system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-09-29 05:04:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
59775 commits 77 branches 139 tags 3.4 GiB
Commit graph

310 commits

Author SHA1 Message Date
David E. O'Brien d3ebe37cd0 Restore the RSA host key to /etc/ssh/ssh_host_key. 
Also fix $FreeBSD$ spamage in crypto/openssh/sshd_config rev. 1.16.
 2001-05-18 18:10:02 +00:00
Nick Sayer 9286fd701f Make the PAM user-override actually override the correect thing. 2001-05-17 16:28:11 +00:00
Peter Wemm 64867478d8 Back out last commit. This was already fixed. This should never have 
happened, this is why we have commit mail expressly delivered to
committers.
 2001-05-17 03:14:42 +00:00
Peter Wemm d48d5be0d0 Fix the latest telnet breakage. Obviously this was never compiled. 2001-05-17 03:13:00 +00:00
Nick Sayer 1848e3d448 Since the root-on-insecure-tty code was added to telnetd, a dependency 
on char *line was added to libtelnet. Put a dummy one in to keep the
linker happy.
 2001-05-16 20:34:42 +00:00
Nick Sayer 166b3cb9a0 Make sure the protocol actively rejects bad data rather than 
(potentially) not responding to an invalid SRA 'auth is' message.
 2001-05-16 20:24:58 +00:00
Nick Sayer 8183ac8f53 srandomdev() affords us the opportunity to radically improve, and at the 
same time simplify, the random number selection code.
 2001-05-16 18:32:46 +00:00
Nick Sayer 60f581768d Catch any attempted buffer overflows. The magic numbers in this code 
(512) are a little distressing, but the method really needs to be
extended to allow server-supplied DH parameters anyway.

Submitted by:	kris
 2001-05-16 18:27:09 +00:00
Nick Sayer e7157113a9 Catch malloc return failures. This should help avoid dereferencing NULL on 
low-memory situations.

Submitted by:	kris
 2001-05-16 18:17:55 +00:00
Peter Wemm cd189e1195 Hack to work around braindeath in libtelnet:sra.c. The sra.o file 
references global variables from telnetd, but is also linked into
telnet as well. I was tempted to back out the last sra.c change
as it is 100% bogus and should be taken out and shot, but for now
this bandaid should get world working again. :-(
 2001-05-15 09:52:03 +00:00
Nick Sayer c7be24c970 If the uid of the attempted authentication is 0 and if the pty is 
insecure, do not succeed. Copied from login.c. This functionality really
should be a PAM module.
 2001-05-15 04:47:14 +00:00
Brian Feldman 62c931e0a4 If a host would exceed 16 characters in the utmp entry, record only 
it's IP address/base host instead.

Submitted by:	brian
 2001-05-15 01:50:40 +00:00
Ruslan Ermilov bb60401e7a mdoc(7) police: finished fixing conflicts in revision 1.18. 2001-05-14 18:13:34 +00:00
Mark Murray fa83754c4e Fix make world in the kerberosIV case. 2001-05-11 09:36:17 +00:00
Assar Westerlund 66b166c994 merge imported changes into HEAD 2001-05-11 00:14:02 +00:00
Alfred Perlstein 2c917d39b2 Fix some of the handling in the pam module, don't unregister things 
that were never registered.  At the same time handle a failure from
pam_setcreds with a bit more paranioa than the previous fix.

Sync a bit with the "Portable OpenSSH" work to make comparisons a easier.
 2001-05-09 03:40:37 +00:00
Brian Feldman 00e38eaf7f Since PAM is broken, let pam_setcred() failure be non-fatal. 2001-05-08 22:30:18 +00:00
Assar Westerlund d1edd0128c This commit was generated by cvs2svn to compensate for changes in r76371, 
which included commits to RCS files with non-trunk default branches.
 2001-05-08 14:57:13 +00:00
Assar Westerlund 45524cd79e mdoc(ng) fixes 
Submitted by:	ru
 2001-05-08 14:57:13 +00:00
Assar Westerlund a3204abff5 mdoc(ng) fixes 
Submitted by:	ru
 2001-05-08 14:57:13 +00:00
Nick Sayer 053c5b3a9e Pointy hat fix -- reapply the SRA PAM patch. To -current this time. 2001-05-07 20:42:02 +00:00
Brian Feldman 3817a12c9b sshd_config should still be keeping ssh host keys in /etc/ssh, not /etc. 2001-05-05 13:48:13 +00:00
Brian Feldman 4c5de86978 Finish committing _more_ somehow-uncommitted OpenSSH 2.9 updates. 
(Missing Delta Brigade, tally-ho!)
 2001-05-05 01:12:45 +00:00
Brian Feldman 87767895f0 Get ssh(1) compiling with MAKE_KERBEROS5. 2001-05-04 04:37:49 +00:00
Brian Feldman 345012bf8b Remove obsoleted files. 2001-05-04 04:15:22 +00:00
Brian Feldman ca3176e7c8 Fix conflicts for OpenSSH 2.9. 2001-05-04 04:14:23 +00:00
Brian Feldman 3ed16d1511 This commit was generated by cvs2svn to compensate for changes in r76259, 
which included commits to RCS files with non-trunk default branches.
 2001-05-04 03:57:05 +00:00
Brian Feldman 1e8db6e2f6 Say "hi" to the latest in the OpenSSH series, version 2.9! 
Happy birthday to:	rwatson
 2001-05-04 03:57:05 +00:00
Brian Feldman 933ca70f8f Add a "VersionAddendum" configuration setting for sshd which allows 
anyone to easily change the part of the OpenSSH version after the main
version number.  The FreeBSD-specific version banner could be disabled
that way, for example:

