Details

Reviewers

emaste
rpaulo

Group Reviewers

manpages

Commits

rS305065: Add refactored blacklist support to sshd

Summary

Add refactored blacklist support to sshd

Remove use of #ifdef USE_BLACKLIST / #endif, and change the
calls to of blacklist_init() and blacklist_notify to be
macros defined in the blacklist_client.h file.

Remove redundent initialization attempts from within
blacklist_notify - everything always goes through
blacklistd_init().

Added UseBlacklist option to sshd, which defaults to off.
To enable the functionality, use '-o UseBlacklist=yes' on
the command line, or uncomment in the sshd_config file.

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

• lidl updated this revision to Diff 18064.Jul 2 2016, 5:23 AM

• lidl retitled this revision from to Add refactored blacklist support to sshd.

• lidl updated this object.

• lidl edited the test plan for this revision. (Show Details)

• lidl added reviewers: emaste, rpaulo, des.

• lidl set the repository for this revision to rS FreeBSD src repository - subversion.

Herald added a reviewer: manpages. · View Herald TranscriptJul 2 2016, 5:23 AM

Herald added a subscriber: imp. · View Herald Transcript

Please upload with full context - instructions available at https://wiki.freebsd.org/CodeReview

Full diff uploaded, as requested by Ed Maste. Should otherwise be the same as the prior diff.

Herald edited edge metadata. · View Herald TranscriptJul 5 2016, 9:43 PM

Refresh diff with latest code.
Updates based on comments received from des@ in email.

Herald edited edge metadata. · View Herald TranscriptJul 15 2016, 12:59 PM

Latest version of the diff, updated based on des' comments.

Herald edited edge metadata. · View Herald TranscriptAug 23 2016, 3:53 AM

This is the same as the last uploaded diff, only generated with -U99999 so the entire content of any affected files can be viewed through Phabricator.

Herald edited edge metadata. · View Herald TranscriptAug 23 2016, 3:58 AM

wblock added a subscriber: wblock.Aug 23 2016, 1:12 PM

wblock added inline comments.

crypto/openssh/sshd_config.5
1549	Passive -> active. Also, "should" implies a recommendation. s/should attempt/attempts/
1558	As above: looks up the remote host name and checks that

• lidl marked an inline comment as done.Aug 23 2016, 3:16 PM

• lidl added inline comments.

crypto/openssh/sshd_config.5
1558	I'm not going to make this change in this part of the text, as this comes from upstream. While you are correct it could be improved, I don't think that improvement ought to be part of this patch.

wblock added inline comments.Aug 26 2016, 3:23 PM

crypto/openssh/sshd_config.5
1558	Fair enough.

Closed by commit rS305065: Add refactored blacklist support to sshd (authored by • lidl). · Explain WhyAug 30 2016, 2:09 PM

This revision was automatically updated to reflect the committed changes.

Add refactored blacklist support to sshd
ClosedPublic
Actions

Details

Diff Detail

Event Timeline

Revision Contents
Changeset List

Diff 18168

crypto/openssh/auth-pam.c

crypto/openssh/auth.c

crypto/openssh/auth1.c

crypto/openssh/auth2.c

crypto/openssh/blacklist.c

crypto/openssh/blacklist_client.h

crypto/openssh/packet.c

crypto/openssh/servconf.h

crypto/openssh/servconf.c

crypto/openssh/sshd.c

crypto/openssh/sshd_config

crypto/openssh/sshd_config.5

secure/usr.sbin/sshd/Makefile

secure/usr.sbin/sshd/Makefile.depend

Add refactored blacklist support to sshdClosedPublicActions

Details

Diff Detail

Event Timeline

Revision ContentsChangeset List

Diff 18168

crypto/openssh/auth-pam.c

crypto/openssh/auth.c

crypto/openssh/auth1.c

crypto/openssh/auth2.c

crypto/openssh/blacklist.c

crypto/openssh/blacklist_client.h

crypto/openssh/packet.c

crypto/openssh/servconf.h

crypto/openssh/servconf.c

crypto/openssh/sshd.c

crypto/openssh/sshd_config

crypto/openssh/sshd_config.5

secure/usr.sbin/sshd/Makefile

secure/usr.sbin/sshd/Makefile.depend

Add refactored blacklist support to sshd
ClosedPublic
Actions

Revision Contents
Changeset List