Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]
Security: FreeBSD-SA-12:01.openssl (revised)
Security: FreeBSD-SA-12:02.crypt
Approved by: so (bz, simon)
against text. Provide the override switch to turn off the strict
behaviour. Apparently, openssl libcrypto needs it due to assembler
code not being PIC.
Discussed with: bf
MFC after: 2 weeks
- fix other errors introduced when committing r226436
- add 'function' to a sentence where it makes sense
Submitted by: delphij
Submitted by: dougb
Submitted by: jhb
Approved by: dougb
Approved by: jhb
have an executable stack, due to linking in hand-assembled .S or .s
files, that have no .GNU-stack sections:
RWX --- --- /lib/libcrypto.so.6
RWX --- --- /lib/libmd.so.5
RWX --- --- /lib/libz.so.6
RWX --- --- /lib/libzpool.so.2
RWX --- --- /usr/lib/liblzma.so.5
These were found using scanelf, from the sysutils/pax-utils port.
Reviewed by: kib
for regenerating OpenSSL manual pages.
- Explicitly set the OpenSSL release date so manual pages contain
the date OpenSSL was released and not just the date OpenSSL was
imported into the FreeBSD base system.
- Update for Makefile for OpenSSL 0.9.8n.
This also "reverts" some FreeBSD local changes so we should now
be back to using entirely stock OpenSSL. The local changes were
simple $FreeBSD$ lines additions, which were required in the CVS
days, and the patch for FreeBSD-SA-09:15.ssl which has been
superseded with OpenSSL 0.9.8m's RFC5746 'TLS renegotiation
extension' support.
MFC after: 3 weeks
Similar to libexec/, do the same with lib/. Make WARNS=6 the norm and
lower it when needed.
I'm setting WARNS?=0 for secure/. It seems secure/ includes the
Makefile.inc provided by lib/. I'm not going to touch that directory.
Most of the code there is contributed anyway.
preparation for 8.0-RELEASE. Add the previous version of those
libraries to ObsoleteFiles.inc and bump __FreeBSD_Version.
Reviewed by: kib
Approved by: re (rwatson)
/boot/kernel/hptrr.ko
/etc/mail/*.cf
/lib/libcrypto.so.5
/usr/bin/ntpq
/usr/sbin/amd
/usr/sbin/iasl
/usr/sbin/ntpd
/usr/sbin/ntpdate
/usr/sbin/ntpdc
There does not appear to be any purpose to having these timestamps, and
they have the irritating consequence that the aforementioned files will
be different every time they are rebuilt.
After this commit, the only remaining build timestamps are in the kernel,
the boot loaders, /usr/include/osreldate.h (the year in the copyright
notice), and lib*.a (the timestamps on all of the included .o files).
Reviewed by: scottl (hptrr), gshapiro (sendmail), simon (openssl),
roberto (ntp), jkim (acpica)
Approved by: re (kib)
I have worked hard to reduce diffs against the vendor branch. One
notable change in that respect is that we no longer prefer DSA over
RSA - the reasons for doing so went away years ago. This may cause
some surprises, as ssh will warn about unknown host keys even for
hosts whose keys haven't changed.
MFC after: 6 weeks
that they add X11BASE=${LOCALBASE} to /etc/make.conf since X11BASE was
hard-wired to the now-wrong location in old releases.
However, both X11BASE and LOCALBASE have moved out of scope of src/
into ports/ now, which causes problems for upgraded users who have old
make.conf files still containing the above setting. X11BASE becomes
null and we instruct ssh and sshd to look for xauth in /bin/xauth
where it is unlikely to be found.
Instead, provide a copy of the default LOCALBASE?=/usr/local setting
here.
We also have to deal with the case where the user only overrides
LOCALBASE and doesn't set an explicit X11BASE (in ports it will be set
implicitly but not here), which will also move the location of xauth.
