aboutsummaryrefslogtreecommitdiff
path: root/net/openssh
Commit message (Collapse)AuthorAge
* openssh: update to 8.1p1Sibren Vasse2019-11-09
| | | | Signed-off-by: Sibren Vasse <github@sibrenvasse.nl>
* treewide: Use default PKG_BUILD_DIR when possibleJeffery To2019-10-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This removes lines that set PKG_BUILD_DIR when the set value is no different from the default value. Specifically, the line is removed if the assigned value is: * $(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION) The default PKG_BUILD_DIR was updated[1] to incorporate BUILD_VARIANT if it is set, so now this is identical to the default value. * $(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_SOURCE_SUBDIR) if PKG_SOURCE_SUBDIR is set to $(PKG_NAME)-$(PKG_VERSION), making it the same as the previous case * $(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) This is the same as the default PKG_BUILD_DIR when there is no BUILD_VARIANT. * $(BUILD_DIR)/[name]-$(PKG_VERSION) where [name] is a string that is identical to PKG_NAME [1]: https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=e545fac8d968864a965edb9e50c6f90940b0a6c9 Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* treewide: add PKG_CPE_ID for better cvescanner coverageJan Pavlinec2019-09-17
| | | | Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
* openssh: Fix compilation with -Wimplicit-functionRosen Penev2019-07-21
| | | | | | Upstream backport. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* openssh: update to 8.0p1Peter Wagner2019-04-20
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: adjust engine support to openssl 1.1.1Eneas U de Queiroz2019-04-02
| | | | | | | | Openssl 1.1.1 package in openwrt enabled more than just the devcrypto engine, so the engine support in openssh should be enabled when general engine support is enabled in openssl. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
* openssh: use quotesPeter Wagner2019-03-22
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: handle multiple ports and simplify init scriptPeter Wagner2019-03-21
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: add upstream patches, including CVE-2019-6111Peter Wagner2019-03-03
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: patch scp security issuesJan Pavlinec2019-02-10
| | | | | | | | Fixes CVE-2019-6109 CVE-2019-6111 Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
* openssh: backport patch for CVE-2018-20685Peter Wagner2019-01-15
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: fixes issues with some openssl optionsPeter Wagner2018-10-20
| | | | | | | | | | | | | | This adds a couple of patches when setting some openssl options: * ECDSA code in openssh-compat.h and libressl-api-compat.c needs to be be guarded by OPENSSL_HAS_ECC; otherwise, it will not build with openssl compiled without ECC support. * Fix openssl version number in openbsd-compat/openssl-compat.c which failed to compile --with-ssl-engine; this option is used when CONFIG_OPENSSL_ENGINE_CRYPTO=y Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com> Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: update to 7.9p1Peter Wagner2018-10-19
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: add openssl 1.1.0 compatibilityEneas U de Queiroz2018-09-30
| | | | | | | | | | | | | Five commits from upstream were applied to v. 7.8-p1: 482d23bc upstream: hold our collective noses and use the openssl-1.1.x API in 48f54b9d adapt -portable to OpenSSL 1.1x API 86e0a9f3 upstream: use only openssl-1.1.x API here too a3fd8074 upstream: missed a bit of openssl-1.0.x API in this unittest d64e7852 add compat header Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
* openssh: update to 7.8p1Peter Wagner2018-08-27
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: let opkg manage openssh symlinks of ssh, scpYousong Zhou2018-06-25
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* openssh: update to 7.7p1Peter Wagner2018-04-08
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* treewide: fix incorrect *_BUILD_DEPENDSMatthias Schiffer2018-01-09
| | | | | | | | | | | | | | | | Build depends refer to source package names, not binary package names. In many cases, PKG_BUILD_DEPENDS simply duplicated runtime dependencies of a source package's binary packages; as the corresponding source packages are implicitly added as bulid dependencies, PKG_BUILD_DEPENDS can simply be dropped in these cases. In the other cases, *_BUILD_DEPENDS is fixed to refer to the correct source package name. Dependency of mysql-server is adjusted from libncursesw to libncurses (as libncursesw is a virtual package provided by libncurses), so the build dependency on ncurses is emitted unconditionally. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* openssh: update to 7.6p1Peter Wagner2017-10-05
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* ssh: Add umdns entry to the init script.Rosen Penev2017-08-15
| | | | | | | This is usefull for hosts to discover the ssh server, especially on macOS. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* openssh: add ssh_host keys to openssh-server/conffilesPeter Wagner2017-07-15
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: if we don't generate a dsa key we shouldn't look for itPhilip Prindeville2017-06-05
