[openssh-commits] [openssh] branch master updated (3eb7f103 -> 258dc8bb)

git+noreply at mindrot.org git+noreply at mindrot.org
Thu Jul 19 21:41:48 AEST 2018 

This is an automated email from the git hooks/post-receive script.

djm pushed a change to branch master
in repository openssh.

      from  3eb7f103  upstream: keep options.identity_file_userprovided array in sync when we
       new  26efc2f5  upstream: Remove support for loading HostBasedAuthentication keys
       new  ac590760  upstream: Slot 0 in the hostbased key array was previously RSA1,
       new  258dc8bb  upstream: Remove support for running ssh(1) setuid and fatal if

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.


Detailed log of new commits:

commit 258dc8bb07dfb35a46e52b0822a2c5b7027df60a
Author: dtucker at openbsd.org <dtucker at openbsd.org>
Date:   Wed Jul 18 11:34:04 2018 +0000

    upstream: Remove support for running ssh(1) setuid and fatal if
    
    attempted. Do not link uidwap.c into ssh any more.  Neuters
    UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@
    djm@
    
    OpenBSD-Commit-ID: c4ba5bf9c096f57a6ed15b713a1d7e9e2e373c42

commit ac590760b251506b0a152551abbf8e8d6dc2f527
Author: dtucker at openbsd.org <dtucker at openbsd.org>
Date:   Mon Jul 16 22:25:01 2018 +0000

    upstream: Slot 0 in the hostbased key array was previously RSA1,
    
    but that is now gone and the slot is unused so remove it.  Remove two
    now-unused macros, and add an array bounds check to the two remaining ones
    (array is statically sized, so mostly a safety check on future changes). ok
    markus@
    
    OpenBSD-Commit-ID: 2e4c0ca6cc1d8daeccead2aa56192a3f9d5e1e7a

commit 26efc2f5df0e3bcf6a6bbdd0506fd682d60c2145
Author: dtucker at openbsd.org <dtucker at openbsd.org>
Date:   Mon Jul 16 11:05:41 2018 +0000

    upstream: Remove support for loading HostBasedAuthentication keys
    
    directly in ssh(1) and always use ssh-keysign.  This removes one of the few
    remaining reasons why ssh(1) might be setuid.  ok markus@
    
    OpenBSD-Commit-ID: 97f01e1448707129a20d75f86bad5d27c3cf0b7d

Summary of changes:
 .depend       |  12 +++----
 Makefile.in   |   8 ++---
 misc.c        |   3 +-
 readconf.c    |   5 +--
 readpass.c    |   3 +-
 ssh.c         | 114 +++++++++++++++-------------------------------------------
 sshconnect.c  |  28 ++-------------
 sshconnect.h  |  22 +-----------
 sshconnect2.c |  11 ++----
 uidswap.c     |  33 +----------------
 uidswap.h     |   3 +-
 11 files changed, 50 insertions(+), 192 deletions(-)

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list