Cross Reference: /freebsd-current/crypto/openssh/monitor.h

History log of /freebsd-current/crypto/openssh/monitor.h
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
# 19261079	07-Sep-2021	Ed Maste <emaste@FreeBSD.org>	openssh: update to OpenSSH v8.7p1 Some notable changes, from upstream's release notes: - sshd(8): Remove support for obsolete "host/port" syntax. - ssh(1): When prompting whether to record a new host key, accept the key fingerprint as a synonym for "yes". - ssh-keygen(1): when acting as a CA and signing certificates with an RSA key, default to using the rsa-sha2-512 signature algorithm. - ssh(1), sshd(8), ssh-keygen(1): this release removes the "ssh-rsa" (RSA/SHA1) algorithm from those accepted for certificate signatures. - ssh-sk-helper(8): this is a new binary. It is used by the FIDO/U2F support to provide address-space isolation for token middleware libraries (including the internal one). - ssh(1): this release enables UpdateHostkeys by default subject to some conservative preconditions. - scp(1): this release changes the behaviour of remote to remote copies (e.g. "scp host-a:/path host-b:") to transfer through the local host by default. - scp(1): experimental support for transfers using the SFTP protocol as a replacement for the venerable SCP/RCP protocol that it has traditionally used. Additional integration work is needed to support FIDO/U2F in the base system. Deprecation Notice ------------------ OpenSSH will disable the ssh-rsa signature scheme by default in the next release. Reviewed by: imp MFC after: 1 month Relnotes: Yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D29985
# 27ceebbc	31-Aug-2021	Ed Maste <emaste@FreeBSD.org>	openssh: simplify login class restrictions Login class-based restrictions were introduced in 5b400a39b8ad. The code was adapted for sshd's Capsicum sandbox and received many changes over time, including at least fc3c19a9fcee, bd393de91cc3, and e8c56fba2926. During an attempt to upstream the work a much simpler approach was suggested. Adopt it now in the in-tree OpenSSH to reduce conflicts with future updates. Submitted by: Yuchiro Naito (against OpenSSH-portable on GitHub) Obtained from: https://github.com/openssh/openssh-portable/pull/262 Reviewed by: allanjude, kevans MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D31760 /freebsd-current/crypto/openssh/monitor.h
# fc3c19a9	06-Oct-2018	Ed Maste <emaste@FreeBSD.org>	sshd: address capsicum issues * Add a wrapper to proxy login_getpwclass(3) as it is not allowed in capability mode. * Cache timezone data via caph_cache_tzdata() as we cannot access the timezone file. * Reverse resolve hostname before entering capability mode. PR: 231172 Submitted by: naito.yuichiro@gmail.com Reviewed by: cem, des Approved by: re (rgrimes) MFC after: 3 weeks Differential Revision: https://reviews.freebsd.org/D17128 /freebsd-current/crypto/openssh/monitor.h
# 190cef3d	10-Sep-2018	Dag-Erling Smørgrav <des@FreeBSD.org>	Upgrade to OpenSSH 7.8p1. Approved by: re (kib@)
# ca86bcf2	05-Mar-2017	Dag-Erling Smørgrav <des@FreeBSD.org>	Upgrade to OpenSSH 7.4p1.
# bc5531de	19-Jan-2016	Dag-Erling Smørgrav <des@FreeBSD.org>	Upgrade to OpenSSH 6.8p1.
# b83788ff	25-Mar-2014	Dag-Erling Smørgrav <des@FreeBSD.org>	Upgrade to OpenSSH 6.6p1.
# 6888a9be	22-Mar-2013	Dag-Erling Smørgrav <des@FreeBSD.org>	Upgrade to OpenSSH 6.2p1. The most important new features are support for a key revocation list and more fine-grained authentication control.
# e146993e	05-Oct-2011	Dag-Erling Smørgrav <des@FreeBSD.org>	Upgrade to OpenSSH 5.9p1. MFC after: 3 months
# cce7d346	22-May-2009	Dag-Erling Smørgrav <des@FreeBSD.org>	Upgrade to OpenSSH 5.2p1. MFC after: 3 months
# 3b137a2c	31-Jul-2008	Dag-Erling Smørgrav <des@FreeBSD.org>	Another four files without local changes. This is driving me nuts - every time I think I got them all, another one pops up. /freebsd-current/crypto/openssh/monitor.h
# e3ae3b09	22-Jul-2008	Dag-Erling Smørgrav <des@FreeBSD.org>	Properly flatten openssh/dist. /freebsd-current/crypto/openssh/monitor.h
# 333ee039	30-Sep-2006	Dag-Erling Smørgrav <des@FreeBSD.org>	Merge conflicts. MFC after: 1 week /freebsd-current/crypto/openssh/monitor.h
# 761efaa7	30-Sep-2006	Dag-Erling Smørgrav <des@FreeBSD.org>	Vendor import of OpenSSH 4.4p1. /freebsd-current/crypto/openssh/monitor.h
# aa49c926	05-Jun-2005	Dag-Erling Smørgrav <des@FreeBSD.org>	Resolve conflicts. /freebsd-current/crypto/openssh/monitor.h
# 5e8dbd04	05-Jun-2005	Dag-Erling Smørgrav <des@FreeBSD.org>	Vendor import of OpenSSH 4.0p1. /freebsd-current/crypto/openssh/monitor.h
