diff options
38 files changed, 107 insertions, 321 deletions
@@ -1,3 +1,31 @@ | |||
1 | 20110204 | ||
2 | - OpenBSD CVS Sync | ||
3 | - djm@cvs.openbsd.org 2011/01/31 21:42:15 | ||
4 | [PROTOCOL.mux] | ||
5 | cut'n'pasto; from bert.wesarg AT googlemail.com | ||
6 | - djm@cvs.openbsd.org 2011/02/04 00:44:21 | ||
7 | [key.c] | ||
8 | fix uninitialised nonce variable; reported by Mateusz Kocielski | ||
9 | - djm@cvs.openbsd.org 2011/02/04 00:44:43 | ||
10 | [version.h] | ||
11 | openssh-5.8 | ||
12 | - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | ||
13 | [contrib/suse/openssh.spec] update versions in docs and spec files. | ||
14 | - Release OpenSSH 5.8p1 | ||
15 | |||
16 | 20110128 | ||
17 | - (djm) [openbsd-compat/port-linux.c] Check whether SELinux is enabled | ||
18 | before attempting setfscreatecon(). Check whether matchpathcon() | ||
19 | succeeded before using its result. Patch from cjwatson AT debian.org; | ||
20 | bz#1851 | ||
21 | |||
22 | 20110125 | ||
23 | - (djm) [configure.ac Makefile.in ssh.c openbsd-compat/port-linux.c | ||
24 | openbsd-compat/port-linux.h] Move SELinux-specific code from ssh.c to | ||
25 | port-linux.c to avoid compilation errors. Add -lselinux to ssh when | ||
26 | building with SELinux support to avoid linking failure; report from | ||
27 | amk AT spamfence.net; ok dtucker | ||
28 | |||
1 | 20110122 | 29 | 20110122 |
2 | - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add | 30 | - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add |
3 | RSA_get_default_method() for the benefit of openssl versions that don't | 31 | RSA_get_default_method() for the benefit of openssl versions that don't |
diff --git a/Makefile.in b/Makefile.in index 257f73cc1..c18ba7099 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: Makefile.in,v 1.320 2011/01/17 10:15:29 dtucker Exp $ | 1 | # $Id: Makefile.in,v 1.320.4.1 2011/02/04 00:42:13 djm Exp $ |
2 | 2 | ||
3 | # uncomment if you run a non bourne compatable shell. Ie. csh | 3 | # uncomment if you run a non bourne compatable shell. Ie. csh |
4 | #SHELL = @SH@ | 4 | #SHELL = @SH@ |
diff --git a/PROTOCOL.mux b/PROTOCOL.mux index 3d6f81878..2a5817bd7 100644 --- a/PROTOCOL.mux +++ b/PROTOCOL.mux | |||
@@ -122,7 +122,7 @@ For dynamically allocated listen port the server replies with | |||
122 | 122 | ||
123 | Note: currently unimplemented (server will always reply with MUX_S_FAILURE). | 123 | Note: currently unimplemented (server will always reply with MUX_S_FAILURE). |
124 | 124 | ||
125 | A client may request the master to establish a port forward: | 125 | A client may request the master to close a port forward: |
126 | 126 | ||
127 | uint32 MUX_C_CLOSE_FWD | 127 | uint32 MUX_C_CLOSE_FWD |
128 | uint32 request id | 128 | uint32 request id |
@@ -200,4 +200,4 @@ XXX server->client error/warning notifications | |||
200 | XXX port0 rfwd (need custom response message) | 200 | XXX port0 rfwd (need custom response message) |
201 | XXX send signals via mux | 201 | XXX send signals via mux |
202 | 202 | ||
203 | $OpenBSD: PROTOCOL.mux,v 1.3 2011/01/13 21:55:25 djm Exp $ | 203 | $OpenBSD: PROTOCOL.mux,v 1.4 2011/01/31 21:42:15 djm Exp $ |
@@ -1,4 +1,4 @@ | |||
1 | See http://www.openssh.com/txt/release-5.7 for the release notes. | 1 | See http://www.openssh.com/txt/release-5.8 for the release notes. |
2 | 2 | ||
3 | - A Japanese translation of this document and of the OpenSSH FAQ is | 3 | - A Japanese translation of this document and of the OpenSSH FAQ is |
4 | - available at http://www.unixuser.org/~haruyama/security/openssh/index.html | 4 | - available at http://www.unixuser.org/~haruyama/security/openssh/index.html |
@@ -62,4 +62,4 @@ References - | |||
62 | [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 | 62 | [6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 |
63 | [7] http://www.openssh.com/faq.html | 63 | [7] http://www.openssh.com/faq.html |
64 | 64 | ||
65 | $Id: README,v 1.75 2011/01/22 09:23:12 djm Exp $ | 65 | $Id: README,v 1.75.4.1 2011/02/04 00:57:50 djm Exp $ |
@@ -1,5 +1,5 @@ | |||
1 | #! /bin/sh | 1 | #! /bin/sh |
2 | # From configure.ac Revision: 1.469 . | 2 | # From configure.ac Revision: 1.469.4.1 . |
3 | # Guess values for system-dependent variables and create Makefiles. | 3 | # Guess values for system-dependent variables and create Makefiles. |
4 | # Generated by GNU Autoconf 2.61 for OpenSSH Portable. | 4 | # Generated by GNU Autoconf 2.61 for OpenSSH Portable. |
5 | # | 5 | # |
diff --git a/configure.ac b/configure.ac index f15518b78..ad3c4ab0f 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: configure.ac,v 1.469 2011/01/21 22:37:05 dtucker Exp $ | 1 | # $Id: configure.ac,v 1.469.4.1 2011/02/04 00:42:14 djm Exp $ |
2 | # | 2 | # |
3 | # Copyright (c) 1999-2004 Damien Miller | 3 | # Copyright (c) 1999-2004 Damien Miller |
4 | # | 4 | # |
@@ -15,7 +15,7 @@ | |||
15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 | 16 | ||
