22389801 OpenSSH: remove cast from ssh(1), sshd(8), ssh_config(5) and sshd_config(5)
authorTomas Kuthan <tomas.kuthan@oracle.com>
Mon, 04 Jan 2016 01:34:17 -0800
changeset 5223 66bb65945d8f
parent 5222 8298df727253
child 5224 388b8a6cf76b
22389801 OpenSSH: remove cast from ssh(1), sshd(8), ssh_config(5) and sshd_config(5)
components/openssh/patches/033-without_cast128.patch
--- a/components/openssh/patches/033-without_cast128.patch	Tue Dec 22 04:53:40 2015 -0800
+++ b/components/openssh/patches/033-without_cast128.patch	Mon Jan 04 01:34:17 2016 -0800
@@ -49,3 +49,60 @@
  	"aes192-cbc,aes256-cbc,arcfour,[email protected]"
  
  #define KEX_SERVER_MAC \
+diff -pur old/ssh.1 new/ssh.1
+--- old/ssh.1
++++ new/ssh.1
[email protected]@ -788,7 +788,7 @@ options (see above).
+ Both protocols support similar authentication methods,
+ but protocol 2 is the default since
+ it provides additional mechanisms for confidentiality
+-(the traffic is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour)
++(the traffic is encrypted using AES, 3DES, Blowfish, or Arcfour)
+ and integrity (hmac-md5, hmac-sha1,
+ hmac-sha2-256, hmac-sha2-512,
+ umac-64, umac-128, hmac-ripemd160).
+diff -pur old/ssh_config.5 new/ssh_config.5
+--- old/ssh_config.5
++++ new/ssh_config.5
[email protected]@ -408,8 +408,6 @@ arcfour256
+ .It
+ blowfish-cbc
+ .It
+-cast128-cbc
+-.It
+ [email protected]
+ .El
+ .Pp
[email protected]@ -419,7 +417,7 @@ [email protected],
+ aes128-ctr,aes192-ctr,aes256-ctr,
+ [email protected],[email protected],
+ arcfour256,arcfour128,
+-aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,
++aes128-cbc,3des-cbc,blowfish-cbc,
+ aes192-cbc,aes256-cbc,arcfour
+ .Ed
+ .Pp
+diff -pur old/sshd.8 new/sshd.8
+--- old/sshd.8
++++ new/sshd.8
[email protected]@ -307,7 +307,7 @@ For protocol 2,
+ forward security is provided through a Diffie-Hellman key agreement.
+ This key agreement results in a shared session key.
+ The rest of the session is encrypted using a symmetric cipher, currently
+-128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES.
++128-bit AES, Blowfish, 3DES, Arcfour, 192-bit AES, or 256-bit AES.
+ The client selects the encryption algorithm
+ to use from those offered by the server.
+ Additionally, session integrity is provided
+diff -pur old/sshd_config.5 new/sshd_config.5
+--- old/sshd_config.5
++++ new/sshd_config.5
[email protected]@ -469,8 +469,6 @@ arcfour256
+ .It
+ blowfish-cbc
+ .It
+-cast128-cbc
+-.It
+ [email protected]
+ .El
+ .Pp