jonathan/openssl
1
0
Fork 0
forked from rpms/openssl
Code Pull Requests Activity
410 Commits 9 Branches 54 Tags 6.5 MiB
1ff978b22e
Commit Graph

341 Commits

Author SHA1 Message Date
Tomas Mraz
1ff978b22e update to upstream version 1.1.0f 
SRP and GOST is now allowed, note that GOST support requires
  adding GOST engine which is not part of openssl anymore
 2017-06-02 15:32:15 +02:00
Tomas Mraz
c676ac32d5 update to upstream version 1.1.0e 
add documentation of the PROFILE=SYSTEM special cipher string (#1420232)
 2017-02-16 16:59:27 +01:00
Fedora Release Engineering
f6b0040c3e - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild 2017-02-11 00:58:36 +00:00
Tomas Mraz
d00e0a5904 applied upstream fixes (fix regression in X509_CRL_digest) 2017-02-01 15:56:59 +01:00
Tomas Mraz
c144665042 update to upstream version 1.1.0d 2017-01-26 16:24:24 +01:00
Tomas Mraz
fe449cd23c preserve new line in fd BIO BIO_gets() as other BIOs do 2016-12-22 14:40:28 +01:00
Tomas Mraz
836560b322 FIPS mode fixes for TLS 2016-12-02 17:32:17 +01:00
Tomas Mraz
3a8593870a apply properly revert SSL_read() behavior change - patch from upstream (#1394677) 
- fix behavior on client certificate request in renegotiation (#1393579)
 2016-11-30 14:29:59 +01:00
Tomas Mraz
e443a79334 Add back EC NIST P-224 and revert SSL_read() change 
- revert SSL_read() behavior change - patch from upstream (#1394677)
- EC curve NIST P-224 is now allowed, still kept disabled in TLS due
  to less than optimal security
 2016-11-22 10:39:55 +01:00
Tomas Mraz
be56ae067b update to upstream version 1.1.0c 2016-11-11 14:47:36 +01:00
Tomas Mraz
f655917cf7 use a random seed if the supplied one did not generate valid 
parameters in dsa_builtin_paramgen2()
 2016-11-04 12:10:01 +01:00
Tomas Mraz
c7fc8d6daa do not break contract on return value when using dsa_builtin_paramgen2() 2016-10-17 13:06:36 +02:00
Tomas Mraz
d2220322f3 fix afalg failure on big endian 2016-10-12 14:47:08 +02:00
Tomas Mraz
4e52f8d3db Use eventfd2 syscall instead of deprecated eventfd. 2016-10-11 10:58:08 +02:00
Tomas Mraz
510bcc2e3a update to upstream version 1.1.0b 2016-10-11 10:31:54 +02:00
Richard W.M. Jones
d0c38b1fe6 Add flags for riscv64. 2016-10-07 20:44:34 +01:00
Tomas Mraz
e8261d1b72 minor upstream release 1.0.2j fixing regression from previous release 2016-09-26 12:56:04 +02:00
David Woodhouse
edc03c1b9b Fix enginesdir in libcrypto.pc (#1375361) 2016-09-24 20:36:58 +01:00
Tomas Mraz
6e67274c62 minor upstream release 1.0.2i fixing security issues 
- move man pages for perl based scripts to perl subpackage (#1377617)
 2016-09-22 14:16:05 +02:00
Tomas Mraz
9fc25c1d28 fix regression in Cisco AnyConnect VPN support (#1354588) 2016-08-10 13:50:49 +02:00
Tomas Mraz
a1b5b83ccd require libcrypto in libssl.pc (#1301301) 2016-06-27 12:09:15 +02:00
Petr Písař
b7ec4eee2b Mandatory Perl build-requires added <https://fedoraproject.org/wiki/Changes/Build_Root_Without_Perl> 2016-06-24 10:44:40 +02:00
Tomas Mraz
eeb6ac1a65 minor upstream release 1.0.2h fixing security issues 2016-05-03 18:23:18 +02:00
Tomas Mraz
0a6d0e5ddc disable SSLv2 support altogether (without ABI break) 2016-03-29 15:47:40 +02:00