17 | AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) | 17 | AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) |
18 | AC_REVISION($Revision: 1.469 $) | 18 | AC_REVISION($Revision: 1.469.4.1 $) |
19 | AC_CONFIG_SRCDIR([ssh.c]) | 19 | AC_CONFIG_SRCDIR([ssh.c]) |
20 | 20 | ||
21 | # local macros | 21 | # local macros |
diff --git a/contrib/caldera/openssh.spec b/contrib/caldera/openssh.spec index 23397b04d..435003a2a 100644 --- a/contrib/caldera/openssh.spec +++ b/contrib/caldera/openssh.spec | |||
@@ -16,7 +16,7 @@ | |||
16 | 16 | ||
17 | #old cvs stuff. please update before use. may be deprecated. | 17 | #old cvs stuff. please update before use. may be deprecated. |
18 | %define use_stable 1 | 18 | %define use_stable 1 |
19 | %define version 5.7p1 | 19 | %define version 5.8p1 |
20 | %if %{use_stable} | 20 | %if %{use_stable} |
21 | %define cvs %{nil} | 21 | %define cvs %{nil} |
22 | %define release 1 | 22 | %define release 1 |
@@ -363,4 +363,4 @@ fi | |||
363 | * Mon Jan 01 1998 ... | 363 | * Mon Jan 01 1998 ... |
364 | Template Version: 1.31 | 364 | Template Version: 1.31 |
365 | 365 | ||
366 | $Id: openssh.spec,v 1.73 2011/01/22 09:23:33 djm Exp $ | 366 | $Id: openssh.spec,v 1.73.4.1 2011/02/04 00:57:54 djm Exp $ |
diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index 8fc76b625..e99e33d0f 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec | |||
@@ -1,4 +1,4 @@ | |||
1 | %define ver 5.7p1 | 1 | %define ver 5.8p1 |
2 | %define rel 1 | 2 | %define rel 1 |
3 | 3 | ||
4 | # OpenSSH privilege separation requires a user & group ID | 4 | # OpenSSH privilege separation requires a user & group ID |
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec index 4573c52fd..6afdcc4b4 100644 --- a/contrib/suse/openssh.spec +++ b/contrib/suse/openssh.spec | |||
@@ -13,7 +13,7 @@ | |||
13 | 13 | ||
14 | Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation | 14 | Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation |
15 | Name: openssh | 15 | Name: openssh |
16 | Version: 5.7p1 | 16 | Version: 5.8p1 |
17 | URL: http://www.openssh.com/ | 17 | URL: http://www.openssh.com/ |
18 | Release: 1 | 18 | Release: 1 |
19 | Source0: openssh-%{version}.tar.gz | 19 | Source0: openssh-%{version}.tar.gz |
diff --git a/debian/changelog b/debian/changelog index f661dad98..eb8d29828 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -1,3 +1,11 @@ | |||
1 | openssh (1:5.8p1-1) UNRELEASED; urgency=low | ||
2 | |||
3 | * New upstream release (http://www.openssh.org/txt/release-5.8): | ||
4 | - Fix stack information leak in legacy certificate signing | ||
5 | (http://www.openssh.com/txt/legacy-cert.adv). | ||
6 | |||
7 | -- Colin Watson <cjwatson@debian.org> Sat, 05 Feb 2011 11:01:47 +0000 | ||
8 | |||
1 | openssh (1:5.7p1-2) experimental; urgency=low | 9 | openssh (1:5.7p1-2) experimental; urgency=low |
2 | 10 | ||
3 | * Fix crash in ssh_selinux_setfscreatecon when SELinux is disabled | 11 | * Fix crash in ssh_selinux_setfscreatecon when SELinux is disabled |
diff --git a/debian/patches/authorized-keys-man-symlink.patch b/debian/patches/authorized-keys-man-symlink.patch index 86b269659..13b3b6561 100644 --- a/debian/patches/authorized-keys-man-symlink.patch +++ b/debian/patches/authorized-keys-man-symlink.patch | |||
@@ -8,7 +8,7 @@ Index: b/Makefile.in | |||
8 | =================================================================== | 8 | =================================================================== |
9 | --- a/Makefile.in | 9 | --- a/Makefile.in |
10 | +++ b/Makefile.in | 10 | +++ b/Makefile.in |
11 | @@ -288,6 +288,7 @@ | 11 | @@ -289,6 +289,7 @@ |
12 | $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5 | 12 | $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5 |
13 | $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5 | 13 | $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5 |
14 | $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 | 14 | $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 |
diff --git a/debian/patches/gssapi.patch b/debian/patches/gssapi.patch index 112b31fdf..c123bf7b9 100644 --- a/debian/patches/gssapi.patch +++ b/debian/patches/gssapi.patch | |||
@@ -137,7 +137,7 @@ Index: b/Makefile.in | |||
137 | =================================================================== | 137 | =================================================================== |
138 | --- a/Makefile.in | 138 | --- a/Makefile.in |
139 | +++ b/Makefile.in | 139 | +++ b/Makefile.in |
140 | @@ -74,6 +74,7 @@ | 140 | @@ -75,6 +75,7 @@ |
141 | atomicio.o key.o dispatch.o kex.o mac.o uidswap.o uuencode.o misc.o \ | 141 | atomicio.o key.o dispatch.o kex.o mac.o uidswap.o uuencode.o misc.o \ |
142 | monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \ | 142 | monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \ |
143 | kexdh.o kexgex.o kexdhc.o kexgexc.o bufec.o kexecdh.o kexecdhc.o \ | 143 | kexdh.o kexgex.o kexdhc.o kexgexc.o bufec.o kexecdh.o kexecdhc.o \ |
@@ -145,7 +145,7 @@ Index: b/Makefile.in | |||
