remove fbsd tag
remove unused drivers. sync several features with freebsd 9 stable
remove unused files
tls ding
remove unused files
fix build
remove unused files
remove unused files
remove unused file
remove unused files for this release
resolve conflicts
This commit was generated by cvs2svn to compensate for changes in r5073, which included commits to RCS files with non-trunk default branches.
Revise previous OpenSSL patch: add SGC and BUF_MEM_grow_clean(3) bug fixes.
OpenSSL failes to clear the bytes used as block cipher padding in SSL 3.0 records when operating as a client or a server that accept SSL 3.0 handshakes. As a result, in each record, up to 15 bytes of uninitialized memory may be sent, encrypted, to the SSL peer. This could include sensitive contents of previously freed memory. [CVE-2011-4576] OpenSSL support for handshake restarts for server gated cryptograpy (SGC) can be used in a denial-of-service attack. [CVE-2011-4619] If an application uses OpenSSL's certificate policy checking when verifying X509 certificates, by enabling the X509_V_FLAG_POLICY_CHECK flag, a policy check failure can lead to a double-free. [CVE-2011-4109] A weakness in the OpenSSL PKCS #7 code can be exploited using Bleichenbacher's attack on PKCS #1 v1.5 RSA padding also known as the million message attack (MMA). [CVE-2012-0884] The asn1_d2i_read_bio() function, used by the d2i_*_bio and d2i_*_fp functions, in OpenSSL contains multiple integer errors that can cause memory corruption when parsing encoded ASN.1 data. This error can occur on systems that parse untrusted ASN.1 data, such as X.509 certificates or RSA public keys. [CVE-2012-2110]
telnetd: fix a root exploit from a fixed buffer that was not checked
Patch for CVE-2011-0014 http://www.openssl.org/news/secadv_20110208.txt
Restore moduli files from botched OpenSSH update
Turn MidnightBSD ident on
woot
*** empty log message ***
wow i hate this thing.
bring back the openSSH love.
add missin files?
woot
What a mess.
drat.
revert.
OpenSSH 5.7p1
readd entropy.h
Restore
readd platform.h
readd defines.h
restore includes.h
Update config.h for OpenSSH 5.7p1
Resolve merge conflicts.
This commit was generated by cvs2svn to compensate for changes in r3687, which included commits to RCS files with non-trunk default branches.
Resolve merge conflicts
This commit was generated by cvs2svn to compensate for changes in r3683, which included commits to RCS files with non-trunk default branches.
This commit was generated by cvs2svn to compensate for changes in r3677, which included commits to RCS files with non-trunk default branches.
fixsome problems with these notes.
A double free exists in the SSL client ECDH handling code, when processing specially crafted public keys with invalid prime numbers. [CVE-2010-2939]
fix a warning about strlen
Enable the new GLOB_LIMIT flag to fix a security vulnerability that is remotely exploitable with sftp daemon. This enables the patch to libc/gen/glob.c
The SSL version 3 and TLS protocols support session renegotiation without cryptographically tying the new session parameters to the old parameters. Disable renegotiation of session parameters. This can break some software packages, but it's rarely used.
Update symbols.
Regenerate for 5.3p1
resolve merge conflicts
This commit was generated by cvs2svn to compensate for changes in r3173, which included commits to RCS files with non-trunk default branches.
Fix the illegal instructions with libcrytpo stuff linking to openssl. (sendmail, dovecot, or anything else...) This is a "feature" of gcc4 that adds illegal instructions to discourage casting certain ways. How nice.
Vendor import of netpgp 2009.06.07
$MidnightBSD$ (and make the date newer than moduli.c)
reintegrate the vulnkey patch from DragonFly and Ubuntu
Add changes to ssh_namespace.h as new symbols were added since 5.0
update for 5.2p1
re-add files we need lost as part of the botched merge. DOH.
resolve remaining conflict
root == no
version numbers can be fun.
-j flags suck.
Resolve conflicts
This commit was generated by cvs2svn to compensate for changes in r2859, which included commits to RCS files with non-trunk default branches.
The function ASN1_STRING_print_ex does not properly validate the lengths of BMPString or UniversalString objects before attempting to print them. Remotely exploitable bug in openssl
OpenSSL security patch
Alright my approach was flawed. I can just define that we've got some of these functions now in config.h (from the new OpenSSL)
Fix typo. That's what happens when I play WoW and commit at the same time.
Attempt to fix the openssl bug with openssh.
Add more missing files.
add MIDNIGHTBSD upgrade stuff
Move us closer to compiling.
Migrate to 0.9.8
*** empty log message ***
Migrate to openssl 0.9.8
This commit was generated by cvs2svn to compensate for changes in r1963, which included commits to RCS files with non-trunk default branches.
Vendor import of OPENSSL 0.9.8e
This commit was generated by cvs2svn to compensate for changes in r1961, which included commits to RCS files with non-trunk default branches.
Fixing path for X11 binary files in order to allow ssh-add to find the askpass utility.
Add the blacklists.
add the vulnkey util
Add blacklist feature to OpenSSH to look for Debian style keys
Alert users to the Debian ssh key issue.
Update for 5.0p1
Add new symbols.
I gotta be more careful.
Results of configure
$MidnightBSD$
Fix some of the merge conflicts.
Fix merge conflicts with the version.
This commit was generated by cvs2svn to compensate for changes in r1443, which included commits to RCS files with non-trunk default branches.
Ugh... the default for root login was changed during the course of updating this. Disable it in the config file by default for now.
Fix a security issue with openssl. For applications using the SSL_get_shared_ciphers() function, the buffer overflow could allow an attacker to crash or potentially execute arbitrary code with the permissions of the user running the application. (freebsd advisory text).
$MidnightBSD$
Re-add version.c which was incorrectly removed earlier when merging.
Re-importing Makefile.inc and ssh_namespace.h which were incorrectly removed when merging earlier.
Switch FREEBSD-* to MIDNIGHTBSD-*
After configure was run on 4.6p1
MidnightBSD friendly
adjust the config file a bit.
Fix version
Merging changes between the the last OpenSSH and 4.6p1
This commit was generated by cvs2svn to compensate for changes in r815, which included commits to RCS files with non-trunk default branches.
$MidnightBSD$
Update config for openssh 4.4p1
commit the config change.
fix openssh import
Fix OpenSSH import
fix auth files based on freebsd stable changes.
Fix authentication files based on FreeBSD stable changes.
update tricks for 4.4
Change directions for OpenSSH 4.4
This commit was generated by cvs2svn to compensate for changes in r234, which included commits to RCS files with non-trunk default branches.
Fixing problems with 4.4p1 import
This commit was generated by cvs2svn to compensate for changes in r208, which included commits to RCS files with non-trunk default branches.
Fix a number of security vulnerabilities in OpenSSL as reported on their website Septmeber 28, 2006.
Vulnerability in OpenSSL where bytes are ignored in keys around the signature.
Adding last few additions for OpenSSH
adding remaining files for OpenSSH 4.3
OpenSSH 4.3 patched files
The remainder of the OpenSSH 4.3 upgrade
Upgrade to OpenSSH 4.3 through modified FreeBSD-current sources.
This commit was generated by cvs2svn to compensate for changes in r5, which included commits to RCS files with non-trunk default branches.
This commit was generated by cvs2svn to compensate for changes in r2, which included commits to RCS files with non-trunk default branches.
Imported from FreeBSD 6.0 sources