d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
141,104 Commits 4 Branches 49 Tags 2 GiB
70366e8fcc
Commit Graph

773 Commits

Author SHA1 Message Date
des
a74a69e336 Regenerate; no effect on the code as it doesn't actually use the handful of 
conditionals that changed in this revision.
 2006-10-02 12:45:27 +00:00
des
14ad83d6bf Update configure options and add some missing steps. 
The section about our local changes needs reviewing, and some of those
changes should probably be reconsidered (such as preferring DSA over RSA,
which made sense when RSA was encumbered but probably doesn't any more)
 2006-10-02 12:39:28 +00:00
simon
25dab5b4c1 Import from upstream OpenSSL 0.9.8 branch: 
Fix uninitialized free of ctx in compute_key() when the
OPENSSL_DH_MAX_MODULUS_BITS check is triggered.

This fixes the same issue as FreeBSD-SA-06:23.openssl v1.1.
 2006-10-01 08:09:46 +00:00
simon
ac7fb23be5 This commit was generated by cvs2svn to compensate for changes in r162916, 
which included commits to RCS files with non-trunk default branches.
 2006-10-01 08:09:46 +00:00
simon
de193995a6 Resolve conflicts after import of OpenSSL 0.9.8d. 2006-10-01 07:46:16 +00:00
simon
387e65d767 Vendor import of OpenSSL 0.9.8d. 2006-10-01 07:38:44 +00:00
simon
b2881e9eb1 This commit was generated by cvs2svn to compensate for changes in r162911, 
which included commits to RCS files with non-trunk default branches.
 2006-10-01 07:38:44 +00:00
des
0824f0c0e7 Regenerate. 
MFC after:	1 week
 2006-09-30 13:40:56 +00:00
des
ac038c1070 #include <errno.h>; this has the unfortunate side effect of taking the file 
off the vendor branch.

MFC after:	1 week
 2006-09-30 13:40:35 +00:00
des
0f481d7c8c Removed from vendor branch. 
MFC after:	1 week
 2006-09-30 13:39:35 +00:00
des
e16bfbb7bc Bump version addendum. 
MFC after:	1 week
 2006-09-30 13:39:07 +00:00
des
4ff234ef46 Merge conflicts. 
MFC after:	1 week
 2006-09-30 13:38:06 +00:00
des
2f35ce4773 Vendor import of OpenSSH 4.4p1. 2006-09-30 13:29:51 +00:00
des
abd7c8704b This commit was generated by cvs2svn to compensate for changes in r162852, 
which included commits to RCS files with non-trunk default branches.
 2006-09-30 13:29:51 +00:00
des
97a1b8f884 Merge vendor patch for BSM problem in protocol version 1. 
MFC after:	1 week
 2006-09-16 15:12:58 +00:00
des
03ef9d989b Vendor patch for a problem that prevented using protocol version 1 when 
BSM was enabled.
 2006-09-16 15:10:13 +00:00
simon
22f3e61de2 Correct incorrect PKCS#1 v1.5 padding validation in crypto(3). 
Obtained from:	OpenSSL project
Security:	FreeBSD-SA-06:19.openssl
 2006-09-10 20:16:43 +00:00
simon
76f00e0285 Resolve conflicts after import of OpenSSL 0.9.8b. 
This was missed the first time around since eng_padlock.c was not part
of OpenSSL 0.9.7e and therefor did not have the v0_9_7e CVS tag used
during original resolve of conflicts.

Noticed by:	Antoine Brodin <antoine.brodin@laposte.net>
 2006-07-30 14:17:54 +00:00
simon
870bdce538 Sync FREEBSD-Xlist with what was actually excluded from OpenSSL 0.9.8b 
import.
 2006-07-29 22:40:45 +00:00
simon
00e07ea415 Add some rough notes on how to import a new OpenSSL version into the 
FreeBSD base system.  Parts are inspired by the OpenSSH upgrade notes.
 2006-07-29 22:01:26 +00:00
simon
e07cc0214a Resolve conflicts after import of OpenSSL 0.9.8b. 2006-07-29 19:14:51 +00:00
simon
fb3c70eda8 Vendor import of OpenSSL 0.9.8b 2006-07-29 19:10:21 +00:00
simon
9159ca2b0e This commit was generated by cvs2svn to compensate for changes in r160814, 
which included commits to RCS files with non-trunk default branches.
 2006-07-29 19:10:21 +00:00
des
d9ba51b5fc Our glob(3) has all the required features. 
Submitted by:	ache
 2006-06-09 08:39:05 +00:00
des
a34ad0a5f7 Revert inadvertant commit of debugging code. 2006-06-09 07:23:14 +00:00
des
148092431d Introduce a namespace munging hack inspired by NetBSD to avoid polluting 
the namespace of applications which inadvertantly link in libssh (usually
through pam_ssh)