145 | msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o jpake.o \ | 145 | msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o jpake.o \ |
146 | schnorr.o ssh-pkcs11.o | 146 | schnorr.o ssh-pkcs11.o |
147 | 147 | ||
148 | @@ -90,7 +91,7 @@ | 148 | @@ -91,7 +92,7 @@ |
149 | auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-jpake.o \ | 149 | auth2-none.o auth2-passwd.o auth2-pubkey.o auth2-jpake.o \ |
150 | monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o kexecdhs.o \ | 150 | monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o kexecdhs.o \ |
151 | auth-krb5.o \ | 151 | auth-krb5.o \ |
diff --git a/debian/patches/lintian-symlink-pickiness.patch b/debian/patches/lintian-symlink-pickiness.patch index b51377c2d..6e161f451 100644 --- a/debian/patches/lintian-symlink-pickiness.patch +++ b/debian/patches/lintian-symlink-pickiness.patch | |||
@@ -9,7 +9,7 @@ Index: b/Makefile.in | |||
9 | =================================================================== | 9 | =================================================================== |
10 | --- a/Makefile.in | 10 | --- a/Makefile.in |
11 | +++ b/Makefile.in | 11 | +++ b/Makefile.in |
12 | @@ -298,9 +298,9 @@ | 12 | @@ -299,9 +299,9 @@ |
13 | $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8 | 13 | $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8 |
14 | $(INSTALL) -m 644 ssh-vulnkey.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-vulnkey.1 | 14 | $(INSTALL) -m 644 ssh-vulnkey.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-vulnkey.1 |
15 | -rm -f $(DESTDIR)$(bindir)/slogin | 15 | -rm -f $(DESTDIR)$(bindir)/slogin |
diff --git a/debian/patches/package-versioning.patch b/debian/patches/package-versioning.patch index ffd416d98..0bcc7ed3b 100644 --- a/debian/patches/package-versioning.patch +++ b/debian/patches/package-versioning.patch | |||
@@ -38,7 +38,7 @@ Index: b/version.h | |||
38 | --- a/version.h | 38 | --- a/version.h |
39 | +++ b/version.h | 39 | +++ b/version.h |
40 | @@ -3,4 +3,9 @@ | 40 | @@ -3,4 +3,9 @@ |
41 | #define SSH_VERSION "OpenSSH_5.7" | 41 | #define SSH_VERSION "OpenSSH_5.8" |
42 | 42 | ||
43 | #define SSH_PORTABLE "p1" | 43 | #define SSH_PORTABLE "p1" |
44 | -#define SSH_RELEASE SSH_VERSION SSH_PORTABLE | 44 | -#define SSH_RELEASE SSH_VERSION SSH_PORTABLE |
diff --git a/debian/patches/selinux-build-failure.patch b/debian/patches/selinux-build-failure.patch index 89b91ff00..6c99e3f38 100644 --- a/debian/patches/selinux-build-failure.patch +++ b/debian/patches/selinux-build-failure.patch | |||
@@ -1,236 +1,19 @@ | |||
1 | Description: Fix SELinux build failure | 1 | Description: Fix SELinux build failure |
2 | Origin: backport, http://bazaar.launchpad.net/~vcs-imports/openssh/main/revision/6317 | 2 | Origin: other, https://bugzilla.mindrot.org/attachment.cgi?id=1991&action=diff |
3 | Author: Damien Miller <djm@mindrot.org> | 3 | Author: Leonardo Chiqitto <leonardo@ngdn.org> |
4 | Last-Update: 2011-01-25 | 4 | Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1851 |
5 | Last-Update: 2011-02-05 | ||
5 | 6 | ||
6 | Index: b/Makefile.in | ||
7 | =================================================================== | ||
8 | --- a/Makefile.in | ||
9 | +++ b/Makefile.in | ||
10 | @@ -48,6 +48,7 @@ | ||
11 | CFLAGS=@CFLAGS@ | ||
12 | CPPFLAGS=-I. -I$(srcdir) @CPPFLAGS@ $(PATHS) @DEFS@ | ||
13 | LIBS=@LIBS@ | ||
14 | +SSHLIBS=@SSHLIBS@ | ||
15 | SSHDLIBS=@SSHDLIBS@ | ||
16 | LIBEDIT=@LIBEDIT@ | ||
17 | AR=@AR@ | ||
18 | @@ -145,7 +146,7 @@ | ||
19 | $(RANLIB) $@ | ||
20 | |||
21 | ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS) | ||
22 | - $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | ||
23 | + $(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHLIBS) $(LIBS) | ||
24 | |||
25 | sshd$(EXEEXT): libssh.a $(LIBCOMPAT) $(SSHDOBJS) | ||
26 | $(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) | ||
27 | Index: b/configure.ac | ||
28 | =================================================================== | ||
29 | --- a/configure.ac | ||
30 | +++ b/configure.ac | ||
31 | @@ -761,7 +761,6 @@ | ||
32 | [ AC_DEFINE(USE_SOLARIS_PROCESS_CONTRACTS, 1, | ||
33 | [Define if you have Solaris process contracts]) | ||
34 | SSHDLIBS="$SSHDLIBS -lcontract" | ||
35 | - AC_SUBST(SSHDLIBS) | ||
36 | SPC_MSG="yes" ], ) | ||
37 | ], | ||
38 | ) | ||
39 | @@ -772,7 +771,6 @@ | ||
40 | [ AC_DEFINE(USE_SOLARIS_PROJECTS, 1, | ||
41 | [Define if you have Solaris projects]) | ||
42 | SSHDLIBS="$SSHDLIBS -lproject" | ||
43 | - AC_SUBST(SSHDLIBS) | ||
44 | SP_MSG="yes" ], ) | ||
45 | ], | ||
46 | ) | ||
47 | @@ -3539,11 +3537,14 @@ | ||
48 | LIBS="$LIBS -lselinux" | ||
49 | ], | ||
50 | AC_MSG_ERROR(SELinux support requires libselinux library)) | ||
51 | + SSHLIBS="$SSHLIBS $LIBSELINUX" | ||
52 | SSHDLIBS="$SSHDLIBS $LIBSELINUX" | ||
53 | AC_CHECK_FUNCS(getseuserbyname get_default_context_with_level) | ||
54 | LIBS="$save_LIBS" | ||
55 | fi ] | ||
56 | ) | ||
57 | +AC_SUBST(SSHLIBS) | ||
