#
296373 |
|
04-Mar-2016 |
marius |
- Copy stable/10@296371 to releng/10.3 in preparation for 10.3-RC1 builds. - Update newvers.sh to reflect RC1. - Update __FreeBSD_version to reflect 10.3. - Update default pkg(8) configuration to use the quarterly branch.
Approved by: re (implicit) |
#
295367 |
|
07-Feb-2016 |
des |
MFH (r265214, r294333, r294407, r294467): misc prop fixes MFH (r285975, r287143): register mergeinfo for security fixes MFH (r294497, r294498, r295139): internal documentation MFH (r294328): upgrade to openssh 6.7p1, re-add libwrap MFH (r294332): upgrade to openssh 6.8p1 MFH (r294367): update pam_ssh for api changes MFH (r294909): switch usedns back on MFH (r294336): upgrade to openssh 6.9p1 MFH (r294495): re-enable dsa keys MFH (r294464): upgrade to openssh 7.0p1 MFH (r294496): upgrade to openssh 7.1p2
Approved by: re (gjb) Relnotes: yes
|
#
264377 |
|
12-Apr-2014 |
des |
MFH (r263712): upgrade openssh to 6.6p1 MFH (r264308): restore p level in debugging output
|
#
256281 |
|
10-Oct-2013 |
gjb |
Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
|
#
255767 |
|
21-Sep-2013 |
des |
Upgrade to 6.3p1.
Approved by: re (gjb)
|
#
248619 |
|
22-Mar-2013 |
des |
Upgrade to OpenSSH 6.2p1. The most important new features are support for a key revocation list and more fine-grained authentication control.
|
#
221420 |
|
04-May-2011 |
des |
Upgrade to OpenSSH 5.8p2.
|
#
215116 |
|
11-Nov-2010 |
des |
Upgrade to OpenSSH 5.6p1.
|
#
197679 |
|
01-Oct-2009 |
des |
Upgrade to OpenSSH 5.3p1.
|
#
181111 |
|
01-Aug-2008 |
des |
Upgrade to OpenSSH 5.1p1.
I have worked hard to reduce diffs against the vendor branch. One notable change in that respect is that we no longer prefer DSA over RSA - the reasons for doing so went away years ago. This may cause some surprises, as ssh will warn about unknown host keys even for hosts whose keys haven't changed.
MFC after: 6 weeks
|
#
181110 |
|
01-Aug-2008 |
des |
Remove svn:keywords except on files that need it. This makes diffs against the vendor branch much more readable.
|
#
181108 |
|
01-Aug-2008 |
des |
Another file with no local changes.
|
#
181097 |
|
01-Aug-2008 |
des |
Consistently set svn:eol-style.
|
#
162856 |
|
30-Sep-2006 |
des |
Merge conflicts.
MFC after: 1 week
|
#
149753 |
|
03-Sep-2005 |
des |
Resolve conflicts.
|
#
147005 |
|
05-Jun-2005 |
des |
Resolve conflicts.
|
#
137019 |
|
28-Oct-2004 |
des |
Resolve conflicts
|
#
128460 |
|
20-Apr-2004 |
des |
Resolve conflicts.
|
#
126277 |
|
26-Feb-2004 |
des |
Resolve conflicts.
|
#
124211 |
|
07-Jan-2004 |
des |
Resolve conflicts and remove obsolete files.
Sponsored by: registrar.no
|
#
113911 |
|
23-Apr-2003 |
des |
Resolve conflicts.
|
#
112870 |
|
31-Mar-2003 |
des |
If an ssh1 client initiated challenge-response authentication but did not respond to challenge, and later successfully authenticated itself using another method, the kbdint context would never be released, leaving the PAM child process behind even after the connection ended.
Fix this by automatically releasing the kbdint context if a packet of type SSH_CMSG_AUTH_TIS is follwed by anything but a packet of type SSH_CMSG_AUTH_TIS_RESPONSE.
MFC after: 1 week
|
#
106130 |
|
29-Oct-2002 |
des |
Resolve conflicts.
|
#
98941 |
|
27-Jun-2002 |
des |
Forcibly revert to mainline.
|
#
98742 |
|
24-Jun-2002 |
dinoex |
remove declaration of authlog use variable from_host Reviewed by: des
|
#
98684 |
|
23-Jun-2002 |
des |
Resolve conflicts. Known issues:
- sshd fails to set TERM correctly. - privilege separation may break PAM and is currently turned off. - man pages have not yet been updated
I will have these issues resolved, and privilege separation turned on by default, in time for DP2.
