rpms
/
openssh
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
875 Commits 32 Branches 239 Tags 9.6 MiB
Commit Graph

875 Commits

Author SHA1 Message Date
Jakub Jelen 1d8ffcfe05 Preprocess the configuration files to include crypto policies. 
* The services are using ExecPre to start sshd-pre script
 * The sshd-pre script substitutes token in standard configuration file and writes a new on in /run
 * The services are using a file in /run as a sshd_config
 2017-08-02 15:46:57 +02:00
Fedora Release Engineering be108c2c82 - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild 2017-07-27 01:53:26 +00:00
Petr Písař 64a3610c1f perl dependency renamed to perl-interpreter <https://fedoraproject.org/wiki/Changes/perl_Package_to_Install_Core_Modules> 2017-07-12 14:20:53 +02:00
Jakub Jelen 2ea24bb006 openssh-7.5p1-2 + 0.10.3-2 2017-06-30 12:44:10 +02:00
Jakub Jelen 9dbec70c9c Sync FIPS patch with RHEL 2017-06-30 12:18:02 +02:00
Jakub Jelen cdc7ba7293 get rid of unconditional goto in RSA1 code 
Reported by <vyekkira@illinois.edu>
 2017-06-19 18:24:05 +02:00
Jakub Jelen f07a0866e1 Avoid double-free in the openssl-1.1.0 patch 2017-06-15 13:41:24 +02:00
Jakub Jelen eb751fd1d3 In FIPS mode do not append bogus comma after the kex list 2017-04-26 14:26:50 +02:00
Jakub Jelen 204765aba1 openssh-7.5p1-2 + 0.10.3-2 2017-03-23 14:48:09 +01:00
Jakub Jelen c2f63ba00b Revert the chroot magic 2017-03-23 14:47:27 +01:00
Jakub Jelen 93868f39a9 Remove RestartPreventExitStatus which can break on slow networks 2017-03-22 18:00:29 +01:00
Jakub Jelen fb74d1ec96 Add missing header on s390 (#1434341) 2017-03-22 14:35:55 +01:00
Jakub Jelen 09320cf61a Fix typo in sandbox code, that got out after release 
http://lists.mindrot.org/pipermail/openssh-unix-dev/2017-March/035879.html
 2017-03-21 10:12:44 +01:00
Jakub Jelen 17b491b307 openssh-7.5p1-1 + 0.10.3-2 2017-03-20 16:00:16 +01:00
Jakub Jelen fd58b9eabb Add new DH kex into the FIPS-allowed list 2017-03-08 14:37:07 +01:00
Jakub Jelen 7b666e5764 openssh-7.4p1-4 + 0.10.3-1 2017-03-03 15:53:31 +01:00
Jakub Jelen a9ad706d82 Coverity reports applied 2017-03-03 15:51:52 +01:00
Jakub Jelen f499c489fd Do not leave service in auto-restarting mode in case of configuration failure 2017-03-01 18:35:56 +01:00
Jakub Jelen b83281f89d Avoid sending SD_NOTIFY from wrong processes (#1427526) 2017-02-28 15:13:24 +01:00
Jakub Jelen ab7f9474c7 openssh-7.4p1-3 + 0.10.3-1 2017-02-22 14:56:00 +01:00
Jakub Jelen 3448f25d85 Typo 2017-02-22 14:56:00 +01:00
Jakub Jelen b92d3c8ae0 Reference upstream bug 2017-02-22 14:56:00 +01:00
Jakub Jelen 4e7cdec7ef Add systemd stuff to keep track of service 2017-02-22 14:56:00 +01:00
Jakub Jelen 140ef5a0f5 Properly report errors from included files (#1408558) 2017-02-22 14:56:00 +01:00
Jakub Jelen a97eeb671c ppc architecture is gone for years 2017-02-22 14:56:00 +01:00
Jakub Jelen 4cf8f1aa09 Cleaner linking ldap-helper (circular dependencies) 2017-02-22 14:56:00 +01:00
Jakub Jelen 465b6e6b82 Check seteuid return values in all cases 2017-02-22 14:56:00 +01:00
Jakub Jelen bdb932c46a new pam_ssh_agent_auth-0.10.3 release 2017-02-22 14:55:59 +01:00
Jakub Jelen 26cec0607f openssh-7.4p1-2 + 0.10.2-5 2017-02-06 09:47:28 +01:00
Jakub Jelen 640dfa350e Set environment variable to avoid race condition with systemd (#1415218) 2017-02-06 09:41:32 +01:00
Jakub Jelen 4a6ef41937 Do not overwrite N and E for RSA-certs in ssh-agent (#1416584) 2017-02-03 11:06:19 +01:00
Jakub Jelen 28ff3aa1c5 Correct path to crypto policies 2017-01-06 13:00:16 +01:00
Jakub Jelen b19926d292 openssh-7.4p1-1 + 0.10.2-5 2017-01-03 14:31:29 +01:00
Jakub Jelen 58f79a27c3 Whitelist /usr/lib64/ for PKCS#11 modules 2017-01-03 14:31:29 +01:00
Jakub Jelen 6cf9b8e61b rebase to openssh-7.4p1-1 
* Drop unaccepted (unapplying) coverity patches
 * Drop server support for SSH1 (server)
 * Workaround #2641 for systemd
 * UseLogin is gone
 * Drop upstream commit 28652bca
 * Tighten seccomp filter (cache credentials before entering sandbox) (#1395288)
 2017-01-03 14:31:20 +01:00
Jakub Jelen 4189cebf7a Cache supported OIDS for GSSAPI kex (#1395288) 2017-01-03 14:31:20 +01:00
Jakub Jelen dd8e5419eb Fix use-after-free error (#1409433) 2017-01-03 14:30:50 +01:00
Jakub Jelen 38869a3406 Prevent hangs with long MOTD (filling buffers and blocking) 2016-12-20 17:31:03 +01:00
Jakub Jelen d8c2e8dc88 openssh-7.3p1-7 + 0.10.2-4 2016-12-08 14:13:32 +01:00
Jakub Jelen 162941961a Move MAX_DISPLAYS to a configuration option 2016-12-08 14:13:32 +01:00
Jakub Jelen 4ce5741703 Properly deserialize received RSA certificates in ssh-agent (#1402029) 2016-12-08 13:50:08 +01:00
Jakub Jelen 7bccf7e6e0 openssh-7.3p1-6 + 0.10.2-4 2016-11-16 11:07:41 +01:00
Jakub Jelen ef1da17783 GSSAPI requires futex syscall in privsep child (#1395288) 2016-11-16 08:48:33 +01:00
Jakub Jelen ccf623128a Fix changelog 2016-11-07 09:33:43 +01:00
Jakub Jelen 2a8bce34e4 openssh-7.3p1-5 + 0.10.2-4 2016-10-27 18:26:25 +02:00
Jakub Jelen aacf0d429a OpenSSL 1.1.0 compat 2016-10-27 17:19:17 +02:00
Jakub Jelen ecc9f8d02b When doing chroot 
* we should not drop any capabilities for root
 * we should not clear bounding capabilities for other users
 * we should probably retain the supplement groups
 2016-10-21 14:50:42 +02:00
Jakub Jelen c9d9fe9b0f Recommend crypto-policies for a client package 2016-10-11 10:29:50 +02:00
Jakub Jelen d924bc6892 openssh-7.3p1-4 + 0.10.2-4 2016-09-29 14:14:19 +02:00
Jakub Jelen 639ae2c73c Include client Crypto Policy (#1225752) 2016-09-29 14:14:19 +02:00