system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-10-06 00:20:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
52733 commits 77 branches 139 tags 3.4 GiB
Commit graph

206 commits

Author SHA1 Message Date
Kris Kennaway 7513668808 This commit was generated by cvs2svn to compensate for changes in r61209, 
which included commits to RCS files with non-trunk default branches.
 2000-06-03 09:52:37 +00:00
Kris Kennaway cfa18fd2ba Resolve conflicts 2000-06-03 09:23:13 +00:00
Kris Kennaway 87e372b8a2 Import from vendor repository. 
Obtained from:	OpenBSD
 2000-06-03 09:20:19 +00:00
Kris Kennaway 48fb0b1aa9 This commit was generated by cvs2svn to compensate for changes in r61206, 
which included commits to RCS files with non-trunk default branches.
 2000-06-03 09:20:19 +00:00
Kris Kennaway db1cb46ca2 Bring vendor patches onto the main branch, and resolve conflicts. 2000-06-03 07:31:44 +00:00
Kris Kennaway 1ae2db81a5 Import vendor patches: the first is written by 
Brian Feldman <green@FreeBSD.org>

* Remove the gratuitous dependency on OpenSSL 0.9.5a (preparation for MFC)
* Disable agent forwarding by default in the client (security risk)

Submitted by:	green
Obtained from:	OpenBSD
 2000-06-03 07:18:09 +00:00
Kris Kennaway 7567fde002 This commit was generated by cvs2svn to compensate for changes in r61201, 
which included commits to RCS files with non-trunk default branches.
 2000-06-03 07:18:09 +00:00
Kris Kennaway fcee55a281 Import vendor patch originally submitted by the below author: don't 
treat failure to create the authentication agent directory in /tmp as
a fatal error, but disable agent forwarding.

Submitted by:	Jan Koum <jkb@yahoo-inc.com>
 2000-06-03 07:06:14 +00:00
Kris Kennaway 6298712178 This commit was generated by cvs2svn to compensate for changes in r61199, 
which included commits to RCS files with non-trunk default branches.
 2000-06-03 07:06:14 +00:00
Kris Kennaway 830ccf58ce Import vendor fix: "fix key_read() for uuencoded keys w/o '='" 
This bug caused OpenSSH not to recognise some of the DSA keys it
generated.

Submitted by:	Christian Weisgerber <naddy@mips.inka.de>
Obtained from:	OpenBSD
 2000-06-03 06:51:30 +00:00
Kris Kennaway 4f00f8562d Update to the version of pam_ssh corresponding to OpenSSH 2.1 (taken 
from the openssh port)

Submitted by:	Hajimu UMEMOTO <ume@mahoroba.org>
 2000-05-30 09:03:15 +00:00
Jake Burkholder e39756439c Back out the previous change to the queue(3) interface. 
It was not discussed and should probably not happen.

Requested by:		msmith and others
 2000-05-26 02:09:24 +00:00
Jake Burkholder 740a1973a6 Change the way that the queue(3) structures are declared; don't assume that 
the type argument to *_HEAD and *_ENTRY is a struct.

Suggested by:	phk
Reviewed by:	phk
Approved by:	mdodd
 2000-05-23 20:41:01 +00:00
Andrey A. Chernov a4bc7676d4 Turn on CheckMail to be more login-compatible by default 2000-05-23 06:06:54 +00:00
Brian Somers 73813569e4 Don't USE_PIPES 
Spammed by: peter
Submitted by: mkn@uk.FreeBSD.org
 2000-05-22 09:51:18 +00:00
Kris Kennaway ba0c6b0830 Correct two stupid typos in the DSA key location. 
Submitted by:	Udo Schweigert <ust@cert.siemens.de>
 2000-05-18 06:04:23 +00:00
Kris Kennaway b787acb5e3 Unbreak Kerberos5 compilation. This still remains untested. 
Noticed by:	obrien
 2000-05-17 08:06:20 +00:00
Kris Kennaway e551e5eafa Oops, rename S/Key to Opie in line with FreeBSD usage. 2000-05-15 06:11:30 +00:00
Kris Kennaway 0c11f6e187 Create a DSA host key if one does not already exist, and teach sshd_config 
about it.
 2000-05-15 05:40:27 +00:00
Kris Kennaway e8aafc91b5 Resolve conflicts and update for FreeBSD. 2000-05-15 05:24:25 +00:00
Kris Kennaway a04a10f891 Initial import of OpenSSH v2.1. 2000-05-15 04:37:24 +00:00
Kris Kennaway fe01acb846 This commit was generated by cvs2svn to compensate for changes in r60573, 
which included commits to RCS files with non-trunk default branches.
 2000-05-15 04:37:24 +00:00
Nik Clayton 699cc2f5e1 Note that X11 Forwarding is off by default. 
PR:             docs/17566
Submitted by:   Keith Stevenson <ktstev01@louisville.edu>
 2000-04-30 22:41:58 +00:00
Mark Murray 79eb2b5421 MFF: catch up with FreeFall 2000-04-19 21:20:54 +00:00
Kris Kennaway 9a823cff39 If stderr is closed, report the error message about missing libraries 
via syslog instead.

