aboutsummaryrefslogtreecommitdiff
path: root/crypto
Commit message (Collapse)AuthorAgeFilesLines
* Build OpenSSL assembly sources for arm. Tested with Raspberry Pi 2 Model B.Jung-uk Kim2016-08-222-3/+3
| | | | | | | MFC after: 1 week Notes: svn path=/head/; revision=304636
* Remove duplicate symbol from libhx509 version-script.mapEd Maste2016-08-221-1/+0
| | | | | | | | | Upstream commit r21331 (7758a5d0) added semiprivate function _hx509_request_to_pkcs10 twice. This change has been committed upstream as 8ef0071d. Notes: svn path=/head/; revision=304624
* Try to check whether each key file exists before adding it, and bail outDag-Erling Smørgrav2016-08-081-10/+15
| | | | | | | | | | | if we didn't find any of them. This reduces log spam about key files for deprecated algorithms, which we look for but don't generate. PR: 208254 MFC after: 3 days Notes: svn path=/head/; revision=303832
* Remove DSA from default cipher list and disable SSH1.Dag-Erling Smørgrav2016-08-037-40/+19
| | | | | | | | | | | Upstream did this a long time ago, but we kept DSA and SSH1 in FreeBSD for reasons which boil down to POLA. Now is a good time to catch up. MFC after: 3 days Relnotes: yes Notes: svn path=/head/; revision=303716
* Remove duplicate symbols from libroken version-script.mapEd Maste2016-07-211-6/+0
| | | | | | | | | Upstream commit r24759 (efed563) prefixed some symbols with rk_, but introduced 6 duplicate symbols in the version script (because the rk_-prefixed versions of the symbols were already present). Notes: svn path=/head/; revision=303156
* Revert r301551, which added blacklistd(8) to sshd(8).Glen Barber2016-06-248-145/+0
| | | | | | | | | | | | | This change has functional impact, and other concerns raised by the OpenSSH maintainer. Requested by: des PR: 210479 (related) Approved by: re (marius) Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=302182
* Add blacklist support to sshdKurt Lidl2016-06-078-0/+145
| | | | | | | | | | | Reviewed by: rpaulo Approved by: rpaulo (earlier version of changes) Relnotes: YES Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D5915 Notes: svn path=/head/; revision=301551
* openssl: change SHLIB_VERSION_NUMBER to reflect the realityAndriy Gapon2016-06-031-1/+1
| | | | | | | | | | | Some consumers actually use this definition. We probably need some procedure to ensure that SHLIB_VERSION_NUMBER is updated whenever we change the library version in secure/lib/libssl/Makefile. Notes: svn path=/head/; revision=301271
* libkrb5: Fix potential double-freeConrad Meyer2016-05-111-0/+1
| | | | | | | | | | | | | | If krb5_make_principal fails, tmp_creds.server may remain a pointer to freed memory and then be double-freed. After freeing it the first time, initialize it to NULL, which causes subsequent krb5_free_principal calls to do the right thing. Reported by: Coverity CID: 1273430 Sponsored by: EMC / Isilon Storage Division Notes: svn path=/head/; revision=299495
* Merge OpenSSL 1.0.2h.Jung-uk Kim2016-05-0367-263/+1117
|\ | | | | | | | | | | | | Relnotes: yes Notes: svn path=/head/; revision=298998
| * Import OpenSSL 1.0.2h.vendor/openssl/1.0.2hJung-uk Kim2016-05-0338-122/+334
| | | | | | | | | | Notes: svn path=/vendor-crypto/openssl/dist/; revision=298991 svn path=/vendor-crypto/openssl/1.0.2h/; revision=298992; tag=vendor/openssl/1.0.2h
* | Re-add AES-CBC ciphers to the default cipher list on the server.Dag-Erling Smørgrav2016-03-113-4/+12
| | | | | | | | | | | | | | PR: 207679 Notes: svn path=/head/; revision=296634
* | Upgrade to OpenSSH 7.2p2.Dag-Erling Smørgrav2016-03-11140-3291/+5765
|\ \ | | | | | | | | | Notes: svn path=/head/; revision=296633
* \ \ Merge OpenSSL 1.0.2g.Jung-uk Kim2016-03-0183-1318/+2668
