Commit Graph

124 Commits

Author SHA1 Message Date
Simon L. B. Nielsen
f9d67810bf This commit was generated by cvs2svn to compensate for changes in r162916,
which included commits to RCS files with non-trunk default branches.
2006-10-01 08:09:46 +00:00
Simon L. B. Nielsen
4d227dd736 Import from upstream OpenSSL 0.9.8 branch:
Fix uninitialized free of ctx in compute_key() when the
OPENSSL_DH_MAX_MODULUS_BITS check is triggered.

This fixes the same issue as FreeBSD-SA-06:23.openssl v1.1.
2006-10-01 08:09:46 +00:00
Simon L. B. Nielsen
74608424ab Resolve conflicts after import of OpenSSL 0.9.8d. 2006-10-01 07:46:16 +00:00
Simon L. B. Nielsen
ed5d4f9a94 Vendor import of OpenSSL 0.9.8d. 2006-10-01 07:38:44 +00:00
Simon L. B. Nielsen
02d3319f28 This commit was generated by cvs2svn to compensate for changes in r162911,
which included commits to RCS files with non-trunk default branches.
2006-10-01 07:38:44 +00:00
Simon L. B. Nielsen
c800238ebb Correct incorrect PKCS#1 v1.5 padding validation in crypto(3).
Obtained from:	OpenSSL project
Security:	FreeBSD-SA-06:19.openssl
2006-09-10 20:16:43 +00:00
Simon L. B. Nielsen
2ab7aa997e Resolve conflicts after import of OpenSSL 0.9.8b.
This was missed the first time around since eng_padlock.c was not part
of OpenSSL 0.9.7e and therefor did not have the v0_9_7e CVS tag used
during original resolve of conflicts.

Noticed by:	Antoine Brodin <antoine.brodin@laposte.net>
2006-07-30 14:17:54 +00:00
Simon L. B. Nielsen
35fc1829d8 Sync FREEBSD-Xlist with what was actually excluded from OpenSSL 0.9.8b
import.
2006-07-29 22:40:45 +00:00
Simon L. B. Nielsen
f6ec947c28 Add some rough notes on how to import a new OpenSSL version into the
FreeBSD base system.  Parts are inspired by the OpenSSH upgrade notes.
2006-07-29 22:01:26 +00:00
Simon L. B. Nielsen
09bf29a41f Resolve conflicts after import of OpenSSL 0.9.8b. 2006-07-29 19:14:51 +00:00
Simon L. B. Nielsen
3b4e3dcb9f Vendor import of OpenSSL 0.9.8b 2006-07-29 19:10:21 +00:00
Simon L. B. Nielsen
f6ab039488 This commit was generated by cvs2svn to compensate for changes in r160814,
which included commits to RCS files with non-trunk default branches.
2006-07-29 19:10:21 +00:00
Colin Percival
51ce0d091c Correct a man-in-the-middle SSL version rollback vulnerability.
Security:	FreeBSD-SA-05:21.openssl
2005-10-11 11:50:36 +00:00
Jacques Vidrine
72a11ddc6c File removed in update from OpenSSL 0.9.7d -> 0.9.7e. 2005-02-25 06:22:30 +00:00
Jacques Vidrine
a37fa6607a Remove files that are no longer part of OpenSSL from the vendor
branch.  This time, these are mostly the `Makefile.ssl' files.
2005-02-25 06:14:53 +00:00
Jacques Vidrine
3c96cf2e8b This commit was generated by cvs2svn to compensate for changes in r142430,
which included commits to RCS files with non-trunk default branches.
2005-02-25 06:14:53 +00:00
Jacques Vidrine
5203f6dc3a Resolve conflicts after import of OpenSSL 0.9.7e. 2005-02-25 05:49:44 +00:00
Jacques Vidrine
6be8ae0724 Vendor import of OpenSSL 0.9.7e. 2005-02-25 05:39:05 +00:00
Jacques Vidrine
eb8fd19957 This commit was generated by cvs2svn to compensate for changes in r142425,
which included commits to RCS files with non-trunk default branches.
2005-02-25 05:39:05 +00:00
Jacques Vidrine
3e9d9cface Update list of files to remove prior to import of OpenSSL 0.9.7e. 2005-02-25 05:31:23 +00:00
Jacques Vidrine
01c0bb1d8a Clean up the OpenSSL vendor branch by removing files that are not
part of recent releases.
2005-02-25 05:25:37 +00:00
Jacques Vidrine
c7a8adabfb This commit was generated by cvs2svn to compensate for changes in r142421,
which included commits to RCS files with non-trunk default branches.
2005-02-25 05:25:37 +00:00
Mark Murray
1f9bb6cd25 Add support for C3 Nehemiah ACE ("Padlock") AES crypto. This comes
from OpenSSL 0.9.5 (yet to be released), and is pretty complete.
2004-08-14 13:38:35 +00:00
Mark Murray
eaeb68fe23 Bring in support for VIA C3 Nehemiah Padlock crypto support (AES).
This is from the upcoming OpenSSL 0.9.8 release.
2004-08-13 19:37:23 +00:00
Mark Murray
19ef43daef This commit was generated by cvs2svn to compensate for changes in r133665,
which included commits to RCS files with non-trunk default branches.
2004-08-13 19:37:23 +00:00
Jacques Vidrine
fe2b6e6689 Repair a regression in OpenSSL 0.9.7d: processing an unsigned PKCS#7
object could cause a null pointer dereference.

