Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
98,412 Commits 606 Branches 0 Tags 3.1 GiB
c650ef5756
Commit Graph

134 Commits

Author SHA1 Message Date
wiz
d844f0d7b1 Fix Xrefs. 2002-06-13 00:15:09 +00:00
wiz
78c59017cc Remove photurisd reference. 2002-06-13 00:14:26 +00:00
itojun
b745604c00 sync sockaddr_ntop with latest openssh (minor change) 2002-06-09 22:22:55 +00:00
itojun
be5f1d082c use getnameinfo on diag printing. sync w/openssh in openbsd 2002-06-08 21:17:57 +00:00
itojun
e67961b545 check sshd uid/chroot dir on UsePrivilegeSeparation mode, and die if they 
do not exist.  sync w/openssh
 2002-05-29 23:54:29 +00:00
itojun
a5c3041a1b bump date for rhosts auth fix 2002-05-27 13:45:40 +00:00
itojun
b274d69ad0 correct rhosts authentication. should fix PR 17023 2002-05-27 13:45:17 +00:00
itojun
a46557038c now arc4random is in libc, we don't need to supply local version 2002-05-25 00:29:52 +00:00
itojun
e26b1052bb use /var/chroot/sshd instead of /var/empty. suggested by christos 2002-05-16 20:59:35 +00:00
itojun
f47caddaf3 turn on privilege separation, as 3.2.1 default do. 
requires sshd uid/gid as well as /var/empty directory.
 2002-05-14 23:33:07 +00:00
itojun
ca89359407 sync with 3.2.1 as of 5/13. 
NOTE: privilege separation is turned off by default
as it seems there still are issues with setsid().
 2002-05-13 02:58:17 +00:00
itojun
24255a6a60 OpenSSH 3.2.1 as of 2002/5/13 2002-05-13 02:28:40 +00:00
lukem
244b762de1 Complete the conversion back to the OpenSSH default configuration files of 
"/etc/ssh/ssh_config" (from "/etc/ssh/ssh.conf") for ssh(1) and other
userland tools, and "/etc/ssh/sshd_config (from "/etc/ssh/sshd.conf")
for sshd(8).

etc/postinstall will detect this, and if "fix" is given, rename the files.
 2002-04-29 08:23:34 +00:00
itojun
936168b29d correct afs/kerberos token-passing. notified by markus@openbsd 2002-04-24 01:48:04 +00:00
itojun
34b40b030e sync with openssh 3.2 as of 2002/4/22. 
- privilege separation
- afs/kerberos auth security issue fixed
 2002-04-22 07:59:35 +00:00
itojun
ff10d69ea5 OpenSSH 3.2 as of 2002/4/22. bring in sys/sys/tree.h 2002-04-22 07:47:47 +00:00
itojun
f597d4ec88 OpenSSH 3.2 as of 2002/4/22. fixes issues with AFS/kerberos auth 2002-04-22 07:35:39 +00:00
itojun
0a2445c3b6 move sshd config files to /etc/ssh 2002-03-11 04:57:55 +00:00
sommerfeld
68c304f103 Fix several LL128 format string mismatches with a chainsaw. 
%llu is "unsigned long long", not "uint64_t"; the former can be 128
bits on LP64 systems.
 2002-03-09 15:03:33 +00:00
itojun
9d597e40f3 printf type mismatch. 2002-03-08 06:03:21 +00:00
itojun
295a85a1c9 sync better with reality (LoginGraceTime) 2002-03-08 02:18:11 +00:00
itojun
af34a358ff sync w/ 3.1 as of 2002/3/8. configuration file directory is still /etc 
(openbsd usr.bin/ssh is using /etc/ssh)
 2002-03-08 02:00:50 +00:00
itojun
797a097779 OpenSSH 3.1 as of 2002/3/8. plugs off-by-one security hole 2002-03-08 01:20:24 +00:00
tron
9097d36b33 Fix off by one error described in "PINE-CERT-20020301" advisory. 2002-03-07 16:02:22 +00:00
joda
a8d19a98fc don't try to use the krb5 context if the init fails; should fix 
bin/15585
 2002-02-26 11:16:08 +00:00
bjh21
4845a9458f Rather than assuming that -1 is a valid value for a LogLevel or LogFacility, 
explicitly declare SYSLOG_LEVEL_NOT_SET and SYSLOG_FACILITY_NOT_SET and use
those instead.

