OSDN Git Service
summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Keun Soo Yim [Wed, 20 Jan 2016 02:07:52 +0000 (02:07 +0000)]
forcibly disable roaming support in the client am:
ab28f5495c
am:
9e6d3e1c5b
* commit '
9e6d3e1c5b29cec0e8412a5f72e5837463b75b43':
Dan Willemsen [Wed, 20 Jan 2016 02:07:50 +0000 (02:07 +0000)]
Merge "Stop relying on global GCE_PLATFORM_SDK_VERSION" am:
7b8b4a6e29 am:
b41c2ea39e
am:
ce6947cd40
* commit '
ce6947cd40f25a57334cba5866b1e33065c643bb':
Greg Hartman [Wed, 20 Jan 2016 02:07:48 +0000 (02:07 +0000)]
makes certain libcrypto implementations cache a /dev/urandom fd in preparation of sandboxing. am:
7d4e4745a7
am:
cfd2979a62
* commit '
cfd2979a62f5fa18f9aa219100d45c2550f7af05':
Greg Hartman [Wed, 20 Jan 2016 02:07:46 +0000 (02:07 +0000)]
Merge "Add metadata needed for vomit." am:
245f53dba1
am:
4190e54827
* commit '
4190e54827832605384f6a547c6a6120b8656a63':
Greg Hartman [Wed, 20 Jan 2016 02:07:44 +0000 (02:07 +0000)]
Map unknown users to shell for Android GCE. am:
95194cb22a
am:
f30df80db8
* commit '
f30df80db84fe73edacfa14526fd5b67099ddebf':
Greg Hartman [Wed, 20 Jan 2016 02:07:42 +0000 (02:07 +0000)]
Greg Hartman [Wed, 20 Jan 2016 02:07:40 +0000 (02:07 +0000)]
Don\'t chmod /dev/ptmx when allocating a pty on Android. am:
0199da83f6
am:
360b2521c5
* commit '
360b2521c51a67b1e3e482711d78f5e09bcea862':
Keun Soo Yim [Wed, 20 Jan 2016 02:07:38 +0000 (02:07 +0000)]
am
cfb649f1: remove .gce_x86 suffix from ssh output files (post_install_cmd is not supported in jb-mr1 and before). am:
d44994fbf4
am:
d7d954c2ad
* commit '
d7d954c2add1915f43e54dc8ae674bede5b84823':
Keun Soo Yim [Wed, 20 Jan 2016 02:07:36 +0000 (02:07 +0000)]
remove .gce_x86 suffix from ssh output files (post_install_cmd is not supported in jb-mr1 and before). am:
0c94e12da1
am:
f726381d47
* commit '
f726381d472aa97e55e5e0e5a1895b2bf3c9ca8e':
Keun Soo Yim [Wed, 20 Jan 2016 02:07:33 +0000 (02:07 +0000)]
Greg Hartman [Wed, 20 Jan 2016 02:07:31 +0000 (02:07 +0000)]
capability used to be under linux, not system am:
b66687b314
am:
1cb86094b9
* commit '
1cb86094b95d4687ec4894f16d96be853d4503d1':
Keun Soo Yim [Wed, 20 Jan 2016 02:07:29 +0000 (02:07 +0000)]
Revert "Removed an unused header include" am:
bf4d79746c
am:
9e9951438a
* commit '
9e9951438a0fda1ba09a6f12becfee2bd598eea3':
Keun Soo Yim [Wed, 20 Jan 2016 02:07:26 +0000 (02:07 +0000)]
Keun Soo Yim [Wed, 20 Jan 2016 02:06:04 +0000 (02:06 +0000)]
forcibly disable roaming support in the client
am:
ab28f5495c
* commit '
ab28f5495c85297e7a597c1ba62e996416da7c7e':
forcibly disable roaming support in the client
Dan Willemsen [Wed, 20 Jan 2016 02:06:02 +0000 (02:06 +0000)]
Merge "Stop relying on global GCE_PLATFORM_SDK_VERSION" am:
7b8b4a6e29
am:
b41c2ea39e
* commit '
b41c2ea39e0c548081e4466de2cae80b61c24b42':
Greg Hartman [Wed, 20 Jan 2016 02:05:59 +0000 (02:05 +0000)]
makes certain libcrypto implementations cache a /dev/urandom fd in preparation of sandboxing.
