summaryrefslogtreecommitdiffstats
path: root/secure/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* | | | | | | | | | | | | Reduce overlinkingbapt2014-11-251-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The framework now ensure by itself that pthread is added to the link chain as the last component if linked to kerberos hence avoid with out any explicit addition prevent issue like CVE-2014-8475
* | | | | | | | | | | | | Convert to LIBADDbapt2014-11-252-9/+4
| |_|_|_|_|_|_|_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Reduce overlinking
* | | | | | | | | | | | Merge OpenSSL 1.0.1j.jkim2014-10-15290-375/+372
| | | | | | | | | | | |
* | | | | | | | | | | | Merge OpenSSL 1.0.1i.jkim2014-08-07290-345/+719
| | | | | | | | | | | |
* | | | | | | | | | | | Rework privatelib/internallibbapt2014-08-061-1/+1
| |_|_|_|_|_|_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make sure everything linking to a privatelib and/or an internallib does it directly from the OBJDIR rather than DESTDIR. Add src.libnames.mk so bsd.libnames.mk is not polluted by libraries not existsing in final installation Introduce the LD* variable which is what ld(1) is expecting (via LDADD) to link to internal/privatelib Directly link to the .so in case of private library to avoid having to complexify LDFLAGS. Phabric: https://phabric.freebsd.org/D553 Reviewed by: imp, emaste
* | | | | | | | | | | Remove ia64.marcel2014-07-071-224/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This includes: o All directories named *ia64* o All files named *ia64* o All ia64-specific code guarded by __ia64__ o All ia64-specific makefile logic o Mention of ia64 in comments and documentation This excludes: o Everything under contrib/ o Everything under crypto/ o sys/xen/interface o sys/sys/elf_common.h Discussed at: BSDcan
* | | | | | | | | | | Merge OpenSSL 1.0.1h.jkim2014-06-09288-302/+321
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Approved by: so (delphij)
* | | | | | | | | | | Switch using the new $2b$ format by default, when bcrypt is used.delphij2014-05-141-1/+1
| |_|_|_|_|_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | MFC after: 2 weeks Relnotes: default Blowfish crypt(3) format have been changed to $2b$.
* | | | | | | | | | Use src.opts.mk in preference to bsd.own.mk except where we need stuffimp2014-05-062-2/+2
| |_|_|_|_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | from the latter.
* | | | | | | | | Add placeholder Kyuafiles for various top-level hierarchies.jmmv2014-04-212-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change adds tests/ directories in the source tree to create various subdirectories in /usr/tests/ and to install placeholder Kyuafiles for them. the relevant hierarchies are: cddl, etc, games, gnu and secure. The reason for this is to simplify the addition of new test programs for utilities or libraries under any of these directories. Doing so on a case by case basis is unnecessary and is quite an obscure process.
* | | | | | | | | NO_MAN= has been deprecated in favor of MAN= for some time, go aheadimp2014-04-131-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | and finish the job. ncurses is now the only Makefile in the tree that uses it since it wasn't a simple mechanical change, and will be addressed in a future commit.
