summaryrefslogtreecommitdiffstats
path: root/crypto
Commit message (Collapse)AuthorAgeFilesLines
* MFV "xmalloc: zero size" fix.des2008-09-241-1/+2
| | | | MFC after: 1 week
* The vendor area is the proper home for these files now.simon2008-09-212-93/+0
|
* Remove some unused files.des2008-09-012-1251/+0
|
* Set SIZEOF_LONG_INT and SIZEOF_LONG_LONG_INT to plausible values. Theydes2008-09-011-2/+2
| | | | aren't used for anything, but that's no excuse for being silly.
* Use net.inet.ip.portrange.reservedhigh instead of IPPORT_RESERVED.des2008-08-201-1/+14
| | | | | | | Submitted upstream, no reaction. Submitted by: delphij@ MFC after: 2 weeks
* Upgrade to OpenSSH 5.1p1.des2008-08-01171-4658/+13145
|\ | | | | | | | | | | | | | | | | | | I have worked hard to reduce diffs against the vendor branch. One notable change in that respect is that we no longer prefer DSA over RSA - the reasons for doing so went away years ago. This may cause some surprises, as ssh will warn about unknown host keys even for hosts whose keys haven't changed. MFC after: 6 weeks
| * Properly flatten openssh/dist.des2008-07-22407-109174/+0
| |
| * Revert part of 180714 - the intent was to flatten dist, not to nuke it.des2008-07-22407-0/+109174
| |
| * Flatten the OpenSSH vendor tree for 3.x and newer.des2008-07-22407-109174/+0
| |
* | Another file with no local changes.des2008-08-011-1/+0
| | | | | | | | "This time for sure!"
* | Another file with no local changes.des2008-08-011-1/+0
| |
* | Another four files without local changes. This is driving me nuts -des2008-08-014-4/+0
| | | | | | | | every time I think I got them all, another one pops up.
* | Yet another file with no local changes.des2008-08-011-1/+0
| |
* | Accidentally mangled this one in the previous commit.des2008-08-011-1/+1
| |
* | More files which no longer have any local changes.des2008-08-018-8/+0
| |
* | These two files have no local patches except to prevent expansion of thedes2008-08-012-4/+2
| | | | | | | | | | original $FreeBSD$ keywords. Revert those changes, and simply disable keyword expansion.
* | Last remains of old OPIE patchdes2008-08-011-8/+0
| |
* | We no longer have any local changes here.des2008-08-011-1/+0
| |
* | Tag expansion is no longer needed (svn handles them correctly).des2008-08-011-8/+2
| | | | | | | | Add svn command to diff against vendor branch.
* | This is no longer needed.des2008-08-011-9/+0
| |
* | Cleanup.des2008-08-012-27/+26
| |
* | Ugh. Set svn:mergeinfo correctly.des2008-08-011-0/+1
| |
* | Catch up with reality.des2008-08-011-8/+1
| |
* | Revert an old hack I put in to replace S/Key with OPIE. We haven't useddes2008-08-013-21/+0
| | | | | | | | that code in ages - we use pam_opie(8) instead - so this is a NOP.
* | Add missing #include for strlen()des2008-07-311-0/+3
| |
* | Fix alignment of the cmsg buffer by placing it in a union with a structdes2008-07-301-6/+12
| | | | | | | | | | | | | | cmsghdr. Derived from upstream patch. Submitted by: cognet MFC after: 2 weeks
* | Remove a bunch of files we don't need to build OpenSSH. They are stilldes2008-07-2380-11367/+0
| | | | | | | | available in base/vendor-crypto/openssh/dist/.
* | Fix conflicts after heimdal-1.1 import and add build infrastructure. Importdfr2008-05-0782-13786/+1343
| | | | | | | | all non-style changes made by heimdal to our own libgssapi.
* | This commit was generated by cvs2svn to compensate for changes in r178825,dfr2008-05-071483-48403/+252590
|\ \ | | | | | | | | | which included commits to RCS files with non-trunk default branches.
| * | Vendor import of Heimdal 1.1dfr2008-05-071493-49127/+253906
| | |
* | | Fix the Xlist so it actually works with 'tar -X', and update the upgradedes2008-02-062-11/+10
| | | | | | | | | | | | instructions accordingly.
