Tomas Mraz
68f387b1c4
fix SECLEVEL 3 support
...
fix some issues found in Coverity scan
2018-10-12 17:35:34 +02:00
Tomas Mraz
a985e4b118
Drop obsolete re-copying of headers.
2018-10-01 14:41:25 +02:00
Charalampos Stratakis
3bfe874268
Correctly invoke sed for defining OPENSSL_NO_SSL3
2018-09-27 20:49:10 +02:00
Tomas Mraz
8574fb5150
define OPENSSL_NO_SSL3 so the newly built dependencies do not
...
have access to SSL3 API calls anymore
2018-09-27 16:53:06 +02:00
Tomas Mraz
33bd389ea8
reinstate accidentally dropped patch for weak ciphersuites
2018-09-17 12:56:19 +02:00
Tomas Mraz
746c76a1d7
Drop RANDFILE from default config file so it is not used by default
2018-09-14 13:10:14 +02:00
Tomas Mraz
143a3dae64
Adjust test_verify for the SHA1 allowement in SECLEVEL 2
2018-09-14 12:38:01 +02:00
Tomas Mraz
60efa7758e
Bump release
2018-09-14 10:57:22 +02:00
Tomas Mraz
1a7b91b472
for consistent support of security policies we build
...
RC4 support in TLS (not default) and allow SHA1 in SECLEVEL 2
2018-09-14 10:56:06 +02:00
Tomas Mraz
d2c08bab45
Upload the 1.1.1 sources
2018-09-13 09:45:00 +02:00
Tomas Mraz
a4bf4e1b65
update to the final 1.1.1 version
2018-09-13 09:43:22 +02:00
Tomas Mraz
90121b0c9d
Multiple fixes
...
do not try to initialize RNG in cleanup if it was not initialized
before (#1624554 )
use only /dev/urandom if getrandom() is not available
disable SM4
2018-09-06 13:48:54 +02:00
Tomas Mraz
cfeae6fcb3
Two minor fixes
...
fix dangling symlinks to manual pages
make SSLv3_method work
2018-08-29 18:25:29 +02:00
Tomas Mraz
62ec0f1fa9
update to the latest 1.1.1 beta version
2018-08-22 12:41:26 +02:00
Tomas Mraz
1186311ade
bidirectional shutdown fixes from upstream
2018-08-13 16:03:04 +02:00
Tomas Mraz
f7a30f9a15
do not put error on stack when using fixed protocol version
...
(#1615098 )
2018-08-13 11:34:33 +02:00
Tomas Mraz
60357072e0
load crypto policy config file from the default config
2018-07-31 16:24:45 +02:00
Tomas Mraz
4bff11d832
Drop unused file from git.
2018-07-26 11:04:41 +02:00
Tomas Mraz
9189f03055
update to the latest 1.1.1 beta version
2018-07-25 18:15:19 +02:00
Fedora Release Engineering
7f74f219f1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-07-13 15:12:04 +00:00
Tomas Mraz
5ec63a5ce1
The hack is needed only on some architectures.
2018-06-19 18:39:17 +02:00
Tomas Mraz
86c97f4f4b
Make the afalg engine build.
...
There is a conflict in some types between glibc and linux headers.
Adding a hack to avoid it.
2018-06-19 16:58:06 +02:00
Tomas Mraz
98bbad839c
fix FIPS RSA key generation failure
2018-06-19 16:05:15 +02:00
Tomas Mraz
357b7a7e37
ppc64le is not multilib arch ( #1584994 )
2018-06-04 12:24:19 +02:00
Tomas Mraz
73ef787803
renew-dummy-cert: Fix long serial number renewal problem.
...
Do not try to increment the serial number, use long random one instead.
2018-05-04 09:17:27 +02:00
Tomas Mraz
5d5075d4c9
Fix mistake in the FIPS RSA keygen causing key generation failures.
2018-04-05 16:46:28 +02:00
Tomas Mraz
08db5cbcb9
fix regression of c_rehash ( #1562953 )
2018-04-03 13:03:32 +02:00
Tomas Mraz
5a93773172
fix FIPS symbol versions
2018-03-29 18:13:54 +02:00
Tomas Mraz
c6d0704d87
Add missing build dependencies.
2018-03-29 16:40:14 +02:00
Tomas Mraz
6eb8f62027
update to upstream version 1.1.0h
...
Add Recommends for openssl-pkcs11
2018-03-29 15:44:09 +02:00
Tomas Mraz
6d92af0099
one more try to apply RPM_LD_FLAGS properly ( #1541033 )
...
dropped unneeded starttls xmpp patch (#1417017 )
2018-02-23 17:01:58 +01:00
Igor Gnatenko
e688115b6d
Remove %clean section
...
None of currently supported distributions need that.
Last one was EL5 which is EOL for a while.
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
2018-02-14 09:56:41 +01:00
Fedora Release Engineering
3a05f1f46a
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2018-02-08 17:49:45 +00:00
Tomas Mraz
c11b1341c5
apply RPM_LD_FLAGS properly ( #1541033 )
2018-02-01 18:07:30 +01:00
Tomas Mraz
899f2baacb
silence the .rnd write failure as that is auxiliary functionality ( #1524833 )
2018-01-11 18:08:54 +01:00
Tomas Mraz
f20f5f466f
put the Makefile.certificate in pkgdocdir and drop the requirement on make
2017-12-14 16:26:05 +01:00
Miroslav Vadkerti
0ac4eaaf93
tests: add simple-rsapss-test
...
Signed-off-by: Miroslav Vadkerti <mvadkert@redhat.com>
2017-11-11 22:12:23 -05:00
Tomas Mraz
8e2fdfb52a
Uploaded 1.1.0g sources.
2017-11-03 17:07:20 +01:00
Tomas Mraz
e85d72778f
update to upstream version 1.1.0g
2017-11-03 16:57:03 +01:00
Fedora Release Engineering
50c1418e79
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
2017-08-03 04:36:41 +00:00
Fedora Release Engineering
c68da76796
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
2017-07-27 01:53:35 +00:00
Tomas Mraz
790567dc64
make s_client and s_server work with -ssl3 option ( #1471783 )
2017-07-17 15:05:28 +02:00
Petr Písař
f852080c72
perl dependency renamed to perl-interpreter < https://fedoraproject.org/wiki/Changes/perl_Package_to_Install_Core_Modules >
2017-07-13 11:16:32 +02:00
Tomas Mraz
7b595774f0
disable verification of all insecure hashes
2017-06-26 16:28:56 +02:00
Tomas Mraz
226b42827c
make DTLS work ( #1462541 )
2017-06-23 17:04:24 +02:00
Tomas Mraz
81258b6d2a
enable 3DES SSL ciphersuites, RC4 is kept disabled ( #1453066 )
2017-06-15 15:17:26 +02:00
Tomas Mraz
6b68d87d06
only release thread-local key if we created it (from upstream) ( #1458775 )
2017-06-05 17:20:12 +02:00
Tomas Mraz
1ff978b22e
update to upstream version 1.1.0f
...
SRP and GOST is now allowed, note that GOST support requires
adding GOST engine which is not part of openssl anymore
2017-06-02 15:32:15 +02:00
Tomas Mraz
c676ac32d5
update to upstream version 1.1.0e
...
add documentation of the PROFILE=SYSTEM special cipher string (#1420232 )
2017-02-16 16:59:27 +01:00
Fedora Release Engineering
f6b0040c3e
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
2017-02-11 00:58:36 +00:00