259065 |
07-Dec-2013 |
gjb |
- Copy stable/10 (r259064) to releng/10.0 as part of the 10.0-RELEASE cycle. - Update __FreeBSD_version [1] - Set branch name to -RC1
[1] 10.0-CURRENT __FreeBSD_version value ended at '55', so start releng/10.0 at '100' so the branch is started with a value ending in zero.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
256281 |
10-Oct-2013 |
gjb |
Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
|
251188 |
31-May-2013 |
marcel |
Fix "automatic" login, broken by revision 69825 (12 years, 5 months ago). The "automatic" login feature is described as follows: The USER environment variable holds the name of the person telnetting in. This is the username of the person on the client machine. The traditional behaviour is to execute login(1) with this username first, meaning that login(1) will prompt for the password only. If login fails, login(1) will retry, but now prompt for the username before prompting for the password.
This feature got broken by how the environment got scrubbed. Before the change in r69825 we removed variables that we deemed dangerous. Starting with r69825 we only keep those variable we know to be safe.
The USER environment variable fell through the cracks. It suddenly got scrubbed (i.e. removed from the environment) while still being checked for. It also got explicitly removed from the environment to handle the failed login case.
The fix is to obtain the value of the USER environment variable before we scrub the environment and used the "cached" in subsequent checks. This guarantees that the environment does not contain the USER variable in the end, while still being able to implement "automatic" login.
Obtained from: Juniper Networks, Inc.
|
241021 |
28-Sep-2012 |
kevlo |
Make sure that each va_start has one and only one matching va_end, especially in error cases.
|
237190 |
17-Jun-2012 |
joel |
Remove superfluous paragraph macro.
|
233932 |
06-Apr-2012 |
stas |
- Do not use deprecated krb5 error message reporting functions in libtelnet.
|
228843 |
23-Dec-2011 |
cperciva |
Fix a problem whereby a corrupt DNS record can cause named to crash. [11:06]
Add an API for alerting internal libc routines to the presence of "unsafe" paths post-chroot, and use it in ftpd. [11:07]
Fix a buffer overflow in telnetd. [11:08]
Make pam_ssh ignore unpassphrased keys unless the "nullok" option is specified. [11:09]
Add sanity checking of service names in pam_start. [11:10]
Approved by: so (cperciva) Approved by: re (bz) Security: FreeBSD-SA-11:06.bind Security: FreeBSD-SA-11:07.chroot Security: FreeBSD-SA-11:08.telnetd Security: FreeBSD-SA-11:09.pam_ssh Security: FreeBSD-SA-11:10.pam
|
228651 |
17-Dec-2011 |
dim |
In contrib/telnet/telnet/utilities.c, fix a few warnings about format strings not being literals.
MFC after: 1 week
|
228589 |
16-Dec-2011 |
dim |
In contrib/telnet/telnetd/utility.c, fix a few warnings about format strings not being literals.
MFC after: 1 week
|
228559 |
16-Dec-2011 |
dim |
In contrib/telnet/libtelnet/sra.c, use the correct number of bytes to zero the password buffer.
MFC after: 1 week
|
207449 |
30-Apr-2010 |
jilles |
telnet: Fix infinite loop if local output generates SIGPIPE.
Instead of catching SIGPIPE and jumping out of the signal handler with longjmp, ignore it and handle write errors to the local output by exiting from there. I have changed the error message to mention the local output instead of NetBSD's wrong "Connection closed by foreign host". Write errors to the network were already handled by exiting immediately and this now applies to EPIPE too.
The code assumed that SIGPIPE could only be generated by the network connection; if it was generated by the local output, it would longjmp out of the signal handler and write an error message which caused another SIGPIPE.
PR: 19773 Obtained from: NetBSD MFC after: 1 week
|
202214 |
13-Jan-2010 |
ed |
Forgot a part that was missing in the previous commit.
There is no need to call trimdomain() anymore now that ut_host is big enough to fit decent hostnames.
|
202212 |
13-Jan-2010 |
ed |
Let telnetd build without utmp and logwtmp(3).
