Note: I timed out waiting for an exp-run for this change but I survived
having it locally for quite a long time.
MFC after: 1 month
X-MFC note: SHLIB_MAJOR is 6 in stable/8 and stable/9
and engine(3) are generated from these pod files during merge process and
we do not want to re-apply these changes over and over again.
Approved by: benl (maintainer, implicit)
Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]
Security: FreeBSD-SA-12:01.openssl (revised)
Security: FreeBSD-SA-12:02.crypt
Approved by: so (bz, simon)
Prior to this, setting VersionAddendum will be a no-op: one will
always have BASE_VERSION + " " + VERSION_HPN for VersionAddendum
set in the config and a bare BASE_VERSION + VERSION_HPN when there
is no VersionAddendum is set.
HPN patch requires both parties to have the "hpn" inside their
advertized versions, so we add VERSION_HPN to the VERSION_BASE
if HPN is enabled and omitting it if HPN is disabled.
VersionAddendum now uses the following logics:
* unset (default value): append " " and VERSION_ADDENDUM;
* VersionAddendum is set and isn't empty: append " "
and VersionAddendum;
* VersionAddendum is set and empty: don't append anything.
Approved by: des
Reviewed by: bz
MFC after: 3 days
several new kerberos related libraries and applications to FreeBSD:
o kgetcred(1) allows one to manually get a ticket for a particular service.
o kf(1) securily forwards ticket to another host through an authenticated
and encrypted stream.
o kcc(1) is an umbrella program around klist(1), kswitch(1), kgetcred(1)
and other user kerberos operations. klist and kswitch are just symlinks
to kcc(1) now.
o kswitch(1) allows you to easily switch between kerberos credentials if
you're running KCM.
o hxtool(1) is a certificate management tool to use with PKINIT.
o string2key(1) maps a password into key.
o kdigest(8) is a userland tool to access the KDC's digest interface.
o kimpersonate(8) creates a "fake" ticket for a service.
We also now install manpages for some lirbaries that were not installed
before, libheimntlm and libhx509.
- The new HEIMDAL version no longer supports Kerberos 4. All users are
recommended to switch to Kerberos 5.
- Weak ciphers are now disabled by default. To enable DES support (used
by telnet(8)), use "allow_weak_crypto" option in krb5.conf.
- libtelnet, pam_ksu and pam_krb5 are now compiled with error on warnings
disabled due to the function they use (krb5_get_err_text(3)) being
deprecated. I plan to work on this next.
- Heimdal's KDC now require sqlite to operate. We use the bundled version
and install it as libheimsqlite. If some other FreeBSD components will
require it in the future we can rename it to libbsdsqlite and use for these
components as well.
- This is not a latest Heimdal version, the new one was released while I was
working on the update. I will update it to 1.5.2 soon, as it fixes some
important bugs and security issues.
- Revert unneeded whitespace changes.
- Revert modifications to loginrec.c, as the upstream version already
does the right thing.
- Fix indentation and whitespace of local changes.
Approved by: des
MFC after: 1 month
Add an API for alerting internal libc routines to the presence of
"unsafe" paths post-chroot, and use it in ftpd. [11:07]
Fix a buffer overflow in telnetd. [11:08]
Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
specified. [11:09]
Add sanity checking of service names in pam_start. [11:10]
Approved by: so (cperciva)
Approved by: re (bz)
Security: FreeBSD-SA-11:06.bind
Security: FreeBSD-SA-11:07.chroot
Security: FreeBSD-SA-11:08.telnetd
Security: FreeBSD-SA-11:09.pam_ssh
Security: FreeBSD-SA-11:10.pam
the bandwidth of long fat pipes (i.e. 100Mbps+ trans-oceanic or
trans-continental links). Bandwidth-delay products up to 64MB are
supported.
Also add support (not compiled by default) for the None cypher. The
None cypher can only be enabled on non-interactive sessions (those
without a pty where -T was not used) and must be enabled in both
the client and server configuration files and on the client command
line. Additionally, the None cypher will only be activated after
authentication is complete. To enable the None cypher you must add
-DNONE_CIPHER_ENABLED to CFLAGS via the make command line or in
/etc/make.conf.
This code is a style(9) compliant version of these features extracted
from the patches published at:
http://www.psc.edu/networking/projects/hpn-ssh/
Merging this patch has been a collaboration between me and Bjoern.
