[openssh-commits] CVS: fuyu.mindrot.org: openssh

Fri Apr 16 15:56:22 EST 2010

CVSROOT:        /var/cvs
Module name:    openssh
Changes by:     djm at fuyu.mindrot.org 10/04/16 15:56:22

Modified files:
    .               : ChangeLog PROTOCOL.certkeys auth-options.c auth-options.h auth-rsa.c auth2-pubkey.c authfd.c key.c key.h myproposal.h ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.1 ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect2.c sshd.c

Log message:
   - djm at cvs.openbsd.org 2010/04/16 01:47:26
     [PROTOCOL.certkeys auth-options.c auth-options.h auth-rsa.c]
     [auth2-pubkey.c authfd.c key.c key.h myproposal.h ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.1 ssh-keygen.c ssh-rsa.c]
     [sshconnect.c sshconnect2.c sshd.c]
     revised certificate format ssh-{dss,rsa}-cert-v01 at openssh.com with the
     following changes:

     move the nonce field to the beginning of the certificate where it can
     better protect against chosen-prefix attacks on the signature hash

     Rename "constraints" field to "critical options"

     Add a new non-critical "extensions" field

     Add a serial number

     The older format is still support for authentication and cert generation
     (use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)

     ok markus@

Diff commands:
cvs -nQq rdiff -u -r1.5556 -r1.5557 openssh/ChangeLog
cvs -nQq rdiff -u -r1.3 -r1.4 openssh/PROTOCOL.certkeys
cvs -nQq rdiff -u -r1.48 -r1.49 openssh/auth-options.c
cvs -nQq rdiff -u -r1.16 -r1.17 openssh/auth-options.h
cvs -nQq rdiff -u -r1.67 -r1.68 openssh/auth-rsa.c
cvs -nQq rdiff -u -r1.24 -r1.25 openssh/auth2-pubkey.c
cvs -nQq rdiff -u -r1.78 -r1.79 openssh/authfd.c
cvs -nQq rdiff -u -r1.89 -r1.90 openssh/key.c
cvs -nQq rdiff -u -r1.31 -r1.32 openssh/key.h
cvs -nQq rdiff -u -r1.24 -r1.25 openssh/myproposal.h
cvs -nQq rdiff -u -r1.103 -r1.104 openssh/ssh-add.c
cvs -nQq rdiff -u -r1.183 -r1.184 openssh/ssh-agent.c
cvs -nQq rdiff -u -r1.26 -r1.27 openssh/ssh-dss.c
cvs -nQq rdiff -u -r1.88 -r1.89 openssh/ssh-keygen.1
cvs -nQq rdiff -u -r1.199 -r1.200 openssh/ssh-keygen.c
cvs -nQq rdiff -u -r1.41 -r1.42 openssh/ssh-rsa.c
cvs -nQq rdiff -u -r1.194 -r1.195 openssh/sshconnect.c
cvs -nQq rdiff -u -r1.173 -r1.174 openssh/sshconnect2.c
cvs -nQq rdiff -u -r1.395 -r1.396 openssh/sshd.c

ViewVC:
http://anoncvs.mindrot.org/index.cgi/openssh/ChangeLog?r1=1.5556;r2=1.5557&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/PROTOCOL.certkeys?r1=1.3;r2=1.4&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/auth-options.c?r1=1.48;r2=1.49&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/auth-options.h?r1=1.16;r2=1.17&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/auth-rsa.c?r1=1.67;r2=1.68&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/auth2-pubkey.c?r1=1.24;r2=1.25&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/authfd.c?r1=1.78;r2=1.79&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/key.c?r1=1.89;r2=1.90&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/key.h?r1=1.31;r2=1.32&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/myproposal.h?r1=1.24;r2=1.25&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/ssh-add.c?r1=1.103;r2=1.104&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/ssh-agent.c?r1=1.183;r2=1.184&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/ssh-dss.c?r1=1.26;r2=1.27&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/ssh-keygen.1?r1=1.88;r2=1.89&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/ssh-keygen.c?r1=1.199;r2=1.200&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/ssh-rsa.c?r1=1.41;r2=1.42&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/sshconnect.c?r1=1.194;r2=1.195&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/sshconnect2.c?r1=1.173;r2=1.174&view=patch
http://anoncvs.mindrot.org/index.cgi/openssh/sshd.c?r1=1.395;r2=1.396&view=patch

Please note that there may be a delay before commits are available
on the public ViewVC site.