Just like rlogind, there is no need to change the ownership of the terminal during shutdown anymore. Also don't call logwtmp, because the login(1)/PAM is responsible for doing this. Also use SHUT_RDWR instead of 2.
|
201047 |
27-Dec-2009 |
ed |
Remove unneeded inclusion of <utmp.h> and dead variables.
|
199874 |
28-Nov-2009 |
ed |
Use <termios.h> instead of <sys/termios.h>.
<sys/termios.h> only works on FreeBSD by accident.
|
189092 |
26-Feb-2009 |
ed |
Rename all symbols in libmp(3) to mp_*, just like Solaris.
The function pow() in libmp(3) clashes with pow(3) in libm. We could rename this single function, but we can just take the same approach as the Solaris folks did, which is to prefix all function names with mp_.
libmp(3) isn't really popular nowadays. I suspect not a single application in ports depends on it. There's still a chance, so I've increased the SHLIB_MAJOR and __FreeBSD_version.
Reviewed by: deischen, rdivacky
|
188699 |
16-Feb-2009 |
cperciva |
Correctly scrub telnetd's environment.
Approved by: so (cperciva) Security: FreeBSD-SA-09:05.telnetd
|
184938 |
13-Nov-2008 |
ed |
Use strlcpy() instead of strcpy().
Requested by: mlaier
|
184935 |
13-Nov-2008 |
ed |
Convert telnetd(8) to use posix_openpt(2).
Some time ago I got some reports MPSAFE TTY broke telnetd(8). Even though it turned out to be a different problem within the TTY code, I spotted a small issue with telnetd(8). Instead of allocating PTY's using openpty(3) or posix_openpt(2), it used its own PTY allocation routine. This means that telnetd(8) still uses /dev/ptyXX-style devices.
I've also increased the size of line[]. Even though 16 should be enough, we already use 13 bytes ("/dev/pts/999", including '\0'). 32 bytes gives us a little more freedom.
Also enable -DSTREAMSPTY. Otherwise telnetd(8) strips the PTY's pathname to the latest slash instead of just removing "/dev/" (e.g. /dev/pts/0 -> 0, instead of pts/0).
Reviewed by: rink
|
183004 |
13-Sep-2008 |
antoine |
Fix TELOPT(opt) when opt > TELOPT_TN3270E.
PR: 127194 Submitted by: Joost Bekkers MFC after: 1 month
|
182419 |
29-Aug-2008 |
trhodes |
List authentication types supported with "-X" taken from the libtelnet code.
PR: 121721
|
180931 |
28-Jul-2008 |
jhb |
Don't attempt authentication at all if it has been disabled via '-a off'. This works around a bug in HP-UX's telnet client and also gives a much saner user experience when using FreeBSD's telnet client.
PR: bin/19405 Submitted by: Joel Ray Holveck joelh of gnu.org MFC after: 1 month
|
171135 |
01-Jul-2007 |
gnn |
Commit IPv6 support for FAST_IPSEC to the tree. This commit includes all remaining changes for the time being including user space updates.
Submitted by: bz Approved by: re
|
162826 |
29-Sep-2006 |
ru |
Markup nits.
|
162671 |
26-Sep-2006 |
ru |
Remove bogus casts of valid integer ioctl() arguments.
|
162402 |
18-Sep-2006 |
maxim |
o Mention .telnetrc DEFAULT keyword.
PR: bin/100496 (sort of) Obtained from: NetBSD, heas@netbsd MFC after: 3 weeks
|
146468 |
21-May-2005 |
ume |
NI_WITHSCOPEID cleanup
|
144231 |
28-Mar-2005 |
nectar |
Correct a pair of buffer overflows in the telnet(1) command:
(CAN-2005-0468) A heap buffer overflow in env_opt_add() and related functions.
(CAN-2005-0469) A global uninitialized data section buffer overflow in slc_add_reply() and related functions.
As a result of these vulnerabilities, it may be possible for a malicious telnet server or active network attacker to cause telnet(1) to execute arbitrary code with the privileges of the user running it.
Security: CAN-2005-0468, CAN-2005-0469 Security: FreeBSD-SA-05:01.telnet Security: http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities Security: http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities
These fixes are based in part on patches Submitted by: Solar Designer <solar@openwall.com>
|
142790 |
28-Feb-2005 |
tobez |
Increase usefulness of telnet(1) as a protocol tester. By prepending "+" to the port number, disable option negotiation and allow transferring of data with high bit set.
