| non port: security/openssh-portable/files/patch-sshd_config.5 |
|
SVNWeb
|
Number of commits found: 14 |
|
Thu, 3 Mar 2022
|
[ 19:59 Bryan Drewery (bdrewery)  Author: Andrew Fyfe ]    418bb1f
security/openssh-portable: fix docs when built without PAM support
The defaults documented in sshd_config and sshd_config.5 are incorrect
if OpenSSH was built without PAM support and can be misleading to the
user whether or not password authentication is enabled.
- Moved PAM specific changes out of patch-sshd_config and into
extra-patch-pam-sshd_config
- sshd_config.5 PasswordAuthentication: added a new line before the note
to make it easier to read.
- sshd_config.5 UsePAM: noted the default value depends on whether
sshd was built with or without PAM support.
PR: 261342
|
|
Thu, 9 Sep 2021
|
[ 19:09 Bryan Drewery (bdrewery) ] a981593
security/openssh-portable: Update to 8.7p1.
Changes: https://www.openssh.com/txt/release-8.7
|
|
Sat, 1 Apr 2017
|
[ 01:59 bdrewery ]  
- Update to 7.5p1.
- Update X509 to 10.1.
- Disable KERB_GSSAPI for now as it does not build.
Changes: https://www.openssh.com/txt/release-7.5
|
|
Mon, 16 Jan 2017
|
[ 19:30 bdrewery ] (Only the first 10 of 16 ports in this commit are shown above.  )
Update to 7.4p1.
- Update X509 patch to 9.3
- SCTP patch from soralx@cydem.org
Changes: https://www.openssh.com/txt/release-7.4
|
|
Wed, 11 Nov 2015
|
[ 21:21 bdrewery ] (Only the first 10 of 16 ports in this commit are shown above. )
Make portlint stop spamming me. It's gotten quite silly.
There's no reason to regenerate these for the sake of having 'UTC' in the patch
and it also considers patches with comments to be invalid.
WARN: /root/svn/ports/security/openssh-portable/files/patch-auth.c: patch was
not generated using ``make makepatch''. It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-auth2.c: patch was
not generated using ``make makepatch''. It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-readconf.c: patch
was not generated using ``make makepatch''. It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN:
/root/svn/ports/security/openssh-portable/files/patch-regress__test-exec.sh:
patch was not generated using ``make makepatch''. It is recommended to use
``make makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-servconf.c: patch
was not generated using ``make makepatch''. It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-session.c: patch was
not generated using ``make makepatch''. It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-ssh-agent.1: patch
was not generated using ``make makepatch''. It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-ssh-agent.c: patch
was not generated using ``make makepatch''. It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-ssh.c: patch was not
generated using ``make makepatch''. It is recommended to use ``make makepatch''
when you need to [re-]generate a patch to ensure proper patch format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-ssh_config: patch
was not generated using ``make makepatch''. It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-ssh_config.5: patch
was not generated using ``make makepatch''. It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-sshconnect.c: patch
was not generated using ``make makepatch''. It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-sshd.8: patch was
not generated using ``make makepatch''. It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-sshd.c: patch was
not generated using ``make makepatch''. It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-sshd_config: patch
was not generated using ``make makepatch''. It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
WARN: /root/svn/ports/security/openssh-portable/files/patch-sshd_config.5: patch
was not generated using ``make makepatch''. It is recommended to use ``make
makepatch'' when you need to [re-]generate a patch to ensure proper patch
format.
|
|
Mon, 27 Jul 2015
|
[ 18:30 bdrewery ] (Only the first 10 of 11 ports in this commit are shown above. )
- Update to 6.9p1
- Update X509 patch to 8.4
Changes: http://www.openssh.com/txt/release-6.9
|
|
Thu, 9 Apr 2015
|
[ 20:57 bdrewery ]
Cleanup some unneeded patches.
1. There's no need to patch the xauth(1) location as the OpenSSH build already
does so based on the --with-xauth path provided. It also updates manpages.
2. Don't modify manpage for shosts location as it was wrong. The proper
LOCALBASE path is now used due to OpenSSH's build already handling it
properly.
3. Remove confusing UsePrivilegeSeparation change in sshd_config. The default
upstream is to have it disabled by default. The sshd_config line is in
upstream to enable it by default in new installations. We always enable
it though. So remove the sshd_config change which makes it look like
we don't use it; it was not a needed difference with upstream.
