summaryrefslogtreecommitdiff
path: root/debian
AgeCommit message (Collapse)Author
2017-01-03Work around clock_gettime kernel bug on Linux x32 (closes: #849923).Colin Watson
2017-01-03Create mux socket for regression tests in a temporary directory.Colin Watson
2017-01-02releasing package openssh version 1:7.4p1-4Colin Watson
2017-01-02merge patched into masterColin Watson
2017-01-01Make integrity tests more robust against timeouts in the case where the ↵Colin Watson
first test in a series for a given MAC happens to modify the low bytes of a packet length.
2017-01-01Run regression tests inside annotate-output to try to diagnose timeout issues.Colin Watson
2016-12-31releasing package openssh version 1:7.4p1-3Colin Watson
2016-12-31Tweak regression test setup to cope with the case where some of the source ↵Colin Watson
directory is unreadable by the openssh-tests user.
2016-12-31Dump some useful log files if regression tests fail.Colin Watson
2016-12-31Run regression tests using 'sh -x' to try to get more information about ↵Colin Watson
failures.
2016-12-31Revert attempted hack around regress/forwarding.sh test failure, since it ↵Colin Watson
doesn't seem to help.
2016-12-29releasing package openssh version 1:7.4p1-2Colin Watson
2016-12-28Avoid calling into Kerberos libraries from ssh_gssapi_server_mechanisms in ↵Colin Watson
the privsep monitor.
2016-12-28Attempt to hack around regress/forwarding.sh test failure in some environments.Colin Watson
2016-12-27releasing package openssh version 1:7.4p1-1Colin Watson
2016-12-27When running regression tests under autopkgtest, use a non-root user with ↵Colin Watson
passwordless sudo.
2016-12-26Make debian/tests/regress executable.Colin Watson
2016-12-26Stop openssh-server.config exiting non-zero on fresh installations.Colin Watson
2016-12-26Build gnome-ssh-askpass with GTK+ 3 (LP: #801187).Colin Watson
2016-12-26Remove redundant "GSSAPIDelegateCredentials no" from ssh_config (already the ↵Colin Watson
upstream default), and document that setting ServerAliveInterval to 300 by default if BatchMode is set is Debian-specific (closes: #765630).
2016-12-26Start handling /etc/ssh/sshd_config using ucf.Colin Watson
* Start handling /etc/ssh/sshd_config using ucf. The immediate motivation for this is to deal with deprecations of options related to protocol 1, but something like this has been needed for a long time (closes: #419574, #848089): - sshd_config is now a slightly-patched version of upstream's, and only contains non-default settings (closes: #147201). - I've included as many historical md5sums of default versions of sshd_config as I could reconstruct from version control, but I'm sure I've missed some. - Explicitly synchronise the debconf database with the current configuration file state in openssh-server.config, to ensure that the PermitRootLogin setting is properly preserved. - UsePrivilegeSeparation now defaults to the stronger "sandbox" rather than "yes", per upstream.
2016-12-24Move PermitRootLogin handling into create_sshdconfig.Colin Watson
2016-12-23Remove some advice related to protocol 1 from README.Debian.Colin Watson
2016-12-23Remove entries related to protocol 1 from the default sshd_config generated ↵Colin Watson
on new installations.
2016-12-23New upstream release (7.4p1).Colin Watson
2016-12-05wrap-and-sort debian/tests/control tooColin Watson
2016-12-05Apply "wrap-and-sort -atf debian/control".Colin Watson
2016-12-03releasing package openssh version 1:7.3p1-5Colin Watson
2016-12-03debian/tests/control: Add dependency on openssl, required by the PuTTY ↵Colin Watson
interoperability tests.
2016-12-02releasing package openssh version 1:7.3p1-4Colin Watson
2016-11-19Fix and enable PuTTY interoperability tests under autopkgtest.Colin Watson
2016-11-19Build all upstream regression test binaries using the new "regress-binaries" ↵Colin Watson
target.
2016-11-11Remove the non-upstream .gitignore file and add the relevant entries to ↵Colin Watson
debian/.gitignore, in order to make the source tree more dgit-compatible.
2016-11-11Move build directories under debian/.Colin Watson
2016-11-11Adjust Build-Depends further to avoid considering libssl-dev >= 1.1.0~ as ↵Colin Watson
sufficient.
2016-11-05releasing package openssh version 1:7.3p1-3Colin Watson
2016-11-05Policy version 3.9.8: no changes required.Colin Watson
2016-11-05Add a missing License line to debian/copyright.Colin Watson
2016-11-05Avoid building with OpenSSL 1.1 for now (see #828475).Colin Watson
2016-10-24releasing package openssh version 1:7.3p1-2Colin Watson
2016-10-24CVE-2016-8858: Unregister the KEXINIT handler after message has been ↵Colin Watson
received (closes: #841884).
2016-08-14Rewrite debian/copyright using copyright-format 1.0.Colin Watson
2016-08-07releasing package openssh version 1:7.3p1-1Colin Watson
2016-08-07New upstream release (7.3p1).Colin Watson
2016-07-29releasing package openssh version 1:7.2p2-8Colin Watson
2016-07-29debian/openssh-server.if-up: Don't block on a finished reload of openssh.serviceMartin Pitt
This avoids deadlocking with restarting networking. LP: #1584393
2016-07-29Add systemd user unit for graphical sessions that use systemdMartin Pitt
Override the corresponding upstart job in that case.
2016-07-29Add debian/agent-launch: Helper script for conditionally starting the SSH ↵Martin Pitt
agent in the user session Use it in ssh-agent.user-session.upstart. This will also be used in a corresponding systemd user unit. This replaces the backgrounded "ssh-agent -s" with a foreground task which works more nicely with modern init systems for logging/debugging and starting/stopping. Also use a fixed socket file name in $XDG_RUNTIME_DIR -- under both upstart and systemd we can assume this, and it allows restarting the service in a running session.
2016-07-29Stop enabling ssh-session-cleanup.service by default; instead, ship it as an ↵Colin Watson
example and add a section to README.Debian. libpam-systemd >= 230 and "UsePAM yes" should take care of the original problem for most systemd users (thanks, Michael Biebl; closes: #832155).
2016-07-23releasing package openssh version 1:7.2p2-7Colin Watson