Commit Graph

163 Commits

Author SHA1 Message Date
Darren Tucker
9f18be63ab - (dtucker) [acconfig.h configure.ac uidswap.c] Prefer setuid/setgid on AIX. 2003-09-06 16:44:39 +10:00
Darren Tucker
49aaf4ad52 - (dtucker) [Makefile.in acconfig.h auth-krb5.c auth-pam.c auth-pam.h
configure.ac defines.h gss-serv-krb5.c session.c ssh-gss.h sshconnect1.c
   sshconnect2.c] Add Portable GSSAPI support, patch by Simon Wilkinson.
2003-08-26 11:58:16 +10:00
Darren Tucker
e41bba5847 - (dtucker) [acconfig.h auth.c configure.ac sshd.8] Bug #422 again: deny
any access to locked accounts.  ok djm@
2003-08-25 11:51:19 +10:00
Darren Tucker
6aaa58c470 - (dtucker) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2003/07/22 13:35:22
     [auth1.c auth.h auth-passwd.c monitor.c monitor.h monitor_wrap.c
     monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c ssh.1
     ssh.c ssh_config.5 sshconnect1.c sshd.c sshd_config.5 ssh.h]
     remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1);
     test+ok henning@
 - (dtucker) [Makefile.in acconfig.h configure.ac] Remove KRB4/AFS support.
 - (dtucker) [auth-krb4.c radix.c radix.h] Remove KRB4/AFS specific files.

I hope I got this right....
2003-08-02 22:24:49 +10:00
Darren Tucker
5c6a91a39d - (dtucker) [acconfig.h configure.ac port-aix.c] Older AIXes don't declare
loginfailed at all, so assume 3-arg loginfailed if not declared.
2003-07-14 16:21:44 +10:00
Darren Tucker
a0c0b63112 - (dtucker) [acconfig.h auth-passwd.c configure.ac session.c port-aix.[ch]]
Include AIX headers for authentication functions and make calls match
   prototypes.  Test for and handle 3-args and 4-arg variants of loginfailed.
2003-07-08 20:52:12 +10:00
Damien Miller
af63951c57 - (djm) Put licenses on substantial header files 2003-06-11 22:51:32 +10:00
Damien Miller
5fe46a45c8 - (djm) Implement paranoid priv dropping checks, based on:
"SetUID demystified" - Hao Chen, David Wagner and Drew Dean
   Proceedings of USENIX Security Symposium 2002
2003-06-05 09:53:31 +10:00
Damien Miller
35276253a6 - (djm) Replace setproctitle replacement with code derived from
UCB sendmail
2003-06-03 10:14:28 +10:00
Damien Miller
7e1bbc55af - (djm) Remove IPv4 by default hack now that we can specify AF in config 2003-05-18 20:52:40 +10:00
Damien Miller
d9ec370ac3 - (djm) Import getrrsetbyname() function from OpenBSD libc (for DNS support) 2003-05-15 12:27:08 +10:00
Damien Miller
7abe09bf86 - (djm) Configure glue for DNS support (code doesn't work in portable yet) 2003-05-15 10:53:49 +10:00
Darren Tucker
c437cda328 - (dtucker) Bug #536: Test for and work around openpty/controlling tty
problem on Linux (fixes "could not set controlling tty" errors).

