summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-02-15Remove references to UNICOS.Darren Tucker
2018-02-15Remove extra newline.Darren Tucker
2018-02-15OpenSSH's builtin entropy gathering is long gone.Darren Tucker
2018-02-15Replace remaining mysignal() with signal().Darren Tucker
These seem to have been missed during the replacement of mysignal with #define signal in commit 5ade9ab. Both include the requisite headers to pick up the #define.
2018-02-15Remove remaining now-obsolete cvs $Ids.Darren Tucker
2018-02-15Regenerate dependencies after UNICOS removal.Darren Tucker
2018-02-15Remove UNICOS support.Darren Tucker
The code required to support it is quite invasive to the mainline code that is synced with upstream and is an ongoing maintenance burden. Both the hardware and software are literal museum pieces these days and we could not find anyone still running OpenSSH on one.
2018-02-13Retpoline linker flag only needed for linking.Darren Tucker
2018-02-13Default PidFile is sshd.pid not ssh.pid.Darren Tucker
2018-02-13Remove assigned-to-but-never-used variable.Darren Tucker
'p' was removed in previous change but I neglected to remove the otherwise-unused assignment to it.
2018-02-13upstream: remove space before tabdjm@openbsd.org
OpenBSD-Commit-ID: 674edd214d0a7332dd4623c9cf8117301b012890
2018-02-13upstream Don't reset signal handlers inside handlers.dtucker@openbsd.org
The signal handlers from the original ssh1 code on which OpenSSH is based assume unreliable signals and reinstall their handlers. Since OpenBSD (and pretty much every current system) has reliable signals this is not needed. In the unlikely even that -portable is still being used on such systems we will deal with it in the compat layer. ok deraadt@ OpenBSD-Commit-ID: f53a1015cb6908431b92116130d285d71589612c
2018-02-13Whitespace sync with upstream.Darren Tucker
2018-02-13Whitespace sync with upstream.Darren Tucker
2018-02-11Move signal compat code into bsd-signal.{c,h}Darren Tucker
2018-02-11Include headers for linux/if.h.Darren Tucker
Prevents configure-time "present but cannot be compiled" warning.
2018-02-11Fix test for -z,retpolineplt linker flag.Darren Tucker
2018-02-11Add checks for Spectre v2 mitigation (retpoline)Darren Tucker
This adds checks for gcc and clang flags for mitigations for Spectre variant 2, ie "retpoline". It'll automatically enabled if the compiler supports it as part of toolchain hardening flag. ok djm@
2018-02-10upstream commitdjm@openbsd.org
constify some private key-related functions; based on https://github.com/openssh/openssh-portable/pull/56 by Vincent Brillault OpenBSD-Commit-ID: dcb94a41834a15f4d00275cb5051616fdc4c988c
2018-02-10upstream commitdjm@openbsd.org
Mention ServerAliveTimeout in context of TCPKeepAlives; prompted by Christoph Anton Mitterer via github OpenBSD-Commit-ID: f0cf1b5bd3f1fbf41d71c88d75d93afc1c880ca2
2018-02-10upstream commitdjm@openbsd.org
clarify IgnoreUserKnownHosts; based on github PR from Christoph Anton Mitterer. OpenBSD-Commit-ID: 4fff2c17620c342fb2f1f9c2d2e679aab3e589c3
2018-02-10upstream commitdjm@openbsd.org
Shorter, more accurate explanation of NoHostAuthenticationForLocalhost without the confusing example. Prompted by Christoph Anton Mitterer via github and bz#2293. OpenBSD-Commit-ID: 19dc96bea25b80d78d416b581fb8506f1e7b76df
2018-02-10upstream commitdjm@openbsd.org
Disable RemoteCommand and RequestTTY in the ssh session started by scp. sftp is already doing this. From Camden Narzt via github; ok dtucker OpenBSD-Commit-ID: 59e2611141c0b2ee579c6866e8eb9d7d8217bc6b
2018-02-10upstream commitdjm@openbsd.org
Refuse to create a certificate with an unusable number of principals; Prompted by gdestuynder via github OpenBSD-Commit-ID: 8cfae2451e8f07810e3e2546dfdcce66984cbd29
2018-02-10upstream commitdjm@openbsd.org
fatal if we're unable to write all the public key; previously we would silently ignore errors writing the comment and terminating newline. Prompted by github PR from WillerZ; ok dtucker OpenBSD-Commit-ID: 18fbfcfd4e8c6adbc84820039b64d70906e49831
2018-02-10releasing package openssh version 1:7.6p1-4Colin Watson
2018-02-10Add changelog entry for binary strip change.Darren Tucker
2018-02-10Remove unused variables.Darren Tucker
2018-02-10Don't strip binaries so debuginfo gets built.Darren Tucker
Tell install not to strip binaries during package creation so that the debuginfo package can be built.
