src/crypto, branch upstream/11.0.0 FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=upstream%2F11.0.0 2016-09-22T15:55:27Z MFS: r306195 2016-09-22T15:55:27Z Jung-uk Kim jkim@FreeBSD.org 2016-09-22T15:55:27Z urn:sha1:17ed644781df3284f4e6f7b3fe29047fcce54565 Merge OpenSSL 1.0.2i. Approved by: re (gjb, implicit), so (delphij) MFH (r303832): check whether each key file exists before adding it 2016-08-11T08:29:15Z Dag-Erling Smørgrav des@FreeBSD.org 2016-08-11T08:29:15Z urn:sha1:64f44a7c96c53f7f7722c45a647a513c5624ae56 PR: 208254 Approved by: re (kib) MFH (r303716, r303719): drop SSH1 support, disable DSA by default 2016-08-05T15:32:35Z Dag-Erling Smørgrav des@FreeBSD.org 2016-08-05T15:32:35Z urn:sha1:44a8f55c90454e47b54d15343f20017551f3e027 PR: 208254 Approved by: re (gjb) Relnotes: yes Revert r301551, which added blacklistd(8) to sshd(8). 2016-06-24T23:22:42Z Glen Barber gjb@FreeBSD.org 2016-06-24T23:22:42Z urn:sha1:faebc97a1cb4f0a36a39f0ba9c1b266e070c5f4f This change has functional impact, and other concerns raised by the OpenSSH maintainer. Requested by: des PR: 210479 (related) Approved by: re (marius) Sponsored by: The FreeBSD Foundation Add blacklist support to sshd 2016-06-07T16:18:09Z Kurt Lidl lidl@FreeBSD.org 2016-06-07T16:18:09Z urn:sha1:c0cc364181387bbd94be77451ebcf69bc23ed2a5 Reviewed by: rpaulo Approved by: rpaulo (earlier version of changes) Relnotes: YES Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D5915 openssl: change SHLIB_VERSION_NUMBER to reflect the reality 2016-06-03T14:09:38Z Andriy Gapon avg@FreeBSD.org 2016-06-03T14:09:38Z urn:sha1:056f620e09cd6d17a7d0b405dd63af9b3107a72e Some consumers actually use this definition. We probably need some procedure to ensure that SHLIB_VERSION_NUMBER is updated whenever we change the library version in secure/lib/libssl/Makefile. libkrb5: Fix potential double-free 2016-05-11T23:25:59Z Conrad Meyer cem@FreeBSD.org 2016-05-11T23:25:59Z urn:sha1:f74fc686705c09ec2f724831028c923f623fd880 If krb5_make_principal fails, tmp_creds.server may remain a pointer to freed memory and then be double-freed. After freeing it the first time, initialize it to NULL, which causes subsequent krb5_free_principal calls to do the right thing. Reported by: Coverity CID: 1273430 Sponsored by: EMC / Isilon Storage Division Merge OpenSSL 1.0.2h. 2016-05-03T18:50:10Z Jung-uk Kim jkim@FreeBSD.org 2016-05-03T18:50:10Z urn:sha1:b8721c16431dbd57e4dbc5d96c3369dc46e1b580 Relnotes: yes Import OpenSSL 1.0.2h. 2016-05-03T18:00:27Z Jung-uk Kim jkim@FreeBSD.org 2016-05-03T18:00:27Z urn:sha1:57f1256b1a087adbdf8e5c080dd9ed7975de939a Re-add AES-CBC ciphers to the default cipher list on the server. 2016-03-11T00:23:10Z Dag-Erling Smørgrav des@FreeBSD.org 2016-03-11T00:23:10Z urn:sha1:c3c6c935fca17c15194dafc56ee3bf4ef9ecd35e PR: 207679