Copy stable/11@r303970 to releng/11.0 as part of the 11.0-RELEASE
cycle.

Prune svn:mergeinfo from the new branch, and rename it to RC1.

Update __FreeBSD_version.

Use the quarterly branch for the default FreeBSD.conf pkg(8) repo and
the dvd1.iso packages population.

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle.
Prune svn:mergeinfo from the new branch, as nothing has been merged
here.

Additional commits post-branch will follow.

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

Revert r301551, which added blacklistd(8) to sshd(8).

This change has functional impact, and other concerns raised
by the OpenSSH maintainer.

Requested by: des
PR: 210479 (related)
Approved by: re (marius)
Sponsored by: The FreeBSD Foundation

Add blacklist support to sshd

Reviewed by: rpaulo
Approved by: rpaulo (earlier version of changes)
Relnotes: YES
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D5915

Merge the projects/release-pkg branch to head.

This allows packaging the base system with pkg(8), including
but not limited to providing the ability to provide upstream
binary update possibilities for non-tier-1 architectures.

This merge is a requirement of the 11.0-RELEASE, and as such,
thank you to everyone that has tested the project branch.

Documentation in build(7) etc. is still somewhat sparse, but
updates to those parts will follow.

Sponsored by: The FreeBSD Foundation

Upgrade to OpenSSH 7.2p2.

Upgrade to OpenSSH 6.8p1.

Replace unneeded manual dependency on header by adding it to SRCS.

bsd.lib.mk and bsd.prog.mk already depend all objs on headers in SRCS if
there is not yet a depend file. The headers in SRCS are never built or
installed. After 'make depend' the header was already added as a proper
dependency on the objects where needed.

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division

Retire the NONE cipher option.

Remove remnant from USEPRIVATELIB removal

Sponsored by: gandi.net

Reduce overlinking
The framework now ensure by itself that pthread is added to the link chain
as the last component if linked to kerberos hence avoid with out any explicit
addition prevent issue like CVE-2014-8475

Convert to LIBADD
Reduce overlinking

Rework privatelib/internallib

Make sure everything linking to a privatelib and/or an internallib does it directly
from the OBJDIR rather than DESTDIR.
Add src.libnames.mk so bsd.libnames.mk is not polluted by libraries not existsing
in final installation
Introduce the LD* variable which is what ld(1) is expecting (via LDADD) to link to
internal/privatelib
Directly link to the .so in case of private library to avoid having to complexify
LDFLAGS.

Phabric: https://phabric.freebsd.org/D553
Reviewed by: imp, emaste

Use src.opts.mk in preference to bsd.own.mk except where we need stuff
from the latter.

Fix order of libthr and libc in the global dso list for sshd, by
explicitely linking main binary with -lpthread. Before, libthr
appeared in the list due to dependency of one of the kerberos libs.
Due to the change in ld(1) behaviour of not copying NEEDED entries
from direct dependencies into the link results, the order becomes
reversed.

The libthr must appear before libc to properly interpose libc symbols
and provide working rtld locks implementation. The symptom was sshd
hanging on rtld bind lock during nested symbol binding from a signal
handler.

Approved by: des (openssh maintainer)
Sponsored by: The FreeBSD Foundation
MFC after: 1 week

Upgrade to OpenSSH 6.6p1.

Upgrade to OpenSSH 6.5p1.

Unbreak the WITHOUT_KERBEROS build and try to reduce the odds of a
repeat performance by introducing a script that runs configure with and
without Kerberos, diffs the result and generates krb5_config.h, which
contains the preprocessor macros that need to be defined in the Kerberos
case and undefined otherwise.

Approved by: re (marius)

Clean up the OpenSSH build. It is now possible to build most components
as static binaries, if desired. The one exception is sshd, which runs
into trouble due to libpam.a's includion of pam_ssh.

Make OpenSSH use LDNS if available. This allows it to verify signed
SSHFP records.

Approved by: re (blanket)

Make libldns and libssh private.

Approved by: re (blanket)

Add a src.conf(5) option to allow users to compile in the "NONE cipher",
which, only after authentication, disables crypto, and only for sessions
without a terminal.

Submitted by: Jeremy Chadwick (freebsd jdc.parodius.com)
PR: bin/163095
MFC after: 10 days

Restore the ability to use a non-standard LOCALBASE to sshd
Add the ability to use a non-standard LOCALBASE to ssh

Submitted by: jhb
Reviewed by: des
Approved by: cperciva
MFC after: 0 days (with r233136)

X11BASE is not used any more and has been killed by the x11 team.

Reviewed by: ???
Approved by: ???
MFC after: 3 days

Upgrade to OpenSSH 5.9p1.

MFC after: 3 months

Upgrade to OpenSSH 5.8p2.

Upgrade to OpenSSH 5.4p1.

MFC after: 1 month

(Almost) fixed static linkage. The remaining problem is with
libgssapi.a and libgssapi_krb5.a libraries that define the
same symbols.

