Commit Graph

989 Commits

Author SHA1 Message Date
jkim
4a83aa80d5 Remove duplicate manual pages.
Reported by:	brd
2015-11-16 21:36:15 +00:00
des
83b666668a Remove dead code. 2015-11-11 13:47:23 +00:00
des
9be32654da One more $Mdocdate$ 2015-11-11 13:27:58 +00:00
des
72179a6f4b Remove /* $FreeBSD$ */ from files that already have __RCSID("$FreeBSD$"). 2015-11-11 13:26:47 +00:00
des
f4baee681e Now that we have mandoc, we can leave $Mdocdate$ tags as-is. Unfortunately,
there is (currently) no way to make Subversion generate correct $Mdocdate$
tags, but perhas we can teach mandoc to read Subversion's %d format.
2015-11-11 13:23:07 +00:00
jkim
6b741bee15 Merge OpenSSL 1.0.2d. 2015-10-30 20:51:33 +00:00
jkim
64cb0c902e Import OpenSSL 1.0.2d. 2015-10-23 19:46:02 +00:00
delphij
991c19271a Fix OpenSSH multiple vulnerabilities by backporting three changes
from OpenSSH-portable master.

Git revisions:	45b0eb752c94954a6de046bfaaf129e518ad4b5b
		5e75f5198769056089fb06c4d738ab0e5abc66f7
		d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
Reviewed by:	des
Security:	FreeBSD-SA-15:22.openssh
2015-08-25 20:48:37 +00:00
delphij
e4eb287ad0 Fix multiple OpenSSH vulnerabilities.
Security:	CVE-2014-2653
Security:	CVE-2015-5600
Security:	FreeBSD-SA-15:16.openssh
2015-07-28 19:58:38 +00:00
vangyzen
2eb95738be ssh: canonicize the host name before looking it up in the host file
Re-apply r99054 by des in 2002.  This was accidentally dropped
by the update to OpenSSH 6.5p1 (r261320).

This change is actually taken from r387082 of
ports/security/openssh-portable/files/patch-ssh.c

PR:		198043
Differential Revision:	https://reviews.freebsd.org/D3103
Reviewed by:	des
Approved by:	kib (mentor)
MFC after:	3 days
Relnotes:	yes
Sponsored by:	Dell Inc.
2015-07-16 18:44:18 +00:00
jkim
ce8a666092 Merge OpenSSL 1.0.1p. 2015-07-09 17:07:45 +00:00
jkim
e5911a7a89 Import OpenSSL 1.0.1p. 2015-07-09 16:41:34 +00:00
jkim
810d2d455b Merge OpenSSL 1.0.1o. 2015-06-12 16:48:26 +00:00
jkim
d552dfce13 Import OpenSSL 1.0.1o. 2015-06-12 16:33:55 +00:00
jkim
d675e841ef Merge OpenSSL 1.0.1n. 2015-06-11 19:00:55 +00:00
jkim
e35879fa69 Import OpenSSL 1.0.1n. 2015-06-11 17:56:16 +00:00
des
c32ee7f1c5 Import new moduli from OpenBSD. Although there is no reason to distrust
the current set, it is good hygiene to change them once in a while.

MFC after:	1 week
2015-05-26 19:46:41 +00:00
bdrewery
a636f8f94f Use proper CHAN_TCP_PACKET_DEFAULT for agent forwarding when HPN disabled.
The use of CHAN_TCP_WINDOW_DEFAULT here was fixed in upstream OpenSSH
in CVS 1.4810, git 5baa170d771de9e95cf30b4c469ece684244cf3e:

  - dtucker@cvs.openbsd.org 2007/12/28 22:34:47
    [clientloop.c]
    Use the correct packet maximum sizes for remote port and agent forwarding.
    Prevents the server from killing the connection if too much data is queued
    and an excessively large packet gets sent.  bz #1360, ok djm@.

The change was lost due to the the way the original upstream HPN patch
modified this code. It was re-adding the original OpenSSH code and never
was properly fixed to use the new value.

