d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
124,907 Commits 4 Branches 49 Tags
Commit Graph

358 Commits

Author SHA1 Message Date
des
ec85a15f0e This commit was generated by cvs2svn to compensate for changes in r92555, 
which included commits to RCS files with non-trunk default branches.
 2002-03-18 09:55:03 +00:00
des
160859d708 Diff reduction. 
Sponsored by:	DARPA, NAI Labs
 2002-03-16 08:03:48 +00:00
nectar
f2ed33b521 Update version string. 2002-03-07 14:36:28 +00:00
nectar
6ee5449e7c Fix off-by-one error. 
Obtained from:	OpenBSD
 2002-03-05 14:27:19 +00:00
green
445306ca92 Use login_getpwclass() instead of login_getclass() so that default 
mapping of user login classes works.

Obtained from:	TrustedBSD project
Sponsored by:	DARPA, NAI Labs
 2002-02-27 22:36:30 +00:00
ru
5307ecb83c Make libssh.so useable (undefined reference to IPv4or6). 
Reviewed by:	des, markm
Approved by:	markm
 2002-01-23 15:06:47 +00:00
green
fe27adc46b Fix a coredump bug occurring if ssh-keygen attempts to change the password 
on a DSA key.

Submitted by:	ian j hart <ianjhart@ntlworld.com>
 2002-01-07 15:55:20 +00:00
nectar
d69c342a45 Update version string since we applied a fix for the UseLogin issue. 2001-12-03 22:47:51 +00:00
nectar
b0b55f7f5f Do not pass user-defined environmental variables to /usr/bin/login. 
Obtained from:	OpenBSD
Approved by:	green
 2001-12-03 00:51:47 +00:00
dwmalone
9a6b4717f3 In the "UseLogin yes" case we need env to be NULL to make sure it 
will be correctly initialised.

PR:		32065
Tested by:	The Anarcat <anarcat@anarcat.dyndns.org>
MFC after:	3 days
 2001-11-19 19:40:14 +00:00
green
e990e27894 Modify a "You don't exist" message, pretty rude for transient YP failures. 2001-09-27 18:54:42 +00:00
assar
6d29950919 fix renamed options in some of the code that was #ifdef AFS 
also print an error if krb5 ticket passing is disabled

Submitted by:	Jonathan Chen <jon@spock.org>
 2001-09-04 13:27:04 +00:00
ps
e7bdb473a8 Backout last change. I didnt follow the thread and made a mistake 
with this.  localisations is a valid spelling.  Oops
 2001-08-27 10:37:50 +00:00
ps
4e55facbeb Correctly spell localizations 2001-08-27 10:20:02 +00:00
green
9f287caebc Update the OpenSSH minor-version string. 
Requested by:	obrien
Reviewed by:	rwatson
 2001-08-16 19:26:19 +00:00
nectar
0e7f0df834 Bug fix: When the client connects to a server and Kerberos 
authentication is  enabled, the  client effectively ignores  any error
from krb5_rd_rep due to a missing branch.

In  theory  this could  result  in  an  ssh  client using  Kerberos  5
authentication accepting  a spoofed  AP-REP.  I doubt  this is  a real
possiblity, however, because  the AP-REP is passed from  the server to
the client via the SSH  encrypted channel.  Any tampering should cause
the decryption or MAC to fail.

Approved by:	green
MFC after:	1 week
 2001-07-13 18:12:13 +00:00
green
961721080a Fix an incorrect conflict resolution which prevented TISAuthentication 
from working right in 2.9.
 2001-07-07 14:19:53 +00:00
green
93a6a41112 Also add a colon to "Bad passphrase, please try again ". 2001-06-29 16:43:13 +00:00
green
5d06029221 Put in a missing colon in the "Enter passphrase" message. 2001-06-29 16:34:14 +00:00
green
fe0162ddb3 Back out the last change which is probably actually a red herring. Argh! 2001-06-26 15:15:22 +00:00
green
c3258d9fdd Don't pointlessly kill a channel because the first (forced) 
non-blocking read returns 0.

Now I can finally tunnel CVSUP again...
 2001-06-26 14:17:35 +00:00
assar
116337ea17 (do_authloop): handle !KRB4 && KRB5 2001-06-16 07:44:17 +00:00
markm
5fa9d6f739 Unbreak OpenSSH for the KRB5-and-no-KRB4 case. Asking for KRB5 does 
not imply that you want, need or have kerberosIV headers.
 2001-06-15 08:12:31 +00:00
green
fdb0c1688a Enable Kerberos 5 support in sshd again. 2001-06-12 03:43:47 +00:00
green
45d207659b Switch to the user's uid before attempting to unlink the auth forwarding 
file, nullifying the effects of a race.

