summaryrefslogtreecommitdiffstats
path: root/crypto
Commit message (Collapse)AuthorAgeFilesLines
* Fix multiple OpenSSL vulnerabilitites. [SA-16:17]delphij2016-05-047-12/+16
| | | | | | | | | | Fix performance regression in libc hash(3). [EN-16:06] Fix excessive latency in x86 IPI delivery. [EN-16:07] Fix memory leak in ZFS. [EN-16:08] Approved by: so
* MFS (r296781):des2016-03-14141-3295/+5777
| | | | | | | | | | MFH (r296633): upgrade to 7.2p2 (fixes xauth command injection bug) MFH (r296634): re-add aes-cbc to server-side default cipher list MFH (r296651, r296657): fix gcc build of pam_ssh PR: 207679 Security: CVE-2016-3115 Approved by: re (marius)
* Merge OpenSSL 1.0.1s. This is a security update.delphij2016-03-0242-518/+1141
| | | | | Relnotes: yes Approved by: re (so@ implicit)
* MFH (r265214, r294333, r294407, r294467): misc prop fixesdes2016-02-07467-24586/+46067
| | | | | | | | | | | | | | | | MFH (r285975, r287143): register mergeinfo for security fixes MFH (r294497, r294498, r295139): internal documentation MFH (r294328): upgrade to openssh 6.7p1, re-add libwrap MFH (r294332): upgrade to openssh 6.8p1 MFH (r294367): update pam_ssh for api changes MFH (r294909): switch usedns back on MFH (r294336): upgrade to openssh 6.9p1 MFH (r294495): re-enable dsa keys MFH (r294464): upgrade to openssh 7.0p1 MFH (r294496): upgrade to openssh 7.1p2 Approved by: re (gjb) Relnotes: yes
* Merge OpenSSL 1.0.1r.jkim2016-01-28107-385/+621
| | | | Relnotes: yes
* MFH (r291198, r291260, r291261, r291375, r294325, r294335, r294563)des2016-01-2444-776/+169
| | | | Remove the HPN and None cipher patches.
* MFH (r263234, r263691, r266465, r290671, r290672, r290673, r290674,des2016-01-2453-22220/+152
| | | | | | r294320, r294322, r294324, r294330, r294469, r294494, r294466) Reduce diffs to head in preparation for removing HPN and None.
* MFH (r292408): use correct length in calloc() calldes2016-01-161-1/+1
|
* Merge r294048: fix OpenSSH client information leak.glebius2016-01-141-3/+2
| | | | | Security: SA-16:07.openssh Security: CVE-2016-0777
* Merge OpenSSL 1.0.1q.jkim2015-12-03151-1997/+1769
|
* MFC: Fix OpenSSH multiple vulnerabilities.delphij2015-08-253-6/+7
| | | | Security: FreeBSD-SA-15:22.openssh
* Fix patch(1) shell injection vulnerability. [SA-15:14]delphij2015-07-282-18/+33
| | | | | | Fix resource exhaustion in TCP reassembly. [SA-15:15] Fix OpenSSH multiple vulnerabilities. [SA-15:16]
* MFC r285642vangyzen2015-07-211-0/+17
| | | | | | | | | | | | | | | | ssh: canonicize the host name before looking it up in the host file Re-apply r99054 by des in 2002. This was accidentally dropped by the update to OpenSSH 6.5p1 (r261320). This change is actually taken from r387082 of ports/security/openssh-portable/files/patch-ssh.c Differential Revision: https://reviews.freebsd.org/D3103 PR: 198043 Approved by: re (gjb), kib (mentor) Sponsored by: Dell Inc. Relnotes: yes
* MFC: r285329jkim2015-07-0921-233/+475
| | | | | | | Merge OpenSSL 1.0.1p. Approved by: re (gjb) Relnotes: yes
* MFH (r283578): import new moduli from upstreamdes2015-06-301-261/+275
|
* MFC: r284329jkim2015-06-129-25/+34
| | | | | | | | | Merge OpenSSL 1.0.1o. Note it is instantly merged because it restores ABI compatibility broken by the previous OpenSSL 1.0.1n. Relnotes: yes
* MFC: r284283jkim2015-06-11204-903/+2348
| | | | Merge OpenSSL 1.0.1n.
* MFC r280999:bdrewery2015-04-231-1/+1
| | | | Use proper CHAN_TCP_PACKET_DEFAULT for agent forwarding when HPN disabled.
* MFC r280360:bdrewery2015-04-072-2/+8
| | | | Document "none" for VersionAddendum.
