aboutsummaryrefslogtreecommitdiff
path: root/secure/lib
Commit message (Collapse)AuthorAgeFilesLines
* Fix multiple OpenSSL vulnerabilities.Xin LI2016-03-031-144/+533
| | | | | | | | Security: FreeBSD-SA-16:12.openssl Approved by: so Notes: svn path=/releng/10.2/; revision=296341
* MFC: r285329Jung-uk Kim2015-07-09292-298/+311
| | | | | | | | | | Merge OpenSSL 1.0.1p. Approved by: re (gjb) Relnotes: yes Notes: svn path=/stable/10/; revision=285330
* MFC: r284329Jung-uk Kim2015-06-12292-293/+293
| | | | | | | | | | | | Merge OpenSSL 1.0.1o. Note it is instantly merged because it restores ABI compatibility broken by the previous OpenSSL 1.0.1n. Relnotes: yes Notes: svn path=/stable/10/; revision=284330
* MFC: r284283Jung-uk Kim2015-06-11292-656/+666
| | | | | | | Merge OpenSSL 1.0.1n. Notes: svn path=/stable/10/; revision=284285
* MFC: r280297Jung-uk Kim2015-03-20299-619/+1337
| | | | | | | | | Merge OpenSSL 1.0.1m. Relnotes: yes Notes: svn path=/stable/10/; revision=280304
* Fix multiple OpenSSL vulnerabilities.Xin LI2015-03-191-1/+9
| | | | | | | | | | | | | Security: FreeBSD-SA-15:06.openssl Security: CVE-2015-0209 Security: CVE-2015-0286 Security: CVE-2015-0287 Security: CVE-2015-0288 Security: CVE-2015-0289 Security: CVE-2015-0293 Notes: svn path=/stable/10/; revision=280266
* MFC: r277274Jung-uk Kim2015-01-231-3/+3
| | | | | | | Update buildinf.h to make SSLeay_version(3) little bit more useful. Notes: svn path=/stable/10/; revision=277598
* MFC: r277270Jung-uk Kim2015-01-23289-290/+290
| | | | | | | | | Merge OpenSSL 1.0.1l. Relnotes: yes Notes: svn path=/stable/10/; revision=277597
* MFC: r276861, r276863Jung-uk Kim2015-01-09289-3560/+6156
| | | | | | | Merge OpenSSL 1.0.1k. Notes: svn path=/stable/10/; revision=276864
* MFC r264400,r265836:Enji Cooper2014-12-311-1/+1
| | | | | | | | | | | | | | | | | r264400: NO_MAN= has been deprecated in favor of MAN= for some time, go ahead and finish the job. ncurses is now the only Makefile in the tree that uses it since it wasn't a simple mechanical change, and will be addressed in a future commit. r265836: Remove last two NO_MAN= in the tree. In both of these cases, MAN= is what is needed. Notes: svn path=/stable/10/; revision=276486
* MFC: r273144, r273146Jung-uk Kim2014-10-15290-375/+372
| | | | | | | | | Merge OpenSSL 1.0.1j. Relnotes: yes Notes: svn path=/stable/10/; revision=273149
* MFC: r269682Jung-uk Kim2014-08-07290-345/+719
| | | | | | | Merge OpenSSL 1.0.1i. Notes: svn path=/stable/10/; revision=269686
* MFC: r267256Jung-uk Kim2014-06-09288-302/+321
| | | | | | | | | Merge OpenSSL 1.0.1h. Approved by: so (delphij) Notes: svn path=/stable/10/; revision=267258
* MFC r265995:Xin LI2014-05-281-1/+1
| | | | | | | | | Switch using the new $2b$ format by default, when bcrypt is used. Relnotes: default Blowfish crypt(3) format have been changed to $2b$. Notes: svn path=/stable/10/; revision=266816
* MFC r264741: Add placeholder Kyuafiles for various top-level hierarchies.Julio Merino2014-04-282-0/+14
| | | | | | | This is "make tinderbox" clean. Notes: svn path=/stable/10/; revision=265037
* MFH (r263712): upgrade openssh to 6.6p1Dag-Erling Smørgrav2014-04-121-4/+4
| | | | | | | MFH (r264308): restore p level in debugging output Notes: svn path=/stable/10/; revision=264377
* MFC: r261037, r264278Jung-uk Kim2014-04-10291-815/+701
| | | | | | | Merge OpenSSL 1.0.1f and 1.0.1g. Notes: svn path=/stable/10/; revision=264331
* MFC r262501:Xin LI2014-03-271-33/+52
| | | | | | | | | | | | | | | | | | | | | Refresh our implementation of OpenBSD's Blowfish password format. Notable changes: - Support of $2b$ password format to address a problem where very long passwords (more than 256 characters, when an integer overflow would happen and cause the length to wrap at 256). - Updated pseudo code in comments to reflect the reality. - Removed our local shortcut of processing magic string and rely on the centralized and tigntened validation. - Diff reduction from upstream. For now we are still generating the older $2a$ format of password but we will migrate to the new format once the format is formally finalized. Notes: svn path=/stable/10/; revision=263783
