summaryrefslogtreecommitdiffstats
path: root/crypto
Commit message (Collapse)AuthorAgeFilesLines
* Unbreak detection of cryptodev support for FreeBSD which was brokensimon2008-01-131-1/+2
| | | | | | | | | | | | | with OpenSSL 0.9.8 import. Note that this does not enable cryptodev by default, as it was the case with OpenSSL 0.9.7 in FreeBSD base, but this change makes it possible to enable cryptodev at all. This has been submitted upstream as: http://rt.openssl.org/Ticket/Display.html?id=1624 Submitted by: nork
* This commit was generated by cvs2svn to compensate for changes in r172767,simon2007-10-184-615/+544
|\ | | | | | | which included commits to RCS files with non-trunk default branches.
| * Import DTLS security fix from upstream OpenSSL_0_9_8-stable branch.simon2007-10-184-615/+544
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | From the OpenSSL advisory: Andy Polyakov discovered a flaw in OpenSSL's DTLS implementation which could lead to the compromise of clients and servers with DTLS enabled. DTLS is a datagram variant of TLS specified in RFC 4347 first supported in OpenSSL version 0.9.8. Note that the vulnerabilities do not affect SSL and TLS so only clients and servers explicitly using DTLS are affected. We believe this flaw will permit remote code execution. Security: CVE-2007-4995 Security: http://www.openssl.org/news/secadv_20071012.txt
* | Remove _FREEFALL_CONFIG hacks. su+pam_ksu works well enough to use onpeter2007-10-182-18/+2
| | | | | | | | the freebsd.org cluster.
* | Correct a buffer overflow in OpenSSL SSL_get_shared_ciphers().simon2007-10-031-11/+11
| | | | | | | | | | Security: FreeBSD-SA-07:08.openssl Approved by: re (security blanket)
* | s/X11R6/local/gdes2007-05-243-4/+4
| |
* | Fix runtime crash in OpenSSL with "Illegal instruction" by making somesimon2007-05-223-23/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | casts a bit less evil. This was e.g. seen when using portsnap as: Fetching snapshot tag from portsnap3.FreeBSD.org... Illegal instruction Note the patch is slightly different from kan's original patch to match style in the OpenSSL source files a bit better. Submitted by: kan Tested by: many
* | - Bring upgrade produce up-to-date for OpenSSL 0.9.8e.simon2007-03-151-2/+3
| | | | | | | | - Add reminder to bump version numer in Makefile.inc.
* | This commit was generated by cvs2svn to compensate for changes in r167617,simon2007-03-151-1/+1
|\ \ | |/ | | | | which included commits to RCS files with non-trunk default branches.
| * Import fix from upstream OpenSSL_0_9_8-stable branch:simon2007-03-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | EVP_CIPHER_CTX_key_length() should return the set key length in the EVP_CIPHER_CTX structure which may not be the same as the underlying cipher key length for variable length ciphers. This fixes problems in OpenSSH using some ciphers, and possibly other applications. See also: http://bugzilla.mindrot.org/show_bug.cgi?id=1291
* | Resolve conflicts after import of OpenSSL 0.9.8e.simon2007-03-1511-48/+51
| |
* | This commit was generated by cvs2svn to compensate for changes in r167612,simon2007-03-15192-757/+4053
|\ \ | |/ | | | | which included commits to RCS files with non-trunk default branches.
| * Vendor import of OpenSSL 0.9.8e.simon2007-03-15203-805/+4104
| |
* | Resolve conflicts.des2006-11-1022-127/+100
| |
* | This commit was generated by cvs2svn to compensate for changes in r164146,des2006-11-1022-3061/+244
|\ \ | | | | | | | | | which included commits to RCS files with non-trunk default branches.
| * | Vendor import of OpenSSH 4.5p1.des2006-11-1039-3128/+340
| | |
| * | Apply vendor patch to fix detection of tap / tun headers and ENGINE support.des2006-10-041-133/+133
| | |
| * | Dead files.des2006-10-0253-7013/+0
| | |
* | | Don't define XAUTH_PATH here, we either pass it in on the compiler commanddes2006-10-061-1/+1
| | | | | | | | | | | | line or rely on the built-in default.
* | | Go figure how an extra $Id$ line crept in...des2006-10-041-1/+0
| | |
* | | Merge vendor patch.des2006-10-041-133/+133
| | |
* | | Tweak ifdefs for backward compatibility.des2006-10-031-1/+3
| | |
* | | Regenerate; no effect on the code as it doesn't actually use the handful ofdes2006-10-021-5/+5
| | | | | | | | | | | | conditionals that changed in this revision.
