tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,357 Commits 7 Branches 18 Tags 96 MiB
Commit Graph

576 Commits

Author SHA1 Message Date
Darren Tucker f9696566fb - (dtucker) [configure.ac] Remove tcpwrappers support, support has already 
been removed from sshd.c.
 2014-06-13 11:06:04 +10:00
Damien Miller 6482d90a65 - (djm) [configure.ac openbsd-compat/bsd-cygwin_util.c] 
[openbsd-compat/bsd-cygwin_util.h] On Cygwin, determine privilege
         separation user at runtime, since it may need to be a domain account.
            Patch from Corinna Vinschen.
 2014-05-27 14:34:42 +10:00
Damien Miller 18912775cb - (djm) [commit configure.ac defines.h sshpty.c] don't attempt to use 
vhangup on Linux. It doens't work for non-root users, and for them
   it just messes up the tty settings.
 2014-05-21 17:06:46 +10:00
Damien Miller e5b9f0f2ee - (djm) [Makefile.in configure.ac sshbuf-getput-basic.c] 
[sshbuf-getput-crypto.c sshbuf.c] compilation and portability fixes
 2014-05-15 14:58:07 +10:00
Damien Miller b9c566788a - (djm) [configure.ac] Unconditionally define WITH_OPENSSL until we write 
portability glue to support building without libcrypto
 2014-05-15 14:43:37 +10:00
Tim Rice 03ae081aea 20140221 
- (tim) [configure.ac]  Fix cut-and-paste error. Patch from Bryan Drewery.
 2014-02-21 09:09:34 -08:00
Darren Tucker 4a20959d2e - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add compat 
code for older OpenSSL versions that don't have EVP_MD_CTX_copy_ex.
 2014-02-13 16:38:32 +11:00
Damien Miller 1d2c456426 - tedu@cvs.openbsd.org 2014/01/31 16:39:19 
[auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c]
     [channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c]
     [kexc25519.c krl.c monitor.c sandbox-systrace.c session.c]
     [sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c]
     [openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h]
     replace most bzero with explicit_bzero, except a few that cna be memset
     ok djm dtucker
 2014-02-04 11:18:20 +11:00
Damien Miller f5bbd3b657 - (djm) [configure.ac atomicio.c] Kludge around NetBSD offering 
different symbols for 'read' when various compiler flags are
   in use, causing atomicio.c comparisons against it to break and
   read/write operations to hang; ok dtucker
 2014-01-30 11:26:46 +11:00
Damien Miller c2868192dd - (djm) [configure.ac] Only check for width-specified integer types 
in headers that actually exist. patch from Tom G. Christensen;
   ok dtucker@
 2014-01-30 10:21:19 +11:00
Damien Miller c161fc90fc - (djm) [configure.ac] Fix broken shell test '==' vs '='; patch from 
Tom G. Christensen
 2014-01-29 21:01:33 +11:00
Damien Miller ab03949058 - (djm) [configure.ac] Search for inet_ntop in libnsl and libresovl; 
ok dtucker
 2014-01-28 15:07:10 +11:00
Damien Miller 5b447c0aac - (djm) [configure.ac] correct AC_DEFINE for previous. 2014-01-26 09:46:53 +11:00
Damien Miller 2035b2236d - (djm) [configure.ac sandbox-capsicum.c sandbox-rlimit.c] Disable 
RLIMIT_NOFILE pseudo-sandbox on FreeBSD. In some configurations,
    libc will attempt to open additional file descriptors for crypto
    offload and crash if they cannot be opened.
 2014-01-26 09:39:53 +11:00
Damien Miller 603b8f47f1 - (djm) [configure.ac] autoconf sets finds to 'yes' not '1', so test 
against the correct thing.
 2014-01-25 13:16:59 +11:00
Damien Miller c96d85376d - (djm) [configure.ac] Do not attempt to use capsicum sandbox unless 
sys/capability.h exists and cap_rights_limit is in libc. Fixes
   build on FreeBSD9x which provides the header but not the libc
   support.
 2014-01-25 13:12:28 +11:00
Damien Miller f62ecef993 - (djm) [configure.ac] Fix detection of capsicum sandbox on FreeBSD 2014-01-25 12:34:38 +11:00
Darren Tucker 42a0925301 - (dtucker) [configure.ac] NetBSD's (and FreeBSD's) strnvis is gratuitously 
incompatible with OpenBSD's despite post-dating it by more than a decade.
