Commit Graph

759 Commits

Author SHA1 Message Date
Dag-Erling Smørgrav
761efaa70c Vendor import of OpenSSH 4.4p1. 2006-09-30 13:29:51 +00:00
Dag-Erling Smørgrav
a435c625d7 This commit was generated by cvs2svn to compensate for changes in r162852,
which included commits to RCS files with non-trunk default branches.
2006-09-30 13:29:51 +00:00
Dag-Erling Smørgrav
9d2c6627a1 Merge vendor patch for BSM problem in protocol version 1.
MFC after:	1 week
2006-09-16 15:12:58 +00:00
Dag-Erling Smørgrav
30c2033ae7 Vendor patch for a problem that prevented using protocol version 1 when
BSM was enabled.
2006-09-16 15:10:13 +00:00
Simon L. B. Nielsen
c800238ebb Correct incorrect PKCS#1 v1.5 padding validation in crypto(3).
Obtained from:	OpenSSL project
Security:	FreeBSD-SA-06:19.openssl
2006-09-10 20:16:43 +00:00
Simon L. B. Nielsen
2ab7aa997e Resolve conflicts after import of OpenSSL 0.9.8b.
This was missed the first time around since eng_padlock.c was not part
of OpenSSL 0.9.7e and therefor did not have the v0_9_7e CVS tag used
during original resolve of conflicts.

Noticed by:	Antoine Brodin <antoine.brodin@laposte.net>
2006-07-30 14:17:54 +00:00
Simon L. B. Nielsen
35fc1829d8 Sync FREEBSD-Xlist with what was actually excluded from OpenSSL 0.9.8b
import.
2006-07-29 22:40:45 +00:00
Simon L. B. Nielsen
f6ec947c28 Add some rough notes on how to import a new OpenSSL version into the
FreeBSD base system.  Parts are inspired by the OpenSSH upgrade notes.
2006-07-29 22:01:26 +00:00
Simon L. B. Nielsen
09bf29a41f Resolve conflicts after import of OpenSSL 0.9.8b. 2006-07-29 19:14:51 +00:00
Simon L. B. Nielsen
3b4e3dcb9f Vendor import of OpenSSL 0.9.8b 2006-07-29 19:10:21 +00:00
Simon L. B. Nielsen
f6ab039488 This commit was generated by cvs2svn to compensate for changes in r160814,
which included commits to RCS files with non-trunk default branches.
2006-07-29 19:10:21 +00:00
Dag-Erling Smørgrav
567b2a322e Our glob(3) has all the required features.
Submitted by:	ache
2006-06-09 08:39:05 +00:00
Dag-Erling Smørgrav
98c61a2292 Revert inadvertant commit of debugging code. 2006-06-09 07:23:14 +00:00
Dag-Erling Smørgrav
ed22e27d8a Introduce a namespace munging hack inspired by NetBSD to avoid polluting
the namespace of applications which inadvertantly link in libssh (usually
through pam_ssh)

Suggested by:	lukem@netbsd.org
MFC after:	6 weeks
2006-05-13 13:47:45 +00:00
Dag-Erling Smørgrav
998ab76154 Fix utmp. There is some clever logic in configure.ac which attempts to
determine whether struct utmp contains the ut_host and ut_time fields.
Unfortunately, it reports a false negative for both on FreeBSD, and I
didn't check the resulting config.h closely enough to catch the error.

Noticed by:	ache
2006-03-23 21:31:42 +00:00
Dag-Erling Smørgrav
d8b92da88b Regenerate. 2006-03-22 20:41:53 +00:00
Dag-Erling Smørgrav
b74df5b26f Merge conflicts. 2006-03-22 20:41:37 +00:00
Dag-Erling Smørgrav
021d409f5b Vendor import of OpenSSH 4.3p1. 2006-03-22 19:46:12 +00:00
Dag-Erling Smørgrav
4f87d65874 This commit was generated by cvs2svn to compensate for changes in r157016,
which included commits to RCS files with non-trunk default branches.
2006-03-22 19:46:12 +00:00
Ruslan Ermilov
e1fe3dba5c Reimplementation of world/kernel build options. For details, see:
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by:	imp, jhb, kris, phk, ru (all bugs are mine)
2006-03-17 18:54:44 +00:00
Doug Rabson
17ed18fef3 Fix the amd64 (and presumably ia64) lib32 build by ensuring that the
heimdal GSS-API mechanism uses its own version of gssapi.h, including all
the implementation-dependant pollution contained therein.

This moves the file off the vendor branch, sadly.

Submitted by: bz
2006-01-02 11:28:42 +00:00
Doug Rabson
c0b9f4fe65 Add a new extensible GSS-API layer which can support GSS-API plugins,
similar the the Solaris implementation. Repackage the krb5 GSS mechanism
as a plugin library for the new implementation. This also includes a
comprehensive set of manpages for the GSS-API functions with text mostly
taken from the RFC.