MFC after:	2 weeks
2015-04-02 18:43:25 +00:00
bdrewery
77d6bca5e0 Document "none" for VersionAddendum.
PR:		193127
MFC after:	2 weeks
2015-03-23 02:45:12 +00:00
jkim
d962da16eb Merge OpenSSL 1.0.1m. 2015-03-20 19:16:18 +00:00
jkim
038f65e5fb Import OpenSSL 1.0.1m. 2015-03-20 15:28:40 +00:00
jkim
3c988e56ae Merge OpenSSL 1.0.1l.
MFC after:	1 week
Relnotes:	yes
2015-01-16 21:03:23 +00:00
jkim
63414ee1a3 Import OpenSSL 1.0.1l. 2015-01-16 19:52:36 +00:00
jkim
73cdd9409f MFV: r276862
Fix build.
2015-01-09 00:42:10 +00:00
jkim
6c57594b36 Fix build failure on Windows due to undefined cflags identifier.
5c5e7e1a7e
2015-01-09 00:12:20 +00:00
jkim
4f9b1cef1a Merge OpenSSL 1.0.1k. 2015-01-08 23:42:41 +00:00
jkim
a350427e88 Import OpenSSL 1.0.1k. 2015-01-08 22:40:39 +00:00
jkim
411d431d45 Merge OpenSSL 1.0.1j. 2014-10-15 19:12:05 +00:00
jkim
9a02b27a6e Import OpenSSL 1.0.1j. 2014-10-15 17:32:57 +00:00
gjb
01f4e5a3e8 Include the gssapi_krb5 library in KRB5_LDFLAGS.
PR:		156245
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2014-09-08 19:00:13 +00:00
jkim
3299c3be1a Merge OpenSSL 1.0.1i. 2014-08-07 18:56:10 +00:00
jkim
8bd1d6691f Import OpenSSL 1.0.1i. 2014-08-07 16:49:55 +00:00
jkim
68fed3306b Merge OpenSSL 1.0.1h.
Approved by:	so (delphij)
2014-06-09 05:50:57 +00:00
jkim
d4a5f67323 Import OpenSSL 1.0.1h.
Approved by:	so (delphij)
2014-06-06 20:59:29 +00:00
delphij
aa92285a00 Fix OpenSSL multiple vulnerabilities.
Security:	CVE-2014-0195, CVE-2014-0221, CVE-2014-0224,
		CVE-2014-3470
Security:	SA-14:14.openssl
Approved by:	so
2014-06-05 12:32:16 +00:00
smh
d4e781f644 Change comment about HPNDisabled to match the style of other options to
avoid confusion.

Sponsored by:	Multiplay
2014-05-20 10:28:19 +00:00
delphij
43c7f4a7f1 Fix OpenSSL NULL pointer deference vulnerability.
Obtained from:	OpenBSD
Security:	FreeBSD-SA-14:09.openssl
Security:	CVE-2014-0198
2014-05-13 23:17:24 +00:00
delphij
7e64659205 Fix OpenSSL use-after-free vulnerability.
Obtained from:	OpenBSD
Security:	FreeBSD-SA-14:09.openssl
Security:	CVE-2010-5298
2014-04-30 04:02:36 +00:00
des
e1e5f20b88 Apply upstream patch for EC calculation bug and bump version addendum. 2014-04-20 11:34:33 +00:00
imp
c39e6fc2c9 NO_MAN= has been deprecated in favor of MAN= for some time, go ahead
and finish the job. ncurses is now the only Makefile in the tree that
uses it since it wasn't a simple mechanical change, and will be
addressed in a future commit.
2014-04-13 05:21:56 +00:00
des
38c767afbd Restore the pX part to the version number printed in debugging mode. 2014-04-09 20:42:00 +00:00
jkim
89b378c4b3 Merge OpenSSL 1.0.1g.
Approved by:	benl (maintainer)
2014-04-08 21:06:58 +00:00
jkim
c16e01227f Import OpenSSL 1.0.1g.
Approved by:	benl (maintainer)
2014-04-08 20:15:18 +00:00
delphij
26c4b55c2e Fix NFS deadlock vulnerability. [SA-14:05]
Fix "Heartbleed" vulnerability and ECDSA Cache Side-channel
Attack in OpenSSL. [SA-14:06]
2014-04-08 18:27:32 +00:00
des
ae82763de4 Upgrade to OpenSSH 6.6p1. 2014-03-25 11:05:34 +00:00
des
fc833dce1b Add a pre-merge script which reverts mechanical changes such as added
$FreeBSD$ tags and man page dates.

Add a post-merge script which reapplies these changes.

Run both scripts to normalize the existing code base.  As a result, many
files which should have had $FreeBSD$ tags but didn't now have them.

Partly rewrite the upgrade instructions and remove the now outdated
list of tricks.
2014-03-24 19:15:13 +00:00
rwatson
a400e9c007 Update most userspace consumers of capability.h to use capsicum.h instead.
auditdistd is not updated as I will make the change upstream and then do a
vendor import sometime in the next week or two.

