diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | mac.c | 4 | ||||
-rw-r--r-- | myproposal.h | 4 | ||||
-rw-r--r-- | ssh_config.5 | 7 | ||||
-rw-r--r-- | sshd_config.5 | 7 |
5 files changed, 13 insertions, 14 deletions
@@ -15,6 +15,11 @@ | |||
15 | [sandbox-systrace.c] | 15 | [sandbox-systrace.c] |
16 | Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation | 16 | Add mquery to the list of allowed syscalls for "UsePrivilegeSeparation |
17 | sandbox" since malloc now uses it. From johnw.mail at gmail com. | 17 | sandbox" since malloc now uses it. From johnw.mail at gmail com. |
18 | - dtucker@cvs.openbsd.org 2012/06/28 05:07:45 | ||
19 | [mac.c myproposal.h ssh_config.5 sshd_config.5] | ||
20 | Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed | ||
21 | from draft6 of the spec and will not be in the RFC when published. Patch | ||
22 | from mdb at juniper net via bz#2023, ok markus. | ||
18 | 23 | ||
19 | 20120628 | 24 | 20120628 |
20 | - (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022: prevent null | 25 | - (dtucker) [openbsd-compat/getrrsetbyname-ldns.c] bz #2022: prevent null |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: mac.c,v 1.17 2011/12/02 00:43:57 djm Exp $ */ | 1 | /* $OpenBSD: mac.c,v 1.18 2012/06/28 05:07:45 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2001 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -61,9 +61,7 @@ struct { | |||
61 | { "hmac-sha1-96", SSH_EVP, EVP_sha1, 96, -1, -1 }, | 61 | { "hmac-sha1-96", SSH_EVP, EVP_sha1, 96, -1, -1 }, |
62 | #ifdef HAVE_EVP_SHA256 | 62 | #ifdef HAVE_EVP_SHA256 |
63 | { "hmac-sha2-256", SSH_EVP, EVP_sha256, 0, -1, -1 }, | 63 | { "hmac-sha2-256", SSH_EVP, EVP_sha256, 0, -1, -1 }, |
64 | { "hmac-sha2-256-96", SSH_EVP, EVP_sha256, 96, -1, -1 }, | ||
65 | { "hmac-sha2-512", SSH_EVP, EVP_sha512, 0, -1, -1 }, | 64 | { "hmac-sha2-512", SSH_EVP, EVP_sha512, 0, -1, -1 }, |
66 | { "hmac-sha2-512-96", SSH_EVP, EVP_sha512, 96, -1, -1 }, | ||
67 | #endif | 65 | #endif |
68 | { "hmac-md5", SSH_EVP, EVP_md5, 0, -1, -1 }, | 66 | { "hmac-md5", SSH_EVP, EVP_md5, 0, -1, -1 }, |
69 | { "hmac-md5-96", SSH_EVP, EVP_md5, 96, -1, -1 }, | 67 | { "hmac-md5-96", SSH_EVP, EVP_md5, 96, -1, -1 }, |
diff --git a/myproposal.h b/myproposal.h index 0bc1c778c..2e6a0dcac 100644 --- a/myproposal.h +++ b/myproposal.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: myproposal.h,v 1.28 2011/08/02 01:22:11 djm Exp $ */ | 1 | /* $OpenBSD: myproposal.h,v 1.29 2012/06/28 05:07:45 dtucker Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 4 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
@@ -78,9 +78,7 @@ | |||
78 | #ifdef HAVE_EVP_SHA256 | 78 | #ifdef HAVE_EVP_SHA256 |
79 | #define SHA2_HMAC_MODES \ | 79 | #define SHA2_HMAC_MODES \ |
80 | "hmac-sha2-256," \ | 80 | "hmac-sha2-256," \ |
81 | "hmac-sha2-256-96," \ | ||
82 | "hmac-sha2-512," \ | 81 | "hmac-sha2-512," \ |
83 | "hmac-sha2-512-96," | ||
84 | #else | 82 | #else |
85 | # define SHA2_HMAC_MODES | 83 | # define SHA2_HMAC_MODES |
86 | #endif | 84 | #endif |
diff --git a/ssh_config.5 b/ssh_config.5 index c9917d25b..db7ea5cdd 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh_config.5,v 1.155 2012/06/18 11:49:58 dtucker Exp $ | 36 | .\" $OpenBSD: ssh_config.5,v 1.156 2012/06/28 05:07:45 dtucker Exp $ |
37 | .Dd $Mdocdate: June 18 2012 $ | 37 | .Dd $Mdocdate: June 28 2012 $ |
38 | .Dt SSH_CONFIG 5 | 38 | .Dt SSH_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -794,8 +794,7 @@ The default is: | |||
794 | .Bd -literal -offset indent | 794 | .Bd -literal -offset indent |
795 | hmac-md5,hmac-sha1,umac-64@openssh.com, | 795 | hmac-md5,hmac-sha1,umac-64@openssh.com, |
796 | hmac-ripemd160,hmac-sha1-96,hmac-md5-96, | 796 | hmac-ripemd160,hmac-sha1-96,hmac-md5-96, |
797 | hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512, | 797 | hmac-sha2-256,hmac-sha2-512 |
798 | hmac-sha2-512-96 | ||
799 | .Ed | 798 | .Ed |
800 | .It Cm NoHostAuthenticationForLocalhost | 799 | .It Cm NoHostAuthenticationForLocalhost |
801 | This option can be used if the home directory is shared across machines. | 800 | This option can be used if the home directory is shared across machines. |
diff --git a/sshd_config.5 b/sshd_config.5 index 1b9ffad4c..897b8a419 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: sshd_config.5,v 1.142 2012/06/19 21:35:54 jmc Exp $ | 36 | .\" $OpenBSD: sshd_config.5,v 1.143 2012/06/28 05:07:45 dtucker Exp $ |
37 | .Dd $Mdocdate: June 19 2012 $ | 37 | .Dd $Mdocdate: June 28 2012 $ |
38 | .Dt SSHD_CONFIG 5 | 38 | .Dt SSHD_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -658,8 +658,7 @@ The default is: | |||
658 | .Bd -literal -offset indent | 658 | .Bd -literal -offset indent |
659 | hmac-md5,hmac-sha1,umac-64@openssh.com, | 659 | hmac-md5,hmac-sha1,umac-64@openssh.com, |
660 | hmac-ripemd160,hmac-sha1-96,hmac-md5-96, | 660 | hmac-ripemd160,hmac-sha1-96,hmac-md5-96, |
661 | hmac-sha2-256,hmac-sha256-96,hmac-sha2-512, | 661 | hmac-sha2-256,hmac-sha2-512 |
662 | hmac-sha2-512-96 | ||
663 | .Ed | 662 | .Ed |
664 | .It Cm Match | 663 | .It Cm Match |
665 | Introduces a conditional block. | 664 | Introduces a conditional block. |