rpms/openssh
7
0
Fork 1
Code Issues Pull Requests Releases Activity
1,219 Commits 9 Branches 54 Tags 10 MiB
c10s
Commit Graph

1219 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dmitry Belyavskiy
01503ba517 Remove redundant patches 
Related: RHEL-42635
 2024-08-29 21:18:20 +02:00
Dmitry Belyavskiy
262bb33bcb "publickey-hostbound@openssh.com" extension makes no sense with GSS 
Related: RHEL-42635
 2024-08-29 21:18:20 +02:00
Zoltan Fridrich
5c31606342 Merge patches from gsskex regressions 
Related: RHEL-42635

Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 2024-08-28 13:10:19 +02:00
Zoltan Fridrich
fc550bd771 Add missing gsskeyex authentication method 
Related: RHEL-42635

Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 2024-08-28 10:49:04 +02:00
Dmitry Belyavskiy
78bb33ab57 Restore GSS connectivity when no hostkeys are present 
Related: RHEL-42635
 2024-08-27 13:57:46 +02:00
Dmitry Belyavskiy
303ff5b834 Remove obsoleted patches 
Related: RHEL-42635
 2024-08-16 13:23:18 +02:00
Dmitry Belyavskiy
dd7a5a9d22 Address SAST scan issues 
Resolves: RHEL-36766
 2024-08-16 12:26:57 +02:00
Miluse Bezo Konecna
acc18112a5 remove tests directory 2024-08-06 14:09:01 +02:00
Dmitry Belyavskiy
ba81972425 Reenabling self-test on rpm build 
Related: RHEL-42635
 2024-08-05 16:36:20 +02:00
Dmitry Belyavskiy
ce2e80c1d0 sshd doesn't propose to enter password again when a non-existing user is specified 
Resolves: RHEL-11981
 2024-08-05 13:03:20 +02:00
Miluse Bezo Konecna
a26f247c4f Fix gating.yaml 2024-07-31 10:22:02 +02:00
Miluse Bezo Konecna
3d59a15439 gating CI - fix in plans 2024-07-31 08:08:00 +00:00
Dmitry Belyavskiy
f1bd13208d Use FIPS-compatible API for key derivation RHEL-10 
Resolves: RHEL-43592
 2024-07-26 16:15:19 +02:00
Dmitry Belyavskiy
1c01acf847 Change ssh-keygen defaults in FIPS mode 
Resolves: RHEL-37324
 2024-07-26 13:18:20 +02:00
Dmitry Belyavskiy
7a357709f5 Temporary disabling self-test 
Related: RHEL-42635
 2024-07-25 19:43:02 +02:00
Dmitry Belyavskiy
089d798931 Rebase OpenSSH to 9.8p1 
Resolves: RHEL-42635
 2024-07-25 15:30:04 +02:00
Miluse Bezo Konecna
9195080dcb add gating for RHEL-10 2024-07-19 16:21:47 +02:00
Zoltan Fridrich
2231e36337 Remove pam_ssh_agent_auth subpackage 
Resolves: RHEL-45002

Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 2024-07-12 10:28:59 +02:00
Zoltan Fridrich
0f2df32d18 Build OpenSSH without ENGINE API 
Resolves: RHEL-45507

Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 2024-07-12 10:28:08 +02:00
Troy Dawson
8f0ad5fe82 Bump release for June 2024 mass rebuild 2024-06-24 09:06:11 -07:00
Zoltan Fridrich
d23ed33031 Make default key sizes configurable in sshd-keygen 
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 2024-05-10 10:22:49 +02:00
Zoltan Fridrich
2e80dd6896 Correctly audit hostname and IP address 
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 2024-05-09 17:06:11 +02:00
Fedora Release Engineering
2f41ca7cd3 Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-25 11:29:57 +00:00
Fedora Release Engineering
d089d5f71b Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-21 11:22:01 +00:00
Dmitry Belyavskiy
f238307bdf Applying patches to rebase to OpenSSH 9.6p1 
Based on Damien Milnes' PR
https://src.fedoraproject.org/rpms/openssh/pull-request/63

Also rebasing openssh-8.0p1-pkcs11-uri.patch to 9.6 by Dmitry Belyavskiy
 2024-01-12 16:04:03 +01:00
Florian Weimer
87ae5d1d5a Fix type errors in downstream gssapi-keyex patch 
Related to:

  <https://fedoraproject.org/wiki/Changes/PortingToModernC>
  <https://fedoraproject.org/wiki/Toolchain/PortingToModernC>
 2023-12-22 17:01:38 +01:00
Mattias Ellert
5c1da775a9 Fix issue with read-only ssh buffer during gssapi key exchange 
(rhbz#1938224)
https://github.com/openssh-gsskex/openssh-gsskex/pull/19
 2023-10-16 22:26:16 +02:00
Mattias Ellert
4f07bfcfe1 Fix FTBFS due to implicit declarations (rhbz#2241211) 2023-10-15 06:42:32 +02:00
Dmitry Belyavskiy
d3cd3f2851 migrated to SPDX license 2023-09-19 12:19:43 +02:00
Timothée Ravier
f98acbdc5d Revert "Remove sshd.socket unit" 
This reverts commit 8a294387d0.

