#
1.42 |
|
20-Dec-2023 |
christos |
Merge conflicts between 9.5 and 9.6
|
#
1.41 |
|
25-Oct-2023 |
christos |
Merge conflicts between 9.3 and 9.5
|
#
1.40 |
|
07-Aug-2023 |
rin |
openssh: channel_new(): Appease GCC12 -Wmaybe-uninitialized for some archs
IIUC, ``found'' is always initialized. Seems like GCC bug.
|
#
1.39 |
|
26-Jul-2023 |
christos |
Merge changes between OpenSSH-9.1 and OpenSSH-9.3
|
Revision tags: netbsd-10-base
|
#
1.38 |
|
05-Oct-2022 |
christos |
branches: 1.38.2; merge conflicts between 9.0 and 9.1
|
#
1.37 |
|
27-Aug-2022 |
mlelstv |
Adopt TCP window handling from current HPN patch at
https://github.com/rapier1/openssh-portable
|
#
1.36 |
|
15-Apr-2022 |
christos |
merge conflicts between OpenSSH-8.9 and OpenSSH-9.0
|
#
1.35 |
|
23-Feb-2022 |
christos |
Merge differences between openssh-8.8 and openssh-8.9
|
#
1.34 |
|
24-Dec-2021 |
christos |
put back the tcpwinsz initialization code.
|
#
1.33 |
|
24-Dec-2021 |
christos |
PR/56569: Mike Small: Remove unused code.
|
#
1.32 |
|
27-Sep-2021 |
christos |
Merge conflicts between OpenSSH 8.7 and 8.8
|
#
1.31 |
|
02-Sep-2021 |
christos |
Merge our changes from OpenSSH-8.6 to OpenSSH-8.7
|
Revision tags: cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base
|
#
1.30 |
|
19-Apr-2021 |
christos |
Merge local changes between 8.5 and 8.6
|
#
1.29 |
|
05-Mar-2021 |
christos |
merge local changes between openssh 8.4 and 8.5
|
#
1.28 |
|
04-Dec-2020 |
christos |
Merge conflicts
|
#
1.27 |
|
28-May-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406
|
#
1.26 |
|
27-Feb-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20191119
|
#
1.25 |
|
12-Oct-2019 |
christos |
merge openssh-8.1
|
Revision tags: netbsd-9-3-RELEASE netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
branches: 1.21.2; merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.41 |
|
25-Oct-2023 |
christos |
Merge conflicts between 9.3 and 9.5
|
#
1.40 |
|
07-Aug-2023 |
rin |
openssh: channel_new(): Appease GCC12 -Wmaybe-uninitialized for some archs
IIUC, ``found'' is always initialized. Seems like GCC bug.
|
#
1.39 |
|
26-Jul-2023 |
christos |
Merge changes between OpenSSH-9.1 and OpenSSH-9.3
|
Revision tags: netbsd-10-base
|
#
1.38 |
|
05-Oct-2022 |
christos |
branches: 1.38.2; merge conflicts between 9.0 and 9.1
|
#
1.37 |
|
27-Aug-2022 |
mlelstv |
Adopt TCP window handling from current HPN patch at
https://github.com/rapier1/openssh-portable
|
#
1.36 |
|
15-Apr-2022 |
christos |
merge conflicts between OpenSSH-8.9 and OpenSSH-9.0
|
#
1.35 |
|
23-Feb-2022 |
christos |
Merge differences between openssh-8.8 and openssh-8.9
|
#
1.34 |
|
24-Dec-2021 |
christos |
put back the tcpwinsz initialization code.
|
#
1.33 |
|
24-Dec-2021 |
christos |
PR/56569: Mike Small: Remove unused code.
|
#
1.32 |
|
27-Sep-2021 |
christos |
Merge conflicts between OpenSSH 8.7 and 8.8
|
#
1.31 |
|
02-Sep-2021 |
christos |
Merge our changes from OpenSSH-8.6 to OpenSSH-8.7
|
Revision tags: cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base
|
#
1.30 |
|
19-Apr-2021 |
christos |
Merge local changes between 8.5 and 8.6
|
#
1.29 |
|
05-Mar-2021 |
christos |
merge local changes between openssh 8.4 and 8.5
|
#
1.28 |
|
04-Dec-2020 |
christos |
Merge conflicts
|
#
1.27 |
|
28-May-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406
|
#
1.26 |
|
27-Feb-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20191119
|
#
1.25 |
|
12-Oct-2019 |
christos |
merge openssh-8.1
|
Revision tags: netbsd-9-3-RELEASE netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
branches: 1.21.2; merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.40 |
|
07-Aug-2023 |
rin |
openssh: channel_new(): Appease GCC12 -Wmaybe-uninitialized for some archs
IIUC, ``found'' is always initialized. Seems like GCC bug.
|
#
1.39 |
|
26-Jul-2023 |
christos |
Merge changes between OpenSSH-9.1 and OpenSSH-9.3
|
Revision tags: netbsd-10-base
|
#
1.38 |
|
05-Oct-2022 |
christos |
merge conflicts between 9.0 and 9.1
|
#
1.37 |
|
27-Aug-2022 |
mlelstv |
Adopt TCP window handling from current HPN patch at
https://github.com/rapier1/openssh-portable
|
#
1.36 |
|
15-Apr-2022 |
christos |
merge conflicts between OpenSSH-8.9 and OpenSSH-9.0
|
#
1.35 |
|
23-Feb-2022 |
christos |
Merge differences between openssh-8.8 and openssh-8.9
|
#
1.34 |
|
24-Dec-2021 |
christos |
put back the tcpwinsz initialization code.
|
#
1.33 |
|
24-Dec-2021 |
christos |
PR/56569: Mike Small: Remove unused code.
