![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / security / ssh2
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.16.2.1 / (download) - annotate - [select for diffs], Sun Feb 5 22:22:37 2006 UTC (17 years ago) by salo
Branch: pkgsrc-2005Q4
Changes since 1.16: +1 -2
lines
Diff to previous 1.16 (colored) next main 1.17 (colored)
Pullup ticket 1090 - requested by Thomas Klausner dependency fix for ssh2-nox11 Via patch. Addresses PR pkg/32716 by Tracy Di Marco White.
Revision 1.19, Sat Feb 4 00:33:17 2006 UTC (17 years ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base,
pkgsrc-2013Q2,
pkgsrc-2012Q4-base,
pkgsrc-2012Q4,
pkgsrc-2011Q4-base,
pkgsrc-2011Q4,
pkgsrc-2011Q2-base,
pkgsrc-2011Q2,
pkgsrc-2009Q4-base,
pkgsrc-2009Q4,
pkgsrc-2008Q4-base,
pkgsrc-2008Q4,
pkgsrc-2008Q3-base,
pkgsrc-2008Q3,
pkgsrc-2008Q2-base,
pkgsrc-2008Q2,
pkgsrc-2008Q1-base,
pkgsrc-2008Q1,
pkgsrc-2007Q4-base,
pkgsrc-2007Q4,
pkgsrc-2007Q3-base,
pkgsrc-2007Q3,
pkgsrc-2007Q2-base,
pkgsrc-2007Q2,
pkgsrc-2007Q1-base,
pkgsrc-2007Q1,
pkgsrc-2006Q4-base,
pkgsrc-2006Q4,
pkgsrc-2006Q3-base,
pkgsrc-2006Q3,
pkgsrc-2006Q2-base,
pkgsrc-2006Q2,
pkgsrc-2006Q1-base,
pkgsrc-2006Q1,
cube-native-xorg-base,
cube-native-xorg,
HEAD
Changes since 1.18: +1 -1
lines
FILE REMOVED
Add x11 option to ssh2 package. Remove obsolete ssh2-nox11 package. Replaces PR 32716 by Tracy Di Marco White.
Revision 1.18 / (download) - annotate - [select for diffs], Thu Dec 29 06:22:12 2005 UTC (17 years, 1 month ago) by jlam
Branch: MAIN
Changes since 1.17: +1 -2
lines
Diff to previous 1.17 (colored)
Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mk automatically detects whether we want the pkginstall machinery to be used by the package Makefile.
Revision 1.17 / (download) - annotate - [select for diffs], Tue Dec 27 13:54:59 2005 UTC (17 years, 1 month ago) by seb
Branch: MAIN
Changes since 1.16: +2 -2
lines
Diff to previous 1.16 (colored)
Lower expectations, both others' and mine: relinquish stewardship
Revision 1.16 / (download) - annotate - [select for diffs], Mon Dec 5 23:55:18 2005 UTC (17 years, 2 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2005Q4-base
Branch point for: pkgsrc-2005Q4
Changes since 1.15: +4 -4
lines
Diff to previous 1.15 (colored)
Ran "pkglint --autofix", which corrected some of the quoting issues in CONFIGURE_ARGS.
Revision 1.15 / (download) - annotate - [select for diffs], Mon Dec 5 20:50:58 2005 UTC (17 years, 2 months ago) by rillig
Branch: MAIN
Changes since 1.14: +5 -5
lines
Diff to previous 1.14 (colored)
Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in
http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
Revision 1.14 / (download) - annotate - [select for diffs], Sun Oct 23 23:11:09 2005 UTC (17 years, 3 months ago) by rillig
Branch: MAIN
Changes since 1.13: +2 -2
lines
Diff to previous 1.13 (colored)
Use "+=" instead of "=" for PLIST_SUBST.
Revision 1.13 / (download) - annotate - [select for diffs], Wed Jun 1 18:03:21 2005 UTC (17 years, 8 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base,
pkgsrc-2005Q3,
pkgsrc-2005Q2-base,
pkgsrc-2005Q2
Changes since 1.12: +2 -1
lines
Diff to previous 1.12 (colored)
Massive cleanup of buildlink3.mk and builtin.mk files in pkgsrc.
