| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
MFC after: 3 months
|
|
|
|
| |
BSM audit tokens for IPv6.
|
|
|
|
|
|
|
|
|
|
| |
I have worked hard to reduce diffs against the vendor branch. One
notable change in that respect is that we no longer prefer DSA over
RSA - the reasons for doing so went away years ago. This may cause
some surprises, as ssh will warn about unknown host keys even for
hosts whose keys haven't changed.
MFC after: 6 weeks
|
|
|
|
|
|
|
| |
Implement openssl config needed for mips.
Submitted by: gonzo@
Reviewed by: simon@
|
| |
|
|
|
|
| |
all non-style changes made by heimdal to our own libgssapi.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
that they add X11BASE=${LOCALBASE} to /etc/make.conf since X11BASE was
hard-wired to the now-wrong location in old releases.
However, both X11BASE and LOCALBASE have moved out of scope of src/
into ports/ now, which causes problems for upgraded users who have old
make.conf files still containing the above setting. X11BASE becomes
null and we instruct ssh and sshd to look for xauth in /bin/xauth
where it is unlikely to be found.
Instead, provide a copy of the default LOCALBASE?=/usr/local setting
here.
We also have to deal with the case where the user only overrides
LOCALBASE and doesn't set an explicit X11BASE (in ports it will be set
implicitly but not here), which will also move the location of xauth.
MFC after: 3 days
Reported by: rwatson
|
| |
|
|
|
|
|
|
| |
Reported by: jhb
Discussed with: deischen, des, doubg, harti
Approved by: re (kensmith)
|
|
|
|
|
|
|
| |
and its bibliography.
Submitted by: Tomoyuki Okazaki <okazaki at kick dot gr dot jp>
MFC after: 1 month
|
| |
|
| |
|
| |
|
|
|
|
| |
MFC after: 1 week
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
for OpenSSL to load engines run-time, e.g. for using the opensc
engine port.
The OpenSSL Configure script enables DSO support on FreeBSD by
default, we just don't use the Configure script during OpenSSL builds
in the base system.
This is committed to -CURRENT now (before OpenSSL 0.9.8b import), so
it can be tested at bit in -CURRENT before being MFC'ed to 6-STABLE.
Prodded by: ale
PR: bin/79570
MFC after: 1 week
|
|
|
|
| |
Discussed with: ru
|
|
|
|
|
|
|
|
| |
the namespace of applications which inadvertantly link in libssh (usually
through pam_ssh)
Suggested by: lukem@netbsd.org
MFC after: 6 weeks
|
| |
|
| |
|
|
|
|
| |
Reported by: phk
|
|
|
|
|
|
|
|
| |
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html
The src.conf(5) manpage is to follow in a few days.
Brought to you by: imp, jhb, kris, phk, ru (all bugs are mine)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
have been added with the latest OpenBSM import, hook USE_BSM_AUDIT into
build conditionally.
For users which do not care for audit support and do not want to compile
it into their SSH servers, add the following to the /etc/make.conf:
NO_AUDIT=true
Discussed with: rwatson
Obtained from: TrustedBSD Project
|
|
|
|
|
|
|
|
|
| |
similar the the Solaris implementation. Repackage the krb5 GSS mechanism
as a plugin library for the new implementation. This also includes a
comprehensive set of manpages for the GSS-API functions with text mostly
taken from the RFC.
Reviewed by: Love Hörnquist Åstrand <lha@it.su.se>, ru (build system), des (openssh parts)
|
|
|
|
| |
already handles this, FWIW.
|
| |
|
| |
|
|
|
|
|
|
|
| |
been bumped since RELENG_5.
Reviewed by: ru
Approved by: re (not needed for commit check but in principle...)
|
|
|
|
|
|
| |
trouble, especially on amd64.
Requested by: ru
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
PR: bin/76374
MFC after: 2 weeks
|
| |
|
|
|
|
|
|
|
|
| |
NOINFO -> NO_INFO
NOINFOCOMPRESS -> NO_INFOCOMPRESS
NOLINT -> NO_LINT
NOPIC -> NO_PIC
NOPROFILE -> NO_PROFILE
|
|
|
|
|
| |
NOLIBPTHREAD -> NO_LIBPTHREAD
NOLIBTHR -> NO_LIBTHR
|
| |
|
|
|
|
| |
any fake value.
|
|
|
|
| |
from OpenSSL 0.9.5 (yet to be released), and is pretty complete.
|
|
|
|
|
|
|
|
|
|
| |
of releases. The -DNOCRYPT build option still exists for anyone who
really wants to build non-cryptographic binaries, but the "crypto"
release distribution is now part of "base", and anyone installing from a
release will get cryptographic binaries.
Approved by: re (scottl), markm
Discussed on: freebsd-current, in late April 2004
|
| |
|
|
|
|
|
|
|
|
|
| |
help some ports that depend on libradius that recently gained
the dependency on libssl. This is also how the stock OpenSSL
build would link libssl.so on FreeBSD.
Prompted by: kris
OK'ed by: markm, nectar
|
|
|
|
|
|
|
|
|
| |
because otherwise it will remain having a dependency upon libssl. This
breaks the non-crypto build that happens for release.3
While here, order the list of programs and libraries.
Speculating review feedback from: ru
|
|
|
|
|
|
|
| |
the make.conf(5) manpage.
PR: conf/65738
OK'ed by: markm
|
|
|
|
|
|
|
| |
a variant of the C code but with some scattered asm and things laid out
more optimally for the platform. This means that we need to the asm
directory to the search path for the amd64 case so that make can find
the source.
|
|
|
|
|
|
|
| |
call any pthread functions as we use compile it. We keep the
-DOPENSSL_THREADS, which stops OpenSSL doing thread-unsafe stuff.
Requested by: ru
|
|
|
|
|
|
|
|
|
|
| |
environment. This stops some ports keeling over on an OpenSSL assert.
(The patch is not exactly the one from the PR, but has been refined
based on advice from freebsd-threads.)
PR: 51205
Submitted by: Jim Westfall <jwestfall@surrealistic.net>
MFC after: 1 month
|