Reviewed by:	jkh
 2000-04-18 06:25:24 +00:00
Mark Murray 3c6b6b90c7 Internat diff reducer. 2000-04-16 17:49:31 +00:00
Mark Murray ef781a073e This commit was generated by cvs2svn to compensate for changes in r59281, 
which included commits to RCS files with non-trunk default branches.
 2000-04-16 16:03:07 +00:00
Mark Murray 07c567b8ec Virgin import of OpenSSL v0.9.5a 2000-04-16 16:03:07 +00:00
Kris Kennaway 7e7159cbdc Resolve conflicts. 2000-04-13 07:15:03 +00:00
Kris Kennaway f579bf8ec7 Initial import of OpenSSL 0.9.5a 2000-04-13 06:33:22 +00:00
Kris Kennaway 193faf8655 This commit was generated by cvs2svn to compensate for changes in r59191, 
which included commits to RCS files with non-trunk default branches.
 2000-04-13 06:33:22 +00:00
Kris Kennaway 2d773b269e Correct a typo and interchanged library names 
Submitted by:	Ben Rosengart <ben@narcissus.net>
		Matthew D. Fuller <fullermd@futuresouth.com>
 2000-04-05 04:09:51 +00:00
Kris Kennaway e31adaffd9 Fix a memory leak. 
PR:		17360
Submitted by:	Andrew J. Korty <ajk@iu.edu>
 2000-03-29 08:24:37 +00:00
Kris Kennaway 18fa3c2ec9 #include <ssl/foo.h> -> #include <openssl/foo.h> 2000-03-26 10:00:28 +00:00
Kris Kennaway 3c6ae11886 Resolve conflicts. 2000-03-26 07:37:48 +00:00
Kris Kennaway a8f6863aa6 Virgin import of OpenSSH sources dated 2000/03/25 2000-03-26 07:07:24 +00:00
Kris Kennaway cc99d7f2df This commit was generated by cvs2svn to compensate for changes in r58582, 
which included commits to RCS files with non-trunk default branches.
 2000-03-26 07:07:24 +00:00
Kris Kennaway 6aae670844 Don't refer to the openssl handbook chapter by name - the doc guys keep 
jamming new chapters in front of it :)
 2000-03-25 07:28:18 +00:00
Brian Somers 727214e9b8 Use pipe() instead of socketpair() in sshd when communicating 
with the client.
This allows ppp/ssh style tunnels to function again.

Ok'd by:	markk
Submitted by:	markk@knigma.org
 2000-03-24 15:39:37 +00:00
Mike Pritchard 5c51cd6437 Fix a few spelling errors. 2000-03-24 02:26:54 +00:00
Sheldon Hearn 962a3f4e81 IgnoreUserKnownHosts is a boolean flag, not an integer value. 
The fix submitted in the attributed PR is identical to the one
adopted by OpenBSD.

PR:		17027
Submitted by:	David Malone <dwmalone@maths.tcd.ie>
Obtained from:	OpenBSD
 2000-03-22 09:36:35 +00:00
Kris Kennaway 9fd4066575 Add a new function stub to libcrypto() which resolves to a symbol in 
the librsa* library and reports which version of the library (OpenSSL/RSAREF)
is being used.