* | | Update configure options and add some missing steps.des2006-10-021-7/+15
| | | | | | | | | | | | | | | | | | The section about our local changes needs reviewing, and some of those changes should probably be reconsidered (such as preferring DSA over RSA, which made sense when RSA was encumbered but probably doesn't any more)
* | | This commit was generated by cvs2svn to compensate for changes in r162916,simon2006-10-011-1/+1
|\ \ \ | | |/ | |/| | | | which included commits to RCS files with non-trunk default branches.
| * | Import from upstream OpenSSL 0.9.8 branch:simon2006-10-011-1/+1
| | | | | | | | | | | | | | | | | | | | | Fix uninitialized free of ctx in compute_key() when the OPENSSL_DH_MAX_MODULUS_BITS check is triggered. This fixes the same issue as FreeBSD-SA-06:23.openssl v1.1.
* | | Resolve conflicts after import of OpenSSL 0.9.8d.simon2006-10-018-27/+235
| | |
* | | This commit was generated by cvs2svn to compensate for changes in r162911,simon2006-10-0190-485/+5802
|\ \ \ | |/ / | | | | | | which included commits to RCS files with non-trunk default branches.
| * | Vendor import of OpenSSL 0.9.8d.simon2006-10-0198-511/+6053
| | |
* | | Regenerate.des2006-09-301-9/+60
| | | | | | | | | | | | MFC after: 1 week
* | | #include <errno.h>; this has the unfortunate side effect of taking the filedes2006-09-301-0/+2
| | | | | | | | | | | | | | | | | | off the vendor branch. MFC after: 1 week
* | | Removed from vendor branch.des2006-09-301-58/+0
| | | | | | | | | | | | MFC after: 1 week
* | | Bump version addendum.des2006-09-305-5/+5
| | | | | | | | | | | | MFC after: 1 week
* | | Merge conflicts.des2006-09-3069-1973/+3349
| | | | | | | | | | | | MFC after: 1 week
* | | This commit was generated by cvs2svn to compensate for changes in r162852,des2006-09-30182-745/+6505
|\ \ \ | | |/ | |/| | | | which included commits to RCS files with non-trunk default branches.
| * | Vendor import of OpenSSH 4.4p1.des2006-09-30250-2683/+9804
| | |
| * | Vendor patch for a problem that prevented using protocol version 1 whendes2006-09-161-4/+1
| | | | | | | | | | | | BSM was enabled.
* | | Merge vendor patch for BSM problem in protocol version 1.des2006-09-161-4/+1
| | | | | | | | | | | | MFC after: 1 week
* | | Correct incorrect PKCS#1 v1.5 padding validation in crypto(3).simon2006-09-101-0/+17
| | | | | | | | | | | | | | | Obtained from: OpenSSL project Security: FreeBSD-SA-06:19.openssl
* | | Resolve conflicts after import of OpenSSL 0.9.8b.simon2006-07-301-53/+215
| | | | | | | | | | | | | | | | | | | | | | | | This was missed the first time around since eng_padlock.c was not part of OpenSSL 0.9.7e and therefor did not have the v0_9_7e CVS tag used during original resolve of conflicts. Noticed by: Antoine Brodin <antoine.brodin@laposte.net>
* | | Sync FREEBSD-Xlist with what was actually excluded from OpenSSL 0.9.8bsimon2006-07-291-0/+4
| | | | | | | | | | | | import.
* | | Add some rough notes on how to import a new OpenSSL version into thesimon2006-07-291-0/+42
| | | | | | | | | | | | FreeBSD base system. Parts are inspired by the OpenSSH upgrade notes.
* | | Resolve conflicts after import of OpenSSL 0.9.8b.simon2006-07-29112-24404/+1759
| | |
* | | This commit was generated by cvs2svn to compensate for changes in r160814,simon2006-07-29892-19778/+97022
|\ \ \ | | |/ | |/| | | | which included commits to RCS files with non-trunk default branches.
| * | Vendor import of OpenSSL 0.9.8bsimon2006-07-29915-20663/+98999
| | |
| * | Remove files that are no longer part of OpenSSL from the vendornectar2005-02-2557-15302/+0
| | | | | | | | | | | | branch. This time, these are mostly the `Makefile.ssl' files.
* | | Our glob(3) has all the required features.des2006-06-091-2/+2
| | | | | | | | | | | | Submitted by: ache
* | | Revert inadvertant commit of debugging code.des2006-06-091-2/+0
| | |
* | | Introduce a namespace munging hack inspired by NetBSD to avoid pollutingdes2006-05-132-0/+355
| | | | | | | | | | | | | | | | | | | | | | | | the namespace of applications which inadvertantly link in libssh (usually through pam_ssh) Suggested by: lukem@netbsd.org MFC after: 6 weeks
* | | Fix utmp. There is some clever logic in configure.ac which attempts todes2006-03-231-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | determine whether struct utmp contains the ut_host and ut_time fields. Unfortunately, it reports a false negative for both on FreeBSD, and I didn't check the resulting config.h closely enough to catch the error. Noticed by: ache
OpenPOWER on IntegriCloud