|
Tomáš Mráz |
c9833c |
# Do we want SELinux & Audit
|
|
cvsdist |
fe98d8 |
%define WITH_SELINUX 1
|
|
Tomáš Mráz |
fc72c2 |
|
|
cvsdist |
8264e7 |
# OpenSSH privilege separation requires a user & group ID
|
|
cvsdist |
8264e7 |
%define sshd_uid 74
|
|
cvsdist |
8264e7 |
%define sshd_gid 74
|
|
cvsdist |
8264e7 |
|
|
cvsdist |
f28bf6 |
# Do we want to disable building of gnome-askpass? (1=yes 0=no)
|
|
cvsdist |
f28bf6 |
%define no_gnome_askpass 0
|
|
cvsdist |
f28bf6 |
|
|
cvsdist |
b46e39 |
# Do we want to link against a static libcrypto? (1=yes 0=no)
|
|
cvsdist |
b46e39 |
%define static_libcrypto 0
|
|
cvsdist |
b46e39 |
|
|
cvsdist |
b46e39 |
# Do we want smartcard support (1=yes 0=no)
|
|
cvsdist |
b46e39 |
%define scard 0
|
|
cvsdist |
b46e39 |
|
|
cvsdist |
3e66bd |
# Use GTK2 instead of GNOME in gnome-ssh-askpass
|
|
cvsdist |
3e66bd |
%define gtk2 1
|
|
cvsdist |
3e66bd |
|
|
cvsdist |
fe98d8 |
# Build position-independent executables (requires toolchain support)?
|
|
Thomas Woerner |
b56212 |
%define pie 1
|
|
cvsdist |
fe98d8 |
|
|
cvsdist |
3e66bd |
# Do we want kerberos5 support (1=yes 0=no)
|
|
cvsdist |
3e66bd |
%define kerberos5 1
|
|
cvsdist |
8264e7 |
|
|
Tomáš Mráz |
c9833c |
# Do we want libedit support
|
|
Tomáš Mráz |
c9833c |
%define libedit 1
|
|
Tomáš Mráz |
c9833c |
|
|
Tomáš Mráz |
c3274c |
# Do we want NSS tokens support
|
|
Tomáš Mráz |
c3274c |
%define nss 1
|
|
Tomáš Mráz |
c3274c |
|
|
cvsdist |
8264e7 |
# Whether or not /sbin/nologin exists.
|
|
cvsdist |
8264e7 |
%define nologin 1
|
|
cvsdist |
8264e7 |
|
|
cvsdist |
43f95f |
# Reserve options to override askpass settings with:
|
|
cvsdist |
43f95f |
# rpm -ba|--rebuild --define 'skip_xxx 1'
|
|
cvsdist |
43f95f |
%{?skip_gnome_askpass:%define no_gnome_askpass 1}
|
|
cvsdist |
43f95f |
|
|
cvsdist |
ffdec5 |
# Add option to build without GTK2 for older platforms with only GTK+.
|
|
Nalin Dahyabhai |
389c43 |
# Red Hat Linux <= 7.2 and Red Hat Advanced Server 2.1 are examples.
|
|
cvsdist |
ffdec5 |
# rpm -ba|--rebuild --define 'no_gtk2 1'
|
|
cvsdist |
ffdec5 |
%{?no_gtk2:%define gtk2 0}
|
|
cvsdist |
ffdec5 |
|
|
cvsdist |
b46e39 |
# Options for static OpenSSL link:
|
|
cvsdist |
b46e39 |
# rpm -ba|--rebuild --define "static_openssl 1"
|
|
cvsdist |
b46e39 |
%{?static_openssl:%define static_libcrypto 1}
|
|
cvsdist |
b46e39 |
|
|
cvsdist |
b46e39 |
# Options for Smartcard support: (needs libsectok and openssl-engine)
|
|
cvsdist |
b46e39 |
# rpm -ba|--rebuild --define "smartcard 1"
|
|
cvsdist |
b46e39 |
%{?smartcard:%define scard 1}
|
|
cvsdist |
b46e39 |
|
|
cvsdist |
b46e39 |
# Is this a build for the rescue CD (without PAM, with MD5)? (1=yes 0=no)
|
|
cvsdist |
b46e39 |
%define rescue 0
|
|
cvsdist |
b46e39 |
%{?build_rescue:%define rescue 1}
|
|
Tomáš Mráz |
c12d6b |
%{?build_rescue:%define rescue_rel rescue}
|
|
cvsdist |
b46e39 |
|
|
cvsdist |
3e66bd |
# Turn off some stuff for resuce builds
|
|
cvsdist |
3e66bd |
%if %{rescue}
|
|
cvsdist |
3e66bd |
%define kerberos5 0
|
|
Tomáš Mráz |
c9833c |
%define libedit 0
|
|
cvsdist |
3e66bd |
%endif
|
|
cvsdist |
3e66bd |
|
|
Tomáš Mráz |
9e5c6e |
Summary: An open source implementation of SSH protocol versions 1 and 2
|
|
cvsdist |
f71077 |
Name: openssh
|
|
Jan F. Chadima |
a3ba41 |
Version: 5.2p1
|
|
Jan F. Chadima |
3d51c7 |
Release: 25%{?dist}%{?rescue_rel}
|
|
cvsdist |
f71077 |
URL: http://www.openssh.com/portable.html
|
|
Nalin Dahyabhai |
deb1e4 |
#Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
|
|
Tomáš Mráz |
c9833c |
#Source1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz.asc
|
|
Tomáš Mráz |
b40baa |
# This package differs from the upstream OpenSSH tarball in that
|
|
Tomáš Mráz |
b40baa |
# the ACSS cipher is removed by running openssh-nukeacss.sh in
|
|
Tomáš Mráz |
b40baa |
# the unpacked source directory.
|
|
Tomáš Mráz |
5de53f |
Source0: openssh-%{version}-noacss.tar.bz2
|
|
Nalin Dahyabhai |
deb1e4 |
Source1: openssh-nukeacss.sh
|
|
Tomáš Mráz |
ca47f6 |
Source2: sshd.pam
|
|
Tomáš Mráz |
ca47f6 |
Source3: sshd.init
|
|
Jan F. Chadima |
a3ba41 |
Patch0: openssh-5.2p1-redhat.patch
|
|
Tomáš Mráz |
09510a |
Patch2: openssh-5.1p1-skip-initial.patch
|
|
cvsdist |
ffdec5 |
Patch3: openssh-3.8.1p1-krb5-config.patch
|
|
Jan F. Chadima |
a3ba41 |
Patch4: openssh-5.2p1-vendor.patch
|
|
Jan F. Chadima |
a3ba41 |
Patch12: openssh-5.2p1-selinux.patch
|
|
Tomáš Mráz |
ec5276 |
Patch13: openssh-5.1p1-mls.patch
|
|
Tomáš Mráz |
c9833c |
Patch16: openssh-4.7p1-audit.patch
|
|
Tomáš Mráz |
09510a |
Patch18: openssh-5.0p1-pam_selinux.patch
|
|
Jan F. Chadima |
15914f |
Patch19: openssh-5.2p1-sesftp.patch
|
|
Tomáš Mráz |
4c55a5 |
Patch22: openssh-3.9p1-askpass-keep-above.patch
|
|
Tomáš Mráz |
fd638a |
Patch24: openssh-4.3p1-fromto-remote.patch
|
|
Tomáš Mráz |
93a474 |
Patch27: openssh-5.1p1-log-in-chroot.patch
|
|
Tomáš Mráz |
fa1481 |
Patch30: openssh-4.0p1-exit-deadlock.patch
|
|
Tomáš Mráz |
ec5276 |
Patch35: openssh-5.1p1-askpass-progress.patch
|
|
Tomáš Mráz |
ef3242 |
Patch38: openssh-4.3p2-askpass-grab-info.patch
|
|
Tomáš Mráz |
c12d6b |
Patch39: openssh-4.3p2-no-v6only.patch
|
|
Jan F. Chadima |
bd8eb9 |
Patch44: openssh-5.2p1-allow-ip-opts.patch
|
|
Tomáš Mráz |
914284 |
Patch49: openssh-4.3p2-gssapi-canohost.patch
|
|
Jan F. Chadima |
a3ba41 |
Patch51: openssh-5.2p1-nss-keys.patch
|
|
Tomáš Mráz |
93a474 |
Patch55: openssh-5.1p1-cloexec.patch
|
|
Tomáš Mráz |
ec5276 |
Patch62: openssh-5.1p1-scp-manpage.patch
|
|
Jan F. Chadima |
a3ba41 |
Patch65: openssh-5.2p1-fips.patch
|
|
Jan F. Chadima |
f4b0b4 |
Patch68: openssh-5.2p1-pathmax.patch
|
|
Jan F. Chadima |
ca05b3 |
Patch69: openssh-5.2p1-selabel.patch
|
|
Jan F. Chadima |
986cee |
Patch71: openssh-5.2p1-edns.patch
|
|
Tomáš Mráz |
2cb0e7 |
|
|
cvsdist |
7d7b03 |
License: BSD
|
|
cvsdist |
f71077 |
Group: Applications/Internet
|
|
Tomáš Mráz |
9d725b |
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
|
cvsdist |
8264e7 |
%if %{nologin}
|
|
cvsdist |
8264e7 |
Requires: /sbin/nologin
|
|
cvsdist |
8264e7 |
%endif
|
|
cvsdist |
8264e7 |
|
|
Tomáš Mráz |
ef3242 |
Requires: initscripts >= 5.20
|
|
cvsdist |
8264e7 |
|
|
Bill Nottingham |
c92dff |
%if ! %{no_gnome_askpass}
|
|
cvsdist |
092b0a |
%if %{gtk2}
|
|
Tomáš Mráz |
ef3242 |
BuildRequires: gtk2-devel
|
|
Tomáš Mráz |
ef3242 |
BuildRequires: libX11-devel
|
|
Bill Nottingham |
c92dff |
%else
|
|
Tomáš Mráz |
ef3242 |
BuildRequires: gnome-libs-devel
|
|
cvsdist |
092b0a |
%endif
|
|
Bill Nottingham |
c92dff |
%endif
|
|
Bill Nottingham |
c92dff |
|
|
cvsdist |
5ef607 |
%if %{scard}
|
|
Tomáš Mráz |
ef3242 |
BuildRequires: sharutils
|
|
cvsdist |
5ef607 |
%endif
|
|
Tomáš Mráz |
d93958 |
BuildRequires: autoconf, automake, perl, zlib-devel
|
|
Tomáš Mráz |
ef3242 |
BuildRequires: audit-libs-devel
|
|
Tomáš Mráz |
ef3242 |
BuildRequires: util-linux, groff, man
|
|
Tomáš Mráz |
ef3242 |
BuildRequires: pam-devel
|
|
Tomáš Mráz |
fc2f31 |
BuildRequires: tcp_wrappers-devel
|
|
Tomáš Mráz |
d93958 |
BuildRequires: fipscheck-devel
|
|
Tomáš Mráz |
d93958 |
BuildRequires: openssl-devel >= 0.9.8j
|
|
cvsdist |
8264e7 |
|
|
cvsdist |
3e66bd |
%if %{kerberos5}
|
|
Tomáš Mráz |
ef3242 |
BuildRequires: krb5-devel
|
|
cvsdist |
3e66bd |
%endif
|
|
cvsdist |
3e66bd |
|
|
Tomáš Mráz |
c9833c |
%if %{libedit}
|
|
Tomáš Mráz |
0a9a40 |
BuildRequires: libedit-devel ncurses-devel
|
|
Tomáš Mráz |
c9833c |
%endif
|
|
Tomáš Mráz |
c9833c |
|
|
Tomáš Mráz |
0092bb |
%if %{nss}
|
|
Tomáš Mráz |
0092bb |
BuildRequires: nss-devel
|
|
Tomáš Mráz |
0092bb |
%endif
|
|
Tomáš Mráz |
0092bb |
|
|
Tomáš Mráz |
fc72c2 |
%if %{WITH_SELINUX}
|
|
Daniel J Walsh |
0e07ed |
Requires: libselinux >= 1.27.7
|
|
Daniel J Walsh |
0e07ed |
BuildRequires: libselinux-devel >= 1.27.7
|
|
Tomáš Mráz |
fc72c2 |
Requires: audit-libs >= 1.0.8
|
|
Tomáš Mráz |
fc72c2 |
BuildRequires: audit-libs >= 1.0.8
|
|
Tomáš Mráz |
fc72c2 |
%endif
|
|
cvsdist |
5ef607 |
|
|
Tomáš Mráz |
ef3242 |
BuildRequires: xauth
|
|
Tomáš Mráz |
ef3242 |
|
|
cvsdist |
f71077 |
%package clients
|
|
Tomáš Mráz |
9e5c6e |
Summary: An open source SSH client applications
|
|
cvsdist |
328740 |
Requires: openssh = %{version}-%{release}
|
|
cvsdist |
f71077 |
Group: Applications/Internet
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
%package server
|
|
Tomáš Mráz |
9e5c6e |
Summary: An open source SSH server daemon
|
|
cvsdist |
f71077 |
Group: System Environment/Daemons
|
|
Tomáš Mráz |
ef3242 |
Requires: openssh = %{version}-%{release}
|
|
Tomáš Mráz |
ef3242 |
Requires(post): chkconfig >= 0.9, /sbin/service
|
|
Tomáš Mráz |
ef3242 |
Requires(pre): /usr/sbin/useradd
|
|
Tomáš Mráz |
1961bc |
Requires: pam >= 1.0.1-3
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
%package askpass
|
|
Tomáš Mráz |
ef3242 |
Summary: A passphrase dialog for OpenSSH and X
|
|
cvsdist |
f71077 |
Group: Applications/Internet
|
|
cvsdist |
328740 |
Requires: openssh = %{version}-%{release}
|
|
Tomáš Mráz |
762e40 |
Obsoletes: openssh-askpass-gnome
|
|
Tomáš Mráz |
762e40 |
Provides: openssh-askpass-gnome
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
%description
|
|
cvsdist |
7d7b03 |
SSH (Secure SHell) is a program for logging into and executing
|
|
cvsdist |
7d7b03 |
commands on a remote machine. SSH is intended to replace rlogin and
|
|
cvsdist |
7d7b03 |
rsh, and to provide secure encrypted communications between two
|
|
cvsdist |
7d7b03 |
untrusted hosts over an insecure network. X11 connections and
|
|
cvsdist |
f71077 |
arbitrary TCP/IP ports can also be forwarded over the secure channel.
|
|
cvsdist |
f71077 |
|
|
cvsdist |
7d7b03 |
OpenSSH is OpenBSD's version of the last free version of SSH, bringing
|
|
Tomáš Mráz |
9e5c6e |
it up to date in terms of security and features.
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
This package includes the core files necessary for both the OpenSSH
|
|
cvsdist |
7d7b03 |
client and server. To make this package useful, you should also
|
|
cvsdist |
f71077 |
install openssh-clients, openssh-server, or both.
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
%description clients
|
|
cvsdist |
7d7b03 |
OpenSSH is a free version of SSH (Secure SHell), a program for logging
|
|
cvsdist |
7d7b03 |
into and executing commands on a remote machine. This package includes
|
|
cvsdist |
7d7b03 |
the clients necessary to make encrypted connections to SSH servers.
