#
267654 |
|
19-Jun-2014 |
gjb |
Copy stable/9 to releng/9.3 as part of the 9.3-RELEASE cycle.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
263970 |
|
31-Mar-2014 |
des |
MFH (r237568, r255422, r255460, r255766, r255767, r255774, r255829, r256126, r257954, r261320, r261499, r263691, r263712): upgrade to OpenSSH 6.6p1 via 6.3p1, 6.4p1 and 6.5p1.
Differences relative to head:
- No DNSSEC support since stable/9 does not have LDNS - Sandboxing off by default, and uses rlimit instead of Capsicum - ED25519 moved to the bottom of the order of preference to avoid "new public key" warnings
|
#
251135 |
|
30-May-2013 |
des |
Pull in OpenSSH 6.2p2 from head.
|
#
225736 |
|
22-Sep-2011 |
kensmith |
Copy head to stable/9 as part of 9.0-RELEASE release cycle.
Approved by: re (implicit)
|
#
221420 |
|
04-May-2011 |
des |
Upgrade to OpenSSH 5.8p2.
|
#
215116 |
|
11-Nov-2010 |
des |
Upgrade to OpenSSH 5.6p1.
|
#
197679 |
|
01-Oct-2009 |
des |
Upgrade to OpenSSH 5.3p1.
|
#
181111 |
|
01-Aug-2008 |
des |
Upgrade to OpenSSH 5.1p1.
I have worked hard to reduce diffs against the vendor branch. One notable change in that respect is that we no longer prefer DSA over RSA - the reasons for doing so went away years ago. This may cause some surprises, as ssh will warn about unknown host keys even for hosts whose keys haven't changed.
MFC after: 6 weeks
|
#
181110 |
|
01-Aug-2008 |
des |
Remove svn:keywords except on files that need it. This makes diffs against the vendor branch much more readable.
|
#
181108 |
|
01-Aug-2008 |
des |
Another file with no local changes.
|
#
181097 |
|
31-Jul-2008 |
des |
Consistently set svn:eol-style.
|
#
162856 |
|
30-Sep-2006 |
des |
Merge conflicts.
MFC after: 1 week
|
#
149753 |
|
03-Sep-2005 |
des |
Resolve conflicts.
|
#
147005 |
|
05-Jun-2005 |
des |
Resolve conflicts.
|
#
137019 |
|
28-Oct-2004 |
des |
Resolve conflicts
|
#
128460 |
|
20-Apr-2004 |
des |
Resolve conflicts.
|
#
126277 |
|
26-Feb-2004 |
des |
Resolve conflicts.
|
#
124211 |
|
07-Jan-2004 |
des |
Resolve conflicts and remove obsolete files.
Sponsored by: registrar.no
|
#
113911 |
|
23-Apr-2003 |
des |
Resolve conflicts.
|
#
112870 |
|
31-Mar-2003 |
des |
If an ssh1 client initiated challenge-response authentication but did not respond to challenge, and later successfully authenticated itself using another method, the kbdint context would never be released, leaving the PAM child process behind even after the connection ended.
Fix this by automatically releasing the kbdint context if a packet of type SSH_CMSG_AUTH_TIS is follwed by anything but a packet of type SSH_CMSG_AUTH_TIS_RESPONSE.
MFC after: 1 week
|
#
106130 |
|
29-Oct-2002 |
des |
Resolve conflicts.
|
#
98941 |
|
27-Jun-2002 |
des |
Forcibly revert to mainline.
|
#
98742 |
|
24-Jun-2002 |
dinoex |
remove declaration of authlog use variable from_host Reviewed by: des
|
#
98684 |
|
23-Jun-2002 |
des |
Resolve conflicts. Known issues:
- sshd fails to set TERM correctly. - privilege separation may break PAM and is currently turned off. - man pages have not yet been updated
I will have these issues resolved, and privilege separation turned on by default, in time for DP2.
Sponsored by: DARPA, NAI Labs
|
#
93221 |
|
26-Mar-2002 |
ru |
Switch over to using pam_login_access(8) module in sshd(8). (Fixes static compilation. Reduces diffs to OpenSSH.)
