Commit Graph

180 Commits

Author SHA1 Message Date
simon
9bb7d4296b - Bring upgrade produce up-to-date for OpenSSL 0.9.8e.
- Add reminder to bump version numer in Makefile.inc.
2007-03-15 21:06:48 +00:00
simon
8e9898839e Import fix from upstream OpenSSL_0_9_8-stable branch:
EVP_CIPHER_CTX_key_length() should return the set key length
	in the EVP_CIPHER_CTX structure which may not be the same as
	the underlying cipher key length for variable length ciphers.

This fixes problems in OpenSSH using some ciphers, and possibly other
applications.

See also:	http://bugzilla.mindrot.org/show_bug.cgi?id=1291
2007-03-15 20:26:26 +00:00
simon
86271f334e This commit was generated by cvs2svn to compensate for changes in r167617,
which included commits to RCS files with non-trunk default branches.
2007-03-15 20:26:26 +00:00
simon
394ba190a3 Resolve conflicts after import of OpenSSL 0.9.8e. 2007-03-15 20:07:27 +00:00
simon
ee48ceb6a8 Vendor import of OpenSSL 0.9.8e. 2007-03-15 20:03:30 +00:00
simon
699a8581f9 This commit was generated by cvs2svn to compensate for changes in r167612,
which included commits to RCS files with non-trunk default branches.
2007-03-15 20:03:30 +00:00
simon
25dab5b4c1 Import from upstream OpenSSL 0.9.8 branch:
Fix uninitialized free of ctx in compute_key() when the
OPENSSL_DH_MAX_MODULUS_BITS check is triggered.

This fixes the same issue as FreeBSD-SA-06:23.openssl v1.1.
2006-10-01 08:09:46 +00:00
simon
ac7fb23be5 This commit was generated by cvs2svn to compensate for changes in r162916,
which included commits to RCS files with non-trunk default branches.
2006-10-01 08:09:46 +00:00
simon
de193995a6 Resolve conflicts after import of OpenSSL 0.9.8d. 2006-10-01 07:46:16 +00:00
simon
387e65d767 Vendor import of OpenSSL 0.9.8d. 2006-10-01 07:38:44 +00:00
simon
b2881e9eb1 This commit was generated by cvs2svn to compensate for changes in r162911,
which included commits to RCS files with non-trunk default branches.
2006-10-01 07:38:44 +00:00
simon
22f3e61de2 Correct incorrect PKCS#1 v1.5 padding validation in crypto(3).
Obtained from:	OpenSSL project
Security:	FreeBSD-SA-06:19.openssl
2006-09-10 20:16:43 +00:00
simon
76f00e0285 Resolve conflicts after import of OpenSSL 0.9.8b.
This was missed the first time around since eng_padlock.c was not part
of OpenSSL 0.9.7e and therefor did not have the v0_9_7e CVS tag used
during original resolve of conflicts.

