summaryrefslogtreecommitdiffstats
path: root/crypto
Commit message (Collapse)AuthorAgeFilesLines
...
* | | Remove duplicate manual pages.jkim2015-11-162-5/+3
| | | | | | | | | | | | Reported by: brd
* | | Remove dead code.des2015-11-111-672/+0
| | |
* | | One more $Mdocdate$des2015-11-111-1/+1
| | |
* | | Remove /* $FreeBSD$ */ from files that already have __RCSID("$FreeBSD$").des2015-11-1125-25/+0
| | |
* | | Now that we have mandoc, we can leave $Mdocdate$ tags as-is. Unfortunately,des2015-11-1113-22/+13
| | | | | | | | | | | | | | | there is (currently) no way to make Subversion generate correct $Mdocdate$ tags, but perhas we can teach mandoc to read Subversion's %d format.
* | | Merge OpenSSL 1.0.2d.jkim2015-10-30488-13176/+94364
|\ \ \ | |/ /
| * | Import OpenSSL 1.0.2d.jkim2015-10-23299-8500/+77947
| | |
* | | Fix OpenSSH multiple vulnerabilities by backporting three changesdelphij2015-08-253-6/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | from OpenSSH-portable master. Git revisions: 45b0eb752c94954a6de046bfaaf129e518ad4b5b 5e75f5198769056089fb06c4d738ab0e5abc66f7 d4697fe9a28dab7255c60433e4dd23cf7fce8a8b Reviewed by: des Security: FreeBSD-SA-15:22.openssh
* | | Fix multiple OpenSSH vulnerabilities.delphij2015-07-282-18/+33
| | | | | | | | | | | | | | | | | | Security: CVE-2014-2653 Security: CVE-2015-5600 Security: FreeBSD-SA-15:16.openssh
* | | ssh: canonicize the host name before looking it up in the host filevangyzen2015-07-161-0/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Re-apply r99054 by des in 2002. This was accidentally dropped by the update to OpenSSH 6.5p1 (r261320). This change is actually taken from r387082 of ports/security/openssh-portable/files/patch-ssh.c PR: 198043 Differential Revision: https://reviews.freebsd.org/D3103 Reviewed by: des Approved by: kib (mentor) MFC after: 3 days Relnotes: yes Sponsored by: Dell Inc.
* | | Merge OpenSSL 1.0.1p.jkim2015-07-0921-233/+475
|\ \ \ | |/ /
| * | Import OpenSSL 1.0.1p.jkim2015-07-0911-201/+420
| | |
| * | Import OpenSSL 1.0.1o.jkim2015-06-124-17/+16
| | |
| * | Import OpenSSL 1.0.1n.jkim2015-06-11131-268/+797
| | |
* | | Merge OpenSSL 1.0.1o.jkim2015-06-129-25/+34
| | |
* | | Merge OpenSSL 1.0.1n.jkim2015-06-11204-903/+2348
| | |
* | | Import new moduli from OpenBSD. Although there is no reason to distrustdes2015-05-261-261/+275
| | | | | | | | | | | | | | | | | | the current set, it is good hygiene to change them once in a while. MFC after: 1 week
* | | Use proper CHAN_TCP_PACKET_DEFAULT for agent forwarding when HPN disabled.bdrewery2015-04-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The use of CHAN_TCP_WINDOW_DEFAULT here was fixed in upstream OpenSSH in CVS 1.4810, git 5baa170d771de9e95cf30b4c469ece684244cf3e: - dtucker@cvs.openbsd.org 2007/12/28 22:34:47 [clientloop.c] Use the correct packet maximum sizes for remote port and agent forwarding. Prevents the server from killing the connection if too much data is queued and an excessively large packet gets sent. bz #1360, ok djm@. The change was lost due to the the way the original upstream HPN patch modified this code. It was re-adding the original OpenSSH code and never was properly fixed to use the new value. MFC after: 2 weeks
* | | Document "none" for VersionAddendum.bdrewery2015-03-232-2/+8
| | | | | | | | | | | | | | | PR: 193127 MFC after: 2 weeks
* | | Merge OpenSSL 1.0.1m.jkim2015-03-201009-268251/+272049
|\ \ \ | |/ /
| * | Import OpenSSL 1.0.1m.jkim2015-03-20804-170246/+173958
| | |
| * | Import OpenSSL 1.0.1l.jkim2015-01-165-13/+12
| | |
| * | Fix build failure on Windows due to undefined cflags identifier.jkim2015-01-091-1/+1
| | | | | | | | | | | | https://github.com/openssl/openssl/commit/5c5e7e1a7eb114cf136e1ae4b6a413bc48ba41eb
* | | Merge OpenSSL 1.0.1l.jkim2015-01-1611-17/+27
| | | | | | | | | | | | | | | MFC after: 1 week Relnotes: yes
* | | MFV: r276862jkim2015-01-092-2/+2
| | | | | | | | | | | | Fix build.