Suggested by:	lukem@netbsd.org
MFC after:	6 weeks
 2006-05-13 13:47:45 +00:00
des
9c68158992 Fix utmp. There is some clever logic in configure.ac which attempts to 
determine whether struct utmp contains the ut_host and ut_time fields.
Unfortunately, it reports a false negative for both on FreeBSD, and I
didn't check the resulting config.h closely enough to catch the error.

Noticed by:	ache
 2006-03-23 21:31:42 +00:00
des
eb091e1fc6 Regenerate. 2006-03-22 20:41:53 +00:00
des
7c07891caf Merge conflicts. 2006-03-22 20:41:37 +00:00
des
448503722a Vendor import of OpenSSH 4.3p1. 2006-03-22 19:46:12 +00:00
des
c2efe9a305 This commit was generated by cvs2svn to compensate for changes in r157016, 
which included commits to RCS files with non-trunk default branches.
 2006-03-22 19:46:12 +00:00
ru
388e590f95 Reimplementation of world/kernel build options. For details, see: 
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by:	imp, jhb, kris, phk, ru (all bugs are mine)
 2006-03-17 18:54:44 +00:00
dfr
65ca66cee3 Fix the amd64 (and presumably ia64) lib32 build by ensuring that the 
heimdal GSS-API mechanism uses its own version of gssapi.h, including all
the implementation-dependant pollution contained therein.

This moves the file off the vendor branch, sadly.

Submitted by: bz
 2006-01-02 11:28:42 +00:00
dfr
d9cbcb50b5 Add a new extensible GSS-API layer which can support GSS-API plugins, 
similar the the Solaris implementation. Repackage the krb5 GSS mechanism
as a plugin library for the new implementation. This also includes a
comprehensive set of manpages for the GSS-API functions with text mostly
taken from the RFC.

Reviewed by: Love Hörnquist Åstrand <lha@it.su.se>, ru (build system), des (openssh parts)
 2005-12-29 14:40:22 +00:00
cperciva
45ad656456 Correct a man-in-the-middle SSL version rollback vulnerability. 
Security:	FreeBSD-SA-05:21.openssl
 2005-10-11 11:50:36 +00:00
des
fbfe6dd7e0 Regenerate 2005-09-03 07:08:51 +00:00
des
88c7c9558b Resolve conflicts. 2005-09-03 07:04:25 +00:00
des
755a16fa86 Vendor import of OpenSSH 4.2p1. 2005-09-03 06:59:33 +00:00
des
1ea3628aba This commit was generated by cvs2svn to compensate for changes in r149749, 
which included commits to RCS files with non-trunk default branches.
 2005-09-03 06:59:33 +00:00
des
f0dcade643 fine-tune. 2005-09-03 06:42:11 +00:00
kensmith
28b7f562fc This is sort of an MFS. Peter made these changes to the RELENG_* 
branches but missed HEAD.  This patch extends his a little bit,
setting it up via the Makefiles so that adding _FREEFALL_CONFIG
to /etc/make.conf is the only thing needed to cluster-ize things
(current setup also requires overriding CFLAGS).

From Peter's commit to the RELENG_* branches:
> Add the freebsd.org custer's source modifications under #ifdefs to aid
> keeping things in sync.  For ksu:
> * install suid-root by default
> * don't fall back to asking for a unix password (ie: be pure kerberos)
> * allow custom user instances for things like www and not just root

The Makefile tweaks will be MFC-ed, the rest is already done.

