subject:"CVS commit\: \[netbsd\-7\] src\/crypto\/external\/bsd\/openssh\/dist"

CVS commit: [netbsd-7] src/crypto/external/bsd/openssh/dist

2016-05-17 Thread Soren Jacobsen

Module Name:src
Committed By:   snj
Date:   Tue May 17 18:50:35 UTC 2016

Modified Files:
src/crypto/external/bsd/openssh/dist [netbsd-7]: session.c

Log Message:
Pull up following revision(s) (requested by christos in ticket #1168):
crypto/external/bsd/openssh/dist/session.c: revision 1.19
If PAM is configured to read user-specified environment variables
and UseLogin=yes in sshd_config, then a hostile local user may
attack /bin/login via LD_PRELOAD or similar environment variables
set via PAM.
CVE-2015-8325, found by Shayan Sadigh, via Colin Watson
https://anongit.mindrot.org/openssh.git/commit/?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755
XXX: pullup-7


To generate a diff of this commit:
cvs rdiff -u -r1.12.4.1 -r1.12.4.2 \
src/crypto/external/bsd/openssh/dist/session.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/session.c
diff -u src/crypto/external/bsd/openssh/dist/session.c:1.12.4.1 src/crypto/external/bsd/openssh/dist/session.c:1.12.4.2
--- src/crypto/external/bsd/openssh/dist/session.c:1.12.4.1	Thu Apr 30 06:07:30 2015
+++ src/crypto/external/bsd/openssh/dist/session.c	Tue May 17 18:50:34 2016
@@ -1,4 +1,4 @@
-/*	$NetBSD: session.c,v 1.12.4.1 2015/04/30 06:07:30 riz Exp $	*/
+/*	$NetBSD: session.c,v 1.12.4.2 2016/05/17 18:50:34 snj Exp $	*/
 /* $OpenBSD: session.c,v 1.277 2015/01/16 06:40:12 deraadt Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland
@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: session.c,v 1.12.4.1 2015/04/30 06:07:30 riz Exp $");
+__RCSID("$NetBSD: session.c,v 1.12.4.2 2016/05/17 18:50:34 snj Exp $");
 #include 
 #include 
 #include 
@@ -1223,7 +1223,7 @@ do_setup_env(Session *s, const char *she
 	 * Pull in any environment variables that may have
 	 * been set by PAM.
 	 */
-	if (options.use_pam) {
+	if (options.use_pam && !options.use_login) {
 		char **p;
 
 		p = fetch_pam_child_environment();

CVS commit: [netbsd-7] src/crypto/external/bsd/openssh/dist

2016-03-11 Thread Martin Husemann

Module Name:src
Committed By:   martin
Date:   Fri Mar 11 12:22:42 UTC 2016

Modified Files:
src/crypto/external/bsd/openssh/dist [netbsd-7]: channels.c channels.h
clientloop.c sshpty.c

Log Message:
Apply the following changes, requested by snj in #1138:

- Refuse ForwardX11Trusted=no connections attempted after
  ForwardX11Timeout expires.  (CVE-2015-5352)
- Fix TTY permissions to not be world-writable.  (CVE-2015-6565)