* MFH (r261320): upgrade openssh to 6.5p1Dag-Erling Smørgrav2014-02-271-4/+7
| | | | | | | MFH (r261340): enable sandboxing by default Notes: svn path=/stable/10/; revision=262566
* Unbreak the WITHOUT_KERBEROS build and try to reduce the odds of aDag-Erling Smørgrav2013-09-231-1/+4
| | | | | | | | | | | | repeat performance by introducing a script that runs configure with and without Kerberos, diffs the result and generates krb5_config.h, which contains the preprocessor macros that need to be defined in the Kerberos case and undefined otherwise. Approved by: re (marius) Notes: svn path=/head/; revision=255829
* Clean up the OpenSSH build. It is now possible to build most componentsDag-Erling Smørgrav2013-09-101-7/+12
| | | | | | | | | | | | | as static binaries, if desired. The one exception is sshd, which runs into trouble due to libpam.a's includion of pam_ssh. Make OpenSSH use LDNS if available. This allows it to verify signed SSHFP records. Approved by: re (blanket) Notes: svn path=/head/; revision=255460
* Make libldns and libssh private.Dag-Erling Smørgrav2013-09-081-0/+1
| | | | | | | Approved by: re (blanket) Notes: svn path=/head/; revision=255386
* Remove references to MK_IDEA.Ed Schouten2013-04-272-17/+1
| | | | | | | | | As of r249959, we want to build with IDEA support enabled unconditionally. As this change removed the MK_IDEA flag, update these Makefiles accordingly. Notes: svn path=/head/; revision=249971
* Upgrade to OpenSSH 6.2p1. The most important new features are supportDag-Erling Smørgrav2013-03-221-4/+4
| | | | | | | for a key revocation list and more fine-grained authentication control. Notes: svn path=/head/; revision=248619
* Merge OpenSSL 1.0.1e.Jung-uk Kim2013-02-13291-607/+607
| | | | | | | Approved by: secteam (simon), benl (silence) Notes: svn path=/head/; revision=246772
* Add a src.conf(5) option to allow users to compile in the "NONE cipher",Bjoern A. Zeeb2013-01-171-0/+4
| | | | | | | | | | | | which, only after authentication, disables crypto, and only for sessions without a terminal. Submitted by: Jeremy Chadwick (freebsd jdc.parodius.com) PR: bin/163095 MFC after: 10 days Notes: svn path=/head/; revision=245527
* Upgrade OpenSSH to 6.1p1.Dag-Erling Smørgrav2012-09-031-2/+0
| | | | Notes: svn path=/head/; revision=240075
* Sort ASM definitions by crypto module for slightly easier maintenance.Jung-uk Kim2012-07-121-2/+4
| | | | | | | Specifically, GHASH_ASM belongs to crypto/modes. Notes: svn path=/head/; revision=238407
* Merge OpenSSL 1.0.1c.Jung-uk Kim2012-07-12346-12727/+63050
| | | | | | | Approved by: benl (maintainer) Notes: svn path=/head/; revision=238405
* Merge OpenSSL 0.9.8x.Jung-uk Kim2012-06-27240-484/+490
| | | | | | | | | Reviewed by: stas Approved by: benl (maintainer) MFC after: 3 days Notes: svn path=/head/; revision=237657
* Update the previous openssl fix. [12:01]Bjoern A. Zeeb2012-05-301-1/+1
| | | | | | | | | | | Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02] Security: FreeBSD-SA-12:01.openssl (revised) Security: FreeBSD-SA-12:02.crypt Approved by: so (bz, simon) Notes: svn path=/head/; revision=236304
* Return NULL on error rather than ":", per the crypt(3) man page.Kevin Lo2012-02-221-6/+5
| | | | | | | Discussed in: http://www.openwall.com/lists/oss-security/2011/11/15/3 Notes: svn path=/head/; revision=231986
* Force linker error when created shared library contains a relocationKonstantin Belousov2011-12-061-0/+1
| | | | | | | | | | | | against text. Provide the override switch to turn off the strict behaviour. Apparently, openssl libcrypto needs it due to assembler code not being PIC. Discussed with: bf MFC after: 2 weeks Notes: svn path=/head/; revision=228307