OKed by: markm (maintainer) PR: 52032 Submitted by: Valentin Nechayev <netch maybe-at netch stop kiev stop ua> MFC After: 2 weeks
|
140601 |
21-Jan-2005 |
ru |
- Soften sentence breaks. - Remove double whitespace. - Sort sections.
|
139937 |
09-Jan-2005 |
maxim |
o Make telnet[d] -S (IP TOS) flag really work. We do not have /etc/iptos implementation so only numeric values supported.
o telnetd.8: steal the -S flag description from telnet.1, bump the date of the document.
MFC after: 6 weeks
|
139713 |
05-Jan-2005 |
maxim |
o Add -4 and -6 flags to a man page and usage(). Bump the man page date.
|
139711 |
05-Jan-2005 |
maxim |
o Remove -t flag from getopt(3), it was killed in rev. 1.15 three years ago.
|
139687 |
04-Jan-2005 |
maxim |
o Print a correct status for unix domain sockets. o Restore input mode when return from the command one.
PR: bin/49983 Submitted by: Volker Stolz OK in general from: markm MFC after: 1 month
|
132753 |
28-Jul-2004 |
kan |
Add missing () to function invocation.
|
121472 |
24-Oct-2003 |
ume |
Switch Advanced Sockets API for IPv6 from RFC2292 to RFC3542 (aka RFC2292bis). Though I believe this commit doesn't break backward compatibility againt existing binaries, it breaks backward compatibility of API. Now, the applications which use Advanced Sockets API such as telnet, ping6, mld6query and traceroute6 use RFC3542 API.
Obtained from: KAME
|
121425 |
23-Oct-2003 |
ume |
EAI_ADDRFAMILY and EAI_NODATA was deprecated in RFC3493 (aka RFC2553bis). Now, getaddrinfo(3) returns EAI_NONAME instead of EAI_NODATA. Our getaddrinfo(3) nor getnameinfo(3) didn't use EAI_ADDRFAMILY.
Obtained from: KAME
|
118865 |
13-Aug-2003 |
harti |
Implement what has been documented for a long time: make -debug switch on socket debugging.
Okay'ed by: markm
|
114911 |
11-May-2003 |
markm |
Fix up external variables named "debug" that have a horrible habit of conflicting with other, similarly named functions in static libraries. This is done mostly by renaming the var if it is shared amongst modules, or making it static otherwise.
OK'ed by: re(scottl)
|
114630 |
04-May-2003 |
obrien |
Use __FBSDID vs. rcsid[]. Also protect sccs[] and copyright[] from GCC 3.3.
|
111946 |
06-Mar-2003 |
nectar |
Unbreak Kerberos 5 authentication in telnet. (Credential forwarding is still broken.)
PR: bin/45397
|
110049 |
29-Jan-2003 |
nectar |
Background: When libdes was replaced with OpenSSL's libcrypto, there were a few interfaces that the former implemented but the latter did not. Because some software in the base system still depended upon these interfaces, we simply included them in our libcrypto (rnd_keys.c).
Now, finally get around to removing the dependencies on these interfaces. There were basically two cases:
des_new_random_key -- This is just a wrapper for des_random_key, and these calls were replaced.
des_init_random_number_generator et. al. -- A few functions were used by the application to seed libdes's PRNG. These are not necessary when using libcrypto, as OpenSSL internally seeds the PRNG from /dev/random. These calls were simply removed.
Again, some of the Kerberos 4 files have been taken off the vendor branch. I do not expect there to be future imports of KTH Kerberos 4.
|
109466 |
18-Jan-2003 |
billf |
add more RFC defined telnet options
Reviewed by: ps
|
107299 |
27-Nov-2002 |
eric |
Merge argument parsing changes into this copy of telnet.
Submitted by: markm Approved by: bmah
|
104331 |
02-Oct-2002 |
dd |
Permit the argument to the -s option to be a hostname. I see no reason to restrict this to a numeric address.
