upstream/oracle/userland-gate: components/openssh/patches/033-without

5324 5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	1	#
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	2	# Removes cast128-cbc support.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	3	#
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	4	# At this moment this algorithm is not listed in Approved Security
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	5	# Technologies: Standards Details at all. Eventually it will be added as
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	6	# deprecated.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	7	#
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	8	# SunSSH did not support cast128-cbc. In this respect removing cast128-cbc from
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	9	# OpenSSH doesn't constitute a regression in functionality from SunSSH.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	10	#
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	11	# Interoperability gain provided by cast128-cbc is negligible, because all
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	12	# relevant ssh implementations also provide several more common encryption
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	13	# algorithms (aes256-ctr, aes128-cbc, ...) on top of cast128-cbc.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	14	#
7320 edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	15	# Update Aug 29, 2016:
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	16	# This used to be implemented by Solaris specific macro WITHOUT_CAST,
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	17	# but now upstream OPENSSL_NO_CAST is used instead. This patch now just
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	18	# removes cast references from manpages.
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	19	#
5324 5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	20	# This is a Solaris specific patch and it is not likely to be accepted upstream.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	21	#
7320 edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	22	--- orig/ssh_config.5 Mon Aug 15 17:22:20 2016
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	23	+++ new/ssh_config.5 Mon Aug 15 17:25:28 2016
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	24	@@ -478,8 +478,6 @@
5324 5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	25	.It
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	26	blowfish-cbc
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	27	.It
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	28	-cast128-cbc
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	29	-.It
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	30	[email protected]
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	31	.El
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	32	.Pp
7320 edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	33	--- orig/sshd_config.5 Mon Aug 15 17:22:29 2016
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	34	+++ new/sshd_config.5 Mon Aug 15 17:25:58 2016
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	35	@@ -479,8 +479,6 @@
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	36	.It
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	37	blowfish-cbc
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	38	.It
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	39	-cast128-cbc
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	40	-.It
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	41	[email protected]
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	42	.El
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	43	.Pp
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	44	--- orig/sshd.8 Mon Aug 15 17:22:36 2016
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	45	+++ new/sshd.8 Mon Aug 15 17:26:48 2016
edeb951aa980 24525860 upgrade OpenSSH to 7.3p1 Jan Parcel <jan.parcel@oracle.com> parents: 6076 diff changeset	46	@@ -307,7 +307,7 @@
5324 5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	47	forward security is provided through a Diffie-Hellman key agreement.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	48	This key agreement results in a shared session key.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	49	The rest of the session is encrypted using a symmetric cipher, currently
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	50	-128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	51	+128-bit AES, Blowfish, 3DES, Arcfour, 192-bit AES, or 256-bit AES.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	52	The client selects the encryption algorithm
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	53	to use from those offered by the server.
5683175b6e99 PSARC/2015/395 OpenSSH 7.1p1 Jan Parcel <jan.parcel@oracle.com> parents: diff changeset	54	Additionally, session integrity is provided

author	pkidd <patrick.kidd@oracle.com>
	Tue, 21 Feb 2017 09:42:20 -0800
branch	s11u3-sru
changeset 7677	9b4f5d1632d7
parent 7320	edeb951aa980
child 7946	165bf092aa9c
permissions	-rw-r--r--