rpms/openssh
7
0
Fork 1
Code Issues Pull Requests Releases Activity
1,215 Commits 9 Branches 61 Tags 11 MiB
78bb33ab57
Commit Graph

1215 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dmitry Belyavskiy
78bb33ab57 Restore GSS connectivity when no hostkeys are present 
Related: RHEL-42635
 2024-08-27 13:57:46 +02:00
Dmitry Belyavskiy
303ff5b834 Remove obsoleted patches 
Related: RHEL-42635
 2024-08-16 13:23:18 +02:00
Dmitry Belyavskiy
dd7a5a9d22 Address SAST scan issues 
Resolves: RHEL-36766
 2024-08-16 12:26:57 +02:00
Miluse Bezo Konecna
acc18112a5 remove tests directory 2024-08-06 14:09:01 +02:00
Dmitry Belyavskiy
ba81972425 Reenabling self-test on rpm build 
Related: RHEL-42635
 2024-08-05 16:36:20 +02:00
Dmitry Belyavskiy
ce2e80c1d0 sshd doesn't propose to enter password again when a non-existing user is specified 
Resolves: RHEL-11981
 2024-08-05 13:03:20 +02:00
Miluse Bezo Konecna
a26f247c4f Fix gating.yaml 2024-07-31 10:22:02 +02:00
Miluse Bezo Konecna
3d59a15439 gating CI - fix in plans 2024-07-31 08:08:00 +00:00
Dmitry Belyavskiy
f1bd13208d Use FIPS-compatible API for key derivation RHEL-10 
Resolves: RHEL-43592
 2024-07-26 16:15:19 +02:00
Dmitry Belyavskiy
1c01acf847 Change ssh-keygen defaults in FIPS mode 
Resolves: RHEL-37324
 2024-07-26 13:18:20 +02:00
Dmitry Belyavskiy
7a357709f5 Temporary disabling self-test 
Related: RHEL-42635
 2024-07-25 19:43:02 +02:00
Dmitry Belyavskiy
089d798931 Rebase OpenSSH to 9.8p1 
Resolves: RHEL-42635
 2024-07-25 15:30:04 +02:00
Miluse Bezo Konecna
9195080dcb add gating for RHEL-10 2024-07-19 16:21:47 +02:00
Zoltan Fridrich
2231e36337 Remove pam_ssh_agent_auth subpackage 
Resolves: RHEL-45002

Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 2024-07-12 10:28:59 +02:00
Zoltan Fridrich
0f2df32d18 Build OpenSSH without ENGINE API 
Resolves: RHEL-45507

Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 2024-07-12 10:28:08 +02:00
Troy Dawson
8f0ad5fe82 Bump release for June 2024 mass rebuild 2024-06-24 09:06:11 -07:00
Zoltan Fridrich
d23ed33031 Make default key sizes configurable in sshd-keygen 
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 2024-05-10 10:22:49 +02:00
Zoltan Fridrich
2e80dd6896 Correctly audit hostname and IP address 
Signed-off-by: Zoltan Fridrich <zfridric@redhat.com>
 2024-05-09 17:06:11 +02:00
Fedora Release Engineering
2f41ca7cd3 Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-25 11:29:57 +00:00
Fedora Release Engineering
d089d5f71b Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild 2024-01-21 11:22:01 +00:00
Dmitry Belyavskiy
f238307bdf Applying patches to rebase to OpenSSH 9.6p1 
Based on Damien Milnes' PR
https://src.fedoraproject.org/rpms/openssh/pull-request/63

Also rebasing openssh-8.0p1-pkcs11-uri.patch to 9.6 by Dmitry Belyavskiy
 2024-01-12 16:04:03 +01:00
Florian Weimer
87ae5d1d5a Fix type errors in downstream gssapi-keyex patch 
Related to:

  <https://fedoraproject.org/wiki/Changes/PortingToModernC>
  <https://fedoraproject.org/wiki/Toolchain/PortingToModernC>
 2023-12-22 17:01:38 +01:00
Mattias Ellert
5c1da775a9 Fix issue with read-only ssh buffer during gssapi key exchange 
(rhbz#1938224)
https://github.com/openssh-gsskex/openssh-gsskex/pull/19
 2023-10-16 22:26:16 +02:00
Mattias Ellert
4f07bfcfe1 Fix FTBFS due to implicit declarations (rhbz#2241211) 2023-10-15 06:42:32 +02:00
Dmitry Belyavskiy
d3cd3f2851 migrated to SPDX license 2023-09-19 12:19:43 +02:00
Timothée Ravier
f98acbdc5d Revert "Remove sshd.socket unit" 
This reverts commit 8a294387d0.

This change has been pushed to Fedora 40 and is pending discussion /
voting from FESCo.

