#
323136 |
|
02-Sep-2017 |
des |
MFH (r322052): Upgrade OpenSSH to 7.5p1.
|
#
323134 |
|
02-Sep-2017 |
des |
MFH (r314306,r314720): Upgrade OpenSSH to 7.4p1.
|
#
323129 |
|
02-Sep-2017 |
des |
MFH (r314527,r314576,r314601,r317998): Upgrade OpenSSH to 7.3p1.
|
#
318402 |
|
17-May-2017 |
lidl |
MFC r318242: Refine and update blacklist support in sshd
Adjust notification points slightly to catch all auth failures, rather than just the ones caused by bad usernames. Modify notification point for bad usernames to send new type of BLACKLIST_BAD_USER. (Support in libblacklist will be forthcoming soon.) Add guards to allow library headers to expose the enum of action values.
Reviewed by: des Relnotes: yes Sponsored by: The FreeBSD Foundation
|
#
305476 |
|
06-Sep-2016 |
lidl |
MFC r305065: Add refactored blacklist support to sshd
Change the calls to of blacklist_init() and blacklist_notify to be macros defined in the blacklist_client.h file. This avoids the need for #ifdef USE_BLACKLIST / #endif except in the blacklist.c file.
Remove redundent initialization attempts from within blacklist_notify - everything always goes through blacklistd_init().
Added UseBlacklist option to sshd, which defaults to off. To enable the functionality, use '-o UseBlacklist=yes' on the command line, or uncomment in the sshd_config file.
Approved by: des Sponsored by: The FreeBSD Foundation
|
#
302408 |
|
07-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle. Prune svn:mergeinfo from the new branch, as nothing has been merged here.
Additional commits post-branch will follow.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
302182 |
|
24-Jun-2016 |
gjb |
Revert r301551, which added blacklistd(8) to sshd(8).
This change has functional impact, and other concerns raised by the OpenSSH maintainer.
Requested by: des PR: 210479 (related) Approved by: re (marius) Sponsored by: The FreeBSD Foundation
|
#
301551 |
|
07-Jun-2016 |
lidl |
Add blacklist support to sshd
Reviewed by: rpaulo Approved by: rpaulo (earlier version of changes) Relnotes: YES Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D5915
|
#
296633 |
|
10-Mar-2016 |
des |
Upgrade to OpenSSH 7.2p2.
|
#
294496 |
|
21-Jan-2016 |
des |
Upgrade to OpenSSH 7.1p2.
|
#
294464 |
|
20-Jan-2016 |
des |
Upgrade to OpenSSH 7.0p1.
|
#
294336 |
|
19-Jan-2016 |
des |
Upgrade to OpenSSH 6.9p1.
|
#
294332 |
|
19-Jan-2016 |
des |
Upgrade to OpenSSH 6.8p1.
|
#
294328 |
|
19-Jan-2016 |
des |
Upgrade to OpenSSH 6.7p1, retaining libwrap support (which has been removed upstream) and a number of security fixes which we had already backported.
MFC after: 1 week
|
#
291198 |
|
23-Nov-2015 |
des |
Retire the NONE cipher option.
|
#
290672 |
|
11-Nov-2015 |
des |
Remove /* $FreeBSD$ */ from files that already have __RCSID("$FreeBSD$").
|
#
263712 |
|
25-Mar-2014 |
des |
Upgrade to OpenSSH 6.6p1.
|
#
263691 |
|
24-Mar-2014 |
des |
Add a pre-merge script which reverts mechanical changes such as added $FreeBSD$ tags and man page dates.
Add a post-merge script which reapplies these changes.
Run both scripts to normalize the existing code base. As a result, many files which should have had $FreeBSD$ tags but didn't now have them.
Partly rewrite the upgrade instructions and remove the now outdated list of tricks.
|
#
261320 |
|
31-Jan-2014 |
des |
Upgrade to OpenSSH 6.5p1.
|
#
257954 |
|
11-Nov-2013 |
delphij |
MFV r257952:
Upgrade to OpenSSH 6.4p1.
Bump VersionAddendum.
Approved by: des
|
#
255767 |
|
21-Sep-2013 |
des |
Upgrade to 6.3p1.
Approved by: re (gjb)
|
#
250739 |
|
17-May-2013 |
des |
Upgrade to OpenSSH 6.2p2. Mostly a no-op since I had already patched the issues that affected us.
|
#
249475 |
|
14-Apr-2013 |
des |
Silence "received disconnect" in the common case.
|
#
248619 |
|
22-Mar-2013 |
des |
Upgrade to OpenSSH 6.2p1. The most important new features are support for a key revocation list and more fine-grained authentication control.
|
#
240075 |
|
03-Sep-2012 |
des |
Upgrade OpenSSH to 6.1p1.
|
#
226046 |
|
05-Oct-2011 |
des |
Upgrade to OpenSSH 5.9p1.
