Commit Graph

3776 Commits

Author SHA1 Message Date
Darren Tucker
23bc8d0bff - markus@cvs.openbsd.org 2004/01/30 09:48:57
[auth-passwd.c auth.h pathnames.h session.c]
     support for password change; ok dtucker@
     (set password-dead=1w in login.conf to use this).
     In -Portable, this is currently only platforms using bsdauth.
2004-02-06 16:24:31 +11:00
Darren Tucker
819d4526ca Add bug no. 2004-02-06 16:18:47 +11:00
Darren Tucker
e45674ae80 - (dtucker) [openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Restore
previous authdb setting after auth calls.  Fixes problems with setpcred
   failing on accounts that use AFS or NIS password registries.
2004-02-06 16:17:51 +11:00
Darren Tucker
ecc9d46dc5 - (dtucker) [sshd.c] Bug #757: Clear child's environment to prevent
accidentally inheriting from root's environment.  ok djm@
2004-02-06 16:04:08 +11:00
Darren Tucker
f58fb7e727 - (dtucker) [configure.ac] Bug #748: Always define BROKEN_GETADDRINFO
for HP-UX 11.11.  If there are known-good configs where this is not
   required, please report them.  ok djm@
2004-02-06 15:59:06 +11:00
Darren Tucker
ef3a4a208c - (dtucker) [session.c] Bug #789: Do not call do_pam_setcred as a non-root
user, since some modules might fail due to lack of privilege.  ok djm@
2004-02-06 15:30:50 +11:00
Darren Tucker
6977fe742b - (dtucker) [cipher-acss.c cipher.c] Enable acss only if building with
OpenSSL >= 0.9.7.  ok djm@
2004-02-06 15:26:10 +11:00
Darren Tucker
9976246dfd - (dtucker) [acss.c acss.h] Fix $Id tags. 2004-02-06 15:22:43 +11:00
Darren Tucker
6f737f422c Minor wording change 2004-01-30 15:00:50 +11:00
Darren Tucker
2df334380b - (dtucker) [configure.ac openbsd-compat/bsd-cray.c openbsd-compat/bsd-cray.h]
Bug #775: Cray fixes from wendy at cray.com
2004-01-30 14:34:21 +11:00
Darren Tucker
dcc736b7de - (dtucker) [configure.ac] Add --without-zlib-version-check. Feedback from
tim@, ok several
2004-01-30 14:20:59 +11:00
Darren Tucker
46662bfc21 - djm@cvs.openbsd.org 2004/01/13 09:49:06
[sftp-batch.sh]
     don't delete thyself when running without obj/ ; ok markus@
2004-01-30 13:02:55 +11:00
Darren Tucker
633f3e0dd0 - jmc@cvs.openbsd.org 2003/11/07 10:16:44
[ssh-com.sh]
     adress -> address, and a few more; all from Jonathon Gray;
2004-01-30 13:00:29 +11:00
Darren Tucker
22991ba2e2 - dtucker@cvs.openbsd.org 2003/10/11 11:49:49
[Makefile banner.sh]
     Test missing banner file, suppression of banner with ssh -q, check return
     code from ssh.  ok markus@
2004-01-30 12:58:51 +11:00
Darren Tucker
77970695de - (dtucker) [moduli] Import new moduli file from OpenBSD. 2004-01-28 15:44:04 +11:00
Darren Tucker
4f9f6794c5 - (dtucker) [regress/README.regress] Add tcpwrappers issue, noted by tim@ 2004-01-28 12:26:14 +11:00
Damien Miller
ec69203e45 - djm@cvs.openbsd.org 2004/01/27 10:08:10
[sftp.c]
     reorder parsing so user:skey@host:file works (bugzilla #777)
     patch from admorten AT umich.edu; ok markus@
2004-01-27 21:22:00 +11:00
Damien Miller
f6723f08e0 - djm@cvs.openbsd.org 2004/01/25 03:49:09
[sshconnect.c]
     reset nonblocking flag after ConnectTimeout > 0 connect; (bugzilla #785)
     from jclonguet AT free.fr; ok millert@
2004-01-27 21:21:27 +11:00
Damien Miller
b2d1c2b3b8 - hshoexer@cvs.openbsd.org 2004/01/23 19:26:33
[cipher.c]
     rename acss@opebsd.org to acss@openssh.org
     ok deraadt@
2004-01-27 21:20:59 +11:00
Damien Miller
b21be84471 - mouring@cvs.openbsd.org 2004/01/23 17:57:48
[sftp-int.c]
     Fix issue pointed out with ls not handling large directories
     with embeded paths correctly.  OK damien@
2004-01-27 21:20:11 +11:00
Damien Miller
4f0fe684da - (djm) OpenBSD CVS Sync
- hshoexer@cvs.openbsd.org 2004/01/23 17:06:03
     [cipher.c]
     enable acss for ssh
     ok deraadt@ markus@
 - (djm) [acss.c acss.h cipher-acss.c] Portable support for ACSS
   if libcrypto lacks it
2004-01-27 21:19:21 +11:00
Tim Rice
01326ebada [defines.h openbsd-compat/getrrsetbyname.h] Move defines for HFIXEDSZ
and T_SIG to getrrsetbyname.h
2004-01-26 21:40:35 -08:00
Tim Rice
2597bfd1fb [configure.ac includes.h] add <sys/ptms.h> for grantpt() and friends. 2004-01-26 19:03:39 -08:00
Tim Rice
ba1c2b82c4 [defines.h] Add defines for HFIXEDSZ and T_SIG 2004-01-26 16:02:17 -08:00
Tim Rice
eafd8e9c55 20040126
[regress/test-exec.sh] RhostsAuthentication is deprecated.
2004-01-26 14:10:10 -08:00
Tim Rice
3084a6198c Typo in regress/README.regress 2004-01-26 09:37:09 -08:00
Damien Miller
6814411b3e - (djm) Typo in openbsd-compat/bsd-openpty.c; from wendyp AT cray.com 2004-01-24 13:50:39 +11:00
Tim Rice
fcb6220da0 [configure.ac] Remove hard coded -L/usr/local/lib and
-I/usr/local/include. Users can do LDFLAGS="-L/usr/local/lib" \
CPPFLAGS="-I/usr/local/include" ./configure if needed.
2004-01-23 18:35:16 -08:00
Darren Tucker
3c78c5ed2f - (dtucker) [acconfig.h configure.ac includes.h servconf.c session.c]
Change AFS symbol to USE_AFS to prevent namespace collisions, do not
   include kafs.h unless necessary.  From deengert at anl.gov.

