aboutsummaryrefslogtreecommitdiff
path: root/security
Commit message (Collapse)AuthorAgeFilesLines
* Update to today's OpenSSH.Brian Feldman1999-12-233-95/+109
| | | | | | | | | | | | The version is now 1.2.1, from 1.2. You can mv your old distfiles/OpenSSH-1.2 dir to distfiles/OpenSSH-1.2.1, if you want to not waste time/space. Some minor nits have been fixed, and a couple bugs. One sizeof(len) should have just been len, and, in markus's words, "fix get_remote_port() and friends for sshd -i". Notes: svn path=/head/; revision=23866
* Remove myself from MAINTAINERAndrey A. Chernov1999-12-231-1/+1
| | | | Notes: svn path=/head/; revision=23859
* Update to v1.0.1. (with correct gpg.1)Jun Kuriyama1999-12-236-34/+56
| | | | Notes: svn path=/head/; revision=23851
* update to 1.6.1Michael Haro1999-12-221-1/+3
| | | | Notes: svn path=/head/; revision=23820
* Update to 1.6.1Michael Haro1999-12-223-19/+8
| | | | Notes: svn path=/head/; revision=23819
* * Update portsentry to 1.0Chris D. Faulhaber1999-12-222-6/+6
| | | | | | | | | | | * Remove current MAINTAINER as email has been unreachable for weeks * Add dan@freebsddiary.com as MAINTAINER at his request PR: 15490 Submitted by: Dan Langille <dan@freebsddiary.com> Notes: svn path=/head/; revision=23809
* Upgrade to 1.5.Dirk Froemberg1999-12-222-3/+3
| | | | Notes: svn path=/head/; revision=23798
* Install sudoers in correct place.Satoshi Asami1999-12-171-6/+6
| | | | | | | Submitted by: jhb via cpiazza Notes: svn path=/head/; revision=23787
* Fix whitespace problem.Satoshi Asami1999-12-141-46/+38
| | | | | | | Submitted by: jedgar@fxp.org Notes: svn path=/head/; revision=23779
* Fix buffer overflow problem properly.Satoshi Asami1999-12-131-38/+46
| | | | | | | | Submitted by: kris Obtained from: bugtraq list (I believe) Notes: svn path=/head/; revision=23777
* For some reason etc/sudoers.sample isn't installed by the distfiles'sDavid E. O'Brien1999-12-101-0/+3
| | | | | | | Makefile any more. So install it manually. Notes: svn path=/head/; revision=23760
* Unbreak for 3.4-R by changing the MASTER_SITE path in case mharoChris Piazza1999-12-101-1/+1
| | | | | | | doesn't get to PR 15403 in time. Notes: svn path=/head/; revision=23745
* update to 1.6.Michael Haro1999-12-102-7/+4
| | | | | | | | had to remove manpage path corrections patch (patch-ac) because I don't have time till after Friday to work on this port more. Notes: svn path=/head/; revision=23708
* Back out my change from Oct.26, this was a misconfigured hack and shouldFoxfair Hu1999-12-091-5/+0
| | | | | | | | | never be taken. Pointed out by : maintainer. Notes: svn path=/head/; revision=23672
* Activate chrootuid.Don Lewis1999-12-091-0/+1
| | | | Notes: svn path=/head/; revision=23668
* The chrootuid command combines chroot(8) and su(1) into one program,Don Lewis1999-12-096-0/+59
| | | | | | | | | | | so that there is no need to have commands such as /usr/bin/su in the restricted environment. Access to the file system is restricted to the newroot subtree and privileges are restricted to those of the newuser account (which must be a known account in the unrestricted environment). Notes: svn path=/head/; revision=23667
* Change broken link to homepage to official oneAndrey A. Chernov1999-12-084-2/+4
| | | | Notes: svn path=/head/; revision=23659
* I've cleaned up ${CVS_DATE} usage a bit (keep spaces correctly), andBrian Feldman1999-12-085-61/+63
| | | | | | | | | | | | | updated to today's snapshot of OpenSSH. Various updates from the latest ${CVS_DATE}, and requisite patch changes, are the "big new thing". Nothing major has changed; the biggest ones would be using atomicio() in a lot of places and a fix for a SIGHUP not updating sshd(8)'s configuration until the next connection. Notes: svn path=/head/; revision=23652
* Update to 2.3 beta #9.David E. O'Brien1999-12-072-3/+3
| | | | | | | This speeds up OS scans. Notes: svn path=/head/; revision=23650
