| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
- gssapi is disabled for now.
Changes:
- https://www.openssh.com/txt/release-8.5
- https://www.openssh.com/txt/release-8.6
Submitted by: Yasuhiro Kimura [earlier version][1]
PR: 254389 [1]
|
| | |
|
| | |
|
| |
|
|
| |
Notes:
svn path=/head/; revision=568761
|
| |
|
|
|
|
|
|
|
|
|
| |
gss-genr.c: In function 'ssh_gssapi_kex_mechs':
gss-genr.c:175:9: error: 'strncpy' specified bound depends on the length of the source argument [-Werror=stringop-overflow=]
175 | cp = strncpy(s, kex, strlen(kex));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
Notes:
svn path=/head/; revision=557337
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
loginrec.c:763:2: error: 'strncpy' output may be truncated copying 32 bytes from a string of length 511 [-Werror=stringop-truncation]
strncpy(utx->ut_user, li->username,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MIN_SIZEOF(utx->ut_user, li->username));
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
loginrec.c: In function 'record_failed_login':
loginrec.c:1687:2: error: 'strncpy' specified bound 32 equals destination size [-Werror=stringop-truncation]
strncpy(ut.ut_user, username, sizeof(ut.ut_user));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
loginrec.c:1696:2: error: 'strncpy' specified bound 256 equals destination size [-Werror=stringop-truncation]
strncpy(ut.ut_host, hostname, sizeof(ut.ut_host));
Notes:
svn path=/head/; revision=556545
|
| |
|
|
|
|
|
| |
PR: 212151 (maybe)
Notes:
svn path=/head/; revision=556185
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and also removes a few unneeded library links such as -lcurses.
- libfido2 package is broken with pkg-config and base ssl. Workaround this
by not using pkg-config for that library for now.
- Add USES=localbase to simplify some options
- Make crypt(3) MD5 password support optional but still on-by-default. The
default in FreeBSD changed in 10.0 but that does not mean
- Enable -Werror
- Remove some old baggage from the port build
o The zlib version check has not been needed for a while.
o sshd.8 has not had %%PREFIX%% or %$RC_SCRIPT_NAME%% since 2011
and is not worth more patches/complexity.
o The strnvis(3) problem noted in r311891 was fixed in OpenSSH 7.4.
o autoreconf is run so it makes no sense to patch configure for -ldes
o --with-md5-passwords is not needed as our crypt(3) supports it
natively. This is only relevant without PAM.
Notes:
svn path=/head/; revision=555734
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This differs slightly from base as it uses the current NetBSD
hook points.
This is off-by-default as it needs testing and has issues that may cause
crashes. One such issue is the use of private bl_create() symbol from
libblacklist. It is also unclear if the hook points are sufficient
or proper after the libssh refactoring in 8.x.
PR: 223628 (patch rewritten as it no longer applied)
Notes:
svn path=/head/; revision=555531
|
| |
|
|
|
|
|
|
| |
This feature came in 8.2, is enabled by default on OpenBSD,
and suggested to be enabled by default for packages.
Notes:
svn path=/head/; revision=555524
|
| |
|
|
|
|
|
|
|
|
| |
- No functional changes.
PR: 223010
Submitted by: brnrd (earlier patch)
Notes:
svn path=/head/; revision=555518
|
| |
|
|
| |
Notes:
svn path=/head/; revision=555516
|
| |
|
|
| |
Notes:
svn path=/head/; revision=555514
|
| |
|
|
|
|
|
|
|
|
|
| |
- https://www.openssh.com/txt/release-8.3
- https://www.openssh.com/txt/release-8.4
PR: 239807, 250319
Sponsored by: Dell EMC
Notes:
svn path=/head/; revision=555512
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the past, the ports framework did not support handling situations
where a port contained a multitude of licenses. In case of OpenSSH
the list is/was: BSD2, BSD3, MIT, public domain, BSD-Style, BEER-WARE,
"any purpose with notice intact", and ISC-Style.
Instead of having to keep track of all the involved licenses which all
are very similar, let's use LICENSE_PERMS.
I am not bumping PORTREVISION as it is not a vital change from the
perspective of package users.
Approved by: bdrewery (maintainer)
Differential Revision: https://reviews.freebsd.org/D27133
Notes:
svn path=/head/; revision=554948
|
| |
|
|
|
|
|
|
|
| |
PR: 250559
Submitted by: Michał "rysiek" Woźniak <rysiek % isnic.is>
Approved by: maintainer timeout
Notes:
svn path=/head/; revision=554395
|
| |
|
|
|
|
|
| |
Approved by: portmgr blanket
Notes:
svn path=/head/; revision=554393
|
| |
|
|
|
|
|
| |
Approved by: portmgr (blanket)
Notes:
svn path=/head/; revision=545050
|
| |
|
|
| |
Notes:
svn path=/head/; revision=529015
|
| |
|
|
| |
Notes:
svn path=/head/; revision=529010
|
| |
|
|
|
|
|
| |
Approved by: portmgr (implicit)
Notes:
svn path=/head/; revision=528982
|
| |
|
|
| |
Notes:
svn path=/head/; revision=528981
|
| |
|
|
|
|
|
| |
Release notes: https://www.openssh.com/txt/release-8.2
Notes:
svn path=/head/; revision=528979
|
| |
|
|
|
|
|
|
|
| |
Changes: https://www.openssh.com/txt/release-8.1
Sponsored by: Dell EMC
Notes:
svn path=/head/; revision=520603
|
| |
|
|
| |
Notes:
svn path=/head/; revision=514144
|
| |
|
|
|
|
|
|
|
| |
Shared lib version changed in update
Reported by: sunpoet
Notes:
svn path=/head/; revision=510851
|
| |
|
|
| |
Notes:
svn path=/head/; revision=508909
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- Rework how the gssapi patch is fetched/mirrored so we can fetch
directly from debian.
