#
476d63e0 |
|
06-Dec-2023 |
Cy Schubert <cy@FreeBSD.org> |
kerberos: Fix numerous segfaults when using weak crypto Weak crypto is provided by the openssl legacy provider which is not load by default. Load the legacy providers as needed. When the legacy provider is loaded into the default context the default provider will no longer be automatically loaded. Without the default provider the various kerberos applicaions and functions will abort(). This is the second attempt at this patch. Instead of linking secure/lib/libcrypto at build time we now link it at runtime, avoiding buildworld failures under Linux and MacOS. This is because TARGET_ENDIANNESS is undefined at pre-build time. PR: 272835 MFC after: 3 days X-MFC: only to stable/14 Tested by: netchild Joerg Pulz <Joerg.Pulz@frm2.tum.de> (previous version)
|
#
3091cdb1 |
|
12-Jan-2024 |
Cy Schubert <cy@FreeBSD.org> |
Revert "kerberos: Fix numerous segfaults when using weak crypto" This revision breaks Linux and MacOS cross builds because TARGET_ENDIANNESS is not define during bootstrapping on these platforms. I think the correct approach would be to separate the new fbsd_ossl_provider_load() and unload functions into their own library (instead of libroken). This avoids the less desirable option of including bsd.cpu.mk in secure/lib/Makefile.common, which does build but could complicate future work. Reported by: jrtc27 This reverts commit cb350ba7bf7ca7c4cb97ed2c20ab45af60382cfb.
|
#
cb350ba7 |
|
06-Dec-2023 |
Cy Schubert <cy@FreeBSD.org> |
kerberos: Fix numerous segfaults when using weak crypto Weak crypto is provided by the openssl legacy provider which is not load by default. Load the legacy providers as needed. When the legacy provider is loaded into the default context the default provider will no longer be automatically loaded. Without the default provider the various kerberos applicaions and functions will abort(). PR: 272835 MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D43009 Tested by: netchild, Joerg Pulz <Joerg.Pulz@frm2.tum.de>
|
#
2a63c3be |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line .c comment pattern Remove /^/[*/]\s*\$FreeBSD\$.*\n/
|
#
e4456411 |
|
05-Oct-2018 |
John Baldwin <jhb@FreeBSD.org> |
Update the existing heimdal implementation for OpenSSL 1.1. Existing work is underway to import a newer version of heimdal, but this patchset gets us to a fully working tree to enable more wide spread testing of OpenSSL 1.1 for now. I've also enabled WARNS=1 for kerberos (which is the reason for the change in libroken). Having -Werror enabled was useful during the 1.1 updates and we probably should have warnings enabled by default for kerberos anyway. This passes make tinderbox, and I have also done some very light runtime testing on amd64. Reviewed by: bjk, jkim, emaste Differential Revision: https://reviews.freebsd.org/D17276
|
#
a7d5f7eb |
|
19-Oct-2010 |
Jamie Gritton <jamie@FreeBSD.org> |
A new jail(8) with a configuration file, to replace the work currently done by /etc/rc.d/jail.
|
#
fe0506d7 |
|
09-Mar-2010 |
Marcel Moolenaar <marcel@FreeBSD.org> |
Create the altix project branch. The altix project will add support for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting is a two-module system, consisting of a base compute module and a CPU expansion module. SGI's NUMAFlex architecture can be an excellent platform to test CPU affinity and NUMA-aware features in FreeBSD.
|
#
d7f03759 |
|
19-Oct-2008 |
Ulf Lilleengen <lulf@FreeBSD.org> |
- Import the HEAD csup code which is the basis for the cvsmode work.
|
#
33f12199 |
|
07-May-2008 |
Doug Rabson <dfr@FreeBSD.org> |
Fix conflicts after heimdal-1.1 import and add build infrastructure. Import all non-style changes made by heimdal to our own libgssapi.
|
#
8e708b24 |
|
21-Jan-2003 |
Jacques Vidrine <nectar@FreeBSD.org> |
Define OPENSSL_DES_LIBDES_COMPATIBILITY so that Heimdal will build with OpenSSL 0.9.7 when it is imported. (This currently has no effect.)
|
#
42756860 |
|
16-Sep-2002 |
Jacques Vidrine <nectar@FreeBSD.org> |
Update build infrastructure after import of Heimdal Kerberos 2002/09/16.
|