summaryrefslogtreecommitdiff
path: root/openbsd-compat
AgeCommit message (Collapse)Author
2018-08-24Don't check the status field of the OpenSSL versionKurt Roeckx
There is no reason to check the version of OpenSSL (in Debian). If it's not compatible the soname will change. OpenSSH seems to want to do a check for the soname based on the version number, but wants to keep the status of the release the same. Remove that check on the status since it doesn't tell you anything about how compatible that version is. Author: Colin Watson <cjwatson@debian.org> Bug-Debian: https://bugs.debian.org/93581 Bug-Debian: https://bugs.debian.org/664383 Bug-Debian: https://bugs.debian.org/732940 Forwarded: not-needed Last-Update: 2014-10-07 Patch-Name: no-openssl-version-status.patch
2018-08-24Force use of DNSSEC even if "options edns0" isn't in resolv.confColin Watson
This allows SSHFP DNS records to be verified if glibc 2.11 is installed. Origin: vendor, https://cvs.fedoraproject.org/viewvc/F-12/openssh/openssh-5.2p1-edns.patch?revision=1.1&view=markup Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572049 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572049 Last-Update: 2010-04-06 Patch-Name: dnssec-sshfp.patch
2018-08-24Handle SELinux authorisation rolesManoj Srivastava
Rejected upstream due to discomfort with magic usernames; a better approach will need an SSH protocol change. In the meantime, this came from Debian's SELinux maintainer, so we'll keep it until we have something better. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641 Bug-Debian: http://bugs.debian.org/394795 Last-Update: 2018-08-24 Patch-Name: selinux-role.patch
2018-08-21 modified: openbsd-compat/port-uw.cTim Rice
remove obsolete and un-needed include
2018-08-13cygwin: add missing stdarg.h includeCorinna Vinschen
Further header file standarization in Cygwin uncovered a lazy indirect include in bsd-cygwin_util.c Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
2018-08-11Some AIX fixes; report from Michael FeltDamien Miller
2018-07-27correct snprintf truncation check in closefrom()Damien Miller
Truncation cannot happen unless the system has set PATH_MAX to some nonsensically low value. bz#2862, patch from Daniel Le
2018-07-14Undef a few new macros in sys-queue.h.Darren Tucker
Prevents macro redefinition warnings on OSX.
2018-07-12upstream: remove legacy key emulation layer; ok djm@markus@openbsd.org
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
2018-07-11Include stdlib.h for declaration of free.Darren Tucker
Fixes build with -Werror on at least Fedora and probably others.
2018-07-10Adapt portable to legacy buffer API removalDamien Miller
2018-07-06Defer setting bufsiz in getdelim.Darren Tucker
Do not write to bufsiz until we are sure the malloc has succeeded, in case any callers rely on it (which they shouldn't). ok djm@
2018-07-02Add implementation of getline.Darren Tucker
Add getline for the benefit of platforms that don't have it. Sourced from NetBSD (OpenBSD's implementation is a little too chummy with the internals of FILE).
2018-05-14sync fmt_scaled.cDamien Miller
revision 1.17 date: 2018/05/14 04:39:04; author: djm; state: Exp; lines: +5 -2; commitid: 53zY8GjViUBnWo8Z; constrain fractional part to [0-9] (less confusing to static analysis); ok ian@
2018-04-29Use includes.h instead of config.h.Darren Tucker
This ensures it picks up the definition of DEF_WEAK, the lack of which can cause compile errors in some cases (eg modern AIX). From michael at felt.demon.nl.
2018-04-13Fix tunnel forwarding broken in 7.7p1Damien Miller
bz2855, ok dtucker@
2018-04-13prefer to use getrandom() for PRNG seedingDamien Miller
Only applies when built --without-openssl. Thanks Jann Horn for reminder.
2018-04-10Many typo fixes from Karsten WeissDamien Miller
Spotted using https://github.com/lucasdemarchi/codespell
2018-03-30Disable native strndup and strnlen on AIX.Darren Tucker
On at least some revisions of AIX, strndup returns unterminated strings under some conditions, apparently because strnlen returns incorrect values in those cases. Disable both on AIX and use the replacements from openbsd-compat. Fixes problem with ECDSA keys there, ok djm.
2018-03-26Include ssh_api.h for struct ssh.Darren Tucker
struct ssh is needed by implementations of sys_auth_passwd() that were converted in commit bba02a50. Needed to fix build on AIX, I assume for the other platforms too (although it should be harmless if not needed).
2018-03-26Remove UNICOS code missed during removal.Darren Tucker
Fixes compile error on AIX.
