#
339285 |
|
10-Oct-2018 |
emaste |
MFC r338810: openssh: rename local macro to avoid OpenSSL 1.1.1 conflict
Local changes introduced an OPENSSH_VERSION macro, but this conflicts with a macro of the same name introduced with OepnsSL 1.1.1
Sponsored by: The FreeBSD Foundation
|
#
323136 |
|
02-Sep-2017 |
des |
MFH (r322052): Upgrade OpenSSH to 7.5p1.
|
#
323134 |
|
02-Sep-2017 |
des |
MFH (r314306,r314720): Upgrade OpenSSH to 7.4p1.
|
#
323129 |
|
02-Sep-2017 |
des |
MFH (r314527,r314576,r314601,r317998): Upgrade OpenSSH to 7.3p1.
|
#
302408 |
|
07-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle. Prune svn:mergeinfo from the new branch, as nothing has been merged here.
Additional commits post-branch will follow.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
296633 |
|
10-Mar-2016 |
des |
Upgrade to OpenSSH 7.2p2.
|
#
294497 |
|
21-Jan-2016 |
des |
Explain why we don't include VersionAddendum in the debug mode banner.
|
#
294464 |
|
20-Jan-2016 |
des |
Upgrade to OpenSSH 7.0p1.
|
#
294336 |
|
19-Jan-2016 |
des |
Upgrade to OpenSSH 6.9p1.
|
#
294332 |
|
19-Jan-2016 |
des |
Upgrade to OpenSSH 6.8p1.
|
#
294328 |
|
19-Jan-2016 |
des |
Upgrade to OpenSSH 6.7p1, retaining libwrap support (which has been removed upstream) and a number of security fixes which we had already backported.
MFC after: 1 week
|
#
294325 |
|
19-Jan-2016 |
des |
As previously threatened, remove the HPN patch from OpenSSH.
|
#
291198 |
|
23-Nov-2015 |
des |
Retire the NONE cipher option.
|
#
290672 |
|
11-Nov-2015 |
des |
Remove /* $FreeBSD$ */ from files that already have __RCSID("$FreeBSD$").
|
#
285642 |
|
16-Jul-2015 |
vangyzen |
ssh: canonicize the host name before looking it up in the host file
Re-apply r99054 by des in 2002. This was accidentally dropped by the update to OpenSSH 6.5p1 (r261320).
This change is actually taken from r387082 of ports/security/openssh-portable/files/patch-ssh.c
PR: 198043 Differential Revision: https://reviews.freebsd.org/D3103 Reviewed by: des Approved by: kib (mentor) MFC after: 3 days Relnotes: yes Sponsored by: Dell Inc.
|
#
264308 |
|
09-Apr-2014 |
des |
Restore the pX part to the version number printed in debugging mode.
|
#
263712 |
|
25-Mar-2014 |
des |
Upgrade to OpenSSH 6.6p1.
|
#
261320 |
|
31-Jan-2014 |
des |
Upgrade to OpenSSH 6.5p1.
|
#
255767 |
|
21-Sep-2013 |
des |
Upgrade to 6.3p1.
Approved by: re (gjb)
|
#
249839 |
|
24-Apr-2013 |
des |
Merge updated "no such identity file" patch.
PR: bin/178060
|
#
249016 |
|
02-Apr-2013 |
des |
Merge upstream patch to silence spurious "no such identity file" warnings.
|
#
240075 |
|
03-Sep-2012 |
des |
Upgrade OpenSSH to 6.1p1.
|
#
236139 |
|
27-May-2012 |
rea |
OpenSSH: allow VersionAddendum to be used again
Prior to this, setting VersionAddendum will be a no-op: one will always have BASE_VERSION + " " + VERSION_HPN for VersionAddendum set in the config and a bare BASE_VERSION + VERSION_HPN when there is no VersionAddendum is set.