am:
7d4e4745a7
* commit '
7d4e4745a7dbe29f6c737ee62a36771ede20d09e':
makes certain libcrypto implementations cache a /dev/urandom fd in preparation of sandboxing.
Greg Hartman [Wed, 20 Jan 2016 02:05:57 +0000 (02:05 +0000)]
Merge "Add metadata needed for vomit."
am:
245f53dba1
* commit '
245f53dba195a2a562e3df67cd7a323363b54449':
Add metadata needed for vomit.
Greg Hartman [Wed, 20 Jan 2016 02:05:54 +0000 (02:05 +0000)]
Map unknown users to shell for Android GCE.
am:
95194cb22a
* commit '
95194cb22a6b7ff71a91517c2a98d7bebef87e8f':
Map unknown users to shell for Android GCE.
Greg Hartman [Wed, 20 Jan 2016 02:05:53 +0000 (02:05 +0000)]
Make the sshd directory configurable
am:
3337c7067d
* commit '
3337c7067d6b8d9599e63919f5e1d0830cd8e696':
Make the sshd directory configurable
Greg Hartman [Wed, 20 Jan 2016 02:05:51 +0000 (02:05 +0000)]
Don\'t chmod /dev/ptmx when allocating a pty on Android.
am:
0199da83f6
* commit '
0199da83f61c7a951b6e05ec844dabc0d3e04cd7':
Don't chmod /dev/ptmx when allocating a pty on Android.
Keun Soo Yim [Wed, 20 Jan 2016 02:05:48 +0000 (02:05 +0000)]
am
cfb649f1: remove .gce_x86 suffix from ssh output files (post_install_cmd is not supported in jb-mr1 and before).
am:
d44994fbf4
* commit '
d44994fbf4e255a92a1b4a0aff3b7c156e5f9952':
Keun Soo Yim [Wed, 20 Jan 2016 02:05:46 +0000 (02:05 +0000)]
remove .gce_x86 suffix from ssh output files (post_install_cmd is not supported in jb-mr1 and before).
am:
0c94e12da1
* commit '
0c94e12da1d82c05a136cb5a0ed71dfe0f8a1b0c':
remove .gce_x86 suffix from ssh output files (post_install_cmd is not supported in jb-mr1 and before).
Keun Soo Yim [Wed, 20 Jan 2016 02:05:43 +0000 (02:05 +0000)]
Use linux/capability.h in jb-mr1 too
am:
994dea3d62
* commit '
994dea3d6278f2e0e3d16dc3cc69b9c028344cd2':
Use linux/capability.h in jb-mr1 too
Greg Hartman [Wed, 20 Jan 2016 02:05:41 +0000 (02:05 +0000)]
capability used to be under linux, not system
am:
b66687b314
* commit '
b66687b3143b7e3a18d9667003e1dd8e824ecb9e':
capability used to be under linux, not system
Keun Soo Yim [Wed, 20 Jan 2016 02:05:39 +0000 (02:05 +0000)]
Revert "Removed an unused header include"
am:
bf4d79746c
* commit '
bf4d79746cf93195e24b000f121c46efe04ad349':
Revert "Removed an unused header include"
Keun Soo Yim [Wed, 20 Jan 2016 02:05:35 +0000 (02:05 +0000)]
Removed an unused header include
am:
b5de6ef9f0
* commit '
b5de6ef9f08b6ec91795b2fae6a44eb354985285':
Removed an unused header include
Keun Soo Yim [Sat, 16 Jan 2016 10:37:12 +0000 (02:37 -0800)]
forcibly disable roaming support in the client
ssh client security bug fix from
http://www.openssh.com/txt/release-7.1p2
openssh client is installed in gce instances.
