CVS commit: src/crypto/external/bsd/openssh

Wed, 12 Dec 2012 09:42:48 -0800 

Module Name:    src
Committed By:   christos
Date:           Wed Dec 12 17:42:40 UTC 2012

Modified Files:
        src/crypto/external/bsd/openssh/dist: PROTOCOL.certkeys PROTOCOL.mux
            addrmatch.c auth.c channels.c channels.h clientloop.c dns.c dns.h
            jpake.c key.c key.h mac.c moduli.c monitor.c mux.c myproposal.h
            servconf.c servconf.h serverloop.c session.c sftp-client.c sftp.c
            ssh-keygen.1 ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c
            ssh-pkcs11-helper.c ssh.1 ssh.c ssh_config.5 sshconnect2.c sshd.8
            sshd.c sshd_config sshd_config.5 version.h
        src/crypto/external/bsd/openssh/lib: shlib_version

Log Message:
update to 6.1

This is primarily a bugfix release.

Features:

 * sshd(8): This release turns on pre-auth sandboxing sshd by default for
   new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config.
 * ssh-keygen(1): Add options to specify starting line number and number of
   lines to process when screening moduli candidates, allowing processing
   of different parts of a candidate moduli file in parallel
 * sshd(8): The Match directive now supports matching on the local (listen)
   address and port upon which the incoming connection was received via
   LocalAddress and LocalPort clauses.
 * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv
   and {Allow,Deny}{Users,Groups}
 * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978
 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8
 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as
   an argument to refuse all port-forwarding requests.
 * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile
 * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971
 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators
   to append some arbitrary text to the server SSH protocol banner.

Bugfixes:

 * ssh(1)/sshd(8): Don't spin in accept() in situations of file
   descriptor exhaustion. Instead back off for a while.
 * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as
   they were removed from the specification. bz#2023,
 * sshd(8): Handle long comments in config files better. bz#2025
 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly
   picked up. bz#1995
 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root
   on platforms that use login_cap.


To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 \
    src/crypto/external/bsd/openssh/dist/PROTOCOL.certkeys
cvs rdiff -u -r1.4 -r1.5 src/crypto/external/bsd/openssh/dist/PROTOCOL.mux \
    src/crypto/external/bsd/openssh/dist/addrmatch.c \
    src/crypto/external/bsd/openssh/dist/dns.c \
    src/crypto/external/bsd/openssh/dist/key.h \
    src/crypto/external/bsd/openssh/dist/moduli.c \
    src/crypto/external/bsd/openssh/dist/serverloop.c
cvs rdiff -u -r1.5 -r1.6 src/crypto/external/bsd/openssh/dist/auth.c \
    src/crypto/external/bsd/openssh/dist/mac.c \
    src/crypto/external/bsd/openssh/dist/myproposal.h \
    src/crypto/external/bsd/openssh/dist/ssh-keyscan.1
cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/dist/channels.c \
    src/crypto/external/bsd/openssh/dist/monitor.c \
    src/crypto/external/bsd/openssh/dist/ssh-keygen.1 \
    src/crypto/external/bsd/openssh/dist/ssh_config.5 \
    src/crypto/external/bsd/openssh/dist/sshd.8 \
    src/crypto/external/bsd/openssh/dist/sshd_config \
    src/crypto/external/bsd/openssh/dist/version.h
cvs rdiff -u -r1.6 -r1.7 src/crypto/external/bsd/openssh/dist/channels.h \
    src/crypto/external/bsd/openssh/dist/jpake.c \
    src/crypto/external/bsd/openssh/dist/mux.c \
    src/crypto/external/bsd/openssh/dist/servconf.h \
    src/crypto/external/bsd/openssh/dist/sftp-client.c
cvs rdiff -u -r1.7 -r1.8 src/crypto/external/bsd/openssh/dist/clientloop.c \
    src/crypto/external/bsd/openssh/dist/ssh-keyscan.c
cvs rdiff -u -r1.3 -r1.4 src/crypto/external/bsd/openssh/dist/dns.h \
    src/crypto/external/bsd/openssh/dist/ssh-pkcs11-helper.c
cvs rdiff -u -r1.10 -r1.11 src/crypto/external/bsd/openssh/dist/key.c \
    src/crypto/external/bsd/openssh/dist/servconf.c \
    src/crypto/external/bsd/openssh/dist/ssh.c \
    src/crypto/external/bsd/openssh/dist/sshconnect2.c \
    src/crypto/external/bsd/openssh/dist/sshd.c
cvs rdiff -u -r1.9 -r1.10 src/crypto/external/bsd/openssh/dist/session.c \
    src/crypto/external/bsd/openssh/dist/sftp.c \
    src/crypto/external/bsd/openssh/dist/ssh-keygen.c \
    src/crypto/external/bsd/openssh/dist/ssh.1
cvs rdiff -u -r1.12 -r1.13 src/crypto/external/bsd/openssh/dist/sshd_config.5
cvs rdiff -u -r1.8 -r1.9 src/crypto/external/bsd/openssh/lib/shlib_version

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Reply via email to