Several changes are involved since they are all interrelated. These
changes affect about 1000 files.
The first major change is rewriting bsd.builtin.mk as well as all of
the builtin.mk files to follow the new example in bsd.builtin.mk.
The loop to include all of the builtin.mk files needed by the package
is moved from bsd.builtin.mk and into bsd.buildlink3.mk. bsd.builtin.mk
is now included by each of the individual builtin.mk files and provides
some common logic for all of the builtin.mk files. Currently, this
includes the computation for whether the native or pkgsrc version of
the package is preferred. This causes USE_BUILTIN.* to be correctly
set when one builtin.mk file includes another.
The second major change is teach the builtin.mk files to consider
files under ${LOCALBASE} to be from pkgsrc-controlled packages. Most
of the builtin.mk files test for the presence of built-in software by
checking for the existence of certain files, e.g. <pthread.h>, and we
now assume that if that file is under ${LOCALBASE}, then it must be
from pkgsrc. This modification is a nod toward LOCALBASE=/usr. The
exceptions to this new check are the X11 distribution packages, which
are handled specially as noted below.
The third major change is providing builtin.mk and version.mk files
for each of the X11 distribution packages in pkgsrc. The builtin.mk
file can detect whether the native X11 distribution is the same as
the one provided by pkgsrc, and the version.mk file computes the
version of the X11 distribution package, whether it's built-in or not.
The fourth major change is that the buildlink3.mk files for X11 packages
that install parts which are part of X11 distribution packages, e.g.
Xpm, Xcursor, etc., now use imake to query the X11 distribution for
whether the software is already provided by the X11 distribution.
This is more accurate than grepping for a symbol name in the imake
config files. Using imake required sprinkling various builtin-imake.mk
helper files into pkgsrc directories. These files are used as input
to imake since imake can't use stdin for that purpose.
The fifth major change is in how packages note that they use X11.
Instead of setting USE_X11, package Makefiles should now include
x11.buildlink3.mk instead. This causes the X11 package buildlink3
and builtin logic to be executed at the correct place for buildlink3.mk
and builtin.mk files that previously set USE_X11, and fixes packages
that relied on buildlink3.mk files to implicitly note that X11 is
needed. Package buildlink3.mk should also include x11.buildlink3.mk
when linking against the package libraries requires also linking
against the X11 libraries. Where it was obvious, redundant inclusions
of x11.buildlink3.mk have been removed.
Revision 1.12 / (download) - annotate - [select for diffs], Mon Apr 11 21:47:19 2005 UTC (17 years, 9 months ago) by tv
Branch: MAIN
Changes since 1.11: +1 -2
lines
Diff to previous 1.11 (colored)
Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used.
Revision 1.11 / (download) - annotate - [select for diffs], Tue Dec 28 01:39:32 2004 UTC (18 years, 1 month ago) by reed
Branch: MAIN
CVS Tags: pkgsrc-2005Q1-base,
pkgsrc-2005Q1
Changes since 1.10: +1 -2
lines
Diff to previous 1.10 (colored)
Moved PKGREVISION definition from common Makefile to the package-specific Makefile (as mentioned on tech-pkg).
Revision 1.10 / (download) - annotate - [select for diffs], Sun Oct 3 00:18:13 2004 UTC (18 years, 4 months ago) by tv
Branch: MAIN
CVS Tags: pkgsrc-2004Q4-base,
pkgsrc-2004Q4
Changes since 1.9: +2 -2
lines
Diff to previous 1.9 (colored)
Libtool fix for PR pkg/26633, and other issues. Update libtool to 1.5.10 in the process. (More information on tech-pkg.) Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and installing .la files. Bump PKGREVISION (only) of all packages depending directly on the above via a buildlink3 include.
Revision 1.9 / (download) - annotate - [select for diffs], Sun Jul 25 12:29:19 2004 UTC (18 years, 6 months ago) by grant
Branch: MAIN
CVS Tags: pkgsrc-2004Q3-base,
pkgsrc-2004Q3
Changes since 1.8: +2 -1
lines
Diff to previous 1.8 (colored)
"ln -s" does not overwrite existing targets on all platforms, explicitly rm targets before trying to create symlinks. fixes install on Solaris.