|\ \ \ | | |/ | |/| | | | | | | | | | | | | Relnotes: yes Notes: svn path=/head/; revision=296279
| * | Import OpenSSL 1.0.2g.vendor/openssl/1.0.2gJung-uk Kim2016-03-0140-1046/+1741
| | | | | | | | | | | | | | | Notes: svn path=/vendor-crypto/openssl/dist/; revision=296273 svn path=/vendor-crypto/openssl/1.0.2g/; revision=296274; tag=vendor/openssl/1.0.2g
* | | Document our modified default value for PermitRootLogin.Dag-Erling Smørgrav2016-02-022-2/+2
| | | | | | | | | | | | Notes: svn path=/head/; revision=295139
* | | Merge OpenSSL 1.0.2f.Jung-uk Kim2016-01-28136-443/+844
|\| | | | | | | | | | | | | | | | | | | | Relnotes: yes Notes: svn path=/head/; revision=295009
| * | Import OpenSSL 1.0.2f.vendor/openssl/1.0.2fJung-uk Kim2016-01-2896-153/+370
| | | | | | | | | | | | | | | Notes: svn path=/vendor-crypto/openssl/dist/; revision=295001 svn path=/vendor-crypto/openssl/1.0.2f/; revision=295002; tag=vendor/openssl/1.0.2f
* | | Switch UseDNS back onDag-Erling Smørgrav2016-01-274-4/+7
| | | | | | | | | | | | Notes: svn path=/head/; revision=294909
* | | r294563 was incomplete; re-add the client-side options as well.Dag-Erling Smørgrav2016-01-221-0/+2
| | | | | | | | | | | | Notes: svn path=/head/; revision=294564
* | | Instead of removing the NoneEnabled option, mark it as unsupported.Dag-Erling Smørgrav2016-01-221-0/+1
| | | | | | | | | | | | | | | | | | | | | (should have done this in r291198, but didn't think of it until now) Notes: svn path=/head/; revision=294563
* | | Update the instructions and the list of major local modifications.Dag-Erling Smørgrav2016-01-211-17/+47
| | | | | | | | | | | | Notes: svn path=/head/; revision=294498
* | | Explain why we don't include VersionAddendum in the debug mode banner.Dag-Erling Smørgrav2016-01-211-0/+1
| | | | | | | | | | | | Notes: svn path=/head/; revision=294497
* | | Upgrade to OpenSSH 7.1p2.Dag-Erling Smørgrav2016-01-2128-1806/+301
|\ \ \ | | |/ | |/| | | | Notes: svn path=/head/; revision=294496
* | | Enable DSA keys by default. They were disabled in OpenSSH 6.9p1.Dag-Erling Smørgrav2016-01-213-13/+28
| | | | | | | | | | | | | | | | | | | | | Noticed by: glebius Notes: svn path=/head/; revision=294495
* | | Take care not to pick up the wrong version of OpenSSL when running in anDag-Erling Smørgrav2016-01-211-0/+6
| | | | | | | | | | | | | | | | | | | | | environment that has OpenSSL from ports in addition to the base version. Notes: svn path=/head/; revision=294494
* | | Remove RCS tags from files in which we no longer have any localDag-Erling Smørgrav2016-01-2014-12/+2
| | | | | | | | | | | | | | | | | | | | | modifications, and add them to two files in which we do. Notes: svn path=/head/; revision=294469
* | | Remove a number of generated files which are either out-of-date (becauseDag-Erling Smørgrav2016-01-2016-27242/+0
| | | | | | | | | | | | | | | | | | | | | | | | they are never regenerated to reflect our changes) or in the way of freebsd-configure.sh. Notes: svn path=/head/; revision=294466
* | | Upgrade to OpenSSH 7.0p1.Dag-Erling Smørgrav2016-01-20158-1655/+2319
|\| | | | | | | | | | | Notes: svn path=/head/; revision=294464
* | | Upgrade to OpenSSH 6.9p1.Dag-Erling Smørgrav2016-01-19115-2304/+3871
|\| | | | | | | | | | | Notes: svn path=/head/; revision=294336
* | | Re-add HPN configuration options as deprecated options to avoid breakingDag-Erling Smørgrav2016-01-192-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | existing configurations that use them. Note that there is no functional difference between OpenSSH with HPN and OpenSSH without HPN. Notes: svn path=/head/; revision=294335
* | | Upgrade to OpenSSH 6.8p1.Dag-Erling Smørgrav2016-01-19330-14249/+30265