This change has been pushed to Fedora 40 and is pending discussion /
voting from FESCo.

See: https://pagure.io/fesco/issue/3062
See: https://fedoraproject.org/wiki/Changes/Drop_Sshd_Socket
 2023-09-15 10:22:41 +02:00
Jakub Jelen
d77b1b790a pkcs11: Add support for 'serial' in PKCS#11 URI 
The patch was updated by the upstream MR
https://github.com/openssh/openssh-portable/pull/406
by npocs@redhat.com
 2023-08-11 15:04:18 +02:00
Dmitry Belyavskiy
c7af8ecb76 Minor optimization of ssh_krb5_kuserok 
Resolves: rhbz#2112501
 2023-08-03 11:06:10 +02:00
Dmitry Belyavskiy
8a294387d0 Remove sshd.socket unit 
Resolves: rhbz#2025716
 2023-08-03 10:38:48 +02:00
Dmitry Belyavskiy
f4f5944e31 Disable forking of ssh-agent on startup 
Resoves: rhbz#2148555
 2023-08-03 10:32:24 +02:00
Dmitry Belyavskiy
ec2f61e2cf Split including crypto-policies to a separate config 
Resolves: rhbz#1970566
 2023-08-03 10:25:50 +02:00
Dmitry Belyavskiy
147ab2eb19 relax checks of the OpenSSL version 2023-08-01 14:19:16 +02:00
Dmitry Belyavskiy
eb1b5e6755 relax checks of the OpenSSL version 2023-08-01 14:18:18 +02:00
Mattias Ellert
c04e468b07 Update gssapi-keyex patch for OpenSSH 9.0+ 
userauth_gsskeyex must have the same argument as userauth_gssapi
method_gsskeyex must have the same members as method_gssapi
 2023-07-26 23:28:39 +02:00
Dmitry Belyavskiy
c3494feffe Fix remote code execution in ssh-agent PKCS#11 support 
Resolves: CVE-2023-38408
 2023-07-21 17:00:23 +02:00
Fedora Release Engineering
9fd130d8eb Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2023-07-20 18:12:08 +00:00
Norbert Pocs
8f5b8fd2c5 Revert "pkcs11: Add support for 'serial' in PKCS#11 URI" 
This reverts commit e39f11e77c.

The patch has some problems (the pkcs11 downstream test is failing)
and needs more investigation
 2023-06-13 14:38:59 +02:00
Norbert Pocs
c5082a3f81 Merge gssapi-keyex and gssapi-auth 
Signed-off-by: Norbert Pocs <npocs@redhat.com>
 2023-06-08 13:58:01 +02:00
Norbert Pocs
2b67ec48c2 Merge manpage crypto-policies related patches 
Signed-off-by: Norbert Pocs <npocs@redhat.com>
 2023-06-08 13:57:42 +02:00
Norbert Pocs
fb40f0afda Merge evp related patches 
Signed-off-by: Norbert Pocs <npocs@redhat.com>
 2023-06-08 13:57:23 +02:00
Norbert Pocs
141d7b2d4a Remove deprecated usage of %patchN 
Signed-off-by: Norbert Pocs <npocs@redhat.com>
 2023-06-08 13:56:15 +02:00
Dmitry Belyavskiy
d5fd076ab3 Updating specfile 2023-06-07 12:15:31 +02:00
Dmitry Belyavskiy
18e9f31c42 Fix DSS verification problem 
Resolves: rhbz#2212937
 2023-06-07 12:12:46 +02:00
Dmitry Belyavskiy
29083ac442 Remove unused patch 2023-06-02 18:56:58 +02:00
Dmitry Belyavskiy
f561c68bdb Rebasing OpenSSH from 9.0 to 9.3 2023-06-02 15:38:27 +02:00
Norbert Pocs
b129d6336e Clarify HostKeyAlgorithms option on man page 
Clarify HostkeyAlgorithms and crypto-policies relation on the ssh_config
man page

Signed-off-by: Norbert Pocs <npocs@redhat.com>
 2023-05-29 13:58:15 +02:00