Commit Graph

497 Commits

Author SHA1 Message Date
Petr Lautrbach
bffd1c2234 replace RequiredAuthentications2 with AuthenticationMethods according to upstream
the upstream refused original patch with RequiredAuthentications2, but they came with their own implementation of required authentications,
see https://bugzilla.mindrot.org/show_bug.cgi?id=983. The new method is more robust and flexible
it will be included in next openssh-6.2 release
2012-11-30 16:23:29 +01:00
Petr Lautrbach
e75a99b5f3 remove unused patches 2012-11-27 15:01:12 +01:00
Petr Lautrbach
251c8dbdae fix warnings in ssh-add and sshd_config man pages 2012-11-12 13:58:36 +01:00
Petr Lautrbach
20d541d728 fix the required authentications patch (#872608) 2012-11-08 15:24:56 +01:00
Petr Lautrbach
ab30b92bd6 fix the man moduli page (#841065) 2012-11-06 09:59:17 +01:00
bach
dfa0cd5146 avoid xfree(NULL) in ssh_selinux_copy_context() (#789502) 2012-11-05 16:18:52 +01:00
bach
f7f8b483b0 adapt openssh-6.1p1-akc.patch to the upstream version - https://bugzilla.mindrot.org/show_bug.cgi?id=1663 2012-11-05 14:43:22 +01:00
Petr Lautrbach
52c8eca4d9 fix gssapi canohost patch (#863350) 2012-10-30 11:06:45 +01:00
Petr Lautrbach
af2ebf77dc 6.1p1-2 + 0.9.3-3 2012-10-26 17:15:55 +02:00
Petr Lautrbach
afd52c4857 drop openssh-5.9p1-sftp-chroot.patch (#830237) 2012-10-26 17:04:25 +02:00
Petr Lautrbach
470ebd7abc add SELinux comment to /etc/ssh/sshd_config about SELinux command to modify port (#861400) 2012-10-26 16:34:55 +02:00
Petr Lautrbach
13cf2478d6 smartcard support is replaced with PKCS#11 support already in 5.4p1 https://bugzilla.mindrot.org/show_bug.cgi?id=1371 2012-10-26 15:42:59 +02:00
Petr Lautrbach
1a5c95ee57 drop required chkconfig (#865498) 2012-10-12 13:03:26 +02:00
Petr Lautrbach
e7c6eb2640 remove openssh-6.0p1-noacss.tar.bz2 from sources 2012-09-15 14:31:24 +02:00
Petr Lautrbach
0512a0153c upload openssh-6.1p1-noacss.tar.bz2 to cache 2012-09-15 14:30:18 +02:00
Petr Lautrbach
d0630aa358 6.1p1-1 + 0.9.3-3 2012-09-15 13:48:14 +02:00
Petr Lautrbach
fd408ed2a5 to run tests use --with check 2012-09-15 13:48:13 +02:00
Petr Lautrbach
e58e548a57 don't use /bin and /sbin paths (#856590) 2012-09-15 13:48:13 +02:00
Petr Lautrbach
581bf30d07 don't use chroot_user_t for chrooted users (#830237) 2012-09-15 13:47:45 +02:00
Petr Lautrbach
9fe1afc163 rebase to openssh-6.1p1 (#852651) 2012-09-15 13:29:49 +02:00
Petr Lautrbach
51ca3be245 use DIR: kerberos cache type (#848228) 2012-09-15 13:28:23 +02:00
Petr Lautrbach
94943d59db replace scriptlets with systemd macros (#850249) 2012-09-15 13:28:01 +02:00
Petr Lautrbach
65ba94ef1a rebase to openssh-6.0p1
6.0p1-1 + 0.9.3-2
2012-08-06 21:33:33 +02:00
Petr Lautrbach
90e11f338c 5.9p1-26 + 0.9.3-1 2012-08-06 19:42:13 +02:00
Petr Lautrbach
5382ccbe9b handle crypt() returning NULL (#815993) 2012-08-06 09:08:52 +02:00
Petr Lautrbach
0c438f5bc5 openssh-5.9p1-privsep-selinux.patch - change SELinux context also for
root user (#827109)
2012-08-06 08:58:30 +02:00
Petr Lautrbach
b648890ead 5.9p1-25 + 0.9.3-1 2012-07-27 14:35:43 +02:00
Petr Lautrbach
420ff03c91 removed dead code and fixed segfault in openssh-5.9p1-required-authentications.patch 2012-07-27 14:35:20 +02:00
Tomas Mraz
e9620308c8 allow sha256 and sha512 hmacs in the FIPS mode 2012-07-17 21:03:59 +02:00
Tomas Mraz
4f4687ce80 fix segfault in su when pam_ssh_agent_auth is used and the ssh-agent
is not running, most probably not exploitable
update pam_ssh_agent_auth to 0.9.3 upstream version
2012-06-22 14:52:35 +02:00
Petr Lautrbach
c4fd069940 Revert "Fix permissions of sshd private keys created by sshd-keygen script (#754779)" (#819896)
This reverts commit 81da99ed9b.
