summaryrefslogtreecommitdiffstats
path: root/crypto/telnet/libtelnet
Commit message (Collapse)AuthorAgeFilesLines
* Very big makeover in the way telnet, telnetd and libtelnet are built.markm2003-07-1621-6451/+0
| | | | | | | | | | | | | | | | | | | | | | | Previously, there were two copies of telnet; a non-crypto version that lived in the usual places, and a crypto version that lived in crypto/telnet/. The latter was built in a broken manner somewhat akin to other "contribified" sources. This meant that there were 4 telnets competing with each other at build time - KerberosIV, Kerberos5, plain-old-secure and base. KerberosIV is no longer in the running, but the other three took it in turns to jump all over each other during a "make buildworld". As the crypto issue has been clarified, and crypto _calls_ are not a problem, crypto/telnet has been repo-copied to contrib/telnet, and with this commit, all telnets are now "contribified". The contrib path was chosen to not destroy history in the repository, and differs from other contrib/ entries in that it may be worked on as "normal" BSD code. There is no dangerous crypto in these sources, only a very weak system less strong than enigma(1). Kerberos5 telnet and Secure telnet are now selected by using the usual macros in /etc/make.conf, and the build process is unsurprising and less treacherous.
* Use __FBSDID vs. rcsid[]. Also protect sccs[] and copyright[] from GCC 3.3.obrien2003-05-042-11/+9
|
* Unbreak Kerberos 5 authentication in telnet.nectar2003-03-061-0/+24
| | | | | | (Credential forwarding is still broken.) PR: bin/45397
* Background:nectar2003-01-292-14/+2
| | | | | | | | | | | | | | | | | | | | | When libdes was replaced with OpenSSL's libcrypto, there were a few interfaces that the former implemented but the latter did not. Because some software in the base system still depended upon these interfaces, we simply included them in our libcrypto (rnd_keys.c). Now, finally get around to removing the dependencies on these interfaces. There were basically two cases: des_new_random_key -- This is just a wrapper for des_random_key, and these calls were replaced. des_init_random_number_generator et. al. -- A few functions were used by the application to seed libdes's PRNG. These are not necessary when using libcrypto, as OpenSSL internally seeds the PRNG from /dev/random. These calls were simply removed. Again, some of the Kerberos 4 files have been taken off the vendor branch. I do not expect there to be future imports of KTH Kerberos 4.
* Encrypted strings (after hex decoding) aren't null terminated, becausensayer2002-08-221-4/+0
| | | | | | | | 0 might simply be part of the ciphertext. PR: bin/40266 Submitted by: andr@dgap.mipt.ru MFC after: 3 days
* Warnings fixes. Sort out some variable types.markm2002-06-261-6/+7
|
* Help fix warnings by marking an argument as unused.markm2002-06-261-0/+1
|
* Fix an external declaration that was causing telnetd to core dump.markm2002-05-061-1/+1
| | | | | MFC after: 1 week PR: 37766
* Update build after import of Heimdal Kerberos 2002/02/17.nectar2002-02-191-1/+1
|
* help the alphas out with the WARNS=2 stuff.markm2001-12-031-1/+1
|
* Damn. The previous mega-commit was incomplete WRT ANSIfication. Thismarkm2001-11-307-37/+14
| | | | fixes that.
* Very large style makeover.markm2001-11-3021-2084/+1175
| | | | | | | | | | | | | 1) ANSIfy. 2) Clean up ifdefs so that a) ones that never/always apply are appropriately either fully removed, or just the #if junk is removed. b) change #if defined(FOO) for appropiate values of FOO. (currently AUTHENTICATION and ENCRYPTION) 3) WARNS=2 fixing 4) GC other unused stuff This code can now be unifdef(1)ed to make non-crypto telnet.