* MFC: r280297jkim2015-03-201009-268371/+272042
| | | | | | Merge OpenSSL 1.0.1m. Relnotes: yes
* Fix issues with original SA-15:06.openssl commit:delphij2015-03-203-15/+11
| | | | | | | | | - Revert a portion of ASN1 change per suggested by OpenBSD and OpenSSL developers. The change was removed from the formal OpenSSL release and does not solve security issue. - Properly fix CVE-2015-0209 and CVE-2015-0288. Pointy hat to: delphij
* Fix multiple OpenSSL vulnerabilities.delphij2015-03-197-41/+172
| | | | | | | | | | Security: FreeBSD-SA-15:06.openssl Security: CVE-2015-0209 Security: CVE-2015-0286 Security: CVE-2015-0287 Security: CVE-2015-0288 Security: CVE-2015-0289 Security: CVE-2015-0293
* Merge an applicable subset of r263234 from HEAD to stable/10:rwatson2015-03-191-1/+1
| | | | | | | | | | | | | Update most userspace consumers of capability.h to use capsicum.h instead. auditdistd is not updated as I will make the change upstream and then do a vendor import sometime in the next week or two. Note that a significant fraction does not apply, as FreeBSD 10 doesn't contain a Capsicumised ping, casperd, libcasper, etc. When these features are merged, the capsicum.h change will need to be merged with them. Sponsored by: Google, Inc.
* MFC: r277270jkim2015-01-2311-17/+27
| | | | | | Merge OpenSSL 1.0.1l. Relnotes: yes
* MFC: r276861, r276863jkim2015-01-09108-3630/+1760
| | | | Merge OpenSSL 1.0.1k.
* MFC r264400,r265836:ngie2014-12-315-5/+5
| | | | | | | | | | | | | | r264400: NO_MAN= has been deprecated in favor of MAN= for some time, go ahead and finish the job. ncurses is now the only Makefile in the tree that uses it since it wasn't a simple mechanical change, and will be addressed in a future commit. r265836: Remove last two NO_MAN= in the tree. In both of these cases, MAN= is what is needed.
* MFC: r273144, r273146jkim2014-10-1579-613/+1824
| | | | | | Merge OpenSSL 1.0.1j. Relnotes: yes
* MFC r271284:gjb2014-09-121-1/+1
| | | | | | | | Include the gssapi_krb5 library in KRB5_LDFLAGS. PR: 156245 Approved by: re (marius) Sponsored by: The FreeBSD Foundation
* MFC: r269682jkim2014-08-07158-4989/+3288
| | | | Merge OpenSSL 1.0.1i.
* MFC: r267256jkim2014-06-0966-141/+824
| | | | | | Merge OpenSSL 1.0.1h. Approved by: so (delphij)
* Fix OpenSSL multiple vulnerabilities.delphij2014-06-055-3/+36
| | | | | | Security: CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470 Security: SA-14:14.openssl
* Fix OpenSSL NULL pointer deference vulnerability.delphij2014-05-131-0/+4
| | | | | | Obtained from: OpenBSD Security: FreeBSD-SA-14:09.openssl Security: CVE-2014-0198
* Fix devfs rules not applied by default for jails.delphij2014-04-301-1/+1
| | | | | | | | | | | | | Fix OpenSSL use-after-free vulnerability. Fix TCP reassembly vulnerability. Security: FreeBSD-SA-14:07.devfs Security: CVE-2014-3001 Security: FreeBSD-SA-14:08.tcp Security: CVE-2014-3000 Security: FreeBSD-SA-14:09.openssl Security: CVE-2010-5298
* MFH (r264691): merge upstream patch for EC calculation bugdes2014-04-2010-9/+35
|
* MFH (r263712): upgrade openssh to 6.6p1des2014-04-12123-2462/+1522
| | | | MFH (r264308): restore p level in debugging output
* MFC: r261037, r264278jkim2014-04-10148-920/+1786
| | | | Merge OpenSSL 1.0.1f and 1.0.1g.
* Fix NFS deadlock vulnerability. [SA-14:05]delphij2014-04-085-24/+106
| | | | | Fix "Heartbleed" vulnerability and ECDSA Cache Side-channel Attack in OpenSSL. [SA-14:06]
* MFC r261499 (pjd):delphij2014-03-031-2/+4
| | | | Fix installations that use kernels without CAPABILITIES support.