Reviewed by: bde
|
#
92878 |
|
21-Mar-2002 |
des |
Use the "sshd" service instead of "csshd". The latter was only needed because of bugs (incorrect design decisions, actually) in Linux-PAM.
Sponsored by: DARPA, NAI Labs
|
#
92559 |
|
18-Mar-2002 |
des |
Fix conflicts.
|
#
92402 |
|
16-Mar-2002 |
des |
Diff reduction.
Sponsored by: DARPA, NAI Labs
|
#
82961 |
|
04-Sep-2001 |
assar |
fix renamed options in some of the code that was #ifdef AFS also print an error if krb5 ticket passing is disabled
Submitted by: Jonathan Chen <jon@spock.org>
|
#
78348 |
|
16-Jun-2001 |
assar |
(do_authloop): handle !KRB4 && KRB5
|
#
78129 |
|
12-Jun-2001 |
green |
Enable Kerberos 5 support in sshd again.
|
#
76464 |
|
11-May-2001 |
markm |
Fix make world in the kerberosIV case.
|
#
76262 |
|
04-May-2001 |
green |
Fix conflicts for OpenSSH 2.9.
|
#
74147 |
|
12-Mar-2001 |
assar |
Fix LP64 problem in Kerberos 5 TGT passing.
Obtained from: NetBSD (done by thorpej@netbsd.org)
|
#
73400 |
|
04-Mar-2001 |
assar |
Add code for being compatible with ssh.com's krb5 authentication. It is done by using the same ssh messages for v4 and v5 authentication (since the ssh.com does not now anything about v4) and looking at the contents after unpacking it to see if it is v4 or v5. Based on code from Björn Grönvall <bg@sics.se>
PR: misc/20504
|
#
69673 |
|
06-Dec-2000 |
green |
The PAM support for our OpenSSH is sponsored by Enitel ASA.
PAM support by: Eivind Eklund <eivind@FreeBSD.org>
|
#
69591 |
|
05-Dec-2000 |
green |
Update to OpenSSH 2.3.0 with FreeBSD modifications. OpenSSH 2.3.0 new features description elided in favor of checking out their website.
Important new FreeBSD-version stuff: PAM support has been worked in, partially from the "Unix" OpenSSH version, and a lot due to the work of Eivind Eklend, too.
This requires at least the following in pam.conf:
sshd auth sufficient pam_skey.so sshd auth required pam_unix.so try_first_pass sshd session required pam_permit.so
Parts by: Eivind Eklend <eivind@FreeBSD.org>
|
#
65674 |
|
10-Sep-2000 |
kris |
Resolve conflicts and update for OpenSSH 2.2.0
Reviewed by: gshapiro, peter, green
|
#
65361 |
|
02-Sep-2000 |
kris |
Err, we weren't even compiling auth1.c with LOGIN_CAP at all. Guess nobody was using this feature.
|
#
65360 |
|
02-Sep-2000 |
kris |
Repair a broken conflict resolution in r1.2 which had the effect of nullifying the login_cap and login.access checks for whether a user/host is allowed access to the system for users other than root. But since we currently don't have a similar check in the ssh2 code path anyway, it's um, "okay".
Submitted by: gshapiro
|
#
65358 |
|
02-Sep-2000 |
kris |
Re-add missing "break" which was lost during a previous patch integration. This currently has no effect.
Submitted by: gshapiro
|
#
63249 |
|
16-Jul-2000 |
peter |
Forced commit. This is to try and help folks that used the international crypto repo and have slightly different files but with the same version. cvsup in 'checkout mode' has no trouble with this, but cvs can get really silly about it.
|
#
60663 |
|
17-May-2000 |
kris |
Unbreak Kerberos5 compilation. This still remains untested.
Noticed by: obrien
|
#
60576 |
|
15-May-2000 |
kris |
Resolve conflicts and update for FreeBSD.
|
#
60574 |
|
15-May-2000 |
kris |
This commit was generated by cvs2svn to compensate for changes in r60573, which included commits to RCS files with non-trunk default branches.
|
#
60573 |
|
15-May-2000 |
kris |
Initial import of OpenSSH v2.1.
|