Commit Graph

1024 Commits

Author SHA1 Message Date
delphij
cc30da3fe1 Update userland arc4random() with OpenBSD's Chacha20 based arc4random().
ObsoleteFiles.inc:

    Remove manual pages for arc4random_addrandom(3) and
    arc4random_stir(3).

  contrib/ntp/lib/isc/random.c:
  contrib/ntp/sntp/libevent/evutil_rand.c:

    Eliminate in-tree usage of arc4random_addrandom().

  crypto/heimdal/lib/roken/rand.c:
  crypto/openssh/config.h:

    Eliminate in-tree usage of arc4random_stir().

  include/stdlib.h:

    Remove arc4random_stir() and arc4random_addrandom() prototypes,
    provide temporary shims for transistion period.

  lib/libc/gen/Makefile.inc:

    Hook arc4random-compat.c to build, add hint for Chacha20 source for
    kernel, and remove arc4random_addrandom(3) and arc4random_stir(3)
    links.

  lib/libc/gen/arc4random.c:

    Adopt OpenBSD arc4random.c,v 1.54 with bare minimum changes, use the
    sys/crypto/chacha20 implementation of keystream.

  lib/libc/gen/Symbol.map:

    Remove arc4random_stir and arc4random_addrandom interfaces.

  lib/libc/gen/arc4random.h:

    Adopt OpenBSD arc4random.h,v 1.4 but provide _ARC4_LOCK of our own.

  lib/libc/gen/arc4random.3:

    Adopt OpenBSD arc4random.3,v 1.35 but keep FreeBSD r114444 and
    r118247.

  lib/libc/gen/arc4random-compat.c:

    Compatibility shims for arc4random_stir and arc4random_addrandom
    functions to preserve ABI.  Log once when called but do nothing
    otherwise.

  lib/libc/gen/getentropy.c:
  lib/libc/include/libc_private.h:

    Fold __arc4_sysctl into getentropy.c (renamed to arnd_sysctl).
    Remove from libc_private.h as a result.

  sys/crypto/chacha20/chacha.c:
  sys/crypto/chacha20/chacha.h:

    Make it possible to use the kernel implementation in libc.

PR:		182610
Reviewed by:	cem, markm
Obtained from:	OpenBSD
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D16760
2018-08-19 17:40:50 +00:00
jkim
58e331e535 Merge OpenSSL 1.0.2p. 2018-08-14 17:48:02 +00:00
jkim
aae9fa3e7b Import OpenSSL 1.0.2p. 2018-08-14 16:18:14 +00:00
des
22c418c243 Merge upstream patch to unbreak tunnel forwarding.
Reported by:	cy@
2018-05-16 14:04:39 +00:00
des
13e42418d1 Upgrade to OpenSSH 7.7p1. 2018-05-11 13:22:43 +00:00
des
271dcc6a42 Upgrade to OpenSSH 7.6p1. This will be followed shortly by 7.7p1.
This completely removes client-side support for the SSH 1 protocol,
which was already disabled in 12 but is still enabled in 11.  For that
reason, we will not be able to merge 7.6p1 or newer back to 11.
2018-05-08 23:13:11 +00:00
des
8598cec90a Update the repository URLs. 2018-05-06 13:21:44 +00:00
jkim
28f14cb177 Merge OpenSSL 1.0.2o. 2018-03-27 17:17:58 +00:00
jkim
11cb1242eb Import OpenSSL 1.0.2o. 2018-03-27 17:03:01 +00:00
jkim
0d5f9444cc Add declaration of SSL_get_selected_srtp_profile() for OpenSSL.
Because there was an extra declaration in the vendor version, we locally
removed the second one in r238405 with 1.0.1c.  Later, upstream fixed it in
1.0.2d but they removed the first one.  Therefore, both were removed in our
version unfortunately.  Now we revert to the vendor one to re-add it.

