aboutsummaryrefslogtreecommitdiff
path: root/secure/usr.bin/sftp
Commit message (Collapse)AuthorAgeFilesLines
* secure: Add ssh-sk-client to all consumers of libsshJohn Baldwin2025-04-221-1/+1
| | | | | | | These all failed to link with ld.bfd used by GCC due to Fssh_sshsk_sign being an unresolved symbol. Fixes: 65d8491719bb ("secure: Adapt Makefile to ssh-sk-client everywhere")
* secure: Rearrange Makefile SRCS to match upstream Makefile.inJose Luis Duran2025-04-171-2/+1
| | | | | | | | | | | SRCS entries are kept in the same order and with the same line breaks as upstream, to make comparison easier. No functional change intended. Reviewed by: emaste Approved by: emaste (mentor) Differential Revision: https://reviews.freebsd.org/D49793
* ssh: Consolidate HAVE_LDNS / LIBWRAP in ssh.mkEd Maste2025-02-201-6/+0
| | | | | | | | | | | Commit 9d63429fa163 ("ssh: move common Makefile boilerplate to a new ssh.mk") introduced ssh.mk for common OpenSSH paths and flags, as part of enabling FIDO/U2F. Move duplicated MK_LDNS and MK_TCP_WRAPPERS handling there. Reviewed by: kevans Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D31896
* Remove residual blank line at start of MakefileWarner Losh2024-07-151-1/+0
| | | | | | | This is a residual of the $FreeBSD$ removal. MFC After: 3 days (though I'll just run the command on the branches) Sponsored by: Netflix
* Remove $FreeBSD$: one-line sh patternWarner Losh2023-08-162-2/+0
| | | | Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/
* Update/fix Makefile.depend for userlandSimon J. Gerraty2023-04-191-5/+0
|
* ssh: update to OpenSSH 9.1p1Ed Maste2022-10-191-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Release notes are available at https://www.openssh.com/txt/release-9.1 9.1 contains fixes for three minor memory safety problems; these have lready been merged to the copy of OpenSSH 9.0 that is in the FreeBSD base system. Some highlights copied from the release notes: Potentially-incompatible changes -------------------------------- * ssh(1), sshd(8): SetEnv directives in ssh_config and sshd_config are now first-match-wins to match other directives. Previously if an environment variable was multiply specified the last set value would have been used. bz3438 * ssh-keygen(8): ssh-keygen -A (generate all default host key types) will no longer generate DSA keys, as these are insecure and have not been used by default for some years. New features ------------ * ssh(1), sshd(8): add a RequiredRSASize directive to set a minimum RSA key length. Keys below this length will be ignored for user authentication and for host authentication in sshd(8). * sftp-server(8): add a "users-groups-by-id@openssh.com" extension request that allows the client to obtain user/group names that correspond to a set of uids/gids. * sftp(1): use "users-groups-by-id@openssh.com" sftp-server extension (when available) to fill in user/group names for directory listings. * sftp-server(8): support the "home-directory" extension request defined in draft-ietf-secsh-filexfer-extensions-00. This overlaps a bit with the existing "expand-path@openssh.com", but some other clients support it. * ssh-keygen(1), sshd(8): allow certificate validity intervals, sshsig verification times and authorized_keys expiry-time options to accept dates in the UTC time zone in addition to the default of interpreting them in the system time zone. YYYYMMDD and YYMMDDHHMM[SS] dates/times will be interpreted as UTC if suffixed with a 'Z' character. Also allow certificate validity intervals to be specified in raw seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This is intended for use by regress tests and other tools that call ssh-keygen as part of a CA workflow. bz3468 * sftp(1): allow arguments to the sftp -D option, e.g. sftp -D "/usr/libexec/sftp-server -el debug3" * ssh-keygen(1): allow the existing -U (use agent) flag to work with "-Y sign" operations, where it will be interpreted to require that the private keys is hosted in an agent; bz3429 MFC after: 2 weeks Relnotes: Yes Sponsored by: The FreeBSD Foundation
* ssh: move common Makefile boilerplate to a new ssh.mkEd Maste2021-11-031-2/+1
| | | | | | | | | | This moves SSHDIR and ssh_namespace.h handling to a common location, and will simplify future work such as adding U2F support (D32509). Reviewed by: kevans MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D32808
* DIRDEPS_BUILD: Update dependencies.Bryan Drewery2017-10-311-1/+0
| | | | | | | Sponsored by: Dell EMC Isilon Notes: svn path=/head/; revision=325188
* MFHGlen Barber2016-03-141-5/+0
