Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
90,136 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

333 Commits

Author SHA1 Message Date
is d2b5345f10 When forwarding a connection, use the right descriptor to get IP options. 
Fixes PR 11261 my Michael Eriksson, using his patch.
 2000-11-07 16:06:24 +00:00
fvdl e22c13589c Make gss_acquire_cred actually work. Add a ccache member to the id_t struct 
to store alternate creds, retrieved from a keytab. Make gss_init_sec_context
work with creds != GSS_C_NO_CREDENTIAL. Free ccache in id_t in release_cred.
 2000-11-06 15:06:51 +00:00
christos 392621627b always attempt to canonicalize hostnames, not only when the hostname 
does not contain a dot.
 2000-11-05 20:09:08 +00:00
mason 43bcdca61e Apply the following: 
-       static u_int16_t n = HASH_MINSIZE / HASH_ENTRYSIZE;
+       static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE;

...so that large packets do not wrap "n".
 2000-10-30 18:58:37 +00:00
veego 923459b8ef Print a newline after 'You entered the wrong passphrase.' 2000-10-29 08:55:59 +00:00
itojun f3f11aec78 make version identification string conform to SSH version string format. 
version format must be like:
	SSH-[0-9]*.[0-9]*-[^-]*( .*)?
and previous string did not conform to the requirement (too many hyphens).
based on comment from markus@openbsd (openssh maintainer)
 2000-10-28 13:41:55 +00:00
joda 4b39e2fe3f fix v4 fallback lifetime calculation 2000-10-27 14:44:08 +00:00
simonb dc0fe34aa7 Reduce swap_bytes() to a non-alignment dependent implementation - some 
calls to swap_bytes() do indeed have non-aligned sources and destinations.
Fixes unaligned access problems on alpha and probably some of our other
architectures.
 2000-10-23 11:40:55 +00:00
mycroft 968a585ab4 Fix formatting error. 2000-10-20 18:01:26 +00:00
martin 6a12425bca We have renamed the configuration file, adapt the documentation. 2000-10-20 12:40:34 +00:00
bouyer e33acbd7b7 Correct printf format (used with integers, not longs). 2000-10-19 15:10:33 +00:00
taca c011ac8db6 - Correct missing closedir(3) in SSL_add_dir_cert_subjects_to_stack(). 
This should be fix the bug that apache enabled SSL may exhaust its
  file descriptors.  Noted by TAKANO Yuji <takachan@running-dog.net>
  on apache@ecc.u-tokyo.ac.jp, apache mailing list in Japanese.

  He had already sent a bug report to openssl-dev@openssl.org, but it
  wasn't fixed in openssl-0.9.6.  :-(
 2000-10-13 01:47:27 +00:00
itojun b5c4933a2d printf format pedant. (size_t -> u_long). 2000-10-10 13:14:55 +00:00
is 612e4c298a define DES_LONG in time to be used by later header files. 2000-10-08 18:42:03 +00:00
is 7db764779b Format string cleanup by sommerfeld. 2000-10-08 18:40:08 +00:00
itojun a001cd4e77 exit 0 on success, 1 on error 2000-10-06 06:21:16 +00:00
sommerfeld dc3402136b Constify variables containing format strings 2000-10-05 14:32:50 +00:00
sommerfeld 37146bcc18 format checking for internal functions 2000-10-05 14:17:12 +00:00
sommerfeld 29dec280ee format checking for internal function 2000-10-05 14:16:10 +00:00
sommerfeld 8b2d1fefd2 Miscellaneous format string safety improvements 2000-10-05 14:09:07 +00:00
simonb 6fe5a2b27e Return failure in krb_get_lrealm() if no config files are found, rather 
than then searching for a default realm.