To generate a diff of this commit:
cvs rdiff -u -r1.11.4.1 -r1.11.4.2 \
src/crypto/external/bsd/openssh/dist/channels.c
cvs rdiff -u -r1.8.4.1 -r1.8.4.2 \
src/crypto/external/bsd/openssh/dist/channels.h
cvs rdiff -u -r1.10.4.1 -r1.10.4.2 \
src/crypto/external/bsd/openssh/dist/clientloop.c
cvs rdiff -u -r1.2.26.1 -r1.2.26.2 \
src/crypto/external/bsd/openssh/dist/sshpty.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/channels.c
diff -u src/crypto/external/bsd/openssh/dist/channels.c:1.11.4.1 src/crypto/external/bsd/openssh/dist/channels.c:1.11.4.2
--- src/crypto/external/bsd/openssh/dist/channels.c:1.11.4.1	Thu Apr 30 06:07:30 2015
+++ src/crypto/external/bsd/openssh/dist/channels.c	Fri Mar 11 12:22:42 2016
@@ -1,4 +1,4 @@
-/*	$NetBSD: channels.c,v 1.11.4.1 2015/04/30 06:07:30 riz Exp $	*/
+/*	$NetBSD: channels.c,v 1.11.4.2 2016/03/11 12:22:42 martin Exp $	*/
 /* $OpenBSD: channels.c,v 1.341 2015/02/06 23:21:59 millert Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -41,7 +41,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: channels.c,v 1.11.4.1 2015/04/30 06:07:30 riz Exp $");
+__RCSID("$NetBSD: channels.c,v 1.11.4.2 2016/03/11 12:22:42 martin Exp $");
 #include 
 #include 
 #include 	/* MIN MAX */
@@ -163,6 +163,9 @@ static char *x11_saved_proto = NULL;
 static char *x11_saved_data = NULL;
 static u_int x11_saved_data_len = 0;
 
+/* Deadline after which all X11 connections are refused */
+static u_int x11_refuse_time;
+
 /*
  * Fake X11 authentication data.  This is what the server will be sending us;
  * we should replace any occurrences of this by the real data.
@@ -938,6 +941,13 @@ x11_open_helper(Buffer *b)
 	u_char *ucp;
 	u_int proto_len, data_len;
 
+	/* Is this being called after the refusal deadline? */
+	if (x11_refuse_time != 0 && (u_int)monotime() >= x11_refuse_time) {
+		verbose("Rejected X11 connection after ForwardX11Timeout "
+		"expired");
+		return -1;
+	}
+
 	/* Check if the fixed size part of the packet is in buffer. */
 	if (buffer_len(b) < 12)
 		return 0;
@@ -1509,6 +1519,12 @@ channel_set_reuseaddr(int fd)
 		error("setsockopt SO_REUSEADDR fd %d: %s", fd, strerror(errno));
 }
 
+void
+channel_set_x11_refuse_time(u_int refuse_time)
+{
+	x11_refuse_time = refuse_time;
+}
+
 /*
  * This socket is listening for connections to a forwarded TCP/IP port.
  */

Index: src/crypto/external/bsd/openssh/dist/channels.h
diff -u src/crypto/external/bsd/openssh/dist/channels.h:1.8.4.1 src/crypto/external/bsd/openssh/dist/channels.h:1.8.4.2
--- src/crypto/external/bsd/openssh/dist/channels.h:1.8.4.1	Thu Apr 30 06:07:30 2015
+++ src/crypto/external/bsd/openssh/dist/channels.h	Fri Mar 11 12:22:42 2016
@@ -1,4 +1,4 @@
-/*	$NetBSD: channels.h,v 1.8.4.1 2015/04/30 06:07:30 riz Exp $	*/
+/*	$NetBSD: channels.h,v 1.8.4.2 2016/03/11 12:22:42 martin Exp $	*/
 /* $OpenBSD: channels.h,v 1.116 2015/01/19 20:07:45 markus Exp $ */
 
 /*
@@ -287,6 +287,7 @@ int	 permitopen_port(const char *);
 
 /* x11 forwarding */
 
+void	 channel_set_x11_refuse_time(u_int);
 int	 x11_connect_display(void);
 int	 x11_create_display_inet(int, int, int, u_int *, int **);
 int  x11_input_open(int, u_int32_t, void *);