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
%description server
|
|
cvsdist |
7d7b03 |
OpenSSH is a free version of SSH (Secure SHell), a program for logging
|
|
cvsdist |
7d7b03 |
into and executing commands on a remote machine. This package contains
|
|
cvsdist |
7d7b03 |
the secure shell daemon (sshd). The sshd daemon allows SSH clients to
|
|
Tomáš Mráz |
9e5c6e |
securely connect to your SSH server.
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
%description askpass
|
|
cvsdist |
7d7b03 |
OpenSSH is a free version of SSH (Secure SHell), a program for logging
|
|
cvsdist |
7d7b03 |
into and executing commands on a remote machine. This package contains
|
|
cvsdist |
7d7b03 |
an X11 passphrase dialog for OpenSSH.
|
|
cvsdist |
f71077 |
|
|
cvsdist |
43f95f |
%prep
|
|
cvsdist |
43f95f |
%setup -q
|
|
cvsdist |
43f95f |
%patch0 -p1 -b .redhat
|
|
cvsdist |
ffdec5 |
%patch2 -p1 -b .skip-initial
|
|
cvsdist |
ffdec5 |
%patch3 -p1 -b .krb5-config
|
|
Nalin Dahyabhai |
8ccaa9 |
%patch4 -p1 -b .vendor
|
|
Tomáš Mráz |
c9833c |
|
|
Tomáš Mráz |
fc72c2 |
%if %{WITH_SELINUX}
|
|
Tomáš Mráz |
fc72c2 |
#SELinux
|
|
cvsdist |
092b0a |
%patch12 -p1 -b .selinux
|
|
Tomáš Mráz |
c9833c |
%patch13 -p1 -b .mls
|
|
Tomáš Mráz |
fc72c2 |
%patch16 -p1 -b .audit
|
|
Tomáš Mráz |
09510a |
%patch18 -p1 -b .pam_selinux
|
|
Jan F. Chadima |
15914f |
%patch19 -p1 -b .sesftp
|
|
Tomáš Mráz |
fc72c2 |
%endif
|
|
Tomáš Mráz |
fc72c2 |
|
|
Tomáš Mráz |
4c55a5 |
%patch22 -p1 -b .keep-above
|
|
Tomáš Mráz |
8d62bf |
%patch24 -p1 -b .fromto-remote
|
|
Tomáš Mráz |
e01ed6 |
%patch27 -p1 -b .log-chroot
|
|
Tomáš Mráz |
fa1481 |
%patch30 -p1 -b .exit-deadlock
|
|
Tomáš Mráz |
09d7e6 |
%patch35 -p1 -b .progress
|
|
Tomáš Mráz |
ef3242 |
%patch38 -p1 -b .grab-info
|
|
Tomáš Mráz |
c12d6b |
%patch39 -p1 -b .no-v6only
|
|
Tomáš Mráz |
ac4818 |
%patch44 -p1 -b .ip-opts
|
|
Tomáš Mráz |
914284 |
%patch49 -p1 -b .canohost
|
|
Tomáš Mráz |
c3274c |
%patch51 -p1 -b .nss-keys
|
|
Tomáš Mráz |
2cb0e7 |
%patch55 -p1 -b .cloexec
|
|
Tomáš Mráz |
ec5276 |
%patch62 -p1 -b .manpage
|
|
Tomáš Mráz |
d93958 |
%patch65 -p1 -b .fips
|
|
Jan F. Chadima |
f4b0b4 |
%patch68 -p1 -b .pathmax
|
|
Jan F. Chadima |
ca05b3 |
%patch69 -p1 -b .selabel
|
|
Jan F. Chadima |
986cee |
%patch71 -p1 -b .edns
|
|
Nalin Dahyabhai |
05c945 |
|
|
Nalin Dahyabhai |
8ccaa9 |
autoreconf
|
|
cvsdist |
ffdec5 |
|
|
cvsdist |
43f95f |
%build
|
|
Tomáš Mráz |
09d7e6 |
CFLAGS="$RPM_OPT_FLAGS"; export CFLAGS
|
|
cvsdist |
fe98d8 |
%if %{rescue}
|
|
cvsdist |
fe98d8 |
CFLAGS="$CFLAGS -Os"
|
|
cvsdist |
fe98d8 |
%endif
|
|
cvsdist |
fe98d8 |
%if %{pie}
|
|
Dennis Gilmore |
91bdf4 |
%ifarch s390 s390x sparc sparcv9 sparc64
|
|
cvsdist |
8f8720 |
CFLAGS="$CFLAGS -fPIE"
|
|
cvsdist |
8f8720 |
%else
|
|
cvsdist |
8f8720 |
CFLAGS="$CFLAGS -fpie"
|
|
cvsdist |
8f8720 |
%endif
|
|
cvsdist |
8f8720 |
export CFLAGS
|
|
cvsdist |
8f8720 |
LDFLAGS="$LDFLAGS -pie"; export LDFLAGS
|
|
cvsdist |
fe98d8 |
%endif
|
|
cvsdist |
092b0a |
%if %{kerberos5}
|
|
Tomáš Mráz |
2cc09c |
source /etc/profile.d/krb5-devel.sh
|
|
cvsdist |
092b0a |
krb5_prefix=`krb5-config --prefix`
|
|
cvsdist |
092b0a |
if test "$krb5_prefix" != "%{_prefix}" ; then
|
|
cvsdist |
092b0a |
CPPFLAGS="$CPPFLAGS -I${krb5_prefix}/include -I${krb5_prefix}/include/gssapi"; export CPPFLAGS
|
|
cvsdist |
092b0a |
CFLAGS="$CFLAGS -I${krb5_prefix}/include -I${krb5_prefix}/include/gssapi"
|
|
cvsdist |
092b0a |
LDFLAGS="$LDFLAGS -L${krb5_prefix}/%{_lib}"; export LDFLAGS
|
|
cvsdist |
092b0a |
else
|
|
cvsdist |
092b0a |
krb5_prefix=
|
|
cvsdist |
092b0a |
CPPFLAGS="-I%{_includedir}/gssapi"; export CPPFLAGS
|
|
cvsdist |
092b0a |
CFLAGS="$CFLAGS -I%{_includedir}/gssapi"
|
|
cvsdist |
092b0a |
fi
|
|
cvsdist |
092b0a |
%endif
|
|
cvsdist |
b46e39 |
|
|
cvsdist |
43f95f |
%configure \
|
|
cvsdist |
43f95f |
--sysconfdir=%{_sysconfdir}/ssh \
|
|
cvsdist |
43f95f |
--libexecdir=%{_libexecdir}/openssh \
|
|
cvsdist |
b46e39 |
--datadir=%{_datadir}/openssh \
|
|
cvsdist |
43f95f |
--with-tcp-wrappers \
|
|
cvsdist |
8264e7 |
--with-default-path=/usr/local/bin:/bin:/usr/bin \
|
|
cvsdist |
8264e7 |
--with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \
|
|
cvsdist |
8264e7 |
--with-privsep-path=%{_var}/empty/sshd \
|
|
Nalin Dahyabhai |
8ccaa9 |
--enable-vendor-patchlevel="FC-%{version}-%{release}" \
|
|
Nalin Dahyabhai |
8ccaa9 |
--disable-strip \
|
|
Tomáš Mráz |
de2e7a |
--without-zlib-version-check \
|
|
Tomáš Mráz |
ff6d59 |
--with-ssl-engine \
|
|
Tomáš Mráz |
c3274c |
%if %{nss}
|
|
Tomáš Mráz |
c3274c |
--with-nss \
|
|
Tomáš Mráz |
c3274c |
%endif
|
|
cvsdist |
b46e39 |
%if %{scard}
|
|
cvsdist |
b46e39 |
--with-smartcard \
|
|
cvsdist |
b46e39 |
%endif
|
|
cvsdist |
43f95f |
%if %{rescue}
|
|
cvsdist |
ffdec5 |
--without-pam \
|
|
cvsdist |
3e66bd |
%else
|
|
cvsdist |
3e66bd |
--with-pam \
|
|
cvsdist |
3e66bd |
%endif
|
|
Tomáš Mráz |
fc72c2 |
%if %{WITH_SELINUX}
|
|
Tomáš Mráz |
c9833c |
--with-selinux --with-linux-audit \
|
|
Tomáš Mráz |
fc72c2 |
%endif
|
|
cvsdist |
3e66bd |
%if %{kerberos5}
|
|
Tomáš Mráz |
c9833c |
--with-kerberos5${krb5_prefix:+=${krb5_prefix}} \
|
|
cvsdist |
43f95f |
%else
|
|
Tomáš Mráz |
c9833c |
--without-kerberos5 \
|
|
Tomáš Mráz |
c9833c |
%endif
|
|
Tomáš Mráz |
c9833c |
%if %{libedit}
|
|
Tomáš Mráz |
c9833c |
--with-libedit
|
|
Tomáš Mráz |
c9833c |
%else
|
|
Tomáš Mráz |
c9833c |
--without-libedit
|
|
cvsdist |
b46e39 |
%endif
|
|
cvsdist |
b46e39 |
|
|
cvsdist |
b46e39 |
%if %{static_libcrypto}
|
|
cvsdist |
b46e39 |
perl -pi -e "s|-lcrypto|%{_libdir}/libcrypto.a|g" Makefile
|
|
cvsdist |
43f95f |
%endif
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
make
|
|
cvsdist |
43f95f |
|
|
cvsdist |
8264e7 |
# Define a variable to toggle gnome1/gtk2 building. This is necessary
|
|
cvsdist |
8264e7 |
# because RPM doesn't handle nested %if statements.
|
|
cvsdist |
8264e7 |
%if %{gtk2}
|
|
cvsdist |
3e66bd |
gtk2=yes
|
|
cvsdist |
8264e7 |
%else
|
|
cvsdist |
3e66bd |
gtk2=no
|
|
cvsdist |
8264e7 |
%endif
|
|
cvsdist |
8264e7 |
|
|
cvsdist |
43f95f |
%if ! %{no_gnome_askpass}
|
|
cvsdist |
43f95f |
pushd contrib
|
|
cvsdist |
8264e7 |
if [ $gtk2 = yes ] ; then
|
|
cvsdist |
3e66bd |
make gnome-ssh-askpass2
|
|
cvsdist |
3e66bd |
mv gnome-ssh-askpass2 gnome-ssh-askpass
|
|
cvsdist |
8264e7 |
else
|
|
cvsdist |
3e66bd |
make gnome-ssh-askpass1
|
|
cvsdist |
3e66bd |
mv gnome-ssh-askpass1 gnome-ssh-askpass
|
|
cvsdist |
8264e7 |
fi
|
|
cvsdist |
43f95f |
popd
|
|
cvsdist |
43f95f |
%endif
|
|
cvsdist |
43f95f |
|
|
Tomáš Mráz |
d93958 |
# Add generation of HMAC checksums of the final stripped binaries
|
|
Tomáš Mráz |
d93958 |
%define __spec_install_post \
|
|
Tomáš Mráz |
d93958 |
%{?__debug_package:%{__debug_install_post}} \
|
|
Tomáš Mráz |
d93958 |
%{__arch_install_post} \
|
|
Tomáš Mráz |
d93958 |
%{__os_install_post} \
|
|
Tomáš Mráz |
d93958 |
fipshmac $RPM_BUILD_ROOT%{_bindir}/ssh \
|
|
Tomáš Mráz |
d93958 |
fipshmac $RPM_BUILD_ROOT%{_sbindir}/sshd \
|
|
Tomáš Mráz |
d93958 |
%{nil}
|
|
Tomáš Mráz |
d93958 |
|
|
cvsdist |
43f95f |
%install
|
|
cvsdist |
43f95f |
rm -rf $RPM_BUILD_ROOT
|
|
cvsdist |
43f95f |
mkdir -p -m755 $RPM_BUILD_ROOT%{_sysconfdir}/ssh
|
|
cvsdist |
43f95f |
mkdir -p -m755 $RPM_BUILD_ROOT%{_libexecdir}/openssh
|
|
Tomáš Mráz |
320a1c |
mkdir -p -m755 $RPM_BUILD_ROOT%{_var}/empty/sshd
|
|
cvsdist |
43f95f |
make install DESTDIR=$RPM_BUILD_ROOT
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
install -d $RPM_BUILD_ROOT/etc/pam.d/
|
|
cvsdist |
43f95f |
install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
|
|
cvsdist |
43f95f |
install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh
|
|
Tomáš Mráz |
ca47f6 |
install -m644 %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/sshd
|
|
Tomáš Mráz |
ca47f6 |
install -m755 %{SOURCE3} $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
|
|
Tomáš Mráz |
f94d8f |
install -m755 contrib/ssh-copy-id $RPM_BUILD_ROOT%{_bindir}/
|
|
Tomáš Mráz |
f94d8f |
install contrib/ssh-copy-id.1 $RPM_BUILD_ROOT%{_mandir}/man1/
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
%if ! %{no_gnome_askpass}
|
|
cvsdist |
43f95f |
install -s contrib/gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/gnome-ssh-askpass
|
|
cvsdist |
43f95f |
%endif
|
|
cvsdist |
43f95f |
|
|
cvsdist |
818000 |
%if ! %{scard}
|
|
cvsdist |
3e66bd |
rm -f $RPM_BUILD_ROOT%{_datadir}/openssh/Ssh.bin
|
|
cvsdist |
818000 |
%endif
|
|
cvsdist |
818000 |
|
|
cvsdist |
ffdec5 |
%if ! %{no_gnome_askpass}
|
|
Tomáš Mráz |
09d7e6 |
ln -s gnome-ssh-askpass $RPM_BUILD_ROOT%{_libexecdir}/openssh/ssh-askpass
|
|
cvsdist |
b46e39 |
install -m 755 -d $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
|
|
cvsdist |
8264e7 |
install -m 755 contrib/redhat/gnome-ssh-askpass.csh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
|
|
cvsdist |
8264e7 |
install -m 755 contrib/redhat/gnome-ssh-askpass.sh $RPM_BUILD_ROOT%{_sysconfdir}/profile.d/
|
|
cvsdist |
ffdec5 |
%endif
|
|
cvsdist |
43f95f |
|
|
cvsdist |
5ef607 |
%if %{no_gnome_askpass}
|
|
cvsdist |
5ef607 |
rm -f $RPM_BUILD_ROOT/etc/profile.d/gnome-ssh-askpass.*
|
|
cvsdist |
5ef607 |
%endif
|
|
cvsdist |
5ef607 |
|
|
cvsdist |
43f95f |
perl -pi -e "s|$RPM_BUILD_ROOT||g" $RPM_BUILD_ROOT%{_mandir}/man*/*
|
|
cvsdist |
43f95f |
|
|
Tomáš Mráz |
c3274c |
rm -f README.nss.nss-keys
|
|
Tomáš Mráz |
c3274c |
%if ! %{nss}
|
|
Tomáš Mráz |
c3274c |
rm -f README.nss
|
|
Tomáš Mráz |
c3274c |
%endif
|
|
cvsdist |
43f95f |
%clean
|
|
cvsdist |
43f95f |
rm -rf $RPM_BUILD_ROOT
|
|
cvsdist |
43f95f |
|
|
cvsdist |
8264e7 |
%pre server
|
|
cvsdist |
8264e7 |
%if %{nologin}
|
|
Tomáš Mráz |
ad07b9 |
/usr/sbin/useradd -c "Privilege-separated SSH" -u %{sshd_uid} \
|
|
cvsdist |
8264e7 |
-s /sbin/nologin -r -d /var/empty/sshd sshd 2> /dev/null || :
|
|
cvsdist |
8264e7 |
%else
|
|
Tomáš Mráz |
ad07b9 |
/usr/sbin/useradd -c "Privilege-separated SSH" -u %{sshd_uid} \
|
|
cvsdist |
8264e7 |
-s /dev/null -r -d /var/empty/sshd sshd 2> /dev/null || :
|
|
cvsdist |
8264e7 |
%endif
|
|
cvsdist |
8264e7 |
|
|
cvsdist |
43f95f |
%post server
|
|
cvsdist |
43f95f |
/sbin/chkconfig --add sshd
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
%postun server
|
|
cvsdist |
43f95f |
/sbin/service sshd condrestart > /dev/null 2>&1 || :
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
