jonathan/openssh
1
0
Fork 0
forked from rpms/openssh
Code Pull Requests Activity
1,155 Commits 9 Branches 48 Tags 7.1 MiB
45028601a3
Commit Graph

843 Commits

Author SHA1 Message Date
Jakub Jelen
126d278fec 8.4p1-3 + 0.10.4-1 2020-11-19 15:08:05 +01:00
Jakub Jelen
6a07699454 Compatibility with Debian's openssh-7.4p1 (#1881301) 
This only version does incorrectly reports server_sig_algorithms
extension and in Fedora 33 with disabled SHA1, clients are unable
to connect to Debian servers
 2020-11-19 15:08:05 +01:00
Jakub Jelen
bbe3c2e156 Fix missing syscall in sandbox on arm (#1897712) 2020-11-19 15:08:02 +01:00
Jakub Jelen
a048fcc3d0 8.4p1-2 + 0.10.4-1 2020-10-06 10:01:41 +02:00
Jakub Jelen
dc5e3131ec Unbreak ssh-copy-id (#1884231) 2020-10-06 10:01:23 +02:00
Jakub Jelen
7b064ea363 Add missing changelog 2020-09-29 16:10:09 +02:00
Jakub Jelen
bd35168662 8.4p1-1 + 0.10.4-1 2020-09-29 14:53:14 +02:00
Jakub Jelen
3783a5da43 Rebase pam_ssh_agent_auth to 0.10.4 2020-09-29 14:53:14 +02:00
Jakub Jelen
7e9d046986 Remove support for building rescue CD 
This is not used for close to 20 years and is broken at least from Fedora 31
 2020-09-07 09:37:58 +02:00
Jakub Jelen
10cdecf4f1 8.3p1-4 + 0.10.3-10 2020-08-28 20:14:42 +02:00
Jakub Jelen
44157573e5 Remove openssh-ldap subpackage 2020-08-21 09:40:42 +02:00
Jakub Jelen
68460c09bb Use make macros 
Based on https://src.fedoraproject.org/rpms/openssh/pull-request/11

https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
 2020-07-31 15:33:21 +02:00
Jakub Jelen
dfeecfb1e8 Drop loading of anaconda configuration from sysconfig including scriptlet to migrate to include drop-in directory 2020-07-31 15:26:55 +02:00
Fedora Release Engineering
fccd87eb18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-07-28 12:48:46 +00:00
Jakub Jelen
996e25f2f9 8.3p1-3 + 0.10.3-10 2020-06-10 14:36:49 +02:00
Jakub Jelen
868439f73a Stop loading crypto policy for command line in service files 2020-06-10 14:35:23 +02:00
Jakub Jelen
8b7ddfb28b Move included configuration files in order to allow applications to include their defaults 
See more discussin in