MFC after:	3 weeks
2014-03-16 11:04:44 +00:00
pjd
ed07d3e6e2 Fix installations that use kernels without CAPABILITIES support.
Approved by:	des
2014-02-04 21:48:09 +00:00
des
b1dd5bd906 Turn sandboxing on by default. 2014-02-01 00:07:16 +00:00
des
7573e91b12 Upgrade to OpenSSH 6.5p1. 2014-01-31 13:12:02 +00:00
jkim
a8c44ea5cf Merge OpenSSL 1.0.1f.
Approved by:	so (delphij), benl (silence)
2014-01-22 19:57:11 +00:00
jkim
a268cbece5 Import OpenSSL 1.0.1f.
Approved by:	so (delphij), benl (silence)
2014-01-22 19:27:13 +00:00
delphij
106d50295b MFV r260399:
Apply vendor commits:

197e0ea	Fix for TLS record tampering bug.  (CVE-2013-4353).
3462896	For DTLS we might need to retransmit messages from the
	previous session so keep a copy of write context in DTLS
	retransmission buffers instead of replacing it after
	sending CCS.  (CVE-2013-6450).
ca98926 When deciding whether to use TLS 1.2 PRF and record hash
	algorithms use the version number in the corresponding
	SSL_METHOD structure instead of the SSL structure.  The
	SSL structure version is sometimes inaccurate.
	Note: OpenSSL 1.0.2 and later effectively do this already.
	(CVE-2013-6449).

Security:	CVE-2013-4353
Security:	CVE-2013-6449
Security:	CVE-2013-6450
2014-01-07 19:58:45 +00:00
bjk
d7ee8f3e6e Apply patch from upstream Heimdal for encoding fix
RFC 4402 specifies the implementation of the gss_pseudo_random()
function for the krb5 mechanism (and the C bindings therein).
The implementation uses a PRF+ function that concatenates the output
of individual krb5 pseudo-random operations produced with a counter
and seed.  The original implementation of this function in Heimdal
incorrectly encoded the counter as a little-endian integer, but the
RFC specifies the counter encoding as big-endian.  The implementation
initializes the counter to zero, so the first block of output (16 octets,
for the modern AES enctypes 17 and 18) is unchanged.  (RFC 4402 specifies
that the counter should begin at 1, but both existing implementations
begin with zero and it looks like the standard will be re-issued, with
test vectors, to begin at zero.)

This is upstream's commit f85652af868e64811f2b32b815d4198e7f9017f6,
from 13 October, 2013:
% Fix krb5's gss_pseudo_random() (n is big-endian)
%
% The first enctype RFC3961 prf output length's bytes are correct because
% the little- and big-endian representations of unsigned zero are the
% same.  The second block of output was wrong because the counter was not
% being encoded as big-endian.
%
% This change could break applications.  But those applications would not
% have been interoperating with other implementations anyways (in
% particular: MIT's).

Approved by:	hrs (mentor, src committer)
MFC after:	3 days
2013-12-13 03:09:29 +00:00
delphij
454aa85277 MFV r257952:
Upgrade to OpenSSH 6.4p1.

Bump VersionAddendum.

Approved by:	des
2013-11-11 09:19:58 +00:00
des
476b7e3d43 Unbreak the WITHOUT_KERBEROS build and try to reduce the odds of a
repeat performance by introducing a script that runs configure with and
without Kerberos, diffs the result and generates krb5_config.h, which
contains the preprocessor macros that need to be defined in the Kerberos
case and undefined otherwise.

Approved by:	re (marius)
2013-09-23 20:35:54 +00:00
des
b32fed86db Pull in all the OpenSSH bits that we'd previously left out because we
didn't use them.  This will make future merges from the vendor tree much
easier.

Approved by:	re (gjb)
2013-09-21 22:24:10 +00:00
des
cda41f674d Upgrade to 6.3p1.
Approved by:	re (gjb)
2013-09-21 21:36:09 +00:00
des
c960286445 Change the default value of VerifyHostKeyDNS to "yes" if compiled with
LDNS.  With that setting, OpenSSH will silently accept host keys that
match verified SSHFP records.  If an SSHFP record exists but could not
be verified, OpenSSH will print a message and prompt the user as usual.

Approved by:	re (blanket)
2013-09-10 22:30:22 +00:00
des
ad118345b8 These three files appeared in 6.0p1, which was imported into the vendor
branch but never merged to head.  They were inadvertantly left out when
6.1p1 was merged to head.  It didn't make any difference at the time,
because they were unused, but one of them is required for DNS-based host
key verification.