although it's private key is not that much sensitive
it's better to land this security patch than not.
reported initially as cve-2016-0777 and cve-2016-0778
(January 14th, 2016)
BUG:
26587626
Change-Id: I113d576a3522ded8cb0f4a2e117999b0c51d4364
Dan Willemsen [Fri, 18 Dec 2015 21:05:37 +0000 (21:05 +0000)]
Merge "Stop relying on global GCE_PLATFORM_SDK_VERSION"
am:
7b8b4a6e29
* commit '
7b8b4a6e29299be9e6dd25e376806b3039ac4f8e':
Stop relying on global GCE_PLATFORM_SDK_VERSION
Dan Willemsen [Fri, 18 Dec 2015 20:39:28 +0000 (20:39 +0000)]
Merge "Stop relying on global GCE_PLATFORM_SDK_VERSION"
Dan Willemsen [Thu, 17 Dec 2015 21:52:31 +0000 (13:52 -0800)]
Stop relying on global GCE_PLATFORM_SDK_VERSION
COMMON_GLOBAL_CFLAGS is being locked down. Instead, define it in the
LOCAL_CFLAGS where it is needed.
Bug:
26165350
Change-Id: Icd3e79c1f9439d7c32762cb51f66db5479750f40
Greg Hartman [Mon, 16 Nov 2015 18:13:36 +0000 (10:13 -0800)]
makes certain libcrypto implementations cache a /dev/urandom fd
in preparation of sandboxing.
Upstream patch is:
https://anongit.mindrot.org/openssh.git/patch/?id=
07889c75926c040b8e095949c724e66af26441cb
BUG=
25695426
Change-Id: I0f746c30e31e7d938c70bcebe402f472c4649919
Greg Hartman [Thu, 12 Nov 2015 16:27:22 +0000 (16:27 +0000)]
Merge "Add metadata needed for vomit."
Greg Hartman [Thu, 12 Nov 2015 01:37:30 +0000 (17:37 -0800)]
Add metadata needed for vomit.
Change-Id: I547bb616f1d1caeaf118a302fb9c8823fae1bb83
Greg Hartman [Tue, 10 Nov 2015 21:41:08 +0000 (13:41 -0800)]
Map unknown users to shell for Android GCE.
Change-Id: I5a1f2aaa9c6a7ed04b22d2a1e71c2573f324ceae
Greg Hartman [Wed, 28 Oct 2015 01:05:50 +0000 (18:05 -0700)]
Make the sshd directory configurable
Change-Id: I01d674b9a2688f4a1d3e884c2f434bfaad06ac8b
Greg Hartman [Wed, 29 Jul 2015 22:38:15 +0000 (15:38 -0700)]
Don't chmod /dev/ptmx when allocating a pty on Android.
This resolves an incompatibility with non-root adb.
BUG=
22803455
Change-Id: I908923e9ddc04e0ec8de0122eb79486c8b1ae03e
Keun Soo Yim [Thu, 28 May 2015 19:28:19 +0000 (19:28 +0000)]
am
cfb649f1: remove .gce_x86 suffix from ssh output files (post_install_cmd is not supported in jb-mr1 and before).
* commit '
cfb649f16fb638fa1c8c7e4cc229ce547dfa14d6':
remove .gce_x86 suffix from ssh output files (post_install_cmd is not supported in jb-mr1 and before).
Keun Soo Yim [Fri, 15 May 2015 18:32:43 +0000 (11:32 -0700)]
remove .gce_x86 suffix from ssh output files (post_install_cmd is not supported in jb-mr1 and before).
