*New makefile
*Refer to local versions of telnet-related headers, rather than system ones
*Use termcap instead of termios
*Change hostname lookup in telnetd back to older code (which assumes IPv4, but that's all GNO supports anyway)
Add an API for alerting internal libc routines to the presence of
"unsafe" paths post-chroot, and use it in ftpd. [11:07]
Fix a buffer overflow in telnetd. [11:08]
Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
specified. [11:09]
Add sanity checking of service names in pam_start. [11:10]
Approved by: so (cperciva)
Approved by: re (bz)
Security: FreeBSD-SA-11:06.bind
Security: FreeBSD-SA-11:07.chroot
Security: FreeBSD-SA-11:08.telnetd
Security: FreeBSD-SA-11:09.pam_ssh
Security: FreeBSD-SA-11:10.pam
git-svn-id: http://svn0.us-east.freebsd.org/base/head/contrib/telnet@228843 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
1) ANSIfy.
2) Clean up ifdefs so that
a) ones that never/always apply are appropriately either
fully removed, or just the #if junk is removed.
b) change #if defined(FOO) for appropiate values of FOO.
(currently AUTHENTICATION and ENCRYPTION)
3) WARNS=2 fixing
4) GC other unused stuff
This code can now be unifdef(1)ed to make non-crypto telnet.
git-svn-id: http://svn0.us-east.freebsd.org/base/head/contrib/telnet@87139 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
SRA does a Diffie-Hellmen exchange and then DES-encrypts the
authentication data. If the authentication is successful, it also
sets up a session key for DES encryption.
SRA was originally developed at Texas A&M University.
This code is probably export restricted (despite the fact that I
originally found it at a University in Germany).
SRA is not perfect. It is vulnerable to monkey-in-the-middle attacks
and does not use tremendously large DH constants (and thus an individual
exchange probably could be factored in a few days on modern CPU
horsepower). It does not, however, require any changes in user or
administrative behavior and foils session hijacking and sniffing.
The goal of this commit is that telnet and telnetd end up in the DES
distribution and that therefore an encrypted session telnet becomes
standard issue for FreeBSD.
git-svn-id: http://svn0.us-east.freebsd.org/base/head/contrib/telnet@49887 ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f
