d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
255,189 Commits 4 Branches 49 Tags
Commit Graph

37 Commits

Author SHA1 Message Date
jkim
ed55404d57 Update OpenSSL to 1.1.1. 
Note it does not update build infrastructure.
 2018-09-13 20:40:51 +00:00
jkim
58e331e535 Merge OpenSSL 1.0.2p. 2018-08-14 17:48:02 +00:00
jkim
28f14cb177 Merge OpenSSL 1.0.2o. 2018-03-27 17:17:58 +00:00
jkim
986f17341f Merge OpenSSL 1.0.2l. 2017-05-25 20:52:16 +00:00
jkim
97091e1369 Merge OpenSSL 1.0.2i. 2016-09-22 13:27:44 +00:00
jkim
00a878d06e Merge OpenSSL 1.0.2h. 
Relnotes:	yes
 2016-05-03 18:50:10 +00:00
jkim
de2249f81c Merge OpenSSL 1.0.2g. 
Relnotes:	yes
 2016-03-01 22:08:28 +00:00
jkim
f91c9c2798 Merge OpenSSL 1.0.2f. 
Relnotes:	yes
 2016-01-28 20:15:22 +00:00
jkim
8d77ecefb7 Merge OpenSSL 1.0.2e. 2015-12-03 21:13:35 +00:00
jkim
6b741bee15 Merge OpenSSL 1.0.2d. 2015-10-30 20:51:33 +00:00
jkim
d962da16eb Merge OpenSSL 1.0.1m. 2015-03-20 19:16:18 +00:00
jkim
4f9b1cef1a Merge OpenSSL 1.0.1k. 2015-01-08 23:42:41 +00:00
jkim
411d431d45 Merge OpenSSL 1.0.1j. 2014-10-15 19:12:05 +00:00
jkim
3299c3be1a Merge OpenSSL 1.0.1i. 2014-08-07 18:56:10 +00:00
jkim
a8c44ea5cf Merge OpenSSL 1.0.1f. 
Approved by:	so (delphij), benl (silence)
 2014-01-22 19:57:11 +00:00
delphij
106d50295b MFV r260399: 
Apply vendor commits:

197e0ea	Fix for TLS record tampering bug.  (CVE-2013-4353).
3462896	For DTLS we might need to retransmit messages from the
	previous session so keep a copy of write context in DTLS
	retransmission buffers instead of replacing it after
	sending CCS.  (CVE-2013-6450).
ca98926 When deciding whether to use TLS 1.2 PRF and record hash
	algorithms use the version number in the corresponding
	SSL_METHOD structure instead of the SSL structure.  The
	SSL structure version is sometimes inaccurate.
	Note: OpenSSL 1.0.2 and later effectively do this already.
	(CVE-2013-6449).

Security:	CVE-2013-4353
Security:	CVE-2013-6449
Security:	CVE-2013-6450
 2014-01-07 19:58:45 +00:00
jkim
754bee5776 Merge OpenSSL 1.0.1e. 
Approved by:	secteam (simon), benl (silence)
 2013-02-13 23:07:20 +00:00
jkim
e393e47b1e Merge OpenSSL 1.0.1c. 
Approved by:	benl (maintainer)
 2012-07-12 19:30:53 +00:00
jkim
299ab12592 Merge OpenSSL 0.9.8x. 
Reviewed by:	stas
Approved by:	benl (maintainer)
MFC after:	3 days
 2012-06-27 18:44:36 +00:00
delphij
41cd87c13e Fix SSL memory handlig for (EC)DH cipher suites, in particular for 
multi-threaded use of ECDH.

Security:	CVE-2011-3210
Reviewed by:	stas
Obtained from:	OpenSSL CVS
Approved by:	re (kib)
 2011-09-08 09:33:49 +00:00
simon
0d816bbd98 Merge OpenSSL 0.9.8m into head. 
This also "reverts" some FreeBSD local changes so we should now
be back to using entirely stock OpenSSL.  The local changes were
simple $FreeBSD$ lines additions, which were required in the CVS
days, and the patch for FreeBSD-SA-09:15.ssl which has been
superseded with OpenSSL 0.9.8m's RFC5746 'TLS renegotiation
extension' support.

MFC after:	3 weeks
 2010-03-13 19:22:41 +00:00
cperciva
e4106d9e8f Disable SSL renegotiation in order to protect against a serious 
protocol flaw. [09:15]

Correctly handle failures from unsetenv resulting from a corrupt
environment in rtld-elf. [09:16]

Fix permissions in freebsd-update in order to prevent leakage of
sensitive files. [09:17]

Approved by:	so (cperciva)
Security:	FreeBSD-SA-09:15.ssl
Security:	FreeBSD-SA-09:16.rtld
Security:	FreeBSD-SA-09:17.freebsd-udpate
 2009-12-03 09:18:40 +00:00
simon
5fb395764b Merge OpenSSL 0.9.8k into head. 
Approved by:	re
 2009-06-14 19:45:16 +00:00
simon
64fcbc70db Flatten OpenSSL vendor tree. 2008-08-23 10:51:00 +00:00
simon
ee48ceb6a8 Vendor import of OpenSSL 0.9.8e. 2007-03-15 20:03:30 +00:00
simon
387e65d767 Vendor import of OpenSSL 0.9.8d. 2006-10-01 07:38:44 +00:00
simon
fb3c70eda8 Vendor import of OpenSSL 0.9.8b 2006-07-29 19:10:21 +00:00
nectar
78a59572b3 Vendor import of OpenSSL 0.9.7e. 2005-02-25 05:39:05 +00:00
nectar
0f095e8a2a Vendor import of OpenSSL 0.9.7d. 2004-03-17 15:49:33 +00:00
markm
aad1d64cb5 Vendor import of OpenSSL release 0.9.7. This release includes 
support for AES and OpenBSD's hardware crypto.
 2003-01-28 21:43:22 +00:00
nectar
2f13e09165 Import of OpenSSL 0.9.6e. 2002-07-30 13:38:06 +00:00
nectar
0aed2eea83 Import of OpenSSL 0.9.6d. 2002-07-30 12:44:15 +00:00
kris
12896e829e Initial import of OpenSSL 0.9.6a 2001-05-20 03:07:21 +00:00
kris
7e55354aa4 Import of OpenSSL 0.9.6-STABLE snapshot dated 2001-02-10 2001-02-18 03:17:36 +00:00
kris
539b977eff Initial import of OpenSSL 0.9.6 2000-11-13 01:03:58 +00:00
kris
54c77f990d Initial import of OpenSSL 0.9.5a 2000-04-13 06:33:22 +00:00
kris
2e467dc342 Initial import of OpenSSL 0.9.4, sans IDEA and RSA code for patent 
infringement reasons.
 2000-01-10 06:22:05 +00:00