%preun server
|
|
cvsdist |
43f95f |
if [ "$1" = 0 ]
|
|
cvsdist |
43f95f |
then
|
|
cvsdist |
43f95f |
/sbin/service sshd stop > /dev/null 2>&1 || :
|
|
cvsdist |
43f95f |
/sbin/chkconfig --del sshd
|
|
cvsdist |
43f95f |
fi
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
%files
|
|
cvsdist |
43f95f |
%defattr(-,root,root)
|
|
Tomáš Mráz |
93a474 |
%doc CREDITS ChangeLog INSTALL LICENCE OVERVIEW PROTOCOL* README* TODO WARNING*
|
|
cvsdist |
43f95f |
%attr(0755,root,root) %dir %{_sysconfdir}/ssh
|
|
cvsdist |
b46e39 |
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
|
|
cvsdist |
43f95f |
%if ! %{rescue}
|
|
cvsdist |
43f95f |
%attr(0755,root,root) %{_bindir}/ssh-keygen
|
|
cvsdist |
43f95f |
%attr(0644,root,root) %{_mandir}/man1/ssh-keygen.1*
|
|
cvsdist |
43f95f |
%attr(0755,root,root) %dir %{_libexecdir}/openssh
|
|
Tomáš Mráz |
ef3242 |
%attr(4755,root,root) %{_libexecdir}/openssh/ssh-keysign
|
|
cvsdist |
8264e7 |
%attr(0644,root,root) %{_mandir}/man8/ssh-keysign.8*
|
|
cvsdist |
43f95f |
%endif
|
|
cvsdist |
b46e39 |
%if %{scard}
|
|
cvsdist |
b46e39 |
%attr(0755,root,root) %dir %{_datadir}/openssh
|
|
cvsdist |
b46e39 |
%attr(0644,root,root) %{_datadir}/openssh/Ssh.bin
|
|
cvsdist |
b46e39 |
%endif
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
%files clients
|
|
cvsdist |
43f95f |
%defattr(-,root,root)
|
|
cvsdist |
8264e7 |
%attr(0755,root,root) %{_bindir}/ssh
|
|
Tomáš Mráz |
d93958 |
%attr(0644,root,root) %{_bindir}/.ssh.hmac
|
|
cvsdist |
43f95f |
%attr(0644,root,root) %{_mandir}/man1/ssh.1*
|
|
cvsdist |
3e66bd |
%attr(0755,root,root) %{_bindir}/scp
|
|
cvsdist |
3e66bd |
%attr(0644,root,root) %{_mandir}/man1/scp.1*
|
|
cvsdist |
43f95f |
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
|
|
Tomáš Mráz |
ef3242 |
%attr(0755,root,root) %{_bindir}/slogin
|
|
cvsdist |
3e66bd |
%attr(0644,root,root) %{_mandir}/man1/slogin.1*
|
|
cvsdist |
3e66bd |
%attr(0644,root,root) %{_mandir}/man5/ssh_config.5*
|
|
cvsdist |
43f95f |
%if ! %{rescue}
|
|
cvsdist |
ffdec5 |
%attr(2755,root,nobody) %{_bindir}/ssh-agent
|
|
cvsdist |
43f95f |
%attr(0755,root,root) %{_bindir}/ssh-add
|
|
cvsdist |
43f95f |
%attr(0755,root,root) %{_bindir}/ssh-keyscan
|
|
cvsdist |
43f95f |
%attr(0755,root,root) %{_bindir}/sftp
|
|
Tomáš Mráz |
f94d8f |
%attr(0755,root,root) %{_bindir}/ssh-copy-id
|
|
cvsdist |
43f95f |
%attr(0644,root,root) %{_mandir}/man1/ssh-agent.1*
|
|
cvsdist |
43f95f |
%attr(0644,root,root) %{_mandir}/man1/ssh-add.1*
|
|
cvsdist |
43f95f |
%attr(0644,root,root) %{_mandir}/man1/ssh-keyscan.1*
|
|
cvsdist |
43f95f |
%attr(0644,root,root) %{_mandir}/man1/sftp.1*
|
|
Tomáš Mráz |
f94d8f |
%attr(0644,root,root) %{_mandir}/man1/ssh-copy-id.1*
|
|
cvsdist |
43f95f |
%endif
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
%if ! %{rescue}
|
|
cvsdist |
43f95f |
%files server
|
|
cvsdist |
43f95f |
%defattr(-,root,root)
|
|
Tomáš Mráz |
ef3242 |
%dir %attr(0711,root,root) %{_var}/empty/sshd
|
|
cvsdist |
43f95f |
%attr(0755,root,root) %{_sbindir}/sshd
|
|
Tomáš Mráz |
d93958 |
%attr(0644,root,root) %{_sbindir}/.sshd.hmac
|
|
cvsdist |
43f95f |
%attr(0755,root,root) %{_libexecdir}/openssh/sftp-server
|
|
cvsdist |
8264e7 |
%attr(0644,root,root) %{_mandir}/man5/sshd_config.5*
|
|
Tomáš Mráz |
93a474 |
%attr(0644,root,root) %{_mandir}/man5/moduli.5*
|
|
cvsdist |
43f95f |
%attr(0644,root,root) %{_mandir}/man8/sshd.8*
|
|
cvsdist |
43f95f |
%attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
|
|
cvsdist |
43f95f |
%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
|
|
Tomáš Mráz |
5a8f6b |
%attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd
|
|
Tomáš Mráz |
ef3242 |
%attr(0755,root,root) /etc/rc.d/init.d/sshd
|
|
cvsdist |
43f95f |
%endif
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
%if ! %{no_gnome_askpass}
|
|
Tomáš Mráz |
09d7e6 |
%files askpass
|
|
cvsdist |
43f95f |
%defattr(-,root,root)
|
|
Tomáš Mráz |
b40baa |
%attr(0644,root,root) %{_sysconfdir}/profile.d/gnome-ssh-askpass.*
|
|
cvsdist |
43f95f |
%attr(0755,root,root) %{_libexecdir}/openssh/gnome-ssh-askpass
|
|
Tomáš Mráz |
09d7e6 |
%attr(0755,root,root) %{_libexecdir}/openssh/ssh-askpass
|
|
cvsdist |
43f95f |
%endif
|
|
cvsdist |
43f95f |
|
|
cvsdist |
f71077 |
%changelog
|
|
Jan F. Chadima |
0447c9 |
* Fri Sep 11 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-25
|
|
Jan F. Chadima |
0447c9 |
- Dropped homechroot patch
|
|
Jan F. Chadima |
0447c9 |
|
|
Jan F. Chadima |
257d66 |
* Mon Sep 7 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-24
|
|
Jan F. Chadima |
257d66 |
- Add check for nosuid, nodev in homechroot
|
|
Jan F. Chadima |
257d66 |
|
|
Jan F. Chadima |
49d0cf |
* Tue Sep 1 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-23
|
|
Jan F. Chadima |
49d0cf |
- add correct patch for ip-opts
|
|
Jan F. Chadima |
49d0cf |
|
|
Jan F. Chadima |
bd8eb9 |
* Tue Sep 1 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-22
|
|
Jan F. Chadima |
bd8eb9 |
- replace ip-opts patch by an upstream candidate version
|
|
Jan F. Chadima |
bd8eb9 |
|
|
Jan F. Chadima |
ce94da |
* Mon Aug 31 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-21
|
|
Jan F. Chadima |
726565 |
- rearange selinux patch to be acceptable for upstream
|
|
Jan F. Chadima |
726565 |
- replace seftp patch by an upstream version
|
|
Jan F. Chadima |
726565 |
|
|
Jan F. Chadima |
15914f |
* Fri Aug 28 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-20
|
|
Jan F. Chadima |
15914f |
- merged xmodifiers to redhat patch
|
|
Jan F. Chadima |
15914f |
- merged gssapi-role to selinux patch
|
|
Jan F. Chadima |
15914f |
- merged cve-2007_3102 to audit patch
|
|
Jan F. Chadima |
15914f |
- sesftp patch only with WITH_SELINUX flag
|
|
Jan F. Chadima |
56bb42 |
- rearange sesftp patch according to upstream request
|
|
Jan F. Chadima |
15914f |
|
|
Jan F. Chadima |
214b7b |
* Wed Aug 26 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-19
|
|
Jan F. Chadima |
214b7b |
- minor change in sesftp patch
|
|
Jan F. Chadima |
214b7b |
|
|
Tomáš Mráz |
80bcb1 |
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 5.2p1-18
|
|
Tomáš Mráz |
80bcb1 |
- rebuilt with new openssl
|
|
Tomáš Mráz |
80bcb1 |
|
|
Jan F. Chadima |
986cee |
* Thu Jul 30 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-17
|
|
Jan F. Chadima |
986cee |
- Added dnssec support.
|
|
Jan F. Chadima |
986cee |
|
|
Jesse Keating |
42c539 |
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 5.2p1-16
|
|
Jesse Keating |
42c539 |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
|
Jesse Keating |
42c539 |
|
|
Jan F. Chadima |
aa8983 |
* Fri Jul 24 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-15
|
|
Jan F. Chadima |
aa8983 |
- only INTERNAL_SFTP can be home-chrooted
|
|
Jan F. Chadima |
aa8983 |
- save _u and _r parts of context changing to sftpd_t
|
|
Jan F. Chadima |
aa8983 |
|
|
Jan F. Chadima |
3d6b00 |
* Fri Jul 17 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-14
|
|
Jan F. Chadima |
3d6b00 |
- changed internal-sftp context to sftpd_t
|
|
Jan F. Chadima |
3d6b00 |
|
|
Jan F. Chadima |
3d6b00 |
* Fri Jul 3 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-13
|
|
Jan F. Chadima |
3d6b00 |
- changed home length path patch to upstream version
|
|
Jan F. Chadima |
3d6b00 |
|
|
Jan F. Chadima |
3d6b00 |
* Tue Jun 30 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-12
|
|
Jan F. Chadima |
ca05b3 |
- create '~/.ssh/known_hosts' within proper context
|
|
Jan F. Chadima |
ca05b3 |
|
|
Jan F. Chadima |
f4b0b4 |
* Mon Jun 29 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-11
|
|
Jan F. Chadima |
f4b0b4 |
- length of home path in ssh now limited by PATH_MAX
|
|
Jan F. Chadima |
ca05b3 |
- correct timezone with daylight processing
|
|
Jan F. Chadima |
f4b0b4 |
|
|
Jan F. Chadima |
eca05f |
* Sat Jun 27 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-10
|
|
Jan F. Chadima |
eca05f |
- final version chroot %%h (sftp only)
|
|
Jan F. Chadima |
eca05f |
|
|
Jan F. Chadima |
c1398b |
* Tue Jun 23 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-9
|
|
Jan F. Chadima |
c1398b |
- repair broken ls in chroot %%h
|
|
Jan F. Chadima |
c1398b |
|
|
Jan F. Chadima |
ecd846 |
* Fri Jun 12 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-8
|
|
Jan F. Chadima |
e45f2c |
- add XMODIFIERS to exported environment
|
|
Jan F. Chadima |
e45f2c |
|
|
Tomáš Mráz |
76f329 |
* Fri May 15 2009 Tomas Mraz <tmraz@redhat.com> - 5.2p1-6
|
|
Tomáš Mráz |
76f329 |
- allow only protocol 2 in the FIPS mode
|
|
Tomáš Mráz |
76f329 |
|
|
Tomáš Mráz |
685b62 |
* Thu Apr 30 2009 Tomas Mraz <tmraz@redhat.com> - 5.2p1-5
|
|
Tomáš Mráz |
685b62 |
- do integrity verification only on binaries which are part
|
|
Tomáš Mráz |
685b62 |
of the OpenSSH FIPS modules
|
|
Tomáš Mráz |
685b62 |
|
|
Tomáš Mráz |
0a4fa5 |
* Mon Apr 20 2009 Tomas Mraz <tmraz@redhat.com> - 5.2p1-4
|
|
Tomáš Mráz |
0a4fa5 |
- log if FIPS mode is initialized
|
|
Tomáš Mráz |
0a4fa5 |
- make aes-ctr cipher modes work in the FIPS mode
|
|
Tomáš Mráz |
0a4fa5 |
|
|
Jan F. Chadima |
061e21 |
* Fri Apr 3 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-3
|
|
Jan F. Chadima |
061e21 |
- fix logging after chroot
|
|
Jan F. Chadima |
3a94ae |
- enable non root users to use chroot %%h in internal-sftp
|
|
Jan F. Chadima |
061e21 |
|
|
Tomáš Mráz |
0f07b4 |
* Fri Mar 13 2009 Tomas Mraz <tmraz@redhat.com> - 5.2p1-2
|
|
Tomáš Mráz |
0f07b4 |
- add AES-CTR ciphers to the FIPS mode proposal
|
|
Tomáš Mráz |
0f07b4 |
|
|
Tomáš Mráz |
0f07b4 |
* Mon Mar 9 2009 Jan F. Chadima <jchadima@redhat.com> - 5.2p1-1
|
|
Jan F. Chadima |
a3ba41 |
- upgrade to new upstream release
|
|
Jan F. Chadima |
a3ba41 |
|
|
Jesse Keating |
c5f25a |
* Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 5.1p1-8
|
|
Jesse Keating |
c5f25a |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
|
Jesse Keating |
c5f25a |
|
|
Tomáš Mráz |
d93958 |
* Thu Feb 12 2009 Tomas Mraz <tmraz@redhat.com> - 5.1p1-7
|
|
Tomáš Mráz |
d93958 |
- drop obsolete triggers
|
|
Tomáš Mráz |
d93958 |
- add testing FIPS mode support
|
|
Tomáš Mráz |
d93958 |
- LSBize the initscript (#247014)
|
|
Tomáš Mráz |
d93958 |
|
|
Tomáš Mráz |
ff6d59 |
* Fri Jan 30 2009 Tomas Mraz <tmraz@redhat.com> - 5.1p1-6
|
|
Tomáš Mráz |
ff6d59 |
- enable use of ssl engines (#481100)
|
|
Tomáš Mráz |
ff6d59 |
