Commit Graph

413 Commits

Author SHA1 Message Date
itojun
a549080f85 OpenSSL 0.9.6b 2001-07-11 03:53:32 +00:00
wiz
c1f85780da Remove another one, noted by Love <lha@stacken.kth.se>, confirmed by thorpej. 2001-07-10 21:52:46 +00:00
itojun
7d076b538c fix PRNG weakness. the workaround presented on bugtraq posting. 2001-07-10 14:01:26 +00:00
wiz
eed063b542 Remove some items that have been done, and improve description on some
others.
2001-07-09 21:01:31 +00:00
wiz
7615e78c24 Remove formatted man pages. 2001-07-08 19:20:55 +00:00
hubertf
f5bb393643 add missing .El 2001-07-05 20:47:31 +00:00
hubertf
d8ec602681 Note: just because our macros/groff/whatever terminates .Bl internall for a
new .Sh doesn't mean the ending .El should be omitted
2001-06-26 00:52:59 +00:00
hubertf
d91e447e6b PRevent one of these:
List open at EOF -- A .Bl directive has no matching .El
2001-06-25 23:37:27 +00:00
wiz
419e44fdc2 Mostly formatting fixes. 2001-06-24 17:44:11 +00:00
veego
7b726945ac There is no photurisd(8). 2001-06-24 17:29:43 +00:00
assar
f9feddfb52 add string.h, noted by Staffan Thomen <duck@multi.fi> 2001-06-23 22:42:43 +00:00
itojun
69d60502fe upgrade to openssh 2.9, around 2001/6/24 (from openbsd usr.bin/ssh).
- authorized_keys2 and known_hosts2 are obsoleted, and integrated
  into those without "2".
- file name change, /etc/primes -> /etc/moduli
- cleanups
2001-06-23 19:37:38 +00:00
itojun
0d521994cf OpenBSD 2001/6/24 2001-06-23 19:09:44 +00:00
itojun
6cc43ed622 OpenSSH 2.9 as of 2001/6/24 2001-06-23 16:36:22 +00:00
itojun
5324608adc reject expired password/account. warn if interactive && about to expire.
ala login(1).  From: Brian Poole <raj@cerias.purdue.edu>

XXX code duplicate with login(1) - should be solved by BSD AUTH code integration
2001-06-23 08:08:04 +00:00
itojun
fed4515da9 bump netbsd-local version number to identify X11 "cookies" fix 2001-06-20 07:49:45 +00:00
assar
4b1c7f1857 update generated heimdal include files for 0.3f
update Makefile infrastructure for 0.3f
bump shared library versions
fix some merge problems
2001-06-20 02:01:18 +00:00
assar
df54fb31c9 merge in conflicts after 0.3f import 2001-06-19 22:39:52 +00:00
assar
c6c55d41cd import of heimdal 0.3f 2001-06-19 22:08:08 +00:00
assar
f9ab899fe6 import of heimdal 0.3f 2001-06-19 22:07:32 +00:00
lukem
ab32b074ec If UseLogin is enabled, disable X11Forwarding (since xauth passing doesn't
work in this case, so X11Forwarding is effectively useless). Document this.
Resolves my pr [security/13172].
2001-06-18 10:26:33 +00:00
wiz
b6449b85de Add RCS Id, adapt to NetBSD, fix punctuation and whitespace. 2001-06-15 12:50:44 +00:00
wiz
0cc24e9a9f On note by kleink: Add primes.5 to crypto/dist/ssh instead of share/man/man5.
Import state of 2001-06-14.
2001-06-15 12:47:39 +00:00
itojun
82b8462ccf apply ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.9/common/006_sshcookie.patch.
sshd(8) allows users to delete arbitrary files named "cookies"
       if X11 forwarding is enabled. X11 forwarding is disabled by
       default.
