summaryrefslogtreecommitdiffstats
path: root/.skipped-commit-ids (follow)
Commit message (Collapse)AuthorAgeFilesLines
* upstream: enable -fret-clean on amd64, for libc libcrypto ld.soderaadt@openbsd.org2024-06-061-0/+1
| | | | | | | kernel, and all the ssh tools. The dynamic objects are entirely ret-clean, static binaries will contain a blend of cleaning and non-cleaning callers. OpenBSD-Commit-ID: 112aacedd3b61cc5c34b1fa6d9fb759214179172
* upstream: Do not pass -Werror twice when building with clang.naddy@openbsd.org2024-05-271-0/+1
| | | | OpenBSD-Commit-ID: 5f378c38ad8976d507786dc4db9283a879ec8cd0
* upstream: Do not pass -Werror if building with gcc 3, for asn1.hmiod@openbsd.org2024-05-271-0/+1
| | | | | | and bio.h cause (admittedly bogus) warnings with gcc 3. OpenBSD-Commit-ID: fb39324748824cb0387e9d67c41d1bef945c54ea
* upstream: remove duplicate copy of relink kit for sshd-sessionnaddy@openbsd.org2024-05-221-0/+1
| | | | OpenBSD-Commit-ID: 6d2ded4cd91d4d727c2b26e099b91ea935bed504
* upstream: construct and install a relink-kit for sshd-session okderaadt@openbsd.org2024-05-171-0/+1
| | | | | | djm OpenBSD-Commit-ID: 8b3820adb4da4e139c4b3cffbcc0bde9f08bf0c6
* upstream: set right mode on ssh-agent at boot-timesemarie@openbsd.org2024-04-301-0/+1
| | | | | | | which sthen@ ok deraadt@ OpenBSD-Commit-ID: 662b5056a2c6171563e1626f9c69f27862b5e7af
* upstream: also create a relink kit for ssh-agent, since it is aderaadt@openbsd.org2024-04-301-0/+1
| | | | | | | | long-running setgid program carrying keys with some (not very powerful) communication channels. solution for testing the binary from dtucker. agreement from djm. Will add it into /etc/rc in a few days. OpenBSD-Commit-ID: 2fe8d707ae35ba23c7916adcb818bb5b66837ba0
* upstream: new-style relink kit for sshd. The old scheme createdderaadt@openbsd.org2024-04-301-0/+1
| | | | | | | | a Makefile by concatenating two Makefiles and was incredibly fragile. In the new way a narrow-purposed install.sh script is created and shipped with the objects. A recently commited /etc/rc script understands these files. OpenBSD-Commit-ID: ef9341d5a50f0d33e3a6fbe995e92964bc7ef2d3
* upstream: clean sshd random relinking kit; ok miod@naddy@openbsd.org2024-02-191-0/+1
| | | | OpenBSD-Commit-ID: 509bb19bb9762a4b3b589af98bac2e730541b6d4
* upstream: Import regenerated moduli.dtucker@openbsd.org2024-01-081-0/+1
| | | | OpenBSD-Commit-ID: 5a636f6ca7f25bfe775df4952f7aac90a7fcbbee
* upstream: delete useless dependencyderaadt@openbsd.org2023-01-311-0/+1
| | | | OpenBSD-Commit-ID: e1dc11143f83082e3154d6094f9136d0dc2637ad
* upstream: Create and install sshd random relink kit.deraadt@openbsd.org2023-01-311-0/+1
| | | | | | | | | | | | ../Makefile.inc and Makfile are concatenated for reuse, which hopefully won't be too fragile, we'll see if we need a different approach. The resulting sshd binary is tested with the new sshd -V option before installation. As the binary layout is now semi-unknown (meaning relative, fixed, and gadget offsets are not precisely known), change the filesystem permissions to 511 to prevent what I call "logged in BROP". I have ideas for improving this further but this is a first step ok djm OpenBSD-Commit-ID: 1e0a2692b7e20b126dda60bf04999d1d30d959d8
* upstream: Import regenerated modulidtucker@openbsd.org2022-04-201-0/+1
