Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
177,233 Commits 606 Branches 0 Tags 3.1 GiB
731a29e03b
Commit Graph

344 Commits

Author SHA1 Message Date
hubertf
11236c9878 Make sshd find the xauth program, even with the new /usr/X11R7. 
OK'd by christos@
 2008-10-27 08:27:04 +00:00
christos
7a75c9a543 PR/39233: Taylor R Campbeel: OpenSSH fails to initialize tun(4) tunnels 
correctly.
 2008-09-17 15:45:50 +00:00
simonb
5a3c2f6809 Revert the HPN changes that added verbose "Max throughput" summary 
after scp(1) finishes.
 2008-08-05 14:13:34 +00:00
christos
a494eea816 Add an ifdef to disable the AES_CTR_MT cipher because static binaries don't 
work with -pthread, and /rescue is linked against libssh.
 2008-06-23 14:51:31 +00:00
christos
80a665de90 Add the HPN patch for ssh: 
http://www.psc.edu/networking/projects/hpn-ssh/
 2008-06-22 15:42:50 +00:00
martin
11a6dbe728 Convert TNF licenses to new 2 clause variant 2008-04-30 13:10:46 +00:00
martin
ce099b4099 Remove clause 3 and 4 from TNF licenses 2008-04-28 20:22:51 +00:00
jmmv
098f566eb9 Do as in revision 1.26 of sshd_config: add a sample, commented-out line 
for X.org's xauth.
 2008-04-25 15:01:45 +00:00
martin
795befa36d namespace police to make it buildable (no, it still does not work), 
add rcsid.
 2008-04-20 15:01:14 +00:00
martin
41de77d985 Sync SCM_RIGHTS passing code with the version used in racoon (i.e. 
set message header and controll message size to the same value again)
 2008-04-19 22:15:30 +00:00
christos
03409c55d7 Don't use variable size allocation on the stack. 2008-04-13 21:44:14 +00:00
jnemeth
1d2009704e fix another build breaker 2008-04-07 07:37:07 +00:00
christos
1f7a577d0e re-add removed files. 2008-04-06 23:39:05 +00:00
christos
cbdb6c7a40 resolve conflicts. 2008-04-06 23:38:19 +00:00
christos
49d015609b Import 5.0 2008-04-06 21:18:28 +00:00
adrianp
fe2ff28dc6 Add no-user-rc option which disables execution of ~/.ssh/rc 
(backport from OpenSSH 4.9)
 2008-04-05 17:20:53 +00:00
adrianp
11a00dfcb8 Fix two vulnerabilities in OpenSSH: 
- X11 forwarding information disclosure (CVE-2008-1483)
- ForceCommand bypass vulnerability
 2008-04-03 13:09:14 +00:00
christos
8a85bb4332 remove Protocol=2 line; from Jukka Salmi 2008-01-28 13:57:02 +00:00
jnemeth
c9b9889ada add back #include <sys/socket.h> from Scott Ellis on current-users@ 2007-12-21 20:42:03 +00:00
tnn
e9e5abe68c fix typo in comment 2007-12-21 01:03:58 +00:00
martin
53a105b083 Disable the umac-64 MAC for now, it needs to be rewritten from scractch. 
Addresses PR bin/37562.
 2007-12-20 14:14:04 +00:00
dogcow
d642d06d3d fixes for alpha: %ld -> %zd, signals are long. 2007-12-18 09:00:30 +00:00
dogcow
ceafeaa9bc Eliminate "endian_convert defined but not used" on big-endian platforms; 
instead of using the "generic" functions for byteswapping in this file,
use le32toh() and friends.
 2007-12-18 08:32:21 +00:00
dogcow
4750a01617 on NetBSD, use %zu for sizeof() 2007-12-18 07:22:32 +00:00
christos
512c2e7e60 merge conflicts 2007-12-18 02:35:25 +00:00
christos
848569aa46 from ftp.openbsd.org 2007-12-17 20:15:38 +00:00
jnemeth
85c7ab0640 add a sample XAuthLocation for x.org users as discussed on pkgsrc-users@ 2007-12-08 19:03:28 +00:00
taca
9fcfdb104e Apply a patch from https://bugzilla.mindrot.org/show_bug.cgi?id=1306. 
Fix nasty "error: channel 0: chan_read_failed for istate 3" message.
 2007-07-31 03:09:49 +00:00
christos
4d0c78dab0 PR/36624: Edgar Fu: sshd should not check pw_{expire,change} if UsePam is 
enabled. This is what the "portable" version of openssh does.
 2007-07-10 15:48:56 +00:00
christos
a39c84a8c3 PR/36623: Edgar Fu: ssh publickey authentification fails if homedir not present 
Removed extra realpath check that was introduced by a bogus merge.
 2007-07-10 14:56:25 +00:00
christos
30638c77c3 PR/36562: Takeshi Nakayama: sshd(8) HostbasedAuthentication fails after 
upgrading to 4.0_BETA
Remove $HOME test since this is also used by sshd.
 2007-06-26 18:28:34 +00:00
christos
d1cb3ec527 remove unused variable. 2007-06-25 01:42:31 +00:00
christos
c6b86acffc don't use __progname for the pam service name. Hard-code it to "sshd" 2007-06-24 23:48:30 +00:00
christos
5d1825b2a1 Use RESCUEDIR if set. 2007-05-17 00:17:50 +00:00
christos
2cf8149db2 resurect files that we need and make things compile again. 2007-03-10 23:05:24 +00:00
christos
06993fb381 resolve conflicts. 2007-03-10 22:52:04 +00:00
wiz
15b0193490 Refer to RFC 4716 in two more places (instead of "IETF SECSH"). 
From jmc@openbsd.
 2007-01-23 22:21:54 +00:00
alc
a740eb5ac0 CID-4268: `c' is EOF here, remove deadcode 2006-12-26 00:06:03 +00:00
wiz
a0a9492dc8 Talk of RFC 4716 SSH public key format instead of SECSH public key format. 
From markus@openbsd via jmc@openbsd (rev 1.73).
 2006-12-24 10:06:03 +00:00
wiz
7ce75c98d8 Mention RFC 4716. From markus@openbsd via jmc@openbsd (rev. 1.266). 2006-12-24 10:04:08 +00:00
adrianp
1be366570b From http://www.openssh.org/txt/release-4.5: (CVE-2006-5794) 
* Fix a bug in the sshd privilege separation monitor that weakened its
  verification of successful authentication. This bug is not known to
  be exploitable in the absence of additional vulnerabilities.