Change-Id: I187386c699f22d80bac4c7f8c1e12ee5a590fb55
(cherry picked from commit
0c94e12da1d82c05a136cb5a0ed71dfe0f8a1b0c)
Keun Soo Yim [Fri, 15 May 2015 18:32:43 +0000 (11:32 -0700)]
remove .gce_x86 suffix from ssh output files (post_install_cmd is not supported in jb-mr1 and before).
Change-Id: I187386c699f22d80bac4c7f8c1e12ee5a590fb55
Keun Soo Yim [Fri, 8 May 2015 16:59:41 +0000 (09:59 -0700)]
Use linux/capability.h in jb-mr1 too
Change-Id: Ia24dbd1b452298a3a6780b72497280ec9b912ec3
Greg Hartman [Thu, 7 May 2015 17:27:30 +0000 (10:27 -0700)]
capability used to be under linux, not system
Change-Id: Ia04f3f83a237f4cbe636b14f221cffdf9460b3a4
Keun Soo Yim [Wed, 6 May 2015 18:01:46 +0000 (18:01 +0000)]
Revert "Removed an unused header include"
This reverts commit
b5de6ef9f08b6ec91795b2fae6a44eb354985285.
Change-Id: I3d3ac73aaee2bcc99bc8fd490588a76bd698915d
Keun Soo Yim [Tue, 5 May 2015 21:41:41 +0000 (14:41 -0700)]
Removed an unused header include
That file doesn't exist at least jb-gce-dev
Change-Id: I4a3cd97f2ee071ae74cb166baf38057671d76fef
Greg Hartman [Wed, 8 Apr 2015 20:05:08 +0000 (13:05 -0700)]
Add platform-dependent config for arc4random
Change-Id: I50317ca1eed43779352a44d8e02123583df6a4fd
Adam Langley [Mon, 30 Mar 2015 21:49:51 +0000 (14:49 -0700)]
external/openssh: update to 6.8p1.
In preparation for some updates to external/openssh to make it work with
BoringSSL, this change updates the code to a recent version. The current
version (5.9p1) is coming up on four years old now.
* Confirmed that
f5c67b478bef9992de9e9ec91ce10af4f6205e0d matches
OpenSSH 5.9p1 exactly (save for the removal of the scard
subdirectory).
* Downloaded openssh-6.8p1.tar.gz (SHA256:
3ff64ce73ee124480b5bf767b9830d7d3c03bbcb6abe716b78f0192c37ce160e)
and verified with PGP signature. (I've verified Damien's key in
person previously.)
* Applied changes between
f5c67b478bef9992de9e9ec91ce10af4f6205e0d and
OpenSSH 5.9p1 to 6.8p1 and updated the build as best I can. The
ugliest change is probably the duplication of umac.c to umac128.c
because Android conditionally compiles that file twice. See the
comment in those files.
Change-Id: I63cb07a8118afb5a377f116087a0882914cea486
Greg Hartman [Fri, 27 Feb 2015 15:55:00 +0000 (07:55 -0800)]
Add prototype for prctl to fix 64 bit build break
Change-Id: I1cda84a412666d5123be274ee0be399d25d86164
Greg Hartman [Wed, 25 Feb 2015 21:21:06 +0000 (13:21 -0800)]
Put ssh back into the repository
Change-Id: I23324372188fa6ed3f93a32b84365f5df6367590
dcashman [Tue, 8 Jul 2014 16:25:09 +0000 (16:25 +0000)]
Merge "Remove sshd."
dcashman [Mon, 7 Jul 2014 23:20:40 +0000 (16:20 -0700)]
Remove sshd.
This may require changes to other code, such as fastbootd, which relies on this
service. sshd is not currently, used, however, so this change will force any
such code to be changed.
Bug:
11594902
Change-Id: I07e52008290dab5825be2ad062cbe730fa7dff71
Elliott Hughes [Sat, 21 Jun 2014 05:01:12 +0000 (05:01 +0000)]
Merge "openssh should use its own arc4random."
Elliott Hughes [Sat, 21 Jun 2014 04:34:40 +0000 (21:34 -0700)]
openssh should use its own arc4random.
