summaryrefslogtreecommitdiffstats
path: root/crypto/openssh
Commit message (Collapse)AuthorAgeFilesLines
* fix renamed options in some of the code that was #ifdef AFSassar2001-09-044-4/+7
| | | | | | also print an error if krb5 ticket passing is disabled Submitted by: Jonathan Chen <jon@spock.org>
* Backout last change. I didnt follow the thread and made a mistakeps2001-08-271-1/+1
| | | | with this. localisations is a valid spelling. Oops
* Correctly spell localizationsps2001-08-271-1/+1
|
* Update the OpenSSH minor-version string.green2001-08-161-1/+1
| | | | | Requested by: obrien Reviewed by: rwatson
* Bug fix: When the client connects to a server and Kerberosnectar2001-07-131-0/+1
| | | | | | | | | | | | | | authentication is enabled, the client effectively ignores any error from krb5_rd_rep due to a missing branch. In theory this could result in an ssh client using Kerberos 5 authentication accepting a spoofed AP-REP. I doubt this is a real possiblity, however, because the AP-REP is passed from the server to the client via the SSH encrypted channel. Any tampering should cause the decryption or MAC to fail. Approved by: green MFC after: 1 week
* Fix an incorrect conflict resolution which prevented TISAuthenticationgreen2001-07-071-25/+2
| | | | from working right in 2.9.
* Also add a colon to "Bad passphrase, please try again ".green2001-06-291-1/+1
|
* Put in a missing colon in the "Enter passphrase" message.green2001-06-291-1/+1
|
* Back out the last change which is probably actually a red herring. Argh!green2001-06-261-4/+2
|
* Don't pointlessly kill a channel because the first (forced)green2001-06-261-2/+4
| | | | | | non-blocking read returns 0. Now I can finally tunnel CVSUP again...
* (do_authloop): handle !KRB4 && KRB5assar2001-06-161-4/+7
|
* Unbreak OpenSSH for the KRB5-and-no-KRB4 case. Asking for KRB5 doesmarkm2001-06-151-1/+3
| | | | not imply that you want, need or have kerberosIV headers.
* Enable Kerberos 5 support in sshd again.green2001-06-123-2/+4
|
* Switch to the user's uid before attempting to unlink the auth forwardinggreen2001-06-084-25/+45
| | | | | | file, nullifying the effects of a race. Obtained from: OpenBSD
* Fix $FreeBSD$ style committer messed up in rev 1.7 for some reason.obrien2001-05-241-1/+1
|
* Restore the RSA host key to /etc/ssh/ssh_host_key.obrien2001-05-181-2/+1
| | | | Also fix $FreeBSD$ spamage in crypto/openssh/sshd_config rev. 1.16.
* If a host would exceed 16 characters in the utmp entry, record onlygreen2001-05-151-1/+1
| | | | | | it's IP address/base host instead. Submitted by: brian
* mdoc(7) police: finished fixing conflicts in revision 1.18.ru2001-05-141-1/+0
|
* Fix make world in the kerberosIV case.markm2001-05-111-1/+5
|
* Fix some of the handling in the pam module, don't unregister thingsalfred2001-05-091-14/+50
| | | | | | | that were never registered. At the same time handle a failure from pam_setcreds with a bit more paranioa than the previous fix. Sync a bit with the "Portable OpenSSH" work to make comparisons a easier.
* Since PAM is broken, let pam_setcred() failure be non-fatal.green2001-05-081-1/+1
|
* sshd_config should still be keeping ssh host keys in /etc/ssh, not /etc.green2001-05-051-3/+3
|
* Finish committing _more_ somehow-uncommitted OpenSSH 2.9 updates.green2001-05-052-5/+11
| | | | (Missing Delta Brigade, tally-ho!)
* Get ssh(1) compiling with MAKE_KERBEROS5.green2001-05-042-2/+6
|
* Remove obsoleted files.green2001-05-0412-1582/+0
|
* Fix conflicts for OpenSSH 2.9.green2001-05-0449-4374/+5736
|
* This commit was generated by cvs2svn to compensate for changes in r76259,green2001-05-04118-2874/+10190
|\ | | | | | | which included commits to RCS files with non-trunk default branches.
| * Say "hi" to the latest in the OpenSSH series, version 2.9!green2001-05-04162-7158/+15940
| | | | | | | | Happy birthday to: rwatson
| * This commit was manufactured by cvs2svn to create branchcvs2svn2000-12-053-0/+1064
| | | | | | | | 'VENDOR-crypto-openssh'.
