Commit graph

175 commits

Author SHA1 Message Date
Robert Scott
a79a294901 openssh: set enableParallelChecking = false
this should hopefully make the tests more reliable
2021-11-07 14:56:03 +00:00
Janne Heß
f96b3d468e
Merge pull request from risicle/ris-openssh-tests 2021-11-06 19:34:53 +01:00
github-actions[bot]
23fbe4eb93
Merge staging-next into staging 2021-10-03 18:01:40 +00:00
Janne Heß
bc56346bcd
openssh_hpn/openssh_gssapi: Add CVE-2021-41617 2021-10-03 15:05:35 +02:00
Robert Scott
85c63a515d openssh: enable tests 2021-10-03 12:37:19 +01:00
Janne Heß
1b41f51b96
openssh: Add myself as maintainer 2021-09-30 21:14:01 +02:00
Janne Heß
fae34f538f
openssh: 8.7p1 -> 8.8p1 2021-09-30 21:11:41 +02:00
github-actions[bot]
796a5df129
Merge master into staging-next 2021-09-23 00:01:50 +00:00
Felix Buehler
cfaa89b03b openssh-portable: switch to fetchFromGitHub 2021-09-22 17:54:46 +02:00
Alyssa Ross
e2bb7997c4
Merge remote-tracking branch 'nixpkgs/master' into staging-next
Conflicts:
	nixos/doc/manual/release-notes/rl-2111.section.md
2021-09-19 17:08:00 +00:00
Samuel Gräfenstein
5ad7db7ed8
openssh: add meta.mainProgram
Fix the following error when running `nix run .#openssh`:
error: unable to execute '/nix/store/bzxxfx0a774vqa3cbz66c2172smc317a-openssh-8.6p1/bin/openssh': No such file or directory
2021-09-19 00:11:07 +02:00
Janne Heß
deb9bd197e
openssh: 8.6p1 -> 8.7p1 2021-08-20 20:13:42 +02:00
Robert Hensing
fbafeb7ad5 treewide: runCommandNoCC -> runCommand
This has been synonymous for ~5y.
2021-08-15 17:36:41 +02:00
Andrew Childs
4e09c26ea1 openssh: disable kerberos on Apple Silicon 2021-05-17 00:26:59 +09:00
Vladimír Čunát
5663b2b2d3
Merge branch 'master' into staging-next
(a trivial conflict in transmission)
2021-05-09 09:31:55 +02:00
Léo Gaspard
53f43a2048 openssh: add link to related nixos test
It'd certainly be better to have an openssh-specific integration test,
but it's not there yet and this is better than nothing.
2021-05-08 21:42:50 +02:00
Janne Heß
35da81b990
openssh: 8.5p1 -> 8.6p1 2021-04-19 08:33:03 +02:00
midchildan
2e2a36f082
ssh-copy-id: init at 8.4p1 ()
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2021-04-08 14:53:06 +02:00
Sandro Jäckel
dcb501f993
kerberos: deprecate alias 2021-04-04 03:18:56 +02:00
Matthew Mazzanti
b1b48e10de
openssh: Fix cross-compile regression from c99c499 ()
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
2021-03-21 01:35:45 +01:00
Janne Heß
a1aa6bd250
openssh: Remove useless .dev 2021-03-11 11:59:16 +01:00
Janne Heß
2b1011d4a3
openssh_hpn/openssh_gssapi: Add CVE-2021-28041 2021-03-11 11:58:00 +01:00
Janne Heß
c99c4998fd
openssh: 8.4p1 -> 8.5p1 and refactor
Also split out the variants of the package because I'm sick of waiting
for random patches to be updated before I can update my unpatched
openssh.