2001-06-14 02:45:30 +00:00
itojun
f7528da67e make it compile with KRB4 and not with KRB5. from IIJ SEIL team 2001-06-14 02:42:31 +00:00
wiz
71a78ab6ea Note that HEIMDAL should be removed after '.Os' in man pages on import. 2001-06-05 17:08:07 +00:00
joda
8f12cb2799 not yet operational Heimdal import script 2001-06-05 17:04:24 +00:00
wiz
5e80b5d2de Remove trailing dot in Nd. 2001-06-05 12:19:35 +00:00
wiz
4abaa1bb50 No argument for .Os. 2001-06-05 11:11:07 +00:00
wiz
04065ff226 No argument for .Os. 2001-06-05 10:13:54 +00:00
wiz
48a36de9c0 Don't give .Os an argument, not even 'NetBSD' (default includes version). 2001-06-05 10:08:03 +00:00
itojun
59dea86dc0 disable DNSSEC build, for two reasons. (1) restrictive license
(2) due to protocol changes BIND8 DNSSEC code is not really useful
2001-05-27 04:39:40 +00:00
itojun
de1e278afa $NetBSD$ 2001-05-26 23:26:59 +00:00
itojun
c01f1862d6 prime table for OpenSSH, from OpenBSD etc/primes 2001-05-26 23:24:21 +00:00
itojun
900d6f1790 BIND 8.2.4 2001-05-17 20:45:58 +00:00
itojun
5bb235dbab recover $NetBSD$ 2001-05-15 16:00:32 +00:00
itojun
f4532f2487 upgrade to openssh (openbsd usr.bin/ssh) 2.9, around 5/15/2001. 2001-05-15 15:26:07 +00:00
itojun
72af75e4ce OpenSSH 2.9 as of 2001/5/15 2001-05-15 15:02:20 +00:00
itojun
d9f67f8672 reduce amount of diff with openbsd usr.bin/ssh (for -Wall -Werror clean)
so that we can get rid of local changes.

openssh side do not like static functions so put prototypes into each files
rather than making function static.
2001-05-15 14:50:49 +00:00
onoe
c85f9c433b Do not discard input data from client for channels waiting for connection
establishment.
2001-05-08 03:02:35 +00:00
joda
ba3d920481 fix argument number test 2001-05-04 13:09:43 +00:00
joda
cbf5d74c87 fix argument count check after getarg change; spotted by Mark Davies
in bin/12696
2001-04-19 07:30:04 +00:00
itojun
b7ab24621c do not attempt to pass null pointer to krb5 library. PR 12683 2001-04-17 12:27:37 +00:00
tron
517c969698 Fix possible core dump in "ssh-add". Patch supplied by Wolfgang Rupprecht
in PR pkg/12669.
2001-04-16 03:10:14 +00:00
itojun
aae394a457 make it compile on macppc (or, platforms where char = unsigned char)
From: Dave Huang <khym@azeotrope.org>
2001-04-14 08:36:12 +00:00
itojun
08f45e7850 fix unterminated L<>. 2001-04-12 09:42:45 +00:00
itojun
974c617dfe sync better with 0.9.6a. 2001-04-12 07:57:56 +00:00
itojun
35a07da1df use openssl 0.9.6a. shlib major # is bumped for libcrypto, libssl and
all kerberos libraries.
2001-04-12 07:48:03 +00:00
itojun
75902e8d9b OpenSSL 0.9.6a 2001-04-12 03:10:36 +00:00
itojun
3095531005 OpenSSL 0.9.6a 2001-04-12 03:08:43 +00:00
itojun
b9e8ac0f0f OpenSSL 0.9.6a 2001-04-12 03:06:03 +00:00
itojun
374141fb16 duplicated calls to login_getclass.
From: Jim Bernard <jbernard@mines.edu>
2001-04-11 23:39:46 +00:00
wiz
00daa6e0e2 Fix date. 2001-04-11 19:37:45 +00:00
wiz
51e75c4dd0 add section to xref 2001-04-11 19:28:27 +00:00
wiz
f3e777112c Fix date. 2001-04-11 18:23:42 +00:00
itojun
9e3025d914 des_cblock_print_file() does not really exist. 2001-04-11 10:13:28 +00:00
itojun
8acc6b96b1 refer ~/.ssh/id_rsa{.pub,}. sync with openbsd usr.bin/ssh. 2001-04-10 09:15:49 +00:00
itojun
235b9f0c2f upgrade to openssh 2.5.4 (2001/4/10).
major behavior changes: (made in openssh master tree - openbsd usr.bin/ssh)
- ssh(1) now defaults to ssh protocol version 2.
  if you want version 1 to take precedence, use /etc/ssh.conf to override.
- config change: ~/.ssh/id_rsa[12] is now ~/.ssh/id_rsa (changed 4/3)
- forced client rekey for protocol version 2 (~R)
- swap gid when uid swaps.
