+19991112
+ - Merged changes from OpenBSD CVS
+ - [sshd.c] session_key_int may be zero
+
19991111
- Added (untested) Entropy Gathering Daemon (EGD) support
- Fixed fd leak
[ssh.1 ssh.c ssh.h sshd.8]
add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd,
obsoletes QuietMode and FascistLogging in sshd.
-
+ - [sshd.c] fix fatal/assert() bug reported by damien@ibs.com.au:
+ allow session_key_int != sizeof(session_key)
+ [this should fix the pre-assert-removal-core-files]
+ - Updated default config file to use new LogLevel option and to improve
+ readability
+
19991110
- Merged several minor fixed:
- ssh-agent commandline parsing
key is in the highest bits. */
BN_mask_bits(session_key_int, sizeof(session_key) * 8);
len = BN_num_bytes(session_key_int);
- if (len <= 0 || len > sizeof(session_key))
+ if (len < 0 || len > sizeof(session_key))
fatal("do_connection: bad len: session_key_int %d > sizeof(session_key) %d",
len, sizeof(session_key));
memset(session_key, 0, sizeof(session_key));
packet_disconnect("Too many authentication failures for %.100s from %.200s",
pw->pw_name, get_canonical_hostname());
}
-
/* Send a message indicating that the authentication attempt failed. */
packet_start(SSH_SMSG_FAILURE);
packet_send();
packet_write_wait();
+
}
/* Check if the user is logging in as root and root logins are disallowed. */
if (pw->pw_uid != 0)
exit(254);
}
-#endif
+#endif /* HAVE_LIBPAM */
+
+#ifdef HAVE_SETLOGIN
+ /* Set login name in the kernel. */
+ if (setlogin(pw->pw_name) < 0)
+ error("setlogin failed: %s", strerror(errno));
+#endif /* HAVE_SETLOGIN */
/* Set uid, gid, and groups. */
/* Login(1) does this as well, and it needs uid 0 for the "-h" switch,
#ifdef KRB4
{
- extern char *ticket;
-
- if (ticket)
- child_set_env(&env, &envsize, "KRBTKFILE", ticket);
+ extern char *ticket;
+
+ if (ticket)
+ child_set_env(&env, &envsize, "KRBTKFILE", ticket);
}
#endif /* KRB4 */
if (auth_get_socket_name() != NULL)
child_set_env(&env, &envsize, SSH_AUTHSOCKET_ENV_NAME,
auth_get_socket_name());
-
+
/* Read $HOME/.ssh/environment. */
if(!options.use_login) {
snprintf(buf, sizeof buf, "%.200s/.ssh/environment", pw->pw_dir);
}
}
}
-
/* Start the shell. Set initial character to '-'. */
buf[0] = '-';
strncpy(buf + 1, cp, sizeof(buf) - 1);