* - change "is is" to "is" or "it is"Eitan Adler2011-10-161-1/+1
| | | | | | | | | | | - change "the the" to "the" Approved by: lstewart Approved by: sahil (mentor) MFC after: 3 days Notes: svn path=/head/; revision=226436
* Upgrade to OpenSSH 5.8p2.Dag-Erling Smørgrav2011-05-041-5/+6
| | | | Notes: svn path=/head/; revision=221420
* Fix some leftover binaries and shared libraries in the system that stillDimitry Andric2011-02-151-0/+4
| | | | | | | | | | | | | | | | | | have an executable stack, due to linking in hand-assembled .S or .s files, that have no .GNU-stack sections: RWX --- --- /lib/libcrypto.so.6 RWX --- --- /lib/libmd.so.5 RWX --- --- /lib/libz.so.6 RWX --- --- /lib/libzpool.so.2 RWX --- --- /usr/lib/liblzma.so.5 These were found using scanelf, from the sysutils/pax-utils port. Reviewed by: kib Notes: svn path=/head/; revision=218723
* Regenerate manual pages for OpenSSL 0.9.8q.Simon L. B. Nielsen2010-12-03240-253/+242
| | | | Notes: svn path=/head/; revision=216167
* Regenerate manual pages for OpenSSL 0.9.8p.Simon L. B. Nielsen2010-11-22240-8165/+6319
| | | | Notes: svn path=/head/; revision=215698
* Revert changes of 'assure' to 'ensure' made in r211936.Rebecca Cran2010-09-111-1/+1
| | | | | | | Approved by: rrs (mentor) Notes: svn path=/head/; revision=212463
* Fix incorrect usage of 'assure' and 'insure'.Rebecca Cran2010-08-281-1/+1
| | | | | | | Approved by: rrs (mentor) Notes: svn path=/head/; revision=211936
* Repair some build breakage introduced in r211725 and garbage collect someNathan Whitehorn2010-08-283-220/+12
| | | | | | | code made obsolete in the same commit. Notes: svn path=/head/; revision=211934
* MFtbemd:Warner Losh2010-08-231-15/+15
| | | | | | | | Prefer MACHNE_CPUARCH to MACHINE_ARCH in most contexts where you want to test of all the CPUs of a given family conform. Notes: svn path=/head/; revision=211725
* Fix buildworld -DNO_CLEAN when using with Perforce, which marks files asWill Andrews2010-08-121-2/+2
| | | | | | | | | | read-only by default, meaning files copied can't be overwritten next time. Reviewed by: imp Approved by: ken (mentor) Notes: svn path=/head/; revision=211243
* Whitespace fix for last check-in, move empty line to below endif.Jayachandran C.2010-08-041-1/+1
| | | | Notes: svn path=/head/; revision=210843
* MIPS 64 bit support.Jayachandran C.2010-08-041-0/+14
| | | | | | | | | | When compiled for MIPS n64 ABI - DES_LONG should be 'unsigned int' - BN_LLONG should be undefined - SIXTY_FOUR_BIT_LONG should be defined. Notes: svn path=/head/; revision=210842
* OpenSSL configuration for powerpc64Nathan Whitehorn2010-07-101-0/+217
| | | | | | | Obtained from: projects/ppc64 Notes: svn path=/head/; revision=209890
* Regenerate manual pages for OpenSSL 0.9.8n.Simon L. B. Nielsen2010-04-01239-239/+239
| | | | Notes: svn path=/head/; revision=206048
* - Make it slightly simpler to update OpenSSL version informationSimon L. B. Nielsen2010-04-011-1/+6
| | | | | | | | | | | for regenerating OpenSSL manual pages. - Explicitly set the OpenSSL release date so manual pages contain the date OpenSSL was released and not just the date OpenSSL was imported into the FreeBSD base system. - Update for Makefile for OpenSSL 0.9.8n. Notes: svn path=/head/; revision=206047
* Regenerate manual pages for OpenSSL 0.9.8m.Simon L. B. Nielsen2010-03-13242-283/+479
| | | | | | | MFC after: 3 weeks Notes: svn path=/head/; revision=205129
* Merge OpenSSL 0.9.8m into head.Simon L. B. Nielsen2010-03-131-1/+1
| | | | | | | | | | | | | | This also "reverts" some FreeBSD local changes so we should now be back to using entirely stock OpenSSL. The local changes were simple $FreeBSD$ lines additions, which were required in the CVS days, and the patch for FreeBSD-SA-09:15.ssl which has been superseded with OpenSSL 0.9.8m's RFC5746 'TLS renegotiation extension' support. MFC after: 3 weeks Notes: svn path=/head/; revision=205128
generated by cgit v1.3 (git 2.53.0) at 2026-05-29 22:00:29 +0000