Previously openssh was declaring its own arc4random but accidentally picking
up a lower-quality implementation from libc.
Bug:
14499627
Change-Id: Ie0c4ddb78101a666af3ec3eb9dc03c8fb44f6c4b
Kenny Root [Sat, 21 Jun 2014 01:20:43 +0000 (01:20 +0000)]
Merge "Conditionalize RIPEMD references"
Kenny Root [Sat, 21 Jun 2014 01:16:47 +0000 (18:16 -0700)]
Conditionalize RIPEMD references
This unconditionally includes RIPEMD, but it's the only place in the
Android source code base. Instead of restoring RIPEMD to OpenSSL, just
remove it here.
Change-Id: Ie949f64cef1cb7de39baae3f118f2188e663c875
Nick Kralevich [Thu, 28 Feb 2013 22:53:19 +0000 (22:53 +0000)]
Merge "openssh: use correct header file."
Nick Kralevich [Thu, 28 Feb 2013 22:10:54 +0000 (14:10 -0800)]
openssh: use correct header file.
Change-Id: Ia0f7247c9ed64ea846ae5b2d26054ceade5686c5
Nick Kralevich [Wed, 30 May 2012 21:44:04 +0000 (14:44 -0700)]
start-ssh: force umask to 077
Change-Id: Ie36338f174f891dee3f531d0b261d58e211d095f
Mike Lockwood [Wed, 21 Mar 2012 19:57:28 +0000 (12:57 -0700)]
Merge remote-tracking branch 'goog/ics-aah-exp'
Mike Lockwood [Wed, 4 Jan 2012 15:38:46 +0000 (10:38 -0500)]
Add support for default authorized_keys file
Change-Id: I61954d6a5c8d0c9b34501dcfb13ce38dc07e267a
Signed-off-by: Mike Lockwood <lockwood@google.com>
Mike Lockwood [Thu, 29 Dec 2011 20:30:07 +0000 (15:30 -0500)]
Allow root login if ro.debuggable is set (userdebug and eng builds)
Change-Id: I4aed01758ca5589a6bf1642e9f2f2894221c82b9
Signed-off-by: Mike Lockwood <lockwood@google.com>
Mike Lockwood [Thu, 29 Dec 2011 19:42:46 +0000 (14:42 -0500)]
Add extra groups and capabilities to shell user
This allows things like logcat, reboot, internet, SD card access, etc. to
work in an ssh shell like it would in an adb shell.
Change-Id: I6c921d9900a09394250c7b1ae0512d1eef3c1187
Signed-off-by: Mike Lockwood <lockwood@google.com>
Mike Lockwood [Thu, 29 Dec 2011 18:50:19 +0000 (13:50 -0500)]
Fix path to ssh binary
Change-Id: Ic58de0027d947e7b0535edb3fef6bd26519655a1
Signed-off-by: Mike Lockwood <lockwood@google.com>
Mike Lockwood [Thu, 29 Dec 2011 18:20:32 +0000 (13:20 -0500)]
Make libssh a shared library
Change-Id: I4452ad6b23b6ce5e69287b09f9e786942638256d
Signed-off-by: Mike Lockwood <lockwood@google.com>
Mike Lockwood [Thu, 29 Dec 2011 18:02:47 +0000 (13:02 -0500)]
Stub out ga_init() in android build
Change-Id: I7be8ef7c0425a48500501895c5eabcebcbdf7aa1
Signed-off-by: Mike Lockwood <lockwood@google.com>
Mike Lockwood [Wed, 28 Dec 2011 19:12:50 +0000 (14:12 -0500)]
Initial port of openssh to android
Operation instructions:
start from init.rc using start-ssh script
Add your public key to /data/ssh/authorized_keys
login with "ssh shell@<ip address>" from another computer on same network