For consistency, all of the libkafs bits are now inside "#if defined(KRB5)
&& defined(USE_AFS)".
2004-01-23 22:03:10 +11:00
Darren Tucker
6369958301 - (dtucker) [contrib/cygwin/README] Document new ssh-host-config options.
Patch from vinschen at redhat.com.
2004-01-23 21:35:44 +11:00
Darren Tucker
2dcd2393f4 - (dtucker) [configure.ac] Bug #788: Test for zlib.h presence and for
zlib >= 1.1.4.  Partly from jbasney at ncsa.uiuc.edu.  ok djm@
2004-01-23 17:13:33 +11:00
Damien Miller
84938141d4 - (djm) Bug #776: Update contrib/redhat/openssh.spec to dynamically detect
Kerberos location (and thus work with Fedora Core 1);
   from jason AT devrandom.org
2004-01-23 16:30:03 +11:00
Damien Miller
d352636553 - (djm) Do pam_session processing for systems with HAVE_LOGIN_CAP; from
ralf.hack AT pipex.net; ok dtucker@
2004-01-23 14:16:26 +11:00
Tim Rice
c900128e55 [contrib/solaris/buildpkg.sh] Allow for the possibility of
/usr/local being a symbolic link. Fixes problem reported by Henry Grebler.
2004-01-22 16:10:03 -08:00
Darren Tucker
7fe8b72771 - (dtucker) [session.c] Enable AFS support in conjunction with KRB5 not
just HEIMDAL.

