summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2012-06-30 08:34:59 +1000
committerDamien Miller <djm@mindrot.org>2012-06-30 08:34:59 +1000
commitdb4f8e86184ef0e8d14a370a5569a52d8ed28551 (patch)
treec2664c0607fa20ba11bf3d1f9ce2a1069abd78b2
parent560de922b18fe7fcea8cc837d87cd4609738eb0f (diff)
- dtucker@cvs.openbsd.org 2012/06/28 05:07:45
[mac.c myproposal.h ssh_config.5 sshd_config.5] Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed from draft6 of the spec and will not be in the RFC when published. Patch from mdb at juniper net via bz#2023, ok markus.
Diffstat
-rw-r--r--ChangeLog5
-rw-r--r--mac.c4
-rw-r--r--myproposal.h4
-rw-r--r--ssh_config.57
-rw-r--r--sshd_config.57
5 files changed, 13 insertions, 14 deletions
diff --git a/ChangeLog b/ChangeLog
index f4627f041..5f574f4de 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -15,6 +15,11 @@
15 [sandbox-systrace.c] 15 [sandbox-systrace.c]
16 Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation 16 Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation
17 sandbox" since malloc now uses it. From johnw.mail at gmail com. 17 sandbox" since malloc now uses it. From johnw.mail at gmail com.
18 - dtucker@cvs.openbsd.org 2012/06/28 05:07:45
19 [mac.c myproposal.h ssh_config.5 sshd_config.5]
20 Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed
21 from draft6 of the spec and will not be in the RFC when published. Patch
22 from mdb at juniper net via bz#2023, ok markus.
18 23
1920120628 2420120628
20 - (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022: prevent null 25 - (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022: prevent null
diff --git a/mac.c b/mac.c
index 332d3c621..9b450e4e2 100644
--- a/mac.c
+++ b/mac.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: mac.c,v 1.17 2011/12/02 00:43:57 djm Exp $ */ 1/* $OpenBSD: mac.c,v 1.18 2012/06/28 05:07:45 dtucker Exp $ */
2/* 2/*
3 * Copyright (c) 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2001 Markus Friedl. All rights reserved.
4 * 4 *
@@ -61,9 +61,7 @@ struct {
61 { "hmac-sha1-96", SSH_EVP, EVP_sha1, 96, -1, -1 }, 61 { "hmac-sha1-96", SSH_EVP, EVP_sha1, 96, -1, -1 },
62#ifdef HAVE_EVP_SHA256 62#ifdef HAVE_EVP_SHA256
63 { "hmac-sha2-256", SSH_EVP, EVP_sha256, 0, -1, -1 }, 63 { "hmac-sha2-256", SSH_EVP, EVP_sha256, 0, -1, -1 },
64 { "hmac-sha2-256-96", SSH_EVP, EVP_sha256, 96, -1, -1 },
65 { "hmac-sha2-512", SSH_EVP, EVP_sha512, 0, -1, -1 }, 64 { "hmac-sha2-512", SSH_EVP, EVP_sha512, 0, -1, -1 },
66 { "hmac-sha2-512-96", SSH_EVP, EVP_sha512, 96, -1, -1 },
67#endif 65#endif
68 { "hmac-md5", SSH_EVP, EVP_md5, 0, -1, -1 }, 66 { "hmac-md5", SSH_EVP, EVP_md5, 0, -1, -1 },
69 { "hmac-md5-96", SSH_EVP, EVP_md5, 96, -1, -1 }, 67 { "hmac-md5-96", SSH_EVP, EVP_md5, 96, -1, -1 },
diff --git a/myproposal.h b/myproposal.h
index 0bc1c778c..2e6a0dcac 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: myproposal.h,v 1.28 2011/08/02 01:22:11 djm Exp $ */ 1/* $OpenBSD: myproposal.h,v 1.29 2012/06/28 05:07:45 dtucker Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -78,9 +78,7 @@
78#ifdef HAVE_EVP_SHA256 78#ifdef HAVE_EVP_SHA256
79#define SHA2_HMAC_MODES \ 79#define SHA2_HMAC_MODES \
80 "hmac-sha2-256," \ 80 "hmac-sha2-256," \
81 "hmac-sha2-256-96," \
82 "hmac-sha2-512," \ 81 "hmac-sha2-512," \
83 "hmac-sha2-512-96,"
84#else 82#else
85# define SHA2_HMAC_MODES 83# define SHA2_HMAC_MODES
86#endif 84#endif
diff --git a/ssh_config.5 b/ssh_config.5
index c9917d25b..db7ea5cdd 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35.\" 35.\"
36.\" $OpenBSD: ssh_config.5,v 1.155 2012/06/18 11:49:58 dtucker Exp $ 36.\" $OpenBSD: ssh_config.5,v 1.156 2012/06/28 05:07:45 dtucker Exp $
37.Dd $Mdocdate: June 18 2012 $ 37.Dd $Mdocdate: June 28 2012 $
38.Dt SSH_CONFIG 5 38.Dt SSH_CONFIG 5
39.Os 39.Os
40.Sh NAME 40.Sh NAME
@@ -794,8 +794,7 @@ The default is:
794.Bd -literal -offset indent 794.Bd -literal -offset indent
795hmac-md5,hmac-sha1,umac-64@openssh.com, 795hmac-md5,hmac-sha1,umac-64@openssh.com,
796hmac-ripemd160,hmac-sha1-96,hmac-md5-96, 796hmac-ripemd160,hmac-sha1-96,hmac-md5-96,
797hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512, 797hmac-sha2-256,hmac-sha2-512
798hmac-sha2-512-96
799.Ed 798.Ed
800.It Cm NoHostAuthenticationForLocalhost 799.It Cm NoHostAuthenticationForLocalhost
801This option can be used if the home directory is shared across machines. 800This option can be used if the home directory is shared across machines.
diff --git a/sshd_config.5 b/sshd_config.5
index 1b9ffad4c..897b8a419 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,8 +33,8 @@
33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35.\" 35.\"
36.\" $OpenBSD: sshd_config.5,v 1.142 2012/06/19 21:35:54 jmc Exp $ 36.\" $OpenBSD: sshd_config.5,v 1.143 2012/06/28 05:07:45 dtucker Exp $
37.Dd $Mdocdate: June 19 2012 $ 37.Dd $Mdocdate: June 28 2012 $
38.Dt SSHD_CONFIG 5 38.Dt SSHD_CONFIG 5
39.Os 39.Os
40.Sh NAME 40.Sh NAME
@@ -658,8 +658,7 @@ The default is:
658.Bd -literal -offset indent 658.Bd -literal -offset indent
659hmac-md5,hmac-sha1,umac-64@openssh.com, 659hmac-md5,hmac-sha1,umac-64@openssh.com,
660hmac-ripemd160,hmac-sha1-96,hmac-md5-96, 660hmac-ripemd160,hmac-sha1-96,hmac-md5-96,
661hmac-sha2-256,hmac-sha256-96,hmac-sha2-512, 661hmac-sha2-256,hmac-sha2-512
662hmac-sha2-512-96
663.Ed 662.Ed
664.It Cm Match 663.It Cm Match
665Introduces a conditional block. 664Introduces a conditional block.
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 16:46:18 +0000