Commit Graph

180 Commits

Author SHA1 Message Date
thorpej
9ab0878e2a If we get a KRB5KRB_AP_ERR_BAD_INTEGRITY on a TGS req with
a key usage of KRB5_KU_TGS_REQ_AUTH, then try again with a
key usage of KRB5_KU_AP_REQ_AUTH.  This addresses an interop
issue between new kinit(1) (0.3e) and older KDCs (such as 0.3a).

Patch from assar@netbsd.org; see discussion on current-users.
2001-03-12 19:25:51 +00:00
joda
bee147163e simplify the krb5 code somewhat 2001-03-12 17:56:36 +00:00
thorpej
3fba4682aa Fix LP64 problem in Kerberos 5 TGT passing. 2001-03-09 06:28:30 +00:00
thorpej
ca0ffe95fb Merge 2002/03/08 racoon import. 2001-03-08 22:27:52 +00:00
thorpej
29f3673b42 KAME racoon as of 2001/03/08. 2001-03-08 22:18:05 +00:00
thorpej
ac356314da Document:
- forwardable ([libdefaults] and [realms])
- proxiable ([libdefaults] and [realms])
- date_format ([libdefaults])
- srv_lookup ([libdefaults])
- srv_try_txt ([libdefaults])
- scan_interfaces ([libdefaults])
- fcache_version ([libdefaults])
2001-03-08 17:53:46 +00:00
thorpej
bda8951f6b Plug some memory leaks. 2001-03-08 04:12:08 +00:00
assar
e625c71295 add krb5 support to ssh/sshd. based on code initially from Daniel Kouril <kouril@informatics.muni.cz> and Björn Grönvall <bg@sics.se> 2001-03-04 00:41:27 +00:00
jmc
bacb2758e0 Change keymatlen to size_t to match prototype for str2val. 2001-02-25 03:50:05 +00:00
itojun
96863758b7 remove WARNS=0. from enami 2001-02-22 03:11:24 +00:00
itojun
82ff942844 document complex_bundle. sync with kame 2001-02-22 02:42:43 +00:00
itojun
a5316a5fa5 sync with 2/22 code. -B and -Z,
bundle proposal interpretation, and some other fixes.
XXX WARNS?=0 in racoon/Makefile is necessary to compile yacc-generated files
(static function, generated by yacc, is never used).
2001-02-22 02:33:06 +00:00
itojun
98857d7198 KAME racoon as of 2001/2/22 2001-02-22 02:21:12 +00:00
itojun
1317273fae sync up with 2.5.1.
this fixes backward compatibility breakage against 1.2.18 - 1.2.22.
2001-02-19 12:13:04 +00:00
itojun
10400c1d11 OpenSSH 2.5.1 as of 2001/2/19 2001-02-19 12:09:12 +00:00
itojun
c83dc32a4c sync up with 2.5.0. simulate echobacks, X11 display name check, sftp upgrdes. 2001-02-16 15:48:34 +00:00
itojun
f02c06e047 OpenSSH 2.5.0 as of 2001/2/17 2001-02-16 15:41:22 +00:00
joda
ce75fa5829 removed in 0.3e 2001-02-16 15:34:39 +00:00
itojun
72b00a4178 take the safest side, mandate rnd(4). 2001-02-14 04:46:58 +00:00
itojun
788df94479 update import date. 2001-02-14 01:22:02 +00:00
itojun
531a3ed838 sync with 2/14.
openssh changes:
- SIGWINCH propagated correctly
- mitigate SSH1 traffic analysis
- sprintf -> snprintf and lots of other cleanups
netbsd local changes:
- include OpenBSD RCSID into binary again, which helps us diagnose later.
2001-02-14 01:06:48 +00:00
itojun
da62f78331 OpenSSH 2.3.2 as of 2001/2/14 2001-02-14 00:53:01 +00:00
assar
43c24b8340 undef ECHO to avoid a warning from the lex-generated code 2001-02-11 17:59:15 +00:00
assar
7a01412798 fix merg-up 2001-02-11 17:58:27 +00:00
assar
657da009a2 fix texinfo mark-up bug 2001-02-11 17:56:09 +00:00
assar
465ad8fda9 fix merge-ups 2001-02-11 16:08:41 +00:00
assar
be890e9bcf fix merge conflicts 2001-02-11 14:13:07 +00:00
assar
7a16662ba0 import of heimdal 0.3e 2001-02-11 13:51:06 +00:00
itojun
a7b1b8e49c make sure to zero-fill malloced region. sync with openbsd/usr.bin/ssh 2001-02-09 14:39:47 +00:00
itojun
19fb6ccf8d comment: function are named "arc4"foo just for easy porting. 2001-02-09 00:44:35 +00:00
itojun
e3045c89d8 sync with 2.3.2. 2001-02-08 19:02:14 +00:00
itojun
e5eae0162b OpenSSH 2.3.2 as of 2001/2/9 2001-02-08 18:55:32 +00:00
itojun
7f8fa38080 authentication mistake in SSHv2 + pubkey, from markus.
REBUILD AND RESTART SSHD NOW.
(vulnerability window for netbsd-current - < 48hours)
2001-02-08 18:17:24 +00:00
itojun
fbfaba7e44 %30s is too short for IPv6 addrssses. 2001-02-08 10:08:53 +00:00
itojun
54bdd08634 fix size_t -> int cast. need checking with alpha... 2001-02-07 18:05:23 +00:00
itojun
3614dcc87c unsigned long long -> %llu, not %qd 2001-02-07 18:01:30 +00:00
itojun
31c0f02be2 update date string 2001-02-07 17:07:07 +00:00
itojun
1f5cfca3e6 sync crypto/dist/ssh with re-importorted tree. try to minimize diffs
with openssh tree to ease future upgrade.  re-do local changes, including:
- prototype pedants
- IgnoreRootRhosts
- login.conf user validation
some of the local changes that weren't used are omitted for now.  we may
need to revisit those afterwards.

it adds "sftp".
2001-02-07 17:05:31 +00:00
itojun
9d3aa44a65 OpenSSH 2.3.1 as of 2001/2/8 2001-02-07 16:46:40 +00:00
christos
a132b86864 remove redundant declarations 2001-02-04 22:55:26 +00:00
thorpej
78463fc818 Remove the pid file upon exit. 2001-02-04 20:15:52 +00:00
christos
c9b3202d16 remove/avoid redundand declarations. 2001-02-04 18:04:03 +00:00
christos
ef5d120e44 remove redundant decls. 2001-02-04 18:03:03 +00:00
christos
e745af3d91 remove redundant declarations. 2001-02-04 18:02:30 +00:00
christos
9b24735fd3 ifdef out redundant declaration of crypt(3); we don't need it. 2001-02-04 18:01:48 +00:00
christos
28473bf6be remove redundant prototypes. 2001-02-04 18:00:31 +00:00
thorpej
848d04a86c Merge the notsnap20010129 import. 2001-01-30 02:08:54 +00:00
thorpej
05d9e5e0e0 Update racoon from today's KAME sources. Includes memory leak
fixes in the GSSAPI support code.
2001-01-30 02:04:39 +00:00
itojun
2d889f0dc5 have safeputchar() for tcpdump/packet-isakmp.c. reported by bernd,
sync with kame.
2001-01-28 17:17:56 +00:00
itojun
21ecf40da9 BIND 8.2.3 2001-01-27 08:07:35 +00:00