|
|
Tomáš Mráz |
6a5e29 |
* Thu Jan 15 2009 Tomas Mraz <tmraz@redhat.com> - 5.1p1-5
|
|
Tomáš Mráz |
6a5e29 |
- remove obsolete --with-rsh (#478298)
|
|
Tomáš Mráz |
6a5e29 |
- add pam_sepermit to allow blocking confined users in permissive mode
|
|
Tomáš Mráz |
6a5e29 |
(#471746)
|
|
Tomáš Mráz |
6a5e29 |
- move system-auth after pam_selinux in the session stack
|
|
Tomáš Mráz |
6a5e29 |
|
|
Tomáš Mráz |
9e5c6e |
* Thu Dec 11 2008 Tomas Mraz <tmraz@redhat.com> - 5.1p1-4
|
|
Tomáš Mráz |
9e5c6e |
- set FD_CLOEXEC on channel sockets (#475866)
|
|
Tomáš Mráz |
9e5c6e |
- adjust summary
|
|
Tomáš Mráz |
9e5c6e |
- adjust nss-keys patch so it is applicable without selinux patches (#470859)
|
|
Tomáš Mráz |
9e5c6e |
|
|
Tomáš Mráz |
b9a07a |
* Fri Oct 17 2008 Tomas Mraz <tmraz@redhat.com> - 5.1p1-3
|
|
Tomáš Mráz |
b9a07a |
- fix compatibility with some servers (#466818)
|
|
Tomáš Mráz |
b9a07a |
|
|
Tomáš Mráz |
578f0d |
* Thu Jul 31 2008 Tomas Mraz <tmraz@redhat.com> - 5.1p1-2
|
|
Tomáš Mráz |
578f0d |
- fixed zero length banner problem (#457326)
|
|
Tomáš Mráz |
578f0d |
|
|
Tomáš Mráz |
93a474 |
* Wed Jul 23 2008 Tomas Mraz <tmraz@redhat.com> - 5.1p1-1
|
|
Tomáš Mráz |
93a474 |
- upgrade to new upstream release
|
|
Tomáš Mráz |
93a474 |
- fixed a problem with public key authentication and explicitely
|
|
Tomáš Mráz |
93a474 |
specified SELinux role
|
|
Tomáš Mráz |
93a474 |
|
|
Tomáš Mráz |
077dad |
* Wed May 21 2008 Tomas Mraz <tmraz@redhat.com> - 5.0p1-3
|
|
Tomáš Mráz |
077dad |
- pass the connection socket to ssh-keysign (#447680)
|
|
Tomáš Mráz |
077dad |
|
|
Tomáš Mráz |
1961bc |
* Mon May 19 2008 Tomas Mraz <tmraz@redhat.com> - 5.0p1-2
|
|
Tomáš Mráz |
1961bc |
- add LANGUAGE to accepted/sent environment variables (#443231)
|
|
Tomáš Mráz |
1961bc |
- use pam_selinux to obtain the user context instead of doing it itself
|
|
Tomáš Mráz |
1961bc |
- unbreak server keep alive settings (patch from upstream)
|
|
Tomáš Mráz |
1961bc |
- small addition to scp manpage
|
|
Tomáš Mráz |
1961bc |
|
|
Tomáš Mráz |
ca47f6 |
* Mon Apr 7 2008 Tomas Mraz <tmraz@redhat.com> - 5.0p1-1
|
|
Tomáš Mráz |
ca47f6 |
- upgrade to new upstream (#441066)
|
|
Tomáš Mráz |
ca47f6 |
- prevent initscript from killing itself on halt with upstart (#438449)
|
|
Tomáš Mráz |
ca47f6 |
- initscript status should show that the daemon is running
|
|
Tomáš Mráz |
ca47f6 |
only when the main daemon is still alive (#430882)
|
|
Tomáš Mráz |
ca47f6 |
|
|
Tomáš Mráz |
ca47f6 |
* Thu Mar 6 2008 Tomas Mraz <tmraz@redhat.com> - 4.7p1-10
|
|
Tomáš Mráz |
ca47f6 |
- fix race on control master and cleanup stale control socket (#436311)
|
|
Tomáš Mráz |
ca47f6 |
patches by David Woodhouse
|
|
Tomáš Mráz |
ca47f6 |
|
|
Tomáš Mráz |
2cb0e7 |
* Fri Feb 29 2008 Tomas Mraz <tmraz@redhat.com> - 4.7p1-9
|
|
Tomáš Mráz |
2cb0e7 |
- set FD_CLOEXEC on client socket
|
|
Tomáš Mráz |
2cb0e7 |
- apply real fix for window size problem (#286181) from upstream
|
|
Tomáš Mráz |
2cb0e7 |
- apply fix for the spurious failed bind from upstream
|
|
Tomáš Mráz |
2cb0e7 |
- apply open handle leak in sftp fix from upstream
|
|
Tomáš Mráz |
2cb0e7 |
|
|
Dennis Gilmore |
91bdf4 |
* Tue Feb 12 2008 Dennis Gilmore <dennis@ausil.us> - 4.7p1-8
|
|
Dennis Gilmore |
91bdf4 |
- we build for sparcv9 now and it needs -fPIE
|
|
Dennis Gilmore |
91bdf4 |
|
|
Tomáš Mráz |
993dd1 |
* Thu Jan 3 2008 Tomas Mraz <tmraz@redhat.com> - 4.7p1-7
|
|
Tomáš Mráz |
993dd1 |
- fix gssapi auth with explicit selinux role requested (#427303) - patch
|
|
Tomáš Mráz |
993dd1 |
by Nalin Dahyabhai
|
|
Tomáš Mráz |
993dd1 |
|
|
Tomáš Mráz |
3457e3 |
* Tue Dec 4 2007 Tomas Mraz <tmraz@redhat.com> - 4.7p1-6
|
|
Tomáš Mráz |
2cc09c |
- explicitly source krb5-devel profile script
|
|
Tomáš Mráz |
3457e3 |
|
|
Tomáš Mráz |
3457e3 |
* Tue Dec 04 2007 Release Engineering <rel-eng at fedoraproject dot org> - 4.7p1-5
|
|
Tomáš Mráz |
3457e3 |
- Rebuild for openssl bump
|
|
Jesse Keating |
9eac42 |
|
|
Tomáš Mráz |
b1ffa0 |
* Tue Nov 20 2007 Tomas Mraz <tmraz@redhat.com> - 4.7p1-4
|
|
Tomáš Mráz |
8b8c4d |
- do not copy /etc/localtime into the chroot as it is not
|
|
Tomáš Mráz |
8b8c4d |
necessary anymore (#193184)
|
|
Tomáš Mráz |
8b8c4d |
- call setkeycreatecon when selinux context is established
|
|
Tomáš Mráz |
8b8c4d |
- test for NULL privk when freeing key (#391871) - patch by
|
|
Tomáš Mráz |
8b8c4d |
Pierre Ossman
|
|
Tomáš Mráz |
8b8c4d |
|
|
Tomáš Mráz |
95be08 |
* Mon Sep 17 2007 Tomas Mraz <tmraz@redhat.com> - 4.7p1-2
|
|
Tomáš Mráz |
95be08 |
- revert default window size adjustments (#286181)
|
|
Tomáš Mráz |
95be08 |
|
|
Tomáš Mráz |
c9833c |
* Thu Sep 6 2007 Tomas Mraz <tmraz@redhat.com> - 4.7p1-1
|
|
Tomáš Mráz |
c9833c |
- upgrade to latest upstream
|
|
Tomáš Mráz |
c9833c |
- use libedit in sftp (#203009)
|
|
Tomáš Mráz |
c9833c |
- fixed audit log injection problem (CVE-2007-3102)
|
|
Tomáš Mráz |
c9833c |
|
|
Tomáš Mráz |
f37073 |
* Thu Aug 9 2007 Tomas Mraz <tmraz@redhat.com> - 4.5p1-8
|
|
Tomáš Mráz |
f37073 |
- fix sftp client problems on write error (#247802)
|
|
Tomáš Mráz |
f37073 |
- allow disabling autocreation of server keys (#235466)
|
|
Tomáš Mráz |
f37073 |
|
|
Tomáš Mráz |
c3274c |
* Wed Jun 20 2007 Tomas Mraz <tmraz@redhat.com> - 4.5p1-7
|
|
Tomáš Mráz |
c3274c |
- experimental NSS keys support
|
|
Tomáš Mráz |
c3274c |
- correctly setup context when empty level requested (#234951)
|
|
Tomáš Mráz |
c3274c |
|
|
Tomáš Mráz |
7210c0 |
* Tue Mar 20 2007 Tomas Mraz <tmraz@redhat.com> - 4.5p1-6
|
|
Tomáš Mráz |
7210c0 |
- mls level check must be done with default role same as requested
|
|
Tomáš Mráz |
7210c0 |
|
|
Tomáš Mráz |
b40baa |
* Mon Mar 19 2007 Tomas Mraz <tmraz@redhat.com> - 4.5p1-5
|
|
Tomáš Mráz |
b40baa |
- make profile.d/gnome-ssh-askpass.* regular files (#226218)
|
|
Tomáš Mráz |
b40baa |
|
|
Tomáš Mráz |
546fdd |
* Thu Feb 27 2007 Tomas Mraz <tmraz@redhat.com> - 4.5p1-4
|
|
Tomáš Mráz |
546fdd |
- reject connection if requested mls range is not obtained (#229278)
|
|
Tomáš Mráz |
546fdd |
|
|
Tomáš Mráz |
9d725b |
* Wed Feb 22 2007 Tomas Mraz <tmraz@redhat.com> - 4.5p1-3
|
|
Tomáš Mráz |
9d725b |
- improve Buildroot
|
|
Tomáš Mráz |
9d725b |
- remove duplicate /etc/ssh from files
|
|
Tomáš Mráz |
9d725b |
|
|
Tomáš Mráz |
c2b35d |
* Tue Jan 16 2007 Tomas Mraz <tmraz@redhat.com> - 4.5p1-2
|
|
Tomáš Mráz |
c2b35d |
- support mls on labeled networks (#220487)
|
|
Tomáš Mráz |
c2b35d |
- support mls level selection on unlabeled networks
|
|
Tomáš Mráz |
c2b35d |
- allow / in usernames in scp (only beginning /, ./, and ../ is special)
|
|
Tomáš Mráz |
c2b35d |
|
|
Tomáš Mráz |
ad07b9 |
* Thu Dec 21 2006 Tomas Mraz <tmraz@redhat.com> - 4.5p1-1
|
|
Tomáš Mráz |
ad07b9 |
- update to 4.5p1 (#212606)
|
|
Tomáš Mráz |
ad07b9 |
|
|
Tomáš Mráz |
914284 |
* Thu Nov 30 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-14
|
|
Tomáš Mráz |
914284 |
- fix gssapi with DNS loadbalanced clusters (#216857)
|
|
Tomáš Mráz |
914284 |
|
|
Tomáš Mráz |
d63dc6 |
* Tue Nov 28 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-13
|
|
Tomáš Mráz |
d63dc6 |
- improved pam_session patch so it doesn't regress, the patch is necessary
|
|
Tomáš Mráz |
d63dc6 |
for the pam_session_close to be called correctly as uid 0
|
|
Tomáš Mráz |
d63dc6 |
|
|
Tomáš Mráz |
ad61b1 |
* Fri Nov 10 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-12
|
|
Tomáš Mráz |
ad61b1 |
- CVE-2006-5794 - properly detect failed key verify in monitor (#214641)
|
|
Tomáš Mráz |
ad61b1 |
|
|
Tomáš Mráz |
19675a |
* Thu Nov 2 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-11
|
|
Tomáš Mráz |
19675a |
- merge sshd initscript patches
|
|
Tomáš Mráz |
19675a |
- kill all ssh sessions when stop is called in halt or reboot runlevel
|
|
Tomáš Mráz |
19675a |
- remove -TERM option from killproc so we don't race on sshd restart
|
|
Tomáš Mráz |
19675a |
|
|
Tomáš Mráz |
7114c4 |
* Mon Oct 2 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-10
|
|
Tomáš Mráz |
7114c4 |
- improve gssapi-no-spnego patch (#208102)
|
|
Tomáš Mráz |
7114c4 |
- CVE-2006-4924 - prevent DoS on deattack detector (#207957)
|
|
Tomáš Mráz |
7114c4 |
- CVE-2006-5051 - don't call cleanups from signal handler (#208459)
|
|
Tomáš Mráz |
7114c4 |
|
|
Tomáš Mráz |
ac4818 |
* Wed Aug 23 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-9
|
|
Tomáš Mráz |
ac4818 |
- don't report duplicate syslog messages, use correct local time (#189158)
|
|
Tomáš Mráz |
ac4818 |
- don't allow spnego as gssapi mechanism (from upstream)
|
|
Tomáš Mráz |
ac4818 |
- fixed memleaks found by Coverity (from upstream)
|
|
Tomáš Mráz |
ac4818 |
- allow ip options except source routing (#202856) (patch by HP)
|
|
Tomáš Mráz |
ac4818 |
|
|
Tomáš Mráz |
c12d6b |
* Tue Aug 8 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-8
|
|
Tomáš Mráz |
c12d6b |
- drop the pam-session patch from the previous build (#201341)
|
|
Tomáš Mráz |
c12d6b |
- don't set IPV6_V6ONLY sock opt when listening on wildcard addr (#201594)
|
|
Tomáš Mráz |
c12d6b |
|
|
Tomáš Mráz |
762e40 |
* Thu Jul 20 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-7
|
|
Tomáš Mráz |
762e40 |
- dropped old ssh obsoletes
|
|
Tomáš Mráz |
762e40 |
- call the pam_session_open/close from the monitor when privsep is
|
|
Tomáš Mráz |
762e40 |
enabled so it is always called as root (patch by Darren Tucker)
|
|
Tomáš Mráz |
762e40 |
|
|
Tomáš Mráz |
ef3242 |
* Mon Jul 17 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-6
|
|
Tomáš Mráz |
ef3242 |
- improve selinux patch (by Jan Kiszka)
|
|
Tomáš Mráz |
ef3242 |
- upstream patch for buffer append space error (#191940)
|
|
Tomáš Mráz |
ef3242 |
- fixed typo in configure.ac (#198986)
|
|
Tomáš Mráz |
ef3242 |
- added pam_keyinit to pam configuration (#198628)
|
|
Tomáš Mráz |
ef3242 |
- improved error message when askpass dialog cannot grab
|
|
Tomáš Mráz |
ef3242 |
keyboard input (#198332)
|
|
Tomáš Mráz |
ef3242 |
- buildrequires xauth instead of xorg-x11-xauth
|
|
Tomáš Mráz |
ef3242 |
- fixed a few rpmlint warnings
|
|
Tomáš Mráz |
ef3242 |
|
|
Jesse Keating |
d446e9 |
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 4.3p2-5.1
|
|
Jesse Keating |
d446e9 |
- rebuild
|
|
Jesse Keating |
d446e9 |
|
|
Tomáš Mráz |
7e1c55 |
* Fri Apr 14 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-5
|
|
Tomáš Mráz |