Fixes PR lib/11010 from David Brownlee.  Patch from Jason Thorpe.
 2000-10-04 04:08:30 +00:00
itojun 37a8d23037 improve error message on rnd(4) failure. the old text made reference 
to ssl(4), which is openssl specific (talks about plugin RSA library).
 2000-10-04 03:43:57 +00:00
itojun 18e8d6decc do not loop forever 2000-10-03 15:07:14 +00:00
itojun 42e4adfd95 make it useful as test (exit 0 if successful) 2000-10-03 14:45:36 +00:00
lukem 8e1c87ce80 - implement IgnoreRootRhosts. if set, ignores ~root/.[rs]hosts. defaults to 
the value of IgnoreRhosts.  with `IgnoreRhosts yes' and `IgnoreRootRhosts no'
  you get similar behaviour to the `-l' flag on rshd(8).  this is based on
  similar modification i made which appeared in ssh 1.2.27 (?)
- document that IgnoreRhosts now doesn't apply to root.
- clarify that /etc/s?hosts.equiv doesn't apply to root (it didn't before
  my modification either).
- crank the version to 20001003
 2000-10-03 09:56:38 +00:00
itojun 0b86bc5a1c nuke #define for changing variable size (affects ABI). 2000-10-03 04:00:19 +00:00
itojun 169eefc02f move rc5/idea dummy functions from crypto/dist/openssl/crypto to lib/libcrypto. 
they are not part of the openssl distribution.
suggested by thorpej.
 2000-10-01 22:17:59 +00:00
itojun 9c7b3bf3d5 nuke all NO_<algorithm name> in header file. they change ABI due to 
#ifdef in struct/union definitions, and are bad for us shipping library binary.
 2000-10-01 22:13:14 +00:00
itojun 563bf184ad improve abort message, when RC5/IDEA in libcrypto (dummy) is called. 2000-09-30 14:29:16 +00:00
itojun e5e807d114 always compile RSA into libcrypto. 
MKCRYPTO disables the whole crypto tree, and in that case,
we will not have RSA (nor libcrypto) with us.
 2000-09-30 12:21:51 +00:00
itojun bc22f284e4 we always build idea/rc5 (dummy, though). 2000-09-30 00:30:25 +00:00
itojun 8d26d03189 repair openssl (libcrypto) for non-32bit architecture. 
don't use unsigned long where 32bit unsigned variable is asked for.
use u_int32_t.  (not sure if uint32_t is better or not, but anyway,
u_int32_t <-> uint32_t should not raise binary compatibility issue)
PR10921.

TODO: have arch-dependent Makefiles where we supply -DFOO for optimization.
(do not change size of variable though)

XXX: we should actually nuke all other #ifdef in /usr/include/openssl/*.h,
however, that needs a lot of work and will make future openssl upgrade harder.

remove RC5 and IDEA by default.  build them separately as
libcrypto_{rc5,idea}.a.  put dummy function, which is "warning to stderr
and exit(1)".  NOCRYPTO_{RC5,IDEA} are obsoleted.
PR10883.
 2000-09-30 00:23:28 +00:00
thorpej 49a55a1d58 Import NetBSD Secure Shell. This is based on OpenSSH, but modified 
somewhat.
 2000-09-28 22:09:28 +00:00
fvdl fb9657047a Add support for running kpasswdd from inetd. Active if INETD_SUPPORT 
is defined. In either case, kpasswdd will continue to work from
the commandline as usual.
 2000-09-13 11:29:26 +00:00
joda 7bc28b6591 add manpage for kadmin 2000-09-10 19:45:04 +00:00
joda 5ab344e414 add a, somewhat terse, kerberos overview manpage 2000-09-10 19:34:49 +00:00
joda 0acd5e96a9 move config and log files out of /var/heimdal 2000-09-10 19:29:44 +00:00
assar 38f9bead65 fix bad mdoc markup. closed PR/10854 2000-08-20 10:36:40 +00:00
fvdl d2cc354307 Fix example: lib_defaults -> libdefaults, default_domain -> default_realm 2000-08-15 17:22:45 +00:00
thorpej dafbb1e2ea - Reference count MCC IDs, and garbage-collect them in destroy if 
the ref count is 0, and in close if the ref count is 0 and the
  ID is dead (i.e. has been previously destroyed).
- Don't use temp files to generate unique MCC names; use ASCII
  representations of pointers to the malloc'd IDs, which is
  unique enough for our purposes.
- Dead IDs cause an ENOENT error, as would a dead FCC ID.

Per discussion w/ Johan Danielsson <joda@pdc.kth.se>.
 2000-08-10 18:58:59 +00:00
thorpej 7dd4170cf5 Fix typos in some #if 0'd code. 2000-08-10 16:18:00 +00:00
thorpej 4ffaedfcde Fix the semantics of krb5_cc_close() and krb5_cc_destroy() for 
the MCC.  They now match the semantics of the MIT krb5
implementation.
 2000-08-10 15:51:20 +00:00
thorpej bae9616e91 Add support for multiple Memory Credendial Caches, like MIT has. 
This fleshes out mcc_get_name(), mcc_resolve(), mcc_destroy().
 2000-08-10 02:23:07 +00:00
thorpej 24ceace29d Add krb5_princ_type() and krb5_princ_size() that appear in the MIT 
API but not in Heimdal, and add commented out empty versions of
krb5_princ_set_realm_length(), krb5_princ_set_realm_data(),
krb5_princ_name(), and krb5_princ_component(), which also appear
in the MIT API, but which cannot be implemented in Heimdal until
a change is made to how some data is represented internally (as
these API functions expose that, as foolish as that is, but
that's how MIT did it, and some applications use it).
 2000-08-09 23:27:19 +00:00
thorpej 1435d15e40 Cause the kdc to write a pidfile in /var/run/kdc.pid and to 
detach from the tty by default.  Add a [-D | --no-detach]
option to restore the old behavior (which is useful for
debugging).
 2000-08-06 18:42:19 +00:00
thorpej e80d60fa71 Catch krb5_init_context() failure. 2000-08-06 17:59:15 +00:00
thorpej a240003d0c Plug a small memory leak. 2000-08-06 17:58:53 +00:00
thorpej e59093f4f7 Use socklen_t as appropriate, so that this compiles on LP64 
systems.
 2000-08-06 06:48:50 +00:00
assar de3878349f this was removed from the source 2000-08-03 03:39:02 +00:00
assar 9949e16264 merge back some hacks 2000-08-03 03:38:25 +00:00
assar f8815e6596 merge in 0.3a 2000-08-02 20:08:33 +00:00
assar 7f5f475a8b import of heimdal 0.3a 2000-08-02 19:57:59 +00:00
thorpej 5c4fddaabe In krb_get_default_realm(), before assuming our guessed default 
realm is correct, check to see if we can find a KDC for it.  If
not, it can't possibly be the default realm, and we should return
the NO.DEFAULT.REALM error condition.