PR: 41841 Submitted by: Dmitry Pryanishnikov <dmitry@atlantis.dp.ua>, Maxim Maximov <mcsi@agava.com>
|
103956 |
25-Sep-2002 |
markm |
Catch up with "base" telnet. s/FALL THROUGH/FALLTHROUGH/ for lint(1).
|
103955 |
25-Sep-2002 |
markm |
Catch up with "base" telnet.
s/FALL THROUGH/FALLTHROUGH/ for lint(1). s/Usage/usage/ for consistency.
|
103954 |
25-Sep-2002 |
markm |
From the requestor:
"Could you do me a favor and fix sys_bsd.c to get the howmany() macro from <sys/param.h>, instead of <sys/types.h>? This will save me from having to worry about the unsync'd bits before making the change."
Requested by: mike
|
102250 |
22-Aug-2002 |
nsayer |
Encrypted strings (after hex decoding) aren't null terminated, because 0 might simply be part of the ciphertext.
PR: bin/40266 Submitted by: andr@dgap.mipt.ru MFC after: 3 days
|
98884 |
26-Jun-2002 |
markm |
Warnings fixes. Sort out some variable types.
|
98882 |
26-Jun-2002 |
markm |
Help fix warnings by marking an argument as unused.
|
97341 |
27-May-2002 |
jmallett |
Don't risk catching a signal while handling a signal for a dying child, as we can then end up not properly clearing wtmp/utmp entries.
PR: bin/37934 Submitted by: Sandeep Kumar <skumar@juniper.net> Reviewed by: markm MFC after: 2 weeks
|
96385 |
11-May-2002 |
alfred |
unbreak build:
commands.c, sys_bsd.c: comment out/remove junk after #endif/#else network.c, terminal.c, utlities.c: include stdlib.h for exit(3)
|
96108 |
06-May-2002 |
markm |
Fix an external declaration that was causing telnetd to core dump.
MFC after: 1 week PR: 37766
|
90931 |
19-Feb-2002 |
nectar |
Update build after import of Heimdal Kerberos 2002/02/17.
|
90242 |
05-Feb-2002 |
sheldonh |
Don't use non-signal-safe functions (exit(3) in this case) in signal handlers. In this case, use _exit(2) instead, following the call to shutdown(2).
This fixes rare telnetd hangs.
PR: misc/33672 Submitted by: Umesh Krishnaswamy <umesh@juniper.net> MFC after: 1 month
|
87882 |
14-Dec-2001 |
ru |
mdoc(7) police: remove -r from SYNOPSIS, sort -p in DESCRIPTION.
|
87558 |
09-Dec-2001 |
jkh |
Don't assume that the number of fds to select on is known quantity (in this case 16). Use dynamic FD_SETs and calculated high-water marks throughout. There are also too many versions of telnet in the tree.
Obtained from: OpenBSD and Apple's Radar database MFC after: 2 days
|
87358 |
04-Dec-2001 |
ru |
Fixed bugs from previous revision.
Removed -s from SYNOPSIS and restored -S in DESCRIPTION.
|
87277 |
03-Dec-2001 |
jhay |
Protect variables and function prototypes that are only used in the INET6 case with an ifdef INET6.
This make the fixit floppy compile again.
Reviewed by: markm
|
87267 |
03-Dec-2001 |
markm |
More help for alpha WARNS=2. This code is, erm, unusual. Anyone who feels like rewriting it will meet no objection from me.
|
87266 |
03-Dec-2001 |
markm |
help the alphas out with the WARNS=2 stuff.
|
87155 |
30-Nov-2001 |
markm |
Damn. The previous mega-commit was incomplete WRT ANSIfication. This fixes that.
|
87139 |
30-Nov-2001 |
markm |
Very large style makeover.
1) ANSIfy. 2) Clean up ifdefs so that a) ones that never/always apply are appropriately either fully removed, or just the #if junk is removed. b) change #if defined(FOO) for appropiate values of FOO. (currently AUTHENTICATION and ENCRYPTION) 3) WARNS=2 fixing 4) GC other unused stuff
This code can now be unifdef(1)ed to make non-crypto telnet.
|
85703 |
29-Oct-2001 |
jhb |
Fix world by trimming an extra comment terminator.
|
85690 |
29-Oct-2001 |
nsayer |
Add Berkeley copyright to SRA.