| | | | OpenBSD-Commit-ID: f9a0726d957cf10692a231996a1f34e7f9cdfeb0
* upstream: ssh-add side of destination constraintsdjm@openbsd.org2021-12-191-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Have ssh-add accept a list of "destination constraints" that allow restricting where keys may be used in conjunction with a ssh-agent/ssh that supports session ID/hostkey binding. Constraints are specified as either "[user@]host-pattern" or "host-pattern>[user@]host-pattern". The first form permits a key to be used to authenticate as the specified user to the specified host. The second form permits a key that has previously been permitted for use at a host to be available via a forwarded agent to an additional host. For example, constraining a key with "user1@host_a" and "host_a>host_b". Would permit authentication as "user1" at "host_a", and allow the key to be available on an agent forwarded to "host_a" only for authentication to "host_b". The key would not be visible on agent forwarded to other hosts or usable for authentication there. Internally, destination constraints use host keys to identify hosts. The host patterns are used to obtain lists of host keys for that destination that are communicated to the agent. The user/hostkeys are encoded using a new restrict-destination-v00@openssh.com key constraint. host keys are looked up in the default client user/system known_hosts files. It is possible to override this set on the command-line. feedback Jann Horn & markus@ ok markus@ OpenBSD-Commit-ID: 6b52cd2b637f3d29ef543f0ce532a2bce6d86af5
* upstream: Import regenerated moduli file.dtucker@openbsd.org2021-03-131-0/+1
| | | | OpenBSD-Commit-ID: 7ac6c252d2a5be8fbad4c66d9d35db507c9dac5b
* upstream: Add a comment documenting the source of the moduli groupdtucker@openbsd.org2020-11-081-0/+1
| | | | | | sizes. OpenBSD-Commit-ID: aec0725ce607630caaa62682624c6763b350391c
* upstream: clang -Wimplicit-fallthrough does not recognise /*deraadt@openbsd.org2020-08-031-0/+1
| | | | | | | FALLTHROUGH */ comments, which is the style we currently use, and gives too many boring warnings. ok djm OpenBSD-Commit-ID: 07b5031e9f49f2b69ac5e85b8da4fc9e393992a0
* upstream: Import regenerated moduli file.dtucker@openbsd.org2020-06-051-0/+1
| | | | OpenBSD-Commit-ID: 52ff0e3205036147b2499889353ac082e505ea54
* upstream: Drop leading space from line count that was confusingdtucker@openbsd.org2020-02-281-0/+1
| | | | | | ssh-keygen's screen mode. OpenBSD-Commit-ID: 3bcae7a754db3fc5ad3cab63dd46774edb35b8ae
* upstream: Update moduli generation script to new ssh-keygendtucker@openbsd.org2020-02-211-0/+1
| | | | | | generation and screening command line flags. OpenBSD-Commit-ID: 5010ff08f7ad92082e87dde098b20f5c24921a8f
* upstream: Import regenerated moduli.dtucker@openbsd.org2020-02-211-0/+1
| | | | OpenBSD-Commit-ID: 7b7b619c1452a459310b0cf4391c5757c6bdbc0f
* upstream: only clang understands those new -W optionsderaadt@openbsd.org2019-11-151-0/+1
| | | | OpenBSD-Commit-ID: d9b910e412d139141b072a905e66714870c38ac0
* upstream: remove debugging goop that snuck in to last commitdjm@openbsd.org2019-11-151-0/+1
| | | | OpenBSD-Commit-ID: 8ea4455a2d9364a0a04f9e4a2cbfa4c9fcefe77e
* upstream: skip demanding -fstack-protector-all on hppa. we neverderaadt@openbsd.org2019-11-121-0/+1