Index: src/crypto/external/bsd/openssh/dist/clientloop.c
diff -u src/crypto/external/bsd/openssh/dist/clientloop.c:1.10.4.1 src/crypto/external/bsd/openssh/dist/clientloop.c:1.10.4.2
--- src/crypto/external/bsd/openssh/dist/clientloop.c:1.10.4.1	Thu Apr 30 06:07:30 2015
+++ src/crypto/external/bsd/openssh/dist/clientloop.c	Fri Mar 11 12:22:42 2016
@@ -1,4 +1,4 @@
-/*	$NetBSD: clientloop.c,v 1.10.4.1 2015/04/30 06:07:30 riz Exp $	*/
+/*	$NetBSD: clientloop.c,v 1.10.4.2 2016/03/11 12:22:42 martin Exp $	*/
 /* $OpenBSD: clientloop.c,v 1.272 2015/02/25 19:54:02 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -61,7 +61,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: clientloop.c,v 1.10.4.1 2015/04/30 06:07:30 riz Exp $");
+__RCSID("$NetBSD: clientloop.c,v 1.10.4.2 2016/03/11 12:22:42 martin Exp $");
 
 #include 	/* MIN MAX */
 #include 
@@ -159,7 +159,7 @@ static int connection_in;	/* Connection 
 static int connection_out;	/* Connection to server (output). */
 static int need_rekeying;	/* Set to non-zero if rekeying is requested. */
 static int session_closed;	/* In SSH2: login session closed. */
-static int x11_refuse_time;	/* If >0, refuse x11 opens after this time. */
+static u_int

CVS commit: [netbsd-7] src/crypto/external/bsd/openssh/dist

2016-02-22 Thread Soren Jacobsen

Module Name:src
Committed By:   snj
Date:   Mon Feb 22 11:23:29 UTC 2016

Modified Files:
src/crypto/external/bsd/openssh/dist [netbsd-7]: readconf.c ssh.c

Log Message:
Pull up following revision(s) (requested by christos in ticket #1075):
crypto/external/bsd/openssh/dist/readconf.c: patch
crypto/external/bsd/openssh/dist/ssh.c: patch
Fix CVE CVE-2016-0777 by disabling roaming completely.


To generate a diff of this commit:
cvs rdiff -u -r1.11.4.1 -r1.11.4.2 \
src/crypto/external/bsd/openssh/dist/readconf.c
cvs rdiff -u -r1.14.4.1 -r1.14.4.2 src/crypto/external/bsd/openssh/dist/ssh.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/readconf.c
diff -u src/crypto/external/bsd/openssh/dist/readconf.c:1.11.4.1 src/crypto/external/bsd/openssh/dist/readconf.c:1.11.4.2
--- src/crypto/external/bsd/openssh/dist/readconf.c:1.11.4.1	Thu Apr 30 06:07:30 2015
+++ src/crypto/external/bsd/openssh/dist/readconf.c	Mon Feb 22 11:23:29 2016
@@ -1,4 +1,4 @@
-/*	$NetBSD: readconf.c,v 1.11.4.1 2015/04/30 06:07:30 riz Exp $	*/
+/*	$NetBSD: readconf.c,v 1.11.4.2 2016/02/22 11:23:29 snj Exp $	*/
 /* $OpenBSD: readconf.c,v 1.232 2015/02/16 22:13:32 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: readconf.c,v 1.11.4.1 2015/04/30 06:07:30 riz Exp $");
+__RCSID("$NetBSD: readconf.c,v 1.11.4.2 2016/02/22 11:23:29 snj Exp $");
 #include 
 #include 
 #include 
@@ -1745,7 +1745,7 @@ initialize_options(Options * options)
 	options->tun_remote = -1;
 	options->local_command = NULL;
 	options->permit_local_command = -1;
-	options->use_roaming = -1;
+	options->use_roaming = 0;
 	options->visual_host_key = -1;
 	options->ip_qos_interactive = -1;
 	options->ip_qos_bulk = -1;
@@ -1960,8 +1960,7 @@ fill_default_options(Options * options)
 		options->tun_remote = SSH_TUNID_ANY;
 	if (options->permit_local_command == -1)
 		options->permit_local_command = 0;
-	if (options->use_roaming == -1)
-		options->use_roaming = 1;
+	options->use_roaming = 0;
 	if (options->visual_host_key == -1)
 		options->visual_host_key = 0;
 	if (options->ip_qos_interactive == -1)