Also make pname correspond to the attribute name.
2021-03-03 21:02:44 +01:00
Ben Siraphob
76f93cc731 pkgs/tools: pkgconfig -> pkg-config 2021-01-16 23:49:59 -08:00
Ben Siraphob
8c5d37129f pkgs/tools: stdenv.lib -> lib 2021-01-15 17:12:36 +07:00
Ben Wolsieffer
c0681ac66a openssh: fix cross-compilation after
krb5-config from the host platform needs to be added to PATH so it can be run
during build. This works because krb5-config is a platform independent
shell-script. Before , krb5-config was not used, so we didn't run into
this problem.
2020-12-25 18:36:21 -05:00
Niklas Hambüchen
87413f30a5
Merge pull request from KAction/openssh
openssh: fix static build
2020-12-09 00:39:56 +01:00
Frederik Rietdijk
b2a3891e12 Merge master into staging-next 2020-11-27 15:09:19 +01:00
yoctocell
4c8c8d2ce5 [staging] openssh: Fix EOF: command not found 2020-11-24 17:06:45 +01:00
SCOTT-HAMILTON
b5794556b4 openssh: fix hpn sha256 2020-11-14 12:49:32 +01:00
Janne Heß
02390ed725 openssh: 8.3p1 -> 8.4p1
Fixes CVE-2020-15778, CVE-2020-14145
2020-10-29 18:58:04 +01:00
Dmitry Bogatov
4879ea9034 openssh: fix static build 2020-10-20 00:00:00 -04:00
Ryan Burns
f8473b1d39 openssh_hpn: fix source 2020-09-20 00:42:40 -07:00
Pavol Rusnak
f034637a5b openssh: 8.2p1 -> 8.3p1
compile openssh_hpn with recent openssl
2020-07-31 09:01:02 +02:00
Matthew Bauer
59616b291d openssh: don’t include fido2 on musl
libselinux pulls in openssh transitively, so can’t use fido here

Fixes 
2020-06-08 17:37:38 -05:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs 2020-04-10 17:54:53 +01:00
Pavol Rusnak
205f42b142 openssh_hpn: 7.8p1 -> 8.1p1
fix build failure
2020-02-27 10:21:52 +01:00
Pavol Rusnak
44864b292f openssh: 8.1p1 -> 8.2p1
https://www.openssh.com/txt/release-8.2

add libfido2 to enable hardware tokens support added in this release
2020-02-27 10:21:52 +01:00
Maximilian Bosch
8f0b3b1305
openssh_gssapi: fix build
Hydra build is failing[1] because of a hash-mismatch of the gss-api
patch from debian.

I updated the patch, and activated the `autoreconfHook` when building
gss support as well, otherwise the build would fail with the following
error:

```
ERROR: configure is out of date; please run autoreconf (and configure)
```

[1] https://hydra.nixos.org/build/109409845
2020-01-04 02:45:39 +01:00
edef
9bfec806df openssh: don't let configure override SSH_KEYSIGN
While 9fe10288f0 ensured that the
ssh-keysign path is searched for in PATH if not absolute,
it doesn't prevent the configure script from defaulting to an
absolute path in $out/libexec, making the whole effort rather
pointless.
2019-10-19 12:13:36 +00:00
edef
e6d641d957 openssh: mark hpnSupport as broken
We're hoping to deprecate HPN support, given that as far as we
can tell, nobody is using it, and the patches seem rather unmaintained.
2019-10-19 12:05:27 +00:00
Will Dietz
9199729df4 openssh: 7.9p1 -> 8.1p1
https://www.openwall.com/lists/oss-security/2019/04/18/1
2019-10-19 12:04:02 +00:00
volth
46420bbaa3 treewide: name -> pname (easy cases) ()
treewide replacement of

stdenv.mkDerivation rec {
  name = "*-${version}";
  version = "*";

to pname
2019-08-15 13:41:18 +01:00
edef
9fe10288f0 openssh: use ssh-keysign from PATH
ssh-keysign is used for host-based authentication, and is designed to be used
as SUID-root program. OpenSSH defaults to referencing it from libexec, which
cannot be made SUID in Nix.
2019-07-31 12:19:36 +00:00
Andreas Rammhold
6d3a653f10
openssh: apply CVE-2018-20685 patch 2019-01-13 21:26:05 +01:00
Jörg Thalheim
3681fa5456
direnv: make cross-compile on windows 2018-11-24 10:43:47 +00:00
zimbatm
2337c7522a
openssh: 7.7p1 -> 7.9p1 ()
added openssh_gssapi to make it easier to test the patched version

the HPN edition isn't available on top of 7.9p1 yet

fix-host-key-algorithms-plus.patch didn't apply anymore, assuming it's
fixed.

release notes: https://www.openssh.com/txt/release-7.9
2018-10-26 01:17:55 +02:00
Vladimír Čunát
c2e6ca501e
openssh: fix tunnel forwarding (upstream patch)
Close , fixes .  I didn't use the PR commit
because I think it's better to fetch the patch.
2018-10-08 12:00:38 +02:00
volth
52f53c69ce pkgs/*: remove unreferenced function arguments 2018-07-21 02:48:04 +00:00
Aneesh Agrawal
2e2cbda290 openssh: 7.6p1 -> 7.7p1
Release notes at https://www.openssh.com/txt/release-7.7;
primarily bugfixes.

Update ssh-hpn as well.

Switch to salsa.debian.org (from anonscm.debian.org).
2018-05-23 12:18:15 +03:00