notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Want a good monitor light? See my photosAll times are UTC
Ukraine
non port: security/openssh-portable/files/patch-session.c

Number of commits found: 41

Thursday, 29 Apr 2021
16:05 Bryan Drewery (bdrewery) search for other commits by this committer
security/openssh-portable: Update to 8.6p1

- gssapi is disabled for now.

Changes:
 - https://www.openssh.com/txt/release-8.5
 - https://www.openssh.com/txt/release-8.6

Submitted by:	Yasuhiro Kimura [earlier version][1]
PR:		254389 [1]
commit hash: de9fffcec89b58fb6f77b72a55975eccb01eb480 commit hash: de9fffcec89b58fb6f77b72a55975eccb01eb480 commit hash: de9fffcec89b58fb6f77b72a55975eccb01eb480 commit hash: de9fffcec89b58fb6f77b72a55975eccb01eb480 de9fffc
Friday, 20 Nov 2020
03:41 bdrewery search for other commits by this committer
- Add pkg-config dependency which avoids some maintainer testing errors
  and also removes a few unneeded library links such as -lcurses.
- libfido2 package is broken with pkg-config and base ssl. Workaround this
  by not using pkg-config for that library for now.
- Add USES=localbase to simplify some options
- Make crypt(3) MD5 password support optional but still on-by-default.  The
  default in FreeBSD changed in 10.0 but that does not mean
- Enable -Werror
- Remove some old baggage from the port build
 o The zlib version check has not been needed for a while.
 o sshd.8 has not had %%PREFIX%% or %$RC_SCRIPT_NAME%% since 2011
   and is not worth more patches/complexity.
 o The strnvis(3) problem noted in r311891 was fixed in OpenSSH 7.4.
 o autoreconf is run so it makes no sense to patch configure for -ldes
 o --with-md5-passwords is not needed as our crypt(3) supports it
   natively.  This is only relevant without PAM.
Original commitRevision:555734 
Monday, 23 Mar 2020
23:15 bdrewery search for other commits by this committer
- Simplify and refactor login.conf environment handling.
Original commitRevision:529015 
21:56 bdrewery search for other commits by this committer
Fix build without PAM option
Original commitRevision:529010 
Friday, 12 Jul 2019
03:48 bdrewery search for other commits by this committer
Update to 8.0p1

Changes: https://www.openssh.com/txt/release-8.0

With help from:	Lee Prokowich
Sponsored by:	DellEMC
Original commitRevision:506433 
Monday, 12 Nov 2018
21:55 bdrewery search for other commits by this committer
- Fix X509 build after r484765 openssl fix
- Fix patch URL for KERB_GSSAPI
- Add FLAVORs for x509 and gssapi since they are distinct types of
  OpenSSH rather than feature flags.

Approved by:	portmgr (implicit)
Original commitRevision:484842 
Sunday, 11 Nov 2018
20:21 bdrewery search for other commits by this committer
Update to 7.9p1.

- Fixes build on 12, head, and openssl-devel.
- GSSAPI and HPN are currently marked BROKEN as I don't want to block
  the main update for anyone.

  http://www.openssh.com/txt/release-7.8
  http://www.openssh.com/txt/release-7.9

MFH:	2018Q4 (due to being broken on 12+head)
Original commitRevision:484765 
Thursday, 5 Apr 2018
18:20 bdrewery search for other commits by this committer
Update to 7.7p1

- Update x509 patch to 11.3
- Remove SCTP option as it has not had a patch available since 7.2.

Changes: https://www.openssh.com/txt/release-7.7

Notable changes:
 * ssh(1)/sshd(8): Drop compatibility support for some very old SSH
   implementations, including ssh.com <=2.* and OpenSSH <= 3.*. These
   versions were all released in or before 2001 and predate the final
   SSH RFCs. The support in question isn't necessary for RFC-compliant
   SSH implementations.
Original commitRevision:466577 
Monday, 16 Jan 2017
19:30 bdrewery search for other commits by this committer
Update to 7.4p1.

