- djm@cvs.openbsd.org 2010/05/20 23:46:02 [PROTOCOL.certkeys auth-options.c ssh-keygen.c] Move the permit-* options to the non-critical "extensions" field for v01 certificates. The logic is that if another implementation fails to implement them then the connection just loses features rather than fails outright. ok markus@

commit: d0e4a8e2e0bc6fcee6cd8486fbcdffaf7d037aed [log] [tgz]
author: Damien Miller <djm@mindrot.org> Fri May 21 14:58:32 2010 +1000
committer: Damien Miller <djm@mindrot.org> Fri May 21 14:58:32 2010 +1000
tree: a5e02fcbb2a55a16b877e960edd2b8f1adde8389
parent: 84399555f0a3c78b96c3e5a56ce9c83eaa814228 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 2cc1369..86c66d1 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -33,6 +33,14 @@
      [auth2-pubkey.c]
      fix logspam when key options (from="..." especially) deny non-matching
      keys; reported by henning@ also bz#1765; ok markus@ dtucker@
+   - djm@cvs.openbsd.org 2010/05/20 23:46:02
+     [PROTOCOL.certkeys auth-options.c ssh-keygen.c]
+     Move the permit-* options to the non-critical "extensions" field for v01
+     certificates. The logic is that if another implementation fails to
+     implement them then the connection just loses features rather than fails
+     outright.
+     
+     ok markus@
 
 20100511
  - (dtucker) [Makefile.in] Bug #1770: Link libopenbsd-compat twice to solve
commit	d0e4a8e2e0bc6fcee6cd8486fbcdffaf7d037aed	[log] [tgz]
author	Damien Miller <djm@mindrot.org>	Fri May 21 14:58:32 2010 +1000
committer	Damien Miller <djm@mindrot.org>	Fri May 21 14:58:32 2010 +1000
tree	a5e02fcbb2a55a16b877e960edd2b8f1adde8389
parent	84399555f0a3c78b96c3e5a56ce9c83eaa814228 [diff] [blame]