summaryrefslogtreecommitdiff
path: root/Makefile.in
AgeCommit message (Collapse)Author
2014-08-30 - (djm) [Makefile.in] Make TEST_SHELL a variable; "good idea" tim@Damien Miller
2014-08-21 - (djm) [Makefile.in] fix reference to libtest_helper.a in sshkey test too.Damien Miller
2014-08-20 - (djm) [Makefile.in] refer to libtest_helper.a by explicit path rather thanDamien Miller
-L/-l; fixes linking problems on some platforms
2014-07-19 - (dtucker) [Makefile.in] Add a t-exec target to run just the executableDarren Tucker
tests.
2014-07-02 - djm@cvs.openbsd.org 2014/06/24 01:14:17Damien Miller
[Makefile.in regress/Makefile regress/unittests/Makefile] [regress/unittests/sshkey/Makefile] [regress/unittests/sshkey/common.c] [regress/unittests/sshkey/common.h] [regress/unittests/sshkey/mktestdata.sh] [regress/unittests/sshkey/test_file.c] [regress/unittests/sshkey/test_fuzz.c] [regress/unittests/sshkey/test_sshkey.c] [regress/unittests/sshkey/tests.c] [regress/unittests/sshkey/testdata/dsa_1] [regress/unittests/sshkey/testdata/dsa_1-cert.fp] [regress/unittests/sshkey/testdata/dsa_1-cert.pub] [regress/unittests/sshkey/testdata/dsa_1.fp] [regress/unittests/sshkey/testdata/dsa_1.fp.bb] [regress/unittests/sshkey/testdata/dsa_1.param.g] [regress/unittests/sshkey/testdata/dsa_1.param.priv] [regress/unittests/sshkey/testdata/dsa_1.param.pub] [regress/unittests/sshkey/testdata/dsa_1.pub] [regress/unittests/sshkey/testdata/dsa_1_pw] [regress/unittests/sshkey/testdata/dsa_2] [regress/unittests/sshkey/testdata/dsa_2.fp] [regress/unittests/sshkey/testdata/dsa_2.fp.bb] [regress/unittests/sshkey/testdata/dsa_2.pub] [regress/unittests/sshkey/testdata/dsa_n] [regress/unittests/sshkey/testdata/dsa_n_pw] [regress/unittests/sshkey/testdata/ecdsa_1] [regress/unittests/sshkey/testdata/ecdsa_1-cert.fp] [regress/unittests/sshkey/testdata/ecdsa_1-cert.pub] [regress/unittests/sshkey/testdata/ecdsa_1.fp] [regress/unittests/sshkey/testdata/ecdsa_1.fp.bb] [regress/unittests/sshkey/testdata/ecdsa_1.param.curve] [regress/unittests/sshkey/testdata/ecdsa_1.param.priv] [regress/unittests/sshkey/testdata/ecdsa_1.param.pub] [regress/unittests/sshkey/testdata/ecdsa_1.pub] [regress/unittests/sshkey/testdata/ecdsa_1_pw] [regress/unittests/sshkey/testdata/ecdsa_2] [regress/unittests/sshkey/testdata/ecdsa_2.fp] [regress/unittests/sshkey/testdata/ecdsa_2.fp.bb] [regress/unittests/sshkey/testdata/ecdsa_2.param.curve] [regress/unittests/sshkey/testdata/ecdsa_2.param.priv] [regress/unittests/sshkey/testdata/ecdsa_2.param.pub] [regress/unittests/sshkey/testdata/ecdsa_2.pub] [regress/unittests/sshkey/testdata/ecdsa_n] [regress/unittests/sshkey/testdata/ecdsa_n_pw] [regress/unittests/sshkey/testdata/ed25519_1] [regress/unittests/sshkey/testdata/ed25519_1-cert.fp] [regress/unittests/sshkey/testdata/ed25519_1-cert.pub] [regress/unittests/sshkey/testdata/ed25519_1.fp] [regress/unittests/sshkey/testdata/ed25519_1.fp.bb] [regress/unittests/sshkey/testdata/ed25519_1.pub] [regress/unittests/sshkey/testdata/ed25519_1_pw] [regress/unittests/sshkey/testdata/ed25519_2] [regress/unittests/sshkey/testdata/ed25519_2.fp] [regress/unittests/sshkey/testdata/ed25519_2.fp.bb] [regress/unittests/sshkey/testdata/ed25519_2.pub] [regress/unittests/sshkey/testdata/pw] [regress/unittests/sshkey/testdata/rsa1_1] [regress/unittests/sshkey/testdata/rsa1_1.fp] [regress/unittests/sshkey/testdata/rsa1_1.fp.bb] [regress/unittests/sshkey/testdata/rsa1_1.param.n] [regress/unittests/sshkey/testdata/rsa1_1.pub] [regress/unittests/sshkey/testdata/rsa1_1_pw] [regress/unittests/sshkey/testdata/rsa1_2] [regress/unittests/sshkey/testdata/rsa1_2.fp] [regress/unittests/sshkey/testdata/rsa1_2.fp.bb] [regress/unittests/sshkey/testdata/rsa1_2.param.n] [regress/unittests/sshkey/testdata/rsa1_2.pub] [regress/unittests/sshkey/testdata/rsa_1] [regress/unittests/sshkey/testdata/rsa_1-cert.fp] [regress/unittests/sshkey/testdata/rsa_1-cert.pub] [regress/unittests/sshkey/testdata/rsa_1.fp] [regress/unittests/sshkey/testdata/rsa_1.fp.bb] [regress/unittests/sshkey/testdata/rsa_1.param.n] [regress/unittests/sshkey/testdata/rsa_1.param.p] [regress/unittests/sshkey/testdata/rsa_1.param.q] [regress/unittests/sshkey/testdata/rsa_1.pub] [regress/unittests/sshkey/testdata/rsa_1_pw] [regress/unittests/sshkey/testdata/rsa_2] [regress/unittests/sshkey/testdata/rsa_2.fp] [regress/unittests/sshkey/testdata/rsa_2.fp.bb] [regress/unittests/sshkey/testdata/rsa_2.param.n] [regress/unittests/sshkey/testdata/rsa_2.param.p] [regress/unittests/sshkey/testdata/rsa_2.param.q] [regress/unittests/sshkey/testdata/rsa_2.pub] [regress/unittests/sshkey/testdata/rsa_n] [regress/unittests/sshkey/testdata/rsa_n_pw] unit and fuzz tests for new key API
2014-07-02 - djm@cvs.openbsd.org 2014/06/24 01:13:21Damien Miller
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c [auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c [cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h [digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h [hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c [ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c [ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c [sshconnect2.c sshd.c sshkey.c sshkey.h [openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h] New key API: refactor key-related functions to be more library-like, existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago. NB. This commit also removes portable OpenSSH support for OpenSSL <0.9.8e.
2014-05-22 - (djm) [Makefile.in] typo in pathDamien Miller
2014-05-15 - (djm) [regress/Makefile Makefile.in]Damien Miller
[regress/unittests/sshbuf/test_sshbuf.c [regress/unittests/sshbuf/test_sshbuf_fixed.c] [regress/unittests/sshbuf/test_sshbuf_fuzz.c] [regress/unittests/sshbuf/test_sshbuf_getput_basic.c] [regress/unittests/sshbuf/test_sshbuf_getput_crypto.c] [regress/unittests/sshbuf/test_sshbuf_getput_fuzz.c] [regress/unittests/sshbuf/test_sshbuf_misc.c] [regress/unittests/sshbuf/tests.c] [regress/unittests/test_helper/fuzz.c] [regress/unittests/test_helper/test_helper.c] Hook new unit tests into the build and "make tests"
2014-05-15 - (djm) [Makefile.in configure.ac sshbuf-getput-basic.c]Damien Miller
[sshbuf-getput-crypto.c sshbuf.c] compilation and portability fixes
2014-02-04 - djm@cvs.openbsd.org 2014/01/29 06:18:35Damien Miller
[Makefile.in auth.h auth2-jpake.c auth2.c jpake.c jpake.h monitor.c] [monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h] [schnorr.c schnorr.h servconf.c servconf.h ssh2.h sshconnect2.c] remove experimental, never-enabled JPAKE code; ok markus@
2014-02-04 - markus@cvs.openbsd.org 2014/01/27 20:13:46Damien Miller
[digest.c digest-openssl.c digest-libc.c Makefile.in] rename digest.c to digest-openssl.c and add libc variant; ok djm@
2014-02-04 - markus@cvs.openbsd.org 2014/01/27 18:58:14Damien Miller
[Makefile.in digest.c digest.h hostfile.c kex.h mac.c hmac.c hmac.h] replace openssl HMAC with an implementation based on our ssh_digest_* ok and feedback djm@
2014-01-31 - (tim) [Makefile.in] build regress/setuid-allow.Tim Rice
2014-01-27 - (dtucker) [Makefile.in] Remove trailing backslash which some makeDarren Tucker
implementations (eg older Solaris) do not cope with.