2012-05-09 12:52:01 +02:00
Petr Lautrbach
2649d91e06 5.9p1-22 + 0.9.2-32 2012-04-06 21:01:27 +02:00
Petr Lautrbach
009f534b09 don't install sshd-keygen.service (#810419) 2012-04-06 21:01:06 +02:00
Petr Lautrbach
2539b1c4f2 don't create RSA1 key in FIPS mode 2012-04-06 21:00:20 +02:00
Petr Lautrbach
7294a991a2 5.9p1-21 + 0.9.2-32 2012-03-30 20:07:50 +02:00
Petr Lautrbach
5bad1d43cf fix various issues in openssh-5.9p1-required-authentications.patch 2012-03-30 19:29:02 +02:00
Petr Lautrbach
22f0191d84 5.9p1-20 + 0.9.2-32 2012-03-23 09:16:52 +01:00
Petr Lautrbach
1027fdc205 don't enable sshd-keygen.service (#805338) 2012-03-23 09:16:10 +01:00
Petr Lautrbach
52f99b131a fix dependencies in systemd units (#805338) 2012-03-23 09:05:33 +01:00
Petr Lautrbach
33e0acc5ef 5.9p1-19 + 0.9.2-32 2012-02-22 09:03:07 +01:00
Petr Lautrbach
c3bb4552cf adjust openssh-5.9p1-privsep-selinux.patch also for internal sftp subsystem 2012-02-17 11:35:49 +01:00
Petr Lautrbach
feb99ea644 Look for x11 forward sockets with AI_ADDRCONFIG flag getaddrinfo (#735889) 2012-02-14 18:11:26 +01:00
Petr Lautrbach
d3ab95741d 5.9p1-18 + 0.9.2-32 2012-02-06 22:16:49 +01:00
Petr Lautrbach
d9e6186c71 replace TwoFactorAuth with RequiredAuthentications[12]
https://bugzilla.mindrot.org/show_bug.cgi?id=983
2012-02-06 22:16:38 +01:00
Petr Lautrbach
21699d5622 5.9p1-17 + 0.9.2-32 2012-01-31 14:09:17 +01:00
Petr Lautrbach
cd5891d0d5 run privsep slave process as the users SELinux context (#781634) 2012-01-31 14:09:00 +01:00
Tomas Mraz
017c65d99b add CAVS test driver for the aes-ctr ciphers 2012-01-13 18:28:47 +01:00
Tomas Mraz
6148abd585 enable aes-ctr ciphers use the EVP engines from OpenSSL such as the AES-NI 2012-01-11 19:11:33 +01:00
Petr Lautrbach
2e12878998 5.9p1-14 + 0.9.2-32 2011-12-06 17:42:00 +01:00
Petr Lautrbach
5bd5aa2976 warn about unsupported option UsePAM=no (#757545) 2011-12-06 17:41:06 +01:00