Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
110,498 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

499 Commits

Author SHA1 Message Date
perry 9ef7047603 spelling fixes, one from PR misc/20753 (Igor Sobrado) + others 2003-03-31 00:04:03 +00:00
perry 3ba55178f8 encype->enctype, from PR misc/20754 by Igor Sobrado 2003-03-30 23:57:54 +00:00
wiz 0acfa3bb9e Consistently spell occurrence with two rs. 2003-03-29 22:48:37 +00:00
lukem d544e20194 Support populating the environment from login.conf(5)'s "setenv" 
capability, using a variation of setuserenv() from login_cap.c.
From Jim Bernard <jbernard@mines.edu>.
 2003-03-26 11:16:13 +00:00
lukem fe8a628004 Add missing 
hp = strtok(NULL, ",");
to end of while loop which parses "host.allow" from login.conf(5).
Otherwise, sshd(8) would just infinite loop unless there was a
(positive or negative) match in the first word of the "host.allow" list...
 2003-03-24 18:31:39 +00:00
lukem 829c77a0ca * Add log messages for password or account expiry; it makes it much easier 
to debug (on the server) why a login failed with this information.

* If _PASSWORD_CHGNOW is defined (it's -1 in NetBSD), check that pw_change
  is not set to that before testing if the password has expired.
  Still prevent the login, but log a different failure message in this case.
  XXX:	we need to decide if we let interactive logins occur in this case,
	but force a password change, a la login(1).
 2003-03-24 18:25:21 +00:00
lha 6e22da944c Fix Kerberos 4 procotocol problem mentioned in 
[MIT krb5 Security Advisory 2003-004]/[heimdal-0.5.2 release notes]
by disable support for it.
 2003-03-20 19:20:59 +00:00
itojun 359e4b88f5 OpenSSL Security Advisory [19 March 2003] 
Klima-Pokorny-Rosa attack on RSA in SSL/TLS
 2003-03-19 23:06:33 +00:00
itojun 9e2d007f93 enable RSA blinding by defualt. from bugtraq posting <3E758B85.6090300@algroup.co.uk> 2003-03-17 14:33:50 +00:00
wiz 990562bfef .Nm does not need a dummy argument ("") before punctuation or 
for correct formatting of the SYNOPSIS any longer.
 2003-02-25 10:34:36 +00:00
wiz 658b9c6d28 In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked 
via timing by performing a MAC computation even if incorrect
block cipher padding has been found.  This is a countermeasure
against active attacks where the attacker has to distinguish
between bad padding and a MAC verification error. (CAN-2003-0078)
 2003-02-20 07:39:17 +00:00
perry 8a49ec08e4 "Utilize" has exactly the same meaning as "use," but it is more 
difficult to read and understand. Most manuals of English style
therefore say that you should use "use".
 2003-02-04 23:07:28 +00:00
wiz 86932ac56e allocate, not alocate. Noted by mjl, not mjll. 2003-01-28 22:26:33 +00:00
elric bcc72a236b The last change I made was a little aggressive in changing the paths of 
the includes and broke cross builds from non-NetBSD arches.  In this I
revert the problem section.  (pointed out by uwe.)
 2003-01-27 06:19:40 +00:00
elric 0e936e5ed7 Fix password return values. 
Addresses PR: lib/20074
 2003-01-27 03:33:36 +00:00
elric 3e20adf4a8 Prepend krb5/ to include paths that live in /usr/include/krb5/ so that 
we can deprecate the requirement of -I/usr/include/krb5 when building
kerberos apps.
 2003-01-26 22:06:39 +00:00
elric e218521496 Forgot one include file from the last change. 2003-01-26 21:59:49 +00:00
elric ebf72d8cce Update script to modify include file paths to start the process of 
deprecating the need to -I/usr/include/krb5.
 2003-01-26 20:51:58 +00:00
jschauma 5832481e3d posesses -> possesses 
Noted by Igor Sobrado in PR misc/19641
 2003-01-03 04:20:09 +00:00
wiz addd3c9aaa Use standard section headers. 2003-01-02 13:00:49 +00:00
wiz a04a0d4f28 Use standard section headers; sort sections. 2003-01-02 13:00:16 +00:00
wiz cbe71a4b1a Use standard section headers; space before punctuation in macro arguments. 2003-01-02 12:59:59 +00:00
wiz 1b6cc917f0 Use standard section headers. 2003-01-02 12:59:31 +00:00
wiz 0f34826bec Sort sections. 2003-01-02 12:58:56 +00:00
wiz a366ee7021 Fix Xref section, use standard section headers. 2003-01-02 12:57:31 +00:00
wiz 65e190048a Add RCS Id. 2003-01-02 12:57:03 +00:00
jschauma 432d470724 Fix typos pointed out by Igor Sobrado in PR misc/19621. 2003-01-02 00:22:29 +00:00
jschauma ec3682baa1 interal -> internal 
equvalent -> equivalent
Pointed out by Igor Sobrado in PR misc/19629
 2003-01-01 22:06:27 +00:00
kristerw 50526e4837 It is not valid C++ to have a semicolon after 
extern "C" {}
so remove it from __END_DECLS.

