From d0e4a8e2e0bc6fcee6cd8486fbcdffaf7d037aed Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Fri, 21 May 2010 14:58:32 +1000
Subject:    - djm@cvs.openbsd.org 2010/05/20 23:46:02      [PROTOCOL.certkeys
 auth-options.c ssh-keygen.c]      Move the permit-* options to the
 non-critical "extensions" field for v01      certificates. The logic is that
 if another implementation fails to      implement them then the connection
 just loses features rather than fails      outright.

     ok markus@
---
 ChangeLog | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'ChangeLog')

diff --git a/ChangeLog b/ChangeLog
index 2cc1369fd..86c66d1a7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -33,6 +33,14 @@
      [auth2-pubkey.c]
      fix logspam when key options (from="..." especially) deny non-matching
      keys; reported by henning@ also bz#1765; ok markus@ dtucker@
+   - djm@cvs.openbsd.org 2010/05/20 23:46:02
+     [PROTOCOL.certkeys auth-options.c ssh-keygen.c]
+     Move the permit-* options to the non-critical "extensions" field for v01
+     certificates. The logic is that if another implementation fails to
+     implement them then the connection just loses features rather than fails
+     outright.
+     
+     ok markus@
 
 20100511
  - (dtucker) [Makefile.in] Bug #1770: Link libopenbsd-compat twice to solve
-- 
cgit v1.2.3