* The software's www page has been moved.SADA Kenji1999-12-071-1/+1
| | | | Notes: svn path=/head/; revision=23644
* In the meantime (while things are being worked and decided on on theBrian Feldman1999-12-065-22/+328
| | | | | | | | | | | | | | | | | | OpenBSD OpenSSH front), add ConnectionsPerPeriod to prevent DoS via running the system out of resources. In reality, this wouldn't be a full DoS, but would make a system slower, but this is a better thing to do than let the system get loaded down. So here we are, rate-limiting. The default settings are now: Five connections are allowed to authenticate (and not be rejected) in a period of ten seconds. One minute is given for login grace time. More work in this area is being done by alfred@FreeBSD.org and markus@OpenBSD.org, at the very least. This is, essentially, a stopgap solution; however, it is a properly implemented and documented one, and has an easily modifiable framework. Notes: svn path=/head/; revision=23622
* Under advisories, put RESTRICTED back. It more accurately reflectsBrian Feldman1999-12-061-0/+2
| | | | | | | | | | | reality, though. One file, cipher.c, calls cryptographic routines from external libraries. This really cannot encumber OpenSSH in any case, but I put RESTRICTED back since it would give people a false hope of being able to install the OpenSSH package but not the requisite, RESTRICTED (so nonexistant) openssl package. Notes: svn path=/head/; revision=23621
* Upgrade to l0pht-watch 1.1Kris Kennaway1999-12-063-11/+11
| | | | | | | Reviewed by: Maintainer Notes: svn path=/head/; revision=23620
* Good-bye, RESTRICTED.Brian Feldman1999-12-061-2/+0
| | | | | | | | | | | | | | | | Reasons: 1. It's not crypto. 2. It links with crypto. a. That crypto is in the public domain. b. Linking with crypto does not constitute cryptography. 3. Even if it were crypto, the description of the entire protocol, etc., is in the public domain. The RFC is PD in the USA, and the white paper in Europe. 4. Precedence? Even if it were crypto, the Bernstein case has set precedence for allowing export of that. But it's not even crypto. Notes: svn path=/head/; revision=23619
* Reduce LoginGraceTime from 10 minutes (!!!) to 30 seconds. More toBrian Feldman1999-12-041-2/+3
| | | | | | | come, soon. Notes: svn path=/head/; revision=23572
* fix buffer overflow in RSA{Public,Private}Decrypt. from CORE SDI.Chris Piazza1999-12-021-0/+42
| | | | Notes: svn path=/head/; revision=23554
* PORTLINT rules.Foxfair Hu1999-12-012-8/+6
| | | | Notes: svn path=/head/; revision=23544
* More portlint cleanup.Foxfair Hu1999-12-012-8/+8
| | | | Notes: svn path=/head/; revision=23543
* PORTLINT rules.Foxfair Hu1999-12-012-10/+10
| | | | Notes: svn path=/head/; revision=23542
* Upgrade nessus-plugins to 0.99.1 .Foxfair Hu1999-12-018-82/+126
| | | | Notes: svn path=/head/; revision=23541
* Upgrade to 0.99.1, and make portlint happy.Foxfair Hu1999-12-016-8/+12
| | | | Notes: svn path=/head/; revision=23540
* Active nessus-* ports.Foxfair Hu1999-12-011-0/+3
| | | | Notes: svn path=/head/; revision=23525
* PR: 14776Foxfair Hu1999-12-0110-0/+618
| | | | | | | | | | | Submitted by: Anders Nordby <anders@fix.no> Import the plugins for nessus, network security scanner program. WWW: http://www.nessus.org/ Notes: svn path=/head/; revision=23524
* PR: 14775Foxfair Hu1999-12-0110-0/+134
| | | | | | | | | | | | | | | | | | | | | Submitted by: Anders Nordby <anders@fix.no> NASL is a scripting language designed for the Nessus security scanner. Its aim is to allow anyone to write a test for a given security hole in a few minutes, to allow people to share their tests without having to worry about their operating system, and to garantee everyone that a NASL script can not do anything nasty except performing a given security test against a given target. NASL is not a powerful scripting language. Its purpose is to make scripts that are security tests. So, do not expect to write a third generation web server in this language, nor a file conversion utility. Use perl, python or whatever scripting language to do this. WWW: http://www.nessus.org/doc/nasl.html Notes: svn path=/head/; revision=23523