Currently this will make no difference, as only Heimdal (which defines KRB5
anyway) has libkafs, however a libkafs that works with MIT may become
available.  In that case it will be used too.
2004-01-22 12:48:26 +11:00
Darren Tucker
1d3ca58705 - (dtucker) [configure.ac] Use krb5-config where available for Kerberos/
GSSAPI detection, libs and includes.  ok djm@
2004-01-22 12:05:34 +11:00
Damien Miller
f4da3bb6ca - deraadt@cvs.openbsd.org 2004/01/11 21:55:06
[sshpty.c]
     for pty opening, only use the openpty() path.  the other stuff only needs
     to be in openssh-p; markus ok
 - (djm) [openbsd-compat/bsd-openpty.c] Rework old sshpty.c code into an
   openpty() replacement
2004-01-21 17:07:16 +11:00
Damien Miller
e4f5a82d6e - djm@cvs.openbsd.org 2004/01/21 03:07:59
[sftp.c]
     initialise infile in main, rather than statically - from portable
2004-01-21 14:11:05 +11:00
Damien Miller
fb1310eded - markus@cvs.openbsd.org 2004/01/19 21:25:15
[auth2-hostbased.c auth2-pubkey.c serverloop.c ssh-keysign.c sshconnect2.c]
     fix mem leaks; some fixes from Pete Flugstad; tested dtucker@
2004-01-21 11:02:50 +11:00
Damien Miller
a04ad496f6 - markus@cvs.openbsd.org 2004/01/19 09:24:21
[channels.c]
     fake consumption for half closed channels since the peer is waiting for
     window adjust messages; bugzilla #790 Matthew Dillon; test + ok dtucker@
     reproduce with sh -c 'ulimit -f 10; ssh host -n od /bsd | cat > foo'
2004-01-21 11:02:09 +11:00
Damien Miller
f84fed6f71 - markus@cvs.openbsd.org 2004/01/13 19:45:15
[compress.c]
     cast for portability; millert@
2004-01-21 11:01:23 +11:00
Damien Miller
8f341f8b8b - markus@cvs.openbsd.org 2004/01/13 19:23:15
[compress.c session.c]
     -Wall; ok henning
2004-01-21 11:00:46 +11:00
Damien Miller
86a396857d - jmc@cvs.openbsd.org 2004/01/13 12:17:33
[sftp.1]
     remove unnecessary Ic's;
     kill whitespace at EOL;

     ok djm@
2004-01-21 11:00:04 +11:00
Damien Miller
44f75c14f6 - djm@cvs.openbsd.org 2004/01/13 09:25:05
[sftp-int.c sftp.1 sftp.c]
     Tidy sftp batchmode handling, eliminate junk to stderr (bugzilla #754) and
     enable use of "-b -" to accept batchfile from stdin; ok markus@
2004-01-21 10:58:47 +11:00
Darren Tucker
a8df9248ce - (dtucker) [auth-pam.c] Add minor debugging. 2004-01-15 00:15:07 +11:00
Darren Tucker
7ae0962798 - (dtucker) [auth-pam.c] Reset signal handler in pthread_cancel too, add
test for case where cleanup has already run.
2004-01-14 23:07:56 +11:00
Darren Tucker
749bc95bd8 - (dtucker) [auth-pam.c] Have monitor die if PAM authentication thread exits
unexpectedly.  with & ok djm@
2004-01-14 22:14:04 +11:00
Darren Tucker
1b27c8fbcb - (dtucker) [auth-pam.c] Relocate struct pam_ctxt and prototypes. No
functional changes.

This is in preparation for a change to catch the authentication thread
exitting unexpectedly, to split functional and cosmetic changes.
2004-01-13 22:35:58 +11:00
Darren Tucker
fd0894adae - (dtucker) [configure.ac] Remove extra (typo) comma. 2004-01-09 00:19:25 +11:00
Darren Tucker
0234e8607f - (dtucker) [auth-pam.c defines.h] Bug #783: move __unused to defines.h and
only define if not already.  From des at freebsd.org.
2004-01-08 23:32:04 +11:00