Commit Graph

513 Commits

Author SHA1 Message Date
des
00f3582ac6 Upgrade OpenSSH to 6.1p1. 2012-09-03 16:51:41 +00:00
jkim
d3ee564849 Sort ASM definitions by crypto module for slightly easier maintenance.
Specifically, GHASH_ASM belongs to crypto/modes.
2012-07-12 21:31:53 +00:00
jkim
e393e47b1e Merge OpenSSL 1.0.1c.
Approved by:	benl (maintainer)
2012-07-12 19:30:53 +00:00
jkim
1b7001386c Regen ca(1) for r237658. This re-applies r227458, i.e., add a missing "be". 2012-06-27 21:35:45 +00:00
jkim
299ab12592 Merge OpenSSL 0.9.8x.
Reviewed by:	stas
Approved by:	benl (maintainer)
MFC after:	3 days
2012-06-27 18:44:36 +00:00
bz
d2e144fbe8 Update the previous openssl fix. [12:01]
Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]

Security:	FreeBSD-SA-12:01.openssl (revised)
Security:	FreeBSD-SA-12:02.crypt
Approved by:	so (bz, simon)
2012-05-30 12:01:28 +00:00
eadler
a3eef43dfb Restore the ability to use a non-standard LOCALBASE to sshd
Add the ability to use a non-standard LOCALBASE to ssh

Submitted by:	jhb
Reviewed by:	des
Approved by:	cperciva
MFC after:	0 days (with r233136)
2012-03-24 19:41:43 +00:00
eadler
dda1767423 X11BASE is not used any more and has been killed by the x11 team.
Reviewed by:	???
Approved by:	???
MFC after:	3 days
2012-03-19 00:41:40 +00:00
kevlo
cf70964fbe Return NULL on error rather than ":", per the crypt(3) man page.
Discussed in: http://www.openwall.com/lists/oss-security/2011/11/15/3
2012-02-22 01:23:14 +00:00
kib
a56c72dcf2 Force linker error when created shared library contains a relocation
against text. Provide the override switch to turn off the strict
behaviour. Apparently, openssl libcrypto needs it due to assembler
code not being PIC.

Discussed with:	bf
MFC after:	2 weeks
2011-12-06 11:28:17 +00:00
eadler
8710aaed7e - add a missing "be" and "in"
- fix other errors introduced when committing r226436
- add 'function' to a sentence where it makes sense

Submitted by:	delphij
Submitted by:	dougb
Submitted by:	jhb
Approved by:	dougb
Approved by:	jhb
2011-11-11 22:27:09 +00:00
eadler
9d7884364e - change "is is" to "is" or "it is"
- change "the the" to "the"

Approved by:	lstewart
Approved by:	sahil (mentor)
MFC after:	3 days
2011-10-16 14:30:28 +00:00
des
038442ad80 Upgrade to OpenSSH 5.9p1.
MFC after:	3 months
2011-10-05 22:08:17 +00:00
des
ee2afa8165 Upgrade to OpenSSH 5.8p2. 2011-05-04 07:34:44 +00:00
dim
f58eeaae2e Fix some leftover binaries and shared libraries in the system that still
have an executable stack, due to linking in hand-assembled .S or .s
files, that have no .GNU-stack sections:

RWX --- ---  /lib/libcrypto.so.6
RWX --- ---  /lib/libmd.so.5
RWX --- ---  /lib/libz.so.6
RWX --- ---  /lib/libzpool.so.2
RWX --- ---  /usr/lib/liblzma.so.5

These were found using scanelf, from the sysutils/pax-utils port.

Reviewed by:	kib
2011-02-15 22:03:09 +00:00
simon
9fbb25bbe9 Regenerate manual pages for OpenSSL 0.9.8q. 2010-12-03 23:07:45 +00:00
simon
baef745205 Regenerate manual pages for OpenSSL 0.9.8p. 2010-11-22 18:29:00 +00:00
brucec
7adc5f91cf Revert changes of 'assure' to 'ensure' made in r211936.
Approved by: rrs (mentor)
2010-09-11 10:49:56 +00:00
brucec
76d7244728 Fix incorrect usage of 'assure' and 'insure'.
Approved by: rrs (mentor)
2010-08-28 16:32:01 +00:00
nwhitehorn
02bb2a078e Repair some build breakage introduced in r211725 and garbage collect some
code made obsolete in the same commit.
2010-08-28 15:03:11 +00:00
imp
c3a399c4ba MFtbemd:
Prefer MACHNE_CPUARCH to MACHINE_ARCH in most contexts where you want
to test of all the CPUs of a given family conform.
2010-08-23 22:24:11 +00:00
will
10d63a94a9 Fix buildworld -DNO_CLEAN when using with Perforce, which marks files as
read-only by default, meaning files copied can't be overwritten next time.