See: https://pagure.io/fesco/issue/3062
See: https://fedoraproject.org/wiki/Changes/Drop_Sshd_Socket
 2023-09-15 10:22:41 +02:00
Jakub Jelen
d77b1b790a pkcs11: Add support for 'serial' in PKCS#11 URI 
The patch was updated by the upstream MR
https://github.com/openssh/openssh-portable/pull/406
by npocs@redhat.com
 2023-08-11 15:04:18 +02:00
Dmitry Belyavskiy
c7af8ecb76 Minor optimization of ssh_krb5_kuserok 
Resolves: rhbz#2112501
 2023-08-03 11:06:10 +02:00
Dmitry Belyavskiy
8a294387d0 Remove sshd.socket unit 
Resolves: rhbz#2025716
 2023-08-03 10:38:48 +02:00
Dmitry Belyavskiy
f4f5944e31 Disable forking of ssh-agent on startup 
Resoves: rhbz#2148555
 2023-08-03 10:32:24 +02:00
Dmitry Belyavskiy
ec2f61e2cf Split including crypto-policies to a separate config 
Resolves: rhbz#1970566
 2023-08-03 10:25:50 +02:00
Dmitry Belyavskiy
147ab2eb19 relax checks of the OpenSSL version 2023-08-01 14:19:16 +02:00
Dmitry Belyavskiy
eb1b5e6755 relax checks of the OpenSSL version 2023-08-01 14:18:18 +02:00
Mattias Ellert
c04e468b07 Update gssapi-keyex patch for OpenSSH 9.0+ 
userauth_gsskeyex must have the same argument as userauth_gssapi
method_gsskeyex must have the same members as method_gssapi
 2023-07-26 23:28:39 +02:00
Dmitry Belyavskiy
c3494feffe Fix remote code execution in ssh-agent PKCS#11 support 
Resolves: CVE-2023-38408
 2023-07-21 17:00:23 +02:00
Fedora Release Engineering
9fd130d8eb Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2023-07-20 18:12:08 +00:00
Norbert Pocs
8f5b8fd2c5 Revert "pkcs11: Add support for 'serial' in PKCS#11 URI" 
This reverts commit e39f11e77c.

The patch has some problems (the pkcs11 downstream test is failing)
and needs more investigation
 2023-06-13 14:38:59 +02:00
Norbert Pocs
c5082a3f81 Merge gssapi-keyex and gssapi-auth 
Signed-off-by: Norbert Pocs <npocs@redhat.com>
 2023-06-08 13:58:01 +02:00
Norbert Pocs
2b67ec48c2 Merge manpage crypto-policies related patches 
Signed-off-by: Norbert Pocs <npocs@redhat.com>
 2023-06-08 13:57:42 +02:00
Norbert Pocs
fb40f0afda Merge evp related patches 
Signed-off-by: Norbert Pocs <npocs@redhat.com>
 2023-06-08 13:57:23 +02:00
Norbert Pocs
141d7b2d4a Remove deprecated usage of %patchN 
Signed-off-by: Norbert Pocs <npocs@redhat.com>
 2023-06-08 13:56:15 +02:00
Dmitry Belyavskiy
d5fd076ab3 Updating specfile 2023-06-07 12:15:31 +02:00
Dmitry Belyavskiy
18e9f31c42 Fix DSS verification problem 
Resolves: rhbz#2212937
 2023-06-07 12:12:46 +02:00
Dmitry Belyavskiy
29083ac442 Remove unused patch 2023-06-02 18:56:58 +02:00
Dmitry Belyavskiy
f561c68bdb Rebasing OpenSSH from 9.0 to 9.3 2023-06-02 15:38:27 +02:00
Norbert Pocs
b129d6336e Clarify HostKeyAlgorithms option on man page 
Clarify HostkeyAlgorithms and crypto-policies relation on the ssh_config
man page

Signed-off-by: Norbert Pocs <npocs@redhat.com>
 2023-05-29 13:58:15 +02:00
Jakub Jelen
e39f11e77c pkcs11: Add support for 'serial' in PKCS#11 URI 2023-05-25 09:29:24 +02:00
Norbert Pocs
e8e01dc82e Fix regression in pkcs11 introduced in the previous patch 
Signed-off-by: Norbert Pocs <npocs@redhat.com>
 2023-05-25 09:27:33 +02:00
Norbert Pocs
2341f1769d Fix minor issues with openssh-9.0p1-evp-fips-dh.patch 
- Check return values
- Use EVP API to get the size of DH

Signed-off-by: Norbert Pocs <npocs@redhat.com>
 2023-05-25 09:27:33 +02:00
Dmitry Belyavskiy
6f7c765ed4 Audit logging patch was not applied 
Resolves: rhbz#2177471
 2023-04-14 10:38:37 +02:00