11236c9878
Make sshd find the xauth program, even with the new /usr/X11R7.
...
OK'd by christos@
2008-10-27 08:27:04 +00:00
7a75c9a543
PR/39233: Taylor R Campbeel: OpenSSH fails to initialize tun(4) tunnels
...
correctly.
2008-09-17 15:45:50 +00:00
5a3c2f6809
Revert the HPN changes that added verbose "Max throughput" summary
...
after scp(1) finishes.
2008-08-05 14:13:34 +00:00
a494eea816
Add an ifdef to disable the AES_CTR_MT cipher because static binaries don't
...
work with -pthread, and /rescue is linked against libssh.
2008-06-23 14:51:31 +00:00
80a665de90
Add the HPN patch for ssh:
...
http://www.psc.edu/networking/projects/hpn-ssh/
2008-06-22 15:42:50 +00:00
11a6dbe728
Convert TNF licenses to new 2 clause variant
2008-04-30 13:10:46 +00:00
ce099b4099
Remove clause 3 and 4 from TNF licenses
2008-04-28 20:22:51 +00:00
098f566eb9
Do as in revision 1.26 of sshd_config: add a sample, commented-out line
...
for X.org's xauth.
2008-04-25 15:01:45 +00:00
795befa36d
namespace police to make it buildable (no, it still does not work),
...
add rcsid.
2008-04-20 15:01:14 +00:00
41de77d985
Sync SCM_RIGHTS passing code with the version used in racoon (i.e.
...
set message header and controll message size to the same value again)
2008-04-19 22:15:30 +00:00
03409c55d7
Don't use variable size allocation on the stack.
2008-04-13 21:44:14 +00:00
1d2009704e
fix another build breaker
2008-04-07 07:37:07 +00:00
1f7a577d0e
re-add removed files.
2008-04-06 23:39:05 +00:00
cbdb6c7a40
resolve conflicts.
2008-04-06 23:38:19 +00:00
49d015609b
Import 5.0
2008-04-06 21:18:28 +00:00
fe2ff28dc6
Add no-user-rc option which disables execution of ~/.ssh/rc
...
(backport from OpenSSH 4.9)
2008-04-05 17:20:53 +00:00
11a00dfcb8
Fix two vulnerabilities in OpenSSH:
...
- X11 forwarding information disclosure (CVE-2008-1483)
- ForceCommand bypass vulnerability
2008-04-03 13:09:14 +00:00
8a85bb4332
remove Protocol=2 line; from Jukka Salmi
2008-01-28 13:57:02 +00:00
c9b9889ada
add back #include <sys/socket.h> from Scott Ellis on current-users@
2007-12-21 20:42:03 +00:00
e9e5abe68c
fix typo in comment
2007-12-21 01:03:58 +00:00
53a105b083
Disable the umac-64 MAC for now, it needs to be rewritten from scractch.
...
Addresses PR bin/37562.
2007-12-20 14:14:04 +00:00
d642d06d3d
fixes for alpha: %ld -> %zd, signals are long.
2007-12-18 09:00:30 +00:00
ceafeaa9bc
Eliminate "endian_convert defined but not used" on big-endian platforms;
...
instead of using the "generic" functions for byteswapping in this file,
use le32toh() and friends.
2007-12-18 08:32:21 +00:00
4750a01617
on NetBSD, use %zu for sizeof()
2007-12-18 07:22:32 +00:00
512c2e7e60
merge conflicts
2007-12-18 02:35:25 +00:00
848569aa46
from ftp.openbsd.org
2007-12-17 20:15:38 +00:00
85c7ab0640
add a sample XAuthLocation for x.org users as discussed on pkgsrc-users@
2007-12-08 19:03:28 +00:00
9fcfdb104e
Apply a patch from https://bugzilla.mindrot.org/show_bug.cgi?id=1306 .
...
Fix nasty "error: channel 0: chan_read_failed for istate 3" message.
2007-07-31 03:09:49 +00:00
4d0c78dab0
PR/36624: Edgar Fu: sshd should not check pw_{expire,change} if UsePam is
...
enabled. This is what the "portable" version of openssh does.
2007-07-10 15:48:56 +00:00
a39c84a8c3
PR/36623: Edgar Fu: ssh publickey authentification fails if homedir not present
...
Removed extra realpath check that was introduced by a bogus merge.
2007-07-10 14:56:25 +00:00
30638c77c3
PR/36562: Takeshi Nakayama: sshd(8) HostbasedAuthentication fails after
...
upgrading to 4.0_BETA
Remove $HOME test since this is also used by sshd.
2007-06-26 18:28:34 +00:00
d1cb3ec527
remove unused variable.
2007-06-25 01:42:31 +00:00
c6b86acffc
don't use __progname for the pam service name. Hard-code it to "sshd"
2007-06-24 23:48:30 +00:00
5d1825b2a1
Use RESCUEDIR if set.
2007-05-17 00:17:50 +00:00
2cf8149db2
resurect files that we need and make things compile again.
2007-03-10 23:05:24 +00:00
06993fb381
resolve conflicts.
2007-03-10 22:52:04 +00:00
15b0193490
Refer to RFC 4716 in two more places (instead of "IETF SECSH").
...
From jmc@openbsd.
2007-01-23 22:21:54 +00:00
a740eb5ac0
CID-4268: `c' is EOF here, remove deadcode
2006-12-26 00:06:03 +00:00
a0a9492dc8
Talk of RFC 4716 SSH public key format instead of SECSH public key format.
...
From markus@openbsd via jmc@openbsd (rev 1.73).
2006-12-24 10:06:03 +00:00
7ce75c98d8
Mention RFC 4716. From markus@openbsd via jmc@openbsd (rev. 1.266).
2006-12-24 10:04:08 +00:00
1be366570b
From http://www.openssh.org/txt/release-4.5 : (CVE-2006-5794)
...
* Fix a bug in the sshd privilege separation monitor that weakened its
verification of successful authentication. This bug is not known to
be exploitable in the absence of additional vulnerabilities.
Bump __NETBSDSSH_VERSION
2006-11-14 21:52:09 +00:00
05ad853be0
one more to catch up with the new location for sha2.h
2006-10-28 23:07:23 +00:00
9480ff5303
Change the default sshd configuration file so that only protocol version 2
...
is enabled by default. Users can manually add back support for protocol
version 1 in their sshd_config if they have a specific need for it.
Suggested by perry@ and ghen@. Ok'ed security-officer@ and christos@
2006-10-15 14:01:53 +00:00
ee4546d741
unbreak gcc-3 builds.
2006-10-04 14:31:55 +00:00
a9fc92da63
PR/34681: Scott Ellis: Explicitly include <sys/socket.h>
2006-10-04 14:30:35 +00:00
1eafb02344
put back ignorerootrhosts
2006-10-04 14:26:31 +00:00
55269b80c3
Grab a couple of lines from OpenSSH-portable that allow PAM authentication
...
to succeed. I guess the default configuration of NetBSD wasn't tested
before the import...
2006-09-29 22:47:21 +00:00
f1afbc1ee7
Use PRIu64 instead of llu when printing an u_int64_t.
...
Fixes a build problem for our LP64 ports, where u_int64_t is
typically an unsigned long.
2006-09-29 14:36:34 +00:00
a4970f4ee7
The "success" field in Authctxt needs to be a sig_atomic_t, not an int,
...
so that we don't get a type conflict on dispatch_run() invocation. Found
while building for alpha and amd64.
2006-09-29 14:34:25 +00:00
229f040cb9
We need this again.
2006-09-28 21:23:13 +00:00
hubertf