Commit Graph

121 Commits

Author SHA1 Message Date
William A. Kennington III
243b2f79ce openssh: 6.8p1 -> 6.9p1 2015-07-06 19:30:02 -07:00
William A. Kennington III
81ace52e89 openssh: Refactor and install sample config files 2015-07-06 19:29:45 -07:00
William A. Kennington III
bea1c88205 openssh: 6.7p1 -> 6.8p1 2015-03-20 21:20:33 -07:00
Dan Peebles
3caa6f4d7d This doesn't hurt the current darwin stdenv and doesn't affect anything else, but is needed for the upcoming pure darwin stdenv 2015-02-18 01:19:59 -05:00
Franz Pletz
07e1566b7d fetchurl: add mirrors for OpenBSD (close #5551)
This changes source URLs for openssh and libressl accordingly.
2015-01-20 16:24:00 +01:00
Vladimír Čunát
abcb355453 restund, openssh_hpn: mark as broken 2014-11-27 01:19:24 +01:00
Eelco Dolstra
87419c016f openssh: Update to 6.7p1 2014-11-20 12:12:33 +01:00
Mateusz Kowalczyk
007f80c1d0 Turn more licenses into lib.licenses style
Should eval cleanly, as far as -A tarball tells me.

Relevant: issue #2999, issue #739
2014-11-06 00:48:16 +00:00
JB Giraudeau
04163fcc81 update hpn patch version to match openssh version
so that hpn_openssh is not boken anymore
2014-09-11 22:29:00 +02:00
Mateusz Kowalczyk
7a45996233 Turn some license strings into lib.licenses values 2014-07-28 11:31:14 +02:00
Eelco Dolstra
9b6eeecbde openssh: Fix broken URL 2014-05-22 12:11:52 +02:00
Vladimír Čunát
e50a76a469 openssh: fix CVE-2014-2653 by a Debian patch 2014-03-29 20:24:13 +01:00
Eelco Dolstra
d9f9bb1ab2 openssh: Update to 6.6p1
CVE-2014-2532

Note that this CVE only affects people who use AcceptEnv with
wildcards.
2014-03-20 12:39:00 +01:00
Vladimír Čunát
f33d50c04e openssh_hpn: mark as broken ATM, cf. #1640 2014-02-01 09:08:13 +01:00
William A. Kennington III
62e78f6b23 openssh: Upgrade from 6.4p1 -> 6.5p1 2014-01-31 14:51:25 +01:00
William A. Kennington III
c4e03f0739 openssh: Update from 6.2p2 -> 6.4p1
This patch also bumps up the HPN version of openssh so that it compiles
on top of 6.4. Along with the bump, a package was added for the high
performance networking version.

The gcmrekey patch was removed as this vulnerability is fixed in
version 6.4 onward. http://www.openssh.org/txt/gcmrekey.adv
2013-12-30 02:42:12 -06:00
Eelco Dolstra
52ad0eaca5 openssh: Security fix
CVE-2013-4548
2013-11-08 16:42:59 +01:00
Domen Kožar
9726dded27 openssh: build on unix platforms 2013-10-29 17:47:38 +01:00
Christophe Raffalli
2c089337e7 OpenSSH: add Kerberos support 2013-08-22 12:53:06 +03:00
Eelco Dolstra
7fc87a865e openssh: Update to 6.2p2 2013-08-12 14:50:55 +02:00
Eelco Dolstra
acba9240cd nixos.org/tarballs -> tarballs.nixos.org
It's currently the same machine, but tarballs.nixos.org should become
an S3/CloudFront site eventually.
2013-06-25 14:12:16 +02:00
Eelco Dolstra
4d5ba15ea9 openssh: Update to 6.2p1 2013-04-12 15:27:13 +02:00
Shea Levy
aacca1902c Merge branch 'upstream-master' into stdenv-updates 2013-02-19 10:09:39 -05:00
Eelco Dolstra
3a1d3990e5 openssh: Just use a mirror of the HPN patch 2013-02-19 11:03:10 +01:00
Lluís Batlle i Rossell
cde20d6951 Fixing openssh hpn support for 6.1p1
I had to write a weird download derivation to overcome their download procedure.
2013-02-19 10:50:50 +01:00
Eelco Dolstra
3fa03df78c openssh: Remvoe unused Perl dependency
Since "buildNativeInputs" was misspelled, Perl is not actually used.
2012-12-28 19:26:28 +01:00
Eelco Dolstra
2322899a1f openssh: Update to 6.1p1 2012-09-18 17:01:08 -04:00
Eelco Dolstra
69c66055b7 * OpenSSH 6.0.
svn path=/nixpkgs/trunk/; revision=33988
2012-05-05 14:42:17 +00:00
Yury G. Kudryashov
215a07c1a9 svn merge ^/nixpkgs/trunk
Merge conflicts:
* unzip (almost trivial)
* dvswitch (trivial)
* gmp (copied result of `git merge`)

