| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
X-MFC with: r269648
Phabric: D634
Approved by: jmmv (mentor)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make sure everything linking to a privatelib and/or an internallib does it directly
from the OBJDIR rather than DESTDIR.
Add src.libnames.mk so bsd.libnames.mk is not polluted by libraries not existsing
in final installation
Introduce the LD* variable which is what ld(1) is expecting (via LDADD) to link to
internal/privatelib
Directly link to the .so in case of private library to avoid having to complexify
LDFLAGS.
Phabric: https://phabric.freebsd.org/D553
Reviewed by: imp, emaste
|
|
|
|
|
|
|
|
|
|
| |
variants. This allows usable file system images (i.e. those with both a
shell and an editor) to be created with only one copy of the curses library.
Exp-run: antoine
PR: 189842
Discussed with: bapt
Sponsored by: DARPA, AFRL
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This includes:
o All directories named *ia64*
o All files named *ia64*
o All ia64-specific code guarded by __ia64__
o All ia64-specific makefile logic
o Mention of ia64 in comments and documentation
This excludes:
o Everything under contrib/
o Everything under crypto/
o sys/xen/interface
o sys/sys/elf_common.h
Discussed at: BSDcan
|
|
|
|
| |
Approved by: so (delphij)
|
|
|
|
|
| |
MFC after: 2 weeks
Relnotes: default Blowfish crypt(3) format have been changed to $2b$.
|
|
|
|
| |
from the latter.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
explicitely linking main binary with -lpthread. Before, libthr
appeared in the list due to dependency of one of the kerberos libs.
Due to the change in ld(1) behaviour of not copying NEEDED entries
from direct dependencies into the link results, the order becomes
reversed.
The libthr must appear before libc to properly interpose libc symbols
and provide working rtld locks implementation. The symptom was sshd
hanging on rtld bind lock during nested symbol binding from a signal
handler.
Approved by: des (openssh maintainer)
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change adds tests/ directories in the source tree to create various
subdirectories in /usr/tests/ and to install placeholder Kyuafiles for
them.
the relevant hierarchies are: cddl, etc, games, gnu and secure.
The reason for this is to simplify the addition of new test programs for
utilities or libraries under any of these directories. Doing so on a
case by case basis is unnecessary and is quite an obscure process.
|
|
|
|
|
|
| |
and finish the job. ncurses is now the only Makefile in the tree that
uses it since it wasn't a simple mechanical change, and will be
addressed in a future commit.
|
|
|
|
| |
Approved by: benl (maintainer)
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
regents and renumber.
This patch skips files in contrib/ and crypto/
Acked by: imp
Discussed with: emaste
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Notable changes:
- Support of $2b$ password format to address a problem where very
long passwords (more than 256 characters, when an integer
overflow would happen and cause the length to wrap at 256).
- Updated pseudo code in comments to reflect the reality.
- Removed our local shortcut of processing magic string and rely
on the centralized and tigntened validation.
- Diff reduction from upstream.
For now we are still generating the older $02a$ format of password
but we will migrate to the new format once the format is formally
finalized.
MFC after: 1 month
|
| |
|
|
|
|
| |
Approved by: so (delphij), benl (silence)
|
|
|
|
|
|
|
|
|
| |
repeat performance by introducing a script that runs configure with and
without Kerberos, diffs the result and generates krb5_config.h, which
contains the preprocessor macros that need to be defined in the Kerberos
case and undefined otherwise.
Approved by: re (marius)
|
|
|
|
|
|
| |
that it should no longer be considered secure.
Approved by: re (gjb)
|
|
|
|
|
|
|
|
|
|
| |
as static binaries, if desired. The one exception is sshd, which runs
into trouble due to libpam.a's includion of pam_ssh.
Make OpenSSH use LDNS if available. This allows it to verify signed
SSHFP records.
Approved by: re (blanket)
|
|
|
|
| |
Approved by: re (blanket)
|
|
|
|
|
|
| |
As of r249959, we want to build with IDEA support enabled
unconditionally. As this change removed the MK_IDEA flag, update these
Makefiles accordingly.
|
|
|
|
| |
for a key revocation list and more fine-grained authentication control.
|
| |
|
|
|
|
| |
Approved by: secteam (simon), benl (silence)
|
|
|
|
|
|
|
|
|
| |
which, only after authentication, disables crypto, and only for sessions
without a terminal.
Submitted by: Jeremy Chadwick (freebsd jdc.parodius.com)
PR: bin/163095
MFC after: 10 days
|
| |
|
| |
|
|
|
|
| |
Specifically, GHASH_ASM belongs to crypto/modes.
|
|
|
|
| |
Approved by: benl (maintainer)
|
| |
|
|
|
|
|
|
| |
Reviewed by: stas
Approved by: benl (maintainer)
MFC after: 3 days
|
|
|
|
|
|
|
|
| |
Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02]
Security: FreeBSD-SA-12:01.openssl (revised)
Security: FreeBSD-SA-12:02.crypt
Approved by: so (bz, simon)
|
|
|
|
|
|
|
|
|
| |
Add the ability to use a non-standard LOCALBASE to ssh
Submitted by: jhb
Reviewed by: des
Approved by: cperciva
MFC after: 0 days (with r233136)
|
|
|
|
|
|
| |
Reviewed by: ???
Approved by: ???
MFC after: 3 days
|
|
|
|
| |
Discussed in: http://www.openwall.com/lists/oss-security/2011/11/15/3
|
|
|
|
|
|
|
|
|
| |
against text. Provide the override switch to turn off the strict
behaviour. Apparently, openssl libcrypto needs it due to assembler
code not being PIC.
Discussed with: bf
MFC after: 2 weeks
|
|
|
|
|
|
|
|
|
|
|
| |
- fix other errors introduced when committing r226436
- add 'function' to a sentence where it makes sense
Submitted by: delphij
Submitted by: dougb
Submitted by: jhb
Approved by: dougb
Approved by: jhb
|
|
|
|
|
|
|
|
| |
- change "the the" to "the"
Approved by: lstewart
Approved by: sahil (mentor)
MFC after: 3 days
|
|
|
|
| |
MFC after: 3 months
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
have an executable stack, due to linking in hand-assembled .S or .s
files, that have no .GNU-stack sections:
RWX --- --- /lib/libcrypto.so.6
RWX --- --- /lib/libmd.so.5
RWX --- --- /lib/libz.so.6
RWX --- --- /lib/libzpool.so.2
RWX --- --- /usr/lib/liblzma.so.5
These were found using scanelf, from the sysutils/pax-utils port.
Reviewed by: kib
|
| |
|
| |
|
|
|
|
| |
Approved by: rrs (mentor)
|
|
|
|
| |
Approved by: rrs (mentor)
|
|
|
|
| |
code made obsolete in the same commit.
|
|
|
|
|
| |
Prefer MACHNE_CPUARCH to MACHINE_ARCH in most contexts where you want
to test of all the CPUs of a given family conform.
|
|
|
|
|
|
|
| |
read-only by default, meaning files copied can't be overwritten next time.
Reviewed by: imp
Approved by: ken (mentor)
|