* | | | | | | | | Merge OpenSSL 1.0.1g.jkim2014-04-08289-299/+302
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Approved by: benl (maintainer)
* | | | | | | | | Upgrade to OpenSSH 6.6p1.des2014-03-251-4/+4
| | | | | | | | |
* | | | | | | | | Refresh our implementation of OpenBSD's Blowfish password format.delphij2014-02-251-33/+52
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Notable changes: - Support of $2b$ password format to address a problem where very long passwords (more than 256 characters, when an integer overflow would happen and cause the length to wrap at 256). - Updated pseudo code in comments to reflect the reality. - Removed our local shortcut of processing magic string and rely on the centralized and tigntened validation. - Diff reduction from upstream. For now we are still generating the older $02a$ format of password but we will migrate to the new format once the format is formally finalized. MFC after: 1 month
* | | | | | | | | Upgrade to OpenSSH 6.5p1.des2014-01-311-4/+7
| | | | | | | | |
* | | | | | | | | Merge OpenSSL 1.0.1f.jkim2014-01-22290-805/+688
| |_|_|_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | Approved by: so (delphij), benl (silence)
* | | | | | | | Unbreak the WITHOUT_KERBEROS build and try to reduce the odds of ades2013-09-231-1/+4
| |_|_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | repeat performance by introducing a script that runs configure with and without Kerberos, diffs the result and generates krb5_config.h, which contains the preprocessor macros that need to be defined in the Kerberos case and undefined otherwise. Approved by: re (marius)
* | | | | | | Clean up the OpenSSH build. It is now possible to build most componentsdes2013-09-101-7/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | as static binaries, if desired. The one exception is sshd, which runs into trouble due to libpam.a's includion of pam_ssh. Make OpenSSH use LDNS if available. This allows it to verify signed SSHFP records. Approved by: re (blanket)
* | | | | | | Make libldns and libssh private.des2013-09-081-0/+1
| |_|_|_|_|/ |/| | | | | | | | | | | | | | | | | Approved by: re (blanket)
* | | | | | Remove references to MK_IDEA.ed2013-04-272-17/+1
| |_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | As of r249959, we want to build with IDEA support enabled unconditionally. As this change removed the MK_IDEA flag, update these Makefiles accordingly.
* | | | | Upgrade to OpenSSH 6.2p1. The most important new features are supportdes2013-03-221-4/+4
| | | | | | | | | | | | | | | | | | | | for a key revocation list and more fine-grained authentication control.
* | | | | Merge OpenSSL 1.0.1e.jkim2013-02-13291-607/+607
| |_|_|/ |/| | | | | | | | | | | Approved by: secteam (simon), benl (silence)
* | | | Add a src.conf(5) option to allow users to compile in the "NONE cipher",bz2013-01-171-0/+4
| |/ / |/| | | | | | | | | | | | | | | | | | | | | | | which, only after authentication, disables crypto, and only for sessions without a terminal. Submitted by: Jeremy Chadwick (freebsd jdc.parodius.com) PR: bin/163095 MFC after: 10 days
* | | Upgrade OpenSSH to 6.1p1.des2012-09-031-2/+0
| | |
* | | Sort ASM definitions by crypto module for slightly easier maintenance.jkim2012-07-121-2/+4
| | | | | | | | | | | | Specifically, GHASH_ASM belongs to crypto/modes.
* | | Merge OpenSSL 1.0.1c.jkim2012-07-12346-13350/+63673
| |/ |/| | | | | Approved by: benl (maintainer)
* | Merge OpenSSL 0.9.8x.jkim2012-06-27240-484/+490
|/ | | | | | Reviewed by: stas Approved by: benl (maintainer) MFC after: 3 days
* Update the previous openssl fix. [12:01]bz2012-05-301-1/+1
| | | | | | | | Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02] Security: FreeBSD-SA-12:01.openssl (revised) Security: FreeBSD-SA-12:02.crypt Approved by: so (bz, simon)
