6fe37483a3
Set the KRB5CCNAME envrironment variable in the child if we received
...
forwarded Kerberos 5 credentials, so that the process that needs them
can actually find them.
2001-03-28 03:31:52 +00:00
8ab184566c
When we receive forwarded Kerberos credentials, stuff them into
...
a file credential cache (rather than a memory credential cache)
so that they're useful.
2001-03-28 03:17:23 +00:00
2651b336ba
Somewhat crude hack to make Kerberos 5 credential forwarding work.
2001-03-28 03:02:51 +00:00
2f7b0c6c27
Print useful Kerberos error messages.
2001-03-27 03:58:02 +00:00
0265b9e0c2
redo 1.1 -> 1.2. on RAND_file_name(), return /dev/urandom by default.
...
RAND_{load,write}_file() takes care of device file case. from openbsd.
2001-03-26 18:08:25 +00:00
522ac04d08
backout 1.1 -> 1.2 (use /dev/urandom if no value can be found),
...
/dev/urandom is not a normal file - there'll be no EOF.
noticed by Manuel Bouyer.
2001-03-21 19:49:50 +00:00
08e4590096
Cast to (long long) when using "%lld" in a printf format.
2001-03-21 00:11:06 +00:00
37da3c3c3c
sync with openssh 2.5.2 (from openbsd usr.bin/ssh, not from portable).
2001-03-19 20:03:24 +00:00
7617bcad07
OpenSSH 2.5.2 as of 3/19/2001, from openbsd usr.bin/ssh
2001-03-19 19:42:00 +00:00
9ab0878e2a
If we get a KRB5KRB_AP_ERR_BAD_INTEGRITY on a TGS req with
...
a key usage of KRB5_KU_TGS_REQ_AUTH, then try again with a
key usage of KRB5_KU_AP_REQ_AUTH. This addresses an interop
issue between new kinit(1) (0.3e) and older KDCs (such as 0.3a).
Patch from assar@netbsd.org ; see discussion on current-users.
2001-03-12 19:25:51 +00:00
bee147163e
simplify the krb5 code somewhat
2001-03-12 17:56:36 +00:00
3fba4682aa
Fix LP64 problem in Kerberos 5 TGT passing.
2001-03-09 06:28:30 +00:00
ca0ffe95fb
Merge 2002/03/08 racoon import.
2001-03-08 22:27:52 +00:00
29f3673b42
KAME racoon as of 2001/03/08.
2001-03-08 22:18:05 +00:00
ac356314da
Document:
...
- forwardable ([libdefaults] and [realms])
- proxiable ([libdefaults] and [realms])
- date_format ([libdefaults])
- srv_lookup ([libdefaults])
- srv_try_txt ([libdefaults])
- scan_interfaces ([libdefaults])
- fcache_version ([libdefaults])
2001-03-08 17:53:46 +00:00
bda8951f6b
Plug some memory leaks.
2001-03-08 04:12:08 +00:00
e625c71295
add krb5 support to ssh/sshd. based on code initially from Daniel Kouril <kouril@informatics.muni.cz> and Björn Grönvall <bg@sics.se>
2001-03-04 00:41:27 +00:00
bacb2758e0
Change keymatlen to size_t to match prototype for str2val.
2001-02-25 03:50:05 +00:00
96863758b7
remove WARNS=0. from enami
2001-02-22 03:11:24 +00:00
82ff942844
document complex_bundle. sync with kame
2001-02-22 02:42:43 +00:00
a5316a5fa5
sync with 2/22 code. -B and -Z,
...
bundle proposal interpretation, and some other fixes.
XXX WARNS?=0 in racoon/Makefile is necessary to compile yacc-generated files
(static function, generated by yacc, is never used).
2001-02-22 02:33:06 +00:00
98857d7198
KAME racoon as of 2001/2/22
2001-02-22 02:21:12 +00:00
1317273fae
sync up with 2.5.1.
...
this fixes backward compatibility breakage against 1.2.18 - 1.2.22.
2001-02-19 12:13:04 +00:00
10400c1d11
OpenSSH 2.5.1 as of 2001/2/19
2001-02-19 12:09:12 +00:00
c83dc32a4c
sync up with 2.5.0. simulate echobacks, X11 display name check, sftp upgrdes.
2001-02-16 15:48:34 +00:00
f02c06e047
OpenSSH 2.5.0 as of 2001/2/17
2001-02-16 15:41:22 +00:00
ce75fa5829
removed in 0.3e
2001-02-16 15:34:39 +00:00
72b00a4178
take the safest side, mandate rnd(4).
2001-02-14 04:46:58 +00:00
788df94479
update import date.
2001-02-14 01:22:02 +00:00
531a3ed838
sync with 2/14.
...
openssh changes:
- SIGWINCH propagated correctly
- mitigate SSH1 traffic analysis
- sprintf -> snprintf and lots of other cleanups
netbsd local changes:
- include OpenBSD RCSID into binary again, which helps us diagnose later.
2001-02-14 01:06:48 +00:00
da62f78331
OpenSSH 2.3.2 as of 2001/2/14
2001-02-14 00:53:01 +00:00
43c24b8340
undef ECHO to avoid a warning from the lex-generated code
2001-02-11 17:59:15 +00:00
7a01412798
fix merg-up
2001-02-11 17:58:27 +00:00
657da009a2
fix texinfo mark-up bug
2001-02-11 17:56:09 +00:00
465ad8fda9
fix merge-ups
2001-02-11 16:08:41 +00:00
be890e9bcf
fix merge conflicts
2001-02-11 14:13:07 +00:00
7a16662ba0
import of heimdal 0.3e
2001-02-11 13:51:06 +00:00
a7b1b8e49c
make sure to zero-fill malloced region. sync with openbsd/usr.bin/ssh
2001-02-09 14:39:47 +00:00
19fb6ccf8d
comment: function are named "arc4"foo just for easy porting.
2001-02-09 00:44:35 +00:00
e3045c89d8
sync with 2.3.2.
2001-02-08 19:02:14 +00:00
e5eae0162b
OpenSSH 2.3.2 as of 2001/2/9
2001-02-08 18:55:32 +00:00
7f8fa38080
authentication mistake in SSHv2 + pubkey, from markus.
...
REBUILD AND RESTART SSHD NOW.
(vulnerability window for netbsd-current - < 48hours)
2001-02-08 18:17:24 +00:00
fbfaba7e44
%30s is too short for IPv6 addrssses.
2001-02-08 10:08:53 +00:00
54bdd08634
fix size_t -> int cast. need checking with alpha...
2001-02-07 18:05:23 +00:00
3614dcc87c
unsigned long long -> %llu, not %qd
2001-02-07 18:01:30 +00:00
31c0f02be2
update date string
2001-02-07 17:07:07 +00:00
1f5cfca3e6
sync crypto/dist/ssh with re-importorted tree. try to minimize diffs
...
with openssh tree to ease future upgrade. re-do local changes, including:
- prototype pedants
- IgnoreRootRhosts
- login.conf user validation
some of the local changes that weren't used are omitted for now. we may
need to revisit those afterwards.
it adds "sftp".
2001-02-07 17:05:31 +00:00
9d3aa44a65
OpenSSH 2.3.1 as of 2001/2/8
2001-02-07 16:46:40 +00:00
a132b86864
remove redundant declarations
2001-02-04 22:55:26 +00:00
78463fc818
Remove the pid file upon exit.
2001-02-04 20:15:52 +00:00
thorpej