d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
226,832 Commits 6 Branches 133 Tags 2.6 GiB
f0a993bbdb
Commit Graph

84 Commits

Author SHA1 Message Date
Dag-Erling Smørgrav
d93a896ef9 Upgrade to OpenSSH 7.5p1. 2017-08-04 12:57:24 +00:00
Dag-Erling Smørgrav
ca86bcf253 Upgrade to OpenSSH 7.4p1. 2017-03-06 01:37:05 +00:00
Dag-Erling Smørgrav
6d6e8a4a09 Forgot to bump the version addendum date. 2017-03-03 01:50:10 +00:00
Dag-Erling Smørgrav
076ad2f836 Upgrade to OpenSSH 7.3p1. 2017-03-02 00:11:32 +00:00
Xin LI
9ea45e75fa MFV r311913: 
Fix multiple OpenSSH vulnerabilities.

Submitted by:	des
Approved by:	so
 2017-01-11 05:49:39 +00:00
Kurt Lidl
b2af61ec69 Add refactored blacklist support to sshd 
Change the calls to of blacklist_init() and blacklist_notify to be
macros defined in the blacklist_client.h file.  This avoids
the need for #ifdef USE_BLACKLIST / #endif except in the
blacklist.c file.

Remove redundent initialization attempts from within
blacklist_notify - everything always goes through
blacklistd_init().

Added UseBlacklist option to sshd, which defaults to off.
To enable the functionality, use '-o UseBlacklist=yes' on
the command line, or uncomment in the sshd_config file.

Reviewed by:	des
Approved by:	des
MFC after:		1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D7051
 2016-08-30 14:09:24 +00:00
Dag-Erling Smørgrav
9ded33068e Remove DSA from default cipher list and disable SSH1. 
Upstream did this a long time ago, but we kept DSA and SSH1 in FreeBSD for
reasons which boil down to POLA.  Now is a good time to catch up.

MFC after:	3 days
Relnotes:	yes
 2016-08-03 16:08:21 +00:00
Dag-Erling Smørgrav
c3c6c935fc Re-add AES-CBC ciphers to the default cipher list on the server. 
PR:		207679
 2016-03-11 00:23:10 +00:00
Dag-Erling Smørgrav
acc1a9ef83 Upgrade to OpenSSH 7.2p2. 2016-03-11 00:15:29 +00:00
Dag-Erling Smørgrav
b4245df0a8 Document our modified default value for PermitRootLogin. 2016-02-02 10:02:38 +00:00
Dag-Erling Smørgrav
c4cd1fa410 Switch UseDNS back on 2016-01-27 13:40:44 +00:00
Dag-Erling Smørgrav
fc1ba28a5c Upgrade to OpenSSH 7.1p2. 2016-01-21 11:54:34 +00:00
Dag-Erling Smørgrav
acf8e75eb0 Enable DSA keys by default. They were disabled in OpenSSH 6.9p1. 
Noticed by:	glebius
 2016-01-21 11:10:14 +00:00
Dag-Erling Smørgrav
eccfee6ebc Upgrade to OpenSSH 7.0p1. 2016-01-20 22:57:10 +00:00
Dag-Erling Smørgrav
557f75e54a Upgrade to OpenSSH 6.9p1. 2016-01-19 18:55:44 +00:00
Dag-Erling Smørgrav
bc5531debe Upgrade to OpenSSH 6.8p1. 2016-01-19 18:28:23 +00:00
Dag-Erling Smørgrav
a0ee8cc636 Upgrade to OpenSSH 6.7p1, retaining libwrap support (which has been removed 
upstream) and a number of security fixes which we had already backported.

MFC after:	1 week
 2016-01-19 16:18:26 +00:00
Dag-Erling Smørgrav
60c59fad88 As previously threatened, remove the HPN patch from OpenSSH. 2016-01-19 14:38:20 +00:00
Dag-Erling Smørgrav
5b71b2ebe0 Now that we have mandoc, we can leave $Mdocdate$ tags as-is. Unfortunately, 
there is (currently) no way to make Subversion generate correct $Mdocdate$
tags, but perhas we can teach mandoc to read Subversion's %d format.
 2015-11-11 13:23:07 +00:00
Bryan Drewery
6e57108113 Document "none" for VersionAddendum. 
PR:		193127
MFC after:	2 weeks
 2015-03-23 02:45:12 +00:00
Dag-Erling Smørgrav
30a0343983 Apply upstream patch for EC calculation bug and bump version addendum. 2014-04-20 11:34:33 +00:00
Dag-Erling Smørgrav
b83788ff87 Upgrade to OpenSSH 6.6p1. 2014-03-25 11:05:34 +00:00
Dag-Erling Smørgrav
2b1970f362 Turn sandboxing on by default. 2014-02-01 00:07:16 +00:00
Dag-Erling Smørgrav
f7167e0ea0 Upgrade to OpenSSH 6.5p1. 2014-01-31 13:12:02 +00:00
Xin LI
0a37d4a300 MFV r257952: 
Upgrade to OpenSSH 6.4p1.