Upgrade to OpenSSH 5.3p1.

Upgrade to OpenSSH 5.2p1.

MFC after: 3 months

Enable getaudit_addr(2) for sshd again. This will un-break the subject
BSM audit tokens for IPv6.

Upgrade to OpenSSH 5.1p1.

I have worked hard to reduce diffs against the vendor branch. One
notable change in that respect is that we no longer prefer DSA over
RSA - the reasons for doing so went away years ago. This may cause
some surprises, as ssh will warn about unknown host keys even for
hosts whose keys haven't changed.

MFC after: 6 weeks

Fix conflicts after heimdal-1.1 import and add build infrastructure. Import
all non-style changes made by heimdal to our own libgssapi.

For users of FreeBSD <= 6.2 we recommend during the x.org 7.x upgrade
that they add X11BASE=${LOCALBASE} to /etc/make.conf since X11BASE was
hard-wired to the now-wrong location in old releases.

However, both X11BASE and LOCALBASE have moved out of scope of src/
into ports/ now, which causes problems for upgraded users who have old
make.conf files still containing the above setting. X11BASE becomes
null and we instruct ssh and sshd to look for xauth in /bin/xauth
where it is unlikely to be found.

Instead, provide a copy of the default LOCALBASE?=/usr/local setting
here.

We also have to deal with the case where the user only overrides
LOCALBASE and doesn't set an explicit X11BASE (in ports it will be set
implicitly but not here), which will also move the location of xauth.

MFC after: 3 days
Reported by: rwatson

Update for OpenSSH 4.4p1.

MFC after: 1 week

Add a manual dependency on ssh_namespace.h.

Discussed with: ru

Introduce a namespace munging hack inspired by NetBSD to avoid polluting
the namespace of applications which inadvertantly link in libssh (usually
through pam_ssh)

Suggested by: lukem@netbsd.org
MFC after: 6 weeks

Reimplementation of world/kernel build options. For details, see:

http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by: imp, jhb, kris, phk, ru (all bugs are mine)

Hook audit into OpenSSH. Now that the necessary bits for OpenSSH support
have been added with the latest OpenBSM import, hook USE_BSM_AUDIT into
build conditionally.

For users which do not care for audit support and do not want to compile
it into their SSH servers, add the following to the /etc/make.conf:

NO_AUDIT=true

Discussed with: rwatson
Obtained from: TrustedBSD Project

Add a new extensible GSS-API layer which can support GSS-API plugins,
similar the the Solaris implementation. Repackage the krb5 GSS mechanism
as a plugin library for the new implementation. This also includes a
comprehensive set of manpages for the GSS-API functions with text mostly
taken from the RFC.

Reviewed by: Love Hörnquist Åstrand <lha@it.su.se>, ru (build system), des (openssh parts)

Revert the commits that made libssh an INTERNALLIB; they caused too much
trouble, especially on amd64.

Requested by: ru

Make libssh an INTERNALLIB like it is in {Net,Open}BSD.

Update for OpenSSH 4.1p1.

NOLIBC_R -> NO_LIBC_R
NOLIBPTHREAD -> NO_LIBPTHREAD
NOLIBTHR -> NO_LIBTHR

Update for OpenSSH 3.9p1.

Update for 3.8p1, including workaround for a bug in gss-genr.c.

Use the default threading library if requested.

Reviewed by: des, deischen

- Removed libmd from the Kerberos library set.

- Removed libopie and libmd; libopie used to serve auth-skey.c
which is compiled now only to ease maintenance, as well as
a few other auth-*.c sources.

Reviewed by: des

Fixed static linkage.

Reviewed by: des

Enable GSSAPI support. [1]
Also remove some duplicates from ssh's SRCS.

Submitted by: [1] Björn Grönvall <bg@sics.se>

Update Makefiles for OpenSSH 3.7.1p2.

Fixed "make checkdpadd".

OK'ed by: markm

Turn MAKE_KERBEROS5 into NO_KERBEROS by negating the logic. Some extra
cleanups were necessary in release/Makefile, and the tinderbox code
was syntax checked, not run checked.

We no longer have a separate kerberos distribution. Its now just
part of the regular security dist.

Update for 3.6.1p1; also remove Kerberos IV shims.

ia64 and sparc64 both have libc_r now.

Don't build auth-pam.c and auth2-pam.c, auth2-pam-freebsd.c is all we need.
Use pthreads for PAM if the platform supports it and the user asked for it
(by setting OPENSSH_USE_POSIX_THREADS)

Sponsored by: DARPA, NAI Labs

No guts, no glory. Switch to OpenSSH-portable.

Sponsored by: DARPA, NAI Labs

Install the new man pages.

Update Makefiles for OpenSSH 3.3.

Milestone #1 in cross-arch make releases.

Do not install games and profiled libraries to the ${CHROOTDIR}
with the initial installworld.