2018-03-25 modified: auth-sia.cTim Rice
modified: openbsd-compat/port-aix.c modified: openbsd-compat/port-uw.c propogate changes to auth-passwd.c in commit 7c856857607112a3dfe6414696bf4c7ab7fb0cb3 to other providers of sys_auth_passwd()
2018-03-05Check for and work around buggy fflush(NULL).Darren Tucker
Some really old platforms (eg SunOS4) segfault on fflush(NULL) so check for and work around. With klausz at haus-gisela.de.
2018-03-03Add strndup for platforms that need it.Darren Tucker
Some platforms don't have strndup, which includes Solaris 10, NetBSD 3 and FreeBSD 6.
2018-03-03Flatten and alphabetize object file lists.Darren Tucker
This will make maintenance and changes easier. "no objection" tim@
2018-02-27Check if HAVE_DECL_BZERO correctly.Darren Tucker
2018-02-26typo: missing ;Darren Tucker
2018-02-26Hook up flock() compat code.Darren Tucker
Also a couple of minor changes: fail if we can't lock instead of silently succeeding, and apply a couple of minor style fixes.
2018-02-26Import flock() compat from NetBSD.Darren Tucker
From NetBSD's src/trunk/tools/compat/flock.c, no OpenSSH changes yet.
2018-02-26avoid inclusion of deprecated selinux/flask.hDamien Miller
Use string_to_security_class() instead.
2018-02-26Invert sense of getpgrp test.Darren Tucker
AC_FUNC_GETPGRP tests if getpgrp(0) works, which it does if it's not declared. Instead, test if the zero-arg version we want to use works.
2018-02-26Add no-op getsid implmentation.Darren Tucker
2018-02-26bsd-statvfs: include sys/vfs.h, check for f_flags.Darren Tucker
2018-02-26Handle calloc(0,x) where different from malloc.Darren Tucker
Configure assumes that if malloc(0) returns null then calloc(0,n) also does. On some old platforms (SunOS4) malloc behaves as expected (as determined by AC_FUNC_MALLOC) but calloc doesn't. Test for this at configure time and activate the replacement function if found, plus handle this case in rpl_calloc.
2018-02-26Add prototype for readv if needed.Darren Tucker
2018-02-26Check for raise and supply if needed.Darren Tucker
2018-02-26Check for bzero and supply if needed.Darren Tucker
Since explicit_bzero uses it via an indirect it needs to be a function not just a macro.
2018-02-16freezero should check for NULL.Darren Tucker
2018-02-15Remove remaining now-obsolete cvs $Ids.Darren Tucker
2018-02-15Remove UNICOS support.Darren Tucker
The code required to support it is quite invasive to the mainline code that is synced with upstream and is an ongoing maintenance burden. Both the hardware and software are literal museum pieces these days and we could not find anyone still running OpenSSH on one.
2018-02-11Move signal compat code into bsd-signal.{c,h}Darren Tucker
2017-11-24Include string.h for explicit_bzero.Darren Tucker
2017-10-31Include includes.h for HAVE_GETPAGESIZE.Darren Tucker
The configure script checks for getpagesize() and sets HAVE_GETPAGESIZE in config.h, but bsd-getpagesize.c forgot to include includes.h (which indirectly includes config.h) so the checks always fails, causing linker issues when linking statically on systems with getpagesize(). Patch from Peter Korsgaard <peter at korsgaard.com>
2017-10-27fix rdomain compilation errorsDamien Miller
2017-10-25basic valid_rdomain() implementation for LinuxDamien Miller
2017-10-25implement get/set_rdomain() for LinuxDamien Miller
Not enabled, pending implementation of valid_rdomain() and autoconf glue
2017-10-25stubs for rdomain replacement functionsDamien Miller
2017-10-25rename port-tun.[ch] => port-net.[ch]Damien Miller
Ahead of adding rdomain support
2017-10-23upstream commitdjm@openbsd.org
Expose devices allocated for tun/tap forwarding. At the client, the device may be obtained from a new %T expansion for LocalCommand. At the server, the allocated devices will be listed in a SSH_TUNNEL variable exposed to the environment of any user sessions started after the tunnel forwarding was established. ok markus Upstream-ID: e61e53f8ae80566e9ddc0d67a5df5bdf2f3c9f9e
2017-09-27Check for and handle calloc(p, 0) = NULL.Darren Tucker
On some platforms (AIX, maybe others) allocating zero bytes of memory via the various *alloc functions returns NULL, which is permitted by the standards. Autoconf has some macros for detecting this (with the exception of calloc for some reason) so use these and if necessary activate shims for them. ok djm@