Index: src/crypto/external/bsd/openssh/dist/ssh.c
diff -u src/crypto/external/bsd/openssh/dist/ssh.c:1.14.4.1 src/crypto/external/bsd/openssh/dist/ssh.c:1.14.4.2
--- src/crypto/external/bsd/openssh/dist/ssh.c:1.14.4.1	Thu Apr 30 06:07:30 2015
+++ src/crypto/external/bsd/openssh/dist/ssh.c	Mon Feb 22 11:23:29 2016
@@ -1,4 +1,4 @@
-/*	$NetBSD: ssh.c,v 1.14.4.1 2015/04/30 06:07:30 riz Exp $	*/
+/*	$NetBSD: ssh.c,v 1.14.4.2 2016/02/22 11:23:29 snj Exp $	*/
 /* $OpenBSD: ssh.c,v 1.416 2015/03/03 06:48:58 djm Exp $ */
 /*
  * Author: Tatu Ylonen 
@@ -42,7 +42,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: ssh.c,v 1.14.4.1 2015/04/30 06:07:30 riz Exp $");
+__RCSID("$NetBSD: ssh.c,v 1.14.4.2 2016/02/22 11:23:29 snj Exp $");
 #include 
 #include 
 #include 
@@ -1963,9 +1963,6 @@ ssh_session2(void)
 			fork_postauth();
 	}
 
-	if (options.use_roaming)
-		request_roaming();
-
 	return client_loop(tty_flag, tty_flag ?
 	options.escape_char : SSH_ESCAPECHAR_NONE, id);
 }

CVS commit: [netbsd-7] src/crypto/external/bsd/openssh/dist

2016-01-25 Thread Jeff Rizzo

Module Name:src
Committed By:   riz
Date:   Tue Jan 26 01:29:35 UTC 2016

Modified Files:
src/crypto/external/bsd/openssh/dist [netbsd-7]: sftp.c

Log Message:
Pull up following revision(s) (requested by snj in ticket #1066):
crypto/external/bsd/openssh/dist/sftp.c: revision 1.17
PR/50564: Rin Okuyama: sftp: filename completion is broken


To generate a diff of this commit:
cvs rdiff -u -r1.12.4.1 -r1.12.4.2 \
src/crypto/external/bsd/openssh/dist/sftp.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/sftp.c
diff -u src/crypto/external/bsd/openssh/dist/sftp.c:1.12.4.1 src/crypto/external/bsd/openssh/dist/sftp.c:1.12.4.2
--- src/crypto/external/bsd/openssh/dist/sftp.c:1.12.4.1	Thu Apr 30 06:07:30 2015
+++ src/crypto/external/bsd/openssh/dist/sftp.c	Tue Jan 26 01:29:35 2016
@@ -1,4 +1,4 @@
-/*	$NetBSD: sftp.c,v 1.12.4.1 2015/04/30 06:07:30 riz Exp $	*/
+/*	$NetBSD: sftp.c,v 1.12.4.2 2016/01/26 01:29:35 riz Exp $	*/
 /* $OpenBSD: sftp.c,v 1.170 2015/01/20 23:14:00 deraadt Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller 
@@ -17,7 +17,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: sftp.c,v 1.12.4.1 2015/04/30 06:07:30 riz Exp $");
+__RCSID("$NetBSD: sftp.c,v 1.12.4.2 2016/01/26 01:29:35 riz Exp $");
 #include 	/* MIN MAX */
 #include 
 #include 
@@ -1845,8 +1845,8 @@ complete_match(EditLine *el, struct sftp
 	if (remote != LOCAL) {
 		tmp = make_absolute(tmp, remote_path);
 		remote_glob(conn, tmp, GLOB_DOOFFS|GLOB_MARK, NULL, );
+	} else
 		glob(tmp, GLOB_LIMIT|GLOB_DOOFFS|GLOB_MARK, NULL, );
-	}
 	