Reviewed by: bz
Approved by: re (kib), des (maintainer)
cause OpenSSL to parse past the end of the message.
Note: Applications are only affected if they act as a server and call
SSL_CTX_set_tlsext_status_cb on the server's SSL_CTX. This includes
Apache httpd >= 2.3.3, if configured with "SSLUseStapling On".
Security: http://www.openssl.org/news/secadv_20110208.txt
Security: CVE-2011-0014
Obtained from: OpenSSL CVS
It has yet to be determined if this warrants a FreeBSD Security
Advisory, but we might as well get it fixed in the normal branches.
Obtained from: OpenSSL CVS
Security: CVE-2010-2939
X-MFC after: Not long...
It is not clear to what this copyright should apply, and this is in line
with what other operating systems do.
For ssh specifically, printing of the copyright string is not in the
upstream version so this reduces our FreeBSD-local diffs.
Approved by: core, des (ssh)
of short-living parent. Only mark the master process that accepts
connections, do not protect connection handlers spawned from inetd.
Submitted by: Mykola Dzham <i levsha me>
Reviewed by: attilio
MFC after: 1 week
This fixes CVE-2010-0740 which only affected -CURRENT (OpenSSL 0.9.8m)
but not -STABLE branches.
I have not yet been able to find out if CVE-2010-0433 impacts FreeBSD.
This will be investigated further.
Security: CVE-2010-0433, CVE-2010-0740
Security: http://www.openssl.org/news/secadv_20100324.txt
This also "reverts" some FreeBSD local changes so we should now
be back to using entirely stock OpenSSL. The local changes were
simple $FreeBSD$ lines additions, which were required in the CVS
days, and the patch for FreeBSD-SA-09:15.ssl which has been
superseded with OpenSSL 0.9.8m's RFC5746 'TLS renegotiation
extension' support.
MFC after: 3 weeks
- Partially revert r184122 (sshd.c). Our ut_host is now big enough to
fit proper hostnames.
- Change config.h to match reality.
- defines.h requires UTMPX_FILE to be set by <utmpx.h> before it allows
the utmpx code to work. This makes no sense to me. I've already
mentioned this upstream.
- Add our own platform-specific handling of lastlog. The version I will
send to the OpenSSH folks will use proper autoconf generated
definitions instead of `#if 1'.
protocol flaw. [09:15]
Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]
Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]
Approved by: so (cperciva)
Security: FreeBSD-SA-09:15.ssl
Security: FreeBSD-SA-09:16.rtld
Security: FreeBSD-SA-09:17.freebsd-udpate
environments.
Please note that this can't be done while such processes run in jails.
Note: in future it would be interesting to find a way to do that
selectively for any desired proccess (choosen by user himself), probabilly
via a ptrace interface or whatever.
Obtained from: Sandvine Incorporated
Reviewed by: emaste, arch@
Sponsored by: Sandvine Incorporated
MFC: 1 month
- Fix memory consumption bug with "future epoch" DTLS records.
- Fix fragment handling memory leak.
- Do not access freed data structure.
- Fix DTLS fragment bug - out-of-sequence message handling which could
result in NULL pointer dereference in
dtls1_process_out_of_seq_message().
Note that this will not get FreeBSD Security Advisory as DTLS is
experimental in OpenSSL.
MFC after: 1 week
Security: CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1387
Fix memory consumption bug with "future epoch" DTLS records.
Note that this will not get FreeBSD Security Advisory as DTLS is
experimental in OpenSSL.
Security: CVE-2009-1377
Obtained from: OpenSSL CVS
http://cvs.openssl.org/chngview?cn=18187
for normal build, and doesn't export well to CVS.
If they are needed later a script will be added to recreate the symlinks
when needed at build time.
Approved by: re (rwatson)
Sanity-check string lengths in order to stop OpenSSL crashing
when printing corrupt BMPString or UniversalString objects. [09:08]
Security: FreeBSD-SA-09:07.libc
Security: FreeBSD-SA-09:08.openssl
Security: CVE-2009-0590
Approved by: re (kensmith)
Approved by: so (cperciva)
long commands into multiple requests. [09:01]
Fix incorrect OpenSSL checks for malformed signatures due to invalid
check of return value from EVP_VerifyFinal(), DSA_verify, and
DSA_do_verify. [09:02]
Security: FreeBSD-SA-09:01.lukemftpd
Security: FreeBSD-SA-09:02.openssl
Obtained from: NetBSD [SA-09:01]
Obtained from: OpenSSL Project [SA-09:02]
Approved by: so (simon)
in the struct utmp due to concerns about the length of the hostname buffer.