This is then used in openssh to detect the failure case of RSAREF and a RSA key
>1024 bits, to print a more helpful error message than 'rsa_public_encrypt() fai
led.'

This is a 4.0-RELEASE candidate.
 2000-03-13 09:55:53 +00:00
Kris Kennaway 6a8633db4e Various manpage style/grammar/formatting cleanups 
Submitted by:	Peter Jeremy <peter.jeremy@alcatel.com.au>, jedgar
PR:		17292 (remainder of)
 2000-03-13 00:17:43 +00:00
Nik Clayton 8ff0a8c302 - typos 
- Add double spaces following full stops to improve typeset output
- mdoc-ification.  (Though I'm uncertain whether option values and
  contents should be .Dq or something else).
- Fix a missed /etc/ssh change
- Expand wording on RandomSeed and behaviour when X11 isn't forwarded.
- Change examples to literal mode.
- Trim trailing whitespace

PR:		docs/17292
Submitted by:	Peter Jeremy <peter.jeremy@alcatel.com.au>
 2000-03-10 11:48:49 +00:00
Mark Murray c59bf09996 Make LOGIN_CAP work properly. 2000-03-09 14:52:31 +00:00
Kris Kennaway 2134165c54 /etc -> /etc/ssh 
Submitted by:	Ben Smithurst <ben@scientia.demon.co.uk>
 2000-03-08 03:44:00 +00:00
John Hay 2216ad9c7e MFI: Use krb5 functions in krb5 files. 
Reviewed by:	markm
 2000-03-03 20:31:58 +00:00
Yoshinobu Inoue 137d85e410 Replace structure copy form ifreq obtained by SIOCGIFADDR 
to memcpy(), to avoid unaligned access trap on alpha.

Approved by: jkh
 2000-03-03 13:05:00 +00:00
Yoshinobu Inoue 46ad1c2366 CMSG_XXX macros alignment fixes to follow RFC2292. 
Approved by: jkh
 2000-03-03 12:50:46 +00:00
Brian Feldman 5dc73ebebe Turn off X11 forwarding in the client. X11 forwarding in the server by 
default should probably also get turned on, now.

Requested by:	kris
Obtained from:	OpenBSD
 2000-03-03 05:58:39 +00:00
Kris Kennaway 1d32417468 Update the wording on the error message when libcrypto.so can't find an 
RSA library.

Reviewed by:	peter, jkh
 2000-03-02 06:21:02 +00:00
Hajimu UMEMOTO e51ec40ec8 Enable connection logging. FreeBSD's libwrap is IPv6 ready. 
OpenSSH is in our source tree, now.  It's a time to enable it.

Reviewed by:	markm, shin
Approved by:	jkh
 2000-02-29 19:37:04 +00:00
Mark Murray fe5fd0173b 1) Add kerberos5 functionality. 
by Daniel Kouril <kouril@informatics.muni.cz>
2) Add full LOGIN_CAP capability
   by Andrey Chernov
 2000-02-28 19:03:50 +00:00
Brian Somers ccd16b43ed Don't put truncated hostnames in utmp 
Approved by: jkh
 2000-02-28 18:51:30 +00:00
Peter Wemm 6f35016f23 Sync with internat.freebsd.org; weak symbols vs static libs == trouble 2000-02-26 16:57:17 +00:00
Peter Wemm 7d8acc815a Merge from internat.freebsd.org; move VERBOSE_STUBS to a better spot. 2000-02-26 14:20:18 +00:00
Peter Wemm 4198e0cb8b Merge from internat.freebsd.org repo, minus change to rsa_eay.c (missing) 
Reorganize and unify libcrypto's interface so that the RSA implementation
is chosen at runtime via dlopen().

This is a checkpoint and may require more tweaks still.
 2000-02-26 13:19:18 +00:00
Peter Wemm 9fa5f5fd96 Merge from internat.freebsd.org repo, minus change to rsa_eay.c (missing) 
Reorganize and unify libcrypto's interface so that the RSA implementation
is chosen at runtime via dlopen().