* MFH (r261320): upgrade openssh to 6.5p1des2014-02-27204-4435/+13545
| | | | MFH (r261340): enable sandboxing by default
* MFC r260403 (MFV r260399):delphij2014-01-075-8/+25
| | | | | | | | | | | | | | | | | | | | Apply vendor commits: 197e0ea Fix for TLS record tampering bug. (CVE-2013-4353). 3462896 For DTLS we might need to retransmit messages from the previous session so keep a copy of write context in DTLS retransmission buffers instead of replacing it after sending CCS. (CVE-2013-6450). ca98926 When deciding whether to use TLS 1.2 PRF and record hash algorithms use the version number in the corresponding SSL_METHOD structure instead of the SSL structure. The SSL structure version is sometimes inaccurate. Note: OpenSSL 1.0.2 and later effectively do this already. (CVE-2013-6449). Security: CVE-2013-4353 Security: CVE-2013-6449 Security: CVE-2013-6450
* MFC r259286,259424,259425:bjk2013-12-161-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Apply patch from upstream Heimdal for encoding fix RFC 4402 specifies the implementation of the gss_pseudo_random() function for the krb5 mechanism (and the C bindings therein). The implementation uses a PRF+ function that concatenates the output of individual krb5 pseudo-random operations produced with a counter and seed. The original implementation of this function in Heimdal incorrectly encoded the counter as a little-endian integer, but the RFC specifies the counter encoding as big-endian. The implementation initializes the counter to zero, so the first block of output (16 octets, for the modern AES enctypes 17 and 18) is unchanged. (RFC 4402 specifies that the counter should begin at 1, but both existing implementations begin with zero and it looks like the standard will be re-issued, with test vectors, to begin at zero.) This is upstream's commit f85652af868e64811f2b32b815d4198e7f9017f6, from 13 October, 2013: % Fix krb5's gss_pseudo_random() (n is big-endian) % % The first enctype RFC3961 prf output length's bytes are correct because % the little- and big-endian representations of unsigned zero are the % same. The second block of output was wrong because the counter was not % being encoded as big-endian. % % This change could break applications. But those applications would not % have been interoperating with other implementations anyways (in % particular: MIT's). Bump __FreeBSD_version accordingly and add a note in UPDATING. Approved by: hrs (mentor, src committer)
* MFH (r257954): upgrade to OpenSSH 6.4p1des2013-11-1926-53/+69
| | | | Approved by: re (kib)
* Pre-zero the MAC context.des2013-11-191-1/+1
| | | | | | Security: CVE-2013-4548 Security: FreeBSD-SA-13:14.openssh Approved by: re (implicit)
* Unbreak the WITHOUT_KERBEROS build and try to reduce the odds of ades2013-09-236-17/+64
| | | | | | | | | repeat performance by introducing a script that runs configure with and without Kerberos, diffs the result and generates krb5_config.h, which contains the preprocessor macros that need to be defined in the Kerberos case and undefined otherwise. Approved by: re (marius)
* Pull in all the OpenSSH bits that we'd previously left out because wedes2013-09-21146-0/+43001
|\ | | | | | | | | | | | | didn't use them. This will make future merges from the vendor tree much easier. Approved by: re (gjb)
* \ Upgrade to 6.3p1.des2013-09-21154-2393/+4264
|\ \ | |/ | | | | Approved by: re (gjb)
* | Change the default value of VerifyHostKeyDNS to "yes" if compiled withdes2013-09-103-1/+11
| | | | | | | | | | | | | | | | LDNS. With that setting, OpenSSH will silently accept host keys that match verified SSHFP records. If an SSHFP record exists but could not be verified, OpenSSH will print a message and prompt the user as usual. Approved by: re (blanket)
* | These three files appeared in 6.0p1, which was imported into the vendordes2013-09-093-0/+558
|\ \ | |/ | | | | | | | | | | | | | | branch but never merged to head. They were inadvertantly left out when 6.1p1 was merged to head. It didn't make any difference at the time, because they were unused, but one of them is required for DNS-based host key verification. Approved by: re (blanket)
* | Apply upstream revision 1.151 (fix relative symlinks)des2013-08-131-1/+2
| | | | | | | | MFC after: 3 days
* | MFV r254106 (OpenSSL bugfix for RT #2984):delphij2013-08-081-1/+1
| | | | | | | | | | | | | | | | | | | | | | Check DTLS_BAD_VER for version number. The version check for DTLS1_VERSION was redundant as DTLS1_VERSION > TLS1_1_VERSION, however we do need to check for DTLS1_BAD_VER for compatibility. Requested by: zi Approved by: benl
OpenPOWER on IntegriCloud