* | | Merge OpenSSL 1.0.1k.jkim2015-01-08108-3630/+1760
|\ \ \ | |/ /
| * | Import OpenSSL 1.0.1k.jkim2015-01-0846-2888/+616
| | |
* | | Merge OpenSSL 1.0.1j.jkim2014-10-1579-613/+1824
|\ \ \ | |/ /
| * | Import OpenSSL 1.0.1j.jkim2014-10-1537-205/+981
| | |
* | | Include the gssapi_krb5 library in KRB5_LDFLAGS.gjb2014-09-081-1/+1
| | | | | | | | | | | | | | | | | | PR: 156245 MFC after: 3 days Sponsored by: The FreeBSD Foundation
* | | Merge OpenSSL 1.0.1i.jkim2014-08-07158-4989/+3288
|\ \ \ | |/ /
| * | Import OpenSSL 1.0.1i.jkim2014-08-0773-4763/+2063
| | |
* | | Merge OpenSSL 1.0.1h.jkim2014-06-0966-141/+824
|\ \ \ | |/ / | | | | | | Approved by: so (delphij)
| * | Import OpenSSL 1.0.1h.jkim2014-06-0622-39/+81
| | | | | | | | | | | | Approved by: so (delphij)
| * | Import OpenSSL 1.0.1g.jkim2014-04-0816-28/+189
| | | | | | | | | | | | Approved by: benl (maintainer)
| * | Import OpenSSL 1.0.1f.jkim2014-01-2255-613/+847
| | | | | | | | | | | | Approved by: so (delphij), benl (silence)
* | | Fix OpenSSL multiple vulnerabilities.delphij2014-06-055-3/+36
| | | | | | | | | | | | | | | | | | | | | Security: CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470 Security: SA-14:14.openssl Approved by: so
* | | Change comment about HPNDisabled to match the style of other options tosmh2014-05-201-1/+1
| | | | | | | | | | | | | | | | | | avoid confusion. Sponsored by: Multiplay
* | | Fix OpenSSL NULL pointer deference vulnerability.delphij2014-05-131-0/+4
| | | | | | | | | | | | | | | | | | Obtained from: OpenBSD Security: FreeBSD-SA-14:09.openssl Security: CVE-2014-0198
* | | Fix OpenSSL use-after-free vulnerability.delphij2014-04-301-1/+1
| | | | | | | | | | | | | | | | | | Obtained from: OpenBSD Security: FreeBSD-SA-14:09.openssl Security: CVE-2010-5298
* | | Apply upstream patch for EC calculation bug and bump version addendum.des2014-04-2010-9/+35
| | |
* | | NO_MAN= has been deprecated in favor of MAN= for some time, go aheadimp2014-04-135-5/+5
| | | | | | | | | | | | | | | | | | and finish the job. ncurses is now the only Makefile in the tree that uses it since it wasn't a simple mechanical change, and will be addressed in a future commit.
* | | Restore the pX part to the version number printed in debugging mode.des2014-04-091-1/+1
| | |
* | | Merge OpenSSL 1.0.1g.jkim2014-04-0854-81/+311
| | | | | | | | | | | | Approved by: benl (maintainer)
* | | Fix NFS deadlock vulnerability. [SA-14:05]delphij2014-04-085-24/+106
| | | | | | | | | | | | | | | Fix "Heartbleed" vulnerability and ECDSA Cache Side-channel Attack in OpenSSL. [SA-14:06]
* | | Upgrade to OpenSSH 6.6p1.des2014-03-25123-2462/+1520
|\ \ \ | | |/ | |/|
* | | Add a pre-merge script which reverts mechanical changes such as addeddes2014-03-2433-63/+132
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | $FreeBSD$ tags and man page dates. Add a post-merge script which reapplies these changes. Run both scripts to normalize the existing code base. As a result, many files which should have had $FreeBSD$ tags but didn't now have them. Partly rewrite the upgrade instructions and remove the now outdated list of tricks.
* | | Update most userspace consumers of capability.h to use capsicum.h instead.rwatson2014-03-161-1/+1
| | | | | | | | | | | | | | | | | | | | | auditdistd is not updated as I will make the change upstream and then do a vendor import sometime in the next week or two. MFC after: 3 weeks
* | | Fix installations that use kernels without CAPABILITIES support.pjd2014-02-041-2/+4
| | | | | | | | | | | | Approved by: des
* | | Turn sandboxing on by default.des2014-02-013-3/+3
| | |
OpenPOWER on IntegriCloud