[openssh-commits] [openssh] branch master updated (20b768fc -> 919bc3d3)
git+noreply at mindrot.org
git+noreply at mindrot.org
Mon Jul 17 14:54:02 AEST 2023
This is an automated email from the git hooks/post-receive script.
djm pushed a change to branch master
in repository openssh.
from 20b768fc Fix typo in declaration of nmesg.
new 18ea8577 upstream: Include stdint.h for SIZE_MAX. Fixes OPENSSL=no build.
new 449566f6 upstream: Support for KRL extensions.
new beec17bb upstream: remove vestigal support for KRL signatures
new 3071d85a upstream: add a "match localnetwork" predicate.
new 919bc3d3 upstream: Add support for configuration tags to ssh(1).
The 5 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Detailed log of new commits:
commit 919bc3d3b712c920de1ae6be5ac6561c98886d7e
Author: djm at openbsd.org <djm at openbsd.org>
Date: Mon Jul 17 04:08:31 2023 +0000
upstream: Add support for configuration tags to ssh(1).
This adds a ssh_config(5) "Tag" directive and corresponding
"Match tag" predicate that may be used to select blocks of
configuration similar to the pf.conf(5) keywords of the same
name.
ok markus
OpenBSD-Commit-ID: dc08358e70e702b59ac3e591827e5a96141b06a3
commit 3071d85a47061c1bdaf11a0ac233b501ecba862c
Author: djm at openbsd.org <djm at openbsd.org>
Date: Mon Jul 17 04:04:36 2023 +0000
upstream: add a "match localnetwork" predicate.
This allows matching on the addresses of available network interfaces
and may be used to vary the effective client configuration based on
network location (e.g. to use a ProxyJump when not on a particular
network).
ok markus@
OpenBSD-Commit-ID: cffb6ff9a3803abfc52b5cad0aa190c5e424c139
commit beec17bb311365b75a0a5941418d4b96df7d7888
Author: djm at openbsd.org <djm at openbsd.org>
Date: Mon Jul 17 04:01:10 2023 +0000
upstream: remove vestigal support for KRL signatures
When the KRL format was originally defined, it included support for
signing of KRL objects. However, the code to sign KRLs and verify KRL
signatues was never completed in OpenSSH.
Now, some years later, we have SSHSIG support in ssh-keygen that is
more general, well tested and actually works. So this removes the
semi-finished KRL signing/verification support from OpenSSH and
refactors the remaining code to realise the benefit - primarily, we
no longer need to perform multiple parsing passes over KRL objects.
ok markus@
OpenBSD-Commit-ID: 517437bab3d8180f695c775410c052340e038804
commit 449566f64c21b4578d5c0c431badd0328adc53ed
Author: djm at openbsd.org <djm at openbsd.org>
Date: Mon Jul 17 03:57:21 2023 +0000
upstream: Support for KRL extensions.
This defines wire formats for optional KRL extensions and implements
parsing of the new submessages. No actual extensions are supported at
this point.
ok markus
OpenBSD-Commit-ID: ae2fcde9a22a9ba7f765bd4f36b3f5901d8c3fa7
commit 18ea857770e84825a3a6238bb37f54864487b59f
Author: dtucker at openbsd.org <dtucker at openbsd.org>
Date: Fri Jul 14 07:44:21 2023 +0000
upstream: Include stdint.h for SIZE_MAX. Fixes OPENSSL=no build.
OpenBSD-Commit-ID: e7c31034a5434f2ead3579b13a7892960651e6b0
Summary of changes:
PROTOCOL.krl | 55 +++++++++++-
auth-options.c | 3 +-
krl.c | 279 ++++++++++++++++++++++-----------------------------------
krl.h | 10 +--
misc.c | 3 +-
readconf.c | 90 +++++++++++++++++--
readconf.h | 3 +-
ssh-keygen.c | 6 +-
ssh.1 | 15 +++-
ssh.c | 8 +-
ssh_config.5 | 30 ++++++-
11 files changed, 307 insertions(+), 195 deletions(-)
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list