[openssh-commits] [openssh] branch master updated (1d6424a -> d411d39)
git+noreply at mindrot.org
git+noreply at mindrot.org
Tue Jan 27 00:33:56 EST 2015
This is an automated email from the git hooks/post-receive script.
djm pushed a change to branch master
in repository openssh.
from 1d6424a upstream commit
new 57e783c upstream commit
new 087266e upstream commit
new dcff581 upstream commit
new a5a3e33 upstream commit
new 60b1825 upstream commit
new 8d4f872 upstream commit
new 5104db7 upstream commit
new 1d1092b upstream commit
new 2b3b1c1 upstream commit
new 0dad3b8 upstream commit
new 7dd355f upstream commit
new fe8a3a5 upstream commit
new d411d39 upstream commit
The 13 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Detailed log of new commits:
commit d411d395556b73ba1b9e451516a0bd6697c4b03d
Author: djm at openbsd.org <djm at openbsd.org>
Date: Mon Jan 26 06:12:18 2015 +0000
upstream commit
regression test for host key rotation
commit fe8a3a51699afbc6407a8fae59b73349d01e49f8
Author: djm at openbsd.org <djm at openbsd.org>
Date: Mon Jan 26 06:11:28 2015 +0000
upstream commit
adapt to sshkey API tweaks
commit 7dd355fb1f0038a3d5cdca57ebab4356c7a5b434
Author: miod at openbsd.org <miod at openbsd.org>
Date: Sat Jan 24 10:39:21 2015 +0000
upstream commit
Move -lz late in the linker commandline for things to
build on static arches.
commit 0dad3b806fddb93c475b30853b9be1a25d673a33
Author: miod at openbsd.org <miod at openbsd.org>
Date: Fri Jan 23 21:21:23 2015 +0000
upstream commit
-Wpointer-sign is supported by gcc 4 only.
commit 2b3b1c1e4bd9577b6e780c255c278542ea66c098
Author: djm at openbsd.org <djm at openbsd.org>
Date: Tue Jan 20 22:58:57 2015 +0000
upstream commit
use SUBDIR to recuse into unit tests; makes "make obj"
actually work
commit 1d1092bff8db27080155541212b420703f8b9c92
Author: djm at openbsd.org <djm at openbsd.org>
Date: Mon Jan 26 12:16:36 2015 +0000
upstream commit
correct description of UpdateHostKeys in ssh_config.5 and
add it to -o lists for ssh, scp and sftp; pointed out by jmc@
commit 5104db7cbd6cdd9c5971f4358e74414862fc1022
Author: djm at openbsd.org <djm at openbsd.org>
Date: Mon Jan 26 06:10:03 2015 +0000
upstream commit
correctly match ECDSA subtype (== curve) for
offered/recevied host keys. Fixes connection-killing host key mismatches when
a server offers multiple ECDSA keys with different curve type (an extremely
unlikely configuration).
ok markus, "looks mechanical" deraadt@
commit 8d4f87258f31cb6def9b3b55b6a7321d84728ff2
Author: djm at openbsd.org <djm at openbsd.org>
Date: Mon Jan 26 03:04:45 2015 +0000
upstream commit
Host key rotation support.
Add a hostkeys at openssh.com protocol extension (global request) for
a server to inform a client of all its available host key after
authentication has completed. The client may record the keys in
known_hosts, allowing it to upgrade to better host key algorithms
and a server to gracefully rotate its keys.
The client side of this is controlled by a UpdateHostkeys config
option (default on).
ok markus@
commit 60b1825262b1f1e24fc72050b907189c92daf18e
Author: djm at openbsd.org <djm at openbsd.org>
Date: Mon Jan 26 02:59:11 2015 +0000
upstream commit
small refactor and add some convenience functions; ok
markus
commit a5a3e3328ddce91e76f71ff479022d53e35c60c9
Author: jmc at openbsd.org <jmc at openbsd.org>
Date: Thu Jan 22 21:00:42 2015 +0000
upstream commit
heirarchy -> hierarchy;
commit dcff5810a11195c57e1b3343c0d6b6f2b9974c11
Author: deraadt at openbsd.org <deraadt at openbsd.org>
Date: Thu Jan 22 20:24:41 2015 +0000
upstream commit
Provide a warning about chroot misuses (which sadly, seem
to have become quite popular because shiny). sshd cannot detect/manage/do
anything about these cases, best we can do is warn in the right spot in the
man page. ok markus
commit 087266ec33c76fc8d54ac5a19efacf2f4a4ca076
Author: deraadt at openbsd.org <deraadt at openbsd.org>
Date: Tue Jan 20 23:14:00 2015 +0000
upstream commit
Reduce use of <sys/param.h> and transition to <limits.h>
throughout. ok djm markus
commit 57e783c8ba2c0797f93977e83b2a8644a03065d8
Author: markus at openbsd.org <markus at openbsd.org>
Date: Tue Jan 20 20:16:21 2015 +0000
upstream commit
kex_setup errors are fatal()
Summary of changes:
PROTOCOL | 24 +++-
auth.c | 8 +-
auth.h | 6 +-
authfile.c | 6 +-
channels.c | 5 +-
clientloop.c | 105 +++++++++++++++--
deattack.c | 3 +-
dh.c | 5 +-
groupaccess.c | 4 +-
gss-genr.c | 3 +-
gss-serv.c | 3 +-
hostfile.c | 206 ++++++++++++++++++++++++++++++---
hostfile.h | 5 +-
kex.c | 5 +-
kex.h | 7 +-
kexc25519c.c | 6 +-
kexc25519s.c | 8 +-
kexdhc.c | 6 +-
kexdhs.c | 8 +-
kexecdhc.c | 6 +-
kexecdhs.c | 8 +-
kexgexc.c | 8 +-
kexgexs.c | 10 +-
key.c | 4 +-
krl.c | 19 +--
moduli.c | 9 +-
monitor.c | 4 +-
monitor_mm.c | 4 +-
mux.c | 3 +-
packet.c | 5 +-
readconf.c | 13 ++-
readconf.h | 6 +-
regress/Makefile | 7 +-
regress/hostkey-rotate.sh | 129 +++++++++++++++++++++
regress/unittests/Makefile.inc | 4 +-
regress/unittests/kex/Makefile | 5 +-
regress/unittests/sshkey/test_fuzz.c | 4 +-
regress/unittests/sshkey/test_sshkey.c | 8 +-
regress/unittests/test_helper/Makefile | 5 +-
sandbox-systrace.c | 4 +-
scp.1 | 5 +-
serverloop.c | 4 +-
sftp-client.c | 4 +-
sftp-common.c | 4 +-
sftp-server.c | 10 +-
sftp.1 | 5 +-
sftp.c | 6 +-
ssh-keyscan.c | 3 +-
ssh-pkcs11-helper.c | 3 +-
ssh.1 | 5 +-
ssh.c | 8 +-
ssh_api.c | 16 +--
ssh_config.5 | 26 ++++-
sshbuf.c | 4 +-
sshconnect.c | 16 ++-
sshconnect2.c | 6 +-
sshd.c | 69 +++++++++--
sshd_config.5 | 17 ++-
sshkey.c | 110 ++++++++++++------
sshkey.h | 9 +-
sshlogin.c | 6 +-
61 files changed, 807 insertions(+), 217 deletions(-)
create mode 100644 regress/hostkey-rotate.sh
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list