Obtained from:	OpenSSL CVS (change number 12080)
MFC After:	1 day
Reported by:	Daniel Lang <dl@leo.org>
2004-04-05 19:01:57 +00:00
Jacques Vidrine
4fd8395954 This commit was generated by cvs2svn to compensate for changes in r127904,
which included commits to RCS files with non-trunk default branches.
2004-04-05 19:01:57 +00:00
Jacques Vidrine
902aa2e784 Resolve conflicts after import of OpenSSL 0.9.7d. 2004-03-17 17:44:39 +00:00
Jacques Vidrine
ced566fd0b Vendor import of OpenSSL 0.9.7d. 2004-03-17 15:49:33 +00:00
Jacques Vidrine
8f1200ff6f This commit was generated by cvs2svn to compensate for changes in r127128,
which included commits to RCS files with non-trunk default branches.
2004-03-17 15:49:33 +00:00
Jacques Vidrine
81ac585294 Correct a denial-of-service vulnerability in OpenSSL (CAN-2004-0079).
Obtained from:	OpenSSL CVS (http://cvs.openssl.org/chngview?cn=12033)
2004-03-17 12:11:08 +00:00
Jacques Vidrine
1612471010 This commit was generated by cvs2svn to compensate for changes in r127114,
which included commits to RCS files with non-trunk default branches.
2004-03-17 12:11:08 +00:00
Jacques Vidrine
ede6693b54 Re-add the FreeBSD RCS keyword for the benefit of mergemaster.
PR:		conf/50040
Requested by:	Dimitry Andric <dim@xs4all.nl>
2004-01-09 14:46:11 +00:00
Jacques Vidrine
52033a8dc8 Remove files no longer included with OpenSSL as of version 0.9.7c. 2003-10-01 12:38:27 +00:00
Jacques Vidrine
5fad2af4e3 Merge conflicts after import of OpenSSL 0.9.7c. 2003-10-01 12:37:51 +00:00
Jacques Vidrine
50ef009353 Vendor import of OpenSSL 0.9.7c 2003-10-01 12:32:41 +00:00
Jacques Vidrine
8ae0780c3a This commit was generated by cvs2svn to compensate for changes in r120631,
which included commits to RCS files with non-trunk default branches.
2003-10-01 12:32:41 +00:00
Jacques Vidrine
402cb58a40 Update list of files to remove prior to import of OpenSSL 0.9.7c. 2003-10-01 12:21:16 +00:00
Chris D. Faulhaber
a6b47b5f08 Merge conflicts 2003-03-20 20:56:03 +00:00
Chris D. Faulhaber
5b877a2d56 Enable RSA blinding by default.
http://www.openssl.org/news/secadv_20030317.txt
2003-03-20 20:44:11 +00:00
Chris D. Faulhaber
35f304853f This commit was generated by cvs2svn to compensate for changes in r112439,
which included commits to RCS files with non-trunk default branches.
2003-03-20 20:41:45 +00:00
Chris D. Faulhaber
8786792504 Import of PKCS #1 security fix.
http://www.openssl.org/news/secadv_20030319.txt
2003-03-20 20:41:45 +00:00
Jacques Vidrine
def0b8c9c5 Resolve conflicts after import of OpenSSL 0.9.7a. 2003-02-19 23:24:16 +00:00
Jacques Vidrine
fceca8a377 Vendor import of OpenSSL 0.9.7a. 2003-02-19 23:17:42 +00:00
Jacques Vidrine
015ec3c905 This commit was generated by cvs2svn to compensate for changes in r111147,
which included commits to RCS files with non-trunk default branches.
2003-02-19 23:17:42 +00:00
Jacques Vidrine
4b2eaea43f Background:
When libdes was replaced with OpenSSL's libcrypto, there were a few
 interfaces that the former implemented but the latter did not.  Because
 some software in the base system still depended upon these interfaces,
 we simply included them in our libcrypto (rnd_keys.c).

Now, finally get around to removing the dependencies on these
interfaces.  There were basically two cases:

  des_new_random_key -- This is just a wrapper for des_random_key, and
     these calls were replaced.

  des_init_random_number_generator et. al. -- A few functions were used
     by the application to seed libdes's PRNG.  These are not necessary
     when using libcrypto, as OpenSSL internally seeds the PRNG from
     /dev/random.  These calls were simply removed.

Again, some of the Kerberos 4 files have been taken off the vendor
branch.  I do not expect there to be future imports of KTH Kerberos 4.
2003-01-29 18:14:29 +00:00
Jacques Vidrine
6e955c8f09 = Fix a bug in UI_UTIL_read_pw's error handling that caused
des_read_pw_string to break (and thus rather mysteriously
  breaking utilities such as kinit).

= Enable the BSD /dev/crypto interface.

(These changes are being imported on the vendor branch, as they have
already been accepted and committed to the OpenSSL CVS repository.)
2003-01-29 02:25:30 +00:00
Jacques Vidrine
912e44b663 This commit was generated by cvs2svn to compensate for changes in r110018,
which included commits to RCS files with non-trunk default branches.
2003-01-29 02:25:30 +00:00
Mark Murray
bff3688511 Merge conflicts.
This is cunning doublespeak for "use vendor code".
2003-01-28 22:34:21 +00:00
Mark Murray
f1b2c95128 Remove files no longer on OpenSSL 0.9.7. crypto/des/rnd_keys.c is
retained as it is still used.
2003-01-28 22:12:30 +00:00