|\ | | | | | | | | | | | | Sponsored by: The FreeBSD Foundation Notes: svn path=/projects/release-pkg/; revision=296869
| * Upgrade to OpenSSH 7.2p2.Dag-Erling Smørgrav2016-03-111-5/+0
| | | | | | | | Notes: svn path=/head/; revision=296633
* | MFH r289384-r293170Glen Barber2016-01-041-3/+2
|\| | | | | | | | | | | | | Sponsored by: The FreeBSD Foundation Notes: svn path=/projects/release-pkg/; revision=293172
| * Replace unneeded manual dependency on header by adding it to SRCS.Bryan Drewery2015-12-071-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | bsd.lib.mk and bsd.prog.mk already depend all objs on headers in SRCS if there is not yet a depend file. The headers in SRCS are never built or installed. After 'make depend' the header was already added as a proper dependency on the objects where needed. MFC after: 2 weeks Sponsored by: EMC / Isilon Storage Division Notes: svn path=/head/; revision=291941
* | Finish merging from head, messed up in previous attemptBaptiste Daroussin2015-09-121-1/+0
|\| | | | | | | Notes: svn path=/projects/release-pkg/; revision=287710
| * Remove remnant from USEPRIVATELIB removalBaptiste Daroussin2015-09-041-1/+0
| | | | | | | | | | | | | | Sponsored by: gandi.net Notes: svn path=/head/; revision=287466
* | Merge from headBaptiste Daroussin2015-06-151-0/+28
|\| | | | | | | Notes: svn path=/projects/release-pkg/; revision=284410
| * Add META_MODE support.Simon J. Gerraty2015-06-131-0/+28
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Off by default, build behaves normally. WITH_META_MODE we get auto objdir creation, the ability to start build from anywhere in the tree. Still need to add real targets under targets/ to build packages. Differential Revision: D2796 Reviewed by: brooks imp Notes: svn path=/head/; revision=284345
| | * dirdeps.mk now sets DEP_RELDIRSimon J. Gerraty2015-06-081-2/+0
| | | | | | | | | | | | Notes: svn path=/projects/bmake/; revision=284172
| | * Merge sync of headSimon J. Gerraty2015-05-272-16/+2
| | |\ | | |/ | |/| | | | Notes: svn path=/projects/bmake/; revision=283595
| | * Merge from head@274682Simon J. Gerraty2014-11-191-1/+1
| | |\ | | | | | | | | | | | | Notes: svn path=/projects/bmake/; revision=274683
| | * \ Merge head from 7/28Simon J. Gerraty2014-08-192-5/+3
| | |\ \ | | | | | | | | | | | | | | | Notes: svn path=/projects/bmake/; revision=270164
| | * | | Updated dependenciesSimon J. Gerraty2014-05-161-0/+1
| | | | | | | | | | | | | | | | | | | | Notes: svn path=/projects/bmake/; revision=266219
| | * | | Merge from headSimon J. Gerraty2014-05-081-1/+1
| | |\ \ \ | | | | | | | | | | | | | | | | | | Notes: svn path=/projects/bmake/; revision=265720
| | * | | | Updated dependenciesSimon J. Gerraty2013-10-131-0/+12
| | | | | | | | | | | | | | | | | | | | | | | | Notes: svn path=/projects/bmake/; revision=256419
| | * | | | Merge headSimon J. Gerraty2013-09-111-3/+18
| | |\ \ \ \ | | | | | | | | | | | | | | | | | | | | | Notes: svn path=/projects/bmake/; revision=255477
| | * | | | | Updated dependenciesSimon J. Gerraty2013-03-111-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Notes: svn path=/projects/bmake/; revision=248169
| | * | | | | Updated dependenciesSimon J. Gerraty2013-02-161-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Notes: svn path=/projects/bmake/; revision=246868
| | * | | | | Sync FreeBSD's bmake branch with Juniper's internal bmake branch.Marcel Moolenaar2012-08-221-0/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Requested by: Simon Gerraty <sjg@juniper.net> Notes: svn path=/projects/bmake/; revision=239572
* | | | | | | Move ssh into a dedicated packageBaptiste Daroussin2015-03-051-0/+1
|/ / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Flag config files as "to be merged on upgrade" Notes: svn path=/projects/release-pkg/; revision=279674
* | | | | | Reduce overlinkingBaptiste Daroussin2014-11-251-2/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The framework now ensure by itself that pthread is added to the link chain as the last component if linked to kerberos hence avoid with out any explicit addition prevent issue like CVE-2014-8475 Notes: svn path=/head/; revision=275083
* | | | | | Convert to LIBADDBaptiste Daroussin2014-11-251-5/+2
| |_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Reduce overlinking Notes: svn path=/head/; revision=275077
* | | | | Rework privatelib/internallibBaptiste Daroussin2014-08-061-1/+1
