Commit Graph

121 Commits

Author SHA1 Message Date
simonb 3cc4829557 Fix printf format with sizeof(). 2001-01-16 02:20:19 +00:00
toshii a230982a45 Catch up with sshd config file entry changes.
Now we need to explicitly set DSA key location to use protocol version 2.
2001-01-15 06:13:08 +00:00
itojun a98ee796df $NetBSD$ 2001-01-14 05:28:01 +00:00
itojun a0f7a7d829 crypto/dist/ssh: resolve conflicts with 2.3.0/20010105.
usr.bin/ssh: add ssh-keyscan and sftp-server into SUBDIR.
2001-01-14 05:22:31 +00:00
itojun bfbf0e0d31 NetBSD Secure Shell, based on OpenSSH 2.3.0 around 1/5/2001 2001-01-14 04:49:51 +00:00
lukem 286bcc01a3 don't use LOG_CONS 2001-01-11 02:58:05 +00:00
christos 339f061e38 remove redundant decls 2001-01-07 23:21:44 +00:00
mycroft feb89c799a Add a COMPATIBILITY section, mentioning the lossage with IDEA-encrypted keys. 2001-01-07 20:48:06 +00:00
christos 6b02df2bb5 remove redundant decl. 2001-01-07 05:44:03 +00:00
christos 1473c569f5 eliminated redundant decl. 2001-01-07 00:01:16 +00:00
christos 2c1245f292 eliminate redundant declarations. 2001-01-06 23:30:57 +00:00
itojun cbf1717a72 do not allow outsider from injecting syslog entry anonymously.
log peer's ip address instead.
openbsd PR 1600.
2001-01-05 06:33:36 +00:00
itojun b1375d5035 do not look at environment variables if issetugid() == 0.
use random number device file as the default value.
from openbsd.
2001-01-05 06:22:32 +00:00
lukem f819878ce7 use more standard %ll_ in favour of %q_ 2001-01-04 15:39:50 +00:00
itojun 650239ad74 fix error return (0 -> -1). sync with kame. 2001-01-04 06:16:38 +00:00
itojun f2b75fc51d sync with kame: NULL != 0 2001-01-02 05:08:43 +00:00
itojun 5a3fc2bdaa PR 11715
- kerberos is in chapter 8, not 7
- ftp(1) is not kerberized.
2000-12-31 07:45:50 +00:00
toshii 3a0975845b Enable TCP_NODELAY socket option also for interactive IPv6 connections.
TCP_NODELAY isn't IPv4 only.
2000-12-30 14:54:38 +00:00
itojun 1a9f8a405b change pathname to netbsd-oriented 2000-12-29 03:12:59 +00:00
assar 492d9092b5 merge fix-ups 2000-12-29 02:52:35 +00:00
itojun 69fd2e0f90 location of manpage 2000-12-29 02:32:42 +00:00
itojun 57ebd1b3c8 KAME racoon, 2000/12/29 2000-12-29 02:25:05 +00:00
itojun 349ac51600 KAME libipsec/libpfkey, 2000/12/29 2000-12-29 02:24:40 +00:00
assar 8905d28796 was removed in krb4-1.0.5 2000-12-29 02:07:25 +00:00
assar a842a70c3c merge 2000-12-29 01:52:14 +00:00
assar 2d80b20be2 import krb4-1.0.5 2000-12-29 01:42:08 +00:00
fvdl be812c01d9 Remove redundant forward declaration of krb5_cache_data struct. 2000-12-24 12:17:21 +00:00
itojun 5389a2b390 cope with embedded KAME scopeid. getifaddrs() expose kernel internal format
to the userland.
2000-12-21 03:58:52 +00:00
nathanw 1cc86f8ba4 Check the return value of krb5_init_context(), and bail out if it failed.
Also, when failing, don't try to use the non-initialized context value
to determine the error text.

This avoids dumping core in the following programs when /etc/krb5.conf is
missing or broken: klist, kdestroy, kpasswd, kadmin, kadmind, ktutil, kdc.

