| #
a2f733ab |
| 24-Nov-2023 |
Warner Losh <imp@FreeBSD.org> |
lib: Automated cleanup of cdefs and other formatting
Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.
Remov
lib: Automated cleanup of cdefs and other formatting
Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.
Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/
Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/
Remove /\n+#if.*\n#endif.*\n+/
Remove /^#if.*\n#endif.*\n/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/
Sponsored by: Netflix
show more ...
|
|
Revision tags: release/14.0.0 |
|
| #
1d386b48 |
| 16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line .c pattern
Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
|
|
Revision tags: release/13.2.0, release/12.4.0, release/13.1.0 |
|
| #
1323ec57 |
| 13-Apr-2022 |
Ed Maste <emaste@FreeBSD.org> |
ssh: update to OpenSSH v8.9p1
Release notes are available at https://www.openssh.com/txt/release-8.9
Some highlights:
* ssh(1), sshd(8), ssh-add(1), ssh-agent(1): add a system for
restricting
ssh: update to OpenSSH v8.9p1
Release notes are available at https://www.openssh.com/txt/release-8.9
Some highlights:
* ssh(1), sshd(8), ssh-add(1), ssh-agent(1): add a system for
restricting forwarding and use of keys added to ssh-agent(1)
* ssh(1), sshd(8): add the sntrup761x25519-sha512@openssh.com hybrid
ECDH/x25519 + Streamlined NTRU Prime post-quantum KEX to the
default KEXAlgorithms list (after the ECDH methods but before the
prime-group DH ones). The next release of OpenSSH is likely to
make this key exchange the default method.
* sshd(8), portable OpenSSH only: this release removes in-built
support for MD5-hashed passwords. If you require these on your
system then we recommend linking against libxcrypt or similar.
Future deprecation notice
=========================
A near-future release of OpenSSH will switch scp(1) from using the
legacy scp/rcp protocol to using SFTP by default.
Legacy scp/rcp performs wildcard expansion of remote filenames (e.g.
"scp host:* .") through the remote shell. This has the side effect of
requiring double quoting of shell meta-characters in file names
included on scp(1) command-lines, otherwise they could be interpreted
as shell commands on the remote side.
MFC after: 1 month
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
show more ...
|
|
Revision tags: release/12.3.0 |
|
| #
19261079 |
| 08-Sep-2021 |
Ed Maste <emaste@FreeBSD.org> |
openssh: update to OpenSSH v8.7p1
Some notable changes, from upstream's release notes:
- sshd(8): Remove support for obsolete "host/port" syntax.
- ssh(1): When prompting whether to record a new ho
openssh: update to OpenSSH v8.7p1
Some notable changes, from upstream's release notes:
- sshd(8): Remove support for obsolete "host/port" syntax.
- ssh(1): When prompting whether to record a new host key, accept the key
fingerprint as a synonym for "yes".
- ssh-keygen(1): when acting as a CA and signing certificates with an RSA
key, default to using the rsa-sha2-512 signature algorithm.
- ssh(1), sshd(8), ssh-keygen(1): this release removes the "ssh-rsa"
(RSA/SHA1) algorithm from those accepted for certificate signatures.
- ssh-sk-helper(8): this is a new binary. It is used by the FIDO/U2F
support to provide address-space isolation for token middleware
libraries (including the internal one).
- ssh(1): this release enables UpdateHostkeys by default subject to some
conservative preconditions.
- scp(1): this release changes the behaviour of remote to remote copies
(e.g. "scp host-a:/path host-b:") to transfer through the local host
by default.
- scp(1): experimental support for transfers using the SFTP protocol as
a replacement for the venerable SCP/RCP protocol that it has
traditionally used.
Additional integration work is needed to support FIDO/U2F in the base
system.
Deprecation Notice
------------------
OpenSSH will disable the ssh-rsa signature scheme by default in the
next release.
Reviewed by: imp
MFC after: 1 month
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D29985
show more ...
|
|
Revision tags: release/13.0.0, release/12.2.0, release/11.4.0, release/12.1.0, release/11.3.0, release/12.0.0 |
|
| #
3af64f03 |
| 11-Sep-2018 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r338392 through r338594.
|
| #
190cef3d |
| 10-Sep-2018 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 7.8p1.