* PR: 14774Foxfair Hu1999-12-0110-0/+126
| | | | | | | | Submitted by: Anders Nordby <anders@fix.no> Split nessus-libraries from nessus port. Notes: svn path=/head/; revision=23522
* PR: ports/14773Foxfair Hu1999-12-0110-522/+182
| | | | | | | | | Submitted by: maintainer Update to 0.99.1, and disable nessus for compiling in -current. Original patch submitted by the maintainer, and some fixes from me. Notes: svn path=/head/; revision=23521
* Update one of the master sites.Archie Cobbs1999-11-301-1/+1
| | | | | | | Submitted by: Brent <brent@kearneys.ca> Notes: svn path=/head/; revision=23507
* Add the PAM SSH RSA key authentication module. For example, you can add,Brian Feldman1999-11-295-6/+373
| | | | | | | | | | | | "login auth sufficient pam_ssh.so" to your /etc/pam.conf, and users with a ~/.ssh/identity can login(1) with their SSH key :) PR: 15158 Submitted by: Andrew J. Korty <ajk@waterspout.com> Reviewed by: obrien Notes: svn path=/head/; revision=23497
* Update to a current CVS_DATE. The only real change I see is the (big)Brian Feldman1999-11-284-155/+157
| | | | | | | | | | change of KNFization being finalized :) Patches had to be modified, but should look "better" according to style(9), now. Notes: svn path=/head/; revision=23479
* Change CFLAGS to get modified in Makefile.inc, fixing theBrian Feldman1999-11-282-4/+6
| | | | | | | | | problem several people have reported with make.conf setting ${CFLAGS}. Partially submitted by: Jos Backus <Jos.Backus@nl.origin-it.com> Notes: svn path=/head/; revision=23476
* Update to 0.6.1Nick Sayer1999-11-282-4/+4
| | | | | | | Submitted by: sascha@schumann.cx Notes: svn path=/head/; revision=23462
* Re-importing in net.Steve Price1999-11-261-1/+0
| | | | | | | Suggested by: kris Notes: svn path=/head/; revision=23423
* Activate the dante and p5-Authen-PAM ports.Steve Price1999-11-261-0/+2
| | | | Notes: svn path=/head/; revision=23404
* Initial import of p5-Authen-PAM version 0.08.Steve Price1999-11-265-0/+35
| | | | | | | | | | A Perl interface to the PAM library. PR: 14137 Submitted by: Matt Behrens <matt@zigg.com> Notes: svn path=/head/; revision=23403
* Forgot a lineChris Piazza1999-11-251-0/+1
| | | | Notes: svn path=/head/; revision=23333
* Patches are now available from www.ssh.org/patchesChris Piazza1999-11-252-2/+5
| | | | | | | Submitted by: Issei Suzuki <issei@jp.freebsd.org> Notes: svn path=/head/; revision=23332
* Removed an obsoleted patch.SADA Kenji1999-11-241-4/+0
| | | | | | | | PR: 15059 Submitted by: Maintainer Notes: svn path=/head/; revision=23303
* Also, set SSH_PROGRAM correctly.Brian Feldman1999-11-241-1/+1
| | | | Notes: svn path=/head/; revision=23297
* Update the CVS_DATE. This brings in support for TIS authentication,Brian Feldman1999-11-2421-298/+578
| | | | | | | | | | | | | | | | | | | | | obsoleting a couple patches (it's the same code, though, except for additions). This also brings in KNFization of everything (please hold the cheering down :) and made me reroll all my patches. My patches have been almost entirely rewritten. The places are the same, but the code's rewritten. It fits with the style (KNF) now, and looks better. I've also added strlcat.c to the build, which, just like strlcpy.c, is necessary for compatibility with older libcs. After strlcat() snuck into the OpenSSH code recently, this would prevent OpenSSH from building on (e.g.) FreeBSD 3.2. Adding it to ssh/lib/ makes it work yet again :) Notes: svn path=/head/; revision=23296
* Correct ssh-keygen usage.Brian Feldman1999-11-231-1/+1
| | | | | | | Submitted by: Larry Baird <lab@gta.com> Notes: svn path=/head/; revision=23275
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-14 11:08:02 +0000