- ListenAddress syntax can take [foo]:port for IPv6 numerics.
- "ssh -D 1080" allows us to use ssh tunnel as SOCKS4 proxy.
2001-04-10 08:07:54 +00:00
itojun
d5fbc62ac3 OpenSSH 2.5.4 as of 2001/04/10 2001-04-10 07:13:48 +00:00
wiz
8626516b97 Prefer logical mark-up in one place. 2001-04-09 13:01:11 +00:00
wiz
18a4938209 Fix date. 2001-04-09 12:49:14 +00:00
wiz
f1e8ff0ae6 Fix date. 2001-04-09 12:42:35 +00:00
thorpej
dfaae5d853 Fix markup bug accidentally un-done in 0.3e merge fixup. 2001-04-07 22:20:33 +00:00
thorpej
f4872dded4 Reduce diffs with 0.3e (mostly, complete the merge). 2001-04-07 21:29:20 +00:00
thorpej
9ad709dc65 More mishaps from the 0.3e merge. 2001-04-07 21:03:51 +00:00
wiz
14dbdf5518 Negative exit code cleanup: Replace exit(-x) with exit(x).
As seen on tech-userlevel.
2001-04-06 11:13:45 +00:00
itojun
01692d62bf 0.3e import leftover. heimdal experts, please check. 2001-04-06 10:10:21 +00:00
itojun
500c4f040b sync HEAD with v0-3e tag. it seems that it was left behind when heimdal
0.3e is imported.  without this change, lib/libhdb does not compile.
PR12560
2001-04-06 08:32:35 +00:00
thorpej
6158847f3d Prevent a NULL-pointer deref when making a TGS_REP for a ticket
renewal.

Patch from Assar via private mail.
2001-04-06 04:39:31 +00:00
thorpej
d545f30495 Merge April 4, 2001 racoon/libipsec. 2001-04-04 19:36:39 +00:00
thorpej
089a40db4b Import racoon/libipsec as of April 4, 2001. 2001-04-04 19:33:00 +00:00
wiz
6b5ab77765 fo -> for 2001-04-02 18:25:34 +00:00
wiz
7d378dde0d It's vs. Its. 2001-04-02 17:28:29 +00:00
lukem
315c0a92f9 if debugging (i.e, -v), use options.level instead of SYSLOG_LEVEL_INFO
to the first call to log_init(), otherwise debug messages from config
file parsing won't appear. (this seems to have been broken in recent
versions of openssh)
2001-04-02 03:53:36 +00:00
thorpej
6fe37483a3 Set the KRB5CCNAME envrironment variable in the child if we received
forwarded Kerberos 5 credentials, so that the process that needs them
can actually find them.
2001-03-28 03:31:52 +00:00
thorpej
8ab184566c When we receive forwarded Kerberos credentials, stuff them into
a file credential cache (rather than a memory credential cache)
so that they're useful.
2001-03-28 03:17:23 +00:00
thorpej
2651b336ba Somewhat crude hack to make Kerberos 5 credential forwarding work. 2001-03-28 03:02:51 +00:00
thorpej
2f7b0c6c27 Print useful Kerberos error messages. 2001-03-27 03:58:02 +00:00
itojun
0265b9e0c2 redo 1.1 -> 1.2. on RAND_file_name(), return /dev/urandom by default.
RAND_{load,write}_file() takes care of device file case.  from openbsd.
2001-03-26 18:08:25 +00:00
itojun
522ac04d08 backout 1.1 -> 1.2 (use /dev/urandom if no value can be found),
/dev/urandom is not a normal file - there'll be no EOF.
noticed by Manuel Bouyer.
2001-03-21 19:49:50 +00:00
simonb
08e4590096 Cast to (long long) when using "%lld" in a printf format. 2001-03-21 00:11:06 +00:00
itojun
37da3c3c3c sync with openssh 2.5.2 (from openbsd usr.bin/ssh, not from portable). 2001-03-19 20:03:24 +00:00
itojun
7617bcad07 OpenSSH 2.5.2 as of 3/19/2001, from openbsd usr.bin/ssh 2001-03-19 19:42:00 +00:00
thorpej
9ab0878e2a If we get a KRB5KRB_AP_ERR_BAD_INTEGRITY on a TGS req with
a key usage of KRB5_KU_TGS_REQ_AUTH, then try again with a
key usage of KRB5_KU_AP_REQ_AUTH.  This addresses an interop
issue between new kinit(1) (0.3e) and older KDCs (such as 0.3a).