Revision 1.8 / (download) - annotate - [select for diffs], Fri May 28 12:00:10 2004 UTC (18 years, 8 months ago) by kivinen
Branch: MAIN
CVS Tags: pkgsrc-2004Q2-base,
pkgsrc-2004Q2
Changes since 1.7: +2 -1
lines
Diff to previous 1.7 (colored)
Fixed bug, which only appeared in the NetBSD 2.0 systems where the write can return 0 even when the select has indicated that socket is writable. Do not consider this error, but call select again.
Revision 1.7 / (download) - annotate - [select for diffs], Fri Mar 12 16:40:08 2004 UTC (18 years, 10 months ago) by seb
Branch: MAIN
CVS Tags: pkgsrc-2004Q1-base,
pkgsrc-2004Q1
Changes since 1.6: +6 -7
lines
Diff to previous 1.6 (colored)
Update to version 3.2.9.1. While here bl3ify. Changes since previously packaged version (3.2.5): 2003-12-03 Sami J. Lehtinen <sjl@ssh.com> * ssh-3.2.9.1. * non-commercial: removed cert hash compat stuff, which broke compilation. 2003-09-26 Sami J. Lehtinen <sjl@ssh.com> * ssh-3.2.9. * ssh2,sshd2: (by Patrick Irwin): Critical security fix: fixed several bugs in ASN.1 decoding functionality, which were caused by invalid assumptions on the format of input BER data. Certificates malformed in certain ways could cause a crash or buffer overflow. No known exploits at this time, but you are strongly advised to upgrade. Admins unwilling or unable to upgrade need to disable certificates, but this may not be enough for "hostbased" authentication. "publickey" auth should be safe even with the old version with certificates disabled. Clients are probably vulnerable against malicious servers in the initial key exchange regardless of configuration. Users of noncommercial version are not affected by this vulnerability. 2003-09-25 Sami J. Lehtinen <sjl@ssh.com> * sshd2, ssh2: Implemented DisableVersionFallback, with which you can disable fallback compatibility code for older, or otherwise incompatible versions of software. Don't disable unless you know what you're doing. See sshd2_config(5) for details. For really paranoid people (using this option will probably hurt usability somewhat, especially in environments where multiple versions of SSH are used from different vendors). * sshd2, ssh2: Implemented Cert.RSA.Compat.HashScheme. Older SSH Secure Shell clients and servers used hashes in an incoherent manner (sometimes MD5, sometimes SHA-1). With this option, you can set what hash is used. See sshd2_config(5) for details. * Previous: ssh-3.2.8. 2003-08-07 Tomi Salo <ttsalo@ssh.com> * Added a new general configuration option, MaxCRLSize. This sets the maximum size for CRLs and CA certs used in validating received certificates. (The size is the total size of all CRLs and certs, not the maximum individual size.) 2003-06-11 Sami J. Lehtinen <sjl@ssh.com> * ssh-3.2.7. * ssh-signer2: Fixed a bug, which caused the application to intermittently call fatal because the read() operation was interrupted by a signal (SIGCHLD). 2003-06-04 Sami J. Lehtinen <sjl@ssh.com> * ssh-3.2.6. * SecurID certified binaries, no code changes.
Revision 1.6 / (download) - annotate - [select for diffs], Wed Jan 7 02:21:17 2004 UTC (19 years, 1 month ago) by jlam
Branch: MAIN
Changes since 1.5: +3 -3
lines
Diff to previous 1.5 (colored)
From the log for rev. 1.1260 of bsd.pkg.mk: "Package Makefiles should refer to PKG_SYSCONFBASEDIR instead of PKG_SYSCONFBASE when they want PKG_SYSCONFDIR stripped of PKG_SYSCONFSUBDIR. This makes PKG_SYSCONFBASE=/etc work with pkgviews by installing all config files into /etc/packages/<pkg> instead of occasionally putting some directly into /etc."
