| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
Sponsored by: registrar.no
|
|
|
|
|
|
|
| |
calling functions which can potentially fail and cause cleanups to be
invoked.
Submitted by: Solar Designer <solar@openwall.com>
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and did copy it as long as just size of struct sockaddr. So,
If connection is via IPv6, sshd didn't log hostname into utmp
correctly.
This problem occured only under FreeBSD because of our hack.
However, this is potential problem of OpenSSH-portable, and
they agreed to fix this.
Though, there is no fixed version of OpenSSH-portable available
yet, since this problem is serious for IPv6 users, I commit the
fix.
Reported by: many people
Reviewed by: current@ and stable@ (no objection)
MFC after: 3 days
|
|
|
|
|
|
| |
invalidate login cap descriptor.
Reviewed by: des
|
|
|
|
|
|
|
|
|
| |
1) options.print_lastlog was not honored.
2) "Last login: ..." was printed twice.
3) "copyright" was not printed
4) No newline was before motd.
Reviewed by: maintainer's silence in 2 weeks (with my constant reminders)
|
|
|
|
| |
Sponsored by: DARPA, NAI Labs
|
|
|
|
|
|
|
| |
to the child process.
Reviewed by: ache
Sponsored by: DARPA, NAI Labs
|
| |
|
|
|
|
| |
Sponsored by: DARPA, NAI Labs
|
|
|
|
|
|
|
|
|
|
|
| |
- sshd fails to set TERM correctly.
- privilege separation may break PAM and is currently turned off.
- man pages have not yet been updated
I will have these issues resolved, and privilege separation turned on by
default, in time for DP2.
Sponsored by: DARPA, NAI Labs
|
|
|
|
|
|
|
|
|
|
| |
2) For "copyright" case #ifdef HAVE_LOGIN_CAP was placed on too big block,
narrow it down.
3) Don't check the same conditions twice (for "copyright" and "welcome"),
put them under single block.
4) Print \n between "copyright" and "welcome" as our login does.
Reviewed by: des (1)
|
|
|
|
| |
Sponsored by: DARPA, NAI Labs
|
|
|
|
|
|
| |
descriptors may be used by LOGIN_CAP internally, add login_close().
Use "nocheckmail" LOGIN_CAP capability too like our login does.
|
| |
|
|
|
|
|
|
|
| |
version, so documented "CheckMail" option exists but does nothing.
Bring it back to life adding code back.
2) Cosmetique. Reduce number of args in do_setusercontext()
|
|
|
|
|
|
|
| |
code merge.
2) In addition honor "timezone" and "term" capabilities from login.conf,
not overwrite them once they set (they are TZ and TERM variables).
|
|
|
|
|
|
|
|
|
|
| |
sshd uses separate child_env. So, to make setusercontext() really does
something, environment must be switched before call and passed to child_env
back after it.
The error here was that modified environment not passed back to child_env,
so all variables that setusercontext() adds are lost, including ones from
~/.login_conf
|
|
|
|
|
|
|
| |
"/dev/" off the tty name before passing it to auth_ttyok or PAM.
Inspired by: dinoex
Sponsored by: DARPA, NAI Labs
|
| |
|
| |
|
|
|
|
|
|
|
| |
mapping of user login classes works.
Obtained from: TrustedBSD project
Sponsored by: DARPA, NAI Labs
|
|
|
|
|
| |
Obtained from: OpenBSD
Approved by: green
|
|
|
|
|
|
|
|
| |
will be correctly initialised.
PR: 32065
Tested by: The Anarcat <anarcat@anarcat.dyndns.org>
MFC after: 3 days
|
|
|
|
|
|
| |
file, nullifying the effects of a race.
Obtained from: OpenBSD
|
| |
|
|
|
|
| |
sessions.
|
|
|
|
|
|
| |
was specified when using -t mode with the SSH client.
Submitted by: Dima Dorfman <dima@unixfreak.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
new features description elided in favor of checking out their
website.
Important new FreeBSD-version stuff: PAM support has been worked
in, partially from the "Unix" OpenSSH version, and a lot due to the
work of Eivind Eklend, too.
This requires at least the following in pam.conf:
sshd auth sufficient pam_skey.so
sshd auth required pam_unix.so try_first_pass
sshd session required pam_permit.so
Parts by: Eivind Eklend <eivind@FreeBSD.org>
|
|
|
|
| |
Reviewed by: gshapiro, peter, green
|
|
|
|
|
|
| |
up the function definition from unistd.h instead. Use s->tty instead.
Submitted by: peter
|
|
|
|
| |
was using this feature.
|
|
|
|
| |
Submitted by: Udo Schweigert <ust@cert.siemens.de>
|
|
|
|
|
|
| |
uid 0.
Obtained from: OpenBSD
|
| |
|
|
|
|
| |
Noticed by: obrien
|
| |
|
|
|