Tom Callaway
589d3ee15b enable RC5 with permission from Legal 2016-03-07 21:56:55 -06:00
Tomas Mraz
8f6be98bf7 reenable SSL2 in the build to avoid ABI break 
(it does not make the openssl vulnerable to DROWN attack)
 2016-03-02 09:33:35 +01:00
Tomas Mraz
e7a0ff581f minor upstream release 1.0.2g fixing security issues 2016-03-01 17:22:06 +01:00
Fedora Release Engineering
843fdf0512 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild 2016-02-04 11:34:33 +00:00
Tomas Mraz
1004dabcc6 minor upstream release 1.0.2f fixing security issues 
- add support for MIPS secondary architecture
 2016-01-28 17:12:09 +01:00
Tomas Mraz
341f751fb7 Add missing buildrequires for SCTP 2016-01-15 14:43:57 +01:00
Tomas Mraz
0d8bb6ef41 document some options of openssl speed command 2016-01-15 14:19:55 +01:00
Tomas Mraz
41a5ee166a enable sctp support in DTLS 2015-12-18 13:52:00 +01:00
Tomas Mraz
c79bed9e76 remove unimplemented EC method from header (#1289599) 2015-12-08 15:56:50 +01:00
Tomas Mraz
88482b2b4a the fast nistp implementation works only on little endian architectures 2015-12-07 15:02:57 +01:00
Tomas Mraz
6536aa4c73 Makefile.certificate should not set serial to 0 by default 2015-12-04 14:36:15 +01:00
Tomas Mraz
4240ecaa1b minor upstream release 1.0.2e fixing moderate severity security issues 
- enable fast assembler implementation for NIST P-256 and P-521
  elliptic curves (#1164210)
- filter out unwanted link options from the .pc files (#1257836)
 2015-12-04 14:13:59 +01:00
Tomas Mraz
a83e4d7c4a fix sigill on some AMD CPUs (#1278194) 2015-11-16 17:47:54 +01:00
Tom Callaway
314b2359b8 BR: /usr/bin/pod2man 2015-08-12 17:16:04 -04:00
Tom Callaway
1417ec988d enable secp256k1 (bz1021898) 2015-08-12 17:07:46 -04:00
Tomas Mraz
5675d07a14 minor upstream release 1.0.2d fixing a high severity security issue 2015-07-09 17:25:58 +02:00
Tomas Mraz
7f0b164051 fix the aarch64 build 2015-07-07 09:47:17 +02:00
Dennis Gilmore
49a07018fb - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild 2015-06-18 00:06:33 +00:00
Tomas Mraz
837dd04882 minor upstream release 1.0.2c fixing multiple security issues 2015-06-15 18:23:46 +02:00
Peter Robinson
18455c91c0 Add aarch64 sslarch details 2015-05-07 16:04:05 +01:00
Tomas Mraz
e4bf425a79 fix some 64 bit build targets 2015-05-07 12:01:04 +02:00
Tomas Mraz
d743a79756 add alternative certificate chain discovery support from upstream 2015-04-28 17:10:52 +02:00
Tomas Mraz
a1fb602a95 rebase to 1.0.2 branch 2015-04-23 13:57:26 +02:00
Tomas Mraz
805c06e347 drop the AES-GCM restriction of 2^32 operations 
The IV is always 96 bits (32 bit fixed field + 64 bit invocation field).
 2015-04-09 13:10:25 +02:00
Tomas Mraz
729d2d0e11 Multiple security issues fixed. 
- fix CVE-2015-0209 - potential use after free in d2i_ECPrivateKey()
- fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison
- fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption
- fix CVE-2015-0289 - NULL dereference decoding invalid PKCS#7 data
- fix CVE-2015-0293 - triggerable assert in SSLv2 server
 2015-03-19 18:08:12 +01:00
Tomas Mraz
446f9bea43 fix bug in the CRYPTO_128_unwrap() 2015-03-16 18:02:06 +01:00