- Update X509 patch to 9.3
- SCTP patch from soralx@cydem.org

Changes: https://www.openssh.com/txt/release-7.4
Original commitRevision:431698 
Wednesday, 11 Nov 2015
21:21 bdrewery search for other commits by this committer
Make portlint stop spamming me.  It's gotten quite silly.

There's no reason to regenerate these for the sake of having 'UTC' in the patch
and it also considers patches with comments to be invalid.

WARN: /root/svn/ports/security/openssh-portable/files/patch-auth.c: patch was
not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-auth2.c: patch was
not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-readconf.c: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN:
/root/svn/ports/security/openssh-portable/files/patch-regress__test-exec.sh:
patch was not generated using ``make makepatch''.  It is recommended to use
``make makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-servconf.c: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-session.c: patch was
not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-ssh-agent.1: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-ssh-agent.c: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-ssh.c: patch was not
generated using ``make makepatch''.  It is recommended to use ``make makepatch''
when you need to [re-]generate a patch to ensure proper patch format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-ssh_config: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-ssh_config.5: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-sshconnect.c: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-sshd.8: patch was
not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-sshd.c: patch was
not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-sshd_config: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-sshd_config.5: patch
was not generated using ``make makepatch''.  It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
Original commitRevision:401299 
Sunday, 13 Oct 2013
02:20 bdrewery search for other commits by this committer
- Update to 6.3p1
  Changelog: http://www.openssh.org/txt/release-6.3
- Use options helpers where possible
- Use upstream patch mirror for x509 and HPN
- Update HPN patch to v14 and use upstream version
- Add option NONECIPHER to allow disabling NONE in HPN patch
- Update x509 patch from 7.4.1 to 7.6
- Add support for LDNS and enable by it and VerifyHostKeyDNS/SSHFP by default.
  See
http://lists.freebsd.org/pipermail/freebsd-security/2013-September/007180.html
  which describes this change, but is supported on releases before 10 as well
  with LDNS option.
- Update SCTP to patchlevel 2329
- Update recommendation on secure usage of SSH
- Add pkg-message warning about ECDSA key possibly being incorrect due to
  previously being written as DSA by the rc script and fixed in r299902 in
  2012
Original commitRevision:330200 
Friday, 17 May 2013
19:47 bdrewery search for other commits by this committer
- Update to 6.2p2

- The LPK patch has been updated but is obsolete, deprecated and
  untested. It has been replaced by AuthorizedKeysCommand
- The upstream HPN's last update was for 6.1 and is mostly
  abandoned. The patch has had bugs since 5.9. I have reworked
  it and split into into HPN and AES_THREADED options. The
  debugging/logging part of the patch is incomplete. I may
  change the patch to more closely match our base version
  eventually.
- The KERB_GSSAPI option has been removed as the patch has not
  been updated by upstream since 5.7
- sshd VersionAddendum is currently not working as intended;
  it will be fixed later to allow removing the port/pkg version.
- Update our patchset to match latest base version
- Bring in ssh-agent -x support from base
- I incrementally updated the port from 5.8 up to 6.2p2 along
  with patches. You can find all of the versions at
  https://github.com/bdrewery/openssh

Changes:
    http://www.openssh.com/txt/release-5.9
    http://www.openssh.org/txt/release-6.0
    http://www.openssh.org/txt/release-6.1
    http://www.openssh.org/txt/release-6.2
    http://www.openssh.org/txt/release-6.2p2
Original commitRevision:318400 
14:16 bdrewery search for other commits by this committer
- Remove copyright as it was a base customization that was removed in
  base r213250
Original commitRevision:318390 
13:56 bdrewery search for other commits by this committer
- Remove CHROOT option and patch. ChrootDirectory was added in 5.0
  to achieve the same thing.
Original commitRevision:318386 
Wednesday, 17 Apr 2013
00:35 bdrewery search for other commits by this committer
- Remove compatibiliy for FreeBSD <4.x
  * /var/empty has been in hier(7) since 4.x
  * User sshd has been in base since 4.x
  * Simplify a patch for realhostname_sa(3) usage
- Remove SUID_SSH - It was removed from ssh in 2002
- Fix 'make test'
- Add some hints into the patches on where they came from
- Mirror all patches
- Move LPK patch out of files/
- Remove the need for 2 patches
  * Removal of 'host-key check-config' in install phase
  * Adding -lutil
- Add SCTP support [1]
- Remove FILECONTROL as it has not been supported since the 5.8
  update
- Replace tab with space pkg-descr
- Remove default WRKSRC
- Add 'configtest' command to rc script
- Mark X509 broken with other patches due to PATCH_DIST_STRIP=-p1

