From owner-cvs-all Mon Mar 18 2:33:37 2002 Delivered-To: cvs-all@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 32DDE37B41E; Mon, 18 Mar 2002 02:33:28 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 802F15346; Mon, 18 Mar 2002 11:33:26 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: cvs-committers@FreeBSD.org Cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/crypto/openssh auth-chall.c auth-krb4.c auth-krb5.c auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rsa.c auth.c auth.h auth1.c auth2.c authfd.c authfile.c bufaux.c canohost.c channels.c channels.h cipher.c cipher.h compat.c ... References: <200203181009.g2IA9jI22591@freefall.freebsd.org> From: Dag-Erling Smorgrav Date: 18 Mar 2002 11:33:25 +0100 In-Reply-To: <200203181009.g2IA9jI22591@freefall.freebsd.org> Message-ID: Lines: 46 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Dag-Erling Smorgrav writes: > Log: > Fix conflicts. This was a real bitch... expect stuff to break. I've verified that it builds with krb4 and krb5 support, and that it works in !krb case, but the diffs are so huge I'm bound to have done *something* wrong. Some things worth pointing out: 1) I bungled the import (used the wrong vendor tag). Mark has already had my hide for this on IRC :) 2) I've aimed for minimal diffs vs. OpenBSD rather than minimal diffs vs. FreeBSD, to make future upgrades less painful than this one. 3) OpenSSH 3.1 has krb5 support, based mainly on our code but with some changes which I've adopted. 4) I've completely removed the ConnectionsPerPeriod option since it never existed in OpenBSD and has been deprecated in our tree for a while now. Conversely, I've revived CheckMail which OpenBSD had retired; since we had it on by default, I didn't feel it was right to take it out back and shoot it. 5) I've adopted OpenBSD's style for sshd_config: list every option, set it to the default value, but comment it out. Our sshd_config was already like that except that a) MaxStartups was commented out but set to a non-default value and b) a handful of options were set to their default values but not commented out. 6) I've also followed OpenBSD's lead in removing all mention of *2 from the documentation, since in OpenSSH 3.1, *2 files are still consulted but no longer updated. This is definitely worthy of a big mention in relnotes. 7) Once I've gotten some sleep I'm going to try to document all this in a README I'll put alongside the code. 8) I forgot to mention that all this was Sponsored by: DARPA, NAI Labs DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message