|
#
1.32 |
|
27-Sep-2021 |
christos |
Merge conflicts between OpenSSH 8.7 and 8.8
|
#
1.31 |
|
02-Sep-2021 |
christos |
Merge our changes from OpenSSH-8.6 to OpenSSH-8.7
|
Revision tags: cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base
|
#
1.30 |
|
19-Apr-2021 |
christos |
Merge local changes between 8.5 and 8.6
|
#
1.29 |
|
05-Mar-2021 |
christos |
merge local changes between openssh 8.4 and 8.5
|
#
1.28 |
|
04-Dec-2020 |
christos |
Merge conflicts
|
#
1.27 |
|
28-May-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406
|
#
1.26 |
|
27-Feb-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20191119
|
#
1.25 |
|
12-Oct-2019 |
christos |
merge openssh-8.1
|
Revision tags: netbsd-9-3-RELEASE netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
branches: 1.21.2; merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.39 |
|
26-Jul-2023 |
christos |
Merge changes between OpenSSH-9.1 and OpenSSH-9.3
|
Revision tags: netbsd-10-base
|
#
1.38 |
|
05-Oct-2022 |
christos |
merge conflicts between 9.0 and 9.1
|
#
1.37 |
|
27-Aug-2022 |
mlelstv |
Adopt TCP window handling from current HPN patch at
https://github.com/rapier1/openssh-portable
|
#
1.36 |
|
15-Apr-2022 |
christos |
merge conflicts between OpenSSH-8.9 and OpenSSH-9.0
|
#
1.35 |
|
23-Feb-2022 |
christos |
Merge differences between openssh-8.8 and openssh-8.9
|
#
1.34 |
|
24-Dec-2021 |
christos |
put back the tcpwinsz initialization code.
|
#
1.33 |
|
24-Dec-2021 |
christos |
PR/56569: Mike Small: Remove unused code.
|
#
1.32 |
|
27-Sep-2021 |
christos |
Merge conflicts between OpenSSH 8.7 and 8.8
|
#
1.31 |
|
02-Sep-2021 |
christos |
Merge our changes from OpenSSH-8.6 to OpenSSH-8.7
|
Revision tags: cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base
|
#
1.30 |
|
19-Apr-2021 |
christos |
Merge local changes between 8.5 and 8.6
|
#
1.29 |
|
05-Mar-2021 |
christos |
merge local changes between openssh 8.4 and 8.5
|
#
1.28 |
|
04-Dec-2020 |
christos |
Merge conflicts
|
#
1.27 |
|
28-May-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406
|
#
1.26 |
|
27-Feb-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20191119
|
#
1.25 |
|
12-Oct-2019 |
christos |
merge openssh-8.1
|
Revision tags: netbsd-9-3-RELEASE netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
branches: 1.21.2; merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.38 |
|
05-Oct-2022 |
christos |
merge conflicts between 9.0 and 9.1
|
#
1.37 |
|
27-Aug-2022 |
mlelstv |
Adopt TCP window handling from current HPN patch at
https://github.com/rapier1/openssh-portable
|
#
1.36 |
|
15-Apr-2022 |
christos |
merge conflicts between OpenSSH-8.9 and OpenSSH-9.0
|
#
1.35 |
|
23-Feb-2022 |
christos |
Merge differences between openssh-8.8 and openssh-8.9
|
#
1.34 |
|
24-Dec-2021 |
christos |
put back the tcpwinsz initialization code.
|
#
1.33 |
|
24-Dec-2021 |
christos |
PR/56569: Mike Small: Remove unused code.
|
#
1.32 |
|
27-Sep-2021 |
christos |
Merge conflicts between OpenSSH 8.7 and 8.8
|
#
1.31 |
|
02-Sep-2021 |
christos |
Merge our changes from OpenSSH-8.6 to OpenSSH-8.7
|
Revision tags: cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base
|
#
1.30 |
|
19-Apr-2021 |
christos |
Merge local changes between 8.5 and 8.6
|
#
1.29 |
|
05-Mar-2021 |
christos |
merge local changes between openssh 8.4 and 8.5
|
#
1.28 |
|
04-Dec-2020 |
christos |
Merge conflicts
|
#
1.27 |
|
28-May-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406
|
#
1.26 |
|
27-Feb-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20191119
|
#
1.25 |
|
12-Oct-2019 |
christos |
merge openssh-8.1
|
Revision tags: netbsd-9-3-RELEASE netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
branches: 1.21.2; merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.37 |
|
27-Aug-2022 |
mlelstv |
Adopt TCP window handling from current HPN patch at
https://github.com/rapier1/openssh-portable
|
#
1.36 |
|
15-Apr-2022 |
christos |
merge conflicts between OpenSSH-8.9 and OpenSSH-9.0
|
#
1.35 |
|
23-Feb-2022 |
christos |
Merge differences between openssh-8.8 and openssh-8.9
|
#
1.34 |
|
24-Dec-2021 |
christos |
put back the tcpwinsz initialization code.
|
#
1.33 |
|
24-Dec-2021 |
christos |
PR/56569: Mike Small: Remove unused code.
|
#
1.32 |
|
27-Sep-2021 |
christos |
Merge conflicts between OpenSSH 8.7 and 8.8
|
#
1.31 |
|
02-Sep-2021 |
christos |
Merge our changes from OpenSSH-8.6 to OpenSSH-8.7
|
Revision tags: cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base
|
#
1.30 |
|
19-Apr-2021 |
christos |
Merge local changes between 8.5 and 8.6
|
#
1.29 |
|
05-Mar-2021 |
christos |
merge local changes between openssh 8.4 and 8.5
|
#
1.28 |
|
04-Dec-2020 |
christos |
Merge conflicts
|
#
1.27 |
|
28-May-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406
|
#
1.26 |
|
27-Feb-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20191119
|
#
1.25 |
|
12-Oct-2019 |
christos |
merge openssh-8.1
|
Revision tags: netbsd-9-3-RELEASE netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
branches: 1.21.2; merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.36 |
|
15-Apr-2022 |
christos |
merge conflicts between OpenSSH-8.9 and OpenSSH-9.0
|
#
1.35 |
|
23-Feb-2022 |
christos |
Merge differences between openssh-8.8 and openssh-8.9
|
#
1.34 |
|
24-Dec-2021 |
christos |
put back the tcpwinsz initialization code.
|
#
1.33 |
|
24-Dec-2021 |
christos |
PR/56569: Mike Small: Remove unused code.