Per a discussion w/ Thor Simon <tls@netbsd.org>.
 2000-08-02 05:24:37 +00:00
garbled e90fd304b7 Removed #ifndef's so this file can be included by compile_et and 
asn1_compile when building host-tools on machines that don't have those
functions.
 2000-08-02 02:44:06 +00:00
thorpej de40c8191d Return failure if there is no Kerberos 5 configuration file. 2000-07-16 18:27:53 +00:00
mrg 206c5781b6 des_random_key() returns void. 2000-07-16 09:57:53 +00:00
mrg 11e7166667 back out part of previous; des_random_key() returns void again. 2000-07-16 09:50:33 +00:00
mrg 542954c318 delete removed files. 2000-07-16 05:57:01 +00:00
mrg 8c7937883e merge cornflakes. 2000-07-16 05:55:10 +00:00
mrg 2429f6a29f OpenSSL 0.9.5a import. 2000-07-16 05:03:53 +00:00
thorpej c752ee0a92 Fix a thinko in previous that prevented libroken from getting 
both version strings.
 2000-07-15 17:02:17 +00:00
thorpej 39c394bb18 Define __KRB4_VERSION to get krb4 version strings. 2000-07-15 00:40:37 +00:00
veego 1a7d02624b Change the USELESS_CRYPTO check to MKCRYPTO_{IDEA,RC5,RSA}. 2000-07-05 13:57:15 +00:00
assar 231c9cbcf7 add man-pages for kf and kfd 2000-07-02 07:39:39 +00:00
fvdl 14d0802975 Dt -> Dd for date, otherwise this manpage looked unlike a manpage. 2000-06-26 23:28:46 +00:00
thorpej f3b213ec53 Do previous slightly differently, i.e. commit the change that I 
had made to add the prototypes, but forgot to commit.  This version
more closely matches the crypto-us version it was derived from.
 2000-06-22 13:59:13 +00:00
veego 61cad8ca49 Add missing prototypes for: 
des_set_random_generator_seed, des_new_random_key and des_init_random_number_generator

This fix the compile problems in lib/libtelnet.
 2000-06-22 09:01:42 +00:00
thorpej 63748d6387 Add two telnet-related items. 2000-06-22 07:15:02 +00:00
thorpej 8dd0fdd69b Fix printf formats on LP64. 2000-06-21 06:05:01 +00:00
thorpej 4696f48761 Remove pre-genereated info files. 2000-06-20 22:02:22 +00:00
thorpej b914f28687 Remove formatted manpages. 2000-06-20 22:00:14 +00:00
thorpej 4e81b0f0e5 One off the list. 2000-06-20 21:57:46 +00:00
thorpej 0fa81d1574 ...and a couple more. 2000-06-20 06:02:37 +00:00
thorpej efbc580022 One more. 2000-06-20 05:12:07 +00:00
thorpej 8b8fb98e91 Add an initial TODO list. This is based solely on things I encountered 
while doing the Heimdal+KTH merge.
 2000-06-20 05:03:04 +00:00
thorpej fddd47312e Version string is const. 2000-06-19 22:40:17 +00:00
thorpej c4dc11daa0 Const poison the version strings. 2000-06-19 20:51:53 +00:00
thorpej f6880b854b Import KTH Kerberos 4 from cryptosrc-intl. 2000-06-16 18:45:32 +00:00
thorpej 1af8b95994 Import Heimdal Kerberos 5 from cryptosrc-intl. 2000-06-16 18:31:35 +00:00
thorpej b50999826e Fixup the OpenSSL library builds. 2000-06-16 06:16:37 +00:00
thorpej 21b1800004 The pieces of OpenSSL missing from netbsd-cryptosrc-intl. 2000-06-16 05:28:49 +00:00
thorpej c3b6f3938c Common OpenSSL Makefile goo, from cryptosrc-intl. 2000-06-16 04:16:02 +00:00
thorpej 1dc0dc5fb1 Import OpenSSL 0.9.4 from netbsd-cryptosrc-intl. 2000-06-14 22:44:19 +00:00