This is necessary for -fshort-enums platforms, and corresponds to the
following OpenBSD revisions:
log.c           1.21
log.h           1.5
readconf.c      1.95
servconf.c      1.53
 2002-02-10 16:23:33 +00:00
explorer
ad08960f5c When calling krb5_verify_user(), we must restore root's uid, since it will need to read /etc/krb5.keytab. 2001-12-19 10:28:47 +00:00
he
a18ce029f6 Deal with lossage caused by the addition of the netbsd-1-5 branch tag 
to these files.

Apparently, the "magic" which causes the latest version on the
vendor branch to appear at the head in the repository broke when
the netbsd-1-5 tag was added.  Thus, merge in the lost revisions from
the vendor tag to work around this.
 2001-12-13 15:53:54 +00:00
itojun
e2970b134f sync with openbsd/remove variable name from prototype 2001-12-12 17:24:46 +00:00
itojun
684138909c fix constness difference in prototype and func def. 2001-12-12 17:16:16 +00:00
itojun
718900f830 sync with 3.0.2 2001-12-06 03:54:04 +00:00
itojun
d97f5d9481 OpenSSH 3.0.2 as of 2001/12/06. fixes environment variable passing in UseLogin=yes 2001-12-06 03:46:04 +00:00
thorpej
cce3152281 Deal with an LP64 printf format issue. 2001-11-30 00:46:36 +00:00
itojun
d4b3b8bf82 update version date to 20011127 2001-11-27 04:16:08 +00:00
itojun
f7146cb367 resolve one more conflict 2001-11-27 04:11:23 +00:00
itojun
ce0e2b2976 resolve conflicts on 3.0.1 import 2001-11-27 04:10:22 +00:00
itojun
c0c77d470a OpenSSH 3.0.1 as of 2001/11/27. minor bugfixes only. 2001-11-27 04:03:44 +00:00
itojun
6ececc36b4 openssh 3.0 krb5 auth problem has been plugged, 
sync up version number to 3.0.1 so that we can identify it.
 2001-11-19 07:39:57 +00:00
itojun
1eb2191d4f fix auth_krb5() error case behavior. found by jhawk, sync with openbsd tree 2001-11-12 05:45:29 +00:00
itojun
29574d25c5 sync with 3.0 as of 2001/11/7. 2001-11-07 06:26:47 +00:00
itojun
29c34cbb94 OpenSSH 3.0 as of 2001/11/7 2001-11-07 06:20:12 +00:00
sommerfeld
9de5bfcf8f Turn on TCP_NODELAY over loopback 2001-10-18 19:46:12 +00:00
itojun
880aff49c4 buffix from openbsd tree: users config should overwrite system config. 2001-10-02 00:39:14 +00:00
itojun
ba613513e8 sync with openssh 2.9.9 around 9/27. 2001-09-27 03:24:01 +00:00
itojun
bcdc367f57 OpenSSH 2.9.9 as of 2001/9/27 2001-09-27 02:00:33 +00:00
itojun
00489c2412 apply the following advisory. 2.9.9 will be imported soon. 
Subject: OpenSSH Security Advisory (adv.option)
From: Markus Friedl <markus@openbsd.org>
Message-ID: <20010926231823.A15229@folly>
 2001-09-27 00:12:42 +00:00
cjs
d814de63b5 For consistency, make permit_root_login default to PERMIT_NO if not specified 
in the config file. Thanks to itojun for pointing this out.
 2001-09-03 04:23:10 +00:00
cjs
da09d12c1e Document that PermitRootLogin's default is now "no". 2001-08-31 09:00:29 +00:00
cjs
894936aa50 Do not permit direct root logins. This makes ssh consistent with 
NetBSD's default security policy in this area: if you are not on
a secure terminal, you must be able to authenticate as a user in
the "wheel" group before you may attempt to authenticate as root
using the root password.
 2001-08-31 08:16:24 +00:00
garbled
7c0934f7f5 While writing sushi's support for sshd.conf, I found out that the manpage 
lies wrt to MaxStartups.  Make the manpage match the code.
 2001-08-03 02:29:07 +00:00