2018-02-10Fix bogus dates in changelog.Darren Tucker
2018-02-10Remove SSH1 from description.Darren Tucker
2018-02-10Add support for compat-openssl10 build dep.Darren Tucker
2018-02-10Add leading zero so it'll work when rhel not set.Darren Tucker
When rhel is not set it will error out with "bad if". Add leading zero as per https://fedoraproject.org/wiki/Packaging:DistTag so it'll work on non-RHEL.
2018-02-10Update openssl-devel dependency.Darren Tucker
2018-02-10Add mandir with-mandir' for RHEL 5 compatibility.nkadel
Activate '--mandir' and '--with-mandir' settings in setup for RHEL 5 compatibility.
2018-02-10Discard 'K5DIR' reporting.nkadel
It does not work inside 'mock' build environment.
2018-02-10Add 'dist' to 'rel' for OS specific RPM names.nkadel
2018-02-10Add openssh-devel >= 0.9.8f for redhat spec file.nkadel
2018-02-10Enhance BuildRequires for openssh-x11-askpass.nkadel
2018-02-10Always include x11-ssh-askpass SRPM.nkadel
Always include x11-ssh-askpass tarball in redhat SRPM, even if unused.
2018-02-10this is long unused; prompted by dtucker@Damien Miller
2018-02-09upstream commitdtucker@openbsd.org
Remove unused sKerberosTgtPassing from enum. From calestyo via github pull req #11, ok djm@ OpenBSD-Commit-ID: 1008f8870865a7c4968b7aed402a0a9e3e5b9540
2018-02-09upstream commitdtucker@openbsd.org
Rename struct umac_ctx to umac128_ctx too. In portable some linkers complain about two symbols with the same name having differing sizes. ok djm@ OpenBSD-Commit-ID: cbebf8bdd3310a9795b4939a1e112cfe24061ca3
2018-02-09upstream commitdtucker@openbsd.org
ssh_free checks for and handles NULL args, remove NULL checks from remaining callers. ok djm@ OpenBSD-Commit-ID: bb926825c53724c069df68a93a2597f9192f7e7b
2018-02-08Set SO_REUSEADDR in regression test netcat.Darren Tucker
Sometimes multiplex tests fail on Solaris with "netcat: local_listen: Address already in use" which is likely due to previous invocations leaving the port in TIME_WAIT. Set SO_REUSEADDR (in addition to SO_REUSEPORT which is alread set on platforms that support it). ok djm@
2018-02-08upstream commitjsing@openbsd.org
Convert some explicit_bzero()/free() calls to freezero(). ok deraadt@ dtucker@ OpenBSD-Commit-ID: f566ab99149650ebe58b1d4b946ea726c3829609
2018-02-08upstream commitjsing@openbsd.org
Remove some #ifdef notyet code from OpenSSL 0.9.8 days. These functions have never appeared in OpenSSL and are likely never to do so. "kill it with fire" djm@ OpenBSD-Commit-ID: fee9560e283fd836efc2631ef381658cc673d23e
2018-02-08upstream commitjsing@openbsd.org
Remove all guards for calls to OpenSSL free functions - all of these functions handle NULL, from at least OpenSSL 1.0.1g onwards. Prompted by dtucker@ asking about guards for RSA_free(), when looking at openssh-portable pr#84 on github. ok deraadt@ dtucker@ OpenBSD-Commit-ID: 954f1c51b94297d0ae1f749271e184141e0cadae
2018-02-07Remove obsolete "Smartcard support" messageDarren Tucker
The configure checks that populated $SCARD_MSG were removed in commits 7ea845e4 and d8f60022 when the smartcard support was replaced with PKCS#11.
2018-02-07upstream commitdtucker@openbsd.org
Replace "trojan horse" with the correct term (MITM). From maikel at predikkta.com via bz#2822, ok markus@ OpenBSD-Commit-ID: e86ac64c512057c89edfadb43302ac0aa81a6c53
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-06 05:52:00 +0000