This is by the kind permission of Dave Safford, formerly of TAMU who wrote the original code. Here is an excerpt of the e-mail exchange concerning this issue:
Dave Safford wrote: >Nick Sayer wrote: >> Some time ago we spoke about SRA and importing it into FreeBSD. I forgot to >> ask if you had a prefered license boilerplate for the top of the files. It >> has come up recently, and the SRA code in FreeBSD doesn't have one.
>I really have no preference - use whatever is most convenient in the >FreeBSD environment.
>dave safford
This is the standard BSD license with clause 3 removed and clause 4 suitably renumbered.
MFC after: 1 day
|
85600 |
27-Oct-2001 |
markm |
Diff-reduce these two.
Really, one of them needs to disappear. I'll figure out which later.
Reported by: bde
|
84305 |
01-Oct-2001 |
markm |
Add __FBSDID() to diff-reduce with "base" telnet.
|
82497 |
29-Aug-2001 |
markm |
Manually unifdef(1) CRAY, UNICOS, hpux and sun uselsess code.
|
82326 |
25-Aug-2001 |
dd |
Remove description of an option that only applies to UNICOS < 7.0. That define may still be present in the source, but I don't think anyone has plans to try to use it.
Obtained from: NetBSD
|
81965 |
20-Aug-2001 |
markm |
Code merge and diff reduce with "base" telnet. This is the "later" telnet, so it was treated as the reference code, except where later commits were made to "base" telnet.
|
81665 |
15-Aug-2001 |
horikawa |
Removal of following export controll related sentences: o Because of export controls, TELNET ENCRYPT option is not supported outside of the United States and Canada. o Because of export controls, data encryption is not supported outside of the United States and Canada.
src/crypto/README revision 1.5 commit log says: > Crypto sources are no longer export controlled: > Explain, why crypto sources are still in crypto/. and actually telnet encryption is used outside of US and Canada now.
Pointed out by: OHSAWA Chitoshi <ohsawa@catv1.ccn-net.ne.jp> Reviewed by: no objection on doc
|
81622 |
14-Aug-2001 |
ru |
mdoc(7) police: s/BSD/.Bx/ where appropriate.
|
80224 |
23-Jul-2001 |
kris |
output_data(), output_datalen() and netflush() didn't actually guarantee to do what they are supposed to: under some circumstances output data would be truncated, or the buffer would not actually be flushed (possibly leading to overflows when the caller assumes the operation succeeded). Change the semantics so that these functions ensure they complete the operation before returning.
Comment out diagnostic code enabled by '-D reports' which causes an infinite recursion and an eventual crash.
Patch developed with assistance from ru and assar.
|
80038 |
20-Jul-2001 |
ru |
More potential buffer overflow fixes.
o Fixed `nfrontp' calculations in output_data(). If `remaining' is initially zero, it was possible for `nfrontp' to be decremented.
Noticed by: dillon
o Replaced leaking writenet() with output_datalen():
: * writenet : * : * Just a handy little function to write a bit of raw data to the net. : * It will force a transmit of the buffer if necessary : * : * arguments : * ptr - A pointer to a character string to write : * len - How many bytes to write : */ : void : writenet(ptr, len) : register unsigned char *ptr; : register int len; : { : /* flush buffer if no room for new data) */ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ : if ((&netobuf[BUFSIZ] - nfrontp) < len) { : /* if this fails, don't worry, buffer is a little big */ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ : netflush(); : } : : memmove(nfrontp, ptr, len); : nfrontp += len; : : } /* end of writenet */
What an irony! :-)
o Optimized output_datalen() a bit.
|
79992 |
19-Jul-2001 |
ru |
vsnprintf() can return a value larger than the buffer size.
Submitted by: assar Obtained from: OpenBSD
|
79981 |
19-Jul-2001 |
ru |
Fixed the exploitable remote buffer overflow.