MFC after: 3 days
Reported by: rwatson
for OpenSSL to load engines run-time, e.g. for using the opensc
engine port.
The OpenSSL Configure script enables DSO support on FreeBSD by
default, we just don't use the Configure script during OpenSSL builds
in the base system.
This is committed to -CURRENT now (before OpenSSL 0.9.8b import), so
it can be tested at bit in -CURRENT before being MFC'ed to 6-STABLE.
Prodded by: ale
PR: bin/79570
MFC after: 1 week
have been added with the latest OpenBSM import, hook USE_BSM_AUDIT into
build conditionally.
For users which do not care for audit support and do not want to compile
it into their SSH servers, add the following to the /etc/make.conf:
NO_AUDIT=true
Discussed with: rwatson
Obtained from: TrustedBSD Project
similar the the Solaris implementation. Repackage the krb5 GSS mechanism
as a plugin library for the new implementation. This also includes a
comprehensive set of manpages for the GSS-API functions with text mostly
taken from the RFC.
Reviewed by: Love Hörnquist Åstrand <lha@it.su.se>, ru (build system), des (openssh parts)
of releases. The -DNOCRYPT build option still exists for anyone who
really wants to build non-cryptographic binaries, but the "crypto"
release distribution is now part of "base", and anyone installing from a
release will get cryptographic binaries.
Approved by: re (scottl), markm
Discussed on: freebsd-current, in late April 2004
help some ports that depend on libradius that recently gained
the dependency on libssl. This is also how the stock OpenSSL
build would link libssl.so on FreeBSD.
Prompted by: kris
OK'ed by: markm, nectar
because otherwise it will remain having a dependency upon libssl. This
breaks the non-crypto build that happens for release.3
While here, order the list of programs and libraries.
Speculating review feedback from: ru
a variant of the C code but with some scattered asm and things laid out
more optimally for the platform. This means that we need to the asm
directory to the search path for the amd64 case so that make can find
the source.
environment. This stops some ports keeling over on an OpenSSL assert.
(The patch is not exactly the one from the PR, but has been refined
based on advice from freebsd-threads.)
PR: 51205
Submitted by: Jim Westfall <jwestfall@surrealistic.net>
MFC after: 1 month
- Removed libopie and libmd; libopie used to serve auth-skey.c
which is compiled now only to ease maintenance, as well as
a few other auth-*.c sources.
Reviewed by: des
"kerberize" and "dekerberize" in kerberos5/Makefile. These can
be used to recompile bits with optional crypto support with and
without crypto, respectively.
Reviewed by: markm
and rebuilt some bits with crypto but without Kerberos support
(most notably SSH) during "make release", to put them into the
"crypto" distribution.
Now that we don't ship the separate "krb5" distribution anymore
(it's now part of the "crypto" distribuion), don't waste time
recompiling SSH bits without crypto and without Kerberos support
in an attempt to put them in the "base" distribution -- it just
doesn't work as SSH always uses crypto code.
We avoid this by not rebuilding KPROGS from kerberos5/Makefile in
release/Makefile and adding "libpam" to SPROGS in secure/Makefile
to ensure it's still rebuilt without crypto support for the "base"
distribution. (Disabling crypto (NOCRYPT) also disables building
of Kerberos-related PAM modules, and it's OK to depend on this.)
This should be a no-op change saving some "make release" time.
it. While not strictly required, it unbreaks the cross-build world that
is resulting from moving the libraries around.
I have a more permanent solution to this problem in the works, but I
asked des for permission to commit this to get the ball rolling. This
also makes the ssh build more along the lines of what the openssh-portable
and OpenBSD openssh Makefile glue does.
Reviewed by: des
binaries in /bin and /sbin installed in /lib. Only the versioned files
reside in /lib, the .so symlink continues to live /usr/lib so the
toolchain doesn't need to be modified.