PR:		ports/174570 [1]
Submitted by:	oleg <proler@gmail.com> [1]
Obtained from:	https://bugzilla.mindrot.org/show_bug.cgi?id=2016 (upstream) [1]
Feature safe:	yes
Original commitRevision:315920 
Friday, 21 Oct 2011
16:18 flo search for other commits by this committer
- update to 5.8p2 [1]
- fix Kerberos knob [2]
- fix build on 9.0 [3]
- fix deinstall with various knobs [4]
- fix LPK knob [5]

PR:             ports/161818 [1], ports/144597 [2], ports/160389 [3]
                ports/150493, ports/156926 [4], ports/155456 [5]

Submitted by:   "Grzegorz Blach" <magik@roorback.net> [1], [2], [4], [5]
                pluknet [3]
Reported by:    Jonathan <lordsith49@hotmail.com> [2]
                Kevin Thompson <antiduh@csh.rit.edu> [4]
                Alexey Remizov <alexey@remizov.org> [5]
Original commit
Tuesday, 24 Mar 2009
17:26 pav search for other commits by this committer
- Update to 5.1p1

PR:             ports/128679
Submitted by:   Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net>
Approved by:    maintainer timeout (mnag; 4 months)
Original commit
Saturday, 19 Apr 2008
13:46 mnag search for other commits by this committer
- Update to 5.0p1
- Port LPK patch to 5.0p1 and add to files dir
- Remove USE_PERL_BUILD since doesn't need [1]
- Update KERB_GSSAPI to 5.0p1
- Update HPN patch to 5.0p1 13v3
- Respect LOCALBASE on configure_args of LPK [2]
- Change MASTER_SITE of snapshot
- portlint(1)

PR:             121826 [2]
Submitted by:   Andrew Kolchoogin <andrew___rinet.ru> [2]
Reported by:    Björn König <bkoenig___alpha-tierchen.d [1]
Original commit
Friday, 10 Nov 2006
14:28 mnag search for other commits by this committer
- Fix CHROOT patch using chroot() before setusercontext() and add strerror() in
message if chroot() fail.

Notified by:    Chris Gardner <chris_g_g___hotmail.com>
Original commit
Sunday, 1 Oct 2006
02:15 mnag search for other commits by this committer
- Update to 4.4p1.
- Disable temporary HPN patch until HPN release new version.
- Fix rc.d script path in sshd.8
- Add FreeBSD-${PKGNAME} in SSH_VERSION and SSH_RELEASE like src does.
- Sync patches with src.

Security:       CVE-2006-4924, CVE-2006-5051
Original commit
Sunday, 20 Mar 2005
01:00 ahze search for other commits by this committer
- Update to 4.0p1

PR:             ports/79029
Submitted by:   Dimitry Andric <dimitry@andric.com>
Original commit
Saturday, 18 Dec 2004
19:16 pav search for other commits by this committer
- sshd child process crashes when user with expired password logs in.
  Fix unitialized pointer in our local patch.

PR:             ports/75204
Submitted by:   Andriy Gapon <avg@icyb.net.ua>
Original commit
Tuesday, 12 Oct 2004
04:43 dinoex search for other commits by this committer
- new option WITH_OPENSSH_CHROOT
Submitted by:   KANAI Makoto
Original commit
Wednesday, 18 Aug 2004
11:35 dinoex search for other commits by this committer
- update to 3.9p1

set PORTVERSION 3.9.0.1 to avoid another
bump of PORTEPOCH if 3.9.1p1 come out.

