* New upstream release (LP: #535029).

- After a transition period of about 10 years, this release disables SSH protocol 1 by default. Clients and servers that need to use the legacy protocol must explicitly enable it in ssh_config / sshd_config or on the command-line. - Remove the libsectok/OpenSC-based smartcard code and add support for PKCS#11 tokens. This support is enabled by default in the Debian packaging, since it now doesn't involve additional library dependencies (closes: #231472, LP: #16918). - Add support for certificate authentication of users and hosts using a new, minimal OpenSSH certificate format (closes: #482806). - Added a 'netcat mode' to ssh(1): "ssh -W host:port ...". - Add the ability to revoke keys in sshd(8) and ssh(1). (For the Debian package, this overlaps with the key blacklisting facility added in openssh 1:4.7p1-9, but with different file formats and slightly different scopes; for the moment, I've roughly merged the two.) - Various multiplexing improvements, including support for requesting port-forwardings via the multiplex protocol (closes: #360151). - Allow setting an explicit umask on the sftp-server(8) commandline to override whatever default the user has (closes: #496843). - Many sftp client improvements, including tab-completion, more options, and recursive transfer support for get/put (LP: #33378). The old mget/mput commands never worked properly and have been removed (closes: #270399, #428082). - Do not prompt for a passphrase if we fail to open a keyfile, and log the reason why the open failed to debug (closes: #431538). - Prevent sftp from crashing when given a "-" without a command. Also, allow whitespace to follow a "-" (closes: #531561).
author: Colin Watson <cjwatson@debian.org> 2010-03-31 10:46:28 +0100
committer: Colin Watson <cjwatson@debian.org> 2010-03-31 10:46:28 +0100
commit: efd3d4522636ae029488c2e9730b60c88e257d2e (patch)
tree: 31e02ac3f16090ce8c53448677356b2b7f423683 /monitor_wrap.c
parent: bbec4db36d464ea1d464a707625125f9fd5c7b5e (diff)
parent: d1a87e462e1db89f19cd960588d0c6b287cb5ccc (diff)
1 files changed, 1 insertions, 18 deletions
diff --git a/monitor_wrap.c b/monitor_wrap.c
index 743e34079..24b54e4a4 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.68 2009/06/22 05:39:28 dtucker Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.69 2010/03/07 11:57:13 dtucker Exp $ */
 /*
 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -365,19 +365,6 @@ mm_auth_rhosts_rsa_key_allowed(struct passwd *pw, char *user,
        return (ret);
 }
-static void
-mm_send_debug(Buffer *m)
-{
-        char *msg;
-        while (buffer_len(m)) {
-                msg = buffer_get_string(m, NULL);
-                debug3("%s: Sending debug: %s", __func__, msg);
-                packet_send_debug("%s", msg);
-                xfree(msg);
-        }
-}
 int
 mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key)
 {
@@ -411,9 +398,6 @@ mm_key_allowed(enum mm_keytype type, char *user, char *host, Key *key)
        have_forced = buffer_get_int(&m);
        forced_command = have_forced ? xstrdup("true") : NULL;
-        /* Send potential debug messages */
-        mm_send_debug(&m);
        buffer_free(&m);
        return (allowed);
@@ -1103,7 +1087,6 @@ mm_auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
                *rkey = key;
                xfree(blob);
        }
-        mm_send_debug(&m);
        buffer_free(&m);
        return (allowed);
author	Colin Watson <cjwatson@debian.org>	2010-03-31 10:46:28 +0100
committer	Colin Watson <cjwatson@debian.org>	2010-03-31 10:46:28 +0100
commit	efd3d4522636ae029488c2e9730b60c88e257d2e (patch)
tree	31e02ac3f16090ce8c53448677356b2b7f423683 /monitor_wrap.c
parent	bbec4db36d464ea1d464a707625125f9fd5c7b5e (diff)
parent	d1a87e462e1db89f19cd960588d0c6b287cb5ccc (diff)