   Declare it as broken, and document FreeBSD's as the same.  ok djm@
 2014-01-23 23:14:39 +11:00
Damien Miller 5c2ff5e31f - (djm) [configure.ac aclocal.m4] More tests to detect fallout from 
platform hardening options: include some long long int arithmatic
   to detect missing support functions for -ftrapv in libgcc and
   equivalents, actually test linking when -ftrapv is supplied and
   set either both -pie/-fPIE or neither. feedback and ok dtucker@
 2014-01-22 21:30:12 +11:00
Damien Miller 852472a54b - (djm) [configure.ac] Unless specifically requested, only attempt 
to build Position Independent Executables on gcc >= 4.x; ok dtucker
 2014-01-22 16:31:18 +11:00
Darren Tucker 096118dc73 - (dtucker) [configure.ac] Make PIE a configure-time option which defaults 
to on platforms where it's known to be reliably detected and off elsewhere.
   Works around platforms such as FreeBSD 9.1 where it does not interop with
   -ftrapv (it seems to work but fails when trying to link ssh).  ok djm@
 2014-01-21 12:48:51 +11:00
Darren Tucker fdce373166 - (dtucker) [configure.ac] On Cygwin the getopt variables (like optargs, 
optind) are defined in getopt.h already.  Unfortunately they are defined as
   "declspec(dllimport)" for historical reasons, because the GNU linker didn't
   allow auto-import on PE/COFF targets way back when.  The problem is the
   dllexport attributes collide with the definitions in the various source
   files in OpenSSH, which obviousy define the variables without
   declspec(dllimport).  The least intrusive way to get rid of these warnings
   is to disable warnings for GCC compiler attributes when building on Cygwin.
   Patch from vinschen at redhat.com.
 2014-01-18 21:12:42 +11:00
Darren Tucker 9edcbff46f - (dtucker) [configure.ac] Have --without-toolchain-hardening not turn off 
stack-protector since that has a separate flag that's been around a while.
 2014-01-17 21:54:32 +11:00
Darren Tucker 6d725687c4 - (dtucker) [configure.ac] Also look in inttypes.h for uintXX_t types. 2014-01-17 19:17:34 +11:00
Darren Tucker a5cf1e220d - (dtucker) [configure.ac openbsd-compat/bsd-statvfs.c 
openbsd-compat/bsd-statvfs.h] Implement enough of statvfs on top of statfs
   to be useful (and for the regression tests to pass) on platforms that
   have statfs and fstatfs.  ok djm@
 2014-01-17 18:10:58 +11:00
Darren Tucker d23a91ffb2 - (dtucker) [configure.ac digest.c openbsd-compat/openssl-compat.c 
openbsd-compat/openssl-compat.h]  Add compatibility layer for older
   openssl versions.  ok djm@
 2014-01-17 17:32:30 +11:00
Damien Miller 868ea1ea1c - (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c] 
[sandbox-null.c sandbox-rlimit.c sandbox-seccomp-filter.c]
   [sandbox-systrace.c ssh-sandbox.h sshd.c] Support preauth sandboxing
   using the Capsicum API introduced in FreeBSD 10. Patch by Dag-Erling
   Smorgrav, updated by Loganaden Velvindron @ AfriNIC; ok dtucker@
 2014-01-17 16:47:04 +11:00
Darren Tucker c548722361 - (dtucker) [configure.ac] Split AC_CHECK_FUNCS for OpenSSL functions into 
separate lines and alphabetize for easier diffing of changes.
 2014-01-17 15:12:16 +11:00
Darren Tucker fd994379dd - (dtucker) [aclocal.m4 configure.ac] Add some additional compiler/toolchain 
hardening flags including -fstack-protector-strong.  These default to on
   if the toolchain supports them, but there is a configure-time knob
   (--without-hardening) to disable them if necessary.  ok djm@
 2014-01-17 09:53:24 +11:00
Darren Tucker 1fcec9d4f2 - (dtucker) [configure.ac] bz#2178: Don't try to use BSM on Solaris versions 
greater than 11 either rather than just 11.  Patch from Tomas Kuthan.
 2013-12-19 11:00:12 +11:00
Damien Miller 1ff130dac9 - [configure.ac openbsd-compat/Makefile.in openbsd-compat/bcrypt_pbkdf.c] 
[openbsd-compat/blf.h openbsd-compat/blowfish.c]
   [openbsd-compat/openbsd-compat.h] Start at supporting bcrypt_pbkdf in
   portable.