Noticed by:	Antoine Brodin <antoine.brodin@laposte.net>
2006-07-30 14:17:54 +00:00
simon
870bdce538 Sync FREEBSD-Xlist with what was actually excluded from OpenSSL 0.9.8b
import.
2006-07-29 22:40:45 +00:00
simon
00e07ea415 Add some rough notes on how to import a new OpenSSL version into the
FreeBSD base system.  Parts are inspired by the OpenSSH upgrade notes.
2006-07-29 22:01:26 +00:00
simon
e07cc0214a Resolve conflicts after import of OpenSSL 0.9.8b. 2006-07-29 19:14:51 +00:00
simon
fb3c70eda8 Vendor import of OpenSSL 0.9.8b 2006-07-29 19:10:21 +00:00
simon
9159ca2b0e This commit was generated by cvs2svn to compensate for changes in r160814,
which included commits to RCS files with non-trunk default branches.
2006-07-29 19:10:21 +00:00
cperciva
45ad656456 Correct a man-in-the-middle SSL version rollback vulnerability.
Security:	FreeBSD-SA-05:21.openssl
2005-10-11 11:50:36 +00:00
nectar
21cef1ac2a File removed in update from OpenSSL 0.9.7d -> 0.9.7e. 2005-02-25 06:22:30 +00:00
nectar
3c8d7d9993 Remove files that are no longer part of OpenSSL from the vendor
branch.  This time, these are mostly the `Makefile.ssl' files.
2005-02-25 06:14:53 +00:00
nectar
0d4d2c2cec This commit was generated by cvs2svn to compensate for changes in r142430,
which included commits to RCS files with non-trunk default branches.
2005-02-25 06:14:53 +00:00
nectar
ced877b043 Resolve conflicts after import of OpenSSL 0.9.7e. 2005-02-25 05:49:44 +00:00
nectar
78a59572b3 Vendor import of OpenSSL 0.9.7e. 2005-02-25 05:39:05 +00:00
nectar
52bc459a40 This commit was generated by cvs2svn to compensate for changes in r142425,
which included commits to RCS files with non-trunk default branches.
2005-02-25 05:39:05 +00:00
nectar
a876e908ea Update list of files to remove prior to import of OpenSSL 0.9.7e. 2005-02-25 05:31:23 +00:00
nectar
a55ec1447a Clean up the OpenSSL vendor branch by removing files that are not
part of recent releases.
2005-02-25 05:25:37 +00:00
nectar
86364e2030 This commit was generated by cvs2svn to compensate for changes in r142421,
which included commits to RCS files with non-trunk default branches.
2005-02-25 05:25:37 +00:00
markm
1659a5207b Add support for C3 Nehemiah ACE ("Padlock") AES crypto. This comes
from OpenSSL 0.9.5 (yet to be released), and is pretty complete.
2004-08-14 13:38:35 +00:00
markm
402a1009de Bring in support for VIA C3 Nehemiah Padlock crypto support (AES).
This is from the upcoming OpenSSL 0.9.8 release.
2004-08-13 19:37:23 +00:00
markm
d57fb14ce4 This commit was generated by cvs2svn to compensate for changes in r133665,
which included commits to RCS files with non-trunk default branches.
2004-08-13 19:37:23 +00:00
nectar
4f072b64b0 Repair a regression in OpenSSL 0.9.7d: processing an unsigned PKCS#7
object could cause a null pointer dereference.

Obtained from:	OpenSSL CVS (change number 12080)
MFC After:	1 day
Reported by:	Daniel Lang <dl@leo.org>
2004-04-05 19:01:57 +00:00
nectar
e0710a2e71 This commit was generated by cvs2svn to compensate for changes in r127904,
which included commits to RCS files with non-trunk default branches.
2004-04-05 19:01:57 +00:00
nectar
2283471bb5 Resolve conflicts after import of OpenSSL 0.9.7d. 2004-03-17 17:44:39 +00:00
nectar
0f095e8a2a Vendor import of OpenSSL 0.9.7d. 2004-03-17 15:49:33 +00:00
nectar
15b921d648 This commit was generated by cvs2svn to compensate for changes in r127128,
which included commits to RCS files with non-trunk default branches.
2004-03-17 15:49:33 +00:00
nectar
e8232d78ab Correct a denial-of-service vulnerability in OpenSSL (CAN-2004-0079).
Obtained from:	OpenSSL CVS (http://cvs.openssl.org/chngview?cn=12033)
2004-03-17 12:11:08 +00:00
nectar
5899dbda42 This commit was generated by cvs2svn to compensate for changes in r127114,
which included commits to RCS files with non-trunk default branches.
2004-03-17 12:11:08 +00:00
nectar
8c8a5a2b0b Re-add the FreeBSD RCS keyword for the benefit of mergemaster.
PR:		conf/50040
Requested by:	Dimitry Andric <dim@xs4all.nl>
2004-01-09 14:46:11 +00:00
nectar
7f355f9a0e Remove files no longer included with OpenSSL as of version 0.9.7c. 2003-10-01 12:38:27 +00:00
nectar
367ddb50f9 Merge conflicts after import of OpenSSL 0.9.7c. 2003-10-01 12:37:51 +00:00
nectar
ee25ce74b3 Vendor import of OpenSSL 0.9.7c 2003-10-01 12:32:41 +00:00
nectar
d8e0ea4b40 This commit was generated by cvs2svn to compensate for changes in r120631,
which included commits to RCS files with non-trunk default branches.
2003-10-01 12:32:41 +00:00
nectar
33988c2cf4 Update list of files to remove prior to import of OpenSSL 0.9.7c. 2003-10-01 12:21:16 +00:00
jedgar
ed812d3ac4 Merge conflicts 2003-03-20 20:56:03 +00:00
jedgar
5d79b842c1 Enable RSA blinding by default.
http://www.openssl.org/news/secadv_20030317.txt
2003-03-20 20:44:11 +00:00
jedgar
ad2b755e27 This commit was generated by cvs2svn to compensate for changes in r112439,
which included commits to RCS files with non-trunk default branches.
2003-03-20 20:41:45 +00:00
jedgar
5514cd4987 Import of PKCS #1 security fix.
http://www.openssl.org/news/secadv_20030319.txt
2003-03-20 20:41:45 +00:00
nectar
0fee824237 Resolve conflicts after import of OpenSSL 0.9.7a. 2003-02-19 23:24:16 +00:00
nectar
6c9986c446 Vendor import of OpenSSL 0.9.7a. 2003-02-19 23:17:42 +00:00
nectar
21bb0e5fa9 This commit was generated by cvs2svn to compensate for changes in r111147,
which included commits to RCS files with non-trunk default branches.
2003-02-19 23:17:42 +00:00
nectar
637cc179f5 Background:
When libdes was replaced with OpenSSL's libcrypto, there were a few
 interfaces that the former implemented but the latter did not.  Because
 some software in the base system still depended upon these interfaces,
 we simply included them in our libcrypto (rnd_keys.c).

