From 255d8413daf4c3747aeb37e6a71bf2771beed29d Mon Sep 17 00:00:00 2001
From: des <des@FreeBSD.org>
Date: Thu, 27 Feb 2014 17:29:02 +0000
Subject: MFH (r261320): upgrade openssh to 6.5p1 MFH (r261340): enable
 sandboxing by default

---
 secure/lib/libssh/Makefile    | 11 +++++++----
 secure/usr.sbin/sshd/Makefile |  5 +++--
 2 files changed, 10 insertions(+), 6 deletions(-)

(limited to 'secure')

diff --git a/secure/lib/libssh/Makefile b/secure/lib/libssh/Makefile
index 5536f66..1410a53 100644
--- a/secure/lib/libssh/Makefile
+++ b/secure/lib/libssh/Makefile
@@ -9,19 +9,22 @@ SRCS=	authfd.c authfile.c bufaux.c bufbn.c buffer.c \
 	canohost.c channels.c cipher.c cipher-aes.c \
 	cipher-bf1.c cipher-ctr.c cipher-3des1.c cleanup.c \
 	compat.c compress.c crc32.c deattack.c fatal.c hostfile.c \
-	krl.c log.c match.c md-sha256.c moduli.c nchan.c packet.c \
+	log.c match.c md-sha256.c moduli.c nchan.c packet.c \
 	readpass.c rsa.c ttymodes.c xmalloc.c addrmatch.c \
 	atomicio.c key.c dispatch.c kex.c mac.c uidswap.c uuencode.c misc.c \
 	monitor_fdpass.c rijndael.c ssh-dss.c ssh-ecdsa.c ssh-rsa.c dh.c \
 	kexdh.c kexgex.c kexdhc.c kexgexc.c bufec.c kexecdh.c kexecdhc.c \
-	msg.c progressmeter.c dns.c entropy.c umac.c umac128.c jpake.c \
-	schnorr.c ssh-pkcs11.c
+	msg.c progressmeter.c dns.c entropy.c umac.c umac128.c \
+	jpake.c schnorr.c ssh-pkcs11.c krl.c smult_curve25519_ref.c \
+	kexc25519.c kexc25519c.c poly1305.c chacha.c cipher-chachapoly.c \
+	ssh-ed25519.c digest.c \
+	sc25519.c ge25519.c fe25519.c ed25519.c verify.c hash.c blocks.c
 
 # gss-genr.c should be in $SRCS but causes linking problems, so it is
 # compiled directly into sshd instead.
 
 # Portability layer
-SRCS+=	bsd-misc.c fmt_scaled.c glob.c \
+SRCS+=	bcrypt_pbkdf.c blowfish.c bsd-misc.c fmt_scaled.c glob.c \
 	openssl-compat.c port-tun.c strtonum.c timingsafe_bcmp.c \
 	vis.c xcrypt.c xmmap.c
 
diff --git a/secure/usr.sbin/sshd/Makefile b/secure/usr.sbin/sshd/Makefile
index 587eb67..780caab 100644
--- a/secure/usr.sbin/sshd/Makefile
+++ b/secure/usr.sbin/sshd/Makefile
@@ -11,12 +11,13 @@ SRCS=	sshd.c auth-rhosts.c auth-passwd.c auth-rsa.c auth-rh-rsa.c \
 	auth-skey.c auth-bsdauth.c auth2-hostbased.c auth2-kbdint.c \
 	auth2-none.c auth2-passwd.c auth2-pubkey.c auth2-jpake.c \
 	monitor_mm.c monitor.c monitor_wrap.c kexdhs.c kexgexs.c kexecdhs.c \
-	auth-krb5.c \
+	kexc25519s.c auth-krb5.c \
 	auth2-gss.c gss-serv.c gss-serv-krb5.c \
 	loginrec.c auth-pam.c auth-shadow.c auth-sia.c md5crypt.c \
 	sftp-server.c sftp-common.c \
 	roaming_common.c roaming_serv.c \
-	sandbox-null.c sandbox-rlimit.c sandbox-systrace.c sandbox-darwin.c
+	sandbox-null.c sandbox-rlimit.c sandbox-systrace.c sandbox-darwin.c \
+	sandbox-seccomp-filter.c sandbox-capsicum.c
 
 # gss-genr.c really belongs in libssh; see src/secure/lib/libssh/Makefile
 SRCS+=	gss-genr.c
-- 
cgit v1.1