 2013-12-07 11:51:51 +11:00
Damien Miller a913442bac - [Makefile.in] Add ed25519 sources 2013-12-07 11:35:36 +11:00
Darren Tucker 8369c8e61a - (dtucker) [configure.ac] bz#2173: use pkg-config --libs to include correct 
-L location for libedit.  Patch from Serge van den Boom.
 2013-12-05 11:00:16 +11:00
Darren Tucker dd5264db5f - (dtucker) [configure.ac] Add missing "test". 2013-11-09 22:32:51 +11:00
Darren Tucker 95cb2d4eb0 - (dtucker) [configure.ac] Fix brackets in NID_secp521r1 test. 2013-11-09 22:02:31 +11:00
Darren Tucker 37bcef51b3 - (dtucker) [configure.ac kex.c key.c myproposal.h] Test for the presence of 
NID_X9_62_prime256v1, NID_secp384r1 and NID_secp521r1 and test that the
   latter actually works before using it.  Fedora (at least) has NID_secp521r1
   that doesn't work (see https://bugzilla.redhat.com/show_bug.cgi?id=1021897).
 2013-11-09 18:39:25 +11:00
Darren Tucker 882abfd3fb - (dtucker) [Makefile.in configure.ac] Set MALLOC_OPTIONS per platform 
and pass in TEST_ENV.  Unknown options cause stderr to get polluted
   and the stderr-data test to fail.
 2013-11-09 00:17:41 +11:00
Darren Tucker 4bf7e50e53 - (dtucker) [Makefile.in configure.ac] Remove TEST_SSH_SHA256 environment 
variable.  It's no longer used now that we get the supported MACs from
   ssh -Q.
 2013-11-07 22:33:48 +11:00
Damien Miller df8b030b15 - (djm) [configure.ac defines.h] Skip arc4random_stir() calls on platforms 
that lack it but have arc4random_uniform()
 2013-11-07 13:28:16 +11:00
Darren Tucker 007e3b357e - (dtucker) [configure.ac defines.h] Add typedefs for intmax_t and uintmax_t 
for platforms that don't have them.
 2013-11-03 18:43:55 +11:00
Darren Tucker f3ab2c5f9c - (dtucker) [auth-krb5.c configure.ac openbsd-compat/bsd-misc.h] Add support 
for building with older Heimdal versions.  ok djm.
 2013-08-04 21:48:41 +10:00
Darren Tucker 6d8bd57448 - (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported 
algorithms (Ciphers, MACs and HostKeyAlgorithms) from man pages.
 2013-06-11 11:26:10 +10:00
Darren Tucker ae133d4b31 - (dtucker) [configure.ac sftp.c openbsd-compat/openbsd-compat.h] Cater for 
platforms that don't have multibyte character support (specifically,
    mblen).
 2013-06-06 08:30:20 +10:00
Darren Tucker 16cac190eb - (dtucker) [configure.ac] Some other platforms need sys/types.h before 
sys/socket.h.
 2013-06-04 12:55:24 +10:00
Darren Tucker 0b43ffe143 - (dtucker) [configure.ac] Some platforms need sys/types.h before sys/un.h. 2013-06-03 09:30:44 +10:00
Tim Rice 5ab9b63468 - (tim) [configure.ac regress/Makefile] With rev 1.47 of test-exec.sh we 
need a shell that can handle "[ file1 -nt file2 ]". Rather than keep
   dealing with shell portability issues in regression tests, we let
   configure find us a capable shell on those platforms with an old /bin/sh.
 2013-06-02 14:05:48 -07:00
Darren Tucker 898ac935e5 - (dtucker) [configure.ac] bz#2111: don't try to use lastlog on Android. 
Patch from Nathan Osman.
 2013-06-03 02:03:25 +10:00
Darren Tucker ef4901c3eb - (dtucker) [configure.ac] sys/un.h needs sys/socket.h on some platforms 
to prevent noise from configure. Patch from Nathan Osman.
 2013-06-03 01:59:13 +10:00
Darren Tucker a710891659 - (dtucker) [configure.ac misc.c] Look for clock_gettime in librt and fall 
back to time(NULL) if we can't find it anywhere.
 2013-06-02 08:18:31 +10:00
Darren Tucker c7aad0058c - (dtucker) [configure.ac defines.h] Test for fd_mask, howmany and NFDBITS 
rather than trying to enumerate the plaforms that don't have them.
   Based on a patch from Nathan Osman, with help from tim@.
 2013-06-02 07:18:47 +10:00