* | Add a "VersionAddendum" configuration setting for sshd which allowsgreen2001-05-033-2/+77
| | | | | | | | | | | | | | | | | | anyone to easily change the part of the OpenSSH version after the main version number. The FreeBSD-specific version banner could be disabled that way, for example: # Call ourselves plain OpenSSH VersionAddendum
* | Backout completely canonical lookup modifications.green2001-05-033-15/+24
| |
* | Suggested by kris, OpenSSH shall have a version designated to note thatgreen2001-03-201-1/+2
| | | | | | | | it's not "plain" OpenSSH 2.3.0.
* | Make password attacks based on traffic analysis harder by requiring thatgreen2001-03-209-5/+74
| | | | | | | | | | | | | | "non-echoed" characters are still echoed back in a null packet, as well as pad passwords sent to not give hints to the length otherwise. Obtained from: OpenBSD
* | Fix double mention of ssh.asmodai2001-03-151-1/+1
| | | | | | | | | | | | | | | | This file is already off the vendorbranch, nonetheless it needs to be submitted back to the OpenSSH people. PR: 25743 Submitted by: David Wolfskill <dhw@whistle.com>
* | Don't dump core when an attempt is made to login using protocol 2 withgreen2001-03-151-0/+1
| | | | | | | | an invalid user name.
* | (try_krb5_authentication): simplify code. from joda@netbsd.orgassar2001-03-131-47/+4
| |
* | Fix LP64 problem in Kerberos 5 TGT passing.assar2001-03-121-1/+3
| | | | | | | | Obtained from: NetBSD (done by thorpej@netbsd.org)
* | Reenable the SIGPIPE signal handler default in all cases for spawnedgreen2001-03-111-2/+6
| | | | | | | | sessions.
* | Add code for being compatible with ssh.com's krb5 authentication.assar2001-03-0413-178/+165
| | | | | | | | | | | | | | | | | | It is done by using the same ssh messages for v4 and v5 authentication (since the ssh.com does not now anything about v4) and looking at the contents after unpacking it to see if it is v4 or v5. Based on code from Björn Grönvall <bg@sics.se> PR: misc/20504
* | Make ConnectionsPerPeriod non-fatal for real.ps2001-02-181-0/+1
| |
* | update to new heimdal libkrb5assar2001-02-131-2/+2
| |
* | Patches backported from later development version of OpenSSH which preventkris2001-02-125-28/+53
| | | | | | | | | | | | | | | | (instead of just mitigating through connection limits) the Bleichenbacher attack which can lead to guessing of the server key (not host key) by regenerating it when an RSA failure is detected. Reviewed by: rwatson
* | Correctly fill in the sun_len for a sockaddr_sun.green2001-02-041-1/+2
| | | | | | | | Submitted by: Alexander Leidinger <Alexander@leidinger.net>
* | MFS: Don't use the canonical hostname here, too.green2001-02-041-0/+2
| |
* | MFF: Make ConnectionsPerPeriod usage a warning, not fatal.green2001-02-041-1/+1
| |
* | Actually propagate back to the rest of the application that a commandgreen2001-01-211-1/+1
| | | | | | | | | | | | was specified when using -t mode with the SSH client. Submitted by: Dima Dorfman <dima@unixfreak.org>
* | /Really/ deprecate ConnectionsPerPeriod, ripping out the code for itgreen2001-01-134-102/+2
| | | | | | | | and giving a dire error to its lingering users.
* | Fix a long-standing bug that resulted in a dropped session sometimesgreen2001-01-061-0/+1
| | | | | | | | | | | | when an X11-forwarded client was closed. For some reason, sshd didn't disable the SIGPIPE exit handler and died a horrible death (well, okay, a silent death really). Set SIGPIPE's handler to SIG_IGN.
* | Update to OpenSSH 2.3.0 with FreeBSD modifications. OpenSSH 2.3.0green2000-12-0534-861/+2289
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | new features description elided in favor of checking out their website. Important new FreeBSD-version stuff: PAM support has been worked in, partially from the "Unix" OpenSSH version, and a lot due to the work of Eivind Eklend, too. This requires at least the following in pam.conf: sshd auth sufficient pam_skey.so sshd auth required pam_unix.so try_first_pass sshd session required pam_permit.so Parts by: Eivind Eklend <eivind@FreeBSD.org>
* | Forgot to remove the old line in the last commit.green2000-12-051-1/+0
| |
OpenPOWER on IntegriCloud