https://src.fedoraproject.org/rpms/openssh/pull-request/9#

https://github.com/coreos/fedora-coreos-docs/pull/80#discussion_r434961161
 2020-06-08 21:52:42 +02:00
Jakub Jelen
3bd5ced9ee 8.3p1-2 + 0.10.3-10 2020-06-01 13:51:43 +02:00
Jakub Jelen
5cd9552fc4 8.3p1-1 + 0.10.3-10 2020-05-27 09:57:29 +02:00
Jakub Jelen
efd1b7e5c8 Unbreak corner cases of sshd_config include 2020-05-27 09:53:38 +02:00
Jakub Jelen
4e3553bf2a openssh-8.2p1-3 + 0.10.3-9 2020-04-08 10:27:07 +02:00
Jakub Jelen
eb546ec1a7 Drop fipscheck dependency and non-standard fips checks 2020-03-30 16:38:36 +02:00
Jakub Jelen
02af5cfa17 Do not break X11 forwarding without IPv6 2020-03-30 16:38:36 +02:00
Jakub Jelen
b2417553a2 openssh-8.2p1-2 + 0.10.3-9 2020-02-20 10:34:01 +01:00
Jakub Jelen
82f9421fb4 Build properly with integrated u2f support (#1803948) 2020-02-20 10:32:48 +01:00
Jakub Jelen
51f5c1c99f openssh-8.2p1-1 + 0.10.3-9 2020-02-17 14:34:41 +01:00
Jakub Jelen
a2cffc6e9b openssh-8.1p1-4 + 0.10.3-8 2020-02-03 00:51:53 +01:00
Fedora Release Engineering
657d132847 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-01-29 20:24:49 +00:00
Jakub Jelen
62361a761c openssh-8.1p1-3 + 0.10.3-8 2019-11-27 11:16:26 +01:00
Jakub Jelen
c28decf412 Unbreak the seccomp filter also on ARM (#1777054) 2019-11-27 11:15:00 +01:00
Jakub Jelen
d26b44fe7f openssh-8.1p1-2 + 0.10.3-8 2019-11-14 09:24:36 +01:00
Jakub Jelen
6a2fce44b5 Unbreak seccomp filter with latest glibc (#1771946) 2019-11-14 09:18:41 +01:00
Jakub Jelen
36fef5669a openssh-8.1p1-1 + 0.10.3-8 2019-10-09 10:24:21 +02:00
Fedora Release Engineering
0ca1614ae2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2019-07-25 23:35:32 +00:00
Jakub Jelen
73b069e926 openssh-8.0p1-8 + 0.10.3-7 2019-07-23 09:50:20 +02:00
Jakub Jelen
30922f629c openssh-8.0p1-7 + 0.10.3-7 2019-07-12 23:23:09 +02:00
Jakub Jelen
e9bd9a2128 openssh-8.0p1-6 + 0.10.3-7 2019-07-03 16:52:53 +02:00
Jakub Jelen
36a44721c5 openssh-8.0p1-5 + 0.10.3-7 2019-06-26 14:06:48 +02:00
Jakub Jelen
58ee5c17a8 Drop INSTALL file from docs as recommended by rpmlint checks 2019-06-26 14:06:48 +02:00
Jakub Jelen
eda4c070da Drop unused unversioned Obsoletes and Provides, which are 5 or 10 years old now 2019-06-26 14:06:48 +02:00
Jakub Jelen
4bd6cfb874 Disable root password logins (#1722928) 2019-06-26 14:06:37 +02:00
Jakub Jelen
dad744a32b openssh-8.0p1-4 + 0.10.3-7 2019-06-17 12:49:59 +02:00
Jakub Jelen
50e2b60d3f Provide correct signature type for SHA2 certificates in agent 2019-06-17 12:40:12 +02:00
Jakub Jelen
56fdfa2a52 Use the new OpenSSL API to export PEM files to avoid dependency on MD5 2019-05-30 11:29:43 +02:00
Jakub Jelen
7f1ad371a4 openssh-8.0p1-3 + 0.10.3-7 2019-05-27 10:23:08 +02:00
Jakub Jelen
7a14283cba Drop the problematic patch for updating pw structure after authentication 2019-05-23 15:34:17 +02:00
Jakub Jelen
53c9085316 openssh-8.0p1-2 + 0.10.3-7 2019-05-14 13:45:08 +02:00
Jakub Jelen
f726e51d86 Use OpenSSL KDF 
Resolves: rhbz#1631761
 2019-05-14 13:35:14 +02:00
Jakub Jelen
751cd9acc7 Use OpenSSL high-level API to produce and verify signatures 
Resolves: rhbz#1707485
 2019-05-14 13:32:04 +02:00
Jakub Jelen
6caa973459 Mention crypto-policies in the manual pages instead of the hardcoded defaults 
Resolves: rhbz#1668325
 2019-05-13 14:22:21 +02:00
Jakub Jelen
4feb6a973f Verify SCP vulnerabilities are fixed in the package testsuite 2019-05-10 14:34:35 +02:00
Jakub Jelen
b33caef080 Drop unused patch 2019-05-07 13:45:34 +02:00
Jakub Jelen
def1debf2e openssh-8.0p1-1 + 0.10.3-7 
Resolves rhbz#1701072
 2019-04-29 14:12:13 +02:00
Jakub Jelen
f51d092120 Remove unused parts of spec file 2019-03-27 13:20:32 +01:00
Jakub Jelen
91aa3d4921 openssh-7.9p1-5 + 0.10.3.6 2019-03-12 15:16:35 +01:00
Jakub Jelen
1341391c78 Update cached passwd structure after PAM authentication 2019-03-11 17:17:49 +01:00
Jakub Jelen
7295e97cd1 openssh-7.9p1-4 + 0.10.3.6 2019-02-06 17:19:52 +01:00
Jakub Jelen
d711f557f7 Log when a client requests an interactive session and only sftp is allowed 2019-02-06 17:18:30 +01:00
Jakub Jelen
e8524ac3f4 ssh-copy-id: Minor issues found by shellcheck 2019-02-06 17:18:30 +01:00
Jakub Jelen
8622e384ef ssh-copy-id: Do not fail in case remote system is out of space 2019-02-06 17:18:30 +01:00
Fedora Release Engineering
