rpms/openssh
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
935 Commits 32 Branches 239 Tags 9.6 MiB
aad4430f17
Commit Graph

935 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jakub Jelen
aad4430f17 Print PKCS#11 URI also for ECDSA keys 2018-04-04 16:57:59 +02:00
Jakub Jelen
7e9748a2b5 PKCS#11: Support ECDSA keys and PKCS#11 URIs 
Based on the patches in upstream bugzilla:
ECDSA:
  https://bugzilla.mindrot.org/show_bug.cgi?id=2474
PKCS#11 URI:
  https://bugzilla.mindrot.org/show_bug.cgi?id=2817
 2018-04-04 16:56:59 +02:00
Jakub Jelen
3cd4899257 Rebase to latest OpenSSH 7.7p1 (#1563223) 2018-04-04 16:50:43 +02:00
Jakub Jelen
1ce235ac38 tests/pam_ssh_agent_auth: Add a new sanity test 2018-03-12 16:48:08 +01:00
Jakub Jelen
6b2140deea tests/port-forwarding: Do not expect the nc will succeed 2018-03-12 15:54:35 +01:00
Jakub Jelen
b4cbb0fe23 tests/port-forwarding: Do not require rhts makefile 2018-03-12 15:54:35 +01:00
Jakub Jelen
830acce379 revert part of the nss removal from LDAP 2018-03-06 15:15:03 +01:00
Jakub Jelen
cbb6ca5123 openssh-7.6p1-7 + 0.10.3-3 2018-03-06 14:37:01 +01:00
Jakub Jelen
c8f1381d11 Remove bogus nss linking 2018-03-06 14:37:01 +01:00
Jakub Jelen
92b8e55bea Crypto policies changed path 2018-03-06 13:53:17 +01:00
Jakub Jelen
bd5b563008 Require crypto policies 2018-03-06 13:53:02 +01:00
Jakub Jelen
c2a9e41702 Recommend crypto policies also for a server 2018-02-19 12:10:48 +01:00
Jakub Jelen
07c951f665 Require gcc 
https://fedoraproject.org/wiki/Changes/Remove_GCC_from_BuildRoot
 2018-02-19 12:10:48 +01:00
Igor Gnatenko
a6b5c2c42d
Remove %clean section 
None of currently supported distributions need that.
Last one was EL5 which is EOL for a while.

Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2018-02-14 08:27:35 +01:00
Igor Gnatenko
5f6f10859d Remove BuildRoot definition 
None of currently supported distributions need that.
It was needed last for EL5 which is EOL now

Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
 2018-02-13 23:58:21 +01:00
Fedora Release Engineering
13efdb1d7f - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-02-08 17:49:28 +00:00
Jakub Jelen
6a6c2bc3ab We need systemd-devel for sdnotify() 2018-02-01 16:30:07 +01:00
Jakub Jelen
0780f33c5f removal of systemd-units and conforming to packaging guidelines 
Per announcement on fedora-devel:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/LLG4T53FW2BGVZLGLKNYTKPD5SQNBZ2Y/
 2018-01-27 10:57:06 +01:00
Jakub Jelen
bb4b7b77fc openssh-7.6p1-6 + 0.10.3-3 2018-01-26 16:26:50 +01:00
Florian Weimer
f61eaad2bd Rebuild to work around gcc bug leading to sshd miscompilation (#1538648) 2018-01-25 16:48:03 +01:00
Jakub Jelen
c45ece5fe8 Do not audit partial auth failures 2018-01-22 12:58:09 +01:00
Jakub Jelen
6996c6f503 Do not audit passsword authentication, if handled by PAM 
and avoid auditing none auth method (not acually a method)
 2018-01-22 12:58:09 +01:00
Jakub Jelen
9b05c6d476 USER_AUTH: Remove bogus rport, add required grantors 2018-01-22 12:58:09 +01:00
Jakub Jelen
667e6f013f Do not audit final success (#1534577) 2018-01-22 12:58:09 +01:00
Jakub Jelen
57349a88a8 Use correct audit event for pubkey auth 2018-01-22 12:58:09 +01:00
Björn Esser
427beb2f9e
Rebuilt for switch to libxcrypt 2018-01-20 23:07:25 +01:00
Jakub Jelen
b1ec43ef50 Add missing header to make it build (related to #1534577) 2018-01-19 10:46:01 +01:00
Jakub Jelen
0f4b4ccdea Audit correctly the res= after upstream refactoring 2018-01-19 10:18:51 +01:00
Jakub Jelen
38b67ad605 Avoid undefined TRUE/FALSE in ldap patch to build in rawhide 2018-01-17 10:50:05 +01:00
Jakub Jelen
4d97279349 openssh-7.6p1-5 + 0.10.3-3 2018-01-17 10:13:18 +01:00
Jakub Jelen
f284c5eb83 Do not attempt to pass hostnames to audit (inconsistency) (#1534577) 2018-01-17 10:10:28 +01:00
Jakub Jelen
32dc9bd1cd Drop unused function from audit 2018-01-16 16:24:27 +01:00
Jakub Jelen
316553ade0 Remove TCP wrappers support (#1530163) 2018-01-16 15:06:23 +01:00
Jakub Jelen
871dc3ed3e openssh-7.6p1-4 + 0.10.3-3 2017-12-14 10:23:37 +01:00
Jakub Jelen
17cd512319 Whitelist gettid() syscall for systemd (cleanup procedure?) 2017-12-12 14:19:35 +01:00
Jakub Jelen
1f2a7f3926 openssh-7.6p1-3 + 0.10.3-3 2017-12-11 11:54:38 +01:00
Jakub Jelen
fde6b96b35 Avoid gcc warnings about uninitialized variables 2017-12-11 11:53:10 +01:00
Jakub Jelen
217da75d53 Do not segfault for repetitive cipher_free() from audit (#1524233) 2017-12-11 11:53:03 +01:00
Jakub Jelen
eef660e534 7.6p1-2 + 0.10.3-3 2017-11-22 08:57:03 +01:00
Jakub Jelen
e3f4c1243d Do not build all the binaries against libldap 2017-11-15 10:17:46 +01:00
Jakub Jelen
2087929a90 Do not segfault for ECC keys in PKCS#11 2017-11-15 10:17:46 +01:00
Jakub Jelen
a464c88ee6 forgotten sources 2017-11-07 16:49:23 +01:00
Jakub Jelen
8fc2fee4e4 7.6p1-1 + 0.10.3-3 2017-11-07 14:58:44 +01:00
Jakub Jelen
cdc735a59b Make sure we audit properly from the new code 2017-11-07 14:58:44 +01:00
Jakub Jelen
e0e7ed914b Address issues of another PR#48 review 2017-11-07 14:58:44 +01:00
Jakub Jelen
c08aa4b8b1 Fix after-release bug in PermitOpen (posted on ML) 2017-11-07 14:58:44 +01:00
Jakub Jelen
5b55d0951d rebase patches to openssh-7.6p1 and make it build 2017-11-07 14:58:44 +01:00
Jakub Jelen
9e46aafab9 openssh-7.5p1-6 + 0.10.3-2 2017-10-19 16:09:53 +02:00
Jakub Jelen
ed0b5e5a9f Remove pam_reauthorize, not needed by cockpit anymore (#1492313) 2017-10-19 16:09:53 +02:00
Jakub Jelen
e044c5cf76 Enforce pam_sepermit for all logins (#1492313) 2017-10-19 16:09:53 +02:00