Reviewed by:	imp
Approved by:	ken (mentor)
2010-08-12 20:46:49 +00:00
jchandra
01b896d030 Whitespace fix for last check-in, move empty line to below endif. 2010-08-04 10:46:17 +00:00
jchandra
c9129e2aad MIPS 64 bit support.
When compiled for MIPS n64 ABI
- DES_LONG should be 'unsigned int'
- BN_LLONG should be undefined
- SIXTY_FOUR_BIT_LONG should be defined.
2010-08-04 10:42:06 +00:00
nwhitehorn
20410e1e6b OpenSSL configuration for powerpc64
Obtained from:	projects/ppc64
2010-07-10 22:07:48 +00:00
simon
71c5308c9f Regenerate manual pages for OpenSSL 0.9.8n. 2010-04-01 15:37:38 +00:00
simon
610601c2d2 - Make it slightly simpler to update OpenSSL version information
for regenerating OpenSSL manual pages.
- Explicitly set the OpenSSL release date so manual pages contain
  the date OpenSSL was released and not just the date OpenSSL was
  imported into the FreeBSD base system.
- Update for Makefile for OpenSSL 0.9.8n.
2010-04-01 15:35:29 +00:00
simon
497b0c9195 Regenerate manual pages for OpenSSL 0.9.8m.
MFC after:	3 weeks
2010-03-13 19:30:29 +00:00
simon
0d816bbd98 Merge OpenSSL 0.9.8m into head.
This also "reverts" some FreeBSD local changes so we should now
be back to using entirely stock OpenSSL.  The local changes were
simple $FreeBSD$ lines additions, which were required in the CVS
days, and the patch for FreeBSD-SA-09:15.ssl which has been
superseded with OpenSSL 0.9.8m's RFC5746 'TLS renegotiation
extension' support.

MFC after:	3 weeks
2010-03-13 19:22:41 +00:00
des
42dc39ae95 Revert r204939 2010-03-10 11:33:15 +00:00
des
669390562f Forgot to svn add the Makefile. 2010-03-10 11:05:31 +00:00
dougb
35111cb336 Fix the build. The ssh-pkcs11-helper directory is empty, which is
causing confusion.
2010-03-10 02:17:57 +00:00
des
c3510f9e73 Upgrade to OpenSSH 5.4p1.
MFC after:	1 month
2010-03-09 19:16:43 +00:00
ru
14768b6db6 (Almost) fixed static linkage. The remaining problem is with
libgssapi.a and libgssapi_krb5.a libraries that define the
same symbols.
2010-02-26 12:12:54 +00:00
des
5988230c5c Fix 'make checkdpadd'
Submitted by:	ru@
2010-02-25 22:44:23 +00:00
des
c4824258ac Remove -static; it was a failed experiment that got committed by accident. 2010-02-25 21:26:50 +00:00
ed
09818ac28e Build lib/ with WARNS=6 by default.
Similar to libexec/, do the same with lib/. Make WARNS=6 the norm and
lower it when needed.

I'm setting WARNS?=0 for secure/. It seems secure/ includes the
Makefile.inc provided by lib/. I'm not going to touch that directory.
Most of the code there is contributed anyway.
2010-01-02 09:58:07 +00:00
trasz
76eb2bb5eb Remove pppd, it's gone. 2009-12-29 20:14:39 +00:00
des
ca406db9c3 Fix globbing
Noticed by:	delphij, David Cornejo <dave@dogwood.com>
Forgotten by:	des
2009-11-10 09:45:43 +00:00
jhb
b4a2916c56 Fix a couple of comment typos.
MFC after:	1 week
2009-11-03 18:40:42 +00:00
des
c6a1085fef Upgrade to OpenSSH 5.3p1. 2009-10-01 17:12:52 +00:00
kensmith
9c2c634ee9 Bump the version of all non-symbol-versioned shared libraries in
preparation for 8.0-RELEASE.  Add the previous version of those
libraries to ObsoleteFiles.inc and bump __FreeBSD_Version.

Reviewed by:    kib
Approved by:    re (rwatson)
2009-07-19 17:25:24 +00:00
cperciva
45e5ee4e4a Remove build timestamps from the following files:
/boot/kernel/hptrr.ko
/etc/mail/*.cf
/lib/libcrypto.so.5
/usr/bin/ntpq
/usr/sbin/amd
/usr/sbin/iasl
/usr/sbin/ntpd
/usr/sbin/ntpdate
/usr/sbin/ntpdc

There does not appear to be any purpose to having these timestamps, and
they have the irritating consequence that the aforementioned files will
be different every time they are rebuilt.

After this commit, the only remaining build timestamps are in the kernel,
the boot loaders, /usr/include/osreldate.h (the year in the copyright
notice), and lib*.a (the timestamps on all of the included .o files).

Reviewed by:	scottl (hptrr), gshapiro (sendmail), simon (openssl),
		roberto (ntp), jkim (acpica)
Approved by:	re (kib)
2009-07-11 22:30:37 +00:00
jhb
056d36800b Use the closefrom(2) system call.
Reviewed by:	des
2009-06-16 15:30:10 +00:00
simon
c2624ed238 Regenerate manual pages for OpenSSL 0.9.8k. 2009-06-14 19:51:05 +00:00
simon
55bfce5e08 Update build infrastructure for OpenSSL 0.9.8k. 2009-06-14 19:46:18 +00:00
des
8bf56a9772 Upgrade to OpenSSH 5.2p1.
MFC after:	3 months
2009-05-22 18:46:28 +00:00
csjp
574ec4344c Enable getaudit_addr(2) for sshd again. This will un-break the subject
BSM audit tokens for IPv6.
2008-11-30 15:35:24 +00:00
des
b7aa600c41 Upgrade to OpenSSH 5.1p1.
I have worked hard to reduce diffs against the vendor branch.  One
notable change in that respect is that we no longer prefer DSA over
RSA - the reasons for doing so went away years ago.  This may cause
some surprises, as ssh will warn about unknown host keys even for
hosts whose keys haven't changed.

MFC after:	6 weeks
2008-08-01 02:48:36 +00:00
imp
fea35767dd Merge from p4:
Implement openssl config needed for mips.

Submitted by:	gonzo@
Reviewed by:	simon@
2008-07-23 17:38:33 +00:00