tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- (dtucker) OpenBSD CVS Sync 

- markus@cvs.openbsd.org 2009/10/08 14:03:41
     [sshd_config readconf.c ssh_config.5 servconf.c sshd_config.5]
     disable protocol 1 by default (after a transition period of about 10 years)
     ok deraadt
This commit is contained in:
Darren Tucker 2009-10-11 21:51:08 +11:00
parent c182d99376
commit bad5076bb5
6 changed files with 23 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -2,6 +2,11 @@
- (dtucker) [configure.ac sftp-client.c] Remove the gyrations required for - (dtucker) [configure.ac sftp-client.c] Remove the gyrations required for
dirent d_type and DTTOIF as we've switched OpenBSD to the more portable dirent d_type and DTTOIF as we've switched OpenBSD to the more portable
lstat. lstat.
- (dtucker) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2009/10/08 14:03:41
[sshd_config readconf.c ssh_config.5 servconf.c sshd_config.5]
disable protocol 1 by default (after a transition period of about 10 years)
ok deraadt
20091007 20091007
- (dtucker) OpenBSD CVS Sync - (dtucker) OpenBSD CVS Sync

4
readconf.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: readconf.c,v 1.177 2009/06/27 09:35:06 andreas Exp $ */ /* $OpenBSD: readconf.c,v 1.178 2009/10/08 14:03:41 markus Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -1142,7 +1142,7 @@ fill_default_options(Options * options)
/* options->macs, default set in myproposals.h */ /* options->macs, default set in myproposals.h */
/* options->hostkeyalgorithms, default set in myproposals.h */ /* options->hostkeyalgorithms, default set in myproposals.h */
if (options->protocol == SSH_PROTO_UNKNOWN) if (options->protocol == SSH_PROTO_UNKNOWN)
options->protocol = SSH_PROTO_1|SSH_PROTO_2; options->protocol = SSH_PROTO_2;
if (options->num_identity_files == 0) { if (options->num_identity_files == 0) {
if (options->protocol & SSH_PROTO_1) { if (options->protocol & SSH_PROTO_1) {
len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1; len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1;

4
servconf.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: servconf.c,v 1.195 2009/04/14 21:10:54 jj Exp $ */ /* $OpenBSD: servconf.c,v 1.196 2009/10/08 14:03:41 markus Exp $ */
/* /*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved * All rights reserved
@ -139,7 +139,7 @@ fill_default_server_options(ServerOptions *options)
/* Standard Options */ /* Standard Options */
if (options->protocol == SSH_PROTO_UNKNOWN) if (options->protocol == SSH_PROTO_UNKNOWN)
options->protocol = SSH_PROTO_1|SSH_PROTO_2; options->protocol = SSH_PROTO_2;
if (options->num_host_key_files == 0) { if (options->num_host_key_files == 0) {
/* fill default hostkeys for protocols */ /* fill default hostkeys for protocols */
if (options->protocol & SSH_PROTO_1) if (options->protocol & SSH_PROTO_1)

14
ssh_config.5
View File

@ -34,8 +34,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: ssh_config.5,v 1.119 2009/02/22 23:50:57 djm Exp $ .\" $OpenBSD: ssh_config.5,v 1.120 2009/10/08 14:03:41 markus Exp $
.Dd $Mdocdate: February 22 2009 $ .Dd $Mdocdate: October 8 2009 $
.Dt SSH_CONFIG 5 .Dt SSH_CONFIG 5
.Os .Os
.Sh NAME .Sh NAME
@ -730,11 +730,13 @@ The possible values are
and and
.Sq 2 . .Sq 2 .
Multiple versions must be comma-separated. Multiple versions must be comma-separated.
The default is When this option is set to
.Dq 2,1 . .Dq 2,1
This means that ssh .Nm ssh
tries version 2 and falls back to version 1 will try version 2 and fall back to version 1
if version 2 is not available. if version 2 is not available.
The default is
.Dq 2 .
.It Cm ProxyCommand .It Cm ProxyCommand
Specifies the command to use to connect to the server. Specifies the command to use to connect to the server.
The command The command

8
sshd_config
View File

@ -1,4 +1,4 @@
# $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $ # $OpenBSD: sshd_config,v 1.81 2009/10/08 14:03:41 markus Exp $
# This is the sshd server system-wide configuration file. See # This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information. # sshd_config(5) for more information.
@ -15,10 +15,8 @@
#ListenAddress 0.0.0.0 #ListenAddress 0.0.0.0
#ListenAddress :: #ListenAddress ::
# Disable legacy (protocol version 1) support in the server for new # The default requires explicit activation of protocol 1
# installations. In future the default will change to require explicit #Protocol 2
# activation of protocol 1
Protocol 2
# HostKey for protocol version 1 # HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key #HostKey /etc/ssh/ssh_host_key

6
sshd_config.5
View File

@ -34,8 +34,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: sshd_config.5,v 1.107 2009/08/16 23:29:26 dtucker Exp $ .\" $OpenBSD: sshd_config.5,v 1.108 2009/10/08 14:03:41 markus Exp $
.Dd $Mdocdate: August 16 2009 $ .Dd $Mdocdate: October 8 2009 $
.Dt SSHD_CONFIG 5 .Dt SSHD_CONFIG 5
.Os .Os
.Sh NAME .Sh NAME
@ -793,7 +793,7 @@ and
.Sq 2 . .Sq 2 .
Multiple versions must be comma-separated. Multiple versions must be comma-separated.
The default is The default is
.Dq 2,1 . .Dq 2 .
Note that the order of the protocol list does not indicate preference, Note that the order of the protocol list does not indicate preference,
because the client selects among multiple protocol versions offered because the client selects among multiple protocol versions offered
by the server. by the server.