This is a checkpoint and may require more tweaks still.
 2000-02-26 13:13:03 +00:00
Peter Wemm b70ab85b2b At great personal risk (to my already fragile sanity), reorganize 
the rsa stubs for libcrypto.  libcrypto.so now uses dlopen() to
implement the backends for either the native or rsaref implemented
RSA code.
This involves:
- unifying the libcrypto and openssl(1) source so there is no
  #ifdef RSAref variations.
- using weak symbols and dlopen()/dlsym() routines to access the
  rsa method vectors.

Releases will enable the user to choose International, US (rsaref) or
no RSA code at install time.
'make world' will DTRT depending on whether you have the international
or US source.  For US users, you must either install rsaref (the port
or package) or (if you don't fear RSA Inc) use the (superior)
International rsa_eay.c code.

This has been discussed at great length by the affected folks and even
we have a great deal of confusion.  This is a checkpoint so we can tune
the results.  This works for me in all permutations I can think of and
should result in a CD/ftp 'release' just about doing the right thing now.
 2000-02-26 13:06:55 +00:00
Peter Wemm 2307080405 Redo this with a repo copy from the original file and reset the 
__PREFIX__ markers.
 2000-02-26 09:59:14 +00:00
Peter Wemm 4d3289a849 oops, update path to /etc/ssh/ssh_host_key 2000-02-26 02:24:38 +00:00
Peter Wemm 9ceffc938a Merge from internat.freebsd.org; move ssh files from /etc to /etc/ssh 2000-02-25 14:25:10 +00:00
Peter Wemm 150f7c198f Don't use the dlopen() stubs if comiling with PIC. This still 
needs some more thought for the static case.  Should we provide weak
error-generating stubs for static binaries if -lrsaref was forgotten?
 2000-02-25 08:13:50 +00:00
Brian Feldman 8261034302 Fix a bug that crawled in pretty recently (from the port). It made 
sshd coredump :(
 2000-02-25 05:22:14 +00:00
Peter Wemm 38ba484ce1 Fix garbage in SSH_PROGRAM (only on freefall, not internat) 2000-02-25 04:41:06 +00:00
Brian Feldman a95c122521 Make "CheckHostIP" default to off. This was proposed on -security and 
earlier IRC, but despite my inital feeling against it, this seems
the more proper thing to do.

Proposed by:	rwatson
 2000-02-25 03:04:29 +00:00
Brian Feldman 18a711954e The includes must be <openssl/.*\.h>, not <ssl/.*\.h>. 2000-02-25 01:53:12 +00:00
Mark Murray b719e3c926 remove more ports crud. 2000-02-24 23:54:00 +00:00
Mark Murray 6ecb050733 remove ports junk 2000-02-24 23:46:38 +00:00
Mark Murray c7aee9a208 Use libcrypto instead of libdes. 2000-02-24 20:21:16 +00:00
Mark Murray bfb672b22a RIP libdes. All hail libcrypto! 2000-02-24 19:35:08 +00:00
Mark Murray bf4f84d44c Get crypto from libcrypto, not libdes. 2000-02-24 19:28:31 +00:00
Mark Murray 42f71286cd Add the patches fom ports (QV: ports/security/openssh/patches/patch-*) 2000-02-24 15:29:42 +00:00
Mark Murray 511b41d2a1 Vendor import of OpenSSH. 2000-02-24 14:29:47 +00:00
Mark Murray 8e3e42fe07 This commit was generated by cvs2svn to compensate for changes in r57429, 
which included commits to RCS files with non-trunk default branches.
 2000-02-24 14:29:47 +00:00
Mark Murray 8ceb13ade4 Merge conflicts. 2000-02-24 13:37:41 +00:00
Mark Murray c97e282188 Oops; forgot to add this. 2000-02-24 13:20:48 +00:00
Mark Murray b98bf15079 Get this to the same level of functionality as old libdes. 2000-02-24 13:20:15 +00:00
Mark Murray d61f1c7965 Vendor import of Heimdal 0.2p 2000-02-24 11:28:20 +00:00
Mark Murray 957428c77a This commit was generated by cvs2svn to compensate for changes in r57422, 
which included commits to RCS files with non-trunk default branches.
 2000-02-24 11:28:20 +00:00
Mark Murray 283d988c23 Vendor import of Heimdal 0.2o 2000-02-24 11:19:29 +00:00
Mark Murray b50c40f67b This commit was generated by cvs2svn to compensate for changes in r57419, 
which included commits to RCS files with non-trunk default branches.
 2000-02-24 11:19:29 +00:00
Mark Murray 13e3f4d6d9 Vendor import of Heimdal 0.2n 2000-02-24 11:07:16 +00:00
Mark Murray 270628b77a This commit was generated by cvs2svn to compensate for changes in r57416, 
which included commits to RCS files with non-trunk default branches.
 2000-02-24 11:07:16 +00:00
Mark Murray 9a843541e2 freefall/internat diff reducer 2000-02-24 10:38:40 +00:00
Mark Murray 228c5a5af7 Freefall/Internat diff reducer. 2000-02-24 10:37:29 +00:00
Jordan K. Hubbard 6895862c18 Add call stubs for dynamic rsaref loading. This isn't enabled for now 
but simply lets us sync up on the solution as it's evolved.
 2000-02-22 06:22:54 +00:00
Yoshinobu Inoue 81edae92ed Use static buffer to save source route hostnames. 
Approved by: jkh
 2000-02-19 16:33:14 +00:00
Yoshinobu Inoue a82a4df889 Print "Trying ..." for each host. Also cleanups for error printing. 
Approved by: jkh

