diff options
| author | Colin Watson <cjwatson@debian.org> | 2011-09-06 14:56:29 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2011-09-06 14:56:29 +0100 |
| commit | 978e62d6f14c60747bddef2cc72d66a9c8b83b54 (patch) | |
| tree | 89400a44e42d84937deba7864e4964d6c7734da5 /openbsd-compat/bsd-cygwin_util.c | |
| parent | 87c685b8c6a49814fd782288097b3093f975aa72 (diff) | |
| parent | 3a7e89697ca363de0f64e0d5704c57219294e41c (diff) | |
* New upstream release (http://www.openssh.org/txt/release-5.9).
- Introduce sandboxing of the pre-auth privsep child using an optional
sshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables
mandatory restrictions on the syscalls the privsep child can perform.
- Add new SHA256-based HMAC transport integrity modes from
http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt.
- The pre-authentication sshd(8) privilege separation slave process now
logs via a socket shared with the master process, avoiding the need to
maintain /dev/log inside the chroot (closes: #75043, #429243,
#599240).
- ssh(1) now warns when a server refuses X11 forwarding (closes:
#504757).
- sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths,
separated by whitespace (closes: #76312). The authorized_keys2
fallback is deprecated but documented (closes: #560156).
- ssh(1) and sshd(8): set IPv6 traffic class from IPQoS, as well as IPv4
ToS/DSCP (closes: #498297).
- ssh-add(1) now accepts keys piped from standard input. E.g. "ssh-add
- < /path/to/key" (closes: #229124).
- Clean up lost-passphrase text in ssh-keygen(1) (closes: #444691).
- Say "required" rather than "recommended" in unprotected-private-key
warning (LP: #663455).
Diffstat (limited to 'openbsd-compat/bsd-cygwin_util.c')
| -rw-r--r-- | openbsd-compat/bsd-cygwin_util.c | 17 |
1 files changed, 1 insertions, 16 deletions
diff --git a/openbsd-compat/bsd-cygwin_util.c b/openbsd-compat/bsd-cygwin_util.c index e9fa3a0e2..9eedc88d2 100644 --- a/openbsd-compat/bsd-cygwin_util.c +++ b/openbsd-compat/bsd-cygwin_util.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | /* | 1 | /* |
| 2 | * Copyright (c) 2000, 2001, Corinna Vinschen <vinschen@cygnus.com> | 2 | * Copyright (c) 2000, 2001, 2011 Corinna Vinschen <vinschen@redhat.com> |
| 3 | * | 3 | * |
| 4 | * Redistribution and use in source and binary forms, with or without | 4 | * Redistribution and use in source and binary forms, with or without |
| 5 | * modification, are permitted provided that the following conditions | 5 | * modification, are permitted provided that the following conditions |
| @@ -34,9 +34,6 @@ | |||
| 34 | #if defined(open) && open == binary_open | 34 | #if defined(open) && open == binary_open |
| 35 | # undef open | 35 | # undef open |
| 36 | #endif | 36 | #endif |
| 37 | #if defined(pipe) && open == binary_pipe | ||
| 38 | # undef pipe | ||
| 39 | #endif | ||
| 40 | 37 | ||
| 41 | #include <sys/types.h> | 38 | #include <sys/types.h> |
| 42 | 39 | ||
| @@ -59,18 +56,6 @@ binary_open(const char *filename, int flags, ...) | |||
| 59 | return (open(filename, flags | O_BINARY, mode)); | 56 | return (open(filename, flags | O_BINARY, mode)); |
| 60 | } | 57 | } |
| 61 | 58 | ||
| 62 | int | ||
| 63 | binary_pipe(int fd[2]) | ||
| 64 | { | ||
| 65 | int ret = pipe(fd); | ||
| 66 | |||
| 67 | if (!ret) { | ||
| 68 | setmode(fd[0], O_BINARY); | ||
| 69 | setmode(fd[1], O_BINARY); | ||
| 70 | } | ||
| 71 | return (ret); | ||
| 72 | } | ||
| 73 | |||
| 74 | int | 59 | int |
| 75 | check_ntsec(const char *filename) | 60 | check_ntsec(const char *filename) |
| 76 | { | 61 | { |