Commit Graph

569 Commits

Author SHA1 Message Date
Tomáš Mráz
5845987ab4 - fix non-fips mingw build (patch by Kalev Lember)
- add IPV6 fix for DTLS
2009-11-23 07:54:08 +00:00
Tomáš Mráz
c9026def03 - add better error reporting for the unsafe renegotiation 2009-11-20 17:30:27 +00:00
Tomáš Mráz
359f84cd81 - fix build on s390x 2009-11-20 09:27:16 +00:00
Tomáš Mráz
e88edba9c7 - disable enforcement of the renegotiation extension on the client
(#537962)
- add fixes from the current upstream snapshot
2009-11-18 14:03:10 +00:00
Tomáš Mráz
5b761f5986 - disable enforcement of the renegotiation extension on the client
(#537962)
- add fixes from the current upstream snapshot
2009-11-18 13:14:13 +00:00
Tomáš Mráz
6b512f3414 - add missing patch 2009-11-13 13:22:59 +00:00
Tomáš Mráz
5404b48738 - keep the beta status in version number at 3 so we do not have to rebuild
openssh and possibly other dependencies with too strict version check
2009-11-13 12:46:47 +00:00
Tomáš Mráz
982ac6e5f9 - keep the beta status in version number at 3 so we do not have to rebuild
openssh and possibly other dependencies with too strict version check
2009-11-13 12:11:41 +00:00
Tomáš Mráz
a9fcedd3fb - keep the beta status in version number at 3 so we do not have to rebuild
openssh and possibly other dependencies with too strict version check
2009-11-13 11:45:07 +00:00
Tomáš Mráz
27847ae318 - update to new upstream version, no soname bump needed
- fix CVE-2009-3555 - note that the fix is bypassed if SSL_OP_ALL is used
    so the compatibility with unfixed clients is not broken. The protocol
    extension is also not final.
2009-11-12 21:15:24 +00:00
Tomáš Mráz
654ccf4a2f - add fix to compile on new binutils 2009-11-12 16:27:52 +00:00
Tomáš Mráz
aabbc9ad89 - update to new upstream version, no soname bump needed
- fix CVE-2009-3555 - note that the fix is bypassed if SSL_OP_ALL is used
    so the compatibility with unfixed clients is not broken. The protocol
    extension is also not final.
2009-11-12 15:51:40 +00:00
Tomáš Mráz
a650e4abcb - fix use of freed memory if SSL_CTX_free() is called before SSL_free()
(#521342)
2009-10-16 11:40:27 +00:00
Tomáš Mráz
e0fe963bd1 - fix use of freed memory if SSL_CTX_free() is called before SSL_free()
(#521342)
2009-10-16 11:28:02 +00:00
Tomáš Mráz
5c062c1ba9 - fix typo in DTLS1 code (#527015)
- fix leak in error handling of d2i_SSL_SESSION()
2009-10-08 19:01:43 +00:00
Tomáš Mráz
1a303f4853 - fix typo in DTLS1 code (#527015)
- fix leak in error handling of d2i_SSL_SESSION()
2009-10-08 18:45:10 +00:00
Tomáš Mráz
0d4bee2e57 - fix RSA and DSA FIPS selftests
- reenable fixed x86_64 camellia assembler code (#521127)
2009-09-30 18:34:35 +00:00
Tomáš Mráz
75f7276f8b - fix RSA and DSA FIPS selftests
- reenable fixed x86_64 camellia assembler code (#521127)
2009-09-30 18:18:48 +00:00
Jesse Keating
ac2b786dc8 Initialize branch F-12 for openssl 2009-09-29 05:49:00 +00:00
Tomáš Mráz
2d8446ff1a - temporarily disable x86_64 camellia assembler code (#521127) 2009-09-04 12:08:42 +00:00
Tomáš Mráz
c99976de43 - fix openssl dgst -dss1 (#520152) 2009-08-31 11:07:49 +00:00
Tomáš Mráz
9583cca278 - drop the compat symlink hacks 2009-08-26 15:50:36 +00:00
Tomáš Mráz
e1c2b406a8 - constify SSL_CIPHER_description() 2009-08-22 14:38:34 +00:00
Tomáš Mráz
4d132a5c14 - fix WWW:Curl:Easy reference in tsget 2009-08-21 13:42:11 +00:00
Tomáš Mráz
5ff2efa4d0 - enable MD-2 2009-08-21 13:08:15 +00:00