Submitted by: Ben Smithurst <ben@scientia.demon.co.uk>
 2000-02-19 16:17:41 +00:00
Yoshinobu Inoue 1d1ade86f0 Fix bugs in telnet. 
Sorry there were still several bugs.
   -error retry at af missmatch was incomplete.
   -af matching for source addr option was wrong
   -socket was not freed at retry.

Approved by: jkh
 2000-02-15 15:59:12 +00:00
Yoshinobu Inoue 960e15a70b Add more dual stack consideration. 
-Should retry as much as possible when some of source
     routing intermediate hosts' address families missmatch
     happened.
     (such as when a host has only A record, and another host
     has each of A and AAAA record.)

    -Should retry as much as possible when dest addr and
     source addr(specified with -s option) address family
     missmatch happend

Approved by: jkh
 2000-02-10 20:06:36 +00:00
Yoshinobu Inoue f306e0c85f Fix telnet core dump at invalid service name specified. 
Added an error check to avoid it.

Approved by: jkh

Submitted by: Robert Muir <rmuir@gibralter.net>
 2000-02-07 00:52:49 +00:00
Yoshinobu Inoue 0bd288cd6c Add NI_NAMEREQD flag to getnameinfo() call. Without this flag, 
getnameinfo() don't return error at name resolving failure.
But it is used at doaddrlookup(-N) case in telnet, error need to be
returned to correctly initialize hostname buffer.

Discovered at checking recent KAME repository change, noticed by itojun.
 2000-01-29 18:21:05 +00:00
Yoshinobu Inoue 4dd8b5ab79 another tcp apps IPv6 updates.(should be make world safe) 
ftp, telnet, ftpd, faithd
  also telnet related sync with crypto, secure, kerberosIV

Obtained from: KAME project
 2000-01-27 09:28:38 +00:00
Kris Kennaway 97b2ed56f8 Import the RSA support code. There shouldn't be any actual RSA 
cryptography here.
 2000-01-16 05:14:57 +00:00
Kris Kennaway 72b2312537 This commit was generated by cvs2svn to compensate for changes in r56083, 
which included commits to RCS files with non-trunk default branches.
 2000-01-16 05:14:57 +00:00
Kris Kennaway d9d4eec9ea Fix for missing symbol in -DRSAref case. 2000-01-16 04:45:18 +00:00
Kris Kennaway ce600b6ae6 Fix breakage when NO_RSA specified. 
Reviewed by:	Ben Laurie <ben@openssl.org>
 2000-01-14 05:24:08 +00:00
Kris Kennaway 62410b5785 Zap NO_IDEA 2000-01-10 06:28:04 +00:00
cvs2svn 2b11cf855f This commit was manufactured by cvs2svn to create branch 
'VENDOR-crypto-openssl'.
 2000-01-10 06:27:13 +00:00