# Call ourselves plain OpenSSH
VersionAddendum
 2001-05-03 00:29:28 +00:00
Brian Feldman 1f5ce8f412 Backout completely canonical lookup modifications. 2001-05-03 00:26:47 +00:00
Mark Murray b7ffbfee87 Toss into attic stuff we don't use. 2001-04-14 09:48:26 +00:00
Ruslan Ermilov 566f5a4859 mdoc(7) police: removed hard sentence breaks introduced in rev.1.10. 2001-04-13 08:49:52 +00:00
Nick Sayer 036790848a Clean up telnet's argument processing a bit. autologin and encryption is 
now the default, so ignore the arguments that turn it on. Add a new -y
argument to turn off encryption in case someone wants to do that. Sync
these changes with the man page (including removing the now obsolete
statement about availability only in the US and Canada).
 2001-04-06 15:56:10 +00:00
Nick Sayer 6a1fe28e41 Reactivate SRA. 
Make handling of SIGINT and SIGQUIT follow SIGTSTP in TerminalNewMode().
This allows people to break out of SRA authentication if they wish to.
 2001-04-05 14:09:15 +00:00
Brian Feldman 313cb084c4 Suggested by kris, OpenSSH shall have a version designated to note that 
it's not "plain" OpenSSH 2.3.0.
 2001-03-20 02:11:25 +00:00
Brian Feldman e0fbb1d2de Make password attacks based on traffic analysis harder by requiring that 
"non-echoed" characters are still echoed back in a null packet, as well
as pad passwords sent to not give hints to the length otherwise.

Obtained from:	OpenBSD
 2001-03-20 02:06:40 +00:00
Nick Sayer 989efc86f5 Fix core noted in -stable with 'auth disable SRA'. 
I just mistakenly commited this to RELENG_4. I have contacted Jordan to see
about how to fix this. Pass the pointy hat.
 2001-03-18 09:44:25 +00:00
Jeroen Ruigrok van der Werven f7191d4fae Fix double mention of ssh. 
This file is already off the vendorbranch, nonetheless it needs to be
submitted back to the OpenSSH people.

PR:		25743
Submitted by:	David Wolfskill <dhw@whistle.com>
 2001-03-15 09:24:40 +00:00
Brian Feldman e4fe1ca667 Don't dump core when an attempt is made to login using protocol 2 with 
an invalid user name.
 2001-03-15 03:15:18 +00:00
Assar Westerlund aeccfe991a (try_krb5_authentication): simplify code. from joda@netbsd.org 2001-03-13 04:42:38 +00:00
Assar Westerlund a16a9b0f1e Fix LP64 problem in Kerberos 5 TGT passing. 
Obtained from: NetBSD (done by thorpej@netbsd.org)
 2001-03-12 08:14:22 +00:00
Assar Westerlund bb330cd01e enable auto-negotiation of encrypt and decrypt 2001-03-12 03:54:48 +00:00
Assar Westerlund 02c9ff5b94 initialize pointers to NULL and sized to 0 to avoid free:ing invalid memory. 
PR:		bin/20779
 2001-03-12 03:48:03 +00:00
Brian Feldman 46c9472cd6 Reenable the SIGPIPE signal handler default in all cases for spawned 
sessions.
 2001-03-11 02:26:57 +00:00
Mark Murray a4f378438c Remove stuff that is really "ports material", generated files and 
stuff for other OS's. Also remove stuff (libraries) that are
already present in FreeBSD and must not get mixed up in our
code.
 2001-03-04 07:26:45 +00:00
Mark Murray c21f532945 Trim down the source tree a bit. We shouldn't have blatantly 
uncompilable bits in here (like X stuff), nor should we have
too much "ports material".
 2001-03-04 07:06:39 +00:00
Assar Westerlund cb96ab3672 Add code for being compatible with ssh.com's krb5 authentication. 
It is done by using the same ssh messages for v4 and v5 authentication
(since the ssh.com does not now anything about v4) and looking at the
contents after unpacking it to see if it is v4 or v5.
Based on code from Björn Grönvall <bg@sics.se>

PR:		misc/20504
 2001-03-04 02:22:04 +00:00
Kris Kennaway b64f39b655 Resolve conflicts 2001-02-18 03:23:30 +00:00
Kris Kennaway a991678294 This commit was generated by cvs2svn to compensate for changes in r72613, 
which included commits to RCS files with non-trunk default branches.
 2001-02-18 03:17:36 +00:00
Kris Kennaway de7cdddab1 Import of OpenSSL 0.9.6-STABLE snapshot dated 2001-02-10 2001-02-18 03:17:36 +00:00