From discussion with: TJ <tj@mrsk.me>
|
|
Mon, 23 Mar 2015
|
[ 04:23 bdrewery ]
Stop forcing the port version string into the server banner.
The port now uses VersionAddendum in the sshd_config to allow overriding
this value. Using "none" allows disabling the default of the port
version string. The default is kept to show the port version string to
remain close to the base version.
Support for the client VersionAddendum may be added soon as well to better
match base and not give surprises when switching from base to the port.
PR: 193127
Requested by: many, including myself when this was broken years ago.
|
|
Mon, 17 Nov 2014
|
[ 18:08 bdrewery ]
- Update to 6.7p1.
Several patches do not currently apply. Use security/openssh-portable66 for:
HPN, NONECIPHER, KERB_GSSAPI, X509.
- Add a TCP_WRAPPER patch to re-enable support after it was removed upstream.
|
|
Sun, 29 Sep 2013
|
[ 15:07 bdrewery ]
- Copy base r251088 over (which removes a patch) and disable default sandbox
privilege separation as it causes crashes when using AES crypto devices.
This now uses 'yes' for UsePrivilegeSeparation instead of 'sandbox' by
default
Reminded by: Garrett Wollman
|
|
Fri, 17 May 2013
|
[ 19:47 bdrewery ] (Only the first 10 of 15 ports in this commit are shown above. )
- Update to 6.2p2
- The LPK patch has been updated but is obsolete, deprecated and
untested. It has been replaced by AuthorizedKeysCommand
- The upstream HPN's last update was for 6.1 and is mostly
abandoned. The patch has had bugs since 5.9. I have reworked
it and split into into HPN and AES_THREADED options. The
debugging/logging part of the patch is incomplete. I may
change the patch to more closely match our base version
eventually.
- The KERB_GSSAPI option has been removed as the patch has not
been updated by upstream since 5.7
- sshd VersionAddendum is currently not working as intended;
it will be fixed later to allow removing the port/pkg version.
- Update our patchset to match latest base version (Only the first 15 lines of the commit message are shown above )
|
|
Wed, 17 Apr 2013
|
[ 00:35 bdrewery ] (Only the first 10 of 23 ports in this commit are shown above. )
- Remove compatibiliy for FreeBSD <4.x
* /var/empty has been in hier(7) since 4.x
* User sshd has been in base since 4.x
* Simplify a patch for realhostname_sa(3) usage
- Remove SUID_SSH - It was removed from ssh in 2002
- Fix 'make test'
- Add some hints into the patches on where they came from
- Mirror all patches
- Move LPK patch out of files/
- Remove the need for 2 patches
* Removal of 'host-key check-config' in install phase
* Adding -lutil
- Add SCTP support [1]
- Remove FILECONTROL as it has not been supported since the 5.8
update
- Replace tab with space pkg-descr
- Remove default WRKSRC
- Add 'configtest' command to rc script
- Mark X509 broken with other patches due to PATCH_DIST_STRIP=-p1
PR: ports/174570 [1]
Submitted by: oleg <proler@gmail.com> [1]
Obtained from: https://bugzilla.mindrot.org/show_bug.cgi?id=2016 (upstream) [1]
Feature safe: yes
|
|
Fri, 21 Oct 2011
|
[ 16:18 flo ] (Only the first 10 of 35 ports in this commit are shown above. )
- update to 5.8p2 [1]
- fix Kerberos knob [2]
- fix build on 9.0 [3]
- fix deinstall with various knobs [4]
- fix LPK knob [5]
PR: ports/161818 [1], ports/144597 [2], ports/160389 [3]
ports/150493, ports/156926 [4], ports/155456 [5]
Submitted by: "Grzegorz Blach" <magik@roorback.net> [1], [2], [4], [5]
pluknet [3]
Reported by: Jonathan <lordsith49@hotmail.com> [2]
Kevin Thompson <antiduh@csh.rit.edu> [4]
Alexey Remizov <alexey@remizov.org> [5]
|
|
Sun, 1 Oct 2006
|
[ 02:15 mnag ] (Only the first 10 of 21 ports in this commit are shown above. )
- Update to 4.4p1.
- Disable temporary HPN patch until HPN release new version.
- Fix rc.d script path in sshd.8
- Add FreeBSD-${PKGNAME} in SSH_VERSION and SSH_RELEASE like src does.
- Sync patches with src.
Security: CVE-2006-4924, CVE-2006-5051
|
Number of commits found: 14 |
As an Amazon Associate I earn from qualifying purchases.