Tomáš Mráz
5e52c4857f - fix RC4 prototype 2009-08-20 17:22:41 +00:00
Tomáš Mráz
92200faba0 - fix camellia compilation with asm and fips 2009-08-20 15:08:21 +00:00
Tomáš Mráz
62f5688f6b - add missing semicolon 2009-08-20 14:41:33 +00:00
Tomáš Mráz
2ccfa6b48f - update to new major upstream release 2009-08-20 14:20:57 +00:00
Tomáš Mráz
58b40a384a - update to new major upstream release 2009-08-20 14:18:42 +00:00
Jesse Keating
72586e9d99 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild 2009-07-25 20:54:16 +00:00
Bill Nottingham
d01d89f81d - do not build special 'optimized' versions for i686, as that's the base
arch in Fedora now
2009-07-22 15:57:43 +00:00
Tomáš Mráz
ed645aa98f - abort if selftests failed and random number generator is polled
- mention EVP_aes and EVP_sha2xx routines in the manpages
- add README.FIPS
- make CA dir absolute path (#445344)
- change default length for RSA key generation to 2048 (#484101)
2009-07-01 09:52:07 +00:00
Tomáš Mráz
05a8f32a5e - abort if selftests failed and random number generator is polled
- mention EVP_aes and EVP_sha2xx routines in the manpages
- add README.FIPS
- make CA dir absolute path (#445344)
- change default length for RSA key generation to 2048 (#484101)
2009-06-30 14:20:37 +00:00
Tomáš Mráz
44abf9d002 - abort if selftests failed and random number generator is polled
- mention EVP_aes and EVP_sha2xx routines in the manpages
- add README.FIPS
- make CA dir absolute path (#445344)
- change default length for RSA key generation to 2048 (#484101)
2009-06-30 11:17:45 +00:00
Tomáš Mráz
387d98c6e7 - fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 (DTLS DoS problems)
(#501253, #501254, #501572)
2009-05-21 16:30:42 +00:00
Tomáš Mráz
7723dd9040 - support compatibility DTLS mode for CISCO AnyConnect (#464629) 2009-04-21 10:05:11 +00:00
Tomáš Mráz
e1c42b9abd - correct the SHLIB_VERSION define 2009-04-17 16:13:51 +00:00
Tomáš Mráz
bb917d493c - add support for multiple CRLs with same subject
- load only dynamic engine support in FIPS mode
2009-04-15 14:36:54 +00:00
Tomáš Mráz
a9e5f01ef5 - update to new upstream release (minor bug fixes, security fixes and
machine code optimizations only)
2009-03-25 21:12:41 +00:00
Tomáš Mráz
a9567a4b21 - move only on 64bits 2009-03-19 11:03:16 +00:00
Tomáš Mráz
58f96a71e5 - move libraries to /usr/lib (#239375) 2009-03-19 10:31:41 +00:00
Tomáš Mráz
15d9ef2c72 - add a static subpackage 2009-03-13 13:10:33 +00:00
Jesse Keating
527ed75e65 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild 2009-02-26 08:50:21 +00:00
Tomáš Mráz
07bd81ddaf - must also verify checksum of libssl.so in the FIPS mode
- obtain the seed for FIPS rng directly from the kernel device
- drop the temporary symlinks
2009-02-02 16:46:33 +00:00
Tomáš Mráz
c7641abc30 - drop the temporary triggerpostun and symlinking in post
- fix the pkgconfig files and drop the unnecessary buildrequires on
    pkgconfig as it is a rpmbuild dependency (#481419)
2009-01-26 21:07:21 +00:00
Tomáš Mráz
919b2c6500 - add temporary triggerpostun to reinstate the symlinks 2009-01-17 20:49:48 +00:00
Tomáš Mráz
7e0fce6fea - add temporary triggerpostun to reinstate the symlinks 2009-01-17 20:48:44 +00:00
Tomáš Mráz
105eb2ce8f - no pairwise key tests in non-fips mode (#479817) 2009-01-17 19:31:29 +00:00
Tomáš Mráz
ebd2901e1d - even more robust test for the temporary symlinks 2009-01-16 16:11:07 +00:00