Reviewed by: Love Hörnquist Åstrand <lha@it.su.se>, ru (build system), des (openssh parts)
2005-12-29 14:40:22 +00:00
Colin Percival
51ce0d091c Correct a man-in-the-middle SSL version rollback vulnerability.
Security:	FreeBSD-SA-05:21.openssl
2005-10-11 11:50:36 +00:00
Dag-Erling Smørgrav
184ad7d3be Regenerate 2005-09-03 07:08:51 +00:00
Dag-Erling Smørgrav
d4ecd10857 Resolve conflicts. 2005-09-03 07:04:25 +00:00
Dag-Erling Smørgrav
043840df5b Vendor import of OpenSSH 4.2p1. 2005-09-03 06:59:33 +00:00
Dag-Erling Smørgrav
f8a2a7f14a This commit was generated by cvs2svn to compensate for changes in r149749,
which included commits to RCS files with non-trunk default branches.
2005-09-03 06:59:33 +00:00
Dag-Erling Smørgrav
ad69811c17 fine-tune. 2005-09-03 06:42:11 +00:00
Ken Smith
2672e71736 This is sort of an MFS. Peter made these changes to the RELENG_*
branches but missed HEAD.  This patch extends his a little bit,
setting it up via the Makefiles so that adding _FREEFALL_CONFIG
to /etc/make.conf is the only thing needed to cluster-ize things
(current setup also requires overriding CFLAGS).

From Peter's commit to the RELENG_* branches:
> Add the freebsd.org custer's source modifications under #ifdefs to aid
> keeping things in sync.  For ksu:
> * install suid-root by default
> * don't fall back to asking for a unix password (ie: be pure kerberos)
> * allow custom user instances for things like www and not just root

The Makefile tweaks will be MFC-ed, the rest is already done.

MFC after:      3 days
Approved by:    re (dwhite)
2005-07-07 14:16:38 +00:00
Dag-Erling Smørgrav
c032a2803f Forgot to bump the version addendum. 2005-06-05 18:30:53 +00:00
Dag-Erling Smørgrav
19bccc89b4 Regenerate. 2005-06-05 15:46:27 +00:00
Dag-Erling Smørgrav
aa49c9264c Resolve conflicts. 2005-06-05 15:46:09 +00:00
Dag-Erling Smørgrav
6dbd30e786 Update for 4.1p1. 2005-06-05 15:43:57 +00:00
Dag-Erling Smørgrav
4518870c72 Vendor import of OpenSSH 4.1p1. 2005-06-05 15:41:57 +00:00
Dag-Erling Smørgrav
6d014e2f60 This commit was generated by cvs2svn to compensate for changes in r147001,
which included commits to RCS files with non-trunk default branches.
2005-06-05 15:41:57 +00:00
Dag-Erling Smørgrav
5e8dbd04ef Vendor import of OpenSSH 4.0p1. 2005-06-05 15:40:50 +00:00
Dag-Erling Smørgrav
1f6afdc098 This commit was generated by cvs2svn to compensate for changes in r146998,
which included commits to RCS files with non-trunk default branches.
2005-06-05 15:40:50 +00:00
Dag-Erling Smørgrav
5bfbdca45a Rewrite some of the regexps so they don't match themselves. 2005-06-04 23:18:33 +00:00
Jacques Vidrine
72a11ddc6c File removed in update from OpenSSL 0.9.7d -> 0.9.7e. 2005-02-25 06:22:30 +00:00
Jacques Vidrine
a37fa6607a Remove files that are no longer part of OpenSSL from the vendor
branch.  This time, these are mostly the `Makefile.ssl' files.
2005-02-25 06:14:53 +00:00
Jacques Vidrine
3c96cf2e8b This commit was generated by cvs2svn to compensate for changes in r142430,
which included commits to RCS files with non-trunk default branches.
2005-02-25 06:14:53 +00:00
Jacques Vidrine
5203f6dc3a Resolve conflicts after import of OpenSSL 0.9.7e. 2005-02-25 05:49:44 +00:00
Jacques Vidrine
6be8ae0724 Vendor import of OpenSSL 0.9.7e. 2005-02-25 05:39:05 +00:00
Jacques Vidrine
eb8fd19957 This commit was generated by cvs2svn to compensate for changes in r142425,
which included commits to RCS files with non-trunk default branches.
2005-02-25 05:39:05 +00:00
Jacques Vidrine
3e9d9cface Update list of files to remove prior to import of OpenSSL 0.9.7e. 2005-02-25 05:31:23 +00:00
Jacques Vidrine
01c0bb1d8a Clean up the OpenSSL vendor branch by removing files that are not
part of recent releases.
2005-02-25 05:25:37 +00:00
Jacques Vidrine
c7a8adabfb This commit was generated by cvs2svn to compensate for changes in r142421,
which included commits to RCS files with non-trunk default branches.
2005-02-25 05:25:37 +00:00
Jacques Vidrine
8d4ba808a5 Vendor import of Heimdal 0.6.3. 2005-02-24 22:22:53 +00:00
Jacques Vidrine
f65ab5f283 This commit was generated by cvs2svn to compensate for changes in r142403,
which included commits to RCS files with non-trunk default branches.
2005-02-24 22:22:53 +00:00
Jacques Vidrine
d526eb91a6 Do not include lib/kdfs in future imports. 2005-02-24 22:17:13 +00:00
Jacques Vidrine
e30f8e817e Remove lib/kdfs from vendor branch: we do not build it, and it will not
be included in future imports.
2005-02-24 22:16:35 +00:00
Jacques Vidrine
a43dbe2565 Clean up the Heimdal vendor branch by removing files not included in
any import for several years.