|\| | | | | | | | | | | Notes: svn path=/head/; revision=294332
* | | Now that we have local modifications in configure.ac and configure, runDag-Erling Smørgrav2016-01-194-129/+155
| | | | | | | | | | | | | | | | | | | | | autoheader and autoconf to avoid having to patch configure manually. Notes: svn path=/head/; revision=294330
* | | Upgrade to OpenSSH 6.7p1, retaining libwrap support (which has been removedDag-Erling Smørgrav2016-01-19286-6983/+17450
|\| | | | | | | | | | | | | | | | | | | | | | | | | | upstream) and a number of security fixes which we had already backported. MFC after: 1 week Notes: svn path=/head/; revision=294328
* | | As previously threatened, remove the HPN patch from OpenSSH.Dag-Erling Smørgrav2016-01-1928-534/+154
| | | | | | | | | | | | Notes: svn path=/head/; revision=294325
* | | Use 'svn list -R' instead of find, and recognize comments in shell scriptsDag-Erling Smørgrav2016-01-191-2/+2
| | | | | | | | | | | | | | | | | | | | | and {ssh,sshd}_config. Notes: svn path=/head/; revision=294324
* | | Recognize *roff comments.Dag-Erling Smørgrav2016-01-191-1/+1
| | | | | | | | | | | | Notes: svn path=/head/; revision=294322
* | | Update the pre- and post-merge scripts to work correctly after the recentDag-Erling Smørgrav2016-01-192-15/+13
| | | | | | | | | | | | | | | | | | | | | | | | cleanup. A round-trip (./freebsd-pre-merge.sh ; ./freebsd-post-merge.sh) now results in an unchanged working copy. Notes: svn path=/head/; revision=294320
* | | Fix OpenSSH client information leak.Gleb Smirnoff2016-01-141-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | Security: SA-16:07.openssh Security: CVE-2016-0777 Notes: svn path=/head/; revision=294048
* | | Incorrect length in calloc() call, already fixed upstream.Dag-Erling Smørgrav2015-12-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | PR: 204769 Submitted by: David Binderman <dcb314@hotmail.com> MFC after: 1 week Notes: svn path=/head/; revision=292408
* | | Merge OpenSSL 1.0.2e.Jung-uk Kim2015-12-03204-2375/+2568
|\ \ \ | | |/ | |/| | | | Notes: svn path=/head/; revision=291719
| * | Import OpenSSL 1.0.2e.vendor/openssl/1.0.2eJung-uk Kim2015-12-03118-611/+1098
| | | | | | | | | | | | | | | Notes: svn path=/vendor-crypto/openssl/dist/; revision=291707 svn path=/vendor-crypto/openssl/1.0.2e/; revision=291708; tag=vendor/openssl/1.0.2e
* | | r291198 inadvertantly reverted a local patch for the default locationDag-Erling Smørgrav2015-11-261-2/+3
| | | | | | | | | | | | | | | | | | | | | of ssh-askpass and xauth, breaking X11 forwarding. Notes: svn path=/head/; revision=291375
* | | Revert inadvertent commit of an incorrect patchDag-Erling Smørgrav2015-11-241-2/+1
| | | | | | | | | | | | Notes: svn path=/head/; revision=291261
* | | Remove description of the now-defunct NoneEnabled option.Dag-Erling Smørgrav2015-11-242-4/+2
| | | | | | | | | | | | Notes: svn path=/head/; revision=291260
* | | Retire the NONE cipher option.Dag-Erling Smørgrav2015-11-2316-225/+4
| | | | | | | | | | | | Notes: svn path=/head/; revision=291198
* | | Remove duplicate manual pages.Jung-uk Kim2015-11-162-5/+3
| | | | | | | | | | | | | | | | | | | | | Reported by: brd Notes: svn path=/head/; revision=290947
* | | Remove dead code.Dag-Erling Smørgrav2015-11-111-672/+0
| | | | | | | | | | | | Notes: svn path=/head/; revision=290674
* | | One more $Mdocdate$Dag-Erling Smørgrav2015-11-111-1/+1
| | | | | | | | | | | | Notes: svn path=/head/; revision=290673
* | | Remove /* $FreeBSD$ */ from files that already have __RCSID("$FreeBSD$").Dag-Erling Smørgrav2015-11-1125-25/+0
| | | | | | | | | | | | Notes: svn path=/head/; revision=290672
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-13 13:51:14 +0000