Change-Id: I1085a8b2f2766d4a2a4a70ffaf0352b07c261281
Signed-off-by: Mike Lockwood <lockwood@google.com>
Mike Lockwood [Wed, 28 Dec 2011 18:59:08 +0000 (13:59 -0500)]
Add HAVE_PW_GECOS_IN_PASSWD configuration flag
Change-Id: I0a1997bfa45966f619f9ec5ffaeb8f9be9f741e9
Signed-off-by: Mike Lockwood <lockwood@google.com>
Mike Lockwood [Wed, 7 Dec 2011 16:17:59 +0000 (08:17 -0800)]
Initial commit of openssh-5.9p1
Change-Id: I991b8d22c9904ed6ced33a096776f4f342af52a8
Signed-off-by: Mike Lockwood <lockwood@google.com>
Mike Lockwood [Wed, 4 Jan 2012 15:38:46 +0000 (10:38 -0500)]
Add support for default authorized_keys file
Change-Id: I23c9f3a1aebaac090db21f55a0ba792a2412206b
Signed-off-by: Mike Lockwood <lockwood@google.com>
Mike Lockwood [Thu, 29 Dec 2011 20:30:07 +0000 (15:30 -0500)]
Allow root login if ro.debuggable is set (userdebug and eng builds)
Change-Id: I77197e0bf9daa9774db015b0ffb8be519830ee72
Signed-off-by: Mike Lockwood <lockwood@google.com>
Mike Lockwood [Thu, 29 Dec 2011 19:42:46 +0000 (14:42 -0500)]
Add extra groups and capabilities to shell user
This allows things like logcat, reboot, internet, SD card access, etc. to
work in an ssh shell like it would in an adb shell.
Change-Id: I206b8b69fd437c611613c7d81b4a926a941e8030
Signed-off-by: Mike Lockwood <lockwood@google.com>
Mike Lockwood [Thu, 29 Dec 2011 18:50:19 +0000 (13:50 -0500)]
Fix path to ssh binary
Change-Id: Ie1de77e93856d59c85ef87e02dcdd0fd268757a8
Signed-off-by: Mike Lockwood <lockwood@google.com>
Mike Lockwood [Thu, 29 Dec 2011 18:20:32 +0000 (13:20 -0500)]
Make libssh a shared library
Change-Id: I33339938951a2e9f5ff35d523fedd4df0f3a6199
Signed-off-by: Mike Lockwood <lockwood@google.com>
Mike Lockwood [Thu, 29 Dec 2011 18:02:47 +0000 (13:02 -0500)]
Stub out ga_init() in android build
Change-Id: I0c68510ece755fc8e8f4a93e9d6f017fc23fcfee
Signed-off-by: Mike Lockwood <lockwood@google.com>
Mike Lockwood [Wed, 28 Dec 2011 19:12:50 +0000 (14:12 -0500)]
Initial port of openssh to android
Operation instructions:
start from init.rc using start-ssh script
Add your public key to /data/ssh/authorized_keys
login with "ssh shell@<ip address>" from another computer on same network
Change-Id: I3d6ea1de97f332d8dc3739828b8560fa398cbd8d
Signed-off-by: Mike Lockwood <lockwood@google.com>
Mike Lockwood [Wed, 28 Dec 2011 18:59:08 +0000 (13:59 -0500)]
Add HAVE_PW_GECOS_IN_PASSWD configuration flag
Change-Id: I2571f00b4b6ba41b7795c8c78c58253e5d0205dd
Signed-off-by: Mike Lockwood <lockwood@google.com>
Mike Lockwood [Wed, 7 Dec 2011 16:17:59 +0000 (08:17 -0800)]
Initial commit of openssh-5.9p1
Change-Id: I8ebb99a5acc541716cfaab5b30bd8f7a86996977
Signed-off-by: Mike Lockwood <lockwood@google.com>
Anatol Pomazau [Thu, 8 Sep 2011 21:55:08 +0000 (14:55 -0700)]
Initial empty repository