|
#
1.32 |
|
27-Sep-2021 |
christos |
Merge conflicts between OpenSSH 8.7 and 8.8
|
#
1.31 |
|
02-Sep-2021 |
christos |
Merge our changes from OpenSSH-8.6 to OpenSSH-8.7
|
Revision tags: cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base
|
#
1.30 |
|
19-Apr-2021 |
christos |
Merge local changes between 8.5 and 8.6
|
#
1.29 |
|
05-Mar-2021 |
christos |
merge local changes between openssh 8.4 and 8.5
|
#
1.28 |
|
04-Dec-2020 |
christos |
Merge conflicts
|
#
1.27 |
|
28-May-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406
|
#
1.26 |
|
27-Feb-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20191119
|
#
1.25 |
|
12-Oct-2019 |
christos |
merge openssh-8.1
|
Revision tags: netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
branches: 1.21.2; merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.35 |
|
23-Feb-2022 |
christos |
Merge differences between openssh-8.8 and openssh-8.9
|
#
1.34 |
|
24-Dec-2021 |
christos |
put back the tcpwinsz initialization code.
|
#
1.33 |
|
24-Dec-2021 |
christos |
PR/56569: Mike Small: Remove unused code.
|
#
1.32 |
|
27-Sep-2021 |
christos |
Merge conflicts between OpenSSH 8.7 and 8.8
|
#
1.31 |
|
02-Sep-2021 |
christos |
Merge our changes from OpenSSH-8.6 to OpenSSH-8.7
|
Revision tags: cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base
|
#
1.30 |
|
19-Apr-2021 |
christos |
Merge local changes between 8.5 and 8.6
|
#
1.29 |
|
05-Mar-2021 |
christos |
merge local changes between openssh 8.4 and 8.5
|
#
1.28 |
|
04-Dec-2020 |
christos |
Merge conflicts
|
#
1.27 |
|
28-May-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406
|
#
1.26 |
|
27-Feb-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20191119
|
#
1.25 |
|
12-Oct-2019 |
christos |
merge openssh-8.1
|
Revision tags: netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
branches: 1.21.2; merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.34 |
|
24-Dec-2021 |
christos |
put back the tcpwinsz initialization code.
|
#
1.33 |
|
24-Dec-2021 |
christos |
PR/56569: Mike Small: Remove unused code.
|
#
1.32 |
|
27-Sep-2021 |
christos |
Merge conflicts between OpenSSH 8.7 and 8.8
|
#
1.31 |
|
02-Sep-2021 |
christos |
Merge our changes from OpenSSH-8.6 to OpenSSH-8.7
|
Revision tags: cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base
|
#
1.30 |
|
19-Apr-2021 |
christos |
Merge local changes between 8.5 and 8.6
|
#
1.29 |
|
05-Mar-2021 |
christos |
merge local changes between openssh 8.4 and 8.5
|
#
1.28 |
|
04-Dec-2020 |
christos |
Merge conflicts
|
#
1.27 |
|
28-May-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406
|
#
1.26 |
|
27-Feb-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20191119
|
#
1.25 |
|
12-Oct-2019 |
christos |
merge openssh-8.1
|
Revision tags: netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
branches: 1.21.2; merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.32 |
|
27-Sep-2021 |
christos |
Merge conflicts between OpenSSH 8.7 and 8.8
|
#
1.31 |
|
02-Sep-2021 |
christos |
Merge our changes from OpenSSH-8.6 to OpenSSH-8.7
|
Revision tags: cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base
|
#
1.30 |
|
19-Apr-2021 |
christos |
Merge local changes between 8.5 and 8.6
|
#
1.29 |
|
05-Mar-2021 |
christos |
merge local changes between openssh 8.4 and 8.5
|
#
1.28 |
|
04-Dec-2020 |
christos |
Merge conflicts
|
#
1.27 |
|
28-May-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406
|
#
1.26 |
|
27-Feb-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20191119
|
#
1.25 |
|
12-Oct-2019 |
christos |
merge openssh-8.1
|
Revision tags: netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
branches: 1.21.2; merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.31 |
|
02-Sep-2021 |
christos |
Merge our changes from OpenSSH-8.6 to OpenSSH-8.7
|
Revision tags: cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base
|
#
1.30 |
|
19-Apr-2021 |
christos |
Merge local changes between 8.5 and 8.6
|
#
1.29 |
|
05-Mar-2021 |
christos |
merge local changes between openssh 8.4 and 8.5
|
#
1.28 |
|
04-Dec-2020 |
christos |
Merge conflicts
|
#
1.27 |
|
28-May-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406
|
#
1.26 |
|
27-Feb-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20191119
|
#
1.25 |
|
12-Oct-2019 |
christos |
merge openssh-8.1
|
Revision tags: netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
branches: 1.21.2; merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.30 |
|
19-Apr-2021 |
christos |
Merge local changes between 8.5 and 8.6
|
#
1.29 |
|
05-Mar-2021 |
christos |
merge local changes between openssh 8.4 and 8.5
|
#
1.28 |
|
04-Dec-2020 |
christos |
Merge conflicts
|
#
1.27 |
|
28-May-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406
|
#
1.26 |
|
27-Feb-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20191119
|
#
1.25 |
|
12-Oct-2019 |
christos |
merge openssh-8.1
|
Revision tags: netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
branches: 1.21.2; merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.29 |
|
05-Mar-2021 |
christos |
merge local changes between openssh 8.4 and 8.5
|
#
1.28 |
|
04-Dec-2020 |
christos |
Merge conflicts
|
#
1.27 |
|
28-May-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406
|
#
1.26 |
|
27-Feb-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20191119
|
#
1.25 |
|
12-Oct-2019 |
christos |
merge openssh-8.1
|
Revision tags: netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
branches: 1.21.2; merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.28 |
|
04-Dec-2020 |
christos |
Merge conflicts
|
#
1.27 |
|
28-May-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406
|
#
1.26 |
|
27-Feb-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20191119
|
#
1.25 |
|
12-Oct-2019 |
christos |
merge openssh-8.1
|
Revision tags: netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
branches: 1.21.2; merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.27 |
|
28-May-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20200421 phil-wifi-20200411 is-mlppp-base phil-wifi-20200406
|
#
1.26 |
|
27-Feb-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20191119
|
#
1.25 |
|
12-Oct-2019 |
christos |
merge openssh-8.1
|
Revision tags: netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
branches: 1.21.2; merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.26 |
|
27-Feb-2020 |
christos |
Merge conflicts
|
Revision tags: phil-wifi-20191119
|
#
1.25 |
|
12-Oct-2019 |
christos |
merge openssh-8.1
|
Revision tags: netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base phil-wifi-20190609
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
branches: 1.21.2; merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.25 |
|
12-Oct-2019 |
christos |
merge openssh-8.1
|
Revision tags: netbsd-9-base phil-wifi-20190609
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
branches: 1.21.2; merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.24 |
|
20-Apr-2019 |
christos |
merge conflicts.
