head	1.6;
access;
symbols
	RELEASE_4_5_0:1.5
	RELEASE_4_4_0:1.5
	RELEASE_4_3_0:1.4
	RELEASE_4_2_0:1.4
	RELEASE_4_1_1:1.4
	RELEASE_4_1_0:1.4
	RELEASE_3_5_0:1.4
	RELEASE_4_0_0:1.4
	RELEASE_3_4_0:1.4
	openssh_1_2:1.1.1.1
	OPENBSD:1.1.1;
locks; strict;
comment	@# @;


1.6
date	2002.03.12.17.54.07;	author dinoex;	state dead;
branches;
next	1.5;

1.5
date	2001.06.08.08.03.26;	author dinoex;	state Exp;
branches;
next	1.4;

1.4
date	99.11.24.03.36.20;	author green;	state Exp;
branches;
next	1.3;

1.3
date	99.11.20.06.59.56;	author green;	state Exp;
branches;
next	1.2;

1.2
date	99.11.17.17.19.24;	author green;	state dead;
branches;
next	1.1;

1.1
date	99.11.08.06.20.52;	author green;	state Exp;
branches
	1.1.1.1;
next	;

1.1.1.1
date	99.11.08.06.20.52;	author green;	state Exp;
branches;
next	;


desc
@@


1.6
log
@Rename Patches to make navigation much more easier.
@
text
@--- sshlogin.c.orig	Sat Mar 24 17:43:27 2001
+++ sshlogin.c	Sat May 26 14:42:30 2001
@@@@ -41,7 +41,11 @@@@
 #include "includes.h"
 RCSID("$OpenBSD: sshlogin.c,v 1.2 2001/03/24 16:43:27 stevesk Exp $");
 
+#ifdef __FreeBSD__
+#include <libutil.h>
+#else
 #include <util.h>
+#endif /* __FreeBSD__ */
 #include <utmp.h>
 #include "sshlogin.h"
 #include "log.h"
@


1.5
log
@- Update from OpenSSH 2.2.0 to OpenSSH 2.9
- Features:
  Possible use of sftp/sftp-server with older FreeBSD releases.
  Use a newer version independently from the Base system.
  Easier to test and fix possible security bugs.
- Bugs:
  build of pam_ssm.so isn't be supported any more
  Any file named "cookie" can be deleted by this and any older "sshd"
  with X11 Forwarding.
@
text
@@


1.4
log
@Update the CVS_DATE.  This brings in support for TIS authentication,
obsoleting a couple patches (it's the same code, though, except for
additions).

This also brings in KNFization of everything (please hold the cheering
down :) and made me reroll all my patches.

My patches have been almost entirely rewritten.  The places are the
same, but the code's rewritten.  It fits with the style (KNF) now,
and looks better.

I've also added strlcat.c to the build, which, just like strlcpy.c, is
necessary for compatibility with older libcs.  After strlcat() snuck
into the OpenSSH code recently, this would prevent OpenSSH from
building on (e.g.) FreeBSD 3.2.  Adding it to ssh/lib/ makes it work
yet again :)
@
text
@d1 3
a3 3
--- /usr/ports/distfiles/OpenSSH-1.2/src/usr.bin/ssh/login.c	Tue Nov 23 18:55:14 1999
+++ ./login.c	Tue Nov 23 19:35:08 1999
@@@@ -20,7 +20,11 @@@@
d5 1
a5 1
 RCSID("$Id: login.c,v 1.8 1999/11/23 22:25:54 markus Exp $");
d13 2
a14 2
 #include "ssh.h"
 
@


1.3
log
@Give OpenSSH TIS client-side authentication.

Submitted by:	peter
@
text
@d1 14
a14 43
--- sshconnect.c.orig	Fri Nov 19 23:54:54 1999
+++ sshconnect.c	Fri Nov 19 23:56:22 1999
@@@@ -1496,6 +1496,40 @@@@
 	  return; /* Successful connection. */
     }
   
+  /* Support for TIS authentication server obtained from
+     Andre April <Andre.April@@cediti.be>. */
+  if ((supported_authentications & (1 << SSH_AUTH_TIS)) &&
+      options.tis_authentication && !options.batch_mode)
+    {
+      char *prompt;
+      debug("Doing TIS authentication.");
+      if (options.cipher == SSH_CIPHER_NONE)
+	log("WARNING: Encryption is disabled! Password will be transmitted in clear text.");
+      packet_start(SSH_CMSG_AUTH_TIS);
+      packet_send();
+      packet_write_wait();
+      type = packet_read(&payload_len);
+      if (type == SSH_SMSG_FAILURE)
+	debug("User cannot be identifier on authentication server.");
+      else {
+	if (type != SSH_SMSG_AUTH_TIS_CHALLENGE)
+	  packet_disconnect("Protocol error: got %d in response to TIS auth request", type);
+	prompt = packet_get_string(NULL);
+	password = read_passphrase(prompt, 0);
+	packet_start(SSH_CMSG_AUTH_TIS_RESPONSE);
+	packet_put_string(password, strlen(password));
+	memset(password, 0, strlen(password));
+	xfree(password);
+	packet_send();
+	packet_write_wait();
+        type = packet_read(&payload_len);
+	if (type == SSH_SMSG_SUCCESS)
+	  return;
+	if (type != SSH_SMSG_FAILURE)
+	  packet_disconnect("Protocol error: got %d in response to TIS auth", type);
+      }
+    }
+
   /* Try password authentication if the server supports it. */
   if ((supported_authentications & (1 << SSH_AUTH_PASSWORD)) &&
       options.password_authentication && !options.batch_mode)
@


1.2
log
@Thanks to those who replied!  The include (ssl versus openssl) transform
is now done in post-patch.

Submitted by:	Anton Berezin <tobez@@plab.ku.dk>, Christian Weisgerber <naddy@@unix-ag.uni-kl.de>
@
text
@d1 43
a43 12
diff -ru /home/green/ssh/authfile.c ./authfile.c
--- /home/green/ssh/authfile.c	Tue Oct 12 03:47:00 1999
+++ ./authfile.c	Mon Nov  8 00:06:40 1999
@@@@ -17,7 +17,7 @@@@
 #include "includes.h"
 RCSID("$Id: authfile.c,v 1.7 1999/10/11 20:00:35 markus Exp $");
 
-#include <ssl/bn.h>
+#include <openssl/bn.h>
 #include "xmalloc.h"
 #include "buffer.h"
 #include "bufaux.h"
@


1.1
log
@Initial revision
@
text
@@


1.1.1.1
log
@Say hello to OpenSSH!  It's more secure, has a better license, and
is actively maintained by members of the OpenBSD project.
@
text
@@