Bump VersionAddendum.

Approved by:	des
 2013-11-11 09:19:58 +00:00
Dag-Erling Smørgrav
e4a9863fb7 Upgrade to 6.3p1. 
Approved by:	re (gjb)
 2013-09-21 21:36:09 +00:00
Dag-Erling Smørgrav
aa0dd44b14 r251088 reverted the default value for UsePrivilegeSeparation from 
"sandbox" to "yes", but did not update the documentation to match.
 2013-06-28 09:41:59 +00:00
Dag-Erling Smørgrav
420bce642c Upgrade to OpenSSH 6.2p2. Mostly a no-op since I had already patched 
the issues that affected us.
 2013-05-17 09:12:33 +00:00
Dag-Erling Smørgrav
6888a9be56 Upgrade to OpenSSH 6.2p1. The most important new features are support 
for a key revocation list and more fine-grained authentication control.
 2013-03-22 17:55:38 +00:00
Dag-Erling Smørgrav
462c32cb8d Upgrade OpenSSH to 6.1p1. 2012-09-03 16:51:41 +00:00
Ed Schouten
35762f5913 Polish diff against upstream. 
- Revert unneeded whitespace changes.
- Revert modifications to loginrec.c, as the upstream version already
  does the right thing.
- Fix indentation and whitespace of local changes.

Approved by:	des
MFC after:	1 month
 2012-02-13 11:59:59 +00:00
Dag-Erling Smørgrav
e146993e33 Upgrade to OpenSSH 5.9p1. 
MFC after:	3 months
 2011-10-05 22:08:17 +00:00
Dag-Erling Smørgrav
4a421b6336 Upgrade to OpenSSH 5.8p2. 2011-05-04 07:34:44 +00:00
Dag-Erling Smørgrav
e2f6069c09 Upgrade to OpenSSH 5.6p1. 2010-11-11 11:46:19 +00:00
Dag-Erling Smørgrav
afee23fec9 Missing commas 2010-06-01 15:11:29 +00:00
Dag-Erling Smørgrav
8ad9b54a6d Upgrade to OpenSSH 5.5p1. 2010-04-28 10:36:33 +00:00
Dag-Erling Smørgrav
b15c83408c Upgrade to OpenSSH 5.4p1. 
MFC after:	1 month
 2010-03-09 19:16:43 +00:00
Dag-Erling Smørgrav
7aee6ffee0 Upgrade to OpenSSH 5.3p1. 2009-10-01 17:12:52 +00:00
Dag-Erling Smørgrav
cce7d3464f Upgrade to OpenSSH 5.2p1. 
MFC after:	3 months
 2009-05-22 18:46:28 +00:00
Dag-Erling Smørgrav
a29f9ec52c Our groff doesn't understand $Mdocdate$, so replace them with bare dates. 
MFC after:	3 days
 2008-09-29 10:53:05 +00:00
Dag-Erling Smørgrav
d4af9e693f Upgrade to OpenSSH 5.1p1. 
I have worked hard to reduce diffs against the vendor branch.  One
notable change in that respect is that we no longer prefer DSA over
RSA - the reasons for doing so went away years ago.  This may cause
some surprises, as ssh will warn about unknown host keys even for
hosts whose keys haven't changed.

MFC after:	6 weeks
 2008-08-01 02:48:36 +00:00
Dag-Erling Smørgrav
e3ae3b098d Properly flatten openssh/dist. 2008-07-22 19:01:18 +00:00
Dag-Erling Smørgrav
ffea3f5a05 s/X11R6/local/g 2007-05-24 22:04:07 +00:00
Dag-Erling Smørgrav
62efe23a82 Resolve conflicts. 2006-11-10 16:52:41 +00:00
Dag-Erling Smørgrav
3c492e28cd Bump version addendum. 
MFC after:	1 week
 2006-09-30 13:39:07 +00:00
Dag-Erling Smørgrav
333ee03933 Merge conflicts. 
MFC after:	1 week
 2006-09-30 13:38:06 +00:00
Dag-Erling Smørgrav
761efaa70c Vendor import of OpenSSH 4.4p1. 2006-09-30 13:29:51 +00:00
Dag-Erling Smørgrav
b74df5b26f Merge conflicts. 2006-03-22 20:41:37 +00:00
Dag-Erling Smørgrav
021d409f5b Vendor import of OpenSSH 4.3p1. 2006-03-22 19:46:12 +00:00
Dag-Erling Smørgrav
d4ecd10857 Resolve conflicts. 2005-09-03 07:04:25 +00:00