|
#
1.23 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906
|
#
1.22 |
|
26-Aug-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625 pgoyette-compat-0521 pgoyette-compat-0502 pgoyette-compat-0422 pgoyette-compat-0415 pgoyette-compat-0407
|
#
1.21 |
|
06-Apr-2018 |
christos |
merge conflicts
|
Revision tags: pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.20 |
|
09-Oct-2017 |
christos |
branches: 1.20.2; PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: matt-nb8-mediatek-base perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
branches: 1.18.4; merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.20 |
|
09-Oct-2017 |
christos |
PR/52604: Tatoku Ogaito: Fix x11 session forwarding.
|
#
1.19 |
|
07-Oct-2017 |
christos |
merge conflicts.
|
Revision tags: perseant-stdc-iso10646-base netbsd-8-base prg-localcount2-base3 prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; 1.7.4; 1.7.8; 1.7.10; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
Revision tags: prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.18 |
|
18-Apr-2017 |
christos |
merge conflicts
|
Revision tags: pgoyette-localcount-20170320 bouyer-socketcan-base pgoyette-localcount-20170107
|
#
1.17 |
|
25-Dec-2016 |
christos |
branches: 1.17.2; merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.17 |
|
25-Dec-2016 |
christos |
merge conflicts
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
11-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
03-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
02-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; merge openssh-5.9
|
#
1.6 |
|
25-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
27-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
Revision tags: pgoyette-localcount-20161104 localcount-20160914 pgoyette-localcount-20160806
|
#
1.16 |
|
02-Aug-2016 |
christos |
merge conflicts.
|
Revision tags: pgoyette-localcount-20160726 pgoyette-localcount-base
|
#
1.15 |
|
10-Mar-2016 |
christos |
branches: 1.15.2; merge conflicts
|
#
1.14 |
|
02-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
19-Oct-2014 |
christos |
merge openssh-6.7
|
Revision tags: netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 tls-maxphys-base
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.10 |
|
29-Mar-2013 |
christos |
welcome to openssh-6.2
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7
|
#
1.9 |
|
12-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
Revision tags: yamt-pagecache-base6 yamt-pagecache-base5
|
#
1.8 |
|
01-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 yamt-pagecache-base4 netbsd-6-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; merge openssh-5.9
|
#
1.6 |
|
24-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
Revision tags: cherry-xenmp-base bouyer-quota2-nbase bouyer-quota2-base matt-mips64-premerge-20101231
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
26-Dec-2009 |
christos |
merge changes.
|
Revision tags: matt-premerge-20091211
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.14 |
|
02-Jul-2015 |
christos |
merge conflicts
|
#
1.13 |
|
03-Apr-2015 |
christos |
Merge conflicts
|
#
1.12 |
|
18-Oct-2014 |
christos |
merge openssh-6.7
|
#
1.11 |
|
08-Nov-2013 |
christos |
branches: 1.11.4; merge conflicts.
|
#
1.10 |
|
28-Mar-2013 |
christos |
welcome to openssh-6.2
|
#
1.9 |
|
11-Dec-2012 |
christos |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap.
|
#
1.8 |
|
01-May-2012 |
christos |
branches: 1.8.2; merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening * ssh-add(1): new -k option to load plain keys (skipping certificates) * sshd(8): Add wildcard support to PermitOpen, allowing things like "PermitOpen localhost:*". bz #1857 * ssh(1): support for cancelling local and remote port forwards via the multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host" to request the cancellation of the specified forwardings * support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before using it to extract xauth data so that it can't be used to play local shell metacharacter games. * ssh(1): unbreak remote portforwarding with dynamic allocated listen ports * scp(1): uppress adding '--' to remote commandlines when the first argument does not start with '-'. saves breakage on some difficult-to-upgrade embedded/router platforms * ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class * ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during rekeying * ssh(1): skip attempting to create ~/.ssh when -F is passed * sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943 * sshd(1): send tty break to pty master instead of (probably already closed) slave side; bz#1859 * sftp(1): silence error spam for "ls */foo" in directory with files; bz#1683 * Fixed a number of memory and file descriptor leaks
|
#
1.7 |
|
07-Sep-2011 |
christos |
branches: 1.7.2; merge openssh-5.9
|
#
1.6 |
|
24-Jul-2011 |
christos |
- Merge conflicts - WARNS=5
|
#
1.5 |
|
21-Nov-2010 |
adam |
Merge in our changes: - Updated OpenSSH-HPN to hpn13v10 - Added OpenSSH-LPK patches to retrive pubkey from LDAP - Replaced arc4random_buf() (which is not available on NetBSD) with arc4random - Disabled roaming reconnect (otherwise: problem with undef symbols in libssh)
|
#
1.4 |
|
21-Nov-2010 |
adam |
Resolve conflicts
|
#
1.3 |
|
26-Dec-2009 |
christos |
merge changes.
