summaryrefslogtreecommitdiffstats
path: root/secure
Commit message (Collapse)AuthorAgeFilesLines
* Upgrade OpenSSH to 6.1p1.des2012-09-031-2/+0
|
* Sort ASM definitions by crypto module for slightly easier maintenance.jkim2012-07-121-2/+4
| | | | Specifically, GHASH_ASM belongs to crypto/modes.
* Merge OpenSSL 1.0.1c.jkim2012-07-12394-13827/+67060
| | | | Approved by: benl (maintainer)
* Regen ca(1) for r237658. This re-applies r227458, i.e., add a missing "be".jkim2012-06-271-1/+1
|
* Merge OpenSSL 0.9.8x.jkim2012-06-27278-561/+567
| | | | | | Reviewed by: stas Approved by: benl (maintainer) MFC after: 3 days
* Update the previous openssl fix. [12:01]bz2012-05-301-1/+1
| | | | | | | | Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02] Security: FreeBSD-SA-12:01.openssl (revised) Security: FreeBSD-SA-12:02.crypt Approved by: so (bz, simon)
* Restore the ability to use a non-standard LOCALBASE to sshdeadler2012-03-242-0/+8
| | | | | | | | | Add the ability to use a non-standard LOCALBASE to ssh Submitted by: jhb Reviewed by: des Approved by: cperciva MFC after: 0 days (with r233136)
* X11BASE is not used any more and has been killed by the x11 team.eadler2012-03-192-26/+0
| | | | | | Reviewed by: ??? Approved by: ??? MFC after: 3 days
* Return NULL on error rather than ":", per the crypt(3) man page.kevlo2012-02-221-6/+5
| | | | Discussed in: http://www.openwall.com/lists/oss-security/2011/11/15/3
* Force linker error when created shared library contains a relocationkib2011-12-061-0/+1
| | | | | | | | | against text. Provide the override switch to turn off the strict behaviour. Apparently, openssl libcrypto needs it due to assembler code not being PIC. Discussed with: bf MFC after: 2 weeks
* - add a missing "be" and "in"eadler2011-11-111-1/+1
| | | | | | | | | | | - fix other errors introduced when committing r226436 - add 'function' to a sentence where it makes sense Submitted by: delphij Submitted by: dougb Submitted by: jhb Approved by: dougb Approved by: jhb
* - change "is is" to "is" or "it is"eadler2011-10-163-3/+3
| | | | | | | | - change "the the" to "the" Approved by: lstewart Approved by: sahil (mentor) MFC after: 3 days
* Upgrade to OpenSSH 5.9p1.des2011-10-051-1/+2
| | | | MFC after: 3 months
* Upgrade to OpenSSH 5.8p2.des2011-05-042-7/+9
|
* Fix some leftover binaries and shared libraries in the system that stilldim2011-02-151-0/+4
| | | | | | | | | | | | | | | have an executable stack, due to linking in hand-assembled .S or .s files, that have no .GNU-stack sections: RWX --- --- /lib/libcrypto.so.6 RWX --- --- /lib/libmd.so.5 RWX --- --- /lib/libz.so.6 RWX --- --- /lib/libzpool.so.2 RWX --- --- /usr/lib/liblzma.so.5 These were found using scanelf, from the sysutils/pax-utils port. Reviewed by: kib
* Regenerate manual pages for OpenSSL 0.9.8q.simon2010-12-03278-291/+280
|
* Regenerate manual pages for OpenSSL 0.9.8p.simon2010-11-22278-9639/+7617
|
* Revert changes of 'assure' to 'ensure' made in r211936.brucec2010-09-111-1/+1
| | | | Approved by: rrs (mentor)
* Fix incorrect usage of 'assure' and 'insure'.brucec2010-08-281-1/+1
| | | | Approved by: rrs (mentor)
* Repair some build breakage introduced in r211725 and garbage collect somenwhitehorn2010-08-283-220/+12
| | | | code made obsolete in the same commit.
* MFtbemd:imp2010-08-231-15/+15
| | | | | Prefer MACHNE_CPUARCH to MACHINE_ARCH in most contexts where you want to test of all the CPUs of a given family conform.
* Fix buildworld -DNO_CLEAN when using with Perforce, which marks files aswill2010-08-121-2/+2
| | | | | | | read-only by default, meaning files copied can't be overwritten next time. Reviewed by: imp Approved by: ken (mentor)
* Whitespace fix for last check-in, move empty line to below endif.jchandra2010-08-041-1/+1
|
* MIPS 64 bit support.jchandra2010-08-041-0/+14
| | | | | | | When compiled for MIPS n64 ABI - DES_LONG should be 'unsigned int' - BN_LLONG should be undefined - SIXTY_FOUR_BIT_LONG should be defined.