Previously, there were two copies of telnet; a non-crypto version
that lived in the usual places, and a crypto version that lived in
crypto/telnet/. The latter was built in a broken manner somewhat akin
to other "contribified" sources. This meant that there were 4 telnets
competing with each other at build time - KerberosIV, Kerberos5,
plain-old-secure and base. KerberosIV is no longer in the running, but
the other three took it in turns to jump all over each other during a
"make buildworld".
As the crypto issue has been clarified, and crypto _calls_ are not
a problem, crypto/telnet has been repo-copied to contrib/telnet,
and with this commit, all telnets are now "contribified". The contrib
path was chosen to not destroy history in the repository, and differs
from other contrib/ entries in that it may be worked on as "normal"
BSD code. There is no dangerous crypto in these sources, only a
very weak system less strong than enigma(1).
Kerberos5 telnet and Secure telnet are now selected by using the usual
macros in /etc/make.conf, and the build process is unsurprising and
less treacherous.
libdes, and functionally close enough so that we created symlinks
(libdes -> libcrypto) to help older applications. With the import of
OpenSSL 0.9.7, this is no longer true and we no longer install these
symlinks. However, systems that are upgraded may have these symlinks,
which could cause non-obvious breakage at build-time. Therefore, blow
any old symlinks away in the `afterinstall' target.
When libdes was replaced with OpenSSL's libcrypto, there were a few
interfaces that the former implemented but the latter did not. Because
some software in the base system still depended upon these interfaces,
we simply included them in our libcrypto (rnd_keys.c).
Now, finally get around to removing the dependencies on these
interfaces. There were basically two cases:
des_new_random_key -- This is just a wrapper for des_random_key, and
these calls were replaced.
des_init_random_number_generator et. al. -- A few functions were used
by the application to seed libdes's PRNG. These are not necessary
when using libcrypto, as OpenSSL internally seeds the PRNG from
/dev/random. These calls were simply removed.
Again, some of the Kerberos 4 files have been taken off the vendor
branch. I do not expect there to be future imports of KTH Kerberos 4.
can only be built with MIT Kerberos.
If we didn't define this here, then SSL-using applications would have
to define OPENSSL_NO_KRB5 themselves in order to build.
via INCS. Implemented INCSLINKS (equivalent to SYMLINKS) to
handle symlinking include files. Allow for multiple groups of
include files to be installed, with the powerful INCSGROUPS knob.
Documentation to follow.
Added standard `includes' and `incsinstall' targets, use them
in Makefile.inc1. Headers from the following makefiles were
not installed before (during `includes' in Makefile.inc1):
kerberos5/lib/libtelnet/Makefile
lib/libbz2/Makefile
lib/libdevinfo/Makefile
lib/libform/Makefile
lib/libisc/Makefile
lib/libmenu/Makefile
lib/libmilter/Makefile
lib/libpanel/Makefile
Replaced all `beforeinstall' targets for installing includes
with the INCS stuff.
Renamed INCDIR to INCSDIR, for consistency with FILES and SCRIPTS,
and for compatibility with NetBSD. Similarly for INCOWN, INCGRP,
and INCMODE.
Consistently use INCLUDEDIR instead of /usr/include.
gnu/lib/libstdc++/Makefile and gnu/lib/libsupc++/Makefile changes
were only lightly tested due to the missing contrib/libstdc++-v3.
I fully tested the pre-WIP_GCC31 version of this patch with the
contrib/libstdc++.295 stuff.
These changes have been tested on i386 with the -DNO_WERROR "make
world" and "make release".
depending on perl at build time. Makefile.asm is a helper for after the
next import.
With my cvs@ hat on, the relatively small repo cost of this is acceptable,
especially given that we have other (much bigger) things like
lib*.so.gz.uu checked in under src/lib/compat/*.
Reviewed by: kris (maintainer)
Do not install games and profiled libraries to the ${CHROOTDIR}
with the initial installworld.
Eliminate the need in the second installworld. For that, make sure
_everything_ is built in the "world" environment, using the right
tool chain.