|
#
1.2 |
|
07-Jun-2009 |
christos |
Merge in our changes: - conditionalize login_cap - conditionalize bsd_auth - bring in pam from portable - restore krb5, krb4, afs, skey - bring in hpn patches, disable mt aes cipher, keep speedups and cipher none - add ignore root rhosts option - fix ctype macro arguments - umac is broken, disable it - better ~homedir handling - netbsd style tunnels - urandom, xhome, chrootdir, rescuedir NetBSD handling - utmp/utmpx handling - handle tty posix_vdisable properly - handle setuid and unsetuid the posix way instead of setresuid() - add all missing functions - add new moduli - add build glue
|
#
1.1 |
|
07-Jun-2009 |
christos |
branches: 1.1.1; Initial revision
|
#
1.1.1.12 |
|
02-Jul-2015 |
christos |
Changes since OpenSSH 6.8
|
#
1.1.1.11 |
|
03-Apr-2015 |
christos |
Changes since OpenSSH 6.7
|
#
1.1.1.10 |
|
18-Oct-2014 |
christos |
Changes since OpenSSH 6.6
|
#
1.1.1.9 |
|
07-Nov-2013 |
christos |
Import new openssh to address
Changes since OpenSSH 6.3
|
#
1.1.1.8 |
|
29-Mar-2013 |
christos |
from openbsd
|
#
1.1.1.7 |
|
12-Dec-2012 |
christos |
From ftp.openbsd.org
|
#
1.1.1.6 |
|
01-May-2012 |
christos |
from ftp.openbsd.org
|
#
1.1.1.5 |
|
06-Sep-2011 |
christos |
new openssh: See http://www.openssh.com/txt/release-5.9
|
#
1.1.1.4 |
|
24-Jul-2011 |
christos |
from ftp.openbsd.org
|
#
1.1.1.3 |
|
20-Nov-2010 |
adam |
Imported openssh-5.6
|
#
1.1.1.2 |
|
26-Dec-2009 |
christos |
import openssh 5.3
|
#
1.1.1.1 |
|
07-Jun-2009 |
christos |
import 5.2 from ftp.openbsd.org
|
#
1.7.2.3 |
|
22-May-2014 |
yamt |
sync with head.
for a reference, the tree before this commit was tagged as yamt-pagecache-tag8.
this commit was splitted into small chunks to avoid a limitation of cvs. ("Protocol error: too many arguments")
|
#
1.7.2.2 |
|
15-Jan-2013 |
yamt |
sync with (a bit old) head
|
#
1.7.2.1 |
|
23-May-2012 |
yamt |
sync with head.
|
#
1.8.2.3 |
|
19-Aug-2014 |
tls |
Rebase to HEAD as of a few days ago.
|
#
1.8.2.2 |
|
23-Jun-2013 |
tls |
resync from head
|
#
1.8.2.1 |
|
24-Feb-2013 |
tls |
resync with head
|
#
1.11.4.1 |
|
30-Apr-2015 |
riz |
Pull up blacklistd(8), requested by christos in ticket #711: crypto/external/bsd/openssh/dist/moduli-gen/Makefile up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli-gen.sh up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli.1024 up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli.1536 up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli.2048 up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli.3072 up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli.4096 up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli.6144 up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli.7680 up to 1.1.1.1 crypto/external/bsd/openssh/dist/moduli-gen/moduli.8192 up to 1.1.1.1 crypto/external/bsd/openssh/dist/bcrypt_pbkdf.c up to 1.2 crypto/external/bsd/openssh/dist/kexc25519.c up to 1.3 crypto/external/bsd/openssh/dist/smult_curve25519_ref.c up to 1.3 crypto/external/bsd/openssh/dist/bitmap.c up to 1.2 plus patch crypto/external/bsd/openssh/dist/PROTOCOL.chacha20poly1305 up to 1.1.1.1 crypto/external/bsd/openssh/dist/PROTOCOL.key up to 1.1.1.1 crypto/external/bsd/openssh/dist/blf.h up to 1.1 crypto/external/bsd/openssh/dist/blocks.c up to 1.3 crypto/external/bsd/openssh/dist/blowfish.c up to 1.2 crypto/external/bsd/openssh/dist/chacha.c up to 1.3 crypto/external/bsd/openssh/dist/chacha.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/cipher-aesctr.c up to 1.1.1.2 crypto/external/bsd/openssh/dist/cipher-aesctr.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/cipher-chachapoly.c up to 1.3 crypto/external/bsd/openssh/dist/cipher-chachapoly.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/crypto_api.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/digest-libc.c up to 1.3 crypto/external/bsd/openssh/dist/digest-openssl.c up to 1.3 crypto/external/bsd/openssh/dist/digest.h up to 1.1.1.2 crypto/external/bsd/openssh/dist/ed25519.c up to 1.3 crypto/external/bsd/openssh/dist/fe25519.c up to 1.3 crypto/external/bsd/openssh/dist/fe25519.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/ge25519.c up to 1.3 crypto/external/bsd/openssh/dist/ge25519.h up to 1.1.1.2 crypto/external/bsd/openssh/dist/ge25519_base.data up to 1.1.1.1 crypto/external/bsd/openssh/dist/hash.c up to 1.3 crypto/external/bsd/openssh/dist/hmac.c up to 1.3 crypto/external/bsd/openssh/dist/hmac.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/kexc25519c.c up to 1.3 crypto/external/bsd/openssh/dist/kexc25519s.c up to 1.3 crypto/external/bsd/openssh/dist/poly1305.c up to 1.3 crypto/external/bsd/openssh/dist/poly1305.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/rijndael.c up to 1.1.1.2 crypto/external/bsd/openssh/dist/rijndael.