Also renames STREAMS_PUSH_ACQUIRES_CTTY to the more generic SSHD_ACQUIRES_CTTY
and moves the Solaris-specific comments to configure.ac.
2003-05-10 17:05:46 +10:00
Darren Tucker
3c01654deb - (dtucker) Bug #544: ignore invalid cmsg_type on Linux 2.0 kernels,
privsep should now work.
2003-05-02 20:48:21 +10:00
Damien Miller
933cc8fb9c - (djm) Bug #245: TTY problems on Solaris. Fix by stevesk@ and
dtucker@zip.com.au
2003-03-10 11:38:10 +11:00
Damien Miller
cd6853c31c - (djm) Search libposix4 and librt for nanosleep. From dtucker@zip.com.au
and openssh-unix-dev@thewrittenword.com
2003-01-28 11:33:42 +11:00
Damien Miller
ec201964e4 - (djm) Rework openbsd-compat/setproctitle.c a bit: move emulation type
detection to configure.ac. Prompted by stevesk@
2003-01-13 10:04:58 +11:00
Damien Miller
e832819cf7 - (djm) Bug #26: Use local mkstemp() rather than glibc's silly one. Fixes
Can't pass KRB4 TGT passing. Fix from: jan.iven@cern.ch
2003-01-07 15:18:32 +11:00
Tim Rice
81ed518b9b Cray fixes (bug 367) based on patch from Wendy Palm @ cray.
This does not include the deattack.c fixes.
2002-09-25 17:38:46 -07:00
Tim Rice
40017b0e7a (bal/tim) [acconfig.h configure.ac monitor_mm.c servconf.c
openbsd-compat/Makefile.in] support compression on platforms that
  have no/broken MAP_ANON. Moved code to openbsd-compat/xmmap.c
  Based on patch from nalin@redhat.com of code extracted from Owl's package
2002-07-14 13:36:49 -07:00
Ben Lindstrom
99a4e14fe0 - (bal) NO_IPPORT_RESERVED_CONCEPT used instead of CYGWIN so other platforms
lacking that concept can share it. Patch by vinschen@redhat.com
2002-07-09 14:06:40 +00:00
Tim Rice
9dd30817ef [acconfig.h configure.ac sshd.c] s/BROKEN_FD_PASSING/DISABLE_FD_PASSING/ 2002-07-07 13:43:36 -07:00
Tim Rice
8eff319298 [acconfig.h configure.ac sshd.c] BROKEN_FD_PASSING fix from Markus
for Cygwin, Cray, & SCO
2002-06-25 15:35:15 -07:00
Ben Lindstrom
6b0c96ab59 - (bal) if mmap() is substandard, don't allow compression on server side.
Post 'event' we will add more options.
2002-06-25 03:22:03 +00:00
Kevin Steves
34f0d8f404 - (stevesk) [INSTALL acconfig.h configure.ac defines.h] remove --with-rsh 2002-06-24 16:26:49 +00:00
Ben Lindstrom
837461bf9a - (bal) Build noop setgroups() for cygwin to clean up code (For other
platforms without the setgroups() requirement, you MUST define
   SETGROUPS_NOOP in the configure.ac) Based on patch by vinschen@redhat.com
2002-06-12 16:57:14 +00:00
Damien Miller
f58c672f0e - (djm) Add --with-privsep-path configure option 2002-05-13 13:15:42 +10:00
Damien Miller
80080753cd - (djm) Add --with-superuser-path=xxx configure option to specify what $PATH
the superuser receives.
2002-05-13 10:56:51 +10:00
Kevin Steves
0ea1d9d1f2 - (stevesk) [acconfig.h auth-passwd.c configure.ac sshd.c] HP-UX 10.26
support.  bug #184.  most from dcole@keysoftsys.com.
2002-04-25 18:17:04 +00:00
Kevin Steves
5feaaefaf2 - (stevesk) [acconfig.h configure.ac session.c] LOGIN_NO_ENDOPT for HP-UX 2002-04-23 20:45:55 +00:00
Kevin Steves
03df6cd83c - (stevesk) [acconfig.h] NEED_IN_SYSTM_H unused 2002-04-23 20:11:13 +00:00
Damien Miller
f1b9d11a3e - (djm) Bug #214: Fix utmp for Irix (don't strip "tty"). Patch from
Kevin Taylor <no@nowhere.org> (??) via Philipp Grau
   <phgrau@zedat.fu-berlin.de>
2002-04-23 23:09:19 +10:00
Damien Miller
fd4c9eee25 - (djm) Add KrbV support patch from Simon Wilkinson <simon@sxw.org.uk> 2002-04-13 11:04:40 +10:00
Tim Rice
813f0452ed [acconfig.h defines.h includes.h] put includes in includes.h and
defines in defines.h [rijndael.c openbsd-compat/fake-socket.h
openbsd-compat/inet_aton.c] include "includes.h" instead of "config.h"
ok stevesk@
2002-04-11 20:35:39 -07:00
Kevin Steves
7ff911216b - (stevesk) --with-privsep-user; default sshd 2002-04-07 19:22:54 +00:00
Kevin Steves
a44e0351ee - (stevesk) HAVE_CONTROL_IN_MSGHDR; not used right now.
Future: we may want to test if fd passing works correctly.
2002-04-07 16:18:03 +00:00
Ben Lindstrom
fdee8ef0ac - (bal) We no longer use atexit()/xatexit()/on_exit() 2002-04-06 23:52:02 +00:00
Ben Lindstrom
924144e650 - (bal) Too many <sys/queue.h> issues. Remove all workarounds and
using internal version only.
2002-04-05 20:23:35 +00:00
Ben Lindstrom
a42694fa25 - (bal) Patch for OpenSC SmartCard library; ok markus@; patch by
Juha Yrjölä <jyrjola@cc.hut.fi>
 - (bal) Minor documentation update to reflect smartcard library
   support changes.
2002-04-05 16:11:45 +00:00
Kevin Steves
4846f4ab69 - (stevesk) configure and cpp __FUNCTION__ gymnastics to handle nielsisms 2002-03-22 18:19:53 +00:00
Kevin Steves
939c9db9b1 - (stevesk) HAVE_ACCRIGHTS_IN_MSGHDR configure support 2002-03-22 17:23:25 +00:00
Tim Rice
4cec93faed Bug 12 [configure.ac] add sys/bitypes.h to int64_t tests
based on patch by mooney@dogbert.cc.ndsu.nodak.edu (Tim Mooney)
Bug 45 [configure.ac] modify skey test to work around conflict with autoconf
reported by nolan@naic.edu (Michael Nolan)
patch by  Pekka Savola <pekkas@netcore.fi>
Bug 74 [configure.ac defines.h] add sig_atomic_t test
reported by dwd@bell-labs.com (Dave Dykstra)
Bug 102 [defines.h] UNICOS fixes. patch by wendyp@cray.com
[configure.ac Makefile.in] link libwrap only with sshd
based on patch by Maciej W. Rozycki <macro@ds2.pg.gda.pl>
Bug 123 link libpam only with sshd
reported by peak@argo.troja.mff.cuni.cz (Pavel Kankovsky)
[configure.ac defines.h] modify previous SCO3 fix to not break Solaris 7
[acconfig.h] remove unused HAVE_REGCOMP
2002-02-26 08:40:48 -08:00
Damien Miller
6c21c51c48 - (djm) autoconf hacking:
- We don't support --without-zlib currently, so don't allow it.
   - Rework cryptographic random number support detection. We now detect
     whether OpenSSL seeds itself. If it does, then we don't bother with
     the ssh-rand-helper program. You can force the use of ssh-rand-helper
     using the --with-rand-helper configure argument
   - Simplify and clean up ssh-rand-helper configuration
2002-01-22 21:57:53 +11:00
Ben Lindstrom
c97b1affc5 - (bal) PCRE no longer required. Banished from the source along with
fake-regex.h
2001-12-07 17:20:47 +00:00
Tim Rice
e589a299a1 [ contrib/caldera/openssh.spec contrib/caldera/sshd.init]
Updates from Raymund Will <ray@caldera.de>
[acconfig.h configure.in] Clean up login checks.
Problem reported by Jim Knoble <jmknoble@pobox.com>
2001-11-03 11:09:32 -08:00
Tim Rice
13aae5ee76 [configure.in] Clean up library testing.
Add optional PATH to --with-pcre, --with-zlib, --with-tcp-wrappers
based on patch by albert chin (china@thewrittenword.com)