If memory serves, this was
Suggested by:	ru
an awfully long time ago-- sorry for the delay!
2005-02-24 22:14:04 +00:00
Dag-Erling Smørgrav
d49dad04cb Better Xlist command line. 2004-10-28 16:13:28 +00:00
Dag-Erling Smørgrav
21e764df0c Resolve conflicts 2004-10-28 16:11:31 +00:00
Dag-Erling Smørgrav
d74d50a84b Vendor import of OpenSSH 3.9p1. 2004-10-28 16:03:53 +00:00
Dag-Erling Smørgrav
3b4228da23 This commit was generated by cvs2svn to compensate for changes in r137015,
which included commits to RCS files with non-trunk default branches.
2004-10-28 16:03:53 +00:00
Dag-Erling Smørgrav
39b9ae0d72 These are unnecessary and have been causing imp@ trouble. 2004-10-27 19:07:36 +00:00
Mark Murray
1f9bb6cd25 Add support for C3 Nehemiah ACE ("Padlock") AES crypto. This comes
from OpenSSL 0.9.5 (yet to be released), and is pretty complete.
2004-08-14 13:38:35 +00:00
Mark Murray
eaeb68fe23 Bring in support for VIA C3 Nehemiah Padlock crypto support (AES).
This is from the upcoming OpenSSL 0.9.8 release.
2004-08-13 19:37:23 +00:00
Mark Murray
19ef43daef This commit was generated by cvs2svn to compensate for changes in r133665,
which included commits to RCS files with non-trunk default branches.
2004-08-13 19:37:23 +00:00
Dag-Erling Smørgrav
3c8487013c Regenerate. 2004-04-20 09:49:37 +00:00
Dag-Erling Smørgrav
cfa59440c5 One more conflict. 2004-04-20 09:47:13 +00:00
Dag-Erling Smørgrav
5962c0e9a3 Resolve conflicts. 2004-04-20 09:46:41 +00:00
Dag-Erling Smørgrav
562de5d9f6 Adjust version number and addendum. 2004-04-20 09:37:29 +00:00
Dag-Erling Smørgrav
52028650db Vendor import of OpenSSH 3.8.1p1. 2004-04-20 09:35:04 +00:00
Dag-Erling Smørgrav
b247dbc706 This commit was generated by cvs2svn to compensate for changes in r128456,
which included commits to RCS files with non-trunk default branches.
2004-04-20 09:35:04 +00:00
Jacques Vidrine
fe2b6e6689 Repair a regression in OpenSSL 0.9.7d: processing an unsigned PKCS#7
object could cause a null pointer dereference.