Approved by: re (kib@)
|
|
Revision tags: release/11.2.0 |
|
| #
47dd1d1b |
| 11-May-2018 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 7.7p1.
|
| #
5e53a4f9 |
| 26-Nov-2017 |
Pedro F. Giffuni <pfg@FreeBSD.org> |
lib: further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using mis-identified many licenses so this was mostly a manual - error
pr
lib: further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using mis-identified many licenses so this was mostly a manual - error
prone - task.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
show more ...
|
|
Revision tags: release/10.4.0, release/11.1.0, release/11.0.1, release/11.0.0 |
|
| #
ed04e0c3 |
| 25-Aug-2016 |
Enji Cooper <ngie@FreeBSD.org> |
MFhead @ r304815
|
| #
7d0ce7aa |
| 23-Aug-2016 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r304537 through r304699.
|
| #
6eb79b47 |
| 22-Aug-2016 |
Ollivier Robert <roberto@FreeBSD.org> |
Remove support for SSH1 as it is already disabled in our OpenSSH.
Submitted by: vangyzen
MFC after: 2 weeks
|
| #
6533da45 |
| 22-Aug-2016 |
Ollivier Robert <roberto@FreeBSD.org> |
Add support for Ed25519 keys.
Reported by: mwlucas
MFH: 2 weeks
|
|
Revision tags: release/10.3.0 |
|
| #
53835448 |
| 14-Mar-2016 |
Glen Barber <gjb@FreeBSD.org> |
MFH
Sponsored by: The FreeBSD Foundation
|
| #
e7c246c5 |
| 11-Mar-2016 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Define __bounded__ to fix the gcc build. While there, raise WARNS.
|
| #
d9b9dae1 |
| 22-Jan-2016 |
Dimitry Andric <dim@FreeBSD.org> |
Merge ^/head r294169 through r294598.
|
| #
009e81b1 |
| 22-Jan-2016 |
Bjoern A. Zeeb <bz@FreeBSD.org> |
MFH @r294567
|
| #
59d43d11 |
| 20-Jan-2016 |
Glen Barber <gjb@FreeBSD.org> |
MFH
Sponsored by: The FreeBSD Foundation
|
| #
c560a315 |
| 20-Jan-2016 |
John Baldwin <jhb@FreeBSD.org> |
Update for API changes in OpenSSH 6.8p1.
First, the authfd API now uses a direct file descriptor for the control
socket instead of a more abstract AuthenticationConnection structure.
Second, the fun
Update for API changes in OpenSSH 6.8p1.
First, the authfd API now uses a direct file descriptor for the control
socket instead of a more abstract AuthenticationConnection structure.
Second, the functions now consistently return an error value.
Reviewed by: bdrewery
show more ...
|
|
Revision tags: release/10.2.0, release/10.1.0, release/9.3.0, release/10.0.0, release/9.2.0, release/8.4.0, release/9.1.0 |
|
| #
b652778e |
| 11-Jul-2012 |
Peter Grehan <grehan@FreeBSD.org> |
IFC @ r238370
|
| #
2d5e7d2e |
| 30-May-2012 |
Will Andrews <will@FreeBSD.org> |
IFC @ r236291.
Diff reductions to the enclosure driver made in r235911.
|
| #
31ccd489 |
| 28-May-2012 |
Gleb Smirnoff <glebius@FreeBSD.org> |
Merge head r233826 through r236168.
|
| #
8d6900ea |
| 26-May-2012 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Passing NULL as a key casues a segfault when loading SSH 1 keys. Use
an empty string instead.
|
|
Revision tags: release/8.3.0_cvs, release/8.3.0 |
|
| #
8fa0b743 |
| 23-Jan-2012 |
Xin LI <delphij@FreeBSD.org> |
IFC @230489 (pending review).
|
|
Revision tags: release/9.0.0 |
|
| #
3ee1a36e |
| 22-Nov-2011 |
Peter Grehan <grehan@FreeBSD.org> |
IFC @ r227804
Pull in the virtio drivers from head.
|
| #
4520e72e |
| 20-Nov-2011 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
key_load_private() ignores the passphrase argument if the private key
is unencrypted. This defeats the nullok check, because it means a
non-null passphrase will successfully unlock the key.
To addr
key_load_private() ignores the passphrase argument if the private key
is unencrypted. This defeats the nullok check, because it means a
non-null passphrase will successfully unlock the key.
To address this, try at first to load the key without a passphrase.
If this succeeds and the user provided a non-empty passphrase *or*
nullok is false, reject the key.
MFC after: 1 week
Noticed by: Guy Helmer <guy.helmer@palisadesystems.com>
show more ...
|