Patch from assar@netbsd.org; see discussion on current-users.
2001-03-12 19:25:51 +00:00
joda
bee147163e simplify the krb5 code somewhat 2001-03-12 17:56:36 +00:00
thorpej
3fba4682aa Fix LP64 problem in Kerberos 5 TGT passing. 2001-03-09 06:28:30 +00:00
thorpej
ca0ffe95fb Merge 2002/03/08 racoon import. 2001-03-08 22:27:52 +00:00
thorpej
29f3673b42 KAME racoon as of 2001/03/08. 2001-03-08 22:18:05 +00:00
thorpej
ac356314da Document:
- forwardable ([libdefaults] and [realms])
- proxiable ([libdefaults] and [realms])
- date_format ([libdefaults])
- srv_lookup ([libdefaults])
- srv_try_txt ([libdefaults])
- scan_interfaces ([libdefaults])
- fcache_version ([libdefaults])
2001-03-08 17:53:46 +00:00
thorpej
bda8951f6b Plug some memory leaks. 2001-03-08 04:12:08 +00:00
assar
e625c71295 add krb5 support to ssh/sshd. based on code initially from Daniel Kouril <kouril@informatics.muni.cz> and Björn Grönvall <bg@sics.se> 2001-03-04 00:41:27 +00:00
jmc
bacb2758e0 Change keymatlen to size_t to match prototype for str2val. 2001-02-25 03:50:05 +00:00
itojun
96863758b7 remove WARNS=0. from enami 2001-02-22 03:11:24 +00:00
itojun
82ff942844 document complex_bundle. sync with kame 2001-02-22 02:42:43 +00:00
itojun
a5316a5fa5 sync with 2/22 code. -B and -Z,
bundle proposal interpretation, and some other fixes.
XXX WARNS?=0 in racoon/Makefile is necessary to compile yacc-generated files
(static function, generated by yacc, is never used).
2001-02-22 02:33:06 +00:00
itojun
98857d7198 KAME racoon as of 2001/2/22 2001-02-22 02:21:12 +00:00
itojun
1317273fae sync up with 2.5.1.
this fixes backward compatibility breakage against 1.2.18 - 1.2.22.
2001-02-19 12:13:04 +00:00
itojun
10400c1d11 OpenSSH 2.5.1 as of 2001/2/19 2001-02-19 12:09:12 +00:00
itojun
c83dc32a4c sync up with 2.5.0. simulate echobacks, X11 display name check, sftp upgrdes. 2001-02-16 15:48:34 +00:00
itojun
f02c06e047 OpenSSH 2.5.0 as of 2001/2/17 2001-02-16 15:41:22 +00:00
joda
ce75fa5829 removed in 0.3e 2001-02-16 15:34:39 +00:00
itojun
72b00a4178 take the safest side, mandate rnd(4). 2001-02-14 04:46:58 +00:00
itojun
788df94479 update import date. 2001-02-14 01:22:02 +00:00
itojun
531a3ed838 sync with 2/14.
openssh changes:
- SIGWINCH propagated correctly
- mitigate SSH1 traffic analysis
- sprintf -> snprintf and lots of other cleanups
netbsd local changes:
- include OpenBSD RCSID into binary again, which helps us diagnose later.
2001-02-14 01:06:48 +00:00
itojun
da62f78331 OpenSSH 2.3.2 as of 2001/2/14 2001-02-14 00:53:01 +00:00
assar
43c24b8340 undef ECHO to avoid a warning from the lex-generated code 2001-02-11 17:59:15 +00:00
assar
7a01412798 fix merg-up 2001-02-11 17:58:27 +00:00
assar
657da009a2 fix texinfo mark-up bug 2001-02-11 17:56:09 +00:00
assar
465ad8fda9 fix merge-ups 2001-02-11 16:08:41 +00:00
assar
be890e9bcf fix merge conflicts 2001-02-11 14:13:07 +00:00
assar
7a16662ba0 import of heimdal 0.3e 2001-02-11 13:51:06 +00:00
itojun
a7b1b8e49c make sure to zero-fill malloced region. sync with openbsd/usr.bin/ssh 2001-02-09 14:39:47 +00:00
itojun
19fb6ccf8d comment: function are named "arc4"foo just for easy porting. 2001-02-09 00:44:35 +00:00
itojun
e3045c89d8 sync with 2.3.2. 2001-02-08 19:02:14 +00:00
itojun
e5eae0162b OpenSSH 2.3.2 as of 2001/2/9 2001-02-08 18:55:32 +00:00
itojun
7f8fa38080 authentication mistake in SSHv2 + pubkey, from markus.
