Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
97,817 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

376 Commits

Author SHA1 Message Date
itojun e67961b545 check sshd uid/chroot dir on UsePrivilegeSeparation mode, and die if they 
do not exist.  sync w/openssh
 2002-05-29 23:54:29 +00:00
itojun a5c3041a1b bump date for rhosts auth fix 2002-05-27 13:45:40 +00:00
itojun b274d69ad0 correct rhosts authentication. should fix PR 17023 2002-05-27 13:45:17 +00:00
itojun a46557038c now arc4random is in libc, we don't need to supply local version 2002-05-25 00:29:52 +00:00
itojun a0da78395e correct sha2 interoperability. From: "JuanJo Ciarlante" <jjo@mendoza.gov.ar> 2002-05-20 13:12:45 +00:00
itojun e26b1052bb use /var/chroot/sshd instead of /var/empty. suggested by christos 2002-05-16 20:59:35 +00:00
itojun f47caddaf3 turn on privilege separation, as 3.2.1 default do. 
requires sshd uid/gid as well as /var/empty directory.
 2002-05-14 23:33:07 +00:00
itojun ca89359407 sync with 3.2.1 as of 5/13. 
NOTE: privilege separation is turned off by default
as it seems there still are issues with setsid().
 2002-05-13 02:58:17 +00:00
itojun 24255a6a60 OpenSSH 3.2.1 as of 2002/5/13 2002-05-13 02:28:40 +00:00
itojun c68a2428ba correct handling of "unique" policy. bump version to 20020507 
(corresponds to filename in ftp://ftp.kame.net/pub/kame).
 2002-05-13 02:10:34 +00:00
itojun c0fa39f338 correct plogv(). 2002-05-07 08:58:32 +00:00
lukem 244b762de1 Complete the conversion back to the OpenSSH default configuration files of 
"/etc/ssh/ssh_config" (from "/etc/ssh/ssh.conf") for ssh(1) and other
userland tools, and "/etc/ssh/sshd_config (from "/etc/ssh/sshd.conf")
for sshd(8).

etc/postinstall will detect this, and if "fix" is given, rename the files.
 2002-04-29 08:23:34 +00:00
itojun 812e154ef2 netbsd uses EXIT STATUS, not RETURN VALUES, for commands 2002-04-26 02:48:54 +00:00
wiz 77e1048dc4 Whitespace fixes, use standard headers, RCS police. 2002-04-26 02:33:00 +00:00
wiz 8366b5d7de Sort sections and SEE ALSO, add NetBSD tag. 2002-04-26 02:31:10 +00:00
itojun cd1e16de59 upgrade to KAME racoon as of 2002/4/26. 
file descriptor leak fix.
null encryption algorithm key length fix (should use 0).
couple of null-pointer reference fixes.
set port # to 500 in ID payload (possible interop issue - spec is unclear).
correctly match address pair on informational exchange
 2002-04-26 02:25:13 +00:00
itojun b4df5a033c KAME racoon as of 2002/4/26 2002-04-26 02:16:38 +00:00
itojun 936168b29d correct afs/kerberos token-passing. notified by markus@openbsd 2002-04-24 01:48:04 +00:00
itojun 34b40b030e sync with openssh 3.2 as of 2002/4/22. 
- privilege separation
- afs/kerberos auth security issue fixed
 2002-04-22 07:59:35 +00:00
itojun ff10d69ea5 OpenSSH 3.2 as of 2002/4/22. bring in sys/sys/tree.h 2002-04-22 07:47:47 +00:00
itojun f597d4ec88 OpenSSH 3.2 as of 2002/4/22. fixes issues with AFS/kerberos auth 2002-04-22 07:35:39 +00:00
bjh21 f7136b499f Remove .cvsignore files. 
<URL:http://www.netbsd.org/developers/cvs-repos/notes.html#cvsignore>
 2002-04-04 17:07:06 +00:00
itojun abe35ee7d1 correct initial contact payload handling. PR 15949. sync with kame 2002-03-29 01:18:08 +00:00
itojun 16bd2c3983 handle RTM_NEWADDR correctly. PR 15693. sync w/kame 2002-03-22 03:58:43 +00:00
reinoud 1c9c09e3be Simple file static function had wrong function definition : 
-find_etype(hdb_entry *princ, unsigned *etypes, unsigned len,
+find_etype(hdb_entry *princ, krb5_enctype *etypes, unsigned len,