Re-arange AC_CHECK_HEADERS and AC_CHECK_FUNCS for eaiser reading
of patches to configure.in

Replace obsolete AC_STRUCT_ST_BLKSIZE with AC_CHECK_MEMBERS

Add test for broken dirname() on Solaris 2.5.1 by
Dan Astoorian <djast@cs.toronto.edu>

[acconfig.h aclocal.m4 defines.h configure.in]
Better socklen_t patch by albert chin (china@thewrittenword.com)

[scp.c]
Replace obsolete HAVE_ST_BLKSIZE with HAVE_STRUCT_STAT_ST_BLKSIZE

[Makefile.in] When running make in top level, always do make in openbsd-compat
patch by Dave Dykstra <dwd@bell-labs.com>
2001-10-21 17:53:58 -07:00
Kevin Steves
50abba560c - (stevesk) sun_len, SUN_LEN() configure stuff no longer required 2001-09-20 19:43:41 +00:00
Damien Miller
85de580adc - (djm) Configure support for smartcards 2001-09-18 14:01:11 +10:00
Damien Miller
58be738ac8 - (djm) Make sure rijndael.c picks config.h
- (djm) Ensure that u_char gets defined
2001-09-15 21:31:54 +10:00
Ben Lindstrom
19d7b8d3fa - (bal) QNX resync. OK tim@ 2001-08-16 00:09:49 +00:00