rpms/openssh
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
912 Commits 32 Branches 239 Tags 9.6 MiB
0ed404cb1d
Commit Graph

912 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jakub Jelen
0ed404cb1d removal of systemd-units and conforming to packaging guidelines 
Per announcement on fedora-devel:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/LLG4T53FW2BGVZLGLKNYTKPD5SQNBZ2Y/
 2018-02-01 15:24:31 +01:00
Jakub Jelen
9245e75858 Do not audit partial auth failures 2018-02-01 15:24:31 +01:00
Jakub Jelen
6f29c0796b Do not audit passsword authentication, if handled by PAM 
and avoid auditing none auth method (not acually a method)
 2018-02-01 15:24:31 +01:00
Jakub Jelen
5e917665b9 USER_AUTH: Remove bogus rport, add required grantors 2018-02-01 15:24:31 +01:00
Jakub Jelen
c7c6705319 Do not audit final success (#1534577) 2018-02-01 15:24:31 +01:00
Jakub Jelen
9106571cc0 Use correct audit event for pubkey auth 2018-02-01 15:24:31 +01:00
Jakub Jelen
5be5d99670 Add missing header to make it build (related to #1534577) 2018-02-01 15:24:31 +01:00
Jakub Jelen
88f23cb6fe Audit correctly the res= after upstream refactoring 2018-02-01 15:24:31 +01:00
Jakub Jelen
7f5b70b83b Avoid undefined TRUE/FALSE in ldap patch to build in rawhide 2018-02-01 15:24:31 +01:00
Jakub Jelen
6e99f2d387 Do not attempt to pass hostnames to audit (inconsistency) (#1534577) 2018-02-01 15:24:31 +01:00
Jakub Jelen
6b6760fc06 Drop unused function from audit 2018-02-01 15:24:31 +01:00
Jakub Jelen
17cd512319 Whitelist gettid() syscall for systemd (cleanup procedure?) 2017-12-12 14:19:35 +01:00
Jakub Jelen
1f2a7f3926 openssh-7.6p1-3 + 0.10.3-3 2017-12-11 11:54:38 +01:00
Jakub Jelen
fde6b96b35 Avoid gcc warnings about uninitialized variables 2017-12-11 11:53:10 +01:00
Jakub Jelen
217da75d53 Do not segfault for repetitive cipher_free() from audit (#1524233) 2017-12-11 11:53:03 +01:00
Jakub Jelen
eef660e534 7.6p1-2 + 0.10.3-3 2017-11-22 08:57:03 +01:00
Jakub Jelen
e3f4c1243d Do not build all the binaries against libldap 2017-11-15 10:17:46 +01:00
Jakub Jelen
2087929a90 Do not segfault for ECC keys in PKCS#11 2017-11-15 10:17:46 +01:00
Jakub Jelen
a464c88ee6 forgotten sources 2017-11-07 16:49:23 +01:00
Jakub Jelen
8fc2fee4e4 7.6p1-1 + 0.10.3-3 2017-11-07 14:58:44 +01:00
Jakub Jelen
cdc735a59b Make sure we audit properly from the new code 2017-11-07 14:58:44 +01:00
Jakub Jelen
e0e7ed914b Address issues of another PR#48 review 2017-11-07 14:58:44 +01:00
Jakub Jelen
c08aa4b8b1 Fix after-release bug in PermitOpen (posted on ML) 2017-11-07 14:58:44 +01:00
Jakub Jelen
5b55d0951d rebase patches to openssh-7.6p1 and make it build 2017-11-07 14:58:44 +01:00
Jakub Jelen
9e46aafab9 openssh-7.5p1-6 + 0.10.3-2 2017-10-19 16:09:53 +02:00
Jakub Jelen
ed0b5e5a9f Remove pam_reauthorize, not needed by cockpit anymore (#1492313) 2017-10-19 16:09:53 +02:00
Jakub Jelen
e044c5cf76 Enforce pam_sepermit for all logins (#1492313) 2017-10-19 16:09:53 +02:00
Jakub Jelen
72514f7644 Add newer gssapi kex methods, but leave them disabled out of the box yet 2017-10-19 16:09:53 +02:00
Jakub Jelen
8bcc21ed64 Add enablement for openssl-ibmca and openssl-ibmpkcs11 (#1477636) 2017-10-19 16:09:53 +02:00
Jakub Jelen
8c9e97e65a Do not export KRBCCNAME if the default path is used (#1199363) 2017-10-19 16:09:53 +02:00
Mike Gahagan
ce1afcf244 initial commit of tests from upstreamfirst project 2017-09-29 12:58:09 -04:00
Jakub Jelen
ef66c0c677 openssh-7.5p1-5 + 0.10.3-2 2017-08-14 09:45:09 +02:00
Jakub Jelen
0ce6c7b710 Another approach for crypto policies (#1479271) 2017-08-14 09:42:02 +02:00
Jakub Jelen
970a418151 Do not talk about SSHv1 in Summary 2017-08-09 16:10:33 +02:00
Jakub Jelen
6a05936971 Revert "server crypto policy" 
This reverts commit 1d8ffcfe05.
 2017-08-09 14:58:13 +02:00
Jakub Jelen
fffad0579c openssh-7.5p1-4 + 0.10.3-2 2017-08-02 15:46:58 +02:00
Jakub Jelen
722f82b9ab Remove openssh-clients-ssh1 subpackage (#1474942) 2017-08-02 15:46:58 +02:00
Jakub Jelen
1d8ffcfe05 Preprocess the configuration files to include crypto policies. 
* The services are using ExecPre to start sshd-pre script
 * The sshd-pre script substitutes token in standard configuration file and writes a new on in /run
 * The services are using a file in /run as a sshd_config
 2017-08-02 15:46:57 +02:00
Fedora Release Engineering
be108c2c82 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild 2017-07-27 01:53:26 +00:00
Petr Písař
64a3610c1f perl dependency renamed to perl-interpreter <https://fedoraproject.org/wiki/Changes/perl_Package_to_Install_Core_Modules> 2017-07-12 14:20:53 +02:00
Jakub Jelen
2ea24bb006 openssh-7.5p1-2 + 0.10.3-2 2017-06-30 12:44:10 +02:00
Jakub Jelen
9dbec70c9c Sync FIPS patch with RHEL 2017-06-30 12:18:02 +02:00
Jakub Jelen
cdc7ba7293 get rid of unconditional goto in RSA1 code 
Reported by <vyekkira@illinois.edu>
 2017-06-19 18:24:05 +02:00
Jakub Jelen
f07a0866e1 Avoid double-free in the openssl-1.1.0 patch 2017-06-15 13:41:24 +02:00
Jakub Jelen
eb751fd1d3 In FIPS mode do not append bogus comma after the kex list 2017-04-26 14:26:50 +02:00
Jakub Jelen
204765aba1 openssh-7.5p1-2 + 0.10.3-2 2017-03-23 14:48:09 +01:00
Jakub Jelen
c2f63ba00b Revert the chroot magic 2017-03-23 14:47:27 +01:00
Jakub Jelen
93868f39a9 Remove RestartPreventExitStatus which can break on slow networks 2017-03-22 18:00:29 +01:00
Jakub Jelen
fb74d1ec96 Add missing header on s390 (#1434341) 2017-03-22 14:35:55 +01:00
Jakub Jelen
09320cf61a Fix typo in sandbox code, that got out after release 
http://lists.mindrot.org/pipermail/openssh-unix-dev/2017-March/035879.html
 2017-03-21 10:12:44 +01:00