d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
66 Commits 72 Branches 135 Tags 3.2 GiB
cb6864802e
Commit Graph

53 Commits

Author SHA1 Message Date
Jung-uk Kim
cb6864802e Import OpenSSL 1.0.1i. 2014-08-07 16:49:55 +00:00
Jung-uk Kim
2e22f5e2e0 Import OpenSSL 1.0.1h. 
Approved by:	so (delphij)
 2014-06-06 20:59:29 +00:00
Jung-uk Kim
06369e3974 Import OpenSSL 1.0.1g. 
Approved by:	benl (maintainer)
 2014-04-08 20:15:18 +00:00
Jung-uk Kim
2dc7f78169 Import OpenSSL 1.0.1f. 
Approved by:	so (delphij), benl (silence)
 2014-01-22 19:27:13 +00:00
Jung-uk Kim
f3b8b34a88 Import OpenSSL 1.0.1e. 
Approved by:	secteam (delphij, simon), benl (silence)
 2013-02-13 22:15:56 +00:00
Xin LI
451758c611 Integrate OpenSSL changeset 22950 (appro): 
bn_word.c: fix overflow bug in BN_add_word.
 2013-01-02 20:56:53 +00:00
Jung-uk Kim
0758ab5ea7 Import OpenSSL 1.0.1c. 
Approved by:	benl (maintainer)
 2012-07-11 23:31:36 +00:00
Jung-uk Kim
2b8b545582 Import OpenSSL 0.9.8x. 2012-06-27 16:44:58 +00:00
Simon L. B. Nielsen
fd3744ddb0 Import OpenSSL 0.9.8q. 2010-12-02 22:36:51 +00:00
Simon L. B. Nielsen
f2c43d19b9 Import OpenSSL 0.9.8p. 2010-11-21 22:45:18 +00:00
Simon L. B. Nielsen
0cedaa6c89 Import OpenSSL 0.9.8n. 2010-04-01 12:25:40 +00:00
Simon L. B. Nielsen
f7a1b4761c Import OpenSSL 0.9.8m. 2010-02-28 18:49:43 +00:00
Simon L. B. Nielsen
b7421a6928 Import DTLS fix from upstream OpenSSL 0.9.8 branch: 
Fix memory consumption bug with "future epoch" DTLS records.

Note that this will not get FreeBSD Security Advisory as DTLS is
experimental in OpenSSL.

Security:	CVE-2009-1377
Obtained from:	OpenSSL CVS
		http://cvs.openssl.org/chngview?cn=18187
 2009-08-23 13:58:25 +00:00
Simon L. B. Nielsen
518099af59 Import OpenSSL 0.9.8k. 2009-06-07 19:56:18 +00:00
Simon L. B. Nielsen
bb1499d2aa Vendor import of OpenSSL 0.9.8i. 2008-09-21 14:56:30 +00:00
Simon L. B. Nielsen
11bac091f5 Remove files from vendor tree which were not part of OpenSSL 0.9.8e 
(last vendor import).

The file were removed in different earlier releases, but were not
removed from the CVS vendor branch at the time.
 2008-09-21 14:12:30 +00:00
Simon L. B. Nielsen
c4a78426be Flatten OpenSSL vendor tree. 2008-08-23 10:51:00 +00:00
Simon L. B. Nielsen
a0ddfe4e72 Import DTLS security fix from upstream OpenSSL_0_9_8-stable branch. 
From the OpenSSL advisory:

	Andy Polyakov discovered a flaw in OpenSSL's DTLS
	implementation which could lead to the compromise of clients
	and servers with DTLS enabled.

	DTLS is a datagram variant of TLS specified in RFC 4347 first
	supported in OpenSSL version 0.9.8. Note that the
	vulnerabilities do not affect SSL and TLS so only clients and
	servers explicitly using DTLS are affected.

	We believe this flaw will permit remote code execution.

Security:	CVE-2007-4995
Security:	http://www.openssl.org/news/secadv_20071012.txt
 2007-10-18 20:19:33 +00:00
Simon L. B. Nielsen
c30e4c6174 Import fix from upstream OpenSSL_0_9_8-stable branch: 
EVP_CIPHER_CTX_key_length() should return the set key length
	in the EVP_CIPHER_CTX structure which may not be the same as
	the underlying cipher key length for variable length ciphers.

This fixes problems in OpenSSH using some ciphers, and possibly other
applications.

See also:	http://bugzilla.mindrot.org/show_bug.cgi?id=1291
 2007-03-15 20:26:26 +00:00
Simon L. B. Nielsen
5471f83ea7 Vendor import of OpenSSL 0.9.8e. 2007-03-15 20:03:30 +00:00
Simon L. B. Nielsen
4d227dd736 Import from upstream OpenSSL 0.9.8 branch: 
Fix uninitialized free of ctx in compute_key() when the
OPENSSL_DH_MAX_MODULUS_BITS check is triggered.

