Five commits from upstream were applied to v. 7.8-p1:
482d23bc upstream: hold our collective noses and use the openssl-1.1.x
API in
48f54b9d adapt -portable to OpenSSL 1.1x API
86e0a9f3 upstream: use only openssl-1.1.x API here too
a3fd8074 upstream: missed a bit of openssl-1.0.x API in this unittest
d64e7852 add compat header
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
The author (@pprindeville) of the original commit noted that the wrong
commit was picked, see
325b7d2cd2 (commitcomment-22387528)
"Err... looks like the wrong fix got committed. I was hoping that this
commit d902e5d would have gone in instead."
This reverts commit 325b7d2cd2d6e9d4903c6e7628c7c9ae0ddab564.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
types that got generated. Problem was that it didn't remove that key
as one of the paths that the server looks for by default. As a
consequence, your log file might fill up with messages like:
2017-06-01T15:43:07-06:00 openwrt sshd[31929]: error: Could not load host key: /etc/ssh/ssh_host_dsa_key
The patch is forunately trivial. Don't set the path for the dsa
key file in the server configuration.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Peter Wagner <tripolar@gmx.at>
received. Otherwise an unauthenticated peer can repeat the KEXINIT and cause
allocation of up to 128MB -- until the connection is closed. Reported by
shilei-c at 360.cn
ec165c392c
Signed-off-by: Peter Wagner <tripolar@gmx.at>
Eneas U de Queiroz
Peter Wagner
Daniel Golle