58 | +AC_SUBST(SSHDLIBS) | ||
59 | |||
60 | # Check whether user wants Kerberos 5 support | ||
61 | KRB5_MSG="no" | ||
62 | @@ -4365,6 +4366,9 @@ | ||
63 | if test ! -z "${SSHDLIBS}"; then | ||
64 | echo " +for sshd: ${SSHDLIBS}" | ||
65 | fi | ||
66 | +if test ! -z "${SSHLIBS}"; then | ||
67 | +echo " +for ssh: ${SSHLIBS}" | ||
68 | +fi | ||
69 | |||
70 | echo "" | ||
71 | |||
72 | Index: b/configure | ||
73 | =================================================================== | ||
74 | --- a/configure | ||
75 | +++ b/configure | ||
76 | @@ -696,7 +696,6 @@ | ||
77 | LOGIN_PROGRAM_FALLBACK | ||
78 | PATH_PASSWD_PROG | ||
79 | LD | ||
80 | -SSHDLIBS | ||
81 | PKGCONFIG | ||
82 | LIBEDIT | ||
83 | TEST_SSH_SHA256 | ||
84 | @@ -721,6 +720,8 @@ | ||
85 | PROG_IPCS | ||
86 | PROG_TAIL | ||
87 | INSTALL_SSH_PRNG_CMDS | ||
88 | +SSHLIBS | ||
89 | +SSHDLIBS | ||
90 | KRB5CONF | ||
91 | PRIVSEP_PATH | ||
92 | xauth_path | ||
93 | @@ -9047,7 +9048,6 @@ | ||
94 | _ACEOF | ||
95 | |||
96 | SSHDLIBS="$SSHDLIBS -lcontract" | ||
97 | - | ||
98 | SPC_MSG="yes" | ||
99 | fi | ||
100 | |||
101 | @@ -9126,7 +9126,6 @@ | ||
102 | _ACEOF | ||
103 | |||
104 | SSHDLIBS="$SSHDLIBS -lproject" | ||
105 | - | ||
106 | SP_MSG="yes" | ||
107 | fi | ||
108 | |||
109 | @@ -27806,6 +27805,7 @@ | ||
110 | { (exit 1); exit 1; }; } | ||
111 | fi | ||
112 | |||
113 | + SSHLIBS="$SSHLIBS $LIBSELINUX" | ||
114 | SSHDLIBS="$SSHDLIBS $LIBSELINUX" | ||
115 | |||
116 | |||
117 | @@ -27908,6 +27908,8 @@ | ||
118 | fi | ||
119 | |||
120 | |||
121 | + | ||
122 | + | ||
123 | # Check whether user wants Kerberos 5 support | ||
124 | KRB5_MSG="no" | ||
125 | |||
126 | @@ -31416,7 +31418,6 @@ | ||
127 | LOGIN_PROGRAM_FALLBACK!$LOGIN_PROGRAM_FALLBACK$ac_delim | ||
128 | PATH_PASSWD_PROG!$PATH_PASSWD_PROG$ac_delim | ||
129 | LD!$LD$ac_delim | ||
130 | -SSHDLIBS!$SSHDLIBS$ac_delim | ||
131 | PKGCONFIG!$PKGCONFIG$ac_delim | ||
132 | LIBEDIT!$LIBEDIT$ac_delim | ||
133 | TEST_SSH_SHA256!$TEST_SSH_SHA256$ac_delim | ||
134 | @@ -31433,6 +31434,7 @@ | ||
135 | PROG_SAR!$PROG_SAR$ac_delim | ||
136 | PROG_W!$PROG_W$ac_delim | ||
137 | PROG_WHO!$PROG_WHO$ac_delim | ||
138 | +PROG_LAST!$PROG_LAST$ac_delim | ||
139 | _ACEOF | ||
140 | |||
141 | if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then | ||
142 | @@ -31474,7 +31476,6 @@ | ||
143 | ac_delim='%!_!# ' | ||
144 | for ac_last_try in false false false false false :; do | ||
145 | cat >conf$$subs.sed <<_ACEOF | ||
146 | -PROG_LAST!$PROG_LAST$ac_delim | ||
147 | PROG_LASTLOG!$PROG_LASTLOG$ac_delim | ||
148 | PROG_DF!$PROG_DF$ac_delim | ||
149 | PROG_VMSTAT!$PROG_VMSTAT$ac_delim | ||
150 | @@ -31482,6 +31483,8 @@ | ||
151 | PROG_IPCS!$PROG_IPCS$ac_delim | ||
152 | PROG_TAIL!$PROG_TAIL$ac_delim | ||
153 | INSTALL_SSH_PRNG_CMDS!$INSTALL_SSH_PRNG_CMDS$ac_delim | ||
154 | +SSHLIBS!$SSHLIBS$ac_delim | ||
155 | +SSHDLIBS!$SSHDLIBS$ac_delim | ||
156 | KRB5CONF!$KRB5CONF$ac_delim | ||
157 | PRIVSEP_PATH!$PRIVSEP_PATH$ac_delim | ||
158 | xauth_path!$xauth_path$ac_delim | ||
159 | @@ -31496,7 +31499,7 @@ | ||
160 | LTLIBOBJS!$LTLIBOBJS$ac_delim | ||
161 | _ACEOF | ||
162 | |||
163 | - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 20; then | ||
164 | + if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 21; then | ||
165 | break | ||
166 | elif $ac_last_try; then | ||
167 | { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 | ||
168 | @@ -31993,6 +31996,9 @@ | ||
169 | if test ! -z "${SSHDLIBS}"; then | ||
170 | echo " +for sshd: ${SSHDLIBS}" | ||
171 | fi | ||
172 | +if test ! -z "${SSHLIBS}"; then | ||
173 | +echo " +for ssh: ${SSHLIBS}" | ||
174 | +fi | ||
175 | |||
176 | echo "" | ||
177 | |||
178 | Index: b/openbsd-compat/port-linux.c | 7 | Index: b/openbsd-compat/port-linux.c |
179 | =================================================================== | 8 | =================================================================== |
180 | --- a/openbsd-compat/port-linux.c | 9 | --- a/openbsd-compat/port-linux.c |
181 | +++ b/openbsd-compat/port-linux.c | 10 | +++ b/openbsd-compat/port-linux.c |
182 | @@ -218,6 +218,20 @@ | 11 | @@ -226,7 +226,7 @@ |
183 | xfree(oldctx); | 12 | |
184 | xfree(newctx); | 13 | if (!ssh_selinux_enabled()) |
185 | } | 14 | return; |
186 | + | 15 | - if (path == NULL) |
187 | +void | 16 | + if (path == NULL) { |
188 | +ssh_selinux_setfscreatecon(const char *path) | 17 | setfscreatecon(NULL); |
189 | +{ | 18 | return; |
190 | + security_context_t context; | ||
191 | + | ||
192 | + if (path == NULL) { | ||
193 | + setfscreatecon(NULL); | ||
194 | + return; | ||
195 | + } | ||
196 | + matchpathcon(path, 0700, &context); | ||
197 | + setfscreatecon(context); | ||
198 | +} | ||
199 | + | ||
200 | #endif /* WITH_SELINUX */ | ||
201 | |||
202 | #ifdef LINUX_OOM_ADJUST | ||
203 | Index: b/openbsd-compat/port-linux.h | ||
204 | =================================================================== | ||
205 | --- a/openbsd-compat/port-linux.h | ||