MFC after: 3 months
|
#
224640 |
|
03-Aug-2011 |
brooks |
Enable keyword expansion for $FreeBSD$ on files where it was added it r224638.
Submitted by: bz Approved by: re (implicit) Point hat to: brooks
|
#
224638 |
|
03-Aug-2011 |
brooks |
Add support for dynamically adjusted buffers to allow the full use of the bandwidth of long fat pipes (i.e. 100Mbps+ trans-oceanic or trans-continental links). Bandwidth-delay products up to 64MB are supported.
Also add support (not compiled by default) for the None cypher. The None cypher can only be enabled on non-interactive sessions (those without a pty where -T was not used) and must be enabled in both the client and server configuration files and on the client command line. Additionally, the None cypher will only be activated after authentication is complete. To enable the None cypher you must add -DNONE_CIPHER_ENABLED to CFLAGS via the make command line or in /etc/make.conf.
This code is a style(9) compliant version of these features extracted from the patches published at:
http://www.psc.edu/networking/projects/hpn-ssh/
Merging this patch has been a collaboration between me and Bjoern.
Reviewed by: bz Approved by: re (kib), des (maintainer)
|
#
221420 |
|
04-May-2011 |
des |
Upgrade to OpenSSH 5.8p2.
|
#
215116 |
|
11-Nov-2010 |
des |
Upgrade to OpenSSH 5.6p1.
|
#
197679 |
|
01-Oct-2009 |
des |
Upgrade to OpenSSH 5.3p1.
|
#
192595 |
|
22-May-2009 |
des |
Upgrade to OpenSSH 5.2p1.
MFC after: 3 months
|
#
181111 |
|
01-Aug-2008 |
des |
Upgrade to OpenSSH 5.1p1.
I have worked hard to reduce diffs against the vendor branch. One notable change in that respect is that we no longer prefer DSA over RSA - the reasons for doing so went away years ago. This may cause some surprises, as ssh will warn about unknown host keys even for hosts whose keys haven't changed.
MFC after: 6 weeks
|
#
181110 |
|
01-Aug-2008 |
des |
Remove svn:keywords except on files that need it. This makes diffs against the vendor branch much more readable.
|
#
181097 |
|
31-Jul-2008 |
des |
Consistently set svn:eol-style.
|
#
162853 |
|
30-Sep-2006 |
des |
This commit was generated by cvs2svn to compensate for changes in r162852, which included commits to RCS files with non-trunk default branches.
|
#
162852 |
|
30-Sep-2006 |
des |
Vendor import of OpenSSH 4.4p1.
|
#
157016 |
|
22-Mar-2006 |
des |
Vendor import of OpenSSH 4.3p1.
|
#
149749 |
|
03-Sep-2005 |
des |
Vendor import of OpenSSH 4.2p1.
|
#
146998 |
|
05-Jun-2005 |
des |
Vendor import of OpenSSH 4.0p1.
|
#
137015 |
|
28-Oct-2004 |
des |
Vendor import of OpenSSH 3.9p1.
|
#
126274 |
|
26-Feb-2004 |
des |
Vendor import of OpenSSH 3.8p1.
|
#
124208 |
|
07-Jan-2004 |
des |
Vendor import of OpenSSH 3.7.1p2.
|
#
116791 |
|
24-Jun-2003 |
des |
Add a "return" that was missing from 3.6.1p1. Since it's been fixed in the OpenSSH-portable CVS repo, I'm committing this on the vendor branch.
|
#
113908 |
|
23-Apr-2003 |
des |
Vendor import of OpenSSH-portable 3.6.1p1.
|
#
106121 |
|
29-Oct-2002 |
des |
Vendor import of OpenSSH-portable 3.5p1.
|
#
99060 |
|
29-Jun-2002 |
des |
Vendor import of OpenSSH 3.4p1.
|
#
98937 |
|
27-Jun-2002 |
des |
Vendor import of OpenSSH 3.3p1.
|
#
98675 |
|
23-Jun-2002 |
des |
Vendor import of OpenSSH 3.3.
|
#
92555 |
|
18-Mar-2002 |
des |
Vendor import of OpenSSH 3.1
|
#
76259 |
|
04-May-2001 |
green |
Say "hi" to the latest in the OpenSSH series, version 2.9!
Happy birthday to: rwatson
|
#
69587 |
|
05-Dec-2000 |
green |
Import of OpenSSH 2.3.0 (virgin OpenBSD source release).
|
#
65668 |
|
10-Sep-2000 |
kris |
Initial import of OpenSSH post-2.2.0 snapshot dated 2000-09-09
|
#
60573 |
|
15-May-2000 |
kris |
Initial import of OpenSSH v2.1.
|
#
57429 |
|
24-Feb-2000 |
markm |
Vendor import of OpenSSH.
|