7e1c55 |
- don't request pseudoterminal allocation if stdin is not tty (#188983)
|
|
Tomáš Mráz |
7e1c55 |
|
|
Tomáš Mráz |
5f29ac |
* Thu Mar 2 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-4
|
|
Tomáš Mráz |
5f29ac |
- allow access if audit is not compiled in kernel (#183243)
|
|
Tomáš Mráz |
5f29ac |
|
|
Tomáš Mráz |
e01ed6 |
* Fri Feb 24 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-3
|
|
Tomáš Mráz |
e01ed6 |
- enable the subprocess in chroot to send messages to system log
|
|
Tomáš Mráz |
e01ed6 |
- sshd should prevent login if audit call fails
|
|
Tomáš Mráz |
e01ed6 |
|
|
Tomáš Mráz |
b5e849 |
* Tue Feb 21 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-2
|
|
Tomáš Mráz |
b5e849 |
- print error from scp if not remote (patch by Bjorn Augustsson #178923)
|
|
Tomáš Mráz |
b5e849 |
|
|
Tomáš Mráz |
f16d34 |
* Mon Feb 13 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p2-1
|
|
Tomáš Mráz |
f16d34 |
- new version
|
|
Tomáš Mráz |
f16d34 |
|
|
Jesse Keating |
3de0ff |
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 4.3p1-2.1
|
|
Jesse Keating |
3de0ff |
- bump again for double-long bug on ppc(64)
|
|
Jesse Keating |
3de0ff |
|
|
Tomáš Mráz |
f223eb |
* Mon Feb 6 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p1-2
|
|
Tomáš Mráz |
f223eb |
- fixed another place where syslog was called in signal handler
|
|
Tomáš Mráz |
f223eb |
- pass locale environment variables to server, accept them there (#179851)
|
|
Tomáš Mráz |
f223eb |
|
|
Tomáš Mráz |
fd638a |
* Wed Feb 1 2006 Tomas Mraz <tmraz@redhat.com> - 4.3p1-1
|
|
Tomáš Mráz |
fd638a |
- new version, dropped obsolete patches
|
|
Tomáš Mráz |
fd638a |
|
|
Tomáš Mráz |
bb93ea |
* Tue Dec 20 2005 Tomas Mraz <tmraz@redhat.com> - 4.2p1-10
|
|
Tomáš Mráz |
bb93ea |
- hopefully make the askpass dialog less confusing (#174765)
|
|
Tomáš Mráz |
bb93ea |
|
|
Jesse Keating |
6e3ae4 |
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
|
|
Jesse Keating |
6e3ae4 |
- rebuilt
|
|
Jesse Keating |
6e3ae4 |
|
|
Tomáš Mráz |
09d7e6 |
* Tue Nov 22 2005 Tomas Mraz <tmraz@redhat.com> - 4.2p1-9
|
|
Tomáš Mráz |
09d7e6 |
- drop x11-ssh-askpass from the package
|
|
Tomáš Mráz |
09d7e6 |
- drop old build_6x ifs from spec file
|
|
Tomáš Mráz |
09d7e6 |
- improve gnome-ssh-askpass so it doesn't reveal number of passphrase
|
|
Tomáš Mráz |
09d7e6 |
characters to person looking at the display
|
|
Tomáš Mráz |
09d7e6 |
- less hackish fix for the __USE_GNU problem
|
|
Tomáš Mráz |
09d7e6 |
|
|
Nalin Dahyabhai |
05c945 |
* Fri Nov 18 2005 Nalin Dahyabhai <nalin@redhat.com> - 4.2p1-8
|
|
Nalin Dahyabhai |
05c945 |
- work around missing gccmakedep by wrapping makedepend in a local script
|
|
Nalin Dahyabhai |
db2565 |
- remove now-obsolete build dependency on "xauth"
|
|
Nalin Dahyabhai |
05c945 |
|
|
Warren Togami |
d40b8c |
* Thu Nov 17 2005 Warren Togami <wtogami@redhat.com> - 4.2p1-7
|
|
Warren Togami |
19e22a |
- xorg-x11-devel -> libXt-devel
|
|
Warren Togami |
19e22a |
- rebuild for new xauth location so X forwarding works
|
|
Warren Togami |
0e5862 |
- buildreq audit-libs-devel
|
|
Warren Togami |
0e5862 |
- buildreq automake for aclocal
|
|
Warren Togami |
0e5862 |
- buildreq imake for xmkmf
|
|
Warren Togami |
0e5862 |
- -D_GNU_SOURCE in flags in order to get it to build
|
|
Warren Togami |
0e5862 |
Ugly hack to workaround openssh defining __USE_GNU which is
|
|
Warren Togami |
0e5862 |
not allowed and causes problems according to Ulrich Drepper
|
|
Warren Togami |
0e5862 |
fix this the correct way after FC5test1
|
|
Warren Togami |
d40b8c |
|
|
Jeremy Katz |
35e1e0 |
* Wed Nov 9 2005 Jeremy Katz <katzj@redhat.com> - 4.2p1-6
|
|
Jeremy Katz |
35e1e0 |
- rebuild against new openssl
|
|
Jeremy Katz |
35e1e0 |
|
|
Tomáš Mráz |
fc72c2 |
* Fri Oct 28 2005 Tomas Mraz <tmraz@redhat.com> 4.2p1-5
|
|
Tomáš Mráz |
fc72c2 |
- put back the possibility to skip SELinux patch
|
|
Tomáš Mráz |
fc72c2 |
- add patch for user login auditing by Steve Grubb
|
|
Tomáš Mráz |
fc72c2 |
|
|
Daniel J Walsh |
531256 |
* Tue Oct 18 2005 Dan Walsh <dwalsh@redhat.com> 4.2p1-4
|
|
Daniel J Walsh |
531256 |
- Change selinux patch to use get_default_context_with_rolelevel in libselinux.
|
|
Daniel J Walsh |
531256 |
|
|
Daniel J Walsh |
0e07ed |
* Thu Oct 13 2005 Tomas Mraz <tmraz@redhat.com> 4.2p1-3
|
|
Daniel J Walsh |
0e07ed |
- Update selinux patch to use getseuserbyname
|
|
Daniel J Walsh |
0e07ed |
|
|
Tomáš Mráz |
5bab48 |
* Fri Oct 7 2005 Tomas Mraz <tmraz@redhat.com> 4.2p1-2
|
|
Tomáš Mráz |
5bab48 |
- use include instead of pam_stack in pam config
|
|
Tomáš Mráz |
fd638a |
- use fork+exec instead of system in scp - CVE-2006-0225 (#168167)
|
|
Tomáš Mráz |
5bab48 |
- upstream patch for displaying authentication errors
|
|
Tomáš Mráz |
5bab48 |
|
|
Tomáš Mráz |
de2e7a |
* Tue Sep 06 2005 Tomas Mraz <tmraz@redhat.com> 4.2p1-1
|
|
Tomáš Mráz |
de2e7a |
- upgrade to a new upstream version
|
|
Tomáš Mráz |
de2e7a |
|
|
Tomáš Mráz |
f94d8f |
* Tue Aug 16 2005 Tomas Mraz <tmraz@redhat.com> 4.1p1-5
|
|
Tomáš Mráz |
f94d8f |
- use x11-ssh-askpass if openssh-askpass-gnome is not installed (#165207)
|
|
Tomáš Mráz |
f94d8f |
- install ssh-copy-id from contrib (#88707)
|
|
Tomáš Mráz |
f94d8f |
|
|
Tomáš Mráz |
fa1481 |
* Wed Jul 27 2005 Tomas Mraz <tmraz@redhat.com> 4.1p1-4
|
|
Tomáš Mráz |
fa1481 |
- don't deadlock on exit with multiple X forwarded channels (#152432)
|
|
Tomáš Mráz |
fa1481 |
- don't use X11 port which can't be bound on all IP families (#163732)
|
|
Tomáš Mráz |
fa1481 |
|
|
Tomáš Mráz |
79c968 |
* Wed Jun 29 2005 Tomas Mraz <tmraz@redhat.com> 4.1p1-3
|
|
Tomáš Mráz |
79c968 |
- fix small regression caused by the nologin patch (#161956)
|
|
Tomáš Mráz |
79c968 |
- fix race in getpeername error checking (mindrot #1054)
|
|
Tomáš Mráz |
79c968 |
|
|
Tomáš Mráz |
9ac1c8 |
* Thu Jun 9 2005 Tomas Mraz <tmraz@redhat.com> 4.1p1-2
|
|
Tomáš Mráz |
9ac1c8 |
- use only pam_nologin for nologin testing
|
|
Tomáš Mráz |
9ac1c8 |
|
|
Tomáš Mráz |
9cf4ab |
* Mon Jun 6 2005 Tomas Mraz <tmraz@redhat.com> 4.1p1-1
|
|
Tomáš Mráz |
9cf4ab |
- upgrade to a new upstream version
|
|
Tomáš Mráz |
9cf4ab |
- call pam_loginuid as a pam session module
|
|
Tomáš Mráz |
9cf4ab |
|
|
Tomáš Mráz |
9c5771 |
* Mon May 16 2005 Tomas Mraz <tmraz@redhat.com> 4.0p1-3
|
|
Tomáš Mráz |
9c5771 |
- link libselinux only to sshd (#157678)
|
|
Tomáš Mráz |
9c5771 |
|
|
Tomáš Mráz |
1e27c0 |
* Mon Apr 4 2005 Tomas Mraz <tmraz@redhat.com> 4.0p1-2
|
|
Tomáš Mráz |
1e27c0 |
- fixed Local/RemoteForward in ssh_config.5 manpage
|
|
Tomáš Mráz |
1e27c0 |
- fix fatal when Local/RemoteForward is used and scp run (#153258)
|
|
Tomáš Mráz |
1e27c0 |
- don't leak user validity when using krb5 authentication
|
|
Tomáš Mráz |
1e27c0 |
|
|
Tomáš Mráz |
5de53f |
* Thu Mar 24 2005 Tomas Mraz <tmraz@redhat.com> 4.0p1-1
|
|
Tomáš Mráz |
5de53f |
- upgrade to 4.0p1
|
|
Tomáš Mráz |
5de53f |
- remove obsolete groups patch
|
|
Tomáš Mráz |
5de53f |
|
|
Elliot Lee |
683f4f |
* Wed Mar 16 2005 Elliot Lee <sopwith@redhat.com>
|
|
Elliot Lee |
683f4f |
- rebuilt
|
|
Elliot Lee |
683f4f |
|
|
Nalin Dahyabhai |
4f9d64 |
* Mon Feb 28 2005 Nalin Dahyabhai <nalin@redhat.com> 3.9p1-12
|
|
Nalin Dahyabhai |
4f9d64 |
- rebuild so that configure can detect that krb5_init_ets is gone now
|
|
Nalin Dahyabhai |
4f9d64 |
|
|
Tomáš Mráz |
8d62bf |
* Mon Feb 21 2005 Tomas Mraz <tmraz@redhat.com> 3.9p1-11
|
|
Tomáš Mráz |
d048f9 |
- don't call syslog in signal handler
|
|
Tomáš Mráz |
8d62bf |
- allow password authentication when copying from remote
|
|
Tomáš Mráz |
8d62bf |
to remote machine (#103364)
|
|
Tomáš Mráz |
d048f9 |
|
|
Tomáš Mráz |
504978 |
* Wed Feb 9 2005 Tomas Mraz <tmraz@redhat.com>
|
|
Tomáš Mráz |
504978 |
- add spaces to messages in initscript (#138508)
|
|
Tomáš Mráz |
504978 |
|
|
Tomáš Mráz |
4c55a5 |
* Tue Feb 8 2005 Tomas Mraz <tmraz@redhat.com> 3.9p1-10
|
|
Tomáš Mráz |
4c55a5 |
- enable trusted forwarding by default if X11 forwarding is
|
|
Tomáš Mráz |
4c55a5 |
required by user (#137685 and duplicates)
|
|
Tomáš Mráz |
4c55a5 |
- disable protocol 1 support by default in sshd server config (#88329)
|
|
Tomáš Mráz |
4c55a5 |
- keep the gnome-askpass dialog above others (#69131)
|
|
Tomáš Mráz |
4c55a5 |
|
|
Tomáš Mráz |
5a8f6b |
* Fri Feb 4 2005 Tomas Mraz <tmraz@redhat.com>
|
|
Tomáš Mráz |
4c55a5 |
- change permissions on pam.d/sshd to 0644 (#64697)
|
|
Tomáš Mráz |
5a8f6b |
- patch initscript so it doesn't kill opened sessions if
|
|
Tomáš Mráz |
4c55a5 |
the sshd daemon isn't running anymore (#67624)
|
|
Tomáš Mráz |
5a8f6b |
|
|
Bill Nottingham |
ede9e0 |
* Mon Jan 3 2005 Bill Nottingham <notting@redhat.com> 3.9p1-9
|
|
Bill Nottingham |
ede9e0 |
- don't use initlog
|
|
Bill Nottingham |
ede9e0 |
|
|
Thomas Woerner |
b56212 |
* Mon Nov 29 2004 Thomas Woerner <twoerner@redhat.com> 3.9p1-8.1
|
|
Thomas Woerner |
b56212 |
- fixed PIE build for all architectures
|
|
Thomas Woerner |
b56212 |
|
|
Nalin Dahyabhai |
8ccaa9 |
* Mon Oct 4 2004 Nalin Dahyabhai <nalin@redhat.com> 3.9p1-8
|
|
Nalin Dahyabhai |
8ccaa9 |
- add a --enable-vendor-patchlevel option which allows a ShowPatchLevel option
|
|
Nalin Dahyabhai |
8ccaa9 |
to enable display of a vendor patch level during version exchange (#120285)
|
|
Nalin Dahyabhai |
8ccaa9 |
- configure with --disable-strip to build useful debuginfo subpackages
|
|
Nalin Dahyabhai |
8ccaa9 |
|
|
Bill Nottingham |
c92dff |
* Mon Sep 20 2004 Bill Nottingham <notting@redhat.com> 3.9p1-7
|
|
Bill Nottingham |
c92dff |
- when using gtk2 for askpass, don't buildprereq gnome-libs-devel
|
|
Bill Nottingham |
c92dff |
|
|
Nalin Dahyabhai |
567e63 |
* Tue Sep 14 2004 Nalin Dahyabhai <nalin@redhat.com> 3.9p1-6
|
|
Nalin Dahyabhai |
567e63 |
- build
|
|
Nalin Dahyabhai |
567e63 |
|
|
Nalin Dahyabhai |
deb1e4 |
* Mon Sep 13 2004 Nalin Dahyabhai <nalin@redhat.com>
|
|
Nalin Dahyabhai |
deb1e4 |
- disable ACSS support
|
|
Nalin Dahyabhai |
deb1e4 |
|
|
Daniel J Walsh |
c82df7 |
* Thu Sep 2 2004 Daniel Walsh <dwalsh@redhat.com> 3.9p1-5
|
|
Daniel J Walsh |
c82df7 |
- Change selinux patch to use get_default_context_with_role in libselinux.
|
|
Daniel J Walsh |
c82df7 |
|
|
Daniel J Walsh |
c82df7 |
* Thu Sep 2 2004 Daniel Walsh <dwalsh@redhat.com> 3.9p1-4
|
|
Daniel J Walsh |
c82df7 |
- Fix patch
|
|
Daniel J Walsh |
c82df7 |
* Bad debug statement.