206 | +++ b/openbsd-compat/port-linux.h | ||
207 | @@ -24,6 +24,7 @@ | ||
208 | void ssh_selinux_setup_pty(char *, const char *, const char *); | ||
209 | void ssh_selinux_setup_exec_context(char *, const char *); | ||
210 | void ssh_selinux_change_context(const char *); | ||
211 | +void ssh_selinux_setfscreatecon(const char *); | ||
212 | #endif | ||
213 | |||
214 | #ifdef LINUX_OOM_ADJUST | ||
215 | Index: b/ssh.c | ||
216 | =================================================================== | ||
217 | --- a/ssh.c | ||
218 | +++ b/ssh.c | ||
219 | @@ -852,15 +852,12 @@ | ||
220 | strcmp(pw->pw_dir, "/") ? "/" : "", _PATH_SSH_USER_DIR); | ||
221 | if (r > 0 && (size_t)r < sizeof(buf) && stat(buf, &st) < 0) { | ||
222 | #ifdef WITH_SELINUX | ||
223 | - char *scon; | ||
224 | - | ||
225 | - matchpathcon(buf, 0700, &scon); | ||
226 | - setfscreatecon(scon); | ||
227 | + ssh_selinux_setfscreatecon(buf); | ||
228 | #endif | ||
229 | if (mkdir(buf, 0700) < 0) | ||
230 | error("Could not create directory '%.200s'.", buf); | ||
231 | #ifdef WITH_SELINUX | ||
232 | - setfscreatecon(NULL); | ||
233 | + ssh_selinux_setfscreatecon(NULL); | ||
234 | #endif | ||
235 | } | 19 | } |
236 | /* load options.identity_files */ | ||
diff --git a/debian/patches/selinux-role.patch b/debian/patches/selinux-role.patch index 30db352dd..70364f9d5 100644 --- a/debian/patches/selinux-role.patch +++ b/debian/patches/selinux-role.patch | |||
@@ -336,8 +336,8 @@ Index: b/openbsd-compat/port-linux.h | |||
336 | +void ssh_selinux_setup_pty(char *, const char *, const char *); | 336 | +void ssh_selinux_setup_pty(char *, const char *, const char *); |
337 | +void ssh_selinux_setup_exec_context(char *, const char *); | 337 | +void ssh_selinux_setup_exec_context(char *, const char *); |
338 | void ssh_selinux_change_context(const char *); | 338 | void ssh_selinux_change_context(const char *); |
339 | void ssh_selinux_setfscreatecon(const char *); | ||
339 | #endif | 340 | #endif |
340 | |||
341 | Index: b/platform.c | 341 | Index: b/platform.c |
342 | =================================================================== | 342 | =================================================================== |
343 | --- a/platform.c | 343 | --- a/platform.c |
diff --git a/debian/patches/selinux-setfscreatecon-crash.patch b/debian/patches/selinux-setfscreatecon-crash.patch deleted file mode 100644 index 8d09d3529..000000000 --- a/debian/patches/selinux-setfscreatecon-crash.patch +++ /dev/null | |||
@@ -1,28 +0,0 @@ | |||
1 | Description: Fix crash in ssh_selinux_setfscreatecon when SELinux is disabled | ||
2 | Author: Colin Watson <cjwatson@ubuntu.com> | ||
3 | Bug-Ubuntu: https://bugs.launchpad.net/bugs/708571 | ||
4 | Forwarded: https://bugzilla.mindrot.org/show_bug.cgi?id=1851 | ||
5 | Last-Update: 2011-01-27 | ||
6 | |||
7 | Index: b/openbsd-compat/port-linux.c | ||
8 | =================================================================== | ||
9 | --- a/openbsd-compat/port-linux.c | ||
10 | +++ b/openbsd-compat/port-linux.c | ||
11 | @@ -224,12 +224,15 @@ | ||
12 | { | ||
13 | security_context_t context; | ||
14 | |||
15 | + if (!ssh_selinux_enabled()) | ||
16 | + return; | ||
17 | + | ||
18 | if (path == NULL) { | ||
19 | setfscreatecon(NULL); | ||
20 | return; | ||
21 | } | ||
22 | - matchpathcon(path, 0700, &context); | ||
23 | - setfscreatecon(context); | ||
24 | + if (matchpathcon(path, 0700, &context) == 0) | ||
25 | + setfscreatecon(context); | ||
26 | } | ||
27 | |||
28 | #endif /* WITH_SELINUX */ | ||
diff --git a/debian/patches/series b/debian/patches/series index 15b5d91db..a243174dd 100644 --- a/debian/patches/series +++ b/debian/patches/series | |||
@@ -36,11 +36,8 @@ openbsd-docs.patch | |||
36 | ssh-argv0.patch | 36 | ssh-argv0.patch |
37 | doc-hash-tab-completion.patch | 37 | doc-hash-tab-completion.patch |
38 | 38 | ||
39 | # Upstream backports | ||
40 | selinux-build-failure.patch | ||
41 | |||
42 | # Miscellaneous bug fixes | 39 | # Miscellaneous bug fixes |
43 | selinux-setfscreatecon-crash.patch | 40 | selinux-build-failure.patch |
44 | 41 | ||
45 | # Debian-specific configuration | 42 | # Debian-specific configuration |
46 | gnome-ssh-askpass2-icon.patch | 43 | gnome-ssh-askpass2-icon.patch |
diff --git a/debian/patches/ssh-vulnkey.patch b/debian/patches/ssh-vulnkey.patch index 78c9833cd..f3e08b06d 100644 --- a/debian/patches/ssh-vulnkey.patch +++ b/debian/patches/ssh-vulnkey.patch | |||
@@ -32,7 +32,7 @@ Index: b/Makefile.in | |||
32 | 32 | ||
33 | CC=@CC@ | 33 | CC=@CC@ |
34 | LD=@LD@ | 34 | LD=@LD@ |
35 | @@ -63,7 +65,7 @@ | 35 | @@ -64,7 +66,7 @@ |
36 | INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@ | 36 | INSTALL_SSH_PRNG_CMDS=@INSTALL_SSH_PRNG_CMDS@ |
37 | INSTALL_SSH_RAND_HELPER=@INSTALL_SSH_RAND_HELPER@ | 37 | INSTALL_SSH_RAND_HELPER=@INSTALL_SSH_RAND_HELPER@ |
38 | 38 | ||
@@ -41,7 +41,7 @@ Index: b/Makefile.in | |||
41 | 41 | ||