Revision 1.5 / (download) - annotate - [select for diffs], Tue Aug 12 19:08:55 2003 UTC (19 years, 5 months ago) by seb
Branch: MAIN
CVS Tags: pkgsrc-2003Q4-base,
pkgsrc-2003Q4
Changes since 1.4: +11 -3
lines
Diff to previous 1.4 (colored)
Update to version 3.2.5 Previous versions have a security issue. Please update! Thanks to gendalia@ for testing. Changes since version 3.2.2: 2003-05-09 Sami J. Lehtinen <sjl@ssh.com> * ssh-3.2.5. * Fixed a critical security bug with RSA signature verification. Mitigating factors: DSA is used by default (not vulnerable). Also, the attack requires that attacker has the public key and the attacker needs to precompute the signature data so, that it looks like a valid PKCS#1 signature. This is a non-trivial task to perform without the private key. Nonetheless, all users should update their servers and clients as soon as convenient. Workarounds are to not use RSA keys as host keys (though connecting to existing hosts with RSA hostkeys poses a serious risk with a vulnerable client), and disabling publickey authentication. Update your clients and servers. 2003-04-22 Sami J. Lehtinen <sjl@ssh.com> * ssh-3.2.4. * sshd2: Binary (generated by us) is tagged as a "supported binary" for SecurID. (no actual code changes) * Previous: ssh-3.2.3.1. 2003-02-06 Sami J. Lehtinen <sjl@ssh.com> * sftp2 (etc): Fixed a bug with readline jamming when pressing backspace (etc) on AIX and some other platforms. 2003-01-12 Sami J. Lehtinen <sjl@ssh.com> * ssh-3.2.3. 2003-01-03 Sami J. Lehtinen <sjl@ssh.com> * scp2: Removed broken special handling for SIGHUP, so that "nohup" can again work. * ssh2: Check whether we should ignore SIGQUIT, SIGINT, and do so, if necessary. Thanks for J. Schilling for pointing this one out. * ssh-add2: Make sure fgets() from pipe to ssh-askpass2 recovers from if interrupted by signal, i.e. SIGCHLD. * ssh2 (lib/sshsession/sshtty.c): As entry above, but for tcsetattr(). * During "make install", use default size of key instead of hardcoded 1024 when generating hostkey. 2002-12-18 Sami J. Lehtinen <sjl@ssh.com> * scp2,sftp2: Print progress output to stdout, to make it distinguishable from errors in cron jobs etc. 2002-12-17 Sami J. Lehtinen <sjl@ssh.com> * apps/ssh/sshchsession.c: Fixed a bug which caused sshd2 child server to jam occasionally after logging an event, if nsswitch had been configured to use LDAP. 2002-12-13 Sami J. Lehtinen <sjl@ssh.com> * sshd2: Previous (by Tomi Mickelsson): Fixed a bug where specifying a local forwarding endpoint as an IP-address which was unresolvable would result in a crash. 2002-12-12 Sami J. Lehtinen <sjl@ssh.com> * scp2: Fixed a bug/missing feature from scp2. It now reports information also when run when there is no tty. Also implemented --statistics=[no,yes,simple], where "yes" is old-style, "no" is analogous to "-Q" command-line option, and "simple" is the way the statistics are printed when there is no tty (no intermittent reporting, file size, transfer time and full file name are printed after the transfer for the specific file is finished). 2002-12-11 Sami J. Lehtinen <sjl@ssh.com> * ssh-keygen2: respect "-P" and "-p" options when converting ssh1-keys. 2002-12-10 Sami J. Lehtinen <sjl@ssh.com> * lib/sshutil/sshcore/sshdebug.c: Fixed a compilation problem manifested on older AIX and debugging enabled (as is default). * scp2: You can now specify the newline convention when using the "-a" option. See manual page scp2(1). 2002-11-08 Sami J. Lehtinen <sjl@ssh.com> * Removed ssh-pubkeymgr and ssh-chrootmgr from the distribution (they didn't work too well). * apps/ssh/lib/sshproto/trcommon.c: Fixed a crash if hostkey algorithms or kex-methods couldn't be negotiated. 