In the Acorn32 port an enum doesn't have to be unsigned (!) int's ... but
can also be a byte/char sized var.
 2002-03-21 21:02:16 +00:00
bjh21 24460e83d2 Actually use the 8003 patch joda applied upstream, rather than the one I sent 
him (oops).
 2002-03-18 19:16:04 +00:00
bjh21 4284d720b1 CKSUMTYPE needs to include 0x8003, since some things use that. 
Approved by joda and committed upstream.
 2002-03-18 19:07:49 +00:00
itojun 0a2445c3b6 move sshd config files to /etc/ssh 2002-03-11 04:57:55 +00:00
sommerfeld 68c304f103 Fix several LL128 format string mismatches with a chainsaw. 
%llu is "unsigned long long", not "uint64_t"; the former can be 128
bits on LP64 systems.
 2002-03-09 15:03:33 +00:00
itojun 9d597e40f3 printf type mismatch. 2002-03-08 06:03:21 +00:00
itojun 295a85a1c9 sync better with reality (LoginGraceTime) 2002-03-08 02:18:11 +00:00
itojun af34a358ff sync w/ 3.1 as of 2002/3/8. configuration file directory is still /etc 
(openbsd usr.bin/ssh is using /etc/ssh)
 2002-03-08 02:00:50 +00:00
itojun 797a097779 OpenSSH 3.1 as of 2002/3/8. plugs off-by-one security hole 2002-03-08 01:20:24 +00:00
tron 9097d36b33 Fix off by one error described in "PINE-CERT-20020301" advisory. 2002-03-07 16:02:22 +00:00
wiz a50cd7c5cd Add SYNOPSIS. 2002-03-06 14:25:42 +00:00
itojun e4446468a6 s/IPSec/IPsec/. 2002-03-06 00:21:36 +00:00
joda a8d19a98fc don't try to use the krb5 context if the init fails; should fix 
bin/15585
 2002-02-26 11:16:08 +00:00
bjh21 4845a9458f Rather than assuming that -1 is a valid value for a LogLevel or LogFacility, 
explicitly declare SYSLOG_LEVEL_NOT_SET and SYSLOG_FACILITY_NOT_SET and use
those instead.

This is necessary for -fshort-enums platforms, and corresponds to the
following OpenBSD revisions:
log.c           1.21
log.h           1.5
readconf.c      1.95
servconf.c      1.53
 2002-02-10 16:23:33 +00:00
bjh21 57a0815fae Clean up the distinction between krb5_enctype and int, and between 
krb5_key_usage and unsigned.  These patches are necessary for
platforms with short enums, and should already be in Heimdal CVS.
 2002-02-10 15:31:18 +00:00
joda 8dd8e58e76 import heimdal rev 1.42: we have to create our own param struct before 
marshaling (fixes bin/15520)
 2002-02-08 18:35:30 +00:00
simonb f6d51843ea Mirror 32-bit alignment change in crypto/dist/heimdal/lib/roken/resolve.c. 2002-01-08 03:27:59 +00:00
thorpej 5f9568a12e Make sure the state array passed to initstate(3) is 32-bit aligned, 
as that is how it is accessed within the random(3) suite of routines.
 2002-01-08 02:15:24 +00:00
thorpej 19a95cad9c Fix warnings generated by gcc 3.1. 2001-12-31 20:09:53 +00:00
explorer ad08960f5c When calling krb5_verify_user(), we must restore root's uid, since it will need to read /etc/krb5.keytab. 2001-12-19 10:28:47 +00:00
he a18ce029f6 Deal with lossage caused by the addition of the netbsd-1-5 branch tag 
to these files.

Apparently, the "magic" which causes the latest version on the
vendor branch to appear at the head in the repository broke when
the netbsd-1-5 tag was added.  Thus, merge in the lost revisions from
the vendor tag to work around this.
 2001-12-13 15:53:54 +00:00
itojun e2970b134f sync with openbsd/remove variable name from prototype 2001-12-12 17:24:46 +00:00
itojun 684138909c fix constness difference in prototype and func def. 2001-12-12 17:16:16 +00:00
itojun 718900f830 sync with 3.0.2 2001-12-06 03:54:04 +00:00
itojun d97f5d9481 OpenSSH 3.0.2 as of 2001/12/06. fixes environment variable passing in UseLogin=yes 2001-12-06 03:46:04 +00:00
wiz b4371d47f5 Replace some misuses of "then" with "than". 2001-12-04 17:56:30 +00:00