- new option OPENSSH_SNAPSHOT
Original commit
Friday, 26 Sep 2003
18:13 dinoex search for other commits by this committer
- update to 3.7.1p2
more regressions tests successfull
Original commit
Wednesday, 17 Sep 2003
16:07 nectar search for other commits by this committer
Add Solar Designer's additional fixes to buffer management.
Original commit
Tuesday, 1 Apr 2003
03:02 dinoex search for other commits by this committer
- Update to 3.6p1
Original commit
Saturday, 26 Oct 2002
03:56 dinoex search for other commits by this committer
- cleanup of mor patches
- fix Makefile to avoid key-generation on bento.
Original commit
Thursday, 17 Oct 2002
04:40 dinoex search for other commits by this committer
Update to 3.5p1
Original commit
Monday, 1 Jul 2002
19:37 dinoex search for other commits by this committer
Cleanup patch to avoid conflicts with GSSAPI patches
Original commit
Sunday, 30 Jun 2002
19:31 dinoex search for other commits by this committer
give Enviroment from login.conf priority over all others,
problem found by drs@rucus.ru.ac.za.
Original commit
Wednesday, 26 Jun 2002
17:40 dinoex search for other commits by this committer
update patch for 3.4
Original commit
12:22 dinoex search for other commits by this committer
Thanks to max@wide.ad.jp, maxim, obraun@informatik.unibw-muenchen.de, fjoe
Patch from current, noted by drs@rucus.ru.ac.za:
environment variables in the 'setenv' field of login.conf are set now.
Original commit
Friday, 31 May 2002
07:28 dinoex search for other commits by this committer
Update to OpenSSH 3.2.3

- patch openssh-3.1-adv.token.patch is now obsolete.
- remerged PAM changes form previous port
- declare CMSG_* macros.
- fixed bad type in function input_userauth_passwd_changereq

Update to OpenSSH-portable-3.2.3p1

- patch openssh-3.1p1-adv.token.patch is now obsolete
- keep previously declared CONFIGURE_ARGS
- remove openssh-mit-krb5-20020326.diff (should be in the distribution now)
- patch patch-readpassphrase.c is now in teh distribution
- merged previous patches.
- extend CONFIGURE_ARGS so it find OPENSSL again.
- new patches for GSSAPI, not fully tested.

If you have the patch applied:
http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/36080

Builds with openssl-0.9.6d under:
2.2.8-RELEASE
3.2-RELEASE
4.2-RELEASE
4.6-RC
Original commit
Wednesday, 27 Mar 2002
20:02 dinoex search for other commits by this committer
Updated Patch on openBSD website,
patch openssh/files/patch-cipher.c is now obsolete.
Original commit
Monday, 25 Mar 2002
05:39 dinoex search for other commits by this committer
- Fix problem with auth_ttyok and ttyname
- Make KERBEROS patch build with heimdal port
Original commit
Sunday, 17 Mar 2002
20:24 dinoex search for other commits by this committer
Merged patches for HAVE_LOGIN_CAP from stable

PR:             35904
Original commit
Friday, 8 Mar 2002
05:54 dinoex search for other commits by this committer
Update to OpenSSH 3.1 OpennSSH-portable 3.1p1    
Original commit
Wednesday, 3 Oct 2001
16:19 dinoex search for other commits by this committer
- Update to OpenSSH 2.9.9p2   - security-patch for cookie files obsolete   - MD5
password support activated    
Original commit
Sunday, 10 Jun 2001
21:08 dwcjr search for other commits by this committer
Fix FreeBSD specific patch, exit now if change of password fails.    
Original commit
Friday, 1 Jun 2001
15:49 dinoex search for other commits by this committer
New port:   OpenSSH portable, which has GNU-configure and more.   Diffs to
OpenSSH-OPenBSD are huge.   So this is here a complete diffrent branch, no
repro-copy   - Did a bit cleanup in the Makefile    
Original commit

Number of commits found: 41