Now, finally get around to removing the dependencies on these
interfaces.  There were basically two cases:

  des_new_random_key -- This is just a wrapper for des_random_key, and
     these calls were replaced.

  des_init_random_number_generator et. al. -- A few functions were used
     by the application to seed libdes's PRNG.  These are not necessary
     when using libcrypto, as OpenSSL internally seeds the PRNG from
     /dev/random.  These calls were simply removed.

Again, some of the Kerberos 4 files have been taken off the vendor
branch.  I do not expect there to be future imports of KTH Kerberos 4.
2003-01-29 18:14:29 +00:00
nectar
b6c07e9a21 = Fix a bug in UI_UTIL_read_pw's error handling that caused
des_read_pw_string to break (and thus rather mysteriously
  breaking utilities such as kinit).

= Enable the BSD /dev/crypto interface.

(These changes are being imported on the vendor branch, as they have
already been accepted and committed to the OpenSSL CVS repository.)
2003-01-29 02:25:30 +00:00
nectar
e99b3c8426 This commit was generated by cvs2svn to compensate for changes in r110018,
which included commits to RCS files with non-trunk default branches.
2003-01-29 02:25:30 +00:00
markm
3f245d6325 Merge conflicts.
This is cunning doublespeak for "use vendor code".
2003-01-28 22:34:21 +00:00
markm
ad7148cc98 Remove files no longer on OpenSSL 0.9.7. crypto/des/rnd_keys.c is
retained as it is still used.
2003-01-28 22:12:30 +00:00
markm
aad1d64cb5 Vendor import of OpenSSL release 0.9.7. This release includes
support for AES and OpenBSD's hardware crypto.
2003-01-28 21:43:22 +00:00
markm
33af127a88 This commit was generated by cvs2svn to compensate for changes in r109998,
which included commits to RCS files with non-trunk default branches.
2003-01-28 21:43:22 +00:00
nectar
f779e835e5 Resolve conflicts. 2002-08-10 01:50:50 +00:00
nectar
eba366e36e Import of OpenSSL 0.9.6g. 2002-08-10 01:48:01 +00:00
nectar
fdead658fb This commit was generated by cvs2svn to compensate for changes in r101618,
which included commits to RCS files with non-trunk default branches.
2002-08-10 01:48:01 +00:00
nectar
c99c2264cb Import of OpenSSL 0.9.6f. 2002-08-10 01:46:10 +00:00
nectar
45bf128dcc This commit was generated by cvs2svn to compensate for changes in r101615,
which included commits to RCS files with non-trunk default branches.
2002-08-10 01:46:10 +00:00
nectar
c48e8e3d25 Import of OpenSSL 0.9.6f. 2002-08-10 01:40:00 +00:00
nectar
15e4ff204e This commit was generated by cvs2svn to compensate for changes in r101613,
which included commits to RCS files with non-trunk default branches.
2002-08-10 01:40:00 +00:00
nectar
2836f6786d Correct a bug in the ASN.1 decoder which was introduced with the
recent OpenSSL update.