|
|
Daniel J Walsh |
c82df7 |
* Handle root/sysadm_r:kerberos
|
|
Daniel J Walsh |
c82df7 |
|
|
cvsdist |
29a4bf |
* Thu Sep 2 2004 Daniel Walsh <dwalsh@redhat.com> 3.9p1-3
|
|
cvsdist |
29a4bf |
- Modify Colin Walter's patch to allow specifying rule during connection
|
|
cvsdist |
29a4bf |
|
|
cvsdist |
d7affc |
* Tue Aug 31 2004 Daniel Walsh <dwalsh@redhat.com> 3.9p1-2
|
|
cvsdist |
d7affc |
- Fix TTY handling for SELinux
|
|
cvsdist |
d7affc |
|
|
cvsdist |
653818 |
* Tue Aug 24 2004 Daniel Walsh <dwalsh@redhat.com> 3.9p1-1
|
|
cvsdist |
653818 |
- Update to upstream
|
|
cvsdist |
653818 |
|
|
cvsdist |
5ef607 |
* Sun Aug 1 2004 Alan Cox <alan@redhat.com> 3.8.1p1-5
|
|
cvsdist |
5ef607 |
- Apply buildreq fixup patch (#125296)
|
|
cvsdist |
5ef607 |
|
|
cvsdist |
9d5a53 |
* Tue Jun 15 2004 Daniel Walsh <dwalsh@redhat.com> 3.8.1p1-4
|
|
cvsdist |
9d5a53 |
- Clean up patch for upstream submission.
|
|
cvsdist |
9d5a53 |
|
|
cvsdist |
de28cc |
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
|
|
cvsdist |
de28cc |
- rebuilt
|
|
cvsdist |
de28cc |
|
|
cvsdist |
e965c7 |
* Wed Jun 9 2004 Daniel Walsh <dwalsh@redhat.com> 3.8.1p1-2
|
|
cvsdist |
e965c7 |
- Remove use of pam_selinux and patch selinux in directly.
|
|
cvsdist |
e965c7 |
|
|
cvsdist |
ffdec5 |
* Mon Jun 7 2004 Nalin Dahyabhai <nalin@redhat.com> 3.8.1p1-1
|
|
cvsdist |
ffdec5 |
- request gssapi-with-mic by default but not delegation (flag day for anyone
|
|
cvsdist |
ffdec5 |
who used previous gssapi patches)
|
|
cvsdist |
ffdec5 |
- no longer request x11 forwarding by default
|
|
cvsdist |
ffdec5 |
|
|
cvsdist |
162c7f |
* Thu Jun 3 2004 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-36
|
|
cvsdist |
162c7f |
- Change pam file to use open and close with pam_selinux
|
|
cvsdist |
162c7f |
|
|
cvsdist |
ffdec5 |
* Tue Jun 1 2004 Nalin Dahyabhai <nalin@redhat.com> 3.8.1p1-0
|
|
cvsdist |
ffdec5 |
- update to 3.8.1p1
|
|
cvsdist |
ffdec5 |
- add workaround from CVS to reintroduce passwordauth using pam
|
|
cvsdist |
ffdec5 |
|
|
cvsdist |
73e10e |
* Tue Jun 1 2004 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-35
|
|
cvsdist |
73e10e |
- Remove CLOSEXEC on STDERR
|
|
cvsdist |
73e10e |
|
|
cvsdist |
8f8720 |
* Tue Mar 16 2004 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-34
|
|
cvsdist |
8f8720 |
|
|
cvsdist |
8f8720 |
* Wed Mar 03 2004 Phil Knirsch <pknirsch@redhat.com> 3.6.1p2-33.30.1
|
|
cvsdist |
8f8720 |
- Built RHLE3 U2 update package.
|
|
cvsdist |
8f8720 |
|
|
cvsdist |
8f8720 |
* Wed Mar 3 2004 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-33
|
|
cvsdist |
8f8720 |
- Close file descriptors on exec
|
|
cvsdist |
8f8720 |
|
|
cvsdist |
8f8720 |
* Mon Mar 1 2004 Thomas Woerner <twoerner@redhat.com> 3.6.1p2-32
|
|
cvsdist |
8f8720 |
- fixed pie build
|
|
cvsdist |
8f8720 |
|
|
cvsdist |
8f8720 |
* Thu Feb 26 2004 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-31
|
|
cvsdist |
8f8720 |
- Add restorecon to startup scripts
|
|
cvsdist |
8f8720 |
|
|
cvsdist |
8f8720 |
* Thu Feb 26 2004 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-30
|
|
cvsdist |
8f8720 |
- Add multiple qualified to openssh
|
|
cvsdist |
8f8720 |
|
|
cvsdist |
8f8720 |
* Mon Feb 23 2004 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-29
|
|
cvsdist |
8f8720 |
- Eliminate selinux code and use pam_selinux
|
|
cvsdist |
8f8720 |
|
|
cvsdist |
8f8720 |
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
|
|
cvsdist |
8f8720 |
- rebuilt
|
|
cvsdist |
8f8720 |
|
|
cvsdist |
fe98d8 |
* Mon Jan 26 2004 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-27
|
|
cvsdist |
fe98d8 |
- turn off pie on ppc
|
|
cvsdist |
fe98d8 |
|
|
cvsdist |
fe98d8 |
* Mon Jan 26 2004 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-26
|
|
cvsdist |
fe98d8 |
- fix is_selinux_enabled
|
|
cvsdist |
fe98d8 |
|
|
cvsdist |
fe98d8 |
* Wed Jan 14 2004 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-25
|
|
cvsdist |
fe98d8 |
- Rebuild to grab shared libselinux
|
|
cvsdist |
fe98d8 |
|
|
cvsdist |
fe98d8 |
* Wed Dec 3 2003 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-24
|
|
cvsdist |
fe98d8 |
- turn on selinux
|
|
cvsdist |
fe98d8 |
|
|
cvsdist |
fe98d8 |
* Tue Nov 18 2003 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
fe98d8 |
- un#ifdef out code for reporting password expiration in non-privsep
|
|
cvsdist |
fe98d8 |
mode (#83585)
|
|
cvsdist |
fe98d8 |
|
|
cvsdist |
fe98d8 |
* Mon Nov 10 2003 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
fe98d8 |
- add machinery to build with/without -fpie/-pie, default to doing so
|
|
cvsdist |
fe98d8 |
|
|
cvsdist |
fe98d8 |
* Thu Nov 06 2003 David Woodhouse <dwmw2@redhat.com> 3.6.1p2-23
|
|
cvsdist |
fe98d8 |
- Don't whinge about getsockopt failing (#109161)
|
|
cvsdist |
fe98d8 |
|
|
cvsdist |
fe98d8 |
* Fri Oct 24 2003 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
fe98d8 |
- add missing buildprereq on zlib-devel (#104558)
|
|
cvsdist |
fe98d8 |
|
|
cvsdist |
fe98d8 |
* Mon Oct 13 2003 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-22
|
|
cvsdist |
fe98d8 |
- turn selinux off
|
|
cvsdist |
fe98d8 |
|
|
cvsdist |
fe98d8 |
* Mon Oct 13 2003 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-21.sel
|
|
cvsdist |
fe98d8 |
- turn selinux on
|
|
cvsdist |
fe98d8 |
|
|
cvsdist |
fe98d8 |
* Fri Sep 19 2003 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-21
|
|
cvsdist |
fe98d8 |
- turn selinux off
|
|
cvsdist |
fe98d8 |
|
|
cvsdist |
fe98d8 |
* Fri Sep 19 2003 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-20.sel
|
|
cvsdist |
fe98d8 |
- turn selinux on
|
|
cvsdist |
fe98d8 |
|
|
cvsdist |
fe98d8 |
* Fri Sep 19 2003 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
fe98d8 |
- additional fix for apparently-never-happens double-free in buffer_free()
|
|
cvsdist |
fe98d8 |
- extend fix for #103998 to cover SSH1
|
|
cvsdist |
fe98d8 |
|
|
cvsdist |
fe98d8 |
* Wed Sep 17 2003 Nalin Dahyabhai <nalin@redhat.com> 3.6.1p2-19
|
|
cvsdist |
092b0a |
- rebuild
|
|
cvsdist |
092b0a |
|
|
cvsdist |
fe98d8 |
* Wed Sep 17 2003 Nalin Dahyabhai <nalin@redhat.com> 3.6.1p2-18
|
|
cvsdist |
903730 |
- additional buffer manipulation cleanups from Solar Designer
|
|
cvsdist |
903730 |
|
|
cvsdist |
092b0a |
* Wed Sep 17 2003 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-17
|
|
cvsdist |
092b0a |
- turn selinux off
|
|
cvsdist |
092b0a |
|
|
cvsdist |
092b0a |
* Wed Sep 17 2003 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-16.sel
|
|
cvsdist |
092b0a |
- turn selinux on
|
|
cvsdist |
092b0a |
|
|
cvsdist |
fe98d8 |
* Tue Sep 16 2003 Bill Nottingham <notting@redhat.com> 3.6.1p2-15
|
|
cvsdist |
092b0a |
- rebuild
|
|
cvsdist |
092b0a |
|
|
cvsdist |
fe98d8 |
* Tue Sep 16 2003 Bill Nottingham <notting@redhat.com> 3.6.1p2-14
|
|
cvsdist |
903730 |
- additional buffer manipulation fixes (CAN-2003-0695)
|
|
cvsdist |
44a5d2 |
|
|
cvsdist |
092b0a |
* Tue Sep 16 2003 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-13.sel
|
|
cvsdist |
092b0a |
- turn selinux on
|
|
cvsdist |
092b0a |
|
|
cvsdist |
fe98d8 |
* Tue Sep 16 2003 Nalin Dahyabhai <nalin@redhat.com> 3.6.1p2-12
|
|
cvsdist |
092b0a |
- rebuild
|
|
cvsdist |
092b0a |
|
|
cvsdist |
fe98d8 |
* Tue Sep 16 2003 Nalin Dahyabhai <nalin@redhat.com> 3.6.1p2-11
|
|
cvsdist |
6eaa41 |
- apply patch to store the correct buffer size in allocated buffers
|
|
cvsdist |
6eaa41 |
(CAN-2003-0693)
|
|
cvsdist |
6eaa41 |
- skip the initial PAM authentication attempt with an empty password if
|
|
cvsdist |
6eaa41 |
empty passwords are not permitted in our configuration (#103998)
|
|
cvsdist |
6eaa41 |
|
|
cvsdist |
092b0a |
* Fri Sep 5 2003 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-10
|
|
cvsdist |
092b0a |
- turn selinux off
|
|
cvsdist |
092b0a |
|
|
cvsdist |
092b0a |
* Fri Sep 5 2003 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-9.sel
|
|
cvsdist |
092b0a |
- turn selinux on
|
|
cvsdist |
092b0a |
|
|
cvsdist |
092b0a |
* Tue Aug 26 2003 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-8
|
|
cvsdist |
092b0a |
- Add BuildPreReq gtk2-devel if gtk2
|
|
cvsdist |
092b0a |
|
|
cvsdist |
092b0a |
* Tue Aug 12 2003 Nalin Dahyabhai <nalin@redhat.com> 3.6.1p2-7
|
|
cvsdist |
092b0a |
- rebuild
|
|
cvsdist |
092b0a |
|
|
cvsdist |
092b0a |
* Tue Aug 12 2003 Nalin Dahyabhai <nalin@redhat.com> 3.6.1p2-6
|
|
cvsdist |
092b0a |
- modify patch which clears the supplemental group list at startup to only
|
|
cvsdist |
092b0a |
complain if setgroups() fails if sshd has euid == 0
|
|
cvsdist |
092b0a |
- handle krb5 installed in %%{_prefix} or elsewhere by using krb5-config
|
|
cvsdist |
092b0a |
|
|
cvsdist |
092b0a |
* Tue Jul 28 2003 Daniel Walsh <dwalsh@redhat.com> 3.6.1p2-5
|
|
cvsdist |
092b0a |
- Add SELinux patch
|
|
cvsdist |
092b0a |
|
|
cvsdist |
092b0a |
* Tue Jul 22 2003 Nalin Dahyabhai <nalin@redhat.com> 3.6.1p2-4
|
|
cvsdist |
092b0a |
- rebuild
|
|
cvsdist |
092b0a |
|
|
cvsdist |
092b0a |
* Wed Jun 16 2003 Nalin Dahyabhai <nalin@redhat.com> 3.6.1p2-3
|
|
cvsdist |
092b0a |
- rebuild
|
|
cvsdist |
092b0a |
|
|
cvsdist |
092b0a |
* Wed Jun 16 2003 Nalin Dahyabhai <nalin@redhat.com> 3.6.1p2-2
|
|
cvsdist |
092b0a |
- rebuild
|
|
cvsdist |
092b0a |
|
|
cvsdist |
092b0a |
* Thu Jun 5 2003 Nalin Dahyabhai <nalin@redhat.com> 3.6.1p2-1
|
|
cvsdist |
092b0a |
- update to 3.6.1p2
|
|
cvsdist |
092b0a |
|
|
cvsdist |
092b0a |
* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
|
|
cvsdist |
092b0a |
- rebuilt
|
|
cvsdist |
092b0a |
|
|
cvsdist |
092b0a |
* Mon Mar 24 2003 Florian La Roche <Florian.LaRoche@redhat.de>
|
|
cvsdist |
092b0a |
- add patch for getsockopt() call to work on bigendian 64bit archs
|
|
cvsdist |
6c4a0b |
|
|
cvsdist |
3e66bd |
* Fri Feb 14 2003 Nalin Dahyabhai <nalin@redhat.com> 3.5p1-6
|
|
cvsdist |
3e66bd |
- move scp to the -clients subpackage, because it directly depends on ssh
|
|
cvsdist |
3e66bd |
which is also in -clients (#84329)
|
|
cvsdist |
3e66bd |
|
|
cvsdist |
3e66bd |
* Mon Feb 10 2003 Nalin Dahyabhai <nalin@redhat.com> 3.5p1-5
|
|
cvsdist |
3e66bd |
- rebuild
|
|
cvsdist |
3e66bd |
|
|
cvsdist |
3e66bd |
* Wed Jan 22 2003 Tim Powers <timp@redhat.com>
|
|
cvsdist |
3e66bd |
- rebuilt
|
|
cvsdist |
818000 |
|
|
cvsdist |
3e66bd |
* Tue Jan 7 2003 Nalin Dahyabhai <nalin@redhat.com> 3.5p1-3
|
|
cvsdist |
818000 |
- rebuild
|
|
cvsdist |
818000 |
|
|
cvsdist |
3e66bd |
* Tue Nov 12 2002 Nalin Dahyabhai <nalin@redhat.com> 3.5p1-2
|
|
cvsdist |
3e66bd |
- patch PAM configuration to use relative path names for the modules, allowing
|
|
cvsdist |
3e66bd |
us to not worry about which arch the modules are built for on multilib systems
|
|
cvsdist |
3e66bd |
|
|
cvsdist |
3e66bd |
* Tue Oct 15 2002 Nalin Dahyabhai <nalin@redhat.com> 3.5p1-1
|
|
cvsdist |
3e66bd |
- update to 3.5p1, merging in filelist/perm changes from the upstream spec
|
|
cvsdist |
3e66bd |
|
|
cvsdist |
3e66bd |
* Fri Oct 4 2002 Nalin Dahyabhai <nalin@redhat.com> 3.4p1-3
|
|
cvsdist |
3e66bd |
- merge
|
|
cvsdist |
3e66bd |
|
|
cvsdist |
3e66bd |
* Thu Sep 12 2002 Than Ngo <than@redhat.com> 3.4p1-2.1
|
|
cvsdist |
3e66bd |
- fix to build on multilib systems
|
|
cvsdist |
3e66bd |
|
|
cvsdist |
3e66bd |
* Thu Aug 29 2002 Curtis Zinzilieta <curtisz@redhat.com> 3.4p1-2gss
|
|
cvsdist |
3e66bd |
- added gssapi patches and uncommented patch here
|
|
cvsdist |
818000 |
|
|
cvsdist |
e98831 |
* Wed Aug 14 2002 Nalin Dahyabhai <nalin@redhat.com> 3.4p1-2
|
|
cvsdist |
e98831 |
- pull patch from CVS to fix too-early free in ssh-keysign (#70009)
|
|
cvsdist |
e98831 |
|
|
cvsdist |
8264e7 |
* Thu Jun 27 2002 Nalin Dahyabhai <nalin@redhat.com> 3.4p1-1
|
|
cvsdist |
8264e7 |
- 3.4p1
|
|
cvsdist |
8264e7 |
- drop anon mmap patch
|
|
cvsdist |
8264e7 |
|
|
cvsdist |
8264e7 |
* Tue Jun 25 2002 Nalin Dahyabhai <nalin@redhat.com> 3.3p1-2
|
|
cvsdist |
8264e7 |
- rework the close-on-exit docs
|
|
cvsdist |
8264e7 |
- include configuration file man pages
|
|
cvsdist |
8264e7 |
- make use of nologin as the privsep shell optional
|
|
cvsdist |
8264e7 |
|
|
cvsdist |
8264e7 |
* Mon Jun 24 2002 Nalin Dahyabhai <nalin@redhat.com> 3.3p1-1
|
|
cvsdist |
8264e7 |
- update to 3.3p1
|
|
cvsdist |
8264e7 |
- merge in spec file changes from upstream (remove setuid from ssh, ssh-keysign)
|
|
cvsdist |
8264e7 |
- disable gtk2 askpass
|
|
cvsdist |
8264e7 |
- require pam-devel by filename rather than by package for erratum
|
|
cvsdist |
8264e7 |
- include patch from Solar Designer to work around anonymous mmap failures
|
|
cvsdist |
7c1cbd |
|
|
cvsdist |
8264e7 |
* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
|
|
cvsdist |
8264e7 |
- automated rebuild
|
|
cvsdist |
7c1cbd |
|
|
cvsdist |
8264e7 |
* Fri Jun 7 2002 Nalin Dahyabhai <nalin@redhat.com> 3.2.3p1-3
|
|
cvsdist |
8264e7 |
- don't require autoconf any more
|
|
cvsdist |
7c1cbd |
|
|
cvsdist |
8264e7 |
* Fri May 31 2002 Nalin Dahyabhai <nalin@redhat.com> 3.2.3p1-2
|
|
cvsdist |
8264e7 |