Obtained from:	OpenBSD
 2001-06-08 22:22:09 +00:00
obrien
a26134411c Fix $FreeBSD$ style committer messed up in rev 1.7 for some reason. 2001-05-24 07:22:08 +00:00
obrien
bac609c202 Restore the RSA host key to /etc/ssh/ssh_host_key. 
Also fix $FreeBSD$ spamage in crypto/openssh/sshd_config rev. 1.16.
 2001-05-18 18:10:02 +00:00
green
a407780211 If a host would exceed 16 characters in the utmp entry, record only 
it's IP address/base host instead.

Submitted by:	brian
 2001-05-15 01:50:40 +00:00
ru
3add9296c0 mdoc(7) police: finished fixing conflicts in revision 1.18. 2001-05-14 18:13:34 +00:00
markm
cdb0cb9ccd Fix make world in the kerberosIV case. 2001-05-11 09:36:17 +00:00
alfred
bd16bfd06f Fix some of the handling in the pam module, don't unregister things 
that were never registered.  At the same time handle a failure from
pam_setcreds with a bit more paranioa than the previous fix.

Sync a bit with the "Portable OpenSSH" work to make comparisons a easier.
 2001-05-09 03:40:37 +00:00
green
9c961719a9 Since PAM is broken, let pam_setcred() failure be non-fatal. 2001-05-08 22:30:18 +00:00
green
3f59c74031 sshd_config should still be keeping ssh host keys in /etc/ssh, not /etc. 2001-05-05 13:48:13 +00:00
green
094816f4b2 Finish committing _more_ somehow-uncommitted OpenSSH 2.9 updates. 
(Missing Delta Brigade, tally-ho!)
 2001-05-05 01:12:45 +00:00
green
729aac1a81 Get ssh(1) compiling with MAKE_KERBEROS5. 2001-05-04 04:37:49 +00:00
green
d1f65ecd2b Remove obsoleted files. 2001-05-04 04:15:22 +00:00
green
119a11eb6b Fix conflicts for OpenSSH 2.9. 2001-05-04 04:14:23 +00:00
green
8acd87ac47 Say "hi" to the latest in the OpenSSH series, version 2.9! 
Happy birthday to:	rwatson
 2001-05-04 03:57:05 +00:00
green
08fd06354d This commit was generated by cvs2svn to compensate for changes in r76259, 
which included commits to RCS files with non-trunk default branches.
 2001-05-04 03:57:05 +00:00
green
461d7e1472 Add a "VersionAddendum" configuration setting for sshd which allows 
anyone to easily change the part of the OpenSSH version after the main
version number.  The FreeBSD-specific version banner could be disabled
that way, for example:

# Call ourselves plain OpenSSH
VersionAddendum
 2001-05-03 00:29:28 +00:00
green
6d6d6e45ee Backout completely canonical lookup modifications. 2001-05-03 00:26:47 +00:00
green
b9a62213ae Suggested by kris, OpenSSH shall have a version designated to note that 
it's not "plain" OpenSSH 2.3.0.
 2001-03-20 02:11:25 +00:00
green
e1c06db961 Make password attacks based on traffic analysis harder by requiring that 
"non-echoed" characters are still echoed back in a null packet, as well
as pad passwords sent to not give hints to the length otherwise.

Obtained from:	OpenBSD
 2001-03-20 02:06:40 +00:00
asmodai
355885cfa7 Fix double mention of ssh. 
This file is already off the vendorbranch, nonetheless it needs to be
submitted back to the OpenSSH people.

PR:		25743
Submitted by:	David Wolfskill <dhw@whistle.com>
 2001-03-15 09:24:40 +00:00
green
8b51db0ce8 Don't dump core when an attempt is made to login using protocol 2 with 
an invalid user name.
 2001-03-15 03:15:18 +00:00
assar
95047bd0c5 (try_krb5_authentication): simplify code. from joda@netbsd.org 2001-03-13 04:42:38 +00:00
assar
07c5543bb1 Fix LP64 problem in Kerberos 5 TGT passing. 
Obtained from: NetBSD (done by thorpej@netbsd.org)
 2001-03-12 08:14:22 +00:00
green
f261519030 Reenable the SIGPIPE signal handler default in all cases for spawned 
sessions.
 2001-03-11 02:26:57 +00:00
assar
4e2eb78eca Add code for being compatible with ssh.com's krb5 authentication. 
It is done by using the same ssh messages for v4 and v5 authentication
(since the ssh.com does not now anything about v4) and looking at the
contents after unpacking it to see if it is v4 or v5.
Based on code from Björn Grönvall <bg@sics.se>

PR:		misc/20504
 2001-03-04 02:22:04 +00:00
ps
4abb31bd7d Make ConnectionsPerPeriod non-fatal for real. 2001-02-18 01:33:31 +00:00