HPN patch requires both parties to have the "hpn" inside their advertized versions, so we add VERSION_HPN to the VERSION_BASE if HPN is enabled and omitting it if HPN is disabled.
VersionAddendum now uses the following logics: * unset (default value): append " " and VERSION_ADDENDUM; * VersionAddendum is set and isn't empty: append " " and VersionAddendum; * VersionAddendum is set and empty: don't append anything.
Approved by: des Reviewed by: bz MFC after: 3 days
|
#
231584 |
|
13-Feb-2012 |
ed |
Polish diff against upstream.
- Revert unneeded whitespace changes. - Revert modifications to loginrec.c, as the upstream version already does the right thing. - Fix indentation and whitespace of local changes.
Approved by: des MFC after: 1 month
|
#
226046 |
|
05-Oct-2011 |
des |
Upgrade to OpenSSH 5.9p1.
MFC after: 3 months
|
#
224638 |
|
03-Aug-2011 |
brooks |
Add support for dynamically adjusted buffers to allow the full use of the bandwidth of long fat pipes (i.e. 100Mbps+ trans-oceanic or trans-continental links). Bandwidth-delay products up to 64MB are supported.
Also add support (not compiled by default) for the None cypher. The None cypher can only be enabled on non-interactive sessions (those without a pty where -T was not used) and must be enabled in both the client and server configuration files and on the client command line. Additionally, the None cypher will only be activated after authentication is complete. To enable the None cypher you must add -DNONE_CIPHER_ENABLED to CFLAGS via the make command line or in /etc/make.conf.
This code is a style(9) compliant version of these features extracted from the patches published at:
http://www.psc.edu/networking/projects/hpn-ssh/
Merging this patch has been a collaboration between me and Bjoern.
Reviewed by: bz Approved by: re (kib), des (maintainer)
|
#
221420 |
|
04-May-2011 |
des |
Upgrade to OpenSSH 5.8p2.
|
#
215116 |
|
11-Nov-2010 |
des |
Upgrade to OpenSSH 5.6p1.
|
#
204917 |
|
09-Mar-2010 |
des |
Upgrade to OpenSSH 5.4p1.
MFC after: 1 month
|
#
197679 |
|
01-Oct-2009 |
des |
Upgrade to OpenSSH 5.3p1.
|
#
192595 |
|
22-May-2009 |
des |
Upgrade to OpenSSH 5.2p1.
MFC after: 3 months
|
#
181111 |
|
01-Aug-2008 |
des |
Upgrade to OpenSSH 5.1p1.
I have worked hard to reduce diffs against the vendor branch. One notable change in that respect is that we no longer prefer DSA over RSA - the reasons for doing so went away years ago. This may cause some surprises, as ssh will warn about unknown host keys even for hosts whose keys haven't changed.
MFC after: 6 weeks
|
#
181097 |
|
31-Jul-2008 |
des |
Consistently set svn:eol-style.
|
#
164149 |
|
10-Nov-2006 |
des |
Resolve conflicts.
|
#
162856 |
|
30-Sep-2006 |
des |
Merge conflicts.
MFC after: 1 week
|
#
157019 |
|
22-Mar-2006 |
des |
Merge conflicts.
|
#
149753 |
|
03-Sep-2005 |
des |
Resolve conflicts.
|
#
147005 |
|
05-Jun-2005 |
des |
Resolve conflicts.
|
#
137019 |
|
28-Oct-2004 |
des |
Resolve conflicts
|
#
128460 |
|
20-Apr-2004 |
des |
Resolve conflicts.
|
#
126277 |
|
26-Feb-2004 |
des |
Resolve conflicts.
|
#
124211 |
|
07-Jan-2004 |
des |
Resolve conflicts and remove obsolete files.
Sponsored by: registrar.no
|
#
113911 |
|
23-Apr-2003 |
des |
Resolve conflicts.
|
#
106130 |
|
29-Oct-2002 |
des |
Resolve conflicts.
|
#
99054 |
|
29-Jun-2002 |
des |
Canonicize the host name before looking it up in the host file.