 	/* Determine length of pwd so we can trim completion display */
 	for (hadglob = tmplen = pwdlen = 0; tmp[tmplen] != 0; tmplen++) {

CVS commit: [netbsd-7] src/crypto/external/bsd/openssh/dist

2015-08-13 Thread SAITOH Masanobu

Module Name:src
Committed By:   msaitoh
Date:   Fri Aug 14 05:32:40 UTC 2015

Modified Files:
src/crypto/external/bsd/openssh/dist [netbsd-7]: monitor.c

Log Message:
Pull up following revision(s) (requested by christos in ticket #950):

crypto/external/bsd/openssh/dist/monitor.c  patch

OpenSSH PAM fix (BFS-SA-2015-002).


To generate a diff of this commit:
cvs rdiff -u -r1.12.4.1 -r1.12.4.2 \
src/crypto/external/bsd/openssh/dist/monitor.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/monitor.c
diff -u src/crypto/external/bsd/openssh/dist/monitor.c:1.12.4.1 src/crypto/external/bsd/openssh/dist/monitor.c:1.12.4.2
--- src/crypto/external/bsd/openssh/dist/monitor.c:1.12.4.1	Thu Apr 30 06:07:30 2015
+++ src/crypto/external/bsd/openssh/dist/monitor.c	Fri Aug 14 05:32:39 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: monitor.c,v 1.12.4.1 2015/04/30 06:07:30 riz Exp $	*/
+/*	$NetBSD: monitor.c,v 1.12.4.2 2015/08/14 05:32:39 msaitoh Exp $	*/
 /* $OpenBSD: monitor.c,v 1.145 2015/02/20 22:17:21 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos pro...@citi.umich.edu
@@ -27,7 +27,7 @@
  */
 
 #include includes.h
-__RCSID($NetBSD: monitor.c,v 1.12.4.1 2015/04/30 06:07:30 riz Exp $);
+__RCSID($NetBSD: monitor.c,v 1.12.4.2 2015/08/14 05:32:39 msaitoh Exp $);
 #include sys/types.h
 #include sys/wait.h
 #include sys/socket.h
@@ -1061,9 +1061,7 @@ extern KbdintDevice sshpam_device;
 int
 mm_answer_pam_init_ctx(int sock, Buffer *m)
 {
-
 	debug3(%s, __func__);
-	authctxt-user = buffer_get_string(m, NULL);
 	sshpam_ctxt = (sshpam_device.init_ctx)(authctxt);
 	sshpam_authok = NULL;
 	buffer_clear(m);
@@ -1145,13 +1143,15 @@ mm_answer_pam_respond(int sock, Buffer *
 int
 mm_answer_pam_free_ctx(int sock, Buffer *m)
 {
+	int r = sshpam_authok != NULL  sshpam_authok == sshpam_ctxt;
 
 	debug3(%s, __func__);
 	(sshpam_device.free_ctx)(sshpam_ctxt);
+	sshpam_ctxt = sshpam_authok = NULL;
 	buffer_clear(m);
 	mm_request_send(sock, MONITOR_ANS_PAM_FREE_CTX, m);
 	auth_method = keyboard-interactive/pam;
-	return (sshpam_authok == sshpam_ctxt);
+	return r;
 }
 #endif

CVS commit: [netbsd-7] src/crypto/external/bsd/openssh/dist

2015-07-31 Thread Soren Jacobsen

Module Name:src
Committed By:   snj
Date:   Fri Jul 31 16:49:41 UTC 2015

Modified Files:
src/crypto/external/bsd/openssh/dist [netbsd-7]: auth2-chall.c

Log Message:
Pull up following revision(s) (requested by christos in ticket #916):
crypto/external/bsd/openssh/dist/auth2-chall.c: revision 1.8
From FreeBSD:
A remote attacker may effectively bypass MaxAuthTries settings, which would
enable them to brute force passwords. [CVE-2015-5600]