Noted by Andrew Pinski.
 2002-12-31 02:13:20 +00:00
wiz 4027f3ad48 compatibility, not compatability; from Adrian Mrva. 2002-12-21 13:22:20 +00:00
wiz 7023f7abe2 described, not decribed. 2002-12-21 13:21:38 +00:00
wiz d83bca180e Two typos from Adrian Mrva. 2002-12-21 13:20:09 +00:00
wiz 1b706e9293 charcted probably means character. 2002-12-21 13:17:23 +00:00
wiz c511c34d7c securely, not securly. From Adrian Mrva. 2002-12-21 13:16:09 +00:00
wiz 8f9e9a2299 Correct misspellings of authentication and available. From Adrian Mrva. 2002-12-21 12:22:12 +00:00
wiz 5e3e5e1ae9 ther -> their, from Adrian Mrva. 2002-12-21 12:19:33 +00:00
thorpej b33be07056 Avoid conflict with reserved identifier "log". 2002-12-06 03:39:06 +00:00
thorpej 5da0736e3a Avoid strict alias warning. 2002-12-06 01:27:10 +00:00
elric 512a461832 Change all functions that call gssapi_krb5_init() to call one of 
two macros GSSAPI_KRB5_INIT() or GSSAPI_KRB5_INIT_MS() which call
the former, check its return code and bail on error.

Addresses PR lib/19191
Given a quick look by joda@.
 2002-11-28 11:21:16 +00:00
darrenr 8084625896 racoon.conf can be found in /etc/racoon, not /etc 2002-11-27 09:51:50 +00:00
itojun a426f44395 sync w/ kame source from 2002/11/20. 
- plug some memory leaks
- correct phase 2 proposal reqid handling
- check for fd_set overrun
 2002-11-20 03:35:57 +00:00
itojun 7285409e64 KAME racoon as of 2002/11/20 2002-11-20 03:30:18 +00:00
itojun 314a4f35b5 correct panic() condition - it was backwards. remove kame-local diff 
which was committed by mistake.
From: Rafal Boni <rafal@attbi.com>
 2002-11-18 23:36:18 +00:00
joda bc13d2aefa don't blindly trust rlen; from Heimdal 0.5.1 2002-10-21 19:39:51 +00:00
provos 32b88027c7 use readlink with bufsize - 1; approved thorpej. 2002-10-19 20:33:17 +00:00
itojun df884fac23 revert previous. need more time to think. 2002-10-18 23:51:07 +00:00
itojun 8201174690 condition to panic() was backwards. sync w/kame 
From: Rafal Boni <rafal@attbi.com>
 2002-10-18 23:44:58 +00:00
itojun 4752a4465b discourage the use of aggressive mode for identity disclosure. 2002-10-18 14:34:04 +00:00
manu a2e26d6e11 back out the previous change. We really don't want to enable login on a 
mode 666 tty.
In order to use sshd logins with a read-only /dev, the administrator has to
make the tty mode 600 root/wheel before the partition gets read-only.
 2002-10-15 15:33:04 +00:00
manu 9dc3c4ee08 Re-allow connection when /dev is read-only, and the tty is owned by the 
user or owned by root.
 2002-10-15 15:19:02 +00:00