MFC after:      3 days
Approved by:    re (dwhite)
 2005-07-07 14:16:38 +00:00
des
af7fe6f7d6 Forgot to bump the version addendum. 2005-06-05 18:30:53 +00:00
des
ec61b1c40a Regenerate. 2005-06-05 15:46:27 +00:00
des
983ad11a1c Resolve conflicts. 2005-06-05 15:46:09 +00:00
des
3c5bc6b274 Update for 4.1p1. 2005-06-05 15:43:57 +00:00
des
c4dfc1ed3b Vendor import of OpenSSH 4.1p1. 2005-06-05 15:41:57 +00:00
des
35c298a910 This commit was generated by cvs2svn to compensate for changes in r147001, 
which included commits to RCS files with non-trunk default branches.
 2005-06-05 15:41:57 +00:00
des
11a09ab416 Vendor import of OpenSSH 4.0p1. 2005-06-05 15:40:50 +00:00
des
7688286f9d This commit was generated by cvs2svn to compensate for changes in r146998, 
which included commits to RCS files with non-trunk default branches.
 2005-06-05 15:40:50 +00:00
des
9230b25dd7 Rewrite some of the regexps so they don't match themselves. 2005-06-04 23:18:33 +00:00
nectar
21cef1ac2a File removed in update from OpenSSL 0.9.7d -> 0.9.7e. 2005-02-25 06:22:30 +00:00
nectar
3c8d7d9993 Remove files that are no longer part of OpenSSL from the vendor 
branch.  This time, these are mostly the `Makefile.ssl' files.
 2005-02-25 06:14:53 +00:00
nectar
0d4d2c2cec This commit was generated by cvs2svn to compensate for changes in r142430, 
which included commits to RCS files with non-trunk default branches.
 2005-02-25 06:14:53 +00:00
nectar
ced877b043 Resolve conflicts after import of OpenSSL 0.9.7e. 2005-02-25 05:49:44 +00:00
nectar
78a59572b3 Vendor import of OpenSSL 0.9.7e. 2005-02-25 05:39:05 +00:00
nectar
52bc459a40 This commit was generated by cvs2svn to compensate for changes in r142425, 
which included commits to RCS files with non-trunk default branches.
 2005-02-25 05:39:05 +00:00
nectar
a876e908ea Update list of files to remove prior to import of OpenSSL 0.9.7e. 2005-02-25 05:31:23 +00:00
nectar
a55ec1447a Clean up the OpenSSL vendor branch by removing files that are not 
part of recent releases.
 2005-02-25 05:25:37 +00:00
nectar
86364e2030 This commit was generated by cvs2svn to compensate for changes in r142421, 
which included commits to RCS files with non-trunk default branches.
 2005-02-25 05:25:37 +00:00
nectar
2565fa1348 Vendor import of Heimdal 0.6.3. 2005-02-24 22:22:53 +00:00
nectar
cf46be8ba9 This commit was generated by cvs2svn to compensate for changes in r142403, 
which included commits to RCS files with non-trunk default branches.
 2005-02-24 22:22:53 +00:00
nectar
3dc1e39cf7 Do not include lib/kdfs in future imports. 2005-02-24 22:17:13 +00:00
nectar
1473734316 Remove lib/kdfs from vendor branch: we do not build it, and it will not 
be included in future imports.
 2005-02-24 22:16:35 +00:00
nectar
412870c336 Clean up the Heimdal vendor branch by removing files not included in 
any import for several years.

If memory serves, this was
Suggested by:	ru
an awfully long time ago-- sorry for the delay!
 2005-02-24 22:14:04 +00:00
des
2ed082fd66 Better Xlist command line. 2004-10-28 16:13:28 +00:00
des
a744ec13ad Resolve conflicts 2004-10-28 16:11:31 +00:00
des
d5d493f03a Vendor import of OpenSSH 3.9p1. 2004-10-28 16:03:53 +00:00
des
b0cdf22191 This commit was generated by cvs2svn to compensate for changes in r137015, 
which included commits to RCS files with non-trunk default branches.
 2004-10-28 16:03:53 +00:00
des
0a4f1e0cd4 These are unnecessary and have been causing imp@ trouble. 2004-10-27 19:07:36 +00:00
markm
1659a5207b Add support for C3 Nehemiah ACE ("Padlock") AES crypto. This comes 
from OpenSSL 0.9.5 (yet to be released), and is pretty complete.
 2004-08-14 13:38:35 +00:00
markm
402a1009de Bring in support for VIA C3 Nehemiah Padlock crypto support (AES). 
This is from the upcoming OpenSSL 0.9.8 release.
 2004-08-13 19:37:23 +00:00
markm
d57fb14ce4 This commit was generated by cvs2svn to compensate for changes in r133665, 
which included commits to RCS files with non-trunk default branches.
 2004-08-13 19:37:23 +00:00
des
aaa4408d55 Regenerate. 2004-04-20 09:49:37 +00:00
des
6e7fa35a0a One more conflict. 2004-04-20 09:47:13 +00:00
des
e5d801b2d6 Resolve conflicts. 2004-04-20 09:46:41 +00:00
des
efa3572464 Adjust version number and addendum. 2004-04-20 09:37:29 +00:00
des
c69db9c5a2 Vendor import of OpenSSH 3.8.1p1. 2004-04-20 09:35:04 +00:00
des
13038249fe This commit was generated by cvs2svn to compensate for changes in r128456, 
which included commits to RCS files with non-trunk default branches.
 2004-04-20 09:35:04 +00:00
nectar
4f072b64b0 Repair a regression in OpenSSL 0.9.7d: processing an unsigned PKCS#7 
object could cause a null pointer dereference.