To generate a diff of this commit:
cvs rdiff -u -r1.5.4.1 -r1.5.4.2 \
src/crypto/external/bsd/openssh/dist/auth2-chall.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/auth2-chall.c
diff -u src/crypto/external/bsd/openssh/dist/auth2-chall.c:1.5.4.1 src/crypto/external/bsd/openssh/dist/auth2-chall.c:1.5.4.2
--- src/crypto/external/bsd/openssh/dist/auth2-chall.c:1.5.4.1	Thu Apr 30 06:07:30 2015
+++ src/crypto/external/bsd/openssh/dist/auth2-chall.c	Fri Jul 31 16:49:41 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: auth2-chall.c,v 1.5.4.1 2015/04/30 06:07:30 riz Exp $	*/
+/*	$NetBSD: auth2-chall.c,v 1.5.4.2 2015/07/31 16:49:41 snj Exp $	*/
 /* $OpenBSD: auth2-chall.c,v 1.42 2015/01/19 20:07:45 markus Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
@@ -26,7 +26,7 @@
  */
 
 #include includes.h
-__RCSID($NetBSD: auth2-chall.c,v 1.5.4.1 2015/04/30 06:07:30 riz Exp $);
+__RCSID($NetBSD: auth2-chall.c,v 1.5.4.2 2015/07/31 16:49:41 snj Exp $);
 #include sys/types.h
 
 #include stdio.h
@@ -83,6 +83,7 @@ struct KbdintAuthctxt
 	void *ctxt;
 	KbdintDevice *device;
 	u_int nreq;
+	u_int devices_done;
 };
 
 #ifdef USE_PAM
@@ -170,11 +171,15 @@ kbdint_next_device(Authctxt *authctxt, K
 		if (len == 0)
 			break;
 		for (i = 0; devices[i]; i++) {
-			if (!auth2_method_allowed(authctxt,
+			if ((kbdintctxt-devices_done  (1  i)) != 0 ||
+			!auth2_method_allowed(authctxt,
 			keyboard-interactive, devices[i]-name))
 continue;
-			if (strncmp(kbdintctxt-devices, devices[i]-name, len) == 0)
+			if (strncmp(kbdintctxt-devices, devices[i]-name,
+			len) == 0) {
 kbdintctxt-device = devices[i];
+kbdintctxt-devices_done |= 1  i;
+			}
 		}
 		t = kbdintctxt-devices;
 		kbdintctxt-devices = t[len] ? xstrdup(t+len+1) : NULL;

CVS commit: [netbsd-7] src/crypto/external/bsd/openssh/dist

2015-05-16 Thread Soren Jacobsen

Module Name:src
Committed By:   snj
Date:   Sat May 16 18:05:07 UTC 2015

Modified Files:
src/crypto/external/bsd/openssh/dist [netbsd-7]: compat.c

Log Message:
Pull up following revision(s) (requested by christos in ticket #783):
crypto/external/bsd/openssh/dist/compat.c: revision 1.10
Pass the correct length to match_patter_list; from Hanno Boeck.


To generate a diff of this commit:
cvs rdiff -u -r1.6.4.1 -r1.6.4.2 \
src/crypto/external/bsd/openssh/dist/compat.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/compat.c
diff -u src/crypto/external/bsd/openssh/dist/compat.c:1.6.4.1 src/crypto/external/bsd/openssh/dist/compat.c:1.6.4.2
--- src/crypto/external/bsd/openssh/dist/compat.c:1.6.4.1	Thu Apr 30 06:07:30 2015
+++ src/crypto/external/bsd/openssh/dist/compat.c	Sat May 16 18:05:06 2015
@@ -1,4 +1,4 @@
-/*	$NetBSD: compat.c,v 1.6.4.1 2015/04/30 06:07:30 riz Exp $	*/
+/*	$NetBSD: compat.c,v 1.6.4.2 2015/05/16 18:05:06 snj Exp $	*/
 /* $OpenBSD: compat.c,v 1.87 2015/01/19 20:20:20 markus Exp $ */
 /*
  * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl.  All rights reserved.
@@ -25,7 +25,7 @@
  */
 