This fixes the same issue as FreeBSD-SA-06:23.openssl v1.1.
 2006-10-01 08:09:46 +00:00
Simon L. B. Nielsen
ed5d4f9a94 Vendor import of OpenSSL 0.9.8d. 2006-10-01 07:38:44 +00:00
Simon L. B. Nielsen
3b4e3dcb9f Vendor import of OpenSSL 0.9.8b 2006-07-29 19:10:21 +00:00
Jacques Vidrine
a37fa6607a Remove files that are no longer part of OpenSSL from the vendor 
branch.  This time, these are mostly the `Makefile.ssl' files.
 2005-02-25 06:14:53 +00:00
Jacques Vidrine
6be8ae0724 Vendor import of OpenSSL 0.9.7e. 2005-02-25 05:39:05 +00:00
Jacques Vidrine
01c0bb1d8a Clean up the OpenSSL vendor branch by removing files that are not 
part of recent releases.
 2005-02-25 05:25:37 +00:00
Mark Murray
eaeb68fe23 Bring in support for VIA C3 Nehemiah Padlock crypto support (AES). 
This is from the upcoming OpenSSL 0.9.8 release.
 2004-08-13 19:37:23 +00:00
Jacques Vidrine
fe2b6e6689 Repair a regression in OpenSSL 0.9.7d: processing an unsigned PKCS#7 
object could cause a null pointer dereference.

Obtained from:	OpenSSL CVS (change number 12080)
MFC After:	1 day
Reported by:	Daniel Lang <dl@leo.org>
 2004-04-05 19:01:57 +00:00
Jacques Vidrine
ced566fd0b Vendor import of OpenSSL 0.9.7d. 2004-03-17 15:49:33 +00:00
Jacques Vidrine
81ac585294 Correct a denial-of-service vulnerability in OpenSSL (CAN-2004-0079). 
Obtained from:	OpenSSL CVS (http://cvs.openssl.org/chngview?cn=12033)
 2004-03-17 12:11:08 +00:00
Jacques Vidrine
50ef009353 Vendor import of OpenSSL 0.9.7c 2003-10-01 12:32:41 +00:00
Chris D. Faulhaber
5b877a2d56 Enable RSA blinding by default. 
http://www.openssl.org/news/secadv_20030317.txt
 2003-03-20 20:44:11 +00:00
Chris D. Faulhaber
8786792504 Import of PKCS #1 security fix. 
http://www.openssl.org/news/secadv_20030319.txt
 2003-03-20 20:41:45 +00:00
Jacques Vidrine
fceca8a377 Vendor import of OpenSSL 0.9.7a. 2003-02-19 23:17:42 +00:00
Jacques Vidrine
6e955c8f09 = Fix a bug in UI_UTIL_read_pw's error handling that caused 
des_read_pw_string to break (and thus rather mysteriously
  breaking utilities such as kinit).

= Enable the BSD /dev/crypto interface.

(These changes are being imported on the vendor branch, as they have
already been accepted and committed to the OpenSSL CVS repository.)
 2003-01-29 02:25:30 +00:00
Mark Murray
5c87c606cd Vendor import of OpenSSL release 0.9.7. This release includes 
support for AES and OpenBSD's hardware crypto.
 2003-01-28 21:43:22 +00:00
Jacques Vidrine
499810c08e Import of OpenSSL 0.9.6g. 2002-08-10 01:48:01 +00:00
Jacques Vidrine
484549566e Import of OpenSSL 0.9.6f. 2002-08-10 01:46:10 +00:00
Jacques Vidrine
9e6c5d1742 Import of OpenSSL 0.9.6f. 2002-08-10 01:40:00 +00:00
Jacques Vidrine
b1357e1cec Correct a bug in the ASN.1 decoder which was introduced with the 
recent OpenSSL update.

Obtained from:	OpenSSL CVS
 2002-08-05 16:25:17 +00:00
Jacques Vidrine
4f20a5a274 Import of OpenSSL 0.9.6e. 2002-07-30 13:38:06 +00:00
Jacques Vidrine
c1803d7836 Import of OpenSSL 0.9.6d. 2002-07-30 12:44:15 +00:00
Kris Kennaway
a21b1b381e Initial import of OpenSSL 0.9.6c 2002-01-27 03:13:07 +00:00
Kris Kennaway
26d191b459 Initial import of OpenSSL 0.9.6b 2001-07-19 19:59:37 +00:00
Kris Kennaway
5740a5e34c Initial import of OpenSSL 0.9.6a 2001-05-20 03:07:21 +00:00
Kris Kennaway
de7cdddab1 Import of OpenSSL 0.9.6-STABLE snapshot dated 2001-02-10 2001-02-18 03:17:36 +00:00
Kris Kennaway
ddd58736f0 Initial import of OpenSSL 0.9.6 2000-11-13 01:03:58 +00:00
Mark Murray
07c567b8ec Virgin import of OpenSSL v0.9.5a 2000-04-16 16:03:07 +00:00
Kris Kennaway
f579bf8ec7 Initial import of OpenSSL 0.9.5a 2000-04-13 06:33:22 +00:00
Kris Kennaway
97b2ed56f8 Import the RSA support code. There shouldn't be any actual RSA 
cryptography here.
 2000-01-16 05:14:57 +00:00