| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
to do what they are supposed to: under some circumstances output data would
be truncated, or the buffer would not actually be flushed (possibly leading
to overflows when the caller assumes the operation succeeded). Change the
semantics so that these functions ensure they complete the operation before
returning.
Comment out diagnostic code enabled by '-D reports' which causes an
infinite recursion and an eventual crash.
Patch developed with assistance from ru and assar.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
o Fixed `nfrontp' calculations in output_data(). If `remaining' is
initially zero, it was possible for `nfrontp' to be decremented.
Noticed by: dillon
o Replaced leaking writenet() with output_datalen():
: * writenet
: *
: * Just a handy little function to write a bit of raw data to the net.
: * It will force a transmit of the buffer if necessary
: *
: * arguments
: * ptr - A pointer to a character string to write
: * len - How many bytes to write
: */
: void
: writenet(ptr, len)
: register unsigned char *ptr;
: register int len;
: {
: /* flush buffer if no room for new data) */
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
: if ((&netobuf[BUFSIZ] - nfrontp) < len) {
: /* if this fails, don't worry, buffer is a little big */
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
: netflush();
: }
:
: memmove(nfrontp, ptr, len);
: nfrontp += len;
:
: } /* end of writenet */
What an irony! :-)
o Optimized output_datalen() a bit.
|
| | |
|
| |\
| |
| |
| | |
which included commits to RCS files with non-trunk default branches.
|
| | | |
|
| | |
| |
| |
| |
| | |
Submitted by: assar
Obtained from: OpenBSD
|
| | |
| |
| |
| |
| |
| | |
Reported on: bugtraq
Obtained from: Heimdal, NetBSD
Reviewed by: obrien, imp
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
authentication is enabled, the client effectively ignores any error
from krb5_rd_rep due to a missing branch.
In theory this could result in an ssh client using Kerberos 5
authentication accepting a spoofed AP-REP. I doubt this is a real
possiblity, however, because the AP-REP is passed from the server to
the client via the SSH encrypted channel. Any tampering should cause
the decryption or MAC to fail.
Approved by: green
MFC after: 1 week
|
| | | |
|
| | |
| |
| |
| | |
from working right in 2.9.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
non-blocking read returns 0.
Now I can finally tunnel CVSUP again...
|
| | | |
|
| |\ \
| | |
| | |
| | | |
which included commits to RCS files with non-trunk default branches.
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | | |
not imply that you want, need or have kerberosIV headers.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
file, nullifying the effects of a race.
Obtained from: OpenBSD
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
non-crypto version)
Also update the crypto telnet's man page to reflect other options
ported from the non-crypto version.
Obtained from: Lyndon Nerenberg <lyndon@orthanc.ab.ca>
|
| | | | |
|
| |\ \ \
| | |/
| |/|
| | | |
which included commits to RCS files with non-trunk default branches.
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Also fix $FreeBSD$ spamage in crypto/openssh/sshd_config rev. 1.16.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
happened, this is why we have commit mail expressly delivered to
committers.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
on char *line was added to libtelnet. Put a dummy one in to keep the
linker happy.
|
| | | |
| | |
| | |
| | | |
(potentially) not responding to an invalid SRA 'auth is' message.
|
| | | |
| | |
| | |
| | | |
same time simplify, the random number selection code.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
(512) are a little distressing, but the method really needs to be
extended to allow server-supplied DH parameters anyway.
Submitted by: kris
|
| | | |
| | |
| | |
| | |
| | |
| | | |
low-memory situations.
Submitted by: kris
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
references global variables from telnetd, but is also linked into
telnet as well. I was tempted to back out the last sra.c change
as it is 100% bogus and should be taken out and shot, but for now
this bandaid should get world working again. :-(
|
| | | |
| | |
| | |
| | |
| | | |
insecure, do not succeed. Copied from login.c. This functionality really
should be a PAM module.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
it's IP address/base host instead.
Submitted by: brian
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
that were never registered. At the same time handle a failure from
pam_setcreds with a bit more paranioa than the previous fix.
Sync a bit with the "Portable OpenSSH" work to make comparisons a easier.
|
| | | | |
|
| | | | | |
| | \ \ | |
| |\ \ \ \
| | |_|/
| |/| |
| | | | |
which included commits to RCS files with non-trunk default branches.
|
| | | | |
| | | |
| | | |
| | | | |
Submitted by: ru
|
| | | | |
| | | |
| | | |
| | | | |
Submitted by: ru
|
| | | | | |
|
