Commit Graph

309 Commits

Author SHA1 Message Date
itojun
6ececc36b4 openssh 3.0 krb5 auth problem has been plugged,
sync up version number to 3.0.1 so that we can identify it.
2001-11-19 07:39:57 +00:00
itojun
1eb2191d4f fix auth_krb5() error case behavior. found by jhawk, sync with openbsd tree 2001-11-12 05:45:29 +00:00
wiz
0b47c7a3f0 Improve markup in two places, and fix a typo. 2001-11-10 08:16:45 +00:00
gmcgarry
54c913f1cb Add compile_et(1). 2001-11-10 07:50:16 +00:00
wiz
73322f1e45 Drop an unnecessary empty line. 2001-11-08 20:40:44 +00:00
wiz
7be1bf7993 Drop 'HEIMDAL' from Os, fix punctuation in one place, and sort SEE ALSO. 2001-11-08 20:21:07 +00:00
wiz
440da35ad1 Sort SEE ALSO. 2001-11-08 20:20:29 +00:00
wiz
c214b605c7 Fix Dd, and two punctuation nits. 2001-11-08 20:20:01 +00:00
wiz
e704cca5ec Drop unnecessary empty lines. 2001-11-08 20:18:57 +00:00
wiz
43ac9b6569 Fix Xrefs. 2001-11-08 20:18:10 +00:00
wiz
f7b5c3a4df Uppercase Dt argument. 2001-11-08 20:17:09 +00:00
gmcgarry
f243ad4c28 Customise documentation for NetBSD:
- introduce krb5.3 as an entry-point to libkrb5 documentation
- add LIBRARY sections
- reference the real headers in <krb5/krb5.h>
2001-11-08 19:47:37 +00:00
itojun
29574d25c5 sync with 3.0 as of 2001/11/7. 2001-11-07 06:26:47 +00:00
itojun
29c34cbb94 OpenSSH 3.0 as of 2001/11/7 2001-11-07 06:20:12 +00:00
sommerfeld
9de5bfcf8f Turn on TCP_NODELAY over loopback 2001-10-18 19:46:12 +00:00
itojun
880aff49c4 buffix from openbsd tree: users config should overwrite system config. 2001-10-02 00:39:14 +00:00
itojun
ba613513e8 sync with openssh 2.9.9 around 9/27. 2001-09-27 03:24:01 +00:00
itojun
bcdc367f57 OpenSSH 2.9.9 as of 2001/9/27 2001-09-27 02:00:33 +00:00
itojun
00489c2412 apply the following advisory. 2.9.9 will be imported soon.
Subject: OpenSSH Security Advisory (adv.option)
From: Markus Friedl <markus@openbsd.org>
Message-ID: <20010926231823.A15229@folly>
2001-09-27 00:12:42 +00:00
wiz
4c99916337 va_{start,end} audit:
Make sure that each va_start has one and only one matching va_end,
especially in error cases.
If the va_list is used multiple times, do multiple va_starts/va_ends.
If a function gets va_list as argument, don't let it use va_end (since
it's the callers responsibility).

Improved by comments from enami and christos -- thanks!

Heimdal/krb4/KAME changes already fed back, rest to follow.

Inspired by, but not not based on, OpenBSD.
2001-09-24 13:22:25 +00:00
wiz
f6f3964e5e Remove formatted man pages. Ok'd by joda. 2001-09-24 12:37:41 +00:00
assar
7b980ee03e remove files that were not part of last import 2001-09-23 05:03:52 +00:00
assar
ea130a2327 removed not-used files
noticed by Bernd Ernesti <netbsd@veego.de>
2001-09-21 14:40:30 +00:00
thorpej
123c0ecfea Printf formats on LP64. 2001-09-18 03:11:22 +00:00
assar
c6cbe4853a fix merge-o's 2001-09-17 15:06:48 +00:00
assar
5b9616a3e3 merge heimdal 0.4e 2001-09-17 12:32:33 +00:00
assar
e4d8a8f3dd import of heimdal 0.4e 2001-09-17 12:24:30 +00:00
assar
d318b56bd0 merge krb4-1.1 2001-09-17 12:21:41 +00:00
assar
1877630d24 import krb4-1.1 2001-09-17 12:09:38 +00:00
cjs
d814de63b5 For consistency, make permit_root_login default to PERMIT_NO if not specified
in the config file. Thanks to itojun for pointing this out.
2001-09-03 04:23:10 +00:00
simonb
8d327e93bf Include <string.h> for memcpy() prototype. 2001-09-02 08:45:22 +00:00
itojun
ee42f09d5b upgrade to KAME 2001/8/31. 2001-08-31 10:36:08 +00:00
itojun
9e9f5f3086 KAME as of 2001/8/31 2001-08-31 09:59:03 +00:00
cjs
da09d12c1e Document that PermitRootLogin's default is now "no". 2001-08-31 09:00:29 +00:00
cjs
894936aa50 Do not permit direct root logins. This makes ssh consistent with
NetBSD's default security policy in this area: if you are not on
a secure terminal, you must be able to authenticate as a user in
the "wheel" group before you may attempt to authenticate as root
using the root password.
2001-08-31 08:16:24 +00:00
itojun
e99543f805 validate certs correctly. sync with kame 2001-08-06 08:17:40 +00:00
itojun
0f6cbd66d3 need string.h for alpha. from chuck 2001-08-06 05:48:50 +00:00
itojun
d4d587fb31 (should) fix build on alpha. From: Chuck Silvers <chuq@chuq.com> 2001-08-05 18:52:13 +00:00
garbled
7c0934f7f5 While writing sushi's support for sshd.conf, I found out that the manpage
lies wrt to MaxStartups.  Make the manpage match the code.
2001-08-03 02:29:07 +00:00
itojun
5abda287b4 Get rid of "Os KAME". 2001-08-02 12:19:45 +00:00
itojun
366bd307b0 sync with 2001/8/2 KAME racoon/libipsec. 2001-08-02 12:15:00 +00:00
itojun
7295c743a4 bring in latest racoon/libipsec from KAME. lots of lots of stability fixes. 2001-08-02 12:06:08 +00:00
manu
3f1d5c2789 sshd is now able to log in an user if the filesystem is readonly and the tty
owned by root. Note that the tty still must be mode 620, and sshd does not
check which group owns the tty (more problems here?).
This closes NetBSD PR bin/13499
The fix has been commited to OpenSSH CVS. See OpenBSD's PR user/1946.
2001-07-27 23:34:27 +00:00
assar
76371341d1 remove a (potentially) double free 2001-07-18 21:54:56 +00:00
itojun
7fc834dc03 upgrade to 0.9.6b. no shlib major/minor bump is necessary. 2001-07-11 06:50:53 +00:00
itojun
0eb42056bd OpenSSL 0.9.6b 2001-07-11 03:54:20 +00:00
itojun
a549080f85 OpenSSL 0.9.6b 2001-07-11 03:53:32 +00:00
wiz
c1f85780da Remove another one, noted by Love <lha@stacken.kth.se>, confirmed by thorpej. 2001-07-10 21:52:46 +00:00
itojun
7d076b538c fix PRNG weakness. the workaround presented on bugtraq posting. 2001-07-10 14:01:26 +00:00
wiz
eed063b542 Remove some items that have been done, and improve description on some
others.
2001-07-09 21:01:31 +00:00