2002-11-05 Sami J. Lehtinen <sjl@ssh.com> * lib/sshapputil/sshuserfile.c: Changed to use lib/sshsession/sigchld.c, instead of using wait() directly. This fixes the bug where the number of connections would slowly rise to the maximum when using MaxConnections and tcp-wrappers (it was a race-condition). * lib/sshsession/sigchld.c: Sigchld now keeps a list of recently exited children. This fixes a race condition, where the child process could exit before the mother process had registered a handler for it. * lib/sshsession: Fixed NetBSD 1.6 compilation. Also, NetBSD 1.6 supports openpty style ptys, so fixed check to actually detect them on NetBSD. Don't use utmpx on NetBSD, as it doesn't seem to work (at least not in the way we use it). * lib/sshsession/sshunixuser.c: Make sure we have room for the NULL pointer in the groups array. * ssh2 (ssh1-emulation): Fixed a bug, which in some cases caused an assertion failure later. 2002-10-29 Sami J. Lehtinen <sjl@ssh.com> * configure: Added /usr/X11R6/bin and /usr/X11/bin to search PATH for xauth to ease installation on pristine systems. 2002-10-22 Sami J. Lehtinen <sjl@ssh.com> * lib/sshutil/sshnet/sshtcp.c: (by Tomi Ollila) Fixed a bug with SOCKS handling. 2002-10-01 Sami J. Lehtinen <sjl@ssh.com> * lib/sshutil/sshpacketstream/sshpacketwrapper.c: (by Tomi Kause) Fixed a latent (in ssh2) bug, when writing to the stream from the received_cb. * lib/sshutil/sshnet/sshsocks.c: (by Tomi Ollila) Decode ipv6-mapped-ipv4-addresses when doing SOCKS4, as SOCKS4 only supports plain ipv4-addresses. * scp2: Implemented --overwrite, which controls whether to overwrite the destination file(s). Default is "yes", i.e. to overwrite. * scp2: Implemented interactive mode, i.e. you can make scp2 prompt you whether to overwrite an existing destination file. Works by giving --interactive (-I) on the command-line. 2002-08-15 Sami J. Lehtinen <sjl@ssh.com> * sshd2: Fixed a bug with originator-pat with ForwardACLs. 2002-08-02 Sami J. Lehtinen <sjl@ssh.com> * scp2, sftp2: Fixed a bug, which caused file transfer to stall, if trying to transfer a zero sized file with ascii transfer (newline mangling). 2002-07-21 Sami J. Lehtinen <sjl@ssh.com> * sftp2: Added option "S" and "r" to "ls" (for sorting by size and reversing the sort order, respectively). * sftp2: "ls" works much better now. Tab completion understand directories (appends a '/', for easier directory traversal). * sftp2, scp2: Extensive rewrite of SshFileCopy, and as a consequence, of both scp2 and sftp2 core functionality. 2002-06-13 Sami J. Lehtinen <sjl@ssh.com> * ssh2: Fixed a bug with one-shot forwarding.
Revision 1.4 / (download) - annotate - [select for diffs], Thu Jul 24 20:59:04 2003 UTC (19 years, 6 months ago) by jwise
Branch: MAIN
Changes since 1.3: +2 -1
lines
Diff to previous 1.3 (colored)
Mark conflicts with openssh+gssapi.
Revision 1.3 / (download) - annotate - [select for diffs], Thu Jul 17 22:53:17 2003 UTC (19 years, 6 months ago) by grant
Branch: MAIN
Changes since 1.2: +2 -2
lines
Diff to previous 1.2 (colored)
s/netbsd.org/NetBSD.org/
Revision 1.2 / (download) - annotate - [select for diffs], Tue Jun 3 09:39:01 2003 UTC (19 years, 8 months ago) by seb
Branch: MAIN
Changes since 1.1: +2 -2
lines
Diff to previous 1.1 (colored)
Claim stewardship of these.
Revision 1.1 / (download) - annotate - [select for diffs], Sat May 10 10:02:34 2003 UTC (19 years, 9 months ago) by seb
Branch: MAIN
Pave the way for bits sharing with the upcoming ssh2-nox11 package.