| | | | | | | wrote a stack protector for reverse-stack architectures, and i don't think anyone else did either. a warning per compiled file is just annoying. OpenBSD-Commit-ID: 14806a59353152f843eb349e618abbf6f4dd3ada
* upstream: undo debugging bits that shouldn't have been committeddjm@openbsd.org2019-11-011-0/+1
| | | | OpenBSD-Commit-ID: 4bd5551b306df55379afe17d841207990eb773bf
* upstream: Import regenerated moduli file.dtucker@openbsd.org2019-10-291-0/+1
| | | | OpenBSD-Commit-ID: 58ec755be4e51978ecfee73539090eb68652a987
* upstream: avoid compiling certain files that deeply depend ondjm@openbsd.org2019-09-061-0/+1
| | | | | | libcrypto when WITH_OPENSSL isn't set OpenBSD-Commit-ID: 569f08445c27124ec7c7f6c0268d844ec56ac061
* upstream: Test did not compile due to missing symbols. Add sourcebluhm@openbsd.org2019-08-301-0/+1
| | | | | | sshbuf-misc.c to regress as it was done in ssh make file. from Moritz Buhl OpenBSD-Regress-ID: 9e1c23476bb845f3cf3d15d9032da3ed0cb2fcf5
* upstream: include sshbuf-misc.c in SRCS_BASEdjm@openbsd.org2019-08-291-0/+1
| | | | OpenBSD-Commit-ID: 99dd10e72c04e93849981d43d64c946619efa474
* upstream: still compile uuencode.c, unbreaks buildderaadt@openbsd.org2019-07-081-0/+1
| | | | OpenBSD-Commit-ID: 5ea3d63ab972691f43e9087ab5fd8376d48e898f
* upstream: Import regenerated moduli.dtucker@openbsd.org2019-05-081-0/+1
| | | | OpenBSD-Commit-ID: db6375fc302e3bdf07d96430c63c991b2c2bd3ff
* upstream: Import new moduli.dtucker@openbsd.org2018-11-161-0/+1
| | | | OpenBSD-Commit-ID: c07772f58028fda683ee6abd41c73da3ff70d403
* upstream: Import updated moduli.dtucker@openbsd.org2018-09-211-0/+1
| | | | OpenBSD-Commit-ID: 04431e8e7872f49a2129bf080a6b73c19d576d40
* upstream: Don't redefine Makefile choices which come correct fromderaadt@openbsd.org2018-07-261-0/+1
| | | | | | bsd.*.mk ok markus OpenBSD-Commit-ID: 814b2f670df75759e1581ecef530980b2b3d7e0f
* upstream: Import regenerated moduli file.dtucker@openbsd.org2018-04-061-0/+1
| | | | OpenBSD-Commit-ID: 1de0e85522051eb2ffa00437e1885e9d7b3e0c2e
* upstream commitmarkus@openbsd.org2018-01-231-0/+1
| | | | | | | group shared source files (e.g. SRCS_KEX) and allow compilation w/o OPENSSL ok djm@ OpenBSD-Commit-ID: fa728823ba21c4b45212750e1d3a4b2086fd1a62
* upstream commitmarkus@openbsd.org2018-01-231-0/+1
| | | | | | | split client/server kex; only ssh-keygen needs uuencode.o; only scp/sftp use progressmeter.o; ok djm@ OpenBSD-Commit-ID: f2c9feb26963615c4fece921906cf72e248b61ee
* upstream commitmarkus@openbsd.org2018-01-231-0/+1
| | | | | | | only ssh-keygen needs uuencode.o; only scp/sftp use progressmeter.o OpenBSD-Commit-ID: a337e886a49f96701ccbc4832bed086a68abfa85
* upstream commitderaadt@openbsd.org2017-12-121-1/+1
| | | | | | | | | | | | ssh/lib hasn't worked towards our code-sharing goals for a quit while, perhaps it is too verbose? Change each */Makefile to specifying exactly what sources that program requires, compiling it seperate. Maybe we'll iterate by sorting those into seperatable chunks, splitting up files which contain common code + server/client specific code, or whatnot. But this isn't one step, or we'd have done it a long time ago.. ok dtucker markus djm OpenBSD-Commit-ID: 5317f294d63a876bfc861e19773b1575f96f027d