Bump __NETBSDSSH_VERSION
 2006-11-14 21:52:09 +00:00
agc
05ad853be0 one more to catch up with the new location for sha2.h 2006-10-28 23:07:23 +00:00
adrianp
9480ff5303 Change the default sshd configuration file so that only protocol version 2 
is enabled by default.  Users can manually add back support for protocol
version 1 in their sshd_config if they have a specific need for it.

Suggested by perry@ and ghen@. Ok'ed security-officer@ and christos@
 2006-10-15 14:01:53 +00:00
christos
ee4546d741 unbreak gcc-3 builds. 2006-10-04 14:31:55 +00:00
christos
a9fc92da63 PR/34681: Scott Ellis: Explicitly include <sys/socket.h> 2006-10-04 14:30:35 +00:00
christos
1eafb02344 put back ignorerootrhosts 2006-10-04 14:26:31 +00:00
cube
55269b80c3 Grab a couple of lines from OpenSSH-portable that allow PAM authentication 
to succeed.  I guess the default configuration of NetBSD wasn't tested
before the import...
 2006-09-29 22:47:21 +00:00
he
f1afbc1ee7 Use PRIu64 instead of llu when printing an u_int64_t. 
Fixes a build problem for our LP64 ports, where u_int64_t is
typically an unsigned long.
 2006-09-29 14:36:34 +00:00
he
a4970f4ee7 The "success" field in Authctxt needs to be a sig_atomic_t, not an int, 
so that we don't get a type conflict on dispatch_run() invocation.  Found
while building for alpha and amd64.
 2006-09-29 14:34:25 +00:00
christos
229f040cb9 We need this again. 2006-09-28 21:23:13 +00:00