MFC after:		3 days
Differential Revision:	https://reviews.freebsd.org/D10525
2018-01-25 23:38:05 +00:00
jkim
2aa41898b2 Merge OpenSSL 1.0.2n. 2017-12-07 18:02:57 +00:00
jkim
dcf22e716a Import OpenSSL 1.0.2n. 2017-12-07 17:37:15 +00:00
jkim
9d098cf136 Merge OpenSSL 1.0.2m. 2017-11-02 18:04:29 +00:00
jkim
2de67e0c30 Import OpenSSL 1.0.2m. 2017-11-02 17:35:19 +00:00
des
a2e5565774 Upgrade to OpenSSH 7.5p1. 2017-08-04 12:57:24 +00:00
delphij
3bf5fef4d3 MFV r320905: Import upstream fix for CVE-2017-11103.
In _krb5_extract_ticket() the KDC-REP service name must be obtained from
encrypted version stored in 'enc_part' instead of the unencrypted version
stored in 'ticket'.  Use of the unecrypted version provides an
opportunity for successful server impersonation and other attacks.

Submitted by:	hrs
Obtained from:	Heimdal
Security:	FreeBSD-SA-17:05.heimdal
Security:	CVE-2017-11103
2017-07-12 07:19:06 +00:00
jkim
986f17341f Merge OpenSSL 1.0.2l. 2017-05-25 20:52:16 +00:00
jkim
c81d3e3cad Import OpenSSL 1.0.2l. 2017-05-25 19:38:38 +00:00
lidl
64d41a9ba5 Refine and update blacklist support in sshd
Adjust notification points slightly to catch all auth failures,
rather than just the ones caused by bad usernames.

Modify notification point for bad usernames to send new type of
BLACKLIST_BAD_USER. (Support in libblacklist will be forthcoming soon.)
Add guards to allow library headers to expose the enum of action values.

Reviewed by:	des
Approved by:	des
Sponsored by:	The FreeBSD Foundation
2017-05-12 15:20:12 +00:00
andrew
fc2648bb76 Fix linking with lld by marking OPENSSL_armcap_P as hidden.
Linking with lld fails as it contains a relative address, however the data
this address is for may be relocated from the shared object to the main
executable.

Fix this by adding the hidden attribute. This stops moving this value to
the main executable. It seems this is implicit upstream as it uses a
version script.

Approved by:	jkim
Sponsored by:	DARPA, AFRL
2017-04-07 12:41:57 +00:00
des
c995370269 Upgrade to OpenSSH 7.4p1. 2017-03-06 01:37:05 +00:00
des
229b651a25 Re-apply part of r311585 which was inadvertantly reverted in the upgrade
to 7.3p1.  The other part (which adds -DLIBWRAP to sshd's CFLAGS) is
still in place.

Reported by:	ngie
2017-03-03 14:25:55 +00:00
des
0f3c0d66a4 Forgot to bump the version addendum date. 2017-03-03 01:50:10 +00:00
des
dc519490bb Upgrade to OpenSSH 7.3p1. 2017-03-02 00:11:32 +00:00
imp
7e6cabd06e Renumber copyright clause 4
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.

Submitted by:	Jan Schaumann <jschauma@stevens.edu>
Pull Request:	https://github.com/freebsd/freebsd/pull/96
2017-02-28 23:42:47 +00:00
des
427bf4fd96 Avoid picking up MIT Kerberos from ports (if installed). 2017-02-26 19:00:55 +00:00
des
308f28721f Fix amusingly harmless mis-merge. 2017-02-26 16:34:58 +00:00
lidl
fd982d3dfd Only notify blacklistd for successful logins in auth.c
Reported by:	Rick Adams
Reviewed by:	des
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2017-02-19 20:35:39 +00:00
jkim
4834c2f7b9 Merge OpenSSL 1.0.2k. 2017-01-26 19:10:29 +00:00
jkim
d6ae4fddb5 Import OpenSSL 1.0.2k. 2017-01-26 18:32:12 +00:00
delphij
db4ad7afa3 MFV r311913:
Fix multiple OpenSSH vulnerabilities.

Submitted by:	des
Approved by:	so
2017-01-11 05:49:39 +00:00
ngie
078b533dd4 Conditionalize building libwrap support into sshd
Only build libwrap support into sshd if MK_TCP_WRAPPERS != no

This will unbreak the build if libwrap has been removed from the system

MFC after:	2 weeks
PR:		210141
Submitted by:	kpect@protonmail.com
Differential Revision:	D9049
2017-01-07 08:08:35 +00:00
delphij
40a7840d69 MFV r308196:
Fix OpenSSH remote Denial of Service vulnerability.