* Switch upstream git repository.Damien Miller2017-10-301-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously portable OpenSSH has synced against a conversion of OpenBSD's CVS repository made using the git cvsimport tool, but this has become increasingly unreliable. As of this commit, portable OpenSSH now tracks a conversion of the OpenBSD CVS upstream made using the excellent cvs2gitdump tool from YASUOKA Masahiko: https://github.com/yasuoka/cvs2gitdump cvs2gitdump is considerably more reliable than gitcvsimport and the old version of cvsps that it uses under the hood, and is the same tool used to export the entire OpenBSD repository to git (so we know it can cope with future growth). These new conversions are mirrored at github, so interested parties can match portable OpenSSH commits to their upstream counterparts. https://github.com/djmdjm/openbsd-openssh-src https://github.com/djmdjm/openbsd-openssh-regress An unfortunate side effect of switching upstreams is that we must have a flag day, across which the upstream commit IDs will be inconsistent. The old commit IDs are recorded with the tags "Upstream-ID" for main directory commits and "Upstream-Regress-ID" for regress commits. To make it clear that the commit IDs do not refer to the same things, the new repository will instead use "OpenBSD-ID" and "OpenBSD-Regress-ID" tags instead. Apart from being a longwinded explanation of what is going on, this commit message also serves to synchronise our tools with the state of the tree, which happens to be: OpenBSD-ID: 9c43a9968c7929613284ea18e9fb92e4e2a8e4c1 OpenBSD-Regress-ID: b33b385719420bf3bc57d664feda6f699c147fef
* upstream commitespie@openbsd.org2017-07-211-0/+1
| | | | | | zap redundant Makefile variables. okay djm@ Upstream-ID: e39b3902fe1d6c4a7ba6a3c58e072219f3c1e604
* upstream commitdjm@openbsd.org2017-07-211-0/+1
| | | | | | actually remove these files Upstream-ID: 1bd41cba06a7752de4df304305a8153ebfb6b0ac
* upstream commitdtucker@openbsd.org2017-06-241-0/+1
| | | | | | Import regenerated moduli. Upstream-ID: b25bf747544265b39af74fe0716dc8d9f5b63b95
* upstream commitdtucker@openbsd.org2017-06-241-0/+1
| | | | | | | Run the screen twice so we end up with more candidate groups. ok djm@ Upstream-ID: b92c93266d8234d493857bb822260dacf4366157
* upstream commitdjm@openbsd.org2017-06-071-0/+1
| | | | | | | rationalise the long list of manual CDIAGFLAGS that we add; most of these were redundant to -Wall -Wextra Upstream-ID: ea80f445e819719ccdcb237022cacfac990fdc5c
* upstream commitdjm@openbsd.org2017-05-021-0/+1
| | | | | | this one I did forget to "cvs rm" Upstream-ID: 5781670c0578fe89663c9085ed3ba477cf7e7913
* upstream commitdjm@openbsd.org2017-05-011-0/+1
| | | | | | | undo some local debugging stuff that I committed by accident Upstream-ID: fe5b31f69a60d47171836911f144acff77810217
* Typo.Darren Tucker2017-04-281-1/+1
| | | | Upstream-Regress-ID: 1e6b51ddf767cbad0a4e63eb08026c127e654308
* Add 2 regress commits I applied by hand.Darren Tucker2017-04-281-0/+2
| | | | | Upstream-Regress-ID: 30c20180c87cbc99fa1020489fe7fd8245b6420c Upstream-Regress-ID: 1e6b51ddf767cbad0a4e63eb08026c127e654308
* upstream commitjsg@openbsd.org2017-04-181-0/+1
| | | | | | | | Change COMPILER_VERSION tests which limited additional warnings to gcc4 to instead skip them on gcc3 as clang can handle -Wpointer-sign and -Wold-style-definition. Upstream-ID: 5cbe348aa76dc1adf55be6c0e388fafaa945439a
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-01 21:01:31 +0100