[openssh-commits] [openssh] branch master updated (d028d5d -> 1364079)
git+noreply at mindrot.org
git+noreply at mindrot.org
Thu May 21 16:47:09 AEST 2015
This is an automated email from the git hooks/post-receive script.
djm pushed a change to branch master
in repository openssh.
from d028d5d upstream commit
new 9173d0f upstream commit
new 7cc44ef upstream commit
new d80fbe4 upstream commit
new 24232a3 upstream commit
new bcc50d8 upstream commit
new 84452c5 upstream commit
new 1364079 upstream commit
The 7 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Detailed log of new commits:
commit 13640798c7dd011ece0a7d02841fe48e94cfa0e0
Author: djm at openbsd.org <djm at openbsd.org>
Date: Thu May 21 06:44:25 2015 +0000
upstream commit
regress test for AuthorizedPrincipalsCommand
Upstream-Regress-ID: c658fbf1ab6b6011dc83b73402322e396f1e1219
commit 84452c5d03c21f9bfb28c234e0dc1dc67dd817b1
Author: djm at openbsd.org <djm at openbsd.org>
Date: Thu May 21 06:40:02 2015 +0000
upstream commit
regress test for AuthorizedKeysCommand arguments
Upstream-Regress-ID: bbd65c13c6b3be9a442ec115800bff9625898f12
commit bcc50d816187fa9a03907ac1f3a52f04a52e10d1
Author: djm at openbsd.org <djm at openbsd.org>
Date: Thu May 21 06:43:30 2015 +0000
upstream commit
add AuthorizedPrincipalsCommand that allows getting
authorized_principals from a subprocess rather than a file, which is quite
useful in deployments with large userbases
feedback and ok markus@
Upstream-ID: aa1bdac7b16fc6d2fa3524ef08f04c7258d247f6
commit 24232a3e5ab467678a86aa67968bbb915caffed4
Author: djm at openbsd.org <djm at openbsd.org>
Date: Thu May 21 06:38:35 2015 +0000
upstream commit
support arguments to AuthorizedKeysCommand
bz#2081 loosely based on patch by Sami Hartikainen
feedback and ok markus@
Upstream-ID: b080387a14aa67dddd8ece67c00f268d626541f7
commit d80fbe41a57c72420c87a628444da16d09d66ca7
Author: djm at openbsd.org <djm at openbsd.org>
Date: Thu May 21 04:55:51 2015 +0000
upstream commit
refactor: split base64 encoding of pubkey into its own
sshkey_to_base64() function and out of sshkey_write(); ok markus@
Upstream-ID: 54fc38f5832e9b91028900819bda46c3959a0c1a
commit 7cc44ef74133a473734bbcbd3484f24d6a7328c5
Author: deraadt at openbsd.org <deraadt at openbsd.org>
Date: Mon May 18 15:06:05 2015 +0000
upstream commit
getentropy() and sendsyslog() have been around long
enough. openssh-portable may want the #ifdef's but not base. discussed with
djm few weeks back
Upstream-ID: 0506a4334de108e3fb6c66f8d6e0f9c112866926
commit 9173d0fbe44de7ebcad8a15618e13a8b8d78902e
Author: dtucker at openbsd.org <dtucker at openbsd.org>
Date: Fri May 15 05:44:21 2015 +0000
upstream commit
Use a salted hash of the lock passphrase instead of plain
text and do constant-time comparisons of it. Should prevent leaking any
information about it via timing, pointed out by Ryan Castellucci. Add a 0.1s
incrementing delay for each failed unlock attempt up to 10s. ok markus@
(earlier version), djm@
Upstream-ID: c599fcc325aa1cc65496b25220b622d22208c85f
Summary of changes:
auth2-pubkey.c | 612 +++++++++++++++++++++++++++++++++---------
regress/Makefile | 5 +-
regress/keys-command.sh | 59 +++-
regress/principals-command.sh | 139 ++++++++++
sandbox-systrace.c | 20 +-
servconf.c | 37 ++-
servconf.h | 10 +-
ssh-agent.c | 53 +++-
sshd.c | 7 +-
sshd_config.5 | 58 +++-
sshkey.c | 174 ++++++------
sshkey.h | 3 +-
12 files changed, 929 insertions(+), 248 deletions(-)
create mode 100644 regress/principals-command.sh
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list