02-04 20:15:53 +00:00
green	42801d85d9	Actually propagate back to the rest of the application that a command was specified when using -t mode with the SSH client. Submitted by: Dima Dorfman <dima@unixfreak.org>	2001-01-21 05:45:27 +00:00
green	759414f218	/Really/ deprecate ConnectionsPerPeriod, ripping out the code for it and giving a dire error to its lingering users.	2001-01-13 07:57:43 +00:00
green	a121b36822	Fix a long-standing bug that resulted in a dropped session sometimes when an X11-forwarded client was closed. For some reason, sshd didn't disable the SIGPIPE exit handler and died a horrible death (well, okay, a silent death really). Set SIGPIPE's handler to SIG_IGN.	2001-01-06 21:15:07 +00:00
cvs2svn	5bcde1229c	This commit was manufactured by cvs2svn to create branch 'VENDOR-crypto-openssh'.	2000-12-05 02:55:13 +00:00

1 2 3

149 Commits