Reported on: bugtraq Obtained from: Heimdal, NetBSD Reviewed by: obrien, imp
|
79528 |
10-Jul-2001 |
ru |
mdoc(7) police: removed HISTORY info from the .Os call.
|
79324 |
05-Jul-2001 |
ru |
mdoc(7) police: merge all fixes from non-crypto version.
|
79323 |
05-Jul-2001 |
ru |
MF non-crypto: 1.13: document -u in usage.
|
77105 |
24-May-2001 |
dillon |
Oops, forgot the 'u' in the getopt for the previous commit.
|
77095 |
23-May-2001 |
dillon |
A feature to allow one to telnet to a unix domain socket. (MFC from non-crypto version)
Also update the crypto telnet's man page to reflect other options ported from the non-crypto version.
Obtained from: Lyndon Nerenberg <lyndon@orthanc.ab.ca>
|
76751 |
17-May-2001 |
nsayer |
Make the PAM user-override actually override the correect thing.
|
76712 |
17-May-2001 |
peter |
Back out last commit. This was already fixed. This should never have happened, this is why we have commit mail expressly delivered to committers.
|
76711 |
17-May-2001 |
peter |
Fix the latest telnet breakage. Obviously this was never compiled.
|
76697 |
16-May-2001 |
nsayer |
Since the root-on-insecure-tty code was added to telnetd, a dependency on char *line was added to libtelnet. Put a dummy one in to keep the linker happy.
|
76696 |
16-May-2001 |
nsayer |
Make sure the protocol actively rejects bad data rather than (potentially) not responding to an invalid SRA 'auth is' message.
|
76691 |
16-May-2001 |
nsayer |
srandomdev() affords us the opportunity to radically improve, and at the same time simplify, the random number selection code.
|
76690 |
16-May-2001 |
nsayer |
Catch any attempted buffer overflows. The magic numbers in this code (512) are a little distressing, but the method really needs to be extended to allow server-supplied DH parameters anyway.
Submitted by: kris
|
76689 |
16-May-2001 |
nsayer |
Catch malloc return failures. This should help avoid dereferencing NULL on low-memory situations.
Submitted by: kris
|
76616 |
15-May-2001 |
peter |
Hack to work around braindeath in libtelnet:sra.c. The sra.o file references global variables from telnetd, but is also linked into telnet as well. I was tempted to back out the last sra.c change as it is 100% bogus and should be taken out and shot, but for now this bandaid should get world working again. :-(
|
76610 |
15-May-2001 |
nsayer |
If the uid of the attempted authentication is 0 and if the pty is insecure, do not succeed. Copied from login.c. This functionality really should be a PAM module.
|
76339 |
07-May-2001 |
nsayer |
Pointy hat fix -- reapply the SRA PAM patch. To -current this time.
|
75465 |
13-Apr-2001 |
ru |
mdoc(7) police: removed hard sentence breaks introduced in rev.1.10.
|
75263 |
06-Apr-2001 |
nsayer |
Clean up telnet's argument processing a bit. autologin and encryption is now the default, so ignore the arguments that turn it on. Add a new -y argument to turn off encryption in case someone wants to do that. Sync these changes with the man page (including removing the now obsolete statement about availability only in the US and Canada).
|
75236 |
05-Apr-2001 |
nsayer |
Reactivate SRA.
Make handling of SIGINT and SIGQUIT follow SIGTSTP in TerminalNewMode(). This allows people to break out of SRA authentication if they wish to.
|
74411 |
18-Mar-2001 |
nsayer |
Fix core noted in -stable with 'auth disable SRA'.
I just mistakenly commited this to RELENG_4. I have contacted Jordan to see about how to fix this. Pass the pointy hat.
|
74138 |
12-Mar-2001 |
assar |
enable auto-negotiation of encrypt and decrypt
|
72139 |
07-Feb-2001 |
asmodai |
Synch: Add $FreeBSD$.
|
72093 |
06-Feb-2001 |
asmodai |
Fix typo: compatability -> compatibility.
Compatability is not an existing english word.
|
72089 |
06-Feb-2001 |
asmodai |
Fix typo: seperate -> separate.
Seperate does not exist in the english language.
Submitted to look at by: kris
|
72083 |
06-Feb-2001 |
asmodai |
Fix typo: wierd -> weird.