* Return NULL on error rather than ":", per the crypt(3) man page.kevlo2012-02-221-6/+5
| | | | Discussed in: http://www.openwall.com/lists/oss-security/2011/11/15/3
* Force linker error when created shared library contains a relocationkib2011-12-061-0/+1
| | | | | | | | | against text. Provide the override switch to turn off the strict behaviour. Apparently, openssl libcrypto needs it due to assembler code not being PIC. Discussed with: bf MFC after: 2 weeks
* - change "is is" to "is" or "it is"eadler2011-10-161-1/+1
| | | | | | | | - change "the the" to "the" Approved by: lstewart Approved by: sahil (mentor) MFC after: 3 days
* Upgrade to OpenSSH 5.8p2.des2011-05-041-5/+6
|
* Fix some leftover binaries and shared libraries in the system that stilldim2011-02-151-0/+4
| | | | | | | | | | | | | | | have an executable stack, due to linking in hand-assembled .S or .s files, that have no .GNU-stack sections: RWX --- --- /lib/libcrypto.so.6 RWX --- --- /lib/libmd.so.5 RWX --- --- /lib/libz.so.6 RWX --- --- /lib/libzpool.so.2 RWX --- --- /usr/lib/liblzma.so.5 These were found using scanelf, from the sysutils/pax-utils port. Reviewed by: kib
* Regenerate manual pages for OpenSSL 0.9.8q.simon2010-12-03240-253/+242
|
* Regenerate manual pages for OpenSSL 0.9.8p.simon2010-11-22240-8165/+6319
|
* Revert changes of 'assure' to 'ensure' made in r211936.brucec2010-09-111-1/+1
| | | | Approved by: rrs (mentor)
* Fix incorrect usage of 'assure' and 'insure'.brucec2010-08-281-1/+1
| | | | Approved by: rrs (mentor)
* Repair some build breakage introduced in r211725 and garbage collect somenwhitehorn2010-08-283-220/+12
| | | | code made obsolete in the same commit.
* MFtbemd:imp2010-08-231-15/+15
| | | | | Prefer MACHNE_CPUARCH to MACHINE_ARCH in most contexts where you want to test of all the CPUs of a given family conform.
* Fix buildworld -DNO_CLEAN when using with Perforce, which marks files aswill2010-08-121-2/+2
| | | | | | | read-only by default, meaning files copied can't be overwritten next time. Reviewed by: imp Approved by: ken (mentor)
* Whitespace fix for last check-in, move empty line to below endif.jchandra2010-08-041-1/+1
|
* MIPS 64 bit support.jchandra2010-08-041-0/+14
| | | | | | | When compiled for MIPS n64 ABI - DES_LONG should be 'unsigned int' - BN_LLONG should be undefined - SIXTY_FOUR_BIT_LONG should be defined.
* OpenSSL configuration for powerpc64nwhitehorn2010-07-101-0/+217
| | | | Obtained from: projects/ppc64
* Regenerate manual pages for OpenSSL 0.9.8n.simon2010-04-01239-239/+239
|
* - Make it slightly simpler to update OpenSSL version informationsimon2010-04-011-1/+6
| | | | | | | | for regenerating OpenSSL manual pages. - Explicitly set the OpenSSL release date so manual pages contain the date OpenSSL was released and not just the date OpenSSL was imported into the FreeBSD base system. - Update for Makefile for OpenSSL 0.9.8n.
* Regenerate manual pages for OpenSSL 0.9.8m.simon2010-03-13242-283/+479
| | | | MFC after: 3 weeks
* Merge OpenSSL 0.9.8m into head.simon2010-03-131-1/+1
| | | | | | | | | | | This also "reverts" some FreeBSD local changes so we should now be back to using entirely stock OpenSSL. The local changes were simple $FreeBSD$ lines additions, which were required in the CVS days, and the patch for FreeBSD-SA-09:15.ssl which has been superseded with OpenSSL 0.9.8m's RFC5746 'TLS renegotiation extension' support. MFC after: 3 weeks
* Upgrade to OpenSSH 5.4p1.des2010-03-091-2/+3
| | | | MFC after: 1 month
* Fix globbingdes2009-11-101-1/+1
| | | | | Noticed by: delphij, David Cornejo <dave@dogwood.com> Forgotten by: des
* Bump the version of all non-symbol-versioned shared libraries inkensmith2009-07-193-3/+3
| | | | | | | | preparation for 8.0-RELEASE. Add the previous version of those libraries to ObsoleteFiles.inc and bump __FreeBSD_Version. Reviewed by: kib Approved by: re (rwatson)
OpenPOWER on IntegriCloud