subject:"svn commit\: r294464 \- in head\: crypto\/openssh crypto\/openssh\/contrib\/redhat crypto\/openssh\/contrib\/suse crypto\/openssh\/openbsd\-compat crypto\/openssh\/regress crypto\/openssh\/regress\/unittests crypto"

Re: svn commit: r294464 - in head: crypto/openssh crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypto/openssh/regress crypto/openssh/regress/unittests crypto

2016-02-02 Thread Dag-Erling Smørgrav

Bryan Drewery  writes:
> Dag-Erling Smørgrav  wrote:
> > -#PermitRootLogin no
> > +#PermitRootLogin prohibit-password
> Shouldn't the comments note the default? The default here is still
> 'no'.

Yes, I kept our local modification but somehow either didn't notice the
comment or resolved the conflict incorrectly.

> Upstream 7.1p2 does use PERMIT_NO_PASSWD rather than PERMIT_NO that we
> have.  I think we should make this change:

We've always had this turned off, while upstream had it on by default.
The new default doesn't work correctly with PAM, and the fix is not
trivial.

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Re: svn commit: r294464 - in head: crypto/openssh crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypto/openssh/regress crypto/openssh/regress/unittests crypto

2016-02-01 Thread Bryan Drewery

On 1/20/2016 2:57 PM, Dag-Erling Smørgrav wrote:
> Author: des
> Date: Wed Jan 20 22:57:10 2016
> New Revision: 294464
> URL: https://svnweb.freebsd.org/changeset/base/294464
> 
> Log:
>   Upgrade to OpenSSH 7.0p1.
...
> Index: crypto/openssh/sshd_config
> ===
> --- crypto/openssh/sshd_config  (revision 294463)
> +++ crypto/openssh/sshd_config  (revision 294464)
> @@ -1,4 +1,4 @@
> -#  $OpenBSD: sshd_config,v 1.95 2015/04/27 21:42:48 djm Exp $
> +#  $OpenBSD: sshd_config,v 1.97 2015/08/06 14:53:21 deraadt Exp $
>  #  $FreeBSD$
> 
>  # This is the sshd server system-wide configuration file.  See
> @@ -45,7 +45,7 @@
>  # Authentication:
> 
>  #LoginGraceTime 2m
> -#PermitRootLogin no
> +#PermitRootLogin prohibit-password
>  #StrictModes yes
>  #MaxAuthTries 6
>  #MaxSessions 10

Shouldn't the comments note the default? The default here is still 'no'.
 Upstream 7.1p2 does use PERMIT_NO_PASSWD rather than PERMIT_NO that we
have.  I think we should make this change:

> Index: crypto/openssh/servconf.c
> ===
> --- crypto/openssh/servconf.c   (revision 294275)
> +++ crypto/openssh/servconf.c   (working copy)
> @@ -202,7 +202,7 @@
> if (options->key_regeneration_time == -1)
> options->key_regeneration_time = 3600;
> if (options->permit_root_login == PERMIT_NOT_SET)
> -   options->permit_root_login = PERMIT_NO;
> +   options->permit_root_login = PERMIT_NO_PASSWD;
> if (options->ignore_rhosts == -1)
> options->ignore_rhosts = 1;
> if (options->ignore_user_known_hosts == -1)


-- 
Regards,
Bryan Drewery



signature.asc
Description: OpenPGP digital signature

Re: svn commit: r294464 - in head: crypto/openssh crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypto/openssh/regress crypto/openssh/regress/unittests crypto

2016-01-23 Thread Dag-Erling Smørgrav

Craig Rodrigues  writes:
> clang is emitting a new warning on this file:
>
> https://jenkins.freebsd.org/job/FreeBSD_HEAD/62/warnings7Result/new/
>
> Is it a legitimate problem which needs to be fixed upstream, or is it
> a non-issue?

The warning is technically correct, but the error is harmless since the
source and destination are fixed buffers of identical size.  The code
was fixed upstream in October, after 7.1 was released.

DES
-- 
Dag-Erling Smørgrav - d...@des.no
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Re: svn commit: r294464 - in head: crypto/openssh crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypto/openssh/regress crypto/openssh/regress/unittests crypto

2016-01-23 Thread Craig Rodrigues

On Wed, Jan 20, 2016 at 2:57 PM, Dag-Erling Smørgrav 
wrote:

> Author: des
> Date: Wed Jan 20 22:57:10 2016
> New Revision: 294464
> URL: https://svnweb.freebsd.org/changeset/base/294464
>
> Log:
>   Upgrade to OpenSSH 7.0p1.
>
> Modified:
>   head/crypto/openssh/openbsd-compat/realpath.c
>

 clang is emitting a new warning on this file:

https://jenkins.freebsd.org/job/FreeBSD_HEAD/62/warnings7Result/new/

Is it a legitimate problem which needs to be fixed upstream, or is it a
non-issue?