Eliminate the need in the second installworld. For that, make sure
_everything_ is built in the "world" environment, using the right
tool chain.

Added SUBDIR_OVERRIDE helper stuff to Makefile.inc1. Split the
buildworld process into stages, and skip some stages when
SUBDIR_OVERRIDE is set (used to build crypto, krb4, and krb5
dists).

Added NO_MAKEDB_RUN knob to Makefile.inc1 to avoid running
makewhatis(1) at the end of installworld (used when making crypto,
krb4, and krb5 dists).

In release/scripts/doFS.sh, ensure that the correct boot blocks are
used.

Moved the creation of the "crypto" dist from release.5 to
release.2.

In release.3 and doMFSKERN, build kernels in the "world"
environment. KERNELS now means "additional" kernels, GENERIC is
always built.

Ensure we build crunched binaries in the "world" environment.
Obfuscate release/Makefile some more (WMAKEENV) to achieve this.

Inline createBOOTMFS target.

Use already built GENERIC kernel modules to augment mfsfd's
/stand/modules. GC doMODULES as such.

Assorted fixes:

Get rid of the "afterdistribute" target by moving the single use
of it from sys/Makefile to etc/Makefile's "distribute".

Makefile.inc1: apparently "etc" no longer needs to be last for
"distribute" to succeed.

gnu/usr.bin/perl/library/Makefile.inc: do not override the
"install" and "distribute" targets, do it the "canonical" way.

release/scripts/{man,cat}pages-make.sh: make sure Perl manpages and
catpages appear in the right dists. Note that because Perl does
not respect the MANBUILDCAT (and NOMAN), this results in a loss of
/usr/share/perl/man/cat* empty directories. This will be fixed
soon.

Turn MAKE_KERBEROS4 into a plain boolean variable (if it is set it
means "make KerberosIV"), as documented in the make.conf(5)
manpage. Most of the userland makefiles did not test it for "YES"
anyway.

XXX Should specialized kerberized libpam versions be included into
the krb4 and krb5 dists? (libpam.a would be incorrect anyway if
both krb4 and krb5 dists were choosen.)

Make sure "games" dist is made before "catpages", otherwise games
catpages settle in the wrong dist.

Fast build machine provided by: Igor Kucherenko <kivvy@sunbay.com>

Switch over to using pam_login_access(8) module in sshd(8).
(Fixes static compilation. Reduces diffs to OpenSSH.)

Reviewed by: bde

Use PAM instead of S/Key (or OPIE) for SSH2.

Sponsored by: DARPA, NAI Labs

Don't forget auth-skey.c.

Add pam_ssh support to the static PAM library, libpam.a:

- Spam /usr/lib some more by making libssh a standard library.
- Tweak ${LIBPAM} and ${MINUSLPAM}.
- Garbage collect unused libssh_pic.a.
- Add fake -lz dependency to secure/ makefiles needed for
dynamic linkage with -lssh.

Reviewed by: des, markm
Approved by: markm

Fixed world breakage in rev.1.13. -lpam must never be used directly since
it doesn't work for static linkage.

Enable Kerberos 5 support in sshd again.

Update to OpenSSH 2.9. Somehow this missed getting committed yesterday.

Don't build with Kerberos 5 support for now. I'll fix this soon,
but I don't want to break Kerberos 5 users' worlds too much in the
meantime.

secure/ build fixes:

- TELNETOBJDIR is gone. `buildworld' already installs libtelnet.a
in ${WORLDTMP}/usr/lib, and we have LIBRARY_PATH pointing there.

- SSHDIR (formerly SSHSRC) is now shared between all SSH modules.
New LIBSSH is introduced for libssh.a (an internal static lib).
Previously, build without prior `obj' was broken; SSH modules
always looked for libssh.a in ${.OBJDIR}. Also, the dependancies
on the libssh.a were missing.

- libtelnet/ did not install the crypto version of telnet.h into
/usr/include/arpa.

- Removed BINOWN, BINMODE, BINDIR and SRCS with default values.

Reviewed by: markm

- MAN[1-9] -> MAN.

Define HAVE_PAM_GETENVLIST for build. Now environmental variables set
by PAM modules will be exported (correctly).

Update for OpenSSH 2.3.0.

Update for OpenSSH 2.2.0

Err, we weren't even compiling auth1.c with LOGIN_CAP at all. Guess nobody
was using this feature.

Link explicitly against -lmd. I'm not sure what was pulling this in
on -current, but it doesnt do it on -stable.

Update for OpenSSH 2.1

Update for latest OpenSSH

Make LOGIN_CAP work properly.

Submitted by: ache

MFI: Make ssh and sshd link in the krb5 part of make release.

Reviewed by: markm

New distribution names.

Don't pull in libRSAglue for the rsaref case. Since this is linked
dynamically by default, we use the dlopen() calls to load librsaref.so
on US code trees.

Add the OpenSSH userland-building Makefiles.