| |_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure everything linking to a privatelib and/or an internallib does it directly from the OBJDIR rather than DESTDIR. Add src.libnames.mk so bsd.libnames.mk is not polluted by libraries not existsing in final installation Introduce the LD* variable which is what ld(1) is expecting (via LDADD) to link to internal/privatelib Directly link to the .so in case of private library to avoid having to complexify LDFLAGS. Phabric: https://phabric.freebsd.org/D553 Reviewed by: imp, emaste Notes: svn path=/head/; revision=269648
* | | | Replace all uses of libncurses and libtermcap with their wide characterBrooks Davis2014-07-171-2/+2
| |_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | variants. This allows usable file system images (i.e. those with both a shell and an editor) to be created with only one copy of the curses library. Exp-run: antoine PR: 189842 Discussed with: bapt Sponsored by: DARPA, AFRL Notes: svn path=/head/; revision=268804
* | | Use src.opts.mk in preference to bsd.own.mk except where we need stuffWarner Losh2014-05-061-1/+1
| |/ |/| | | | | | | | | | | from the latter. Notes: svn path=/head/; revision=265420
* | Clean up the OpenSSH build. It is now possible to build most componentsDag-Erling Smørgrav2013-09-101-3/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | as static binaries, if desired. The one exception is sshd, which runs into trouble due to libpam.a's includion of pam_ssh. Make OpenSSH use LDNS if available. This allows it to verify signed SSHFP records. Approved by: re (blanket) Notes: svn path=/head/; revision=255460
* | Make libldns and libssh private.Dag-Erling Smørgrav2013-09-081-0/+1
|/ | | | | | | Approved by: re (blanket) Notes: svn path=/head/; revision=255386
* Upgrade to OpenSSH 5.3p1.Dag-Erling Smørgrav2009-10-011-0/+3
| | | | Notes: svn path=/head/; revision=197679
* Fix static compilation.Ruslan Ermilov2006-10-071-2/+2
| | | | Notes: svn path=/head/; revision=163089
* Add a manual dependency on ssh_namespace.h.Dag-Erling Smørgrav2006-05-131-0/+2
| | | | | | | Discussed with: ru Notes: svn path=/head/; revision=158529
* Introduce a namespace munging hack inspired by NetBSD to avoid pollutingDag-Erling Smørgrav2006-05-131-1/+1
| | | | | | | | | | | the namespace of applications which inadvertantly link in libssh (usually through pam_ssh) Suggested by: lukem@netbsd.org MFC after: 6 weeks Notes: svn path=/head/; revision=158519
* Revert the commits that made libssh an INTERNALLIB; they caused too muchDag-Erling Smørgrav2005-06-071-3/+1
| | | | | | | | | trouble, especially on amd64. Requested by: ru Notes: svn path=/head/; revision=147098
* Make libssh an INTERNALLIB like it is in {Net,Open}BSD.Dag-Erling Smørgrav2005-06-061-1/+3
| | | | Notes: svn path=/head/; revision=147056
* Update for OpenSSH 4.1p1.Dag-Erling Smørgrav2005-06-051-2/+2
| | | | Notes: svn path=/head/; revision=147007
* Update for 3.8p1, including workaround for a bug in gss-genr.c.Dag-Erling Smørgrav2004-02-261-1/+1
| | | | Notes: svn path=/head/; revision=126282
* Update Makefiles for OpenSSH 3.7.1p2.Dag-Erling Smørgrav2004-01-071-2/+2
| | | | Notes: svn path=/head/; revision=124212
* Explicitly add libz and libcrypto to LDADD for any ssh utilities missingGordon Tetlow2003-08-191-2/+2
| | | | | | | | | | | | | | | it. While not strictly required, it unbreaks the cross-build world that is resulting from moving the libraries around. I have a more permanent solution to this problem in the works, but I asked des for permission to commit this to get the ball rolling. This also makes the ssh build more along the lines of what the openssh-portable and OpenBSD openssh Makefile glue does. Reviewed by: des Notes: svn path=/head/; revision=119116
* No guts, no glory. Switch to OpenSSH-portable.Dag-Erling Smørgrav2002-06-251-0/+1
| | | | | | | Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=98820
* My previous style commits weren't entirely right. Fix some bugs IDag-Erling Smørgrav2002-06-241-2/+1
| | | | | | | | | introduced, and a few more I hadn't yet fixed. Submitted by: bde Notes: svn path=/head/; revision=98749
* Adjust for OpenSSH 3.1.Dag-Erling Smørgrav2002-03-181-1/+1
| | | | | | | Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=92563
* Now that cross-tools ld(1) has been fixed to look for dynamicRuslan Ermilov2002-02-081-2/+2
| | | | | | | | | | | | | dependencies in the correct place, record the fact that -lssh depends on -lcrypto and -lz. Removed false dependencies on -lz (except ssh(1) and sshd(8)). Removed false dependencies on -lcrypto and -lutil for scp(1). Reviewed by: markm Notes: svn path=/head/; revision=90405
generated by cgit v1.3 (git 2.53.0) at 2026-03-31 12:51:01 +0000