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/sc25519.c up to 1.3 crypto/external/bsd/openssh/dist/sc25519.h up to 1.1.1.1 crypto/external/bsd/openssh/dist/ssh-ed25519.c up to 1.3 crypto/external/bsd/openssh/dist/sshbuf-getput-basic.c up to 1.3 crypto/external/bsd/openssh/dist/sshbuf-getput-crypto.c up to 1.3 crypto/external/bsd/openssh/dist/sshbuf-misc.c up to 1.3 crypto/external/bsd/openssh/dist/sshbuf.c up to 1.3 crypto/external/bsd/openssh/dist/sshbuf.h up to 1.4 crypto/external/bsd/openssh/dist/ssherr.c up to 1.3 crypto/external/bsd/openssh/dist/ssherr.h up to 1.1.1.2 crypto/external/bsd/openssh/dist/sshkey.c up to 1.3 crypto/external/bsd/openssh/dist/sshkey.h up to 1.1.1.2 crypto/external/bsd/openssh/dist/verify.c up to 1.3 crypto/external/bsd/openssh/dist/opacket.c up to 1.2 crypto/external/bsd/openssh/dist/umac128.c up to 1.1 crypto/external/bsd/openssh/dist/pfilter.c up to 1.2 crypto/external/bsd/openssh/dist/pfilter.h up to 1.1 crypto/external/bsd/openssh/dist/bitmap.h up to 1.2 crypto/external/bsd/openssh/dist/opacket.h up to 1.2 crypto/external/bsd/openssh/dist/ssh_api.c up to 1.2 crypto/external/bsd/openssh/dist/ssh_api.h up to 1.2 crypto/external/bsd/openssh/dist/auth2-jpake.c delete crypto/external/bsd/openssh/dist/compress.c delete crypto/external/bsd/openssh/dist/compress.h delete crypto/external/bsd/openssh/dist/jpake.c delete crypto/external/bsd/openssh/dist/jpake.h delete crypto/external/bsd/openssh/dist/schnorr.c delete crypto/external/bsd/openssh/dist/schnorr.h delete crypto/external/bsd/openssh/dist/strtonum.c 1.1 crypto/external/bsd/openssh/Makefile.inc up to 1.8 crypto/external/bsd/openssh/bin/Makefile.inc up to 1.3 crypto/external/bsd/openssh/bin/ssh-keyscan/Makefile up to 1.2 crypto/external/bsd/openssh/bin/sshd/Makefile up to 1.12 crypto/external/bsd/openssh/dist/PROTOCOL up to 1.5 crypto/external/bsd/openssh/dist/PROTOCOL.krl up to 1.1.1.2 crypto/external/bsd/openssh/dist/addrmatch.c up to 1.8 crypto/external/bsd/openssh/dist/atomicio.c up to 1.6 crypto/external/bsd/openssh/dist/auth-bsdauth.c up to 1.4 crypto/external/bsd/openssh/dist/auth-chall.c up to 1.6 crypto/external/bsd/openssh/dist/auth-krb5.c up to 1.7 crypto/external/bsd/openssh/dist/auth-options.c up to 1.9 crypto/external/bsd/openssh/dist/auth-options.h up to 1.6 crypto/external/bsd/openssh/dist/auth-passwd.c up to 1.4 crypto/external/bsd/openssh/dist/auth-rh-rsa.c up to 1.6 crypto/external/bsd/openssh/dist/auth-rhosts.c up to 1.5 crypto/external/bsd/openssh/dist/auth-rsa.c up to 1.10 crypto/external/bsd/openssh/dist/auth.c up to 1.12 crypto/external/bsd/openssh/dist/auth.h up to 1.10 crypto/external/bsd/openssh/dist/auth1.c up to 1.11 crypto/external/bsd/openssh/dist/auth2-chall.c up to 1.7 crypto/external/bsd/openssh/dist/auth2-gss.c up to 1.8 crypto/external/bsd/openssh/dist/auth2-hostbased.c up to 1.7 crypto/external/bsd/openssh/dist/auth2-kbdint.c up to 1.5 crypto/external/bsd/openssh/dist/auth2-krb5.c up to 1.4 crypto/external/bsd/openssh/dist/auth2-none.c up to 1.5 crypto/external/bsd/openssh/dist/auth2-passwd.c up to 1.5 crypto/external/bsd/openssh/dist/auth2-pubkey.c up to 1.11 crypto/external/bsd/openssh/dist/auth2.c up to 1.11 crypto/external/bsd/openssh/dist/authfd.c up to 1.8 crypto/external/bsd/openssh/dist/authfd.h up to 1.5 crypto/external/bsd/openssh/dist/authfile.c up to 1.10 crypto/external/bsd/openssh/dist/authfile.h up to 1.6 crypto/external/bsd/openssh/dist/bufaux.c up to 1.7 crypto/external/bsd/openssh/dist/bufbn.c up to 1.5 crypto/external/bsd/openssh/dist/bufec.c up to 1.5 crypto/external/bsd/openssh/dist/buffer.c up to 1.6 crypto/external/bsd/openssh/dist/buffer.h up to 1.7 crypto/external/bsd/openssh/dist/canohost.c up to 1.8 crypto/external/bsd/openssh/dist/channels.c up to 1.13 crypto/external/bsd/openssh/dist/channels.h up to 1.10 crypto/external/bsd/openssh/dist/cipher-3des1.c up to 1.7 crypto/external/bsd/openssh/dist/cipher-bf1.c up to 1.6 crypto/external/bsd/openssh/dist/cipher.c up to 1.7 crypto/external/bsd/openssh/dist/cipher.h up to 1.7 crypto/external/bsd/openssh/dist/clientloop.c up to 1.13 crypto/external/bsd/openssh/dist/compat.c up to 1.9 crypto/external/bsd/openssh/dist/compat.h up to 1.6 crypto/external/bsd/openssh/dist/deattack.c up to 1.4 crypto/external/bsd/openssh/dist/deattack.h up to 1.4 crypto/external/bsd/openssh/dist/dh.c up to 1.8 crypto/external/bsd/openssh/dist/dh.h up to 1.4 crypto/external/bsd/openssh/dist/dispatch.c up to 1.5 crypto/external/bsd/openssh/dist/dispatch.h up to 1.4 crypto/external/bsd/openssh/dist/dns.c up to 1.11 crypto/external/bsd/openssh/dist/dns.h up to 1.6 crypto/external/bsd/openssh/dist/groupaccess.c up to 1.5 crypto/external/bsd/openssh/dist/gss-genr.c up to 1.7 crypto/external/bsd/openssh/dist/gss-serv-krb5.c up to 1.8 crypto/external/bsd/openssh/dist/gss-serv.c up to 1.7 crypto/external/bsd/openssh/dist/hostfile.c up to 1.7 crypto/external/bsd/openssh/dist/hostfile.h up to 1.7 crypto/external/bsd/openssh/dist/includes.h up to 1.4 