42 | LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o bufbn.o buffer.o \ | 42 | LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o bufbn.o buffer.o \ |
43 | canohost.o channels.o cipher.o cipher-acss.o cipher-aes.o \ | 43 | canohost.o channels.o cipher.o cipher-acss.o cipher-aes.o \ |
44 | @@ -96,8 +98,8 @@ | 44 | @@ -97,8 +99,8 @@ |
45 | sftp-server.o sftp-common.o \ | 45 | sftp-server.o sftp-common.o \ |
46 | roaming_common.o roaming_serv.o | 46 | roaming_common.o roaming_serv.o |
47 | 47 | ||
@@ -52,7 +52,7 @@ Index: b/Makefile.in | |||
52 | MANTYPE = @MANTYPE@ | 52 | MANTYPE = @MANTYPE@ |
53 | 53 | ||
54 | CONFIGFILES=sshd_config.out ssh_config.out moduli.out | 54 | CONFIGFILES=sshd_config.out ssh_config.out moduli.out |
55 | @@ -178,6 +180,9 @@ | 55 | @@ -179,6 +181,9 @@ |
56 | ssh-rand-helper${EXEEXT}: $(LIBCOMPAT) libssh.a ssh-rand-helper.o | 56 | ssh-rand-helper${EXEEXT}: $(LIBCOMPAT) libssh.a ssh-rand-helper.o |
57 | $(LD) -o $@ ssh-rand-helper.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) | 57 | $(LD) -o $@ ssh-rand-helper.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) |
58 | 58 | ||
@@ -62,7 +62,7 @@ Index: b/Makefile.in | |||
62 | # test driver for the loginrec code - not built by default | 62 | # test driver for the loginrec code - not built by default |
63 | logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o | 63 | logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o |
64 | $(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS) | 64 | $(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS) |
65 | @@ -272,6 +277,7 @@ | 65 | @@ -273,6 +278,7 @@ |
66 | $(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT) | 66 | $(INSTALL) -m 0755 $(STRIP_OPT) ssh-pkcs11-helper$(EXEEXT) $(DESTDIR)$(SSH_PKCS11_HELPER)$(EXEEXT) |
67 | $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT) | 67 | $(INSTALL) -m 0755 $(STRIP_OPT) sftp$(EXEEXT) $(DESTDIR)$(bindir)/sftp$(EXEEXT) |
68 | $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) | 68 | $(INSTALL) -m 0755 $(STRIP_OPT) sftp-server$(EXEEXT) $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) |
@@ -70,7 +70,7 @@ Index: b/Makefile.in | |||
70 | $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 | 70 | $(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1 |
71 | $(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 | 71 | $(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1 |
72 | $(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1 | 72 | $(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1 |
73 | @@ -289,6 +295,7 @@ | 73 | @@ -290,6 +296,7 @@ |
74 | $(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 | 74 | $(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 |
75 | $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 | 75 | $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 |
76 | $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8 | 76 | $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8 |
@@ -78,7 +78,7 @@ Index: b/Makefile.in | |||
78 | -rm -f $(DESTDIR)$(bindir)/slogin | 78 | -rm -f $(DESTDIR)$(bindir)/slogin |
79 | ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin | 79 | ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin |
80 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 | 80 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 |
81 | @@ -378,6 +385,7 @@ | 81 | @@ -379,6 +386,7 @@ |
82 | -rm -f $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT) | 82 | -rm -f $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT) |
83 | -rm -f $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT) | 83 | -rm -f $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT) |
84 | -rm -f $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT) | 84 | -rm -f $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT) |
@@ -86,7 +86,7 @@ Index: b/Makefile.in | |||
86 | -rm -f $(DESTDIR)$(bindir)/sftp$(EXEEXT) | 86 | -rm -f $(DESTDIR)$(bindir)/sftp$(EXEEXT) |
87 | -rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT) | 87 | -rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT) |
88 | -rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) | 88 | -rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT) |
89 | @@ -391,6 +399,7 @@ | 89 | @@ -392,6 +400,7 @@ |
90 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1 | 90 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1 |
91 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1 | 91 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1 |
92 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1 | 92 | -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1 |
@@ -1248,7 +1248,7 @@ Index: b/ssh.c | |||
1248 | =================================================================== | 1248 | =================================================================== |
1249 | --- a/ssh.c | 1249 | --- a/ssh.c |
1250 | +++ b/ssh.c | 1250 | +++ b/ssh.c |
1251 | @@ -1448,7 +1448,7 @@ | 1251 | @@ -1445,7 +1445,7 @@ |
1252 | static void | 1252 | static void |