* OpenSSL configuration for powerpc64nwhitehorn2010-07-101-0/+217
| | | | Obtained from: projects/ppc64
* Regenerate manual pages for OpenSSL 0.9.8n.simon2010-04-01277-277/+277
|
* - Make it slightly simpler to update OpenSSL version informationsimon2010-04-011-1/+6
| | | | | | | | for regenerating OpenSSL manual pages. - Explicitly set the OpenSSL release date so manual pages contain the date OpenSSL was released and not just the date OpenSSL was imported into the FreeBSD base system. - Update for Makefile for OpenSSL 0.9.8n.
* Regenerate manual pages for OpenSSL 0.9.8m.simon2010-03-13280-331/+533
| | | | MFC after: 3 weeks
* Merge OpenSSL 0.9.8m into head.simon2010-03-131-1/+1
| | | | | | | | | | | This also "reverts" some FreeBSD local changes so we should now be back to using entirely stock OpenSSL. The local changes were simple $FreeBSD$ lines additions, which were required in the CVS days, and the patch for FreeBSD-SA-09:15.ssl which has been superseded with OpenSSL 0.9.8m's RFC5746 'TLS renegotiation extension' support. MFC after: 3 weeks
* Revert r204939des2010-03-101-1/+1
|
* Forgot to svn add the Makefile.des2010-03-101-0/+16
|
* Fix the build. The ssh-pkcs11-helper directory is empty, which isdougb2010-03-101-1/+1
| | | | causing confusion.
* Upgrade to OpenSSH 5.4p1.des2010-03-094-5/+6
| | | | MFC after: 1 month
* (Almost) fixed static linkage. The remaining problem is withru2010-02-261-2/+2
| | | | | libgssapi.a and libgssapi_krb5.a libraries that define the same symbols.
* Fix 'make checkdpadd'des2010-02-251-1/+1
| | | | Submitted by: ru@
* Remove -static; it was a failed experiment that got committed by accident.des2010-02-251-1/+4
|
* Build lib/ with WARNS=6 by default.ed2010-01-021-0/+2
| | | | | | | | | Similar to libexec/, do the same with lib/. Make WARNS=6 the norm and lower it when needed. I'm setting WARNS?=0 for secure/. It seems secure/ includes the Makefile.inc provided by lib/. I'm not going to touch that directory. Most of the code there is contributed anyway.
* Remove pppd, it's gone.trasz2009-12-291-2/+1
|
* Fix globbingdes2009-11-101-1/+1
| | | | | Noticed by: delphij, David Cornejo <dave@dogwood.com> Forgotten by: des
* Fix a couple of comment typos.jhb2009-11-031-2/+2
| | | | MFC after: 1 week
* Upgrade to OpenSSH 5.3p1.des2009-10-0110-4/+28
|
* Bump the version of all non-symbol-versioned shared libraries inkensmith2009-07-193-3/+3
| | | | | | | | preparation for 8.0-RELEASE. Add the previous version of those libraries to ObsoleteFiles.inc and bump __FreeBSD_Version. Reviewed by: kib Approved by: re (rwatson)
* Remove build timestamps from the following files:cperciva2009-07-111-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | /boot/kernel/hptrr.ko /etc/mail/*.cf /lib/libcrypto.so.5 /usr/bin/ntpq /usr/sbin/amd /usr/sbin/iasl /usr/sbin/ntpd /usr/sbin/ntpdate /usr/sbin/ntpdc There does not appear to be any purpose to having these timestamps, and they have the irritating consequence that the aforementioned files will be different every time they are rebuilt. After this commit, the only remaining build timestamps are in the kernel, the boot loaders, /usr/include/osreldate.h (the year in the copyright notice), and lib*.a (the timestamps on all of the included .o files). Reviewed by: scottl (hptrr), gshapiro (sendmail), simon (openssl), roberto (ntp), jkim (acpica) Approved by: re (kib)
* Use the closefrom(2) system call.jhb2009-06-161-1/+1
| | | | Reviewed by: des
* Regenerate manual pages for OpenSSL 0.9.8k.simon2009-06-14277-616/+752
|
* Update build infrastructure for OpenSSL 0.9.8k.simon2009-06-1410-17/+119
|
* Upgrade to OpenSSH 5.2p1.des2009-05-222-2/+2
| | | | MFC after: 3 months
* Enable getaudit_addr(2) for sshd again. This will un-break the subjectcsjp2008-11-301-1/+1
| | | | BSM audit tokens for IPv6.
* Upgrade to OpenSSH 5.1p1.des2008-08-014-7/+7
| | | | | | | | | | I have worked hard to reduce diffs against the vendor branch. One notable change in that respect is that we no longer prefer DSA over RSA - the reasons for doing so went away years ago. This may cause some surprises, as ssh will warn about unknown host keys even for hosts whose keys haven't changed. MFC after: 6 weeks
* Merge from p4:imp2008-07-231-0/+205
| | | | | | | Implement openssl config needed for mips. Submitted by: gonzo@ Reviewed by: simon@
OpenPOWER on IntegriCloud