| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
repeat performance by introducing a script that runs configure with and
without Kerberos, diffs the result and generates krb5_config.h, which
contains the preprocessor macros that need to be defined in the Kerberos
case and undefined otherwise.
Approved by: re (marius)
|
| |
|
|
|
|
|
|
|
|
| |
as static binaries, if desired. The one exception is sshd, which runs
into trouble due to libpam.a's includion of pam_ssh.
Make OpenSSH use LDNS if available. This allows it to verify signed
SSHFP records.
Approved by: re (blanket)
|
| |
|
|
| |
Approved by: re (blanket)
|
| |
|
|
|
|
| |
As of r249959, we want to build with IDEA support enabled
unconditionally. As this change removed the MK_IDEA flag, update these
Makefiles accordingly.
|
| |
|
|
| |
for a key revocation list and more fine-grained authentication control.
|
| |
|
|
| |
Approved by: secteam (simon), benl (silence)
|
| |
|
|
|
|
|
|
|
| |
which, only after authentication, disables crypto, and only for sessions
without a terminal.
Submitted by: Jeremy Chadwick (freebsd jdc.parodius.com)
PR: bin/163095
MFC after: 10 days
|
| | |
|
| |
|
|
| |
Specifically, GHASH_ASM belongs to crypto/modes.
|
| |
|
|
| |
Approved by: benl (maintainer)
|
| |
|
|
|
|
| |
Reviewed by: stas
Approved by: benl (maintainer)
MFC after: 3 days
|
| |
|
|
|
|
|
|
| |
Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]
Security: FreeBSD-SA-12:01.openssl (revised)
Security: FreeBSD-SA-12:02.crypt
Approved by: so (bz, simon)
|
| |
|
|
| |
Discussed in: http://www.openwall.com/lists/oss-security/2011/11/15/3
|
| |
|
|
|
|
|
|
|
| |
against text. Provide the override switch to turn off the strict
behaviour. Apparently, openssl libcrypto needs it due to assembler
code not being PIC.
Discussed with: bf
MFC after: 2 weeks
|
| |
|
|
|
|
|
|
| |
- change "the the" to "the"
Approved by: lstewart
Approved by: sahil (mentor)
MFC after: 3 days
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
have an executable stack, due to linking in hand-assembled .S or .s
files, that have no .GNU-stack sections:
RWX --- --- /lib/libcrypto.so.6
RWX --- --- /lib/libmd.so.5
RWX --- --- /lib/libz.so.6
RWX --- --- /lib/libzpool.so.2
RWX --- --- /usr/lib/liblzma.so.5
These were found using scanelf, from the sysutils/pax-utils port.
Reviewed by: kib
|
| | |
|
| | |
|
| |
|
|
| |
Approved by: rrs (mentor)
|
| |
|
|
| |
Approved by: rrs (mentor)
|
| |
|
|
| |
code made obsolete in the same commit.
|
| |
|
|
|
| |
Prefer MACHNE_CPUARCH to MACHINE_ARCH in most contexts where you want
to test of all the CPUs of a given family conform.
|
| |
|
|
|
|
|
| |
read-only by default, meaning files copied can't be overwritten next time.
Reviewed by: imp
Approved by: ken (mentor)
|
| | |
|
| |
|
|
|
|
|
| |
When compiled for MIPS n64 ABI
- DES_LONG should be 'unsigned int'
- BN_LLONG should be undefined
- SIXTY_FOUR_BIT_LONG should be defined.
|
| |
|
|
| |
Obtained from: projects/ppc64
|
| | |
|
| |
|
|
|
|
|
|
| |
for regenerating OpenSSL manual pages.
- Explicitly set the OpenSSL release date so manual pages contain
the date OpenSSL was released and not just the date OpenSSL was
imported into the FreeBSD base system.
- Update for Makefile for OpenSSL 0.9.8n.
|
| |
|
|
| |
MFC after: 3 weeks
|
| |
|
|
|
|
|
|
|
|
|
| |
This also "reverts" some FreeBSD local changes so we should now
be back to using entirely stock OpenSSL. The local changes were
simple $FreeBSD$ lines additions, which were required in the CVS
days, and the patch for FreeBSD-SA-09:15.ssl which has been
superseded with OpenSSL 0.9.8m's RFC5746 'TLS renegotiation
extension' support.
MFC after: 3 weeks
|
| |
|
|
| |
MFC after: 1 month
|
| |
|
|
|
| |
Noticed by: delphij, David Cornejo <dave@dogwood.com>
Forgotten by: des
|
| |
|
|
|
|
|
|
| |
preparation for 8.0-RELEASE. Add the previous version of those
libraries to ObsoleteFiles.inc and bump __FreeBSD_Version.
Reviewed by: kib
Approved by: re (rwatson)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
/boot/kernel/hptrr.ko
/etc/mail/*.cf
/lib/libcrypto.so.5
/usr/bin/ntpq
/usr/sbin/amd
/usr/sbin/iasl
/usr/sbin/ntpd
/usr/sbin/ntpdate
/usr/sbin/ntpdc
There does not appear to be any purpose to having these timestamps, and
they have the irritating consequence that the aforementioned files will
be different every time they are rebuilt.
After this commit, the only remaining build timestamps are in the kernel,
the boot loaders, /usr/include/osreldate.h (the year in the copyright
notice), and lib*.a (the timestamps on all of the included .o files).
Reviewed by: scottl (hptrr), gshapiro (sendmail), simon (openssl),
roberto (ntp), jkim (acpica)
Approved by: re (kib)
|
| |
|
|
| |
Reviewed by: des
|
| | |
|
| | |
|
| |
|
|
| |
MFC after: 3 months
|
| |
|
|
|
|
|
|
|
|
| |
I have worked hard to reduce diffs against the vendor branch. One
notable change in that respect is that we no longer prefer DSA over
RSA - the reasons for doing so went away years ago. This may cause
some surprises, as ssh will warn about unknown host keys even for
hosts whose keys haven't changed.
MFC after: 6 weeks
|
| |
|
|
|
|
|
| |
Implement openssl config needed for mips.
Submitted by: gonzo@
Reviewed by: simon@
|
| |
|
|
| |
all non-style changes made by heimdal to our own libgssapi.
|
| |
|
|
|
|
| |
Reported by: jhb
Discussed with: deischen, des, doubg, harti
Approved by: re (kensmith)
|
| |
|
|
|
|
|
| |
and its bibliography.
Submitted by: Tomoyuki Okazaki <okazaki at kick dot gr dot jp>
MFC after: 1 month
|
| | |
|
| | |
|
| |
|
|
| |
MFC after: 1 week
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
for OpenSSL to load engines run-time, e.g. for using the opensc
engine port.
The OpenSSL Configure script enables DSO support on FreeBSD by
default, we just don't use the Configure script during OpenSSL builds
in the base system.
This is committed to -CURRENT now (before OpenSSL 0.9.8b import), so
it can be tested at bit in -CURRENT before being MFC'ed to 6-STABLE.
Prodded by: ale
PR: bin/79570
MFC after: 1 week
|