There is no such thing as wierd in the english language.
|
71899 |
01-Feb-2001 |
ru |
mdoc(7) police: split punctuation characters + misc fixes.
|
70890 |
10-Jan-2001 |
ru |
Prepare for mdoc(7)NG.
|
69825 |
10-Dec-2000 |
assar |
(scrub_env): change to only accept a listed set of variables, including only non-filename contents for TERMCAP
|
69389 |
30-Nov-2000 |
asmodai |
Add more environment variables to be filtered through scrub_env(). Synched from normal telnet.
|
69387 |
30-Nov-2000 |
asmodai |
String paranoia fix. Synched from normal telnet.
|
69384 |
30-Nov-2000 |
asmodai |
String paranoia. Merged from regular telnet.
|
69223 |
26-Nov-2000 |
kris |
Correct definition of MAXHOSTNAMELEN in ifdef'ed code.
Submitted by: Edwin Groothuis <mavetju@chello.nl> PR: bin/22787
|
68965 |
20-Nov-2000 |
ru |
mdoc(7) police: use the new features of the Nm macro.
|
68891 |
19-Nov-2000 |
kris |
Fix a buffer overflow from a long local hostname.
Obtained from: OpenBSD
|
68575 |
10-Nov-2000 |
ru |
Avoid use of direct troff requests in mdoc(7) manual pages.
|
67827 |
29-Oct-2000 |
kris |
Sync with usr.bin/telnet/telnet.c r1.9 - fix buffer overflow in DISPLAY
|
63662 |
20-Jul-2000 |
ume |
Fix buffer size of ALIGNed buffer.
PR: bin/20053 Submitted by: Alex Kapranoff <alex@kapran.bitmcnit.bryansk.su>
|
63248 |
16-Jul-2000 |
peter |
Add missing $FreeBSD$ to files that are NOT still on vendor a branch.
|
62958 |
11-Jul-2000 |
nsayer |
Fix 'telnet -X sra' coredump
PR# 19835
|
62868 |
10-Jul-2000 |
kris |
Don't call printf with no format string.
|
62805 |
08-Jul-2000 |
ume |
Make telnet -s work. It is corresponding to EAI_NONAME -> EAI_NODATA change (getaddrinfo.c rev 1.12).
|
62773 |
07-Jul-2000 |
itojun |
sync with usr.bin/telnet/commands.c 1.21 -> 1.22. pierre.dampure@alveley.org
|
57724 |
03-Mar-2000 |
shin |
CMSG_XXX macros alignment fixes to follow RFC2292.
Approved by: jkh
|
57442 |
24-Feb-2000 |
markm |
Get crypto from libcrypto, not libdes.
|
57414 |
24-Feb-2000 |
markm |
Freefall/Internat diff reducer.
|
57343 |
19-Feb-2000 |
shin |
Use static buffer to save source route hostnames.
Approved by: jkh
|
57342 |
19-Feb-2000 |
shin |
Print "Trying ..." for each host. Also cleanups for error printing.
Approved by: jkh
Submitted by: Ben Smithurst <ben@scientia.demon.co.uk>
|
57233 |
15-Feb-2000 |
shin |
Fix bugs in telnet.
Sorry there were still several bugs. -error retry at af missmatch was incomplete. -af matching for source addr option was wrong -socket was not freed at retry.
Approved by: jkh
|
57125 |
10-Feb-2000 |
shin |
Add more dual stack consideration.
-Should retry as much as possible when some of source routing intermediate hosts' address families missmatch happened. (such as when a host has only A record, and another host has each of A and AAAA record.)
-Should retry as much as possible when dest addr and source addr(specified with -s option) address family missmatch happend
Approved by: jkh
|
57016 |
07-Feb-2000 |
shin |
Fix telnet core dump at invalid service name specified. Added an error check to avoid it.
Approved by: jkh
Submitted by: Robert Muir <rmuir@gibralter.net>
|
56870 |
29-Jan-2000 |
shin |
Add NI_NAMEREQD flag to getnameinfo() call. Without this flag, getnameinfo() don't return error at name resolving failure. But it is used at doaddrlookup(-N) case in telnet, error need to be returned to correctly initialize hostname buffer.