Security:	CVE-2016-8858
2016-11-02 06:49:25 +00:00
jkim
8fe6e36c80 Build OpenSSL assembly sources for aarch64. Tested with ThunderX by andrew. 2016-10-26 20:02:22 +00:00
jkim
665faf046c Merge OpenSSL 1.0.2j. 2016-09-26 14:22:17 +00:00
jkim
8a88e44577 Import OpenSSL 1.0.2j. 2016-09-26 14:13:11 +00:00
jkim
97091e1369 Merge OpenSSL 1.0.2i. 2016-09-22 13:27:44 +00:00
jkim
301c0382f7 Import OpenSSL 1.0.2i. 2016-09-22 13:04:03 +00:00
lidl
7235884959 Add refactored blacklist support to sshd
Change the calls to of blacklist_init() and blacklist_notify to be
macros defined in the blacklist_client.h file.  This avoids
the need for #ifdef USE_BLACKLIST / #endif except in the
blacklist.c file.

Remove redundent initialization attempts from within
blacklist_notify - everything always goes through
blacklistd_init().

Added UseBlacklist option to sshd, which defaults to off.
To enable the functionality, use '-o UseBlacklist=yes' on
the command line, or uncomment in the sshd_config file.

Reviewed by:	des
Approved by:	des
MFC after:		1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D7051
2016-08-30 14:09:24 +00:00
jkim
690cff5182 Build OpenSSL assembly sources for arm. Tested with Raspberry Pi 2 Model B.
MFC after:	1 week
2016-08-22 20:59:34 +00:00
emaste
a5b76e1c59 Remove duplicate symbol from libhx509 version-script.map
Upstream commit r21331 (7758a5d0) added semiprivate function
_hx509_request_to_pkcs10 twice. This change has been committed upstream
as 8ef0071d.
2016-08-22 18:50:57 +00:00
des
291f74b116 Try to check whether each key file exists before adding it, and bail out
if we didn't find any of them.  This reduces log spam about key files for
deprecated algorithms, which we look for but don't generate.

PR:		208254
MFC after:	3 days
2016-08-08 10:46:18 +00:00
des
7b7845b35c Remove DSA from default cipher list and disable SSH1.
Upstream did this a long time ago, but we kept DSA and SSH1 in FreeBSD for
reasons which boil down to POLA.  Now is a good time to catch up.

MFC after:	3 days
Relnotes:	yes
2016-08-03 16:08:21 +00:00
emaste
296c49e36f Remove duplicate symbols from libroken version-script.map
Upstream commit r24759 (efed563) prefixed some symbols with rk_, but
introduced 6 duplicate symbols in the version script (because the
rk_-prefixed versions of the symbols were already present).
2016-07-21 18:12:39 +00:00
gjb
7095173950 Revert r301551, which added blacklistd(8) to sshd(8).
This change has functional impact, and other concerns raised
by the OpenSSH maintainer.

Requested by:	des
PR:		210479 (related)
Approved by:	re (marius)
Sponsored by:	The FreeBSD Foundation
2016-06-24 23:22:42 +00:00
lidl
9b5f176b51 Add blacklist support to sshd
Reviewed by:	rpaulo
Approved by:	rpaulo (earlier version of changes)
Relnotes:	YES
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D5915
2016-06-07 16:18:09 +00:00
avg
1926b48f81 openssl: change SHLIB_VERSION_NUMBER to reflect the reality
Some consumers actually use this definition.

We probably need some procedure to ensure that SHLIB_VERSION_NUMBER
is updated whenever we change the library version in
secure/lib/libssl/Makefile.
2016-06-03 14:09:38 +00:00
cem
2bcae162c5 libkrb5: Fix potential double-free
If krb5_make_principal fails, tmp_creds.server may remain a pointer to freed
memory and then be double-freed.  After freeing it the first time, initialize
it to NULL, which causes subsequent krb5_free_principal calls to do the right
thing.

Reported by:	Coverity
CID:		1273430
Sponsored by:	EMC / Isilon Storage Division
2016-05-11 23:25:59 +00:00
jkim
00a878d06e Merge OpenSSL 1.0.2h.
Relnotes:	yes
2016-05-03 18:50:10 +00:00
jkim
acb827e308 Import OpenSSL 1.0.2h. 2016-05-03 18:00:27 +00:00