Approved by:	re (blanket)
2013-09-09 13:56:58 +00:00
des
f4100c62aa Apply upstream revision 1.151 (fix relative symlinks)
MFC after:	3 days
2013-08-13 09:06:18 +00:00
delphij
baffb509e4 MFV r254106 (OpenSSL bugfix for RT #2984):
Check DTLS_BAD_VER for version number.

The version check for DTLS1_VERSION was redundant as
DTLS1_VERSION > TLS1_1_VERSION, however we do need to
check for DTLS1_BAD_VER for compatibility.

Requested by:	zi
Approved by:	benl
2013-08-08 22:29:35 +00:00
hrs
c3008dddb1 Fix gssapi/gssapi_krb5.h after Heimdal 1.5.1 import.
Reviewed by:	dfr
2013-06-30 07:46:22 +00:00
des
5794e02a5a r251088 reverted the default value for UsePrivilegeSeparation from
"sandbox" to "yes", but did not update the documentation to match.
2013-06-28 09:41:59 +00:00
des
df51273aa9 Revert a local change that sets the default for UsePrivilegeSeparation to
"sandbox" instead of "yes".  In sandbox mode, the privsep child is unable
to load additional libraries and will therefore crash when trying to take
advantage of crypto offloading on CPUs that support it.
2013-05-29 00:19:58 +00:00
bz
6c177c4e75 Have the ipropd-master listen on an IPv6 socket in addition to an IPv4
socket to allow propagation of changes to a Heimdal Kerberos database
from the KDC master to the slave(s) work on IPv6 as well.

Update the stats logging to also handle IPv6 addresses.

Reported by:		peter (found on FreeBSD cluster)
X-to-be-tested-by:	peter
MFC after:		3 weeks
2013-05-18 18:01:21 +00:00
des
06c773ee5d Upgrade to OpenSSH 6.2p2. Mostly a no-op since I had already patched
the issues that affected us.
2013-05-17 09:12:33 +00:00
bdrewery
efa81decff The HPN patch added a new BUG bit for SSH_BUG_LARGEWINDOW
and the update to 6.1 added SSH_BUG_DYNAMIC_RPORT with the
same value.

Fix the HPN SSH_BUG_LARGEWINDOW bit so it is unique.

Approved by:	des
MFC after:	2 weeks
2013-05-13 11:32:20 +00:00
des
2bb075a095 Merge updated "no such identity file" patch.
PR:		bin/178060
2013-04-24 12:36:37 +00:00
des
c7cb06a811 Silence "received disconnect" in the common case. 2013-04-14 13:06:07 +00:00
des
f1c9eb38e7 Merge upstream patch to silence spurious "no such identity file" warnings. 2013-04-02 11:44:55 +00:00
des
3325697f0c Silence printf format warnings. 2013-04-02 11:42:39 +00:00
des
ca02c8e40f Silence warnings about redefined macros. 2013-04-01 13:48:30 +00:00
des
a4c39d4efd Revert r247892 now that this has been fixed upstream. 2013-03-23 14:52:31 +00:00
des
b291eafe8d Upgrade to OpenSSH 6.2p1. The most important new features are support
for a key revocation list and more fine-grained authentication control.
2013-03-22 17:55:38 +00:00
des
153ad47126 Keep the default AuthorizedKeysFile setting. Although authorized_keys2
has been deprecated for a while, some people still use it and were
unpleasantly surprised by this change.

I may revert this commit at a later date if I can come up with a way
to give users who still have authorized_keys2 files sufficient advance
warning.

MFC after:	ASAP
2013-03-18 10:50:50 +00:00
des
1e99f9b145 Unlike OpenBSD's, our setusercontext() will intentionally ignore the user's
own umask setting (from ~/.login.conf) unless running with the user's UID.
Therefore, we need to call it again with LOGIN_SETUMASK after changing UID.

PR:		bin/176740
Submitted by:	John Marshall <john.marshall@riverwillow.com.au>
MFC after:	1 week
2013-03-13 09:41:55 +00:00
des
138ec63f93 Partially revert r247892 and r247904 since our strnvis() does not
behave the way OpenSSH expects.
2013-03-07 14:38:43 +00:00
des
cb16119d8c Remove strnvis(), strvis(), strvisx(). 2013-03-06 23:22:40 +00:00
des
96855818b6 Explicitly disable lastlog, utmp and wtmp. 2013-03-06 13:46:20 +00:00
dim
90c71ac75a Import change 6d783560e4aad1e680097d11e89755647a5aba87 from upstream
heimdal:

  fix sizeof(uuid)

Found by:	clang ToT
Reviewed by:	stas
2013-02-19 17:38:18 +00:00
jkim
754bee5776 Merge OpenSSL 1.0.1e.
Approved by:	secteam (simon), benl (silence)
2013-02-13 23:07:20 +00:00
jkim
a6d6a27870 Change "the the" to "the". It is a continuation of r226436 and missed in
r237658.