2014-01-24 - (djm) [Makefile.in regress/scp-ssh-wrapper.sh regress/scp.sh] MakeDamien Miller
the scp regress test actually test the built scp rather than the one in $PATH. ok dtucker@
2014-01-17 - (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c]Damien Miller
[sandbox-null.c sandbox-rlimit.c sandbox-seccomp-filter.c] [sandbox-systrace.c ssh-sandbox.h sshd.c] Support preauth sandboxing using the Capsicum API introduced in FreeBSD 10. Patch by Dag-Erling Smorgrav, updated by Loganaden Velvindron @ AfriNIC; ok dtucker@
2014-01-10 - djm@cvs.openbsd.org 2014/01/09 23:20:00Damien Miller
[digest.c digest.h hostfile.c kex.c kex.h kexc25519.c kexc25519c.c] [kexc25519s.c kexdh.c kexecdh.c kexecdhc.c kexecdhs.c kexgex.c kexgexc.c] [kexgexs.c key.c key.h roaming_client.c roaming_common.c schnorr.c] [schnorr.h ssh-dss.c ssh-ecdsa.c ssh-rsa.c sshconnect2.c] Introduce digest API and use it to perform all hashing operations rather than calling OpenSSL EVP_Digest* directly. Will make it easier to build a reduced-feature OpenSSH without OpenSSL in future; feedback, ok markus@
2013-12-08 - (djm) [Makefile.in regress/Makefile regress/agent-ptrace.sh]Damien Miller
[regress/setuid-allowed.c] Check that ssh-agent is not on a no-setuid filesystem before running agent-ptrace.sh; ok dtucker
2013-12-07 - (djm) [Makefile.in] PATHSUBS and keygen bits for Ed25519; fromDamien Miller
Loganaden Velvindron @ AfriNIC in bz#2179
2013-12-07 - [Makefile.in] Add ed25519 sourcesDamien Miller
2013-11-21 - djm@cvs.openbsd.org 2013/11/21 00:45:44Damien Miller
[Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c] [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h] [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1] [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport cipher "chacha20-poly1305@openssh.com" that combines Daniel Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an authenticated encryption mode. Inspired by and similar to Adam Langley's proposal for TLS: http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 but differs in layout used for the MAC calculation and the use of a second ChaCha20 instance to separately encrypt packet lengths. Details are in the PROTOCOL.chacha20poly1305 file. Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC ok markus@ naddy@
2013-11-09 - (dtucker) [Makefile.in configure.ac] Set MALLOC_OPTIONS per platformDarren Tucker
and pass in TEST_ENV. Unknown options cause stderr to get polluted and the stderr-data test to fail.
2013-11-07 - (dtucker) [Makefile.in configure.ac] Remove TEST_SSH_SHA256 environmentDarren Tucker
variable. It's no longer used now that we get the supported MACs from ssh -Q.
2013-11-07 - (djm) [Makefile.in monitor.c] Missed chunks of curve25519 KEX diffDamien Miller
2013-11-04 - markus@cvs.openbsd.org 2013/11/02 21:59:15Damien Miller
[kex.c kex.h myproposal.h ssh-keyscan.c sshconnect2.c sshd.c] use curve25519 for default key exchange (curve25519-sha256@libssh.org); initial patch from Aris Adamantiadis; ok djm@
2013-06-11 - (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupportedDarren Tucker
algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages.
2013-06-06 - (dtucker) [Makefile.in] append $CFLAGS to compiler options when buildingDarren Tucker
modpipe in case there's anything in there we need.
2013-06-0120130602Tim Rice
- (tim) [Makefile.in] Make Solaris, UnixWare, & OpenServer linkers happy linking regress/modpipe.
2013-03-22 - (tim) [Makefile.in] remove some duplication introduced in 20130220 commit.Tim Rice
2013-03-07 - (tim) [Makefile.in] Add another missing $(EXEEXT) I should have seen 3 daysTim Rice
ago.
2013-03-05 - (tim) [Makefile.in] Add missing $(EXEEXT). Found by Roumen Petrov.Tim Rice
2013-03-05 - (dtucker) [Makefile.in] Remove trailing "\" on PATHS, which caused obscureDarren Tucker
build breakage on (at least) HP-UX 11.11. Found by Amit Kulkarni and Kevin Brott.
2013-02-22 - (dtucker) [Makefile.in configure.ac] bz#2072: don't link krb5 libs toDarren Tucker
ssh(1) since they're not needed. Patch from Pierre Ossman.