Added SUBDIR_OVERRIDE helper stuff to Makefile.inc1. Split the
buildworld process into stages, and skip some stages when
SUBDIR_OVERRIDE is set (used to build crypto, krb4, and krb5
dists).
Added NO_MAKEDB_RUN knob to Makefile.inc1 to avoid running
makewhatis(1) at the end of installworld (used when making crypto,
krb4, and krb5 dists).
In release/scripts/doFS.sh, ensure that the correct boot blocks are
used.
Moved the creation of the "crypto" dist from release.5 to
release.2.
In release.3 and doMFSKERN, build kernels in the "world"
environment. KERNELS now means "additional" kernels, GENERIC is
always built.
Ensure we build crunched binaries in the "world" environment.
Obfuscate release/Makefile some more (WMAKEENV) to achieve this.
Inline createBOOTMFS target.
Use already built GENERIC kernel modules to augment mfsfd's
/stand/modules. GC doMODULES as such.
Assorted fixes:
Get rid of the "afterdistribute" target by moving the single use
of it from sys/Makefile to etc/Makefile's "distribute".
Makefile.inc1: apparently "etc" no longer needs to be last for
"distribute" to succeed.
gnu/usr.bin/perl/library/Makefile.inc: do not override the
"install" and "distribute" targets, do it the "canonical" way.
release/scripts/{man,cat}pages-make.sh: make sure Perl manpages and
catpages appear in the right dists. Note that because Perl does
not respect the MANBUILDCAT (and NOMAN), this results in a loss of
/usr/share/perl/man/cat* empty directories. This will be fixed
soon.
Turn MAKE_KERBEROS4 into a plain boolean variable (if it is set it
means "make KerberosIV"), as documented in the make.conf(5)
manpage. Most of the userland makefiles did not test it for "YES"
anyway.
XXX Should specialized kerberized libpam versions be included into
the krb4 and krb5 dists? (libpam.a would be incorrect anyway if
both krb4 and krb5 dists were choosen.)
Make sure "games" dist is made before "catpages", otherwise games
catpages settle in the wrong dist.
Fast build machine provided by: Igor Kucherenko <kivvy@sunbay.com>
deprecated in favor of the POSIX-defined lowercase variants.
o Change all occurrences of NTOHL() and associated marcros in the
source tree to use the lowercase function variants.
o Add missing license bits to sparc64's <machine/endian.h>.
Approved by: jake
o Clean up <machine/endian.h> files.
o Remove unused __uint16_swap_uint32() from i386's <machine/endian.h>.
o Remove prototypes for non-existent bswapXX() functions.
o Include <machine/endian.h> in <arpa/inet.h> to define the
POSIX-required ntohl() family of functions.
o Do similar things to expose the ntohl() family in libstand, <netinet/in.h>,
and <sys/param.h>.
o Prepend underscores to the ntohl() family to help deal with
complexities associated with having MD (asm and inline) versions, and
having to prevent exposure of these functions in other headers that
happen to make use of endian-specific defines.
o Create weak aliases to the canonical function name to help deal with
third-party software forgetting to include an appropriate header.
o Remove some now unneeded pollution from <sys/types.h>.
o Add missing <arpa/inet.h> includes in userland.
Tested on: alpha, i386
Reviewed by: bde, jake, tmm
dependencies in the correct place, record the fact that -lssh
depends on -lcrypto and -lz.
Removed false dependencies on -lz (except ssh(1) and sshd(8)).
Removed false dependencies on -lcrypto and -lutil for scp(1).
Reviewed by: markm
- Spam /usr/lib some more by making libssh a standard library.
- Tweak ${LIBPAM} and ${MINUSLPAM}.
- Garbage collect unused libssh_pic.a.
- Add fake -lz dependency to secure/ makefiles needed for
dynamic linkage with -lssh.
Reviewed by: des, markm
Approved by: markm