Approved by:	benl (maintainer, implicit)
2013-02-13 22:38:20 +00:00
jkim
9069337c83 Import OpenSSL 1.0.1e.
Approved by:	secteam (delphij, simon), benl (silence)
2013-02-13 22:15:56 +00:00
pfg
245e35ae97 Clean some 'svn:executable' properties in the tree.
Submitted by:	Christoph Mallon
MFC after:	3 days
2013-01-26 22:08:21 +00:00
delphij
2dfa3a3e47 Indicate that we are using OpenSSL with some local modifications.
X-MFC after:	with r244974
2013-01-02 21:00:00 +00:00
delphij
339eb8a5c4 MFV r244973:
Integrate OpenSSL changeset 22950 (appro):

        bn_word.c: fix overflow bug in BN_add_word.

MFC after:	2 weeks
2013-01-02 20:58:46 +00:00
delphij
90d033541a Integrate OpenSSL changeset 22950 (appro):
bn_word.c: fix overflow bug in BN_add_word.
2013-01-02 20:56:53 +00:00
eadler
0af88b7eae Clean up hardcoded ar(1) flags in the tree to use the global ARFLAGS in
share/mk/sys.mk instead.

This is part of a medium term project to permit deterministic builds of
FreeBSD.

Submitted by:	Erik Cederstrand <erik@cederstrand.dk>
Reviewed by:	imp, toolchain@
Approved by:	cperciva
MFC after:	2 weeks
2012-12-06 01:31:25 +00:00
pjd
ee39d48b3c Allow OpenSSL to use arc4random(3) on FreeBSD. arc4random(3) was modified
some time ago to use sysctl instead of /dev/random to get random data,
so is now much better choice, especially for sandboxed processes that have
no direct access to /dev/random.

Approved by:	benl
MFC after:	2 weeks
2012-11-30 22:23:23 +00:00
dim
0572fba032 In crypto/heimdal/lib/sl/slc-lex.l, don't define YY_NO_INPUT, since
%option nounput is already specified.

MFC after:	3 days
2012-11-14 18:49:03 +00:00
avg
4267c6aa52 openssl: change SHLIB_VERSION_NUMBER to reflect the reality
Note: I timed out waiting for an exp-run for this change but I survived
having it locally for quite a long time.

MFC after:	1 month
X-MFC note:	SHLIB_MAJOR is 6 in stable/8 and stable/9
2012-09-11 06:10:49 +00:00
des
00f3582ac6 Upgrade OpenSSH to 6.1p1. 2012-09-03 16:51:41 +00:00
jkim
e393e47b1e Merge OpenSSL 1.0.1c.
Approved by:	benl (maintainer)
2012-07-12 19:30:53 +00:00
jkim
532b4084cb Import OpenSSL 1.0.1c.
Approved by:	benl (maintainer)
2012-07-11 23:31:36 +00:00
jkim
c4d8545b00 Partially redo r226436, i. e., change "the the" to "the". ca(1), dgst(1),
and engine(3) are generated from these pod files during merge process and
we do not want to re-apply these changes over and over again.

Approved by:	benl (maintainer, implicit)
2012-06-27 19:23:29 +00:00
jkim
299ab12592 Merge OpenSSL 0.9.8x.
Reviewed by:	stas
Approved by:	benl (maintainer)
MFC after:	3 days
2012-06-27 18:44:36 +00:00
jkim
1554498e64 Import OpenSSL 0.9.8x. 2012-06-27 16:44:58 +00:00
delphij
85590af6fa MFV (r237567):
Fetch both ECDSA and RSA keys by default in ssh-keyscan(1).

Approved by:	des
Obtained from:	OpenSSH portable
MFC after:	1 week
2012-06-25 19:01:04 +00:00
bz
d2e144fbe8 Update the previous openssl fix. [12:01]
Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]

Security:	FreeBSD-SA-12:01.openssl (revised)
Security:	FreeBSD-SA-12:02.crypt
Approved by:	so (bz, simon)
2012-05-30 12:01:28 +00:00