REBUILD AND RESTART SSHD NOW.
(vulnerability window for netbsd-current - < 48hours)
2001-02-08 18:17:24 +00:00
itojun
fbfaba7e44 %30s is too short for IPv6 addrssses. 2001-02-08 10:08:53 +00:00
itojun
54bdd08634 fix size_t -> int cast. need checking with alpha... 2001-02-07 18:05:23 +00:00
itojun
3614dcc87c unsigned long long -> %llu, not %qd 2001-02-07 18:01:30 +00:00
itojun
31c0f02be2 update date string 2001-02-07 17:07:07 +00:00
itojun
1f5cfca3e6 sync crypto/dist/ssh with re-importorted tree. try to minimize diffs
with openssh tree to ease future upgrade.  re-do local changes, including:
- prototype pedants
- IgnoreRootRhosts
- login.conf user validation
some of the local changes that weren't used are omitted for now.  we may
need to revisit those afterwards.

it adds "sftp".
2001-02-07 17:05:31 +00:00
itojun
9d3aa44a65 OpenSSH 2.3.1 as of 2001/2/8 2001-02-07 16:46:40 +00:00
christos
a132b86864 remove redundant declarations 2001-02-04 22:55:26 +00:00
thorpej
78463fc818 Remove the pid file upon exit. 2001-02-04 20:15:52 +00:00
christos
c9b3202d16 remove/avoid redundand declarations. 2001-02-04 18:04:03 +00:00
christos
ef5d120e44 remove redundant decls. 2001-02-04 18:03:03 +00:00
christos
e745af3d91 remove redundant declarations. 2001-02-04 18:02:30 +00:00
christos
9b24735fd3 ifdef out redundant declaration of crypt(3); we don't need it. 2001-02-04 18:01:48 +00:00
christos
28473bf6be remove redundant prototypes. 2001-02-04 18:00:31 +00:00
thorpej
848d04a86c Merge the notsnap20010129 import. 2001-01-30 02:08:54 +00:00
thorpej
05d9e5e0e0 Update racoon from today's KAME sources. Includes memory leak
fixes in the GSSAPI support code.
2001-01-30 02:04:39 +00:00
itojun
2d889f0dc5 have safeputchar() for tcpdump/packet-isakmp.c. reported by bernd,
sync with kame.
2001-01-28 17:17:56 +00:00
itojun
21ecf40da9 BIND 8.2.3 2001-01-27 08:07:35 +00:00
thorpej
b6abea6f2b Merge notsnap20010126 import. 2001-01-26 23:56:18 +00:00
thorpej
034d969067 Bring in latest racoon/libipsec from KAME (not part of a snap
kit).  Includes a few bugfixes from, including a re-key problem
and memory leak when doing GSSAPI authentication for Phase 1.
Also some better config file documentation.
2001-01-26 23:53:26 +00:00
jdolecek
f17efc018b complete the paragraph about HostKey directive, reword slighly 2001-01-24 22:59:11 +00:00
thorpej
16915b1818 Merge conflicts from notsnap20010124 import. 2001-01-24 18:18:32 +00:00
thorpej
1e7bdbcad4 Bring in latest racoon/libipsec from KAME (not part of a snap
kit).  Includes several racoon bugfixes, including ones that
fix coredumps when using GSSAPI authentication for Phase 1.
2001-01-24 18:10:22 +00:00
itojun
6530b069f5 fix to PR 11320 (ssh-askpass gets invoked forever if we don't have
control terminal).  from markus@openbsd
2001-01-21 02:44:05 +00:00
hubertf
cbd751b376 Sync with localsrc: The default is "ForwardX11 no". 2001-01-20 03:38:19 +00:00
itojun
096913193b disable s/key authentication request (from client) by default, to prevent
confusing fake s/key challenge to show up.
per recent discussion on tech-userlevel.
2001-01-18 13:37:17 +00:00
itojun
f08806ada3 fix printf format for u_int64_t 2001-01-17 11:35:38 +00:00
simonb
3cc4829557 Fix printf format with sizeof(). 2001-01-16 02:20:19 +00:00
toshii
a230982a45 Catch up with sshd config file entry changes.