4e5f61c2a0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2019-02-01 17:32:05 +00:00
Igor Gnatenko
7c726e0a13 Remove obsolete Group tag 
References: https://fedoraproject.org/wiki/Changes/Remove_Group_Tag
 2019-01-28 20:24:24 +01:00
Björn Esser
018ac8d1d9
Rebuilt for libcrypt.so.2 (#1666033) 2019-01-14 19:11:16 +01:00
Jakub Jelen
311908c042 openssh-7.9p1-3 + 0.10.3-6 2019-01-14 15:39:08 +01:00
Jakub Jelen
40d2a04909 CVE-2018-20685 (#1665786) 2019-01-14 11:05:35 +01:00
Jakub Jelen
322896958a Backport several fixes from 7_9 branch (#1665611) 2019-01-14 11:05:35 +01:00
Jakub Jelen
d6cc5f4740 Backport Match final so the crypto-policies do not break canonicalization (#1630166) 2018-11-26 10:16:35 +01:00
Jakub Jelen
a4c0a26cd4 openssh-7.9p1-2 + 0.10.3-6 2018-11-14 09:57:17 +01:00
Jakub Jelen
57e280d1f4 Allow to disable RSA signatures with SHA-1 2018-11-14 09:54:54 +01:00
Jakub Jelen
9f2c8b948c openssh-7.9p1-1 + 0.10.3-6 2018-10-19 11:46:02 +02:00
Jakub Jelen
6666c19414 Do not break gssapi-kex authentication method 2018-10-19 11:41:34 +02:00
Jakub Jelen
eaa7af2e41 rebase patches to openssh-7.9p1 2018-10-19 11:41:07 +02:00
Jakub Jelen
6c9d993869 Follow the system-wide PATH settings 
https://fedoraproject.org/wiki/Features/SbinSanity
 2018-10-03 11:00:12 +02:00
Jakub Jelen
97ee52c0a3 openssh-7.8p1-3 + 0.10.3-5 2018-09-24 15:25:57 +02:00
Jakub Jelen
8ebb9915a3 Cleanup specfile comments 2018-09-24 15:25:40 +02:00
Jakub Jelen
84d3ff9306 Do not let OpenSSH control our hardening flags 2018-09-21 17:22:35 +02:00
Jakub Jelen
8b9448c5ba openssh-7.8p1-2 + 0.10.3-5 2018-08-31 13:32:02 +02:00
Jakub Jelen
9409715f65 Unbreak scp between two IPv6 hosts (#1620333) 2018-08-31 13:26:44 +02:00
Jakub Jelen
afaf23f6c3 Drop unused patch 2018-08-28 10:51:37 +02:00
Jakub Jelen
bbf61daf97 openssh-7.8p1-1 + 0.10.3-5 
New upstream release including:
 * Dropping entropy patch
 * Remove default support for MD5 fingerprints
 * Porting all the downstream patches and pam_ssh_agent_auth
   to new sshbuf and sshkey API
 * pam_ssh_agent_auth is no longer using MD5 fingerprints
 2018-08-24 23:16:24 +02:00
Jakub Jelen
01ba761e18 7.7p1-6 + 0.10.3-4 2018-08-09 14:14:18 +02:00
Jakub Jelen
44e2032a0a fips: Show real list of kex algoritms in FIPS 2018-08-08 10:18:27 +02:00
Fedora Release Engineering
600d4011b5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-07-13 15:11:56 +00:00
Jakub Jelen
e1d855438b 7.7p1-5 + 0.10.3-4 2018-07-03 11:27:15 +02:00
Jakub Jelen
6c68d655b2 Disable manual reading of MOTD by default 2018-07-03 11:26:01 +02:00
Jakub Jelen
62f1736470 7.7p1-4 + 0.10.3-4 2018-06-27 14:09:27 +02:00
Jakub Jelen
1176788778 Improve kerberos credential cache handling (#1566494) 2018-06-27 13:40:48 +02:00
Jakub Jelen
04ca5e7b0b 7.7p1-3 + 0.10.3-4 2018-04-16 11:15:43 +02:00
Jakub Jelen
48cef7a0b8 Opening tun devices fails + other regressions in OpenSSH v7.7 fixed upstream 2018-04-16 11:15:37 +02:00
Jakub Jelen
836590e795 7.7p1-2 + 0.10.3-4 2018-04-12 10:35:14 +02:00
Jakub Jelen
b0815ca514 7.7p1-1 + 0.10.3-4 2018-04-04 16:59:45 +02:00
Jakub Jelen
273086d13a Need a p11-kit to allow default pkcs11 proxy 2018-04-04 16:59:45 +02:00
Jakub Jelen
7e9748a2b5 PKCS#11: Support ECDSA keys and PKCS#11 URIs 
Based on the patches in upstream bugzilla:
ECDSA:
  https://bugzilla.mindrot.org/show_bug.cgi?id=2474
PKCS#11 URI:
  https://bugzilla.mindrot.org/show_bug.cgi?id=2817
 2018-04-04 16:56:59 +02:00
Jakub Jelen
3cd4899257 Rebase to latest OpenSSH 7.7p1 (#1563223) 2018-04-04 16:50:43 +02:00
Jakub Jelen
cbb6ca5123 openssh-7.6p1-7 + 0.10.3-3 2018-03-06 14:37:01 +01:00
Jakub Jelen
bd5b563008 Require crypto policies 2018-03-06 13:53:02 +01:00
Jakub Jelen
c2a9e41702 Recommend crypto policies also for a server 2018-02-19 12:10:48 +01:00
Jakub Jelen
07c951f665 Require gcc 
https://fedoraproject.org/wiki/Changes/Remove_GCC_from_BuildRoot
 2018-02-19 12:10:48 +01:00
Igor Gnatenko
a6b5c2c42d
Remove %clean section 
None of currently supported distributions need that.
Last one was EL5 which is EOL for a while.

Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2018-02-14 08:27:35 +01:00
Igor Gnatenko
5f6f10859d Remove BuildRoot definition 
None of currently supported distributions need that.
It was needed last for EL5 which is EOL now

Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2018-02-13 23:58:21 +01:00