Sponsored by: DARPA, NAI Labs
|
#
98941 |
|
27-Jun-2002 |
des |
Forcibly revert to mainline.
|
#
98684 |
|
23-Jun-2002 |
des |
Resolve conflicts. Known issues:
- sshd fails to set TERM correctly. - privilege separation may break PAM and is currently turned off. - man pages have not yet been updated
I will have these issues resolved, and privilege separation turned on by default, in time for DP2.
Sponsored by: DARPA, NAI Labs
|
#
92559 |
|
18-Mar-2002 |
des |
Fix conflicts.
|
#
89703 |
|
23-Jan-2002 |
ru |
Make libssh.so useable (undefined reference to IPv4or6).
Reviewed by: des, markm Approved by: markm
|
#
84043 |
|
27-Sep-2001 |
green |
Modify a "You don't exist" message, pretty rude for transient YP failures.
|
#
82961 |
|
04-Sep-2001 |
assar |
fix renamed options in some of the code that was #ifdef AFS also print an error if krb5 ticket passing is disabled
Submitted by: Jonathan Chen <jon@spock.org>
|
#
76262 |
|
04-May-2001 |
green |
Fix conflicts for OpenSSH 2.9.
|
#
76226 |
|
02-May-2001 |
green |
Backout completely canonical lookup modifications.
|
#
69591 |
|
05-Dec-2000 |
green |
Update to OpenSSH 2.3.0 with FreeBSD modifications. OpenSSH 2.3.0 new features description elided in favor of checking out their website.
Important new FreeBSD-version stuff: PAM support has been worked in, partially from the "Unix" OpenSSH version, and a lot due to the work of Eivind Eklend, too.
This requires at least the following in pam.conf:
sshd auth sufficient pam_skey.so sshd auth required pam_unix.so try_first_pass sshd session required pam_permit.so
Parts by: Eivind Eklend <eivind@FreeBSD.org>
|
#
69584 |
|
04-Dec-2000 |
brian |
Remove duplicate line
Not responded to by: kris, then green
|
#
65674 |
|
10-Sep-2000 |
kris |
Resolve conflicts and update for OpenSSH 2.2.0
Reviewed by: gshapiro, peter, green
|
#
63249 |
|
16-Jul-2000 |
peter |
Forced commit. This is to try and help folks that used the international crypto repo and have slightly different files but with the same version. cvsup in 'checkout mode' has no trouble with this, but cvs can get really silly about it.
|
#
62179 |
|
27-Jun-2000 |
green |
So /this/ is what has made OpenSSH's SSHv2 support never work right! In some cases, limits did not get set to the proper class, but instead always to "default", because not all passwd copies were done to completion.
|
#
61203 |
|
03-Jun-2000 |
kris |
Bring vendor patches onto the main branch, and resolve conflicts.
|
#
60576 |
|
15-May-2000 |
kris |
Resolve conflicts and update for FreeBSD.
|
#
58585 |
|
26-Mar-2000 |
kris |
Resolve conflicts.
|
#
57708 |
|
03-Mar-2000 |
green |
Turn off X11 forwarding in the client. X11 forwarding in the server by default should probably also get turned on, now.
Requested by: kris Obtained from: OpenBSD
|
#
57565 |
|
28-Feb-2000 |
markm |
1) Add kerberos5 functionality. by Daniel Kouril <kouril@informatics.muni.cz> 2) Add full LOGIN_CAP capability by Andrey Chernov
|
#
57432 |
|
24-Feb-2000 |
markm |
Add the patches fom ports (QV: ports/security/openssh/patches/patch-*)
|
#
57430 |
|
24-Feb-2000 |
markm |
This commit was generated by cvs2svn to compensate for changes in r57429, which included commits to RCS files with non-trunk default branches.
|
#
57429 |
|
24-Feb-2000 |
markm |
Vendor import of OpenSSH.
|