[openssh-commits] [openssh] branch master updated (44142068 -> a917e973)

git+noreply at mindrot.org git+noreply at mindrot.org
Fri Jul 23 14:07:28 AEST 2021 

This is an automated email from the git hooks/post-receive script.

djm pushed a change to branch master
in repository openssh.

      from  44142068  upstream: Use SUDO when setting up hostkey.
       new  d0bb1ce7  upstream: Let allowed signers files used by ssh-keygen(1)
       new  e3957e21  upstream: make authorized_keys environment="..." directives
       new  e0c5088f  upstream: Add a StdinNull directive to ssh_config(5) that allows
       new  a917e973  upstream: Add a ForkAfterAuthentication ssh_config(5) counterpart

The 4 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.


Detailed log of new commits:

commit a917e973a1b90b40ff1e950df083364b48fc6c78
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri Jul 23 04:04:52 2021 +0000

    upstream: Add a ForkAfterAuthentication ssh_config(5) counterpart
    
    to the ssh(1) -f flag. Last part of GHPR231 from Volker Diels-Grabsch. ok
    dtucker
    
    OpenBSD-Commit-ID: b18aeda12efdebe2093d55263c90fe4ea0bce0d3

commit e0c5088f1c96a145eb6ea1dee438010da78f9ef5
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri Jul 23 04:00:59 2021 +0000

    upstream: Add a StdinNull directive to ssh_config(5) that allows
    
    the config file to do the same thing as -n does on the ssh(1) commandline.
    Patch from Volker Diels-Grabsch via GHPR231; ok dtucker
    
    OpenBSD-Commit-ID: 66ddf3f15c76796d4dcd22ff464aed1edd62468e

commit e3957e21ffdc119d6d04c0b1686f8e2fe052f5ea
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri Jul 23 03:57:20 2021 +0000

    upstream: make authorized_keys environment="..." directives
    
    first-match-wins and more strictly limit their maximum number; prompted by
    OOM reported by OSS-fuzz (35470).
    
    feedback and ok dtucker@
    
    OpenBSD-Commit-ID: 01f63fc10dcd995e7aed9c378ad879161af83121

commit d0bb1ce731762c55acb95817df4d5fab526c7ecd
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri Jul 23 03:37:52 2021 +0000

    upstream: Let allowed signers files used by ssh-keygen(1)
    
    signatures support key lifetimes, and allow the verification mode to specify
    a signature time to check at. This is intended for use by git to support
    signing objects using ssh keys. ok dtucker@
    
    OpenBSD-Commit-ID: 3e2c67b7dcd94f0610194d1e8e4907829a40cf31

Summary of changes:
 auth-options.c    |  35 +++++++++++------
 auth-options.h    |   7 +++-
 auth2-hostbased.c |   4 +-
 auth2-pubkey.c    |   6 +--
 clientloop.c      |  10 +----
 mux.c             |   7 ++--
 readconf.c        |  24 ++++++++++--
 readconf.h        |   4 +-
 ssh-keygen.1      |  25 +++++++++++--
 ssh-keygen.c      |  58 ++++++++++++++++++++++++----
 ssh.1             |  16 +++++++-
 ssh.c             |  43 ++++++++-------------
 ssh_config.5      |  59 ++++++++++++++++++++++++++++-
 sshkey.c          |  32 ++++++++++------
 sshkey.h          |   4 +-
 sshsig.c          | 110 ++++++++++++++++++++++++++++++++++++++++--------------
 sshsig.h          |   6 +--
 17 files changed, 331 insertions(+), 119 deletions(-)

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list