| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
on a DSA key.
Submitted by: ian j hart <ianjhart@ntlworld.com>
|
| | |
|
| |
|
|
|
|
|
|
| |
this case 16). Use dynamic FD_SETs and calculated high-water marks
throughout. There are also too many versions of telnet in the tree.
Obtained from: OpenBSD and Apple's Radar database
MFC after: 2 days
|
| |
|
|
| |
Removed -s from SYNOPSIS and restored -S in DESCRIPTION.
|
| | |
|
| |
|
|
|
|
|
|
| |
case with an ifdef INET6.
This make the fixit floppy compile again.
Reviewed by: markm
|
| |
|
|
| |
feels like rewriting it will meet no objection from me.
|
| | |
|
| |
|
|
|
| |
Obtained from: OpenBSD
Approved by: green
|
| |
|
|
| |
in crypto telnet.
|
| |
|
|
| |
fixes that.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
1) ANSIfy.
2) Clean up ifdefs so that
a) ones that never/always apply are appropriately either
fully removed, or just the #if junk is removed.
b) change #if defined(FOO) for appropiate values of FOO.
(currently AUTHENTICATION and ENCRYPTION)
3) WARNS=2 fixing
4) GC other unused stuff
This code can now be unifdef(1)ed to make non-crypto telnet.
|
| |
|
|
|
|
|
|
| |
will be correctly initialised.
PR: 32065
Tested by: The Anarcat <anarcat@anarcat.dyndns.org>
MFC after: 3 days
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is by the kind permission of Dave Safford, formerly of TAMU who wrote the
original code. Here is an excerpt of the e-mail exchange concerning this
issue:
Dave Safford wrote:
>Nick Sayer wrote:
>> Some time ago we spoke about SRA and importing it into FreeBSD. I forgot to
>> ask if you had a prefered license boilerplate for the top of the files. It
>> has come up recently, and the SRA code in FreeBSD doesn't have one.
>I really have no preference - use whatever is most convenient in the
>FreeBSD environment.
>dave safford
This is the standard BSD license with clause 3 removed and clause 4
suitably renumbered.
MFC after: 1 day
|
| |
|
|
|
|
|
| |
Really, one of them needs to disappear. I'll figure out which
later.
Reported by: bde
|
| | |
|
| | |
|
| |
|
|
|
|
| |
also print an error if krb5 ticket passing is disabled
Submitted by: Jonathan Chen <jon@spock.org>
|
| | |
|
| |
|
|
| |
with this. localisations is a valid spelling. Oops
|
| | |
|
| |
|
|
|
|
|
| |
That define may still be present in the source, but I don't think
anyone has plans to try to use it.
Obtained from: NetBSD
|
| |
|
|
|
| |
telnet, so it was treated as the reference code, except where later
commits were made to "base" telnet.
|
| |
|
|
|
| |
Requested by: obrien
Reviewed by: rwatson
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
o Because of export controls, TELNET ENCRYPT option is not supported outside
of the United States and Canada.
o Because of export controls, data encryption
is not supported outside of the United States and Canada.
src/crypto/README revision 1.5 commit log says:
> Crypto sources are no longer export controlled:
> Explain, why crypto sources are still in crypto/.
and actually telnet encryption is used outside of US and Canada now.
Pointed out by: OHSAWA Chitoshi <ohsawa@catv1.ccn-net.ne.jp>
Reviewed by: no objection on doc
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
to do what they are supposed to: under some circumstances output data would
be truncated, or the buffer would not actually be flushed (possibly leading
to overflows when the caller assumes the operation succeeded). Change the
semantics so that these functions ensure they complete the operation before
returning.
Comment out diagnostic code enabled by '-D reports' which causes an
infinite recursion and an eventual crash.
Patch developed with assistance from ru and assar.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
o Fixed `nfrontp' calculations in output_data(). If `remaining' is
initially zero, it was possible for `nfrontp' to be decremented.
Noticed by: dillon
o Replaced leaking writenet() with output_datalen():
: * writenet
: *
: * Just a handy little function to write a bit of raw data to the net.
: * It will force a transmit of the buffer if necessary
: *
: * arguments
: * ptr - A pointer to a character string to write
: * len - How many bytes to write
: */
: void
: writenet(ptr, len)
: register unsigned char *ptr;
: register int len;
: {
: /* flush buffer if no room for new data) */
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
: if ((&netobuf[BUFSIZ] - nfrontp) < len) {
: /* if this fails, don't worry, buffer is a little big */
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
: netflush();
: }
:
: memmove(nfrontp, ptr, len);
: nfrontp += len;
:
: } /* end of writenet */
What an irony! :-)
o Optimized output_datalen() a bit.
|
| | |
|
| |\
| |
| |
| | |
which included commits to RCS files with non-trunk default branches.
|
| | | |
|
| | |
| |
| |
| |
| | |
Submitted by: assar
Obtained from: OpenBSD
|
| | |
| |
| |
| |
| |
| | |
Reported on: bugtraq
Obtained from: Heimdal, NetBSD
Reviewed by: obrien, imp
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
authentication is enabled, the client effectively ignores any error
from krb5_rd_rep due to a missing branch.
In theory this could result in an ssh client using Kerberos 5
authentication accepting a spoofed AP-REP. I doubt this is a real
possiblity, however, because the AP-REP is passed from the server to
the client via the SSH encrypted channel. Any tampering should cause
the decryption or MAC to fail.
Approved by: green
MFC after: 1 week
|
| | | |
|
| | |
| |
| |
| | |
from working right in 2.9.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
non-blocking read returns 0.
Now I can finally tunnel CVSUP again...
|
| | | |
|
| |\ \
| | |
| | |
| | | |
which included commits to RCS files with non-trunk default branches.
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | | |
not imply that you want, need or have kerberosIV headers.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
file, nullifying the effects of a race.
Obtained from: OpenBSD
|