* Fix world by trimming an extra comment terminator.jhb2001-10-291-1/+1
|
* Add Berkeley copyright to SRA.nsayer2001-10-293-1/+91
| | | | | | | | | | | | | | | | | | | | | | This is by the kind permission of Dave Safford, formerly of TAMU who wrote the original code. Here is an excerpt of the e-mail exchange concerning this issue: Dave Safford wrote: >Nick Sayer wrote: >> Some time ago we spoke about SRA and importing it into FreeBSD. I forgot to >> ask if you had a prefered license boilerplate for the top of the files. It >> has come up recently, and the SRA code in FreeBSD doesn't have one. >I really have no preference - use whatever is most convenient in the >FreeBSD environment. >dave safford This is the standard BSD license with clause 3 removed and clause 4 suitably renumbered. MFC after: 1 day
* Add __FBSDID() to diff-reduce with "base" telnet.markm2001-10-0114-28/+40
|
* Code merge and diff reduce with "base" telnet. This is the "later"markm2001-08-209-139/+90
| | | | | telnet, so it was treated as the reference code, except where later commits were made to "base" telnet.
* Make the PAM user-override actually override the correect thing.nsayer2001-05-171-3/+3
|
* Fix the latest telnet breakage. Obviously this was never compiled.peter2001-05-171-4/+4
|
* Make sure the protocol actively rejects bad data rather thannsayer2001-05-161-8/+8
| | | | (potentially) not responding to an invalid SRA 'auth is' message.
* srandomdev() affords us the opportunity to radically improve, and at thensayer2001-05-161-0/+7
| | | | same time simplify, the random number selection code.
* Catch any attempted buffer overflows. The magic numbers in this codensayer2001-05-161-2/+6
| | | | | | | (512) are a little distressing, but the method really needs to be extended to allow server-supplied DH parameters anyway. Submitted by: kris
* Catch malloc return failures. This should help avoid dereferencing NULL onnsayer2001-05-161-0/+8
| | | | | | low-memory situations. Submitted by: kris
* If the uid of the attempted authentication is 0 and if the pty isnsayer2001-05-151-1/+34
| | | | | insecure, do not succeed. Copied from login.c. This functionality really should be a PAM module.
* Pointy hat fix -- reapply the SRA PAM patch. To -current this time.nsayer2001-05-071-0/+133
|
* Fix core noted in -stable with 'auth disable SRA'.nsayer2001-03-181-2/+2
| | | | | I just mistakenly commited this to RELENG_4. I have contacted Jordan to see about how to fix this. Pass the pointy hat.
* Add missing $FreeBSD$ to files that are NOT still on vendor a branch.peter2000-07-169-0/+30
|
* Fix 'telnet -X sra' coredumpnsayer2000-07-111-1/+3
| | | | PR# 19835
* Don't call printf with no format string.kris2000-07-101-1/+5
|
* Get crypto from libcrypto, not libdes.markm2000-02-245-5/+13
|
* According to Mark Murray, Makefiles do not belong here. I guess we'rensayer1999-08-161-19/+0
| | | | going to have to figure something else out.
* Add SRA authentication to src/crypto/telnet.nsayer1999-08-169-4/+840
| | | | | | | | | | | | | | | | | | | | SRA does a Diffie-Hellmen exchange and then DES-encrypts the authentication data. If the authentication is successful, it also sets up a session key for DES encryption. SRA was originally developed at Texas A&M University. This code is probably export restricted (despite the fact that I originally found it at a University in Germany). SRA is not perfect. It is vulnerable to monkey-in-the-middle attacks and does not use tremendously large DH constants (and thus an individual exchange probably could be factored in a few days on modern CPU horsepower). It does not, however, require any changes in user or administrative behavior and foils session hijacking and sniffing. The goal of this commit is that telnet and telnetd end up in the DES distribution and that therefore an encrypted session telnet becomes standard issue for FreeBSD.
* Old stuff laying around: Don't use getstr which can conflict with somepeter1998-12-161-1/+1
| | | | curses/termcap/terminfo implementations and causes recursion.
* Bring the FreeBSD changes to the virgin sources.markm1997-09-0711-76/+87
|
* Initial import of BSD telnet. This will be used to build the kerberisedmarkm1997-09-0419-0/+6265
telnet, and after userland diffs have been merged in, will be used to build the non-kerberised sources as well. (See unifdef(1) for details)
OpenPOWER on IntegriCloud