Obtained from:	OpenSSL CVS (change number 12080)
MFC After:	1 day
Reported by:	Daniel Lang <dl@leo.org>
 2004-04-05 19:01:57 +00:00
nectar
e0710a2e71 This commit was generated by cvs2svn to compensate for changes in r127904, 
which included commits to RCS files with non-trunk default branches.
 2004-04-05 19:01:57 +00:00
nectar
26e61e0326 Resolve conflicts after import of Heimdal 0.6.1. 2004-04-03 21:31:10 +00:00
nectar
bfc5316dea Vendor import of Heimdal 0.6.1. 2004-04-03 21:22:55 +00:00
nectar
0b7467aa1d This commit was generated by cvs2svn to compensate for changes in r127808, 
which included commits to RCS files with non-trunk default branches.
 2004-04-03 21:22:55 +00:00
nectar
2283471bb5 Resolve conflicts after import of OpenSSL 0.9.7d. 2004-03-17 17:44:39 +00:00
nectar
0f095e8a2a Vendor import of OpenSSL 0.9.7d. 2004-03-17 15:49:33 +00:00
nectar
15b921d648 This commit was generated by cvs2svn to compensate for changes in r127128, 
which included commits to RCS files with non-trunk default branches.
 2004-03-17 15:49:33 +00:00
nectar
e8232d78ab Correct a denial-of-service vulnerability in OpenSSL (CAN-2004-0079). 
Obtained from:	OpenSSL CVS (http://cvs.openssl.org/chngview?cn=12033)
 2004-03-17 12:11:08 +00:00
nectar
5899dbda42 This commit was generated by cvs2svn to compensate for changes in r127114, 
which included commits to RCS files with non-trunk default branches.
 2004-03-17 12:11:08 +00:00
des
2fe413a41a Correctly document the default value of UsePAM. 2004-03-15 18:38:29 +00:00
des
437b8c0fdd Update VersionAddendum in config files and man pages. 2004-02-26 11:54:03 +00:00
des
c05d4b9b43 Define HAVE_GSSAPI_H. 2004-02-26 11:06:29 +00:00
des
77d6d5a07e Regenerate. 2004-02-26 10:57:38 +00:00
des
c7ba229763 Document recently changed configuration defaults. 2004-02-26 10:57:28 +00:00
des
124c4a1415 Resolve conflicts. 2004-02-26 10:52:33 +00:00
des
7d1750f1d6 Vendor import of OpenSSH 3.8p1. 2004-02-26 10:38:49 +00:00
des
1754c77e5e This commit was generated by cvs2svn to compensate for changes in r126274, 
which included commits to RCS files with non-trunk default branches.
 2004-02-26 10:38:49 +00:00
des
b1ffd1f6ac Merge OpenSSH 3.8p1. 2004-02-26 10:38:38 +00:00
des
270e7d7140 Prepare for upcoming 3.8p1 import. 2004-02-26 10:37:34 +00:00
des
85717525b0 Pull asbesthos underpants on and disable protocol version 1 by default. 2004-02-26 10:24:07 +00:00
des
49dee586c1 Turn non-PAM password authentication off by default when USE_PAM is 
defined.  Too many users are getting bitten by it.
 2004-02-19 15:53:31 +00:00