The last item introduced gmp-5.0.3, thus full rebuild.
+ensureDir->mkdir -p in TeX packages was catched by git but not svn.

svn path=/nixpkgs/branches/stdenv-updates/; revision=32091
2012-02-06 23:03:12 +00:00
Eelco Dolstra
4fe11e8438 * OpenSSH updated to 5.9p1.
svn path=/nixpkgs/trunk/; revision=31939
2012-01-31 11:01:12 +00:00
Eelco Dolstra
c556a6ea46 * "ensureDir" -> "mkdir -p". "ensureDir" is a rather pointless
function, so obsolete it.

svn path=/nixpkgs/branches/stdenv-updates/; revision=31644
2012-01-18 20:16:00 +00:00
Eelco Dolstra
80d963dee0 * OpenSSH 5.8p2.
svn path=/nixpkgs/trunk/; revision=27223
2011-05-11 13:44:18 +00:00
Lluís Batlle i Rossell
68cb3535e1 Making openssh cross-build. And making linux-pam almost cross-build, I think.
This allows me to put sftp-server in the nanonote and use it through dropbear.


svn path=/nixpkgs/trunk/; revision=26971
2011-04-25 15:41:32 +00:00
Lluís Batlle i Rossell
f4b6ea9ebc the hpn-ssh needs -lgcc_s, because of its pthread_cancel at the end.
svn path=/nixpkgs/trunk/; revision=26833
2011-04-13 20:44:17 +00:00
Lluís Batlle i Rossell
49a08c4f97 Updating the hpn-ssh patch.
svn path=/nixpkgs/trunk/; revision=26831
2011-04-13 20:24:06 +00:00
Eelco Dolstra
209939f6f2 * OpenSSH 5.8.
svn path=/nixpkgs/trunk/; revision=25808
2011-02-08 13:13:34 +00:00
Eelco Dolstra
412bd09ec1 * OpenSSH 5.6.
svn path=/nixpkgs/trunk/; revision=23432
2010-08-25 21:12:36 +00:00
Peter Simons
3353ed9c88 pkgs/top-level/all-packages.nix, pkgs/tools/networking/openssh: prefer makeOverridable over getPkgConfig to customize openssh
Changed 'openssh' expression to allow for argument overriding instead of
relying on getPkgConfig. While I was at it, I also simplified the build
expression a bit.

svn path=/nixpkgs/trunk/; revision=21868
2010-05-19 12:26:06 +00:00
Lluís Batlle i Rossell
8b311ba757 Adding the openssh patch I forgot in a recent commit
svn path=/nixpkgs/trunk/; revision=21681
2010-05-09 12:53:46 +00:00
Lluís Batlle i Rossell
b7af00b889 Making openssh pass the LOCALE_ARCHIVE variable to the forked session processes,
so the session 'bash' will receive the proper locale archive, and thus process
UTF-8 properly.

svn path=/nixpkgs/trunk/; revision=21678
2010-05-09 12:44:09 +00:00
Lluís Batlle i Rossell
c12db8f8dc I wrote wrong the openssh url. Btw, I changed the source server, because the old
mirror at Ultrech did not have the latest openssh even 6 days after the
5.5 release.

svn path=/nixpkgs/trunk/; revision=21247
2010-04-22 20:12:09 +00:00
Lluís Batlle i Rossell
5d04ec0364 Updating openssh, fixing libedit for openssh to link well with it, and... here we
finally have sftp with some kind of 'readline'!

