summaryrefslogtreecommitdiff
path: root/configure.ac
AgeCommit message (Collapse)Author
2013-05-30 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] bz#2087: Add a nullDarren Tucker
implementation of endgrent for platforms that don't have it (eg Android). Loosely based on a patch from Nathan Osman, ok djm
2013-05-16 - (dtucker) [configure.ac readconf.c servconf.cDarren Tucker
openbsd-compat/openbsd-compat.h] Add compat bits for scan_scaled.
2013-05-10 - (dtucker) [configure.ac] Add -Werror to the -Qunused-arguments test soDarren Tucker
we don't get a warning on compilers that *don't* support it. Add -Wno-unknown-warning-option. Move both to the start of the list for maximum noise suppression. Tested with gcc 4.6.3, gcc 2.95.4 and clang 2.9.
2013-05-10 - (dtucker) [configure.ac] Enable -Wsizeof-pointer-memaccess if the compilerDarren Tucker
supports it. Mentioned by Colin Watson in bz#2100, ok djm.
2013-04-23 - (djm) [auth.c configure.ac misc.c monitor.c monitor_wrap.c] SupportDamien Miller
platforms, such as Android, that lack struct passwd.pw_gecos. Report and initial patch from Nathan Osman bz#2086; feedback tim@ ok dtucker@
2013-04-18 - (dtucker) [configure.ac] Use -Qunused-arguments to suppress warnings fromDarren Tucker
unused argument warnings (in particular, -fno-builtin-memset) from clang.
2013-03-22 - (dtucker) [configure.ac] Add stdlib.h to zlib check for exit() prototype.Darren Tucker
2013-03-20 - (djm) [configure.ac log.c scp.c sshconnect2.c openbsd-compat/vis.c]Damien Miller
[openbsd-compat/vis.h] FreeBSD's strnvis isn't compatible with OpenBSD's so mark it as broken. Patch from des AT des.no
2013-03-16 - (tim) [configure.ac] OpenServer 5 wants lastlog even though it has noneTim Rice
of the bits the configure test looks for.
2013-03-15 - (djm) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]Damien Miller
Add a usleep replacement for platforms that lack it; ok dtucker
2013-03-15 - (djm) [configure.ac] Disable utmp, wtmp and/or lastlog if the platformDamien Miller
is unable to successfully compile them. Based on patch from des AT des.no
2013-03-12 - (dtucker) [auth.c configure.ac platform.c platform.h] Accept uid 2 ("bin")Darren Tucker
in addition to root as an owner of system directories on AIX and HP-UX. ok djm@
2013-03-08 - (djm) [configure.ac] Add a timeout to the select/rlimit test to give it aDamien Miller
chance to complete on broken systems; ok dtucker@
2013-03-06 - (dtucker) [configure.ac] test that we can set number of file descriptorsDarren Tucker
to zero with setrlimit before enabling the rlimit sandbox. This affects (at least) HPUX 11.11.
2013-03-05 - (dtucker) [configure.ac] use "=" for shell test and not "==". Spotted byDarren Tucker
Kevin Brott.
2013-02-25 - (dtucker) [configure.ac ssh-gss.h] bz#2073: additional #includes neededDarren Tucker
to use Solaris native GSS libs. Patch from Pierre Ossman.
2013-02-23 - (djm) [configure.ac includes.h loginrec.c mux.c sftp.c] PreferDamien Miller
bsd/libutil.h to libutil.h to avoid deprecation warnings on Ubuntu. ok tim
2013-02-22 - (djm) [configure.ac sandbox-seccomp-filter.c] Support for LinuxDamien Miller
seccomp-bpf sandbox on ARM. Patch from shawnlandden AT gmail.com; ok dtucker
2013-02-22 - (dtucker) [configure.ac] bz#2073: look for Solaris' differently-namedDarren Tucker
libgss too. Patch from Pierre Ossman, ok djm.
2013-02-22 - (dtucker) [Makefile.in configure.ac] bz#2072: don't link krb5 libs toDarren Tucker
ssh(1) since they're not needed. Patch from Pierre Ossman.
2013-02-15 - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoull.cDarren Tucker
openbsd-compat/openbsd-compat.h] Add strtoull to compat library for platforms that don't have it.
2013-02-15 - (dtucker) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]Darren Tucker
Use getpgrp() if we don't have getpgid() (old BSDs, maybe others).
2013-02-11 - (djm) [configure.ac openbsd-compat/openssl-compat.h] Repair build on oldDamien Miller
libcrypto that lacks EVP_CIPHER_CTX_ctrl
2013-02-08 - (dtucker) [configure.ac openbsd-compat/sys-tree.h] Test if compiler allowsDarren Tucker
__attribute__ on return values and work around if necessary. ok djm@
2013-02-07 - (djm) [configure.ac] Don't probe seccomp capability of running kernelDamien Miller
at configure time; the seccomp sandbox will fall back to rlimit at runtime anyway. Patch from plautrba AT redhat.com in bz#2011
2013-01-09 - (djm) [cipher.c configure.ac openbsd-compat/openssl-compat.h]Damien Miller
Fix merge botch, automatically detect AES-GCM in OpenSSL, move a little cipher compat code to openssl-compat.h
2012-12-13 - (djm) [configure.ac cipher-ctr.c] Adapt EVP AES CTR change to retain ourDamien Miller
compat code for older OpenSSL
2012-12-03 - (djm) [configure.ac] Revert previous. configure.ac already does thisDamien Miller
for us.
