| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Mike Gilbert <floppym@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* This patch is far too large for Gentoo to carry without any upstream
guidance and this leads to breakage every few releases.
* Every distro has a different patch for this issue. In particular,
the patches carried by Debian and Fedora are more comprehensive.
* Upstream doesn't seem to care about the actual issue, seeing there
hasn't been any progress in the last 10 years or so:
http://bugzilla.mindrot.org/show_bug.cgi?id=1008
Bug: https://bugs.gentoo.org/165444
Signed-off-by: David Seifert <soap@gentoo.org>
|
| |
|
|
|
|
|
|
|
| |
This was fixed properly by upstream in 9.4 so the workaround isn't needed;
openssh-9.3_p1-openssl-ignore-status.patch applies with fuzz to >=9.4 and
does the wrong thing there as it touches the non-OpenSSL 3 case (upstream
added a conditional above in >=9.4).
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Patrick McLean <chutzpah@gentoo.org>
|
| |
|
|
|
| |
Closes: https://bugs.gentoo.org/912766
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Patrick McLean <chutzpah@gentoo.org>
|
| |
|
|
|
|
|
|
| |
Because of environment saving, we can't allow users to override for binpkgs, so just
elide the check there.
Closes: https://bugs.gentoo.org/907892
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
|
| |
Bug: https://bugs.gentoo.org/910553
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
|
| |
Fixes: 5a80377b5bf000d2efbc5ee3a5732c19c010a7a9
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
|
|
|
| |
Support is already gone.
Closes: https://bugs.gentoo.org/909154
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Fabian Groffen <grobian@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Fabian Groffen <grobian@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Fabian Groffen <grobian@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Fabian Groffen <grobian@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Fabian Groffen <grobian@gentoo.org>
|
| |
|
|
|
|
| |
* All the patches files already include stdlib.h
Signed-off-by: David Seifert <soap@gentoo.org>
|
| |
|
|
| |
Signed-off-by: David Seifert <soap@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
See https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/.
It's necessary for the old github.com key to be explicitly removed (or revoked)
rather than just selecting a new key, i.e. it's possible for users to be silently
affected but not see the error because github.com may not serve them an RSA key.
Revoke the old github.com key as part of the ebuild to help users out.
Signed-off-by: Sam James <sam@gentoo.org>
Closes: https://github.com/gentoo/gentoo/pull/30327
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
config dropins
Debian patches this into their config already and we found ourselves wanting
it when looking at handling the github.com SSH key change/rotation.
/etc/ssh/ssh_config.d and /etc/ssh/sshd_config.d both become directories
where users can add their own configuration files, but we also install the Gentoo
snippets formerly in ssh_config and sshd_config in there instead.
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
net-misc/openssh tracks vanilla upstream and aims to keep patching to an
absolute minimum. The previous third-party patches for HPN/SCTP/X509
that upstream would never integrate are relegated to the new
net-misc/openssh-contrib package.
pkg_pretend includes a fail-safe to prevent users relying on the now
removed functionality (especially X509) from losing access to their
systems.
HPN:
* https://bugs.gentoo.org/347193#c1 - security updates end up delayed
* https://bugs.gentoo.org/414401
* https://bugs.gentoo.org/498514
* https://bugs.gentoo.org/498632
* https://bugs.gentoo.org/499552
* https://bugs.gentoo.org/507210 - historically was enabled by default
w/ poor rationale, only ended up off
because of one-of-many bugs in the
patches (bug #634594), then never got
turned back on
* https://bugs.gentoo.org/634594
* https://bugs.gentoo.org/719698
* https://bugs.gentoo.org/830623
* https://bugs.gentoo.org/905750
X509:
* https://bugs.gentoo.org/258795
* https://bugs.gentoo.org/365655#c1
* https://bugs.gentoo.org/891665
* commit f7dcc5d
Acked-by: Sam James <sam@gentoo.org>
Signed-off-by: David Seifert <soap@gentoo.org>
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: David Seifert <soap@gentoo.org>
|
| |
|
|
| |
Signed-off-by: David Seifert <soap@gentoo.org>
|
| |
|
|
| |
Signed-off-by: David Seifert <soap@gentoo.org>
|
| |
|
|
|
| |
Signed-off-by: Rolf Eike Beer <eike@sf-mail.de>
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Sam James <sam@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Jakov Smolić <jsmolic@gentoo.org>
|
Arthur Zamarin
Sam James
Mike Gilbert
David Seifert
Patrick McLean
Fabian Groffen
Rolf Eike Beer
Jakov Smolić
GitWeb