- build gnome-ssh-askpass with gtk2
|
|
cvsdist |
7c1cbd |
|
|
cvsdist |
8264e7 |
* Tue May 28 2002 Nalin Dahyabhai <nalin@redhat.com> 3.2.3p1-1
|
|
cvsdist |
8264e7 |
- update to 3.2.3p1
|
|
cvsdist |
8264e7 |
- merge in spec file changes from upstream
|
|
cvsdist |
a423ec |
|
|
cvsdist |
8264e7 |
* Fri May 17 2002 Nalin Dahyabhai <nalin@redhat.com> 3.2.2p1-1
|
|
cvsdist |
8264e7 |
- update to 3.2.2p1
|
|
cvsdist |
a423ec |
|
|
cvsdist |
8264e7 |
* Fri May 17 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-4
|
|
cvsdist |
a423ec |
- drop buildreq on db1-devel
|
|
cvsdist |
a423ec |
- require pam-devel by package name
|
|
cvsdist |
a423ec |
- require autoconf instead of autoconf253 again
|
|
cvsdist |
a423ec |
|
|
cvsdist |
0c1105 |
* Tue Apr 2 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-3
|
|
cvsdist |
0c1105 |
- pull patch from CVS to avoid printing error messages when some of the
|
|
cvsdist |
0c1105 |
default keys aren't available when running ssh-add
|
|
cvsdist |
0c1105 |
- refresh to current revisions of Simon's patches
|
|
cvsdist |
0c1105 |
|
|
cvsdist |
0c1105 |
* Thu Mar 21 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-2gss
|
|
cvsdist |
0c1105 |
- reintroduce Simon's gssapi patches
|
|
cvsdist |
0c1105 |
- add buildprereq for autoconf253, which is needed to regenerate configure
|
|
cvsdist |
0c1105 |
after applying the gssapi patches
|
|
cvsdist |
0c1105 |
- refresh to the latest version of Markus's patch to build properly with
|
|
cvsdist |
0c1105 |
older versions of OpenSSL
|
|
cvsdist |
8f631f |
|
|
cvsdist |
b46e39 |
* Thu Mar 7 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-2
|
|
cvsdist |
b46e39 |
- bump and grind (through the build system)
|
|
cvsdist |
b46e39 |
|
|
cvsdist |
b46e39 |
* Thu Mar 7 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-1
|
|
cvsdist |
b46e39 |
- require sharutils for building (mindrot #137)
|
|
cvsdist |
b46e39 |
- require db1-devel only when building for 6.x (#55105), which probably won't
|
|
cvsdist |
b46e39 |
work anyway (3.1 requires OpenSSL 0.9.6 to build), but what the heck
|
|
cvsdist |
b46e39 |
- require pam-devel by file (not by package name) again
|
|
cvsdist |
b46e39 |
- add Markus's patch to compile with OpenSSL 0.9.5a (from
|
|
cvsdist |
b46e39 |
http://bugzilla.mindrot.org/show_bug.cgi?id=141) and apply it if we're
|
|
cvsdist |
b46e39 |
building for 6.x
|
|
cvsdist |
b46e39 |
|
|
cvsdist |
b46e39 |
* Thu Mar 7 2002 Nalin Dahyabhai <nalin@redhat.com> 3.1p1-0
|
|
cvsdist |
b46e39 |
- update to 3.1p1
|
|
cvsdist |
b46e39 |
|
|
cvsdist |
b46e39 |
* Tue Mar 5 2002 Nalin Dahyabhai <nalin@redhat.com> SNAP-20020305
|
|
cvsdist |
b46e39 |
- update to SNAP-20020305
|
|
cvsdist |
b46e39 |
- drop debug patch, fixed upstream
|
|
cvsdist |
b46e39 |
|
|
cvsdist |
b46e39 |
* Wed Feb 20 2002 Nalin Dahyabhai <nalin@redhat.com> SNAP-20020220
|
|
cvsdist |
b46e39 |
- update to SNAP-20020220 for testing purposes (you've been warned, if there's
|
|
cvsdist |
b46e39 |
anything to be warned about, gss patches won't apply, I don't mind)
|
|
cvsdist |
b46e39 |
|
|
cvsdist |
b46e39 |
* Wed Feb 13 2002 Nalin Dahyabhai <nalin@redhat.com> 3.0.2p1-3
|
|
cvsdist |
b46e39 |
- add patches from Simon Wilkinson and Nicolas Williams for GSSAPI key
|
|
cvsdist |
b46e39 |
exchange, authentication, and named key support
|
|
cvsdist |
b46e39 |
|
|
cvsdist |
b46e39 |
* Wed Jan 23 2002 Nalin Dahyabhai <nalin@redhat.com> 3.0.2p1-2
|
|
cvsdist |
b46e39 |
- remove dependency on db1-devel, which has just been swallowed up whole
|
|
cvsdist |
b46e39 |
by gnome-libs-devel
|
|
cvsdist |
b46e39 |
|
|
cvsdist |
b46e39 |
* Sun Dec 29 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
b46e39 |
- adjust build dependencies so that build6x actually works right (fix
|
|
cvsdist |
b46e39 |
from Hugo van der Kooij)
|
|
cvsdist |
b46e39 |
|
|
cvsdist |
b46e39 |
* Tue Dec 4 2001 Nalin Dahyabhai <nalin@redhat.com> 3.0.2p1-1
|
|
cvsdist |
b46e39 |
- update to 3.0.2p1
|
|
cvsdist |
b46e39 |
|
|
cvsdist |
b46e39 |
* Fri Nov 16 2001 Nalin Dahyabhai <nalin@redhat.com> 3.0.1p1-1
|
|
cvsdist |
b46e39 |
- update to 3.0.1p1
|
|
cvsdist |
d92638 |
|
|
cvsdist |
b46e39 |
* Tue Nov 13 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
b46e39 |
- update to current CVS (not for use in distribution)
|
|
cvsdist |
55bc91 |
|
|
cvsdist |
b46e39 |
* Thu Nov 8 2001 Nalin Dahyabhai <nalin@redhat.com> 3.0p1-1
|
|
cvsdist |
b46e39 |
- merge some of Damien Miller <djm@mindrot.org> changes from the upstream
|
|
cvsdist |
b46e39 |
3.0p1 spec file and init script
|
|
cvsdist |
55bc91 |
|
|
cvsdist |
b46e39 |
* Wed Nov 7 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
b46e39 |
- update to 3.0p1
|
|
cvsdist |
b46e39 |
- update to x11-ssh-askpass 1.2.4.1
|
|
cvsdist |
b46e39 |
- change build dependency on a file from pam-devel to the pam-devel package
|
|
cvsdist |
b46e39 |
- replace primes with moduli
|
|
cvsdist |
55bc91 |
|
|
cvsdist |
9383d5 |
* Thu Sep 27 2001 Nalin Dahyabhai <nalin@redhat.com> 2.9p2-9
|
|
cvsdist |
9383d5 |
- incorporate fix from Markus Friedl's advisory for IP-based authorization bugs
|
|
cvsdist |
9383d5 |
|
|
cvsdist |
9383d5 |
* Thu Sep 13 2001 Bernhard Rosenkraenzer <bero@redhat.com> 2.9p2-8
|
|
cvsdist |
9383d5 |
- Merge changes to rescue build from current sysadmin survival cd
|
|
cvsdist |
9383d5 |
|
|
cvsdist |
fcc300 |
* Thu Sep 6 2001 Nalin Dahyabhai <nalin@redhat.com> 2.9p2-7
|
|
cvsdist |
fcc300 |
- fix scp's server's reporting of file sizes, and build with the proper
|
|
cvsdist |
fcc300 |
preprocessor define to get large-file capable open(), stat(), etc.
|
|
cvsdist |
fcc300 |
(sftp has been doing this correctly all along) (#51827)
|
|
cvsdist |
fcc300 |
- configure without --with-ipv4-default on RHL 7.x and newer (#45987,#52247)
|
|
cvsdist |
fcc300 |
- pull cvs patch to fix support for /etc/nologin for non-PAM logins (#47298)
|
|
cvsdist |
fcc300 |
- mark profile.d scriptlets as config files (#42337)
|
|
cvsdist |
fcc300 |
- refer to Jason Stone's mail for zsh workaround for exit-hanging quasi-bug
|
|
cvsdist |
fcc300 |
- change a couple of log() statements to debug() statements (#50751)
|
|
cvsdist |
fcc300 |
- pull cvs patch to add -t flag to sshd (#28611)
|
|
cvsdist |
fcc300 |
- clear fd_sets correctly (one bit per FD, not one byte per FD) (#43221)
|
|
cvsdist |
fcc300 |
|
|
cvsdist |
fcc300 |
* Mon Aug 20 2001 Nalin Dahyabhai <nalin@redhat.com> 2.9p2-6
|
|
cvsdist |
35482e |
- add db1-devel as a BuildPrerequisite (noted by Hans Ecke)
|
|
cvsdist |
35482e |
|
|
cvsdist |
35482e |
* Thu Aug 16 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
35482e |
- pull cvs patch to fix remote port forwarding with protocol 2
|
|
cvsdist |
35482e |
|
|
cvsdist |
628f20 |
* Thu Aug 9 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
35482e |
- pull cvs patch to add session initialization to no-pty sessions
|
|
cvsdist |
b46e39 |
- pull cvs patch to not cut off challengeresponse auth needlessly
|
|
cvsdist |
628f20 |
- refuse to do X11 forwarding if xauth isn't there, handy if you enable
|
|
cvsdist |
628f20 |
it by default on a system that doesn't have X installed (#49263)
|
|
cvsdist |
628f20 |
|
|
cvsdist |
628f20 |
* Wed Aug 8 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
628f20 |
- don't apply patches to code we don't intend to build (spotted by Matt Galgoci)
|
|
cvsdist |
628f20 |
|
|
cvsdist |
7d7b03 |
* Mon Aug 6 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
7d7b03 |
- pass OPTIONS correctly to initlog (#50151)
|
|
cvsdist |
7d7b03 |
|
|
cvsdist |
7d7b03 |
* Wed Jul 25 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
7d7b03 |
- switch to x11-ssh-askpass 1.2.2
|
|
cvsdist |
7d7b03 |
|
|
cvsdist |
7d7b03 |
* Wed Jul 11 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
7d7b03 |
- rebuild in new environment
|
|
cvsdist |
7d7b03 |
|
|
cvsdist |
7d7b03 |
* Mon Jun 25 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
7d7b03 |
- disable the gssapi patch
|
|
cvsdist |
7d7b03 |
|
|
cvsdist |
7d7b03 |
* Mon Jun 18 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
7d7b03 |
- update to 2.9p2
|
|
cvsdist |
7d7b03 |
- refresh to a new version of the gssapi patch
|
|
cvsdist |
7d7b03 |
|
|
cvsdist |
7d7b03 |
* Thu Jun 7 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
7d7b03 |
- change Copyright: BSD to License: BSD
|
|
cvsdist |
7d7b03 |
- add Markus Friedl's unverified patch for the cookie file deletion problem
|
|
cvsdist |
7d7b03 |
so that we can verify it
|
|
cvsdist |
7d7b03 |
- drop patch to check if xauth is present (was folded into cookie patch)
|
|
cvsdist |
7d7b03 |
- don't apply gssapi patches for the errata candidate
|
|
cvsdist |
7d7b03 |
- clear supplemental groups list at startup
|
|
cvsdist |
7d7b03 |
|
|
cvsdist |
7d7b03 |
* Fri May 25 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
7d7b03 |
- fix an error parsing the new default sshd_config
|
|
cvsdist |
7d7b03 |
- add a fix from Markus Friedl (via openssh-unix-dev) for ssh-keygen not
|
|
cvsdist |
7d7b03 |
dealing with comments right
|
|
cvsdist |
7d7b03 |
|
|
cvsdist |
7d7b03 |
* Thu May 24 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
7d7b03 |
- add in Simon Wilkinson's GSSAPI patch to give it some testing in-house,
|
|
cvsdist |
7d7b03 |
to be removed before the next beta cycle because it's a big departure
|
|
cvsdist |
7d7b03 |
from the upstream version
|
|
cvsdist |
7d7b03 |
|
|
cvsdist |
7d7b03 |
* Thu May 3 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
7d7b03 |
- finish marking strings in the init script for translation
|
|
cvsdist |
7d7b03 |
- modify init script to source /etc/sysconfig/sshd and pass $OPTIONS to sshd
|
|
cvsdist |
7d7b03 |
at startup (change merged from openssh.com init script, originally by
|
|
cvsdist |
7d7b03 |
Pekka Savola)
|
|
cvsdist |
7d7b03 |
- refuse to do X11 forwarding if xauth isn't there, handy if you enable
|
|
cvsdist |
7d7b03 |
it by default on a system that doesn't have X installed
|
|
cvsdist |
7d7b03 |
|
|
cvsdist |
7d7b03 |
* Wed May 2 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
7d7b03 |
- update to 2.9
|
|
cvsdist |
7d7b03 |
- drop various patches that came from or went upstream or to or from CVS
|
|
cvsdist |
7d7b03 |
|
|
cvsdist |
7d7b03 |
* Wed Apr 18 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
7d7b03 |
- only require initscripts 5.00 on 6.2 (reported by Peter Bieringer)
|
|
cvsdist |
7d7b03 |
|
|
cvsdist |
4135ab |
* Sun Apr 8 2001 Preston Brown <pbrown@redhat.com>
|
|
cvsdist |
4135ab |
- remove explicit openssl requirement, fixes builddistro issue
|
|
cvsdist |
4135ab |
- make initscript stop() function wait until sshd really dead to avoid
|
|
cvsdist |
4135ab |
races in condrestart
|
|
cvsdist |
43f95f |
|
|
cvsdist |
4135ab |
* Mon Apr 2 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
4135ab |
- mention that challengereponse supports PAM, so disabling password doesn't
|
|
cvsdist |
4135ab |
limit users to pubkey and rsa auth (#34378)
|
|
cvsdist |
b46e39 |
- bypass the daemon() function in the init script and call initlog directly,
|
|
cvsdist |
b46e39 |
because daemon() won't start a daemon it detects is already running (like
|
|
cvsdist |
b46e39 |
open connections)
|
|
cvsdist |
4135ab |
- require the version of openssl we had when we were built
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Fri Mar 23 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- make do_pam_setcred() smart enough to know when to establish creds and
|
|
cvsdist |
43f95f |
when to reinitialize them
|
|
cvsdist |
43f95f |
- add in a couple of other fixes from Damien for inclusion in the errata
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Thu Mar 22 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- update to 2.5.2p2
|
|
cvsdist |
43f95f |
- call setcred() again after initgroups, because the "creds" could actually
|
|
cvsdist |
43f95f |
be group memberships
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Tue Mar 20 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- update to 2.5.2p1 (includes endianness fixes in the rijndael implementation)
|
|
cvsdist |
43f95f |
- don't enable challenge-response by default until we find a way to not
|
|
cvsdist |
43f95f |
have too many userauth requests (we may make up to six pubkey and up to
|
|
cvsdist |
43f95f |
three password attempts as it is)
|
|
cvsdist |
43f95f |
- remove build dependency on rsh to match openssh.com's packages more closely
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Sat Mar 3 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- remove dependency on openssl -- would need to be too precise
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Fri Mar 2 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- rebuild in new environment
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Mon Feb 26 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- Revert the patch to move pam_open_session.