PR: 239290
Submitted by: david@dcrosstech.com (based on)
Tested by: vrwmiller@gmail.com
Notes:
svn path=/head/; revision=506959
|
| |
|
|
| |
Notes:
svn path=/head/; revision=506878
|
| |
|
|
|
|
|
|
|
|
| |
Changes: https://www.openssh.com/txt/release-8.0
With help from: Lee Prokowich
Sponsored by: DellEMC
Notes:
svn path=/head/; revision=506433
|
| |
|
|
|
|
|
|
|
|
|
| |
- Fix patch URL for KERB_GSSAPI
- Add FLAVORs for x509 and gssapi since they are distinct types of
OpenSSH rather than feature flags.
Approved by: portmgr (implicit)
Notes:
svn path=/head/; revision=484842
|
| |
|
|
| |
Notes:
svn path=/head/; revision=484824
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- DOCS is required for HPN but it's not exclusively a flavor so needs to be
in the default list.
- Fix a build-time OpenSSL version comparison [1]
PR: 233157 [1]
Reported by: Robert Schulze <rs@bytecamp.net> [1]
Obtained from: upstream c0a35265907533be10ca151ac797f34ae0d68969 [1]
Notes:
svn path=/head/; revision=484823
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Fixes build on 12, head, and openssl-devel.
- GSSAPI and HPN are currently marked BROKEN as I don't want to block
the main update for anyone.
http://www.openssh.com/txt/release-7.8
http://www.openssh.com/txt/release-7.9
MFH: 2018Q4 (due to being broken on 12+head)
Notes:
svn path=/head/; revision=484765
|
| |
|
|
| |
Notes:
svn path=/head/; revision=484599
|
| |
|
|
|
|
|
|
|
|
|
| |
Also various fixes related to said option.
PR: 230864
Submitted by: mat
exp-runs by: antoine
Notes:
svn path=/head/; revision=479406
|
| |
|
|
|
|
|
| |
Reported by: mat
Notes:
svn path=/head/; revision=473555
|
| |
|
|
|
|
|
|
|
|
|
| |
default.
- Add an 'hpn' FLAVOR to produce a package for users with HPN and
NONECIPHER enabled.
Approved by: portmgr (implicit)
Notes:
svn path=/head/; revision=473485
|
| |
|
|
| |
Notes:
svn path=/head/; revision=473412
|
| |
|
|
|
|
|
| |
PR: 229147
Notes:
svn path=/head/; revision=472798
|
| |
|
|
|
|
|
|
| |
PR: 229147
Submitted by: Robert Schulze <rs@bytecamp.net>
Notes:
svn path=/head/; revision=472797
|
| |
|
|
| |
Notes:
svn path=/head/; revision=472796
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Bring in upstream patches post 7.7 to fix various issues [2]:
b81b2d120e9c8a83489e241620843687758925ad - Fix tunnel forwarding broken in 7.7p1
341727df910e12e26ef161508ed76d91c40a61eb - don't kill ssh-agent's listening socket entriely if we fail to accept a connection
85fe48fd49f2e81fa30902841b362cfbb7f1933b - don't free the %C expansion, it's used later for LocalCommand
868afa68469de50d8a43e5daf867d7c624a34d20 - Disable SSH2_MSG_DEBUG messages for Twisted Conch clients
f5baa36ba79a6e8c534fb4e0a00f2614ccc42ea6 - Omit 3des-cbc if OpenSSL built without DES
PR: 227758 [1]
Submitted by: IWAMOTO Kouichi <sue@iwmt.org> [1]
PR: 227551 [2]
Reported by: rozhuk.im@gmail.com [2]
Obtained from: upstream mirror https://github.com/openssh/openssh-portable [2]
Notes:
svn path=/head/; revision=468998
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
https://sources.debian.org/data/main/o/openssh/1:7.7p1-2/debian/patches/gssapi.patch
is mirrored due to not being filename-unique and not gzipped.
PR: 226789
Submitted by: Rick Miller <vmiller@verisign.com> (based on)
Tested by: Rick Miller <vmiller@verisign.com>
Reported by: david@dcrosstech.com
Notes:
svn path=/head/; revision=468286
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the command line added by patch-ssh.c misapplies to 7.7p1 and
moves from main() to to ssh_session2(). This breaks ssh SSHFP
support for non-canonical hostnames. For example, "ssh zinc"
correctly discovers the FQDN (zinc.ee.lbl.gov) and uses it to
look up A and AAAA records but the non-canonical version (zinc)
is used in the SSHFP record lookup which or course fails.
Regenerate the patch.
Reviewed by: bdrewery, ler (mentor)
Approved by: bdrewery, ler (mentor)
Differential Revision: https://reviews.freebsd.org/D15053
Notes:
svn path=/head/; revision=467200
|
| |
|
|
| |
Notes:
svn path=/head/; revision=466595
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Update x509 patch to 11.3
- Remove SCTP option as it has not had a patch available since 7.2.
Changes: https://www.openssh.com/txt/release-7.7
Notable changes:
* ssh(1)/sshd(8): Drop compatibility support for some very old SSH
implementations, including ssh.com <=2.* and OpenSSH <= 3.*. These
versions were all released in or before 2001 and predate the final
SSH RFCs. The support in question isn't necessary for RFC-compliant
SSH implementations.
Notes:
svn path=/head/; revision=466577
|
| |
|
|
| |
Notes:
svn path=/head/; revision=466385
|
| |
|
|
|
|
|
| |
Sponsored by: Absolight
Notes:
svn path=/head/; revision=465899
|
| |
|
|
| |
Notes:
svn path=/head/; revision=464727
|