svn path=/nixpkgs/trunk/; revision=21246
2010-04-22 18:16:18 +00:00
Eelco Dolstra
b377b0233b * OpenSSH updated to 5.4.
svn path=/nixpkgs/trunk/; revision=20567
2010-03-11 16:08:55 +00:00
Eelco Dolstra
0e212964fb * openssh: Install the moduli file.
svn path=/nixpkgs/trunk/; revision=19753
2010-02-01 17:04:07 +00:00
Eelco Dolstra
947e2c71ad * openssh updated to 5.3p1. Also enabled the HPN patch by default.
svn path=/nixpkgs/trunk/; revision=19752
2010-02-01 16:56:10 +00:00
Lluís Batlle i Rossell
3cc62cefa8 Finally I decided to add High Performance SSH.
http://www.psc.edu/networking/projects/hpn-ssh/

I tried to keep the openssh hash not changing, unless the user sets hpn in getConfig
style. I think that does not look as good as a patch changing the hash, but it may
annoy less. Let me know if it is not ok.

I don't think hpn should be the default, because it may have some insecurity implications
I don't know of. But I used to enable it in all my machines, and I hope to do so unless
advised otherwise.

svn path=/nixpkgs/trunk/; revision=18073
2009-11-02 21:49:06 +00:00
Lluís Batlle i Rossell
5704c1854d Fixing openssh build, so it doesn't try to put anything in /etc/ssh (and of course, it doesn't
fail if /etc/ssh/sshd_config can't be overwritten, which was my main motivation on this patch)

svn path=/nixpkgs/trunk/; revision=17573
2009-10-01 13:06:41 +00:00
Peter Simons
9a833f026b OpenSSH: allow users to configure --sysconfdir via $NIXPKGS_CONFIG
The OpenSSH binaries built by the expression by default expect system-wide
configuration files in "/etc/ssh", which is a bit of an impurity (and certainly
inconsistent with the way other package handle --sysconfdir in Nix). Those who
prefer a clean installation, can now configure that directory path.

Adding the line "openssh = { etcDir = null; };" to $NIXPKGS_CONFIG configures
OpenSSH to use the default location, i.e. $out/etc. Setting that attribute to a
string will configure OpenSSH to use that concrete path instead.

svn path=/nixpkgs/trunk/; revision=17570
2009-10-01 12:07:33 +00:00
Eelco Dolstra
7d45b35d1e * OpenSSH 5.2.
svn path=/nixpkgs/trunk/; revision=15689
2009-05-23 16:14:26 +00:00
Eelco Dolstra
f679021d11 * OpenSSH updated to 5.1p1.
svn path=/nixpkgs/trunk/; revision=13579
2008-12-04 13:16:38 +00:00
Eelco Dolstra
87d67364d8 * Use /etc/ssh/ssh_config to allow system-wide ssh configuration.
svn path=/nixpkgs/trunk/; revision=9853
2007-12-04 12:28:22 +00:00
Eelco Dolstra
deb889e5f2 * OpenSSH 4.7p1. Also pass --with-mantype=man to prevent an impurity
where "make install" installs the manpages under either "man" or
  "cat" depending on whether it can run /usr/bin/groff (or something
  like that).

svn path=/nixpkgs/trunk/; revision=9503
2007-10-22 11:41:30 +00:00
Eelco Dolstra
1852a7d0f3 * Install ssh-copy-id from the contrib directory.
svn path=/nixpkgs/trunk/; revision=8700
2007-05-15 13:10:41 +00:00
Armijn Hemel
3463f1deeb new openssh
svn path=/nixpkgs/trunk/; revision=8394
2007-03-21 00:34:34 +00:00
Eelco Dolstra
35a9f7ecb6 * Remove the xauth dependency in openssh. We can set the xauth path
in sshd_config.

svn path=/nixpkgs/trunk/; revision=7547
2007-01-07 10:18:34 +00:00
Eelco Dolstra
c63c32e3b2 * OpenSSH 4.5p1 (old version was ancient!).
svn path=/nixpkgs/trunk/; revision=7541
2007-01-06 16:53:10 +00:00
Eelco Dolstra
e09f8061b7 * OpenSSH: optionally use PAM.
* Some purity fixes in OpenSSH: it needs Perl, and we now specify a
  location for the empty privsep directory.