Sponsored by: DARPA, NAI Labs
|
#
93221 |
|
26-Mar-2002 |
ru |
Switch over to using pam_login_access(8) module in sshd(8). (Fixes static compilation. Reduces diffs to OpenSSH.)
Reviewed by: bde
|
#
92878 |
|
21-Mar-2002 |
des |
Use the "sshd" service instead of "csshd". The latter was only needed because of bugs (incorrect design decisions, actually) in Linux-PAM.
Sponsored by: DARPA, NAI Labs
|
#
92559 |
|
18-Mar-2002 |
des |
Fix conflicts.
|
#
92402 |
|
16-Mar-2002 |
des |
Diff reduction.
Sponsored by: DARPA, NAI Labs
|
#
82961 |
|
04-Sep-2001 |
assar |
fix renamed options in some of the code that was #ifdef AFS also print an error if krb5 ticket passing is disabled
Submitted by: Jonathan Chen <jon@spock.org>
|
#
78348 |
|
16-Jun-2001 |
assar |
(do_authloop): handle !KRB4 && KRB5
|
#
78129 |
|
12-Jun-2001 |
green |
Enable Kerberos 5 support in sshd again.
|
#
76464 |
|
11-May-2001 |
markm |
Fix make world in the kerberosIV case.
|
#
76262 |
|
04-May-2001 |
green |
Fix conflicts for OpenSSH 2.9.
|
#
74147 |
|
12-Mar-2001 |
assar |
Fix LP64 problem in Kerberos 5 TGT passing.
Obtained from: NetBSD (done by thorpej@netbsd.org)
|
#
73400 |
|
04-Mar-2001 |
assar |
Add code for being compatible with ssh.com's krb5 authentication. It is done by using the same ssh messages for v4 and v5 authentication (since the ssh.com does not now anything about v4) and looking at the contents after unpacking it to see if it is v4 or v5. Based on code from Björn Grönvall <bg@sics.se>
PR: misc/20504
|
#
69591 |
|
05-Dec-2000 |
green |
Update to OpenSSH 2.3.0 with FreeBSD modifications. OpenSSH 2.3.0 new features description elided in favor of checking out their website.
Important new FreeBSD-version stuff: PAM support has been worked in, partially from the "Unix" OpenSSH version, and a lot due to the work of Eivind Eklend, too.
This requires at least the following in pam.conf:
sshd auth sufficient pam_skey.so sshd auth required pam_unix.so try_first_pass sshd session required pam_permit.so
Parts by: Eivind Eklend <eivind@FreeBSD.org>
|
#
65674 |
|
10-Sep-2000 |
kris |
Resolve conflicts and update for OpenSSH 2.2.0
Reviewed by: gshapiro, peter, green
|
#
65361 |
|
02-Sep-2000 |
kris |
Err, we weren't even compiling auth1.c with LOGIN_CAP at all. Guess nobody was using this feature.
|
#
65360 |
|
02-Sep-2000 |
kris |
Repair a broken conflict resolution in r1.2 which had the effect of nullifying the login_cap and login.access checks for whether a user/host is allowed access to the system for users other than root. But since we currently don't have a similar check in the ssh2 code path anyway, it's um, "okay".
Submitted by: gshapiro
|
#
65358 |
|
02-Sep-2000 |
kris |
Re-add missing "break" which was lost during a previous patch integration. This currently has no effect.
Submitted by: gshapiro
|
#
60663 |
|
17-May-2000 |
kris |
Unbreak Kerberos5 compilation. This still remains untested.
Noticed by: obrien
|
#
60576 |
|
15-May-2000 |
kris |
Resolve conflicts and update for FreeBSD.
|
#
60574 |
|
15-May-2000 |
kris |
This commit was generated by cvs2svn to compensate for changes in r60573, which included commits to RCS files with non-trunk default branches.
|
#
60573 |
|
15-May-2000 |
kris |
Initial import of OpenSSH v2.1.
|