# 1ec0d754	26-Feb-2004	Dag-Erling Smørgrav <des@FreeBSD.org>	Resolve conflicts. /freebsd-current/crypto/openssh/monitor.h
# efcad6b7	26-Feb-2004	Dag-Erling Smørgrav <des@FreeBSD.org>	Vendor import of OpenSSH 3.8p1. /freebsd-current/crypto/openssh/monitor.h
# cf2b5f3b	07-Jan-2004	Dag-Erling Smørgrav <des@FreeBSD.org>	Resolve conflicts and remove obsolete files. Sponsored by: registrar.no /freebsd-current/crypto/openssh/monitor.h
# d95e11bf	07-Jan-2004	Dag-Erling Smørgrav <des@FreeBSD.org>	Vendor import of OpenSSH 3.7.1p2. /freebsd-current/crypto/openssh/monitor.h
# f388f5ef	29-Oct-2002	Dag-Erling Smørgrav <des@FreeBSD.org>	Resolve conflicts. /freebsd-current/crypto/openssh/monitor.h
# 4b17dab0	29-Oct-2002	Dag-Erling Smørgrav <des@FreeBSD.org>	Vendor import of OpenSSH-portable 3.5p1. /freebsd-current/crypto/openssh/monitor.h
# 382d19ee	29-Jun-2002	Dag-Erling Smørgrav <des@FreeBSD.org>	PAM support, the FreeBSD way. Sponsored by: DARPA, NAI Labs /freebsd-current/crypto/openssh/monitor.h
# 83d2307d	27-Jun-2002	Dag-Erling Smørgrav <des@FreeBSD.org>	Vendor import of OpenSSH 3.3p1. /freebsd-current/crypto/openssh/monitor.h
# 545d5eca	23-Jun-2002	Dag-Erling Smørgrav <des@FreeBSD.org>	Vendor import of OpenSSH 3.3. /freebsd-current/crypto/openssh/monitor.h
# 27ceebbc	31-Aug-2021	Ed Maste <emaste@FreeBSD.org>	openssh: simplify login class restrictions Login class-based restrictions were introduced in 5b400a39b8ad. The code was adapted for sshd's Capsicum sandbox and received many changes over time, including at least fc3c19a9fcee, bd393de91cc3, and e8c56fba2926. During an attempt to upstream the work a much simpler approach was suggested. Adopt it now in the in-tree OpenSSH to reduce conflicts with future updates. Submitted by: Yuchiro Naito (against OpenSSH-portable on GitHub) Obtained from: https://github.com/openssh/openssh-portable/pull/262 Reviewed by: allanjude, kevans MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D31760
# fc3c19a9	06-Oct-2018	Ed Maste <emaste@FreeBSD.org>	sshd: address capsicum issues * Add a wrapper to proxy login_getpwclass(3) as it is not allowed in capability mode. * Cache timezone data via caph_cache_tzdata() as we cannot access the timezone file. * Reverse resolve hostname before entering capability mode. PR: 231172 Submitted by: naito.yuichiro@gmail.com Reviewed by: cem, des Approved by: re (rgrimes) MFC after: 3 weeks Differential Revision: https://reviews.freebsd.org/D17128
# a7d5f7eb	19-Oct-2010	Jamie Gritton <jamie@FreeBSD.org>	A new jail(8) with a configuration file, to replace the work currently done by /etc/rc.d/jail.
# fe0506d7	09-Mar-2010	Marcel Moolenaar <marcel@FreeBSD.org>	Create the altix project branch. The altix project will add support for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting is a two-module system, consisting of a base compute module and a CPU expansion module. SGI's NUMAFlex architecture can be an excellent platform to test CPU affinity and NUMA-aware features in FreeBSD.
# d7f03759	19-Oct-2008	Ulf Lilleengen <lulf@FreeBSD.org>	- Import the HEAD csup code which is the basis for the cvsmode work.
# 3b137a2c	31-Jul-2008	Dag-Erling Smørgrav <des@FreeBSD.org>	Another four files without local changes. This is driving me nuts - every time I think I got them all, another one pops up.
# 333ee039	30-Sep-2006	Dag-Erling Smørgrav <des@FreeBSD.org>	Merge conflicts. MFC after: 1 week
# 761efaa7	30-Sep-2006	Dag-Erling Smørgrav <des@FreeBSD.org>	Vendor import of OpenSSH 4.4p1.
# aa49c926	05-Jun-2005	Dag-Erling Smørgrav <des@FreeBSD.org>	Resolve conflicts.
# 5e8dbd04	05-Jun-2005	Dag-Erling Smørgrav <des@FreeBSD.org>	Vendor import of OpenSSH 4.0p1.
# 1ec0d754	26-Feb-2004	Dag-Erling Smørgrav <des@FreeBSD.org>	Resolve conflicts.
# efcad6b7	26-Feb-2004	Dag-Erling Smørgrav <des@FreeBSD.org>	Vendor import of OpenSSH 3.8p1.
# cf2b5f3b	07-Jan-2004	Dag-Erling Smørgrav <des@FreeBSD.org>	Resolve conflicts and remove obsolete files. Sponsored by: registrar.no
# d95e11bf	07-Jan-2004	Dag-Erling Smørgrav <des@FreeBSD.org>	Vendor import of OpenSSH 3.7.1p2.
# f388f5ef	29-Oct-2002	Dag-Erling Smørgrav <des@FreeBSD.org>	Resolve conflicts.
# 4b17dab0	29-Oct-2002	Dag-Erling Smørgrav <des@FreeBSD.org>	Vendor import of OpenSSH-portable 3.5p1.
# 382d19ee	29-Jun-2002	Dag-Erling Smørgrav <des@FreeBSD.org>	PAM support, the FreeBSD way. Sponsored by: DARPA, NAI Labs
# 83d2307d	27-Jun-2002	Dag-Erling Smørgrav <des@FreeBSD.org>	Vendor import of OpenSSH 3.3p1.
# 545d5eca	23-Jun-2002	Dag-Erling Smørgrav <des@FreeBSD.org>	Vendor import of OpenSSH 3.3.