Obtained from:	OpenSSL CVS
2002-08-05 16:25:17 +00:00
nectar
5a59c1aa36 This commit was generated by cvs2svn to compensate for changes in r101386,
which included commits to RCS files with non-trunk default branches.
2002-08-05 16:25:17 +00:00
nectar
9b13f71fee Resolve conflicts after import of OpenSSL 0.9.6e. 2002-07-30 13:58:53 +00:00
nectar
2f13e09165 Import of OpenSSL 0.9.6e. 2002-07-30 13:38:06 +00:00
nectar
9b2d850453 This commit was generated by cvs2svn to compensate for changes in r100936,
which included commits to RCS files with non-trunk default branches.
2002-07-30 13:38:06 +00:00
nectar
7515065745 This man page has not been referenced by anything for a while,
and is not part of the OpenSSL distribution.  Remove it.
2002-07-30 12:54:03 +00:00
nectar
0518ae8674 Remove many obsolete files. The majority of these are simply no
longer included as part of the OpenSSL distribution.  However, a few
we just don't need and are explicitly excluded in FREEBSD-Xlist.
2002-07-30 12:51:09 +00:00
nectar
8b62a95bfc Resolve conflicts after import of OpenSSL 0.9.6d. 2002-07-30 12:46:49 +00:00
nectar
0aed2eea83 Import of OpenSSL 0.9.6d. 2002-07-30 12:44:15 +00:00
nectar
050218e0d0 This commit was generated by cvs2svn to compensate for changes in r100928,
which included commits to RCS files with non-trunk default branches.
2002-07-30 12:44:15 +00:00
nectar
ef94fba97d Update list of files to remove prior to import of OpenSSL 0.9.6d 2002-07-30 12:38:41 +00:00
kris
7b695f1ddd Resolve conflicts. 2002-01-27 03:17:13 +00:00
kris
1f8c2aa176 Initial import of OpenSSL 0.9.6c 2002-01-27 03:13:07 +00:00
kris
0b3d98771f This commit was generated by cvs2svn to compensate for changes in r89837,
which included commits to RCS files with non-trunk default branches.
2002-01-27 03:13:07 +00:00
markm
4cff8701ff Protect names that are used elsewhere. This fixes WARNS=2 breakage
in crypto telnet.
2001-12-01 18:48:36 +00:00
kris
18cbcd5eff Resolve conflicts 2001-07-19 20:05:28 +00:00
kris
3b19ada1e8 Initial import of OpenSSL 0.9.6b 2001-07-19 19:59:37 +00:00
kris
84fabcda92 This commit was generated by cvs2svn to compensate for changes in r79998,
which included commits to RCS files with non-trunk default branches.
2001-07-19 19:59:37 +00:00
kris
445c7928a1 Resolve conflicts 2001-05-20 03:17:35 +00:00
kris
12896e829e Initial import of OpenSSL 0.9.6a 2001-05-20 03:07:21 +00:00
kris
d8a086ad88 This commit was generated by cvs2svn to compensate for changes in r76866,
which included commits to RCS files with non-trunk default branches.
2001-05-20 03:07:21 +00:00
kris
4fef76e966 Resolve conflicts 2001-02-18 03:23:30 +00:00
kris
7e55354aa4 Import of OpenSSL 0.9.6-STABLE snapshot dated 2001-02-10 2001-02-18 03:17:36 +00:00
kris
68872806ec This commit was generated by cvs2svn to compensate for changes in r72613,
which included commits to RCS files with non-trunk default branches.
2001-02-18 03:17:36 +00:00
kris
4b15a516e7 Update list of files to remove prior to import 2000-11-13 07:46:20 +00:00
kris
76c54c9ba3 Resolve conflicts, and garbage collect some local changes that are no
longer required
2000-11-13 02:20:29 +00:00
kris
539b977eff Initial import of OpenSSL 0.9.6 2000-11-13 01:03:58 +00:00
kris
f648020584 This commit was generated by cvs2svn to compensate for changes in r68651,
which included commits to RCS files with non-trunk default branches.
2000-11-13 01:03:58 +00:00
dougb
353f00f96c Add a CVS Id tag 2000-10-29 10:00:58 +00:00
kris
e4a753d311 Nuke RSAREF support from orbit.
It's the only way to be sure.
2000-09-10 00:09:37 +00:00
markm
2fe0472e39 MFI. This is a documentation-only, diffreducing patch, that if
invoked will cause breakage. US Users - DO NOT try to turn on
IDEA - the sources are not included.
2000-06-24 06:50:58 +00:00
markm
58b7870cc7 Grrr. I hate CVS. These were supposed to be committed when I did the
IDEA fix earlier today.

Bring back IDEA from the dead (but not compiled by default).
2000-06-19 21:09:27 +00:00
markm
940ce492dc Re-add IDEA. This is not actually built unless asked for by the user.
(To avoid patent hassles).
2000-06-19 13:59:34 +00:00
markm
3e04080f8a MFF: catch up with FreeFall 2000-04-19 21:20:54 +00:00
kris
a0eba154d3 If stderr is closed, report the error message about missing libraries
via syslog instead.

Reviewed by:	jkh
2000-04-18 06:25:24 +00:00