crypto/external/bsd/openssh/dist/kex.c up to 1.10 crypto/external/bsd/openssh/dist/kex.h up to 1.9 crypto/external/bsd/openssh/dist/kexdh.c up to 1.4 crypto/external/bsd/openssh/dist/kexdhc.c up to 1.6 crypto/external/bsd/openssh/dist/kexdhs.c up to 1.8 crypto/external/bsd/openssh/dist/kexecdh.c up to 1.5 crypto/external/bsd/openssh/dist/kexecdhc.c up to 1.5 crypto/external/bsd/openssh/dist/kexecdhs.c up to 1.5 crypto/external/bsd/openssh/dist/kexgex.c up to 1.4 crypto/external/bsd/openssh/dist/kexgexc.c up to 1.6 crypto/external/bsd/openssh/dist/kexgexs.c up to 1.8 crypto/external/bsd/openssh/dist/key.c up to 1.16 crypto/external/bsd/openssh/dist/key.h up to 1.9 crypto/external/bsd/openssh/dist/krl.c up to 1.5 crypto/external/bsd/openssh/dist/krl.h up to 1.1.1.2 crypto/external/bsd/openssh/dist/mac.c up to 1.11 crypto/external/bsd/openssh/dist/mac.h up to 1.5 crypto/external/bsd/openssh/dist/match.c up to 1.5 crypto/external/bsd/openssh/dist/misc.c up to 1.10 crypto/external/bsd/openssh/dist/misc.h up to 1.9 plus patch crypto/external/bsd/openssh/dist/moduli.c up to 1.8 crypto/external/bsd/openssh/dist/monitor.c up to 1.14 crypto/external/bsd/openssh/dist/monitor.h up to 1.7 crypto/external/bsd/openssh/dist/monitor_fdpass.c up to 1.5 crypto/external/bsd/openssh/dist/monitor_mm.c up to 1.6 crypto/external/bsd/openssh/dist/monitor_mm.h up to 1.4 crypto/external/bsd/openssh/dist/monitor_wrap.c up to 1.11 crypto/external/bsd/openssh/dist/monitor_wrap.h up to 1.8 crypto/external/bsd/openssh/dist/msg.c up to 1.4 crypto/external/bsd/openssh/dist/msg.h up to 1.4 crypto/external/bsd/openssh/dist/mux.c up to 1.11 crypto/external/bsd/openssh/dist/myproposal.h up to 1.10 crypto/external/bsd/openssh/dist/namespace.h up to 1.5 crypto/external/bsd/openssh/dist/packet.c up to 1.18 crypto/external/bsd/openssh/dist/packet.h up to 1.11 crypto/external/bsd/openssh/dist/pathnames.h up to 1.9 crypto/external/bsd/openssh/dist/pkcs11.h up to 1.4 crypto/external/bsd/openssh/dist/progressmeter.c up to 1.7 crypto/external/bsd/openssh/dist/progressmeter.h up to 1.4 crypto/external/bsd/openssh/dist/reallocarray.c new crypto/external/bsd/openssh/dist/readconf.c up to 1.13 crypto/external/bsd/openssh/dist/readconf.h up to 1.12 crypto/external/bsd/openssh/dist/readpass.c up to 1.6 crypto/external/bsd/openssh/dist/roaming_client.c up to 1.7 crypto/external/bsd/openssh/dist/roaming_common.c up to 1.9 crypto/external/bsd/openssh/dist/roaming_dummy.c up to 1.4 crypto/external/bsd/openssh/dist/rsa.c up to 1.5 crypto/external/bsd/openssh/dist/rsa.h up to 1.4 crypto/external/bsd/openssh/dist/sandbox-systrace.c up to 1.1.1.5 crypto/external/bsd/openssh/dist/scp.1 up to 1.9 crypto/external/bsd/openssh/dist/scp.c up to 1.11 crypto/external/bsd/openssh/dist/servconf.c up to 1.17 crypto/external/bsd/openssh/dist/servconf.h up to 1.11 crypto/external/bsd/openssh/dist/serverloop.c up to 1.12 crypto/external/bsd/openssh/dist/session.c up to 1.14 crypto/external/bsd/openssh/dist/session.h up to 1.4 crypto/external/bsd/openssh/dist/sftp-client.c up to 1.13 crypto/external/bsd/openssh/dist/sftp-client.h up to 1.7 crypto/external/bsd/openssh/dist/sftp-common.c up to 1.7 crypto/external/bsd/openssh/dist/sftp-common.h up to 1.5 crypto/external/bsd/openssh/dist/sftp-glob.c up to 1.8 crypto/external/bsd/openssh/dist/sftp-server.8 up to 1.9 crypto/external/bsd/openssh/dist/sftp-server.c up to 1.11 crypto/external/bsd/openssh/dist/sftp.1 up to 1.11 crypto/external/bsd/openssh/dist/sftp.c up to 1.15 crypto/external/bsd/openssh/dist/ssh-add.1 up to 1.9 crypto/external/bsd/openssh/dist/ssh-add.c up to 1.10 crypto/external/bsd/openssh/dist/ssh-agent.1 up to 1.8 crypto/external/bsd/openssh/dist/ssh-agent.c up to 1.14 crypto/external/bsd/openssh/dist/ssh-dss.c up to 1.7 crypto/external/bsd/openssh/dist/ssh-ecdsa.c up to 1.6 crypto/external/bsd/openssh/dist/ssh-gss.h up to 1.5 crypto/external/bsd/openssh/dist/ssh-keygen.1 up to 1.13 crypto/external/bsd/openssh/dist/ssh-keygen.c up to 1.16 crypto/external/bsd/openssh/dist/ssh-keyscan.1 up to 1.10 crypto/external/bsd/openssh/dist/ssh-keyscan.c up to 1.13 crypto/external/bsd/openssh/dist/ssh-keysign.8 up to 1.9 crypto/external/bsd/openssh/dist/ssh-keysign.c up to 1.8 crypto/external/bsd/openssh/dist/ssh-pkcs11-client.c up to 1.6 crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c up to 1.8 crypto/external/bsd/openssh/dist/ssh-pkcs11.c up to 1.7 crypto/external/bsd/openssh/dist/ssh-pkcs11.h up to 1.4 crypto/external/bsd/openssh/dist/ssh-rsa.c up to 1.7 crypto/external/bsd/openssh/dist/ssh.1 up to 1.14 crypto/external/bsd/openssh/dist/ssh.c up to 1.16 crypto/external/bsd/openssh/dist/ssh2.h up to 1.6 crypto/external/bsd/openssh/dist/ssh_config up to 1.8 crypto/external/bsd/openssh/dist/ssh_config.5 up to 1.13 crypto/external/bsd/openssh/dist/sshconnect.c up to 1.11 crypto/external/bsd/openssh/dist/sshconnect.h up to 1.6 crypto/external/bsd/openssh/dist/sshconnect1.c