|
|
cvsdist |
43f95f |
- Init script and spec file changes from Pekka Savola. (#28750)
|
|
cvsdist |
43f95f |
- Patch sftp to recognize '-o protocol' arguments. (#29540)
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Thu Feb 22 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- Chuck the closing patch.
|
|
cvsdist |
43f95f |
- Add a trigger to add host keys for protocol 2 to the config file, now that
|
|
cvsdist |
43f95f |
configuration file syntax requires us to specify it with HostKey if we
|
|
cvsdist |
43f95f |
specify any other HostKey values, which we do.
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Tue Feb 20 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- Redo patch to move pam_open_session after the server setuid()s to the user.
|
|
cvsdist |
43f95f |
- Rework the nopam patch to use be picked up by autoconf.
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Mon Feb 19 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- Update for 2.5.1p1.
|
|
cvsdist |
43f95f |
- Add init script mods from Pekka Savola.
|
|
cvsdist |
43f95f |
- Tweak the init script to match the CVS contrib script more closely.
|
|
cvsdist |
43f95f |
- Redo patch to ssh-add to try to adding both identity and id_dsa to also try
|
|
cvsdist |
43f95f |
adding id_rsa.
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Fri Feb 16 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- Update for 2.5.0p1.
|
|
cvsdist |
43f95f |
- Use $RPM_OPT_FLAGS instead of -O when building gnome-ssh-askpass
|
|
cvsdist |
43f95f |
- Resync with parts of Damien Miller's openssh.spec from CVS, including
|
|
cvsdist |
43f95f |
update of x11 askpass to 1.2.0.
|
|
cvsdist |
43f95f |
- Only require openssl (don't prereq) because we generate keys in the init
|
|
cvsdist |
43f95f |
script now.
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Tue Feb 13 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- Don't open a PAM session until we've forked and become the user (#25690).
|
|
cvsdist |
43f95f |
- Apply Andrew Bartlett's patch for letting pam_authenticate() know which
|
|
cvsdist |
43f95f |
host the user is attempting a login from.
|
|
cvsdist |
43f95f |
- Resync with parts of Damien Miller's openssh.spec from CVS.
|
|
cvsdist |
43f95f |
- Don't expose KbdInt responses in debug messages (from CVS).
|
|
cvsdist |
43f95f |
- Detect and handle errors in rsa_{public,private}_decrypt (from CVS).
|
|
cvsdist |
43f95f |
|
|
cvsdist |
4135ab |
* Wed Feb 7 2001 Trond Eivind Glomsrxd <teg@redhat.com>
|
|
cvsdist |
43f95f |
- i18n-tweak to initscript.
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Tue Jan 23 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- More gettextizing.
|
|
cvsdist |
43f95f |
- Close all files after going into daemon mode (needs more testing).
|
|
cvsdist |
43f95f |
- Extract patch from CVS to handle auth banners (in the client).
|
|
cvsdist |
43f95f |
- Extract patch from CVS to handle compat weirdness.
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Fri Jan 19 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- Finish with the gettextizing.
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Thu Jan 18 2001 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- Fix a bug in auth2-pam.c (#23877)
|
|
cvsdist |
43f95f |
- Gettextize the init script.
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Wed Dec 20 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- Incorporate a switch for using PAM configs for 6.x, just in case.
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Tue Dec 5 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- Incorporate Bero's changes for a build specifically for rescue CDs.
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Wed Nov 29 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- Don't treat pam_setcred() failure as fatal unless pam_authenticate() has
|
|
cvsdist |
43f95f |
succeeded, to allow public-key authentication after a failure with "none"
|
|
cvsdist |
43f95f |
authentication. (#21268)
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Tue Nov 28 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- Update to x11-askpass 1.1.1. (#21301)
|
|
cvsdist |
43f95f |
- Don't second-guess fixpaths, which causes paths to get fixed twice. (#21290)
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Mon Nov 27 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- Merge multiple PAM text messages into subsequent prompts when possible when
|
|
cvsdist |
43f95f |
doing keyboard-interactive authentication.
|
|
cvsdist |
43f95f |
|
|
cvsdist |
43f95f |
* Sun Nov 26 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
43f95f |
- Disable the built-in MD5 password support. We're using PAM.
|
|
cvsdist |
43f95f |
- Take a crack at doing keyboard-interactive authentication with PAM, and
|
|
cvsdist |
43f95f |
enable use of it in the default client configuration so that the client
|
|
cvsdist |
43f95f |
will try it when the server disallows password authentication.
|
|
cvsdist |
43f95f |
- Build with debugging flags. Build root policies strip all binaries anyway.
|
|
cvsdist |
43f95f |
|
|
cvsdist |
f28bf6 |
* Tue Nov 21 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
f28bf6 |
- Use DESTDIR instead of %%makeinstall.
|
|
cvsdist |
f28bf6 |
- Remove /usr/X11R6/bin from the path-fixing patch.
|
|
cvsdist |
f28bf6 |
|
|
cvsdist |
f28bf6 |
* Mon Nov 20 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
f28bf6 |
- Add the primes file from the latest snapshot to the main package (#20884).
|
|
cvsdist |
f28bf6 |
- Add the dev package to the prereq list (#19984).
|
|
cvsdist |
f28bf6 |
- Remove the default path and mimic login's behavior in the server itself.
|
|
cvsdist |
f28bf6 |
|
|
cvsdist |
f28bf6 |
* Fri Nov 17 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
f28bf6 |
- Resync with conditional options in Damien Miller's .spec file for an errata.
|
|
cvsdist |
f28bf6 |
- Change libexecdir from %%{_libexecdir}/ssh to %%{_libexecdir}/openssh.
|
|
cvsdist |
f28bf6 |
|
|
cvsdist |
f28bf6 |
* Tue Nov 7 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
f28bf6 |
- Update to OpenSSH 2.3.0p1.
|
|
cvsdist |
f28bf6 |
- Update to x11-askpass 1.1.0.
|
|
cvsdist |
f28bf6 |
- Enable keyboard-interactive authentication.
|
|
cvsdist |
f28bf6 |
|
|
cvsdist |
f28bf6 |
* Mon Oct 30 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
f28bf6 |
- Update to ssh-askpass-x11 1.0.3.
|
|
cvsdist |
f28bf6 |
- Change authentication related messages to be private (#19966).
|
|
cvsdist |
f28bf6 |
|
|
cvsdist |
f28bf6 |
* Tue Oct 10 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
f28bf6 |
- Patch ssh-keygen to be able to list signatures for DSA public key files
|
|
cvsdist |
f28bf6 |
it generates.
|
|
cvsdist |
f28bf6 |
|
|
cvsdist |
328740 |
* Thu Oct 5 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
328740 |
- Add BuildPreReq on /usr/include/security/pam_appl.h to be sure we always
|
|
cvsdist |
328740 |
build PAM authentication in.
|
|
cvsdist |
328740 |
- Try setting SSH_ASKPASS if gnome-ssh-askpass is installed.
|
|
cvsdist |
328740 |
- Clean out no-longer-used patches.
|
|
cvsdist |
328740 |
- Patch ssh-add to try to add both identity and id_dsa, and to error only
|
|
cvsdist |
328740 |
when neither exists.
|
|
cvsdist |
328740 |
|
|
cvsdist |
328740 |
* Mon Oct 2 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
328740 |
- Update x11-askpass to 1.0.2. (#17835)
|
|
cvsdist |
328740 |
- Add BuildPreReqs for /bin/login and /usr/bin/rsh so that configure will
|
|
cvsdist |
328740 |
always find them in the right place. (#17909)
|
|
cvsdist |
328740 |
- Set the default path to be the same as the one supplied by /bin/login, but
|
|
cvsdist |
328740 |
add /usr/X11R6/bin. (#17909)
|
|
cvsdist |
328740 |
- Try to handle obsoletion of ssh-server more cleanly. Package names
|
|
cvsdist |
328740 |
are different, but init script name isn't. (#17865)
|
|
cvsdist |
328740 |
|
|
cvsdist |
328740 |
* Wed Sep 6 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
328740 |
- Update to 2.2.0p1. (#17835)
|
|
cvsdist |
328740 |
- Tweak the init script to allow proper restarting. (#18023)
|
|
cvsdist |
328740 |
|
|
cvsdist |
328740 |
* Wed Aug 23 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
328740 |
- Update to 20000823 snapshot.
|
|
cvsdist |
328740 |
- Change subpackage requirements from %%{version} to %%{version}-%%{release}
|
|
cvsdist |
328740 |
- Back out the pipe patch.
|
|
cvsdist |
328740 |
|
|
cvsdist |
f71077 |
* Mon Jul 17 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
f71077 |
- Update to 2.1.1p4, which includes fixes for config file parsing problems.
|
|
cvsdist |
f71077 |
- Move the init script back.
|
|
cvsdist |
f71077 |
- Add Damien's quick fix for wackiness.
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Wed Jul 12 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
f71077 |
- Update to 2.1.1p3, which includes fixes for X11 forwarding and strtok().
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Thu Jul 6 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
f71077 |
- Move condrestart to server postun.
|
|
cvsdist |
f71077 |
- Move key generation to init script.
|
|
cvsdist |
f71077 |
- Actually use the right patch for moving the key generation to the init script.
|
|
cvsdist |
f71077 |
- Clean up the init script a bit.
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Wed Jul 5 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
f71077 |
- Fix X11 forwarding, from mail post by Chan Shih-Ping Richard.
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Sun Jul 2 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
f71077 |
- Update to 2.1.1p2.
|
|
cvsdist |
f71077 |
- Use of strtok() considered harmful.
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Sat Jul 1 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
f71077 |
- Get the build root out of the man pages.
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Thu Jun 29 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
f71077 |
- Add and use condrestart support in the init script.
|
|
cvsdist |
f71077 |
- Add newer initscripts as a prereq.
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Tue Jun 27 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
f71077 |
- Build in new environment (release 2)
|
|
cvsdist |
f71077 |
- Move -clients subpackage to Applications/Internet group
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Fri Jun 9 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
f71077 |
- Update to 2.2.1p1
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Sat Jun 3 2000 Nalin Dahyabhai <nalin@redhat.com>
|
|
cvsdist |
f71077 |
- Patch to build with neither RSA nor RSAref.
|
|
cvsdist |
f71077 |
- Miscellaneous FHS-compliance tweaks.
|
|
cvsdist |
f71077 |
- Fix for possibly-compressed man pages.
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Wed Mar 15 2000 Damien Miller <djm@ibs.com.au>
|
|
cvsdist |
f71077 |
- Updated for new location
|
|
cvsdist |
f71077 |
- Updated for new gnome-ssh-askpass build
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Sun Dec 26 1999 Damien Miller <djm@mindrot.org>
|
|
cvsdist |
f71077 |
- Added Jim Knoble's <jmknoble@pobox.com> askpass
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Mon Nov 15 1999 Damien Miller <djm@mindrot.org>
|
|
cvsdist |
f71077 |
- Split subpackages further based on patch from jim knoble <jmknoble@pobox.com>
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Sat Nov 13 1999 Damien Miller <djm@mindrot.org>
|
|
cvsdist |
f71077 |
- Added 'Obsoletes' directives
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Tue Nov 09 1999 Damien Miller <djm@ibs.com.au>
|
|
cvsdist |
f71077 |
- Use make install
|
|
cvsdist |
f71077 |
- Subpackages
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Mon Nov 08 1999 Damien Miller <djm@ibs.com.au>
|
|
cvsdist |
f71077 |
- Added links for slogin
|
|
cvsdist |
f71077 |
- Fixed perms on manpages
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Sat Oct 30 1999 Damien Miller <djm@ibs.com.au>
|
|
cvsdist |
f71077 |
- Renamed init script
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Fri Oct 29 1999 Damien Miller <djm@ibs.com.au>
|
|
cvsdist |
f71077 |
- Back to old binary names
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au>
|
|
cvsdist |
f71077 |
- Use autoconf
|
|
cvsdist |
f71077 |
- New binary names
|
|
cvsdist |
f71077 |
|
|
cvsdist |
f71077 |
* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au>
|
|
cvsdist |
f71077 |
- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec.
|