Now we need to explicitly set DSA key location to use protocol version 2.
2001-01-15 06:13:08 +00:00
itojun
a98ee796df $NetBSD$ 2001-01-14 05:28:01 +00:00
itojun
a0f7a7d829 crypto/dist/ssh: resolve conflicts with 2.3.0/20010105.
usr.bin/ssh: add ssh-keyscan and sftp-server into SUBDIR.
2001-01-14 05:22:31 +00:00
itojun
bfbf0e0d31 NetBSD Secure Shell, based on OpenSSH 2.3.0 around 1/5/2001 2001-01-14 04:49:51 +00:00
lukem
286bcc01a3 don't use LOG_CONS 2001-01-11 02:58:05 +00:00
christos
339f061e38 remove redundant decls 2001-01-07 23:21:44 +00:00
mycroft
feb89c799a Add a COMPATIBILITY section, mentioning the lossage with IDEA-encrypted keys. 2001-01-07 20:48:06 +00:00
christos
6b02df2bb5 remove redundant decl. 2001-01-07 05:44:03 +00:00
christos
1473c569f5 eliminated redundant decl. 2001-01-07 00:01:16 +00:00
christos
2c1245f292 eliminate redundant declarations. 2001-01-06 23:30:57 +00:00
itojun
cbf1717a72 do not allow outsider from injecting syslog entry anonymously.
log peer's ip address instead.
openbsd PR 1600.
2001-01-05 06:33:36 +00:00
itojun
b1375d5035 do not look at environment variables if issetugid() == 0.
use random number device file as the default value.
from openbsd.
2001-01-05 06:22:32 +00:00
lukem
f819878ce7 use more standard %ll_ in favour of %q_ 2001-01-04 15:39:50 +00:00
itojun
650239ad74 fix error return (0 -> -1). sync with kame. 2001-01-04 06:16:38 +00:00
itojun
f2b75fc51d sync with kame: NULL != 0 2001-01-02 05:08:43 +00:00
itojun
5a3fc2bdaa PR 11715
- kerberos is in chapter 8, not 7
- ftp(1) is not kerberized.
2000-12-31 07:45:50 +00:00
toshii
3a0975845b Enable TCP_NODELAY socket option also for interactive IPv6 connections.
TCP_NODELAY isn't IPv4 only.
2000-12-30 14:54:38 +00:00
itojun
1a9f8a405b change pathname to netbsd-oriented 2000-12-29 03:12:59 +00:00
assar
492d9092b5 merge fix-ups 2000-12-29 02:52:35 +00:00
itojun
69fd2e0f90 location of manpage 2000-12-29 02:32:42 +00:00
itojun
57ebd1b3c8 KAME racoon, 2000/12/29 2000-12-29 02:25:05 +00:00
itojun
349ac51600 KAME libipsec/libpfkey, 2000/12/29 2000-12-29 02:24:40 +00:00
assar
8905d28796 was removed in krb4-1.0.5 2000-12-29 02:07:25 +00:00
assar
a842a70c3c merge 2000-12-29 01:52:14 +00:00
assar
2d80b20be2 import krb4-1.0.5 2000-12-29 01:42:08 +00:00
fvdl
be812c01d9 Remove redundant forward declaration of krb5_cache_data struct. 2000-12-24 12:17:21 +00:00
itojun
5389a2b390 cope with embedded KAME scopeid. getifaddrs() expose kernel internal format
to the userland.
2000-12-21 03:58:52 +00:00
nathanw
1cc86f8ba4 Check the return value of krb5_init_context(), and bail out if it failed.
Also, when failing, don't try to use the non-initialized context value
to determine the error text.

This avoids dumping core in the following programs when /etc/krb5.conf is
missing or broken: klist, kdestroy, kpasswd, kadmin, kadmind, ktutil, kdc.

XXX Better error reporting in this failure case would be nice.