Obtained from:	OpenSSL CVS (change number 12080)
MFC After:	1 day
Reported by:	Daniel Lang <dl@leo.org>
2004-04-05 19:01:57 +00:00
Jacques Vidrine
4fd8395954 This commit was generated by cvs2svn to compensate for changes in r127904,
which included commits to RCS files with non-trunk default branches.
2004-04-05 19:01:57 +00:00
Jacques Vidrine
a0c37ec326 Resolve conflicts after import of Heimdal 0.6.1. 2004-04-03 21:31:10 +00:00
Jacques Vidrine
1c43270ada Vendor import of Heimdal 0.6.1. 2004-04-03 21:22:55 +00:00
Jacques Vidrine
090bc474c9 This commit was generated by cvs2svn to compensate for changes in r127808,
which included commits to RCS files with non-trunk default branches.
2004-04-03 21:22:55 +00:00
Jacques Vidrine
902aa2e784 Resolve conflicts after import of OpenSSL 0.9.7d. 2004-03-17 17:44:39 +00:00
Jacques Vidrine
ced566fd0b Vendor import of OpenSSL 0.9.7d. 2004-03-17 15:49:33 +00:00
Jacques Vidrine
8f1200ff6f This commit was generated by cvs2svn to compensate for changes in r127128,
which included commits to RCS files with non-trunk default branches.
2004-03-17 15:49:33 +00:00
Jacques Vidrine
81ac585294 Correct a denial-of-service vulnerability in OpenSSL (CAN-2004-0079).
Obtained from:	OpenSSL CVS (http://cvs.openssl.org/chngview?cn=12033)
2004-03-17 12:11:08 +00:00
Jacques Vidrine
1612471010 This commit was generated by cvs2svn to compensate for changes in r127114,
which included commits to RCS files with non-trunk default branches.
2004-03-17 12:11:08 +00:00
Dag-Erling Smørgrav
d2b1b4f3c5 Correctly document the default value of UsePAM. 2004-03-15 18:38:29 +00:00
Dag-Erling Smørgrav
eea81d70c9 Update VersionAddendum in config files and man pages. 2004-02-26 11:54:03 +00:00
Dag-Erling Smørgrav
98e0062102 Define HAVE_GSSAPI_H. 2004-02-26 11:06:29 +00:00
Dag-Erling Smørgrav
7dbb68c469 Regenerate. 2004-02-26 10:57:38 +00:00
Dag-Erling Smørgrav
3ee07a3a90 Document recently changed configuration defaults. 2004-02-26 10:57:28 +00:00
Dag-Erling Smørgrav
1ec0d75429 Resolve conflicts. 2004-02-26 10:52:33 +00:00
Dag-Erling Smørgrav
efcad6b72f Vendor import of OpenSSH 3.8p1. 2004-02-26 10:38:49 +00:00
Dag-Erling Smørgrav
6b475b41d8 This commit was generated by cvs2svn to compensate for changes in r126274,
which included commits to RCS files with non-trunk default branches.
2004-02-26 10:38:49 +00:00
Dag-Erling Smørgrav
476cd3b2f0 Merge OpenSSH 3.8p1. 2004-02-26 10:38:38 +00:00
Dag-Erling Smørgrav
3aedec2adb Prepare for upcoming 3.8p1 import. 2004-02-26 10:37:34 +00:00
Dag-Erling Smørgrav
028c324ac8 Pull asbesthos underpants on and disable protocol version 1 by default. 2004-02-26 10:24:07 +00:00
Dag-Erling Smørgrav
b909c84bf2 Turn non-PAM password authentication off by default when USE_PAM is
defined.  Too many users are getting bitten by it.
2004-02-19 15:53:31 +00:00
Dag-Erling Smørgrav
c880b0438e Update the "overview of FreeBSD changes to OpenSSH-portable" to reflect
reality.
2004-01-25 13:09:56 +00:00
Dag-Erling Smørgrav
8d71fed0f2 Work around removal of EAI_NODATA from netdb.h. 2004-01-18 22:31:30 +00:00
Jacques Vidrine
ede6693b54 Re-add the FreeBSD RCS keyword for the benefit of mergemaster.
PR:		conf/50040
Requested by:	Dimitry Andric <dim@xs4all.nl>
2004-01-09 14:46:11 +00:00
Dag-Erling Smørgrav
002696701b Don't output the terminating '\0' (already fixed in OpenSSH CVS) 2004-01-09 12:57:36 +00:00
Dag-Erling Smørgrav
2735d723cb This commit was generated by cvs2svn to compensate for changes in r124287,
which included commits to RCS files with non-trunk default branches.
2004-01-09 12:57:36 +00:00
Dag-Erling Smørgrav
f0477b2653 Egg on my face: UsePAM was off by default.
Pointed out by:	Sean McNeil <sean@mcneil.com>
2004-01-09 08:07:12 +00:00
Dag-Erling Smørgrav
a5ac46fb04 Regenerate config.h; I don't know why this didn't hit CVS yesterday. 2004-01-08 09:42:35 +00:00
Dag-Erling Smørgrav
8cf8104b8f Remove obsolete files on the vendor branch. 2004-01-08 09:33:46 +00:00
Dag-Erling Smørgrav
e2fb0b2a6b Update to reflect changes since the last version. 2004-01-07 11:51:18 +00:00
Dag-Erling Smørgrav
cf2b5f3b6d Resolve conflicts and remove obsolete files.
Sponsored by:	registrar.no
2004-01-07 11:16:27 +00:00
Dag-Erling Smørgrav
d95e11bf7e Vendor import of OpenSSH 3.7.1p2. 2004-01-07 11:10:17 +00:00
Dag-Erling Smørgrav
fb7dd0a77c This commit was generated by cvs2svn to compensate for changes in r124208,
which included commits to RCS files with non-trunk default branches.
2004-01-07 11:10:17 +00:00