1253 | load_public_identity_files(void) | 1253 | load_public_identity_files(void) |
1254 | { | 1254 | { |
@@ -1257,7 +1257,7 @@ Index: b/ssh.c | |||
1257 | char *pwdir = NULL, *pwname = NULL; | 1257 | char *pwdir = NULL, *pwname = NULL; |
1258 | int i = 0; | 1258 | int i = 0; |
1259 | Key *public; | 1259 | Key *public; |
1260 | @@ -1505,6 +1505,22 @@ | 1260 | @@ -1502,6 +1502,22 @@ |
1261 | public = key_load_public(filename, NULL); | 1261 | public = key_load_public(filename, NULL); |
1262 | debug("identity file %s type %d", filename, | 1262 | debug("identity file %s type %d", filename, |
1263 | public ? public->type : -1); | 1263 | public ? public->type : -1); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: key.c,v 1.95 2010/11/10 01:33:07 djm Exp $ */ | 1 | /* $OpenBSD: key.c,v 1.96 2011/02/04 00:44:21 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * read_bignum(): | 3 | * read_bignum(): |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -1890,10 +1890,9 @@ key_certify(Key *k, Key *ca) | |||
1890 | buffer_put_cstring(&k->cert->certblob, key_ssh_name(k)); | 1890 | buffer_put_cstring(&k->cert->certblob, key_ssh_name(k)); |
1891 | 1891 | ||
1892 | /* -v01 certs put nonce first */ | 1892 | /* -v01 certs put nonce first */ |
1893 | if (!key_cert_is_legacy(k)) { | 1893 | arc4random_buf(&nonce, sizeof(nonce)); |
1894 | arc4random_buf(&nonce, sizeof(nonce)); | 1894 | if (!key_cert_is_legacy(k)) |
1895 | buffer_put_string(&k->cert->certblob, nonce, sizeof(nonce)); | 1895 | buffer_put_string(&k->cert->certblob, nonce, sizeof(nonce)); |
1896 | } | ||
1897 | 1896 | ||
1898 | switch (k->type) { | 1897 | switch (k->type) { |
1899 | case KEY_DSA_CERT_V00: | 1898 | case KEY_DSA_CERT_V00: |
@@ -69,4 +69,4 @@ SEE ALSO | |||
69 | Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer | 69 | Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer |
70 | Protocol, RFC 4419, 2006. | 70 | Protocol, RFC 4419, 2006. |
71 | 71 | ||
72 | OpenBSD 4.8 June 26, 2008 OpenBSD 4.8 | 72 | OpenBSD 4.9 June 26, 2008 OpenBSD 4.9 |
diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c index a2498dc15..dc8b1fa55 100644 --- a/openbsd-compat/port-linux.c +++ b/openbsd-compat/port-linux.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: port-linux.c,v 1.11 2011/01/17 07:50:24 dtucker Exp $ */ | 1 | /* $Id: port-linux.c,v 1.11.4.2 2011/02/04 00:43:08 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com> | 4 | * Copyright (c) 2005 Daniel Walsh <dwalsh@redhat.com> |
@@ -222,17 +222,16 @@ ssh_selinux_change_context(const char *newname) | |||
222 | void | 222 | void |
223 | ssh_selinux_setfscreatecon(const char *path) | 223 | ssh_selinux_setfscreatecon(const char *path) |
224 | { | 224 | { |
225 | security_context_t context; | 225 | security_context_t context; |
226 | 226 | ||
227 | if (!ssh_selinux_enabled()) | 227 | if (!ssh_selinux_enabled()) |
228 | return; | 228 | return; |
229 | 229 | if (path == NULL) { | |
230 | if (path == NULL) { | 230 | setfscreatecon(NULL); |
231 | setfscreatecon(NULL); | 231 | return; |
232 | return; | 232 | } |
233 | } | 233 | if (matchpathcon(path, 0700, &context) == 0) |
234 | if (matchpathcon(path, 0700, &context) == 0) | 234 | setfscreatecon(context); |
235 | setfscreatecon(context); | ||
236 | } | 235 | } |
237 | 236 | ||
238 | #endif /* WITH_SELINUX */ | 237 | #endif /* WITH_SELINUX */ |
diff --git a/openbsd-compat/port-linux.h b/openbsd-compat/port-linux.h index 8ed5587ee..3804fa2d1 100644 --- a/openbsd-compat/port-linux.h +++ b/openbsd-compat/port-linux.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: port-linux.h,v 1.4 2009/12/08 02:39:48 dtucker Exp $ */ | 1 | /* $Id: port-linux.h,v 1.4.10.1 2011/02/04 00:42:21 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2006 Damien Miller <djm@openbsd.org> | 4 | * Copyright (c) 2006 Damien Miller <djm@openbsd.org> |
@@ -153,4 +153,4 @@ AUTHORS | |||
153 | Timo Rinne <tri@iki.fi> | 153 | Timo Rinne <tri@iki.fi> |
154 | Tatu Ylonen <ylo@cs.hut.fi> | 154 | Tatu Ylonen <ylo@cs.hut.fi> |
155 | 155 | ||
156 | OpenBSD 4.8 December 9, 2010 OpenBSD 4.8 | 156 | OpenBSD 4.9 December 9, 2010 OpenBSD 4.9 |
diff --git a/sftp-server.0 b/sftp-server.0 index d8d91c5d5..b7d30ec09 100644 --- a/sftp-server.0 +++ b/sftp-server.0 | |||
@@ -61,4 +61,4 @@ HISTORY | |||
61 | AUTHORS | 61 | AUTHORS |
62 | Markus Friedl <markus@openbsd.org> | 62 | Markus Friedl <markus@openbsd.org> |
63 | 63 | ||
64 | OpenBSD 4.8 January 9, 2010 OpenBSD 4.8 | 64 | OpenBSD 4.9 January 9, 2010 OpenBSD 4.9 |
@@ -328,4 +328,4 @@ SEE ALSO | |||
328 | draft-ietf-secsh-filexfer-00.txt, January 2001, work in progress | 328 | draft-ietf-secsh-filexfer-00.txt, January 2001, work in progress |
329 | material. | 329 | material. |
330 | 330 | ||
331 | OpenBSD 4.8 December 4, 2010 OpenBSD 4.8 | 331 | OpenBSD 4.9 December 4, 2010 OpenBSD 4.9 |
@@ -112,4 +112,4 @@ AUTHORS | |||
112 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 112 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