up to 1.6 crypto/external/bsd/openssh/dist/sshconnect2.c up to 1.19 crypto/external/bsd/openssh/dist/sshd.8 up to 1.13 crypto/external/bsd/openssh/dist/sshd.c up to 1.18 crypto/external/bsd/openssh/dist/sshd_config up to 1.13 crypto/external/bsd/openssh/dist/sshd_config.5 up to 1.17 crypto/external/bsd/openssh/dist/sshlogin.c up to 1.6 crypto/external/bsd/openssh/dist/sshpty.c up to 1.4 crypto/external/bsd/openssh/dist/uidswap.c up to 1.4 crypto/external/bsd/openssh/dist/umac.c up to 1.9 crypto/external/bsd/openssh/dist/version.h up to 1.14 crypto/external/bsd/openssh/dist/xmalloc.c up to 1.5 crypto/external/bsd/openssh/lib/Makefile up to 1.17 plus patch crypto/external/bsd/openssh/lib/shlib_version up to 1.13 distrib/sets/lists/base/ad.aarch64 patch distrib/sets/lists/base/ad.arm patch distrib/sets/lists/base/ad.mips patch distrib/sets/lists/base/ad.powerpc patch distrib/sets/lists/base/md.amd64 patch distrib/sets/lists/base/md.sparc64 patch distrib/sets/lists/base/mi patch distrib/sets/lists/base/shl.mi patch distrib/sets/lists/comp/ad.aarch64 patch distrib/sets/lists/comp/ad.arm patch distrib/sets/lists/comp/ad.mips patch distrib/sets/lists/comp/ad.powerpc patch distrib/sets/lists/comp/md.amd64 patch distrib/sets/lists/comp/md.sparc64 patch distrib/sets/lists/comp/mi patch distrib/sets/lists/comp/shl.mi patch distrib/sets/lists/debug/ad.aarch64 patch distrib/sets/lists/debug/ad.arm patch distrib/sets/lists/debug/ad.mips patch distrib/sets/lists/debug/ad.powerpc patch distrib/sets/lists/debug/md.amd64 patch distrib/sets/lists/debug/md.sparc64 patch distrib/sets/lists/debug/shl.mi patch distrib/sets/lists/etc/mi patch distrib/sets/lists/man/mi patch etc/defaults/rc.conf 1.130 etc/mtree/NetBSD.dist.base 1.142 external/bsd/Makefile up to 1.48 external/bsd/blacklist/bin/Makefile up to 1.11 plus patch external/bsd/blacklist/bin/blacklistctl.8 up to 1.6 external/bsd/blacklist/bin/blacklistctl.c up to 1.17 external/bsd/blacklist/bin/blacklistd.8 up to 1.10 external/bsd/blacklist/bin/blacklistd.c up to 1.32 external/bsd/blacklist/bin/blacklistd.conf.5 up to 1.2 external/bsd/blacklist/bin/conf.c up to 1.18 external/bsd/blacklist/bin/conf.h up to 1.6 external/bsd/blacklist/bin/internal.c up to 1.5 external/bsd/blacklist/bin/internal.h up to 1.12 external/bsd/blacklist/bin/run.c up to 1.12 external/bsd/blacklist/bin/run.h up to 1.5 external/bsd/blacklist/bin/state.c up to 1.15 external/bsd/blacklist/bin/state.h up to 1.5 external/bsd/blacklist/bin/support.c up to 1.6 external/bsd/blacklist/bin/support.h up to 1.5 external/bsd/blacklist/etc/rc.d/Makefile up to 1.1 external/bsd/blacklist/etc/rc.d/blacklistd up to 1.1 external/bsd/blacklist/etc/Makefile up to 1.3 external/bsd/blacklist/etc/blacklistd.conf up to 1.3 external/bsd/blacklist/etc/npf.conf up to 1.1 external/bsd/blacklist/Makefile up to 1.2 external/bsd/blacklist/Makefile.inc up to 1.3 external/bsd/blacklist/README up to 1.7 external/bsd/blacklist/TODO up to 1.7 external/bsd/blacklist/diff/ftpd.diff up to 1.1 external/bsd/blacklist/diff/named.diff up to 1.6 external/bsd/blacklist/diff/ssh.diff up to 1.6 external/bsd/blacklist/include/Makefile up to 1.1 external/bsd/blacklist/include/bl.h up to 1.12 external/bsd/blacklist/include/blacklist.h up to 1.3 external/bsd/blacklist/include/config.h new external/bsd/blacklist/lib/Makefile up to 1.3 external/bsd/blacklist/lib/bl.c up to 1.24 external/bsd/blacklist/lib/blacklist.c up to 1.5 external/bsd/blacklist/lib/libblacklist.3 up to 1.3 external/bsd/blacklist/lib/shlib_version up to 1.1 external/bsd/blacklist/libexec/Makefile up to 1.1 external/bsd/blacklist/libexec/blacklistd-helper up to 1.4 external/bsd/blacklist/port/m4/.cvsignore up to 1.1 external/bsd/blacklist/port/Makefile.am up to 1.4 external/bsd/blacklist/port/_strtoi.h up to 1.1 external/bsd/blacklist/port/clock_gettime.c up to 1.2 external/bsd/blacklist/port/configure.ac up to 1.7 external/bsd/blacklist/port/fgetln.c up to 1.1 external/bsd/blacklist/port/fparseln.c up to 1.1 external/bsd/blacklist/port/getprogname.c up to 1.4 external/bsd/blacklist/port/pidfile.c up to 1.1 external/bsd/blacklist/port/popenve.c up to 1.2 external/bsd/blacklist/port/port.h up to 1.6 external/bsd/blacklist/port/sockaddr_snprintf.c up to 1.9 external/bsd/blacklist/port/strlcat.c up to 1.2 external/bsd/blacklist/port/strlcpy.c up to 1.2 external/bsd/blacklist/port/strtoi.c up to 1.3 external/bsd/blacklist/test/Makefile up to 1.2 external/bsd/blacklist/test/cltest.c up to 1.6 external/bsd/blacklist/test/srvtest.c up to 1.9 lib/libpam/modules/pam_ssh/pam_ssh.c up to 1.23 libexec/ftpd/pfilter.c up to 1.1 libexec/ftpd/pfilter.h up to 1.1 libexec/ftpd/Makefile up to 1.64 libexec/ftpd/ftpd.c up to 1.201
Add blacklistd(8), a daemon to block and release network ports on demand to mitigate abuse, and related changes to system daemons to support it. [christos, ticket #711]
|