--
Craig
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r294464 - in head: crypto/openssh crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypto/openssh/regress crypto/openssh/regress/unittests crypto/...

2016-01-20 Thread Dag-Erling Smørgrav

Author: des
Date: Wed Jan 20 22:57:10 2016
New Revision: 294464
URL: https://svnweb.freebsd.org/changeset/base/294464

Log:
  Upgrade to OpenSSH 7.0p1.

Modified:
  head/crypto/openssh/ChangeLog
  head/crypto/openssh/OVERVIEW
  head/crypto/openssh/PROTOCOL
  head/crypto/openssh/PROTOCOL.mux
  head/crypto/openssh/README
  head/crypto/openssh/addrmatch.c
  head/crypto/openssh/auth-options.c
  head/crypto/openssh/auth.c
  head/crypto/openssh/auth2-chall.c
  head/crypto/openssh/authfd.c
  head/crypto/openssh/authfile.c
  head/crypto/openssh/cipher.h
  head/crypto/openssh/clientloop.c
  head/crypto/openssh/compat.c
  head/crypto/openssh/config.h
  head/crypto/openssh/config.h.in
  head/crypto/openssh/configure
  head/crypto/openssh/configure.ac
  head/crypto/openssh/contrib/redhat/openssh.spec
  head/crypto/openssh/contrib/suse/openssh.spec
  head/crypto/openssh/kex.c
  head/crypto/openssh/kex.h
  head/crypto/openssh/key.c
  head/crypto/openssh/key.h
  head/crypto/openssh/krl.c
  head/crypto/openssh/log.c
  head/crypto/openssh/moduli
  head/crypto/openssh/moduli.0
  head/crypto/openssh/myproposal.h
  head/crypto/openssh/openbsd-compat/openbsd-compat.h
  head/crypto/openssh/openbsd-compat/port-linux.c
  head/crypto/openssh/openbsd-compat/realpath.c
  head/crypto/openssh/packet.c
  head/crypto/openssh/readconf.c
  head/crypto/openssh/readconf.h
  head/crypto/openssh/regress/cert-hostkey.sh
  head/crypto/openssh/regress/cert-userkey.sh
  head/crypto/openssh/regress/hostkey-agent.sh
  head/crypto/openssh/regress/hostkey-rotate.sh
  head/crypto/openssh/regress/keygen-knownhosts.sh
  head/crypto/openssh/regress/keytype.sh
  head/crypto/openssh/regress/principals-command.sh
  head/crypto/openssh/regress/unittests/Makefile.inc
  head/crypto/openssh/regress/unittests/kex/test_kex.c
  head/crypto/openssh/regress/unittests/sshkey/mktestdata.sh
  head/crypto/openssh/regress/unittests/sshkey/test_file.c
  head/crypto/openssh/regress/unittests/sshkey/test_sshkey.c
  head/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1
  head/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1-cert.fp
  head/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1-cert.pub
  head/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.fp
  head/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.fp.bb
  head/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.param.g
  head/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.param.priv
  head/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.param.pub
  head/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1.pub
  head/crypto/openssh/regress/unittests/sshkey/testdata/dsa_1_pw
  head/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2
  head/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2.fp
  head/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2.fp.bb
  head/crypto/openssh/regress/unittests/sshkey/testdata/dsa_2.pub
  head/crypto/openssh/regress/unittests/sshkey/testdata/dsa_n
  head/crypto/openssh/regress/unittests/sshkey/testdata/dsa_n_pw
  head/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1
  head/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1-cert.fp
  head/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1-cert.pub
  head/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.fp
  head/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.fp.bb
  head/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.param.priv
  head/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.param.pub
  head/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1.pub
  head/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_1_pw
  head/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2
  head/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.fp
  head/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.fp.bb
  head/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.param.priv
  head/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.param.pub
  head/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_2.pub
  head/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_n
  head/crypto/openssh/regress/unittests/sshkey/testdata/ecdsa_n_pw
  head/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1
  head/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1-cert.fp
  head/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1-cert.pub
  head/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1.fp
  head/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1.fp.bb
  head/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1.pub
  head/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_1_pw
  head/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2
  head/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2.fp
  head/crypto/openssh/regress/unittests/sshkey/testdata/ed25519_2.fp.bb

Re: svn commit: r294464 - in head: crypto/openssh crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypto/openssh/regress crypto/openssh/regress/unittests crypto

Re: svn commit: r294464 - in head: crypto/openssh crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypto/openssh/regress crypto/openssh/regress/unittests crypto

Re: svn commit: r294464 - in head: crypto/openssh crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypto/openssh/regress crypto/openssh/regress/unittests crypto

Re: svn commit: r294464 - in head: crypto/openssh crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypto/openssh/regress crypto/openssh/regress/unittests crypto

svn commit: r294464 - in head: crypto/openssh crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypto/openssh/regress crypto/openssh/regress/unittests crypto/...

5 matches

Site Navigation

Mail list logo

Footer information