113 | versions 1.5 and 2.0. | 113 | versions 1.5 and 2.0. |
114 | 114 | ||
115 | OpenBSD 4.8 October 28, 2010 OpenBSD 4.8 | 115 | OpenBSD 4.9 October 28, 2010 OpenBSD 4.9 |
diff --git a/ssh-agent.0 b/ssh-agent.0 index 7fe1560d3..c3de21b42 100644 --- a/ssh-agent.0 +++ b/ssh-agent.0 | |||
@@ -120,4 +120,4 @@ AUTHORS | |||
120 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 120 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
121 | versions 1.5 and 2.0. | 121 | versions 1.5 and 2.0. |
122 | 122 | ||
123 | OpenBSD 4.8 November 21, 2010 OpenBSD 4.8 | 123 | OpenBSD 4.9 November 21, 2010 OpenBSD 4.9 |
diff --git a/ssh-keygen.0 b/ssh-keygen.0 index e01ad16d9..a01b30db0 100644 --- a/ssh-keygen.0 +++ b/ssh-keygen.0 | |||
@@ -440,4 +440,4 @@ AUTHORS | |||
440 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 440 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
441 | versions 1.5 and 2.0. | 441 | versions 1.5 and 2.0. |
442 | 442 | ||
443 | OpenBSD 4.8 October 28, 2010 OpenBSD 4.8 | 443 | OpenBSD 4.9 October 28, 2010 OpenBSD 4.9 |
diff --git a/ssh-keyscan.0 b/ssh-keyscan.0 index ba53bce81..4c3d2dbcc 100644 --- a/ssh-keyscan.0 +++ b/ssh-keyscan.0 | |||
@@ -106,4 +106,4 @@ BUGS | |||
106 | This is because it opens a connection to the ssh port, reads the public | 106 | This is because it opens a connection to the ssh port, reads the public |
107 | key, and drops the connection as soon as it gets the key. | 107 | key, and drops the connection as soon as it gets the key. |
108 | 108 | ||
109 | OpenBSD 4.8 August 31, 2010 OpenBSD 4.8 | 109 | OpenBSD 4.9 August 31, 2010 OpenBSD 4.9 |
diff --git a/ssh-keysign.0 b/ssh-keysign.0 index 9da4b2446..bff850f27 100644 --- a/ssh-keysign.0 +++ b/ssh-keysign.0 | |||
@@ -48,4 +48,4 @@ HISTORY | |||
48 | AUTHORS | 48 | AUTHORS |
49 | Markus Friedl <markus@openbsd.org> | 49 | Markus Friedl <markus@openbsd.org> |
50 | 50 | ||
51 | OpenBSD 4.8 August 31, 2010 OpenBSD 4.8 | 51 | OpenBSD 4.9 August 31, 2010 OpenBSD 4.9 |
diff --git a/ssh-pkcs11-helper.0 b/ssh-pkcs11-helper.0 index 664ec971f..22526781e 100644 --- a/ssh-pkcs11-helper.0 +++ b/ssh-pkcs11-helper.0 | |||
@@ -22,4 +22,4 @@ HISTORY | |||
22 | AUTHORS | 22 | AUTHORS |
23 | Markus Friedl <markus@openbsd.org> | 23 | Markus Friedl <markus@openbsd.org> |
24 | 24 | ||
25 | OpenBSD 4.8 February 10, 2010 OpenBSD 4.8 | 25 | OpenBSD 4.9 February 10, 2010 OpenBSD 4.9 |
diff --git a/ssh-rand-helper.0 b/ssh-rand-helper.0 index 5bc19e8a7..93d3554fc 100644 --- a/ssh-rand-helper.0 +++ b/ssh-rand-helper.0 | |||
@@ -48,4 +48,4 @@ AUTHORS | |||
48 | SEE ALSO | 48 | SEE ALSO |
49 | ssh(1), ssh-add(1), ssh-keygen(1), sshd(8) | 49 | ssh(1), ssh-add(1), ssh-keygen(1), sshd(8) |
50 | 50 | ||
51 | OpenBSD 4.8 April 14, 2002 OpenBSD 4.8 | 51 | OpenBSD 4.9 April 14, 2002 OpenBSD 4.9 |
@@ -895,4 +895,4 @@ AUTHORS | |||
895 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 895 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
896 | versions 1.5 and 2.0. | 896 | versions 1.5 and 2.0. |
897 | 897 | ||
898 | OpenBSD 4.8 November 18, 2010 OpenBSD 4.8 | 898 | OpenBSD 4.9 November 18, 2010 OpenBSD 4.9 |
diff --git a/ssh_config.0 b/ssh_config.0 index 71233b49b..c4a12f7bb 100644 --- a/ssh_config.0 +++ b/ssh_config.0 | |||
@@ -741,4 +741,4 @@ AUTHORS | |||
741 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 741 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
742 | versions 1.5 and 2.0. | 742 | versions 1.5 and 2.0. |
743 | 743 | ||
744 | OpenBSD 4.8 December 8, 2010 OpenBSD 4.8 | 744 | OpenBSD 4.9 December 8, 2010 OpenBSD 4.9 |
@@ -631,4 +631,4 @@ CAVEATS | |||
631 | System security is not improved unless rshd, rlogind, and rexecd are | 631 | System security is not improved unless rshd, rlogind, and rexecd are |
632 | disabled (thus completely disabling rlogin and rsh into the machine). | 632 | disabled (thus completely disabling rlogin and rsh into the machine). |
633 | 633 | ||
634 | OpenBSD 4.8 October 28, 2010 OpenBSD 4.8 | 634 | OpenBSD 4.9 October 28, 2010 OpenBSD 4.9 |
diff --git a/sshd_config.0 b/sshd_config.0 index 669d29a06..ab0d79be6 100644 --- a/sshd_config.0 +++ b/sshd_config.0 | |||
@@ -710,4 +710,4 @@ AUTHORS | |||
710 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support | 710 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support |
711 | for privilege separation. | 711 | for privilege separation. |
712 | 712 | ||
713 | OpenBSD 4.8 December 8, 2010 OpenBSD 4.8 | 713 | OpenBSD 4.9 December 8, 2010 OpenBSD 4.9 |
@@ -1,6 +1,6 @@ | |||
1 | /* $OpenBSD: version.h,v 1.60 2011/01/22 09:18:53 djm Exp $ */ | 1 | /* $OpenBSD: version.h,v 1.61 2011/02/04 00:44:43 djm Exp $ */ |
2 | 2 | ||
3 | #define SSH_VERSION "OpenSSH_5.7" | 3 | #define SSH_VERSION "OpenSSH_5.8" |
4 | 4 | ||
5 | #define SSH_PORTABLE "p1" | 5 | #define SSH_PORTABLE "p1" |
6 | #define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE | 6 | #define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE |