Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Don't report last login time in PAM case. (perforce change 10057) | des | 2002-04-22 | 1 | -4/+6 |
| | | | | Sponsored by: DARPA, NAI Labs | ||||
* | Fix warnings + wait for child so it doesn't go zombie (perforce change 10122) | des | 2002-04-22 | 1 | -4/+3 |
| | |||||
* | Move LOGIN_CAP calls before all file descriptors are closed hard, since some | ache | 2002-04-21 | 1 | -2/+15 |
| | | | | | | descriptors may be used by LOGIN_CAP internally, add login_close(). Use "nocheckmail" LOGIN_CAP capability too like our login does. | ||||
* | Fix TZ & TERM handling for use_login case of rev. 1.24 | ache | 2002-04-20 | 1 | -4/+6 |
| | |||||
* | 1) Surprisingly, "CheckMail" handling code completely removed from this | ache | 2002-04-20 | 2 | -2/+24 |
| | | | | | | | version, so documented "CheckMail" option exists but does nothing. Bring it back to life adding code back. 2) Cosmetique. Reduce number of args in do_setusercontext() | ||||
* | 1) Fix overlook in my prev. commit - forget HAVE_ prefix in one place in old | ache | 2002-04-20 | 1 | -4/+11 |
| | | | | | | | code merge. 2) In addition honor "timezone" and "term" capabilities from login.conf, not overwrite them once they set (they are TZ and TERM variables). | ||||
* | Please repeat after me: setusercontext() modifies _current_ environment, but | ache | 2002-04-20 | 1 | -24/+58 |
| | | | | | | | | | | sshd uses separate child_env. So, to make setusercontext() really does something, environment must be switched before call and passed to child_env back after it. The error here was that modified environment not passed back to child_env, so all variables that setusercontext() adds are lost, including ones from ~/.login_conf | ||||
* | Fix some warnings. Don't record logins twice in USE_PAM case. Strip | des | 2002-04-14 | 1 | -4/+22 |
| | | | | | | | "/dev/" off the tty name before passing it to auth_ttyok or PAM. Inspired by: dinoex Sponsored by: DARPA, NAI Labs | ||||
* | Back out previous backout. It seems I was right to begin with, and DSA is | des | 2002-04-12 | 1 | -2/+0 |
| | | | | | preferrable to RSA (not least because the SECSH draft standard requires DSA while RSA is only recommended). | ||||
* | Knowledgeable persons assure me that RSA is preferable to DSA and that we | des | 2002-04-11 | 1 | -0/+2 |
| | | | | should transition away from DSA. | ||||
* | Prefer DSA to RSA if both are available. | des | 2002-04-11 | 1 | -1/+2 |
| | |||||
* | Do not attempt to load an ssh2 RSA host key by default. | des | 2002-04-11 | 1 | -2/+0 |
| | |||||
* | Align for const poisoning in -lutil. | ru | 2002-04-08 | 1 | -1/+1 |
| | |||||
* | Nuke stale copy of the pam_ssh(8) source code. | des | 2002-04-06 | 1 | -497/+0 |
| | |||||
* | Revert to vendor version, what little was left of our local patches here | des | 2002-04-02 | 1 | -2/+2 |
| | | | | | | was incorrect. Pointed out by: Markus Friedl <markus@openbsd.org> | ||||
* | Change the FreeBSD version addendum to "FreeBSD-20020402". This shortens | des | 2002-04-02 | 3 | -2/+3 |
| | | | | | | | | | | the version string to 28 characters, which is below the 40-character limit specified in the proposed SECSH standard. Some servers, however (like the one built into the Foundry BigIron line of switches) will hang when confronted with a version string longer than 24 characters, so some users may need to shorten it further. Sponsored by: DARPA, NAI Labs | ||||
* | Make the various ssh clients understand the VersionAddendum option. | des | 2002-04-02 | 1 | -1/+10 |
| | | | | Submitted by: pb | ||||
* | Switch over to using pam_login_access(8) module in sshd(8). | ru | 2002-03-26 | 2 | -19/+4 |
| | | | | | | (Fixes static compilation. Reduces diffs to OpenSSH.) Reviewed by: bde | ||||
* | REALLY correct typo this time. | nectar | 2002-03-26 | 1 | -2/+2 |
| | | | | Noticed by: roam | ||||
* | Fix typo (missing paren) affecting KRB4 && KRB5 case. | nectar | 2002-03-25 | 1 | -1/+1 |
| | | | | Approved by: des | ||||
* | We keep moduli(5) in /etc/ssh, not /etc. | des | 2002-03-23 | 1 | -1/+1 |
| | |||||
* | Correctly set PAM_RHOST so e.g. pam_login_access(8) can do its job. | des | 2002-03-21 | 1 | -0/+5 |
| | | | | Sponsored by: DARPA, NAI Labs | ||||
* | Use the "sshd" service instead of "csshd". The latter was only needed | des | 2002-03-21 | 1 | -1/+1 |
| | | | | | | because of bugs (incorrect design decisions, actually) in Linux-PAM. Sponsored by: DARPA, NAI Labs | ||||