* | | As per discussion, commit experimental metadata for my contrib packages.des2008-02-061-0/+8
| | | | | | | | | | | | | | | The idea is to have a FREEBSD-vendor file for every third-party package in the tree.
* | | Unbreak detection of cryptodev support for FreeBSD which was brokensimon2008-01-131-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | with OpenSSL 0.9.8 import. Note that this does not enable cryptodev by default, as it was the case with OpenSSL 0.9.7 in FreeBSD base, but this change makes it possible to enable cryptodev at all. This has been submitted upstream as: http://rt.openssl.org/Ticket/Display.html?id=1624 Submitted by: nork
* | | This commit was generated by cvs2svn to compensate for changes in r172767,simon2007-10-184-615/+544
|\ \ \ | | | | | | | | | | | | which included commits to RCS files with non-trunk default branches.
| * | | Import DTLS security fix from upstream OpenSSL_0_9_8-stable branch.simon2007-10-184-615/+544
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | From the OpenSSL advisory: Andy Polyakov discovered a flaw in OpenSSL's DTLS implementation which could lead to the compromise of clients and servers with DTLS enabled. DTLS is a datagram variant of TLS specified in RFC 4347 first supported in OpenSSL version 0.9.8. Note that the vulnerabilities do not affect SSL and TLS so only clients and servers explicitly using DTLS are affected. We believe this flaw will permit remote code execution. Security: CVE-2007-4995 Security: http://www.openssl.org/news/secadv_20071012.txt
* | | | Remove _FREEFALL_CONFIG hacks. su+pam_ksu works well enough to use onpeter2007-10-182-18/+2
| | | | | | | | | | | | | | | | the freebsd.org cluster.
* | | | Correct a buffer overflow in OpenSSL SSL_get_shared_ciphers().simon2007-10-031-11/+11
| | | | | | | | | | | | | | | | | | | | Security: FreeBSD-SA-07:08.openssl Approved by: re (security blanket)
* | | | s/X11R6/local/gdes2007-05-243-4/+4
| | | |
* | | | Fix runtime crash in OpenSSL with "Illegal instruction" by making somesimon2007-05-223-23/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | casts a bit less evil. This was e.g. seen when using portsnap as: Fetching snapshot tag from portsnap3.FreeBSD.org... Illegal instruction Note the patch is slightly different from kan's original patch to match style in the OpenSSL source files a bit better. Submitted by: kan Tested by: many
* | | | - Bring upgrade produce up-to-date for OpenSSL 0.9.8e.simon2007-03-151-2/+3
| | | | | | | | | | | | | | | | - Add reminder to bump version numer in Makefile.inc.
* | | | This commit was generated by cvs2svn to compensate for changes in r167617,simon2007-03-151-1/+1
|\ \ \ \ | |/ / / | | | | | | | | which included commits to RCS files with non-trunk default branches.
| * | | Import fix from upstream OpenSSL_0_9_8-stable branch:simon2007-03-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | EVP_CIPHER_CTX_key_length() should return the set key length in the EVP_CIPHER_CTX structure which may not be the same as the underlying cipher key length for variable length ciphers. This fixes problems in OpenSSH using some ciphers, and possibly other applications. See also: http://bugzilla.mindrot.org/show_bug.cgi?id=1291
* | | | Resolve conflicts after import of OpenSSL 0.9.8e.simon2007-03-1511-48/+51
| | | |
* | | | This commit was generated by cvs2svn to compensate for changes in r167612,simon2007-03-15192-757/+4053
|\ \ \ \ | |/ / / | | | | | | | | which included commits to RCS files with non-trunk default branches.
| * | | Vendor import of OpenSSL 0.9.8e.simon2007-03-15203-805/+4104
| | | |
* | | | Resolve conflicts.des2006-11-1022-127/+100
| | | |
* | | | This commit was generated by cvs2svn to compensate for changes in r164146,des2006-11-1022-3061/+244
|\ \ \ \ | | |_|/ | |/| | | | | | which included commits to RCS files with non-trunk default branches.
| * | | Vendor import of OpenSSH 4.5p1.des2006-11-1039-3128/+340
| | | |
| * | | Apply vendor patch to fix detection of tap / tun headers and ENGINE support.des2006-10-041-133/+133
| | | |
| * | | Dead files.des2006-10-0253-7013/+0
| | | |
OpenPOWER on IntegriCloud