| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-authfd.c-check-return-value-of-seteuid-2.patch | [PATCH] authfd.c: check return value of seteuid(2) Ensure the call to seteuid(2) succeeds. As the linux man page rather ominously states: Note: there are cases where seteuid() can fail even when the caller is UID 0; it is a grave security error to omit checking for a failure return from seteuid(). |
Michael Santos <michael.santos@gmail.com> | no | 2017-03-31 | ||
| openssl-1.1.1-1.patch | [PATCH 1/2] Adapt to OpenSSL 1.1.1. The FreeBSD operating system is migrating to OpenSSL 1.1.1 and I have created this set of patches to make pam_ssh_agent_auth compile with it. The patch comments out some parts of include files which are not actually used and reference now opaque OpenSSL internals. I also have migrated the source files to use accessors to use the OpenSSL objects. The patch works on FreeBSD head (will be 12.0) but the --without-openssl-header-check argument is required in configure there. |
Guido Falsi <mad@madpilot.net> | no | 2018-10-20 | ||
| openssl-1.1.1-2.patch | [PATCH 2/2] Check against the correct OPENSSL_VERSION_NUMBER Alexey Dokuchaev (a fellow FreeBSD developer) pointed out to me the opaque structures were introduced in 1.1.0-pre 5, so the correct OPENSSL_VERSION_NUMBER to discriminate is 0x10100005L. |
Guido Falsi <mad@madpilot.net> | no | 2018-10-24 | ||
| 0002-fix-segfault-when-using-ECDSA-keys.patch | [PATCH] fix segfault when using ECDSA keys. | Marc Deslauriers <marc.deslauriers@canonical.com> | no | 2020-06-11 |