svn path=/nixpkgs/trunk/; revision=7310
2006-12-11 03:24:35 +00:00
Eelco Dolstra
ef9b025dbe * Remove a bunch of unused Nix expressions.
svn path=/nixpkgs/trunk/; revision=6716
2006-10-12 15:43:01 +00:00
Eelco Dolstra
1442e8ec22 * Copy a bunch of files to nix.cs.uu.nl.
svn path=/nixpkgs/trunk/; revision=6711
2006-10-12 13:50:54 +00:00
Armijn Hemel
2389b06fe7 add openssh 4.3p2
svn path=/nixpkgs/trunk/; revision=5595
2006-07-05 16:09:43 +00:00
Armijn Hemel
6a42433ee4 make X forwarding optional. If enabled "xauth" is a dependency
svn path=/nixpkgs/trunk/; revision=4573
2006-01-17 18:48:18 +00:00
Armijn Hemel
41047b0fc5 don't have the privilege seperation path in the store
svn path=/nixpkgs/trunk/; revision=4360
2005-12-13 12:48:12 +00:00
Eelco Dolstra
82e678362f * "." -> "source".
svn path=/nixpkgs/trunk/; revision=4335
2005-12-05 14:11:09 +00:00
Eelco Dolstra
454707da23 * catamaran.labs.cs.uu.nl -> nix.cs.uu.nl.
svn path=/nixpkgs/trunk/; revision=3660
2005-08-22 08:39:27 +00:00
Eelco Dolstra
e6744d0f89 * Merge diff between trunk/pkgs@1646 and branches/nixos-pkgs@2256;
this contains mostly Armijn's pure stdenv-linux.

* After unpacking the statically linked GCC, patch all store paths to
  /nix/store/ffffffffffffffffffffffffffffffff.  Ugly hack to prevent
  undeclared references but it works.

* We don't need Glib's dynamic libraries in the first bootstrap stage;
  delete them.  Actually the downloaded Glibc binary is only needed
  for building Glibc, since GCC needs a C compiler to build some
  programs in `configure'.  So static linking is fine for that.  Maybe
  it would be better to patch `configure' so that we don't need a
  pre-built Glibc at all.

* Set the svn:executable property on `cp' and `patchelf'.

* In Glibc, revert to LinuxThreads.  Maybe NPTL will work, but TLS
  support is a problem.

* Delete most Glibc patches; they're no longer needed since the branch
  updated it to 20050110.
  
* Some cleanups.

svn path=/nixpkgs/trunk/; revision=2258
2005-02-21 16:03:34 +00:00
Eelco Dolstra
e42507d182 * Move tarballs to catamaran so that we are no longer dependent on a
gazillion different servers.  Resurrected some 25 missing files.

svn path=/nixpkgs/trunk/; revision=2237
2005-02-15 14:44:19 +00:00
Armijn Hemel
a8d8a8f82c don't install keys. The Nix scripts empty the whole environment, including
some variables that are used by ssh-keygen.

svn path=/nixpkgs/branches/nixos-pkgs/; revision=2001
2005-01-10 15:33:43 +00:00
Armijn Hemel
6537afc279 we no longer need this patch
svn path=/nixpkgs/branches/nixos-pkgs/; revision=1999
2005-01-10 11:37:56 +00:00
Armijn Hemel
baf430cd23 don't let openssh generate a new hostkey when installing, let this be done afterwards by the sysadmin
svn path=/nixpkgs/branches/nixos-pkgs/; revision=1947
2004-12-24 14:10:19 +00:00
Armijn Hemel
4812b512f1 remove the generated keys (good? bad? not sure) and change the permissions of
the keysign binary. This is because of suid-nix on which the NixOS scripts barf

svn path=/nixpkgs/trunk/; revision=1366
2004-08-30 13:53:48 +00:00
Armijn Hemel
ae04cf09b2 add OpenSSH client + server, needs a lot of thorough testing with regards to server configuration, this will be the test case for NixOS. No PAM configs, might need tweaking, etc.
svn path=/nixpkgs/trunk/; revision=1210
2004-08-02 11:55:31 +00:00