* | Use PAM instead of S/Key (or OPIE) for SSH2. | des | 2002-03-21 | 2 | -6/+341 |
| | | | | Sponsored by: DARPA, NAI Labs | ||||
* | Note that portions of this software were | des | 2002-03-20 | 1 | -0/+43 |
| | | | | Sponsored by: DARPA, NAI Labs | ||||
* | - Change the prompt from "S/Key Password: " to "OPIE Password: " | des | 2002-03-20 | 1 | -1/+3 |
| | | | | | | | - If the user doesn't have an OPIE key, don't challenge him. This is a workaround until I get PAM to work properly with ssh2. Sponsored by: DARPA, NAI Labs | ||||
* | Unbreak for KRB4 ^ KRB5 case. | des | 2002-03-19 | 1 | -2/+16 |
| | | | | Sponsored by: DARPA, NAI Labs | ||||
* | Revive this file (which is used for opie rather than skey) | des | 2002-03-18 | 1 | -0/+97 |
| | |||||
* | Fix conflicts. | des | 2002-03-18 | 51 | -6317/+6809 |
| | |||||
* | This commit was generated by cvs2svn to compensate for changes in r92555, | des | 2002-03-18 | 115 | -3132/+5680 |
|\ | | | | | | | which included commits to RCS files with non-trunk default branches. | ||||
| * | Vendor import of OpenSSH 3.1 | des | 2002-03-18 | 165 | -9014/+12507 |
| | | |||||
* | | Diff reduction. | des | 2002-03-16 | 2 | -4/+3 |
| | | | | | | | | Sponsored by: DARPA, NAI Labs | ||||
* | | Update version string. | nectar | 2002-03-07 | 1 | -1/+1 |
| | | |||||
* | | Fix off-by-one error. | nectar | 2002-03-05 | 1 | -1/+1 |
| | | | | | | | | Obtained from: OpenBSD | ||||
* | | Use login_getpwclass() instead of login_getclass() so that default | green | 2002-02-27 | 1 | -1/+1 |
| | | | | | | | | | | | | | | mapping of user login classes works. Obtained from: TrustedBSD project Sponsored by: DARPA, NAI Labs | ||||
* | | Update build after import of Heimdal Kerberos 2002/02/17. | nectar | 2002-02-19 | 2 | -204/+1 |
| | | |||||
* | | Remove files that were dropped from Heimdal Kerberos 2002/02/17. | nectar | 2002-02-19 | 5 | -432/+0 |
| | | |||||
* | | Resolve conflicts after import of Heimdal Kerberos 2002/02/17. | nectar | 2002-02-19 | 7 | -117/+169 |
| | | |||||
* | | This commit was generated by cvs2svn to compensate for changes in r90926, | nectar | 2002-02-19 | 408 | -19552/+34202 |
|\ \ | | | | | | | | | | which included commits to RCS files with non-trunk default branches. | ||||
| * | | Import of Heimdal Kerberos from KTH repository circa 2002/02/17. | nectar | 2002-02-19 | 418 | -19831/+34535 |
| | | | |||||
* | | | Don't use non-signal-safe functions (exit(3) in this case) in | sheldonh | 2002-02-05 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | signal handlers. In this case, use _exit(2) instead, following the call to shutdown(2). This fixes rare telnetd hangs. PR: misc/33672 Submitted by: Umesh Krishnaswamy <umesh@juniper.net> MFC after: 1 month | ||||
* | | | Resolve conflicts. | kris | 2002-01-27 | 9 | -84/+361 |
| | | | |||||
* | | | This commit was generated by cvs2svn to compensate for changes in r89837, | kris | 2002-01-27 | 139 | -753/+5117 |
|\ \ \ | | | | | | | | | | | | | which included commits to RCS files with non-trunk default branches. | ||||
| * | | | Initial import of OpenSSL 0.9.6c | kris | 2002-01-27 | 149 | -838/+5487 |
| | | | | |||||
* | | | | Make libssh.so useable (undefined reference to IPv4or6). | ru | 2002-01-23 | 3 | -3/+3 |
| | | | | | | | | | | | | | | | | | | | | Reviewed by: des, markm Approved by: markm | ||||
* | | | | This commit was generated by cvs2svn to compensate for changes in r89402, | nectar | 2002-01-15 | 1 | -6/+7 |
|\ \ \ \ | | |/ / | |/| | | | | | | which included commits to RCS files with non-trunk default branches. | ||||
| * | | | Don't use getlogin() to determine whether we are root. | nectar | 2002-01-15 | 1 | -6/+7 |
| | | | | | | | | | | | | | | | | (Import of vendor fix.) | ||||
* | | | | Fix a coredump bug occurring if ssh-keygen attempts to change the password | green | 2002-01-07 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | on a DSA key. Submitted by: ian j hart <ianjhart@ntlworld.com> | ||||
* | | | | mdoc(7) police: remove -r from SYNOPSIS, sort -p in DESCRIPTION. | ru | 2001-12-14 | 1 | -6/+5 |
| | | | | |||||
* | | | | Don't assume that the number of fds to select on is known quantity (in | jkh | 2001-12-09 | 1 | -32/+56 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | this case 16). Use dynamic FD_SETs and calculated high-water marks throughout. There are also too many versions of telnet in the tree. Obtained from: OpenBSD and Apple's Radar database MFC after: 2 days |