| | | | | | | | | | | | | | | The earlier commit ea119211b21 removed 'dsa' as one of the ssh_host_*_key types that got generated. Problem was that it didn't remove that key as one of the paths that the server looks for by default. As a consequence, your log file might fill up with messages like: 2017-06-01T15:43:07-06:00 openwrt sshd[31929]: error: Could not load host key: /etc/ssh/ssh_host_dsa_key The patch is forunately trivial. Don't set the path for the dsa key file in the server configuration. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* Revert "The earlier commit ea119211b21 removed 'dsa' as one of the ↵Daniel Golle2017-06-05
| | | | | | | | | | | | | | ssh_host_*_key" The author (@pprindeville) of the original commit noted that the wrong commit was picked, see https://github.com/openwrt/packages/commit/325b7d2cd2d6e9d4903c6e7628c7c9ae0ddab564#commitcomment-22387528 "Err... looks like the wrong fix got committed. I was hoping that this commit d902e5d would have gone in instead." This reverts commit 325b7d2cd2d6e9d4903c6e7628c7c9ae0ddab564. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* The earlier commit ea119211b21 removed 'dsa' as one of the ssh_host_*_keyPeter Wagner2017-06-03
| | | | | | | | | | | | | | types that got generated. Problem was that it didn't remove that key as one of the paths that the server looks for by default. As a consequence, your log file might fill up with messages like: 2017-06-01T15:43:07-06:00 openwrt sshd[31929]: error: Could not load host key: /etc/ssh/ssh_host_dsa_key The patch is forunately trivial. Don't set the path for the dsa key file in the server configuration. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: update to 7.5p1, remove unneeded patchesPeter Wagner2017-03-21
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: Fix ssl-engine supportMartin Schiller2017-02-27
| | | | Signed-off-by: Martin Schiller <ms@dev.tdt.de>
* net/openssh: Offload main sitePeter Wagner2017-01-11
| | | | | | | Add a few mirrors in-front of main site for offloading Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: update to 7.4p1Peter Wagner2016-12-22
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: Unregister the KEXINIT handler after message has beenPeter Wagner2016-10-17
| | | | | | | | | | received. Otherwise an unauthenticated peer can repeat the KEXINIT and cause allocation of up to 128MB -- until the connection is closed. Reported by shilei-c at 360.cn https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: move inbound NEWKEYS handling to kex layer; otherwise early NEWKEYS ↵Peter Wagner2016-10-03
| | | | | | | | causes NULL deref see: https://anongit.mindrot.org/openssh.git/commit/?id=28652bca29046f62c7045e933e6b931de1d16737 Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: update to 7.3p1Peter Wagner2016-08-09
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: update to 7.2p2Peter Wagner2016-03-11
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: v7.2p1Peter Wagner2016-03-06
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: update to 7.1p2Peter Wagner2016-01-15
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: remove dsa and add ecdsa + ed25519 to initial keygen.Mangix2015-11-27
| | | | Signed-off by: Rosen Penev <rosenp@gmail.com>
* openssh: update to 7.1p1Peter Wagner2015-08-26
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: update to 6.9p1Peter Wagner2015-07-18
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: strip openssh-sftp-server dependencies againOliver Middleton2015-03-23
| | | | | | Reapply 99c6c3d830156ce13f415c698343353c477cd9f9 Signed-off-by: Oliver Middleton <olliemail27@gmail.com>
* openssh: remove optional dependency on libsspStijn Tintel2015-03-20
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* openssh: update to 6.8p1Peter Wagner2015-03-19
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh: provide an avahi service fileMichael Heimpold2014-12-08
| | | | | | | As discussed in #543, we can announce the SFTP service via Avahi when sftp-server is installed. Signed-off-by: Michael Heimpold <mhei@heimpold.de>
* misc: correct typo in Makefiles for PKG_LICENSE_FILESIan Leonard2014-11-24
| | | | Signed-off-by: Ian Leonard <antonlacon@gmail.com>
* openssh: update to 6.7p1Peter Wagner2014-10-19
| | | | Signed-off-by: Peter Wagner <tripolar@gmx.at>
* openssh,ntpd: move USERID to the server only as the client utils don't need ↵Peter Wagner2014-10-14
| | | | | | a user/group Signed-off-by: Peter Wagner <tripolar@gmx.at>
* generic userid: use the new USERID apiJohn Crispin2014-10-08
| | | | | | | | recent changes in trunk allow us to specify the userid inside the openwrt makefile. the info is stored int he meta data of the IPK contorl file and users are generated by the new generic postinst trigger. Signed-off-by: John Crispin <blogic@openwrt.org>
* Add ISC/BSD to PKG_LICENSE_*Bryan Steele2014-08-08
|
* Update PKG_SOURCE_URL for OpenSSHBryan Steele2014-08-08
| | | Remove broken mirrors, prefer HTTP over FTP.
* openssh: fix openssh-sftp-server deps when SSP_SUPPORTCatalin Patulea2014-06-26
|
* openssh: strip openssh-sftp-server dependencies, notably opensslCatalin Patulea2014-06-16
| | | | | | | | | | openssh-sftp-server is actually a tiny binary that has nearly no dependencies: $ mips-openwrt-linux-objdump -x sftp-server | grep NEEDED NEEDED libgcc_s.so.1 NEEDED libc.so.0 Stripping its DEPENDS allows building a system with SFTP support, without pulling in OpenSSL.
* openssh: import from packagesPeter Wagner2014-06-16
Signed-off-by: Peter Wagner <tripolar@gmx.at>
Powered by cgit, Themed by Ted Yin.