2000-12-19 21:31:11 +00:00
assar
2eabd5aae0 (tf_create): remove the overwriting of the old ticket file 2000-12-09 00:53:52 +00:00
assar
71d1fbbd25 (kdc_reply_cipher): fix buffer over-run 2000-12-09 00:53:21 +00:00
assar
a32b774256 remove (obsolete) support for environment variables. 2000-12-09 00:51:46 +00:00
thorpej
ecf24d1394 Use getifaddrs() if HAVE_GETIFADDRS is defined. 2000-12-03 20:21:03 +00:00
thorpej
074a0c939d In krb5_sendto(), try the send/recv *inside* the loop through the
addinfos, so that e.g. if we fail to connect with an IPv6 address,
we can fall back onto an IPv4 address.
2000-12-02 01:53:08 +00:00
fvdl
c9366a8efe Fix reversed test. 2000-11-20 14:08:12 +00:00
mason
18a6237381 s/usefull/useful/ 2000-11-20 06:42:05 +00:00
itojun
40ad5fc4c1 correct validation on X11 forwarding. from markus@openbsd 2000-11-13 02:30:38 +00:00
joda
25f03b52f9 remove extra .Xc 2000-11-12 15:40:19 +00:00
is
d2b5345f10 When forwarding a connection, use the right descriptor to get IP options.
Fixes PR 11261 my Michael Eriksson, using his patch.
2000-11-07 16:06:24 +00:00
fvdl
e22c13589c Make gss_acquire_cred actually work. Add a ccache member to the id_t struct
to store alternate creds, retrieved from a keytab. Make gss_init_sec_context
work with creds != GSS_C_NO_CREDENTIAL. Free ccache in id_t in release_cred.
2000-11-06 15:06:51 +00:00
christos
392621627b always attempt to canonicalize hostnames, not only when the hostname
does not contain a dot.
2000-11-05 20:09:08 +00:00
mason
43bcdca61e Apply the following:
-       static u_int16_t n = HASH_MINSIZE / HASH_ENTRYSIZE;
+       static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE;

...so that large packets do not wrap "n".
2000-10-30 18:58:37 +00:00
veego
923459b8ef Print a newline after 'You entered the wrong passphrase.' 2000-10-29 08:55:59 +00:00
itojun
f3f11aec78 make version identification string conform to SSH version string format.
version format must be like:
	SSH-[0-9]*.[0-9]*-[^-]*( .*)?
and previous string did not conform to the requirement (too many hyphens).
based on comment from markus@openbsd (openssh maintainer)
2000-10-28 13:41:55 +00:00
joda
4b39e2fe3f fix v4 fallback lifetime calculation 2000-10-27 14:44:08 +00:00
simonb
dc0fe34aa7 Reduce swap_bytes() to a non-alignment dependent implementation - some
calls to swap_bytes() do indeed have non-aligned sources and destinations.
Fixes unaligned access problems on alpha and probably some of our other
architectures.
2000-10-23 11:40:55 +00:00
mycroft
968a585ab4 Fix formatting error. 2000-10-20 18:01:26 +00:00
martin
6a12425bca We have renamed the configuration file, adapt the documentation. 2000-10-20 12:40:34 +00:00
bouyer
e33acbd7b7 Correct printf format (used with integers, not longs). 2000-10-19 15:10:33 +00:00
taca
c011ac8db6 - Correct missing closedir(3) in SSL_add_dir_cert_subjects_to_stack().
This should be fix the bug that apache enabled SSL may exhaust its
  file descriptors.  Noted by TAKANO Yuji <takachan@running-dog.net>
  on apache@ecc.u-tokyo.ac.jp, apache mailing list in Japanese.

  He had already sent a bug report to openssl-dev@openssl.org, but it
  wasn't fixed in openssl-0.9.6.  :-(
2000-10-13 01:47:27 +00:00
itojun
b5c4933a2d printf format pedant. (size_t -> u_long). 2000-10-10 13:14:55 +00:00
is
612e4c298a define DES_LONG in time to be used by later header files. 2000-10-08 18:42:03 +00:00
is
7db764779b Format string cleanup by sommerfeld. 2000-10-08 18:40:08 +00:00
itojun
a001cd4e77 exit 0 on success, 1 on error 2000-10-06 06:21:16 +00:00
sommerfeld
dc3402136b Constify variables containing format strings 2000-10-05 14:32:50 +00:00
sommerfeld
37146bcc18 format checking for internal functions 2000-10-05 14:17:12 +00:00
sommerfeld
29dec280ee format checking for internal function 2000-10-05 14:16:10 +00:00
sommerfeld
8b2d1fefd2 Miscellaneous format string safety improvements 2000-10-05 14:09:07 +00:00