Discovered at checking recent KAME repository change, noticed by itojun.
|
56668 |
27-Jan-2000 |
shin |
another tcp apps IPv6 updates.(should be make world safe) ftp, telnet, ftpd, faithd also telnet related sync with crypto, secure, kerberosIV
Obtained from: KAME project
|
50759 |
01-Sep-1999 |
markm |
Termcap header no longer needed.
|
50479 |
28-Aug-1999 |
peter |
$Id$ -> $FreeBSD$
|
49901 |
16-Aug-1999 |
nsayer |
According to Mark Murray, Makefiles do not belong here. I guess we're going to have to figure something else out.
|
49887 |
16-Aug-1999 |
nsayer |
Add SRA authentication to src/crypto/telnet.
SRA does a Diffie-Hellmen exchange and then DES-encrypts the authentication data. If the authentication is successful, it also sets up a session key for DES encryption.
SRA was originally developed at Texas A&M University.
This code is probably export restricted (despite the fact that I originally found it at a University in Germany).
SRA is not perfect. It is vulnerable to monkey-in-the-middle attacks and does not use tremendously large DH constants (and thus an individual exchange probably could be factored in a few days on modern CPU horsepower). It does not, however, require any changes in user or administrative behavior and foils session hijacking and sniffing. The goal of this commit is that telnet and telnetd end up in the DES distribution and that therefore an encrypted session telnet becomes standard issue for FreeBSD.
|
49861 |
16-Aug-1999 |
nsayer |
Fix int function without return (make consistent with neighbors)
|
49299 |
30-Jul-1999 |
nik |
Document the "skey" command in telnet(1).
PR: docs/12360 Submitted by: kjm@rins.ryukoku.ac.jp (KOJIMA Hajime) Nagged by: markm :-)
|
47973 |
17-Jun-1999 |
ru |
Merge from non-crypto version: - "-N" option - "-E" security fix - "-s src_addr" option
Requested by: markm
|
45493 |
08-Apr-1999 |
brian |
MF libexec/telnetd: Determine the host name using an array size of MAXHOSTNAMELEN and call trimdomain() before implementing the -u option.
|
45428 |
07-Apr-1999 |
brian |
MF libexec/telnetd: MAXHOSTNAMELEN & -u fixes.
|
45395 |
06-Apr-1999 |
brian |
Use realhostname().
|
45377 |
06-Apr-1999 |
brian |
MF src/libexec/telnetd: Verify the reverse DNS lookup ala rlogind. Suggested by: markm
|
41858 |
16-Dec-1998 |
peter |
Old stuff laying around: Don't use getstr which can conflict with some curses/termcap/terminfo implementations and causes recursion.
|
41856 |
16-Dec-1998 |
peter |
Old stuff from a source tree: copy (verbatum) the code to expand the %s/%m in the default /etc/gettytab.
|
38728 |
01-Sep-1998 |
gpalmer |
Remove redundant decl. of time(). Causes problems on alpha
|
32688 |
22-Jan-1998 |
imp |
MFC: sprintf paranoia
|
31622 |
08-Dec-1997 |
charnier |
MFC: no \n in syslog strings. Change -P to -p in flags. EOF -> -1. Use err(3).
|
30212 |
08-Oct-1997 |
uhclem |
PR: bin/771 and bin/1037 are resolved by this change This change changes the default handling of linemode so that older and/or stupider telnet clients can still get wakeup characters like <ESC> and <CTRL>D to work correctly multiple times on the same line, as in csh "set filec" operations. It also causes CR and LF characters to be read by apps in certain terminal modes consistently, as opposed to returning CR sometimes and LF sometimes, which broke existing apps. The change was shown to fix the problem demonstrated in the FreeBSD telnet client, along with the telnet client in Solaris, SCO, Windows '95 & NT, DEC OSF, NCSA, and others.
A similar change was incorporated in the non-crypto version of telnetd.
This resolves bin/771 and bin/1037.
|
29181 |
07-Sep-1997 |
markm |
Bring the FreeBSD changes to the virgin sources.
|
29089 |
04-Sep-1997 |
markm |
This commit was generated by cvs2svn to compensate for changes in r29088, which included commits to RCS files with non-trunk default branches.
|