However, this breaks the UseDNS option. There is a simpler and better
solution: initialize utmp_len to the correct value (UT_HOSTSIZE instead of
MAXHOSTNAMELEN) and let get_remote_name_or_ip() worry about the size of the
buffer.
PR: bin/97499
Submitted by: Bruce Cran <bruce@cran.org.uk>
MFC after: 1 week
I have worked hard to reduce diffs against the vendor branch. One
notable change in that respect is that we no longer prefer DSA over
RSA - the reasons for doing so went away years ago. This may cause
some surprises, as ssh will warn about unknown host keys even for
hosts whose keys haven't changed.
MFC after: 6 weeks
with OpenSSL 0.9.8 import.
Note that this does not enable cryptodev by default, as it was the
case with OpenSSL 0.9.7 in FreeBSD base, but this change makes it
possible to enable cryptodev at all.
This has been submitted upstream as:
http://rt.openssl.org/Ticket/Display.html?id=1624
Submitted by: nork
From the OpenSSL advisory:
Andy Polyakov discovered a flaw in OpenSSL's DTLS
implementation which could lead to the compromise of clients
and servers with DTLS enabled.
DTLS is a datagram variant of TLS specified in RFC 4347 first
supported in OpenSSL version 0.9.8. Note that the
vulnerabilities do not affect SSL and TLS so only clients and
servers explicitly using DTLS are affected.
We believe this flaw will permit remote code execution.
Security: CVE-2007-4995
Security: http://www.openssl.org/news/secadv_20071012.txt
casts a bit less evil.
This was e.g. seen when using portsnap as:
Fetching snapshot tag from portsnap3.FreeBSD.org... Illegal instruction
Note the patch is slightly different from kan's original patch to
match style in the OpenSSL source files a bit better.
Submitted by: kan
Tested by: many
EVP_CIPHER_CTX_key_length() should return the set key length
in the EVP_CIPHER_CTX structure which may not be the same as
the underlying cipher key length for variable length ciphers.
This fixes problems in OpenSSH using some ciphers, and possibly other
applications.
See also: http://bugzilla.mindrot.org/show_bug.cgi?id=1291
The section about our local changes needs reviewing, and some of those
changes should probably be reconsidered (such as preferring DSA over RSA,
which made sense when RSA was encumbered but probably doesn't any more)
Fix uninitialized free of ctx in compute_key() when the
OPENSSL_DH_MAX_MODULUS_BITS check is triggered.
This fixes the same issue as FreeBSD-SA-06:23.openssl v1.1.
This was missed the first time around since eng_padlock.c was not part
of OpenSSL 0.9.7e and therefor did not have the v0_9_7e CVS tag used
during original resolve of conflicts.
Noticed by: Antoine Brodin <antoine.brodin@laposte.net>
determine whether struct utmp contains the ut_host and ut_time fields.
Unfortunately, it reports a false negative for both on FreeBSD, and I
didn't check the resulting config.h closely enough to catch the error.
Noticed by: ache
heimdal GSS-API mechanism uses its own version of gssapi.h, including all
the implementation-dependant pollution contained therein.
This moves the file off the vendor branch, sadly.
Submitted by: bz
similar the the Solaris implementation. Repackage the krb5 GSS mechanism
as a plugin library for the new implementation. This also includes a
comprehensive set of manpages for the GSS-API functions with text mostly
taken from the RFC.
Reviewed by: Love Hörnquist Åstrand <lha@it.su.se>, ru (build system), des (openssh parts)
branches but missed HEAD. This patch extends his a little bit,
setting it up via the Makefiles so that adding _FREEFALL_CONFIG
to /etc/make.conf is the only thing needed to cluster-ize things
(current setup also requires overriding CFLAGS).
From Peter's commit to the RELENG_* branches:
> Add the freebsd.org custer's source modifications under #ifdefs to aid
> keeping things in sync. For ksu:
> * install suid-root by default
> * don't fall back to asking for a unix password (ie: be pure kerberos)
> * allow custom user instances for things like www and not just root
The Makefile tweaks will be MFC-ed, the rest is already done.
MFC after: 3 days
Approved by: re (dwhite)