2012-12-03 - (djm) [configure.ac] Turn on -g for gcc compilers. Helps pre-installationDamien Miller
debugging. ok dtucker@
2012-07-06 - (djm) [configure.ac] Recursively expand $(bindir) to ensure it has noDamien Miller
unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT esperi.org.uk; ok dtucker@
2012-07-04 - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf forDarren Tucker
platforms that don't have it. "looks good" tim@
2012-07-03 - (dtucker) [configure.ac sandbox-rlimit.c] Test whether or notDarren Tucker
setrlimit(RLIMIT_FSIZE, rl_zero) and skip it if it's not supported. Its benefit is minor, so it's not worth disabling the sandbox if it doesn't work.
2012-07-03 - (dtucker) [configure.ac] Detect platforms that can't use select(2) withDarren Tucker
setrlimit(RLIMIT_NOFILE, rl_zero) and disable the rlimit sandbox on those.
2012-05-19 - (dtucker) [configure.ac contrib/Makefile] bz#1996: use AC_PATH_TOOL to findDarren Tucker
pkg-config so it does the right thing when cross-compiling. Patch from cjwatson at debian org.
2012-05-19 - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct. PatchDarren Tucker
from cjwatson at debian org.
2012-05-04 - (dtucker) [configure.ac] Include <sys/param.h> rather than <sys/types.h>Darren Tucker
to fix building on some plaforms. Fom bowman at math utah edu and des at des no.
2012-04-19 - (djm) [configure.ac] Fix compilation error on FreeBSD, whose libutilDamien Miller
contains openpty() but not login()
2012-04-04 - (djm) [Makefile.in configure.ac sandbox-seccomp-filter.c] Add sandboxDamien Miller
mode for Linux's new seccomp filter; patch from Will Drewry; feedback and ok dtucker@
2012-02-24 - (dtucker) [audit-bsm.c configure.ac] bug #1968: enable workarounds for BSMDarren Tucker
audit breakage in Solaris 11. Patch from Magnus Johansson.
2012-01-17 - (dtucker) [configure.ac mac.c openbsd-compat/openssl-compat.h] AddDarren Tucker
null implementation of HMAC_CTX_init for the benefit of old versions of OpenSSL that don't have it.
2011-11-21 - (dtucker) [configure.ac] Set _FORTIFY_SOURCE. ok djm@Darren Tucker
2011-11-04 - (dtucker) [INSTALL LICENCE configure.ac openbsd-compat/Makefile.inDarren Tucker
openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/getrrsetbyname.c] bz 1320: Add optional support for LDNS, a BSD licensed DNS resolver library which supports DNSSEC. Patch from Simon Vallet (svallet at genoscope cns fr) with some rework from myself and djm. ok djm.
2011-10-02remove SELECT_REQUIRED_FDS added erroneously with strnlen. spotted by timDarren Tucker
2011-09-29 - (dtucker) [configure.ac openbsd-compat/Makefile.inDarren Tucker
openbsd-compat/strnlen.c] Add strnlen to the compat library.
2011-09-29 - (djm) [configure.ac defines.h] No need to detect sizeof(char); patchDamien Miller
from des AT des.no
2011-08-17 - (tim) [configure.ac] Typo in error message spotted by Andy TsouladzeTim Rice
2011-08-17 - (djm) [configure.ac] error out if the host lacks the necessary bits forDamien Miller
an explicitly requested sandbox type
2011-06-27 - (djm) [configure.ac Makefile.in sandbox-darwin.c] Add a sandbox forDamien Miller
Darwin/OS X using sandbox_init() + setrlimit(); feedback and testing markus@
2011-06-23 - djm@cvs.openbsd.org 2011/06/22 21:57:01Damien Miller
[servconf.c servconf.h sshd.c sshd_config.5 sandbox-rlimit.c] [sandbox-systrace.c sandbox.h configure.ac Makefile.in] introduce sandboxing of the pre-auth privsep child using systrace(4). This introduces a new "UsePrivilegeSeparation=sandbox" option for sshd_config that applies mandatory restrictions on the syscalls the privsep child can perform. This prevents a compromised privsep child from being used to attack other hosts (by opening sockets and proxying) or probing local kernel attack surface. The sandbox is implemented using systrace(4) in unsupervised "fast-path" mode, where a list of permitted syscalls is supplied. Any syscall not on the list results in SIGKILL being sent to the privsep child. Note that this requires a kernel with the new SYSTR_POLICY_KILL option. UsePrivilegeSeparation=sandbox will become the default in the future so please start testing it now. feedback dtucker@; ok markus@
2011-06-03 - (djm) [configure.ac] enable setproctitle emulation for OS XDamien Miller