#
272461 |
|
02-Oct-2014 |
gjb |
Copy stable/10@r272459 to releng/10.1 as part of the 10.1-RELEASE process.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
256281 |
|
10-Oct-2013 |
gjb |
Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
|
#
228559 |
|
15-Dec-2011 |
dim |
In contrib/telnet/libtelnet/sra.c, use the correct number of bytes to zero the password buffer.
MFC after: 1 week
|
#
96109 |
|
06-May-2002 |
markm |
Previous commit was...
Submitted by: des
|
#
96108 |
|
06-May-2002 |
markm |
Fix an external declaration that was causing telnetd to core dump.
MFC after: 1 week PR: 37766
|
#
87139 |
|
30-Nov-2001 |
markm |
Very large style makeover.
1) ANSIfy. 2) Clean up ifdefs so that a) ones that never/always apply are appropriately either fully removed, or just the #if junk is removed. b) change #if defined(FOO) for appropiate values of FOO. (currently AUTHENTICATION and ENCRYPTION) 3) WARNS=2 fixing 4) GC other unused stuff
This code can now be unifdef(1)ed to make non-crypto telnet.
|
#
85753 |
|
31-Oct-2001 |
nsayer |
Sheldon asked me to make a note of the Message-ID of the e-mail from Dave approving the copyright statement.
The message was like this:
Date: Mon, 29 Oct 2001 13:18:36 -0500 From: David Safford <safford@watson.ibm.com> Message-Id: <20011029181842.0DCAAD7C59@safford.watson.ibm.com> Subject: Re: SRA copyright? In-Reply-To: Your message of "Mon, 29 Oct 2001 09:13:14 PST." <3846.66.126.254.34.1004375594.squirrel@medusa.kfu.com>
looks fine.
dave safford
> >> Some time ago we spoke about SRA and importing it into FreeBSD. I > >> forgot to ask if you had a prefered license boilerplate for the top of > >> the files. It has come up recently, and the SRA code in FreeBSD > >> doesn't have one. > >> > >> > > I really have no preference - use whatever is most convenient in the > > FreeBSD environment. > > > > dave safford > > Here is a representative diff. Let me know if you feel any changes are > necessary. > > =================================================================== > RCS file: /c/ncvs/src/crypto/telnet/libtelnet/pk.h,v > retrieving revision 1.3 > retrieving revision 1.4
and so on and so on
|
#
85690 |
|
29-Oct-2001 |
nsayer |
Add Berkeley copyright to SRA.
This is by the kind permission of Dave Safford, formerly of TAMU who wrote the original code. Here is an excerpt of the e-mail exchange concerning this issue:
Dave Safford wrote: >Nick Sayer wrote: >> Some time ago we spoke about SRA and importing it into FreeBSD. I forgot to >> ask if you had a prefered license boilerplate for the top of the files. It >> has come up recently, and the SRA code in FreeBSD doesn't have one.
>I really have no preference - use whatever is most convenient in the >FreeBSD environment.
>dave safford
This is the standard BSD license with clause 3 removed and clause 4 suitably renumbered.
MFC after: 1 day
|
#
84305 |
|
01-Oct-2001 |
markm |
Add __FBSDID() to diff-reduce with "base" telnet.
|
#
81965 |
|
20-Aug-2001 |
markm |
Code merge and diff reduce with "base" telnet. This is the "later" telnet, so it was treated as the reference code, except where later commits were made to "base" telnet.
|
#
76751 |
|
17-May-2001 |
nsayer |
Make the PAM user-override actually override the correect thing.
|
#
76696 |
|
16-May-2001 |
nsayer |
Make sure the protocol actively rejects bad data rather than (potentially) not responding to an invalid SRA 'auth is' message.
|
#
76690 |
|
16-May-2001 |
nsayer |
Catch any attempted buffer overflows. The magic numbers in this code (512) are a little distressing, but the method really needs to be extended to allow server-supplied DH parameters anyway.
Submitted by: kris
|
#
76689 |
|
16-May-2001 |
nsayer |
Catch malloc return failures. This should help avoid dereferencing NULL on low-memory situations.
Submitted by: kris
|
#
76610 |
|
15-May-2001 |
nsayer |
If the uid of the attempted authentication is 0 and if the pty is insecure, do not succeed. Copied from login.c. This functionality really should be a PAM module.
|
#
76339 |
|
07-May-2001 |
nsayer |
Pointy hat fix -- reapply the SRA PAM patch. To -current this time.
|
#
63249 |
|
16-Jul-2000 |
peter |
Forced commit. This is to try and help folks that used the international crypto repo and have slightly different files but with the same version. cvsup in 'checkout mode' has no trouble with this, but cvs can get really silly about it.
|
#
63248 |
|
16-Jul-2000 |
peter |
Add missing $FreeBSD$ to files that are NOT still on vendor a branch.
|
#
49887 |
|
16-Aug-1999 |
nsayer |
Add SRA authentication to src/crypto/telnet.
SRA does a Diffie-Hellmen exchange and then DES-encrypts the authentication data. If the authentication is successful, it also sets up a session key for DES encryption.
SRA was originally developed at Texas A&M University.
This code is probably export restricted (despite the fact that I originally found it at a University in Germany).
SRA is not perfect. It is vulnerable to monkey-in-the-middle attacks and does not use tremendously large DH constants (and thus an individual exchange probably could be factored in a few days on modern CPU horsepower). It does not, however, require any changes in user or administrative behavior and foils session hijacking and sniffing. The goal of this commit is that telnet and telnetd end up in the DES distribution and that therefore an encrypted session telnet becomes standard issue for FreeBSD.
|