Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssh/patches/033-without_cast128.patch
author Jan Parcel <jan.parcel@oracle.com>
Tue, 25 Apr 2017 15:08:28 -0700
branchs11u3-sru
changeset 7946 165bf092aa9c
parent 7320 edeb951aa980
permissions -rw-r--r--
PSARC/2017/022 OpenSSH 7.4 25295722 upgrade OpenSSH to 7.4p1 25295787 problem in UTILITY/OPENSSH 25295804 problem in UTILITY/OPENSSH 25295822 problem in UTILITY/OPENSSH 25295840 problem in UTILITY/OPENSSH 25809379 Openssh 7.4p1 has 3 regressions, fixed in 7.5 25795760 openssh drops connection when GSSAPIAuthentication set to no
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
5324
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     1
 
#
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     2
 
# Removes cast128-cbc support.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     3
 
#
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     4
 
# At this moment this algorithm is not listed in Approved Security
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     5
 
# Technologies: Standards Details at all. Eventually it will be added as
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     6
 
# deprecated.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     7
 
#
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     8
 
# SunSSH did not support cast128-cbc. In this respect removing cast128-cbc from
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
     9
 
# OpenSSH doesn't constitute a regression in functionality from SunSSH.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    10
 
#
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    11
 
# Interoperability gain provided by cast128-cbc is negligible, because all
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    12
 
# relevant ssh implementations also provide several more common encryption
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    13
 
# algorithms (aes256-ctr, aes128-cbc, ...) on top of cast128-cbc.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    14
 
#
7320
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1
Jan Parcel <jan.parcel@oracle.com>
parents: 6076
diff changeset 
    15
 
# Update Aug 29, 2016:
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1
Jan Parcel <jan.parcel@oracle.com>
parents: 6076
diff changeset 
    16
 
# This used to be implemented by Solaris specific macro WITHOUT_CAST,
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1
Jan Parcel <jan.parcel@oracle.com>
parents: 6076
diff changeset 
    17
 
# but now upstream OPENSSL_NO_CAST is used instead. This patch now just
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1
Jan Parcel <jan.parcel@oracle.com>
parents: 6076
diff changeset 
    18
 
# removes cast references from manpages.
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1
Jan Parcel <jan.parcel@oracle.com>
parents: 6076
diff changeset 
    19
 
#
5324
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    20
 
# This is a Solaris specific patch and it is not likely to be accepted upstream.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    21
 
#
7946
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    22
 
diff -pur old/ssh_config.5 new/ssh_config.5
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    23
 
--- old/ssh_config.5
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    24
 
+++ new/ssh_config.5
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    25
 
@@ -431,7 +431,6 @@ arcfour
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    26
 
 arcfour128
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    27
 
 arcfour256
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    28
 
 blowfish-cbc
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    29
 
-cast128-cbc
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    30
 
 [email protected]
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    31
 
 .Ed
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    32
 
 .Pp
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    33
 
diff -pur old/sshd.8 new/sshd.8
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    34
 
--- old/sshd.8
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    35
 
+++ new/sshd.8
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    36
 
@@ -255,7 +255,7 @@ host key against its own database to ver
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    37
 
 Forward security is provided through a Diffie-Hellman key agreement.
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    38
 
 This key agreement results in a shared session key.
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    39
 
 The rest of the session is encrypted using a symmetric cipher, currently
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    40
 
-128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES.
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    41
 
+128-bit AES, Blowfish, 3DES, Arcfour, 192-bit AES, or 256-bit AES.
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    42
 
 The client selects the encryption algorithm
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    43
 
 to use from those offered by the server.
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    44
 
 Additionally, session integrity is provided
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    45
 
diff -pur old/sshd_config.5 new/sshd_config.5
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    46
 
--- old/sshd_config.5
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    47
 
+++ new/sshd_config.5
165bf092aa9c PSARC/2017/022 OpenSSH 7.4
Jan Parcel <jan.parcel@oracle.com>
parents: 7320
diff changeset 
    48
 
@@ -468,8 +468,6 @@ arcfour256
5324
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    49
 
 .It
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    50
 
 blowfish-cbc
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    51
 
 .It
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    52
 
-cast128-cbc
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    53
 
-.It
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    54
 
 [email protected]
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    55
 
 .El
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
diff changeset 
    56
 
 .Pp
upstream/oracle/userland-gate