2013-02-19 - (tim) [krl.c Makefile.in regress/Makefile regress/modpipe.c] remove unneededTim Rice
err.h include from krl.c. Additional portability fixes for modpipe. OK djm
2013-02-12 - djm@cvs.openbsd.org 2013/01/26 06:11:05Damien Miller
[Makefile.in acss.c acss.h cipher-acss.c cipher.c] [openbsd-compat/openssl-compat.h] remove ACSS, now that it is gone from libcrypto too
2013-01-18 - djm@cvs.openbsd.org 2013/01/17 23:00:01Damien Miller
[auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5] [krl.c krl.h PROTOCOL.krl] add support for Key Revocation Lists (KRLs). These are a compact way to represent lists of revoked keys and certificates, taking as little as a single bit of incremental cost to revoke a certificate by serial number. KRLs are loaded via the existing RevokedKeys sshd_config option. feedback and ok markus@
2012-12-17 - (dtucker) [Makefile.in] Add some scaffolding so that the new regressDarren Tucker
tests will work with VPATH directories.
2012-10-05 - [Makefile.in] "Using $< in a non-suffix rule context is a GNUmake idiom"Darren Tucker
2012-10-05 - [Makefile umac.c] Add special-case target to build umac128.o.Darren Tucker
2012-04-04 - (djm) [Makefile.in configure.ac sandbox-seccomp-filter.c] Add sandboxDamien Miller
mode for Linux's new seccomp filter; patch from Will Drewry; feedback and ok dtucker@
2011-08-06 - djm@cvs.openbsd.org 2011/06/23 23:35:42Damien Miller
[monitor.c] ignore EINTR errors from poll()
2011-06-27 - (djm) [configure.ac Makefile.in sandbox-darwin.c] Add a sandbox forDamien Miller
Darwin/OS X using sandbox_init() + setrlimit(); feedback and testing markus@
2011-06-23 - djm@cvs.openbsd.org 2011/06/22 21:57:01Damien Miller
[servconf.c servconf.h sshd.c sshd_config.5 sandbox-rlimit.c] [sandbox-systrace.c sandbox.h configure.ac Makefile.in] introduce sandboxing of the pre-auth privsep child using systrace(4). This introduces a new "UsePrivilegeSeparation=sandbox" option for sshd_config that applies mandatory restrictions on the syscalls the privsep child can perform. This prevents a compromised privsep child from being used to attack other hosts (by opening sockets and proxying) or probing local kernel attack surface. The sandbox is implemented using systrace(4) in unsupervised "fast-path" mode, where a list of permitted syscalls is supplied. Any syscall not on the list results in SIGKILL being sent to the privsep child. Note that this requires a kernel with the new SYSTR_POLICY_KILL option. UsePrivilegeSeparation=sandbox will become the default in the future so please start testing it now. feedback dtucker@; ok markus@
2011-05-05 - (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]Damien Miller
[entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c] [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c] [ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh] [regress/README.regress] Remove ssh-rand-helper and all its tentacles. PRNGd seeding has been rolled into entropy.c directly. Thanks to tim@ for testing on affected platforms.
2011-01-25 - (djm) [configure.ac Makefile.in ssh.c openbsd-compat/port-linux.cDamien Miller
openbsd-compat/port-linux.h] Move SELinux-specific code from ssh.c to port-linux.c to avoid compilation errors. Add -lselinux to ssh when building with SELinux support to avoid linking failure; report from amk AT spamfence.net; ok dtucker
2011-01-17- (dtucker) [LICENCE Makefile.in audit-bsm.c audit-linux.c audit.c audit.hDarren Tucker
configure.ac defines.h loginrec.c] Bug #1402: add linux audit subsystem support, based on patches from Tomas Mraz and jchadima at redhat.
2011-01-16 - (dtucker) [Makefile.in configure.ac regress/kextype.sh] Skip sha256-basedDarren Tucker
on configurations that don't have it.
2011-01-14 - (djm) [Makefile.in] Use shell test to disable ecdsa key generating inDamien Miller
host-key-force target rather than a substitution that is replaced with a comment so that the Makefile.in is still a syntactically valid Makefile (useful to run the distprep target)
2011-01-12 - (tim) [Makefile.in configure.ac opensshd.init.in] Add support for generatingTim Rice
ecdsa keys. ok djm.
2011-01-12 - (tim) [Makefile.in] test the ECC bits if we have the capability. ok djmTim Rice