 #include includes.h
-__RCSID($NetBSD: compat.c,v 1.6.4.1 2015/04/30 06:07:30 riz Exp $);
+__RCSID($NetBSD: compat.c,v 1.6.4.2 2015/05/16 18:05:06 snj Exp $);
 #include sys/types.h
 
 #include stdlib.h
@@ -242,7 +242,7 @@ filter_proposal(const char *proposal, co
 	buffer_init(b);
 	tmp = orig_prop = xstrdup(proposal);
 	while ((cp = strsep(tmp, ,)) != NULL) {
-		if (match_pattern_list(cp, filter, strlen(cp), 0) != 1) {
+		if (match_pattern_list(cp, filter, strlen(filter), 0) != 1) {
 			if (buffer_len(b)  0)
 buffer_append(b, ,, 1);
 			buffer_append(b, cp, strlen(cp));

CVS commit: [netbsd-7] src/crypto/external/bsd/openssh/dist

2014-10-17 Thread Martin Husemann

Module Name:src
Committed By:   martin
Date:   Fri Oct 17 16:12:36 UTC 2014

Modified Files:
src/crypto/external/bsd/openssh/dist [netbsd-7]: auth.c

Log Message:
Pull up following revision(s) (requested by christos in ticket #145):
crypto/external/bsd/openssh/dist/auth.c: revision 1.9
for consistency use options.use_dns when getting the canonical hostname.
[we do the same below for hosts.allow and deny] reported by rudolf.


To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.8.4.1 src/crypto/external/bsd/openssh/dist/auth.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/crypto/external/bsd/openssh/dist/auth.c
diff -u src/crypto/external/bsd/openssh/dist/auth.c:1.8 src/crypto/external/bsd/openssh/dist/auth.c:1.8.4.1
--- src/crypto/external/bsd/openssh/dist/auth.c:1.8	Fri Nov  8 19:18:24 2013
+++ src/crypto/external/bsd/openssh/dist/auth.c	Fri Oct 17 16:12:36 2014
@@ -1,4 +1,4 @@
-/*	$NetBSD: auth.c,v 1.8 2013/11/08 19:18:24 christos Exp $	*/
+/*	$NetBSD: auth.c,v 1.8.4.1 2014/10/17 16:12:36 martin Exp $	*/
 /* $OpenBSD: auth.c,v 1.103 2013/05/19 02:42:42 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -25,7 +25,7 @@
  */
 
 #include includes.h
-__RCSID($NetBSD: auth.c,v 1.8 2013/11/08 19:18:24 christos Exp $);
+__RCSID($NetBSD: auth.c,v 1.8.4.1 2014/10/17 16:12:36 martin Exp $);
 #include sys/types.h
 #include sys/stat.h
 #include sys/param.h
@@ -101,7 +101,7 @@ allowed_user(struct passwd * pw)
 		return 0;
 
 #ifdef HAVE_LOGIN_CAP
-	hostname = get_canonical_hostname(1);
+	hostname = get_canonical_hostname(options.use_dns);
 	ipaddr = get_remote_ipaddr();
 
 	lc = login_getclass(pw-pw_class);

CVS commit: [netbsd-7] src/crypto/external/bsd/openssh/dist

CVS commit: [netbsd-7] src/crypto/external/bsd/openssh/dist

CVS commit: [netbsd-7] src/crypto/external/bsd/openssh/dist

CVS commit: [netbsd-7] src/crypto/external/bsd/openssh/dist

CVS commit: [netbsd-7] src/crypto/external/bsd/openssh/dist

CVS commit: [netbsd-7] src/crypto/external/bsd/openssh/dist

CVS commit: [netbsd-7] src/crypto/external/bsd/openssh/dist

CVS commit: [netbsd-7] src/crypto/external/bsd/openssh/dist

8 matches

Site Navigation

Mail list logo

Footer information