XXX Better error reporting in this failure case would be nice.
2000-12-19 21:31:11 +00:00
assar 2eabd5aae0 (tf_create): remove the overwriting of the old ticket file 2000-12-09 00:53:52 +00:00
assar 71d1fbbd25 (kdc_reply_cipher): fix buffer over-run 2000-12-09 00:53:21 +00:00
assar a32b774256 remove (obsolete) support for environment variables. 2000-12-09 00:51:46 +00:00
thorpej ecf24d1394 Use getifaddrs() if HAVE_GETIFADDRS is defined. 2000-12-03 20:21:03 +00:00
thorpej 074a0c939d In krb5_sendto(), try the send/recv *inside* the loop through the
addinfos, so that e.g. if we fail to connect with an IPv6 address,
we can fall back onto an IPv4 address.
2000-12-02 01:53:08 +00:00
fvdl c9366a8efe Fix reversed test. 2000-11-20 14:08:12 +00:00
mason 18a6237381 s/usefull/useful/ 2000-11-20 06:42:05 +00:00
itojun 40ad5fc4c1 correct validation on X11 forwarding. from markus@openbsd 2000-11-13 02:30:38 +00:00
joda 25f03b52f9 remove extra .Xc 2000-11-12 15:40:19 +00:00
is d2b5345f10 When forwarding a connection, use the right descriptor to get IP options.
Fixes PR 11261 my Michael Eriksson, using his patch.
2000-11-07 16:06:24 +00:00
fvdl e22c13589c Make gss_acquire_cred actually work. Add a ccache member to the id_t struct
to store alternate creds, retrieved from a keytab. Make gss_init_sec_context
work with creds != GSS_C_NO_CREDENTIAL. Free ccache in id_t in release_cred.
2000-11-06 15:06:51 +00:00
christos 392621627b always attempt to canonicalize hostnames, not only when the hostname
does not contain a dot.
2000-11-05 20:09:08 +00:00
mason 43bcdca61e Apply the following:
-       static u_int16_t n = HASH_MINSIZE / HASH_ENTRYSIZE;
+       static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE;

...so that large packets do not wrap "n".
2000-10-30 18:58:37 +00:00
veego 923459b8ef Print a newline after 'You entered the wrong passphrase.' 2000-10-29 08:55:59 +00:00
itojun f3f11aec78 make version identification string conform to SSH version string format.
version format must be like:
	SSH-[0-9]*.[0-9]*-[^-]*( .*)?
and previous string did not conform to the requirement (too many hyphens).
based on comment from markus@openbsd (openssh maintainer)
2000-10-28 13:41:55 +00:00
joda 4b39e2fe3f fix v4 fallback lifetime calculation 2000-10-27 14:44:08 +00:00
simonb dc0fe34aa7 Reduce swap_bytes() to a non-alignment dependent implementation - some
calls to swap_bytes() do indeed have non-aligned sources and destinations.
Fixes unaligned access problems on alpha and probably some of our other
architectures.
2000-10-23 11:40:55 +00:00
mycroft 968a585ab4 Fix formatting error. 2000-10-20 18:01:26 +00:00
martin 6a12425bca We have renamed the configuration file, adapt the documentation. 2000-10-20 12:40:34 +00:00
bouyer e33acbd7b7 Correct printf format (used with integers, not longs). 2000-10-19 15:10:33 +00:00
taca c011ac8db6 - Correct missing closedir(3) in SSL_add_dir_cert_subjects_to_stack().
This should be fix the bug that apache enabled SSL may exhaust its
  file descriptors.  Noted by TAKANO Yuji <takachan@running-dog.net>
  on apache@ecc.u-tokyo.ac.jp, apache mailing list in Japanese.

  He had already sent a bug report to openssl-dev@openssl.org, but it
  wasn't fixed in openssl-0.9.6.  :-(
2000-10-13 01:47:27 +00:00