rpms/openssl
7
1
Fork 1
Code Issues Pull Requests Releases Activity
650 Commits 12 Branches 96 Tags 5.5 MiB
02e6a29675
Commit Graph

650 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Eduard Abdullin
02e6a29675 Redefine sslarch for x86_64_v2 arch 2025-09-06 02:53:46 +00:00
Pavol Žáčik
b3a1d7764e
Initialize reserved and unused memory in aes-s390x.pl 
Resolves: RHEL-107479
 2025-09-05 11:36:44 +02:00
Pavol Žáčik
e832a5fa41
Fix globally disabled LTO 
Using %define _lto_cflags %{nil} in %check
would zero the LTO flags globally, resulting
in disabled LTO for the entire build instead
of just the tests.

Related: RHEL-111634
 2025-09-05 11:12:32 +02:00
Eduard Abdullin
ea394def22 Redefine sslarch for x86_64_v2 arch 2025-09-02 02:52:35 +00:00
Pavol Žáčik
1c469fd6d2
Build tests in %check and without LTO 
The patch which enables the split build is backported
from https://github.com/openssl/openssl/pull/28302.

Resolves: RHEL-111634
 2025-08-29 16:23:57 +02:00
Pavol Žáčik
10f6d8e74b
Make openssl speed test signatures without errors 
Patch backported from https://github.com/openssl/openssl/pull/28224.

Resolves: RHEL-95182
 2025-08-28 13:19:40 +02:00
Eduard Abdullin
2d7e345d72 Redefine sslarch for x86_64_v2 arch 2025-07-29 18:20:40 +00:00
Simo Sorce
28538f622d Fix Requires/Provides to fix default install of fips providers 
Resolves: RHEL-105010

Signed-off-by: Simo Sorce <simo@redhat.com>
 2025-07-24 06:48:23 -04:00
Simo Sorce
d431b4407c Add custom define to disable symbol versioning in downstream patched code 
Also add stricter Suggests for openssl-fips-provider
  Resolves: RHEL-101548

Signed-off-by: Simo Sorce <simo@redhat.com>
 2025-07-24 06:43:16 -04:00
Simo Sorce
6b623cae3c Add a openssl-fips-provider package 
This allows it to be replaced by fips-provider-next which is built as an
alternative fips provider. Adds a Suggests to still prefer the openssl's
own packge by default.

Resolves: RHEL-105298

Signed-off-by: Simo Sorce <simo@redhat.com>
 2025-07-24 06:38:20 -04:00
Simo Sorce
e014d8a609 Temporarily disable SLH-DSA FIPS self tests 
This was enabled during the rebase but it needs to be disabled until
performance issues are resolved.

Related: RHEL-80854

Signed-off-by: Simo Sorce <simo@redhat.com>
 2025-07-24 06:32:50 -04:00
Eduard Abdullin
ed94729646 Redefine sslarch for x86_64_v2 arch 2025-07-02 02:37:33 +00:00
Dmitry Belyavskiy
98cf25a4c0 Rebasing to OpenSSL 3.5.1 
Resolves: RHEL-90350
Resolves: RHEL-95613
Resolves: RHEL-97796
Resolves: RHEL-99353
Resolves: RHEL-100168
 2025-07-01 16:33:14 +02:00
Eduard Abdullin
c1b604447f Redefine sslarch for x86_64_v2 arch 2025-06-06 02:39:31 +00:00
Dmitry Belyavskiy
5a68570dd4 rebuilt 
Related: RHEL-80811
 2025-06-05 15:50:22 +02:00
Dmitry Belyavskiy
d13b9c5c36 rebuilt 
Related: RHEL-80811
 2025-06-05 11:59:49 +02:00
Eduard Abdullin
f6ada2a5d3 Redefine sslarch for x86_64_v2 arch 2025-06-05 02:34:26 +00:00
Dmitry Belyavskiy
1d401560ac rebuilt 
Related: RHEL-80811
 2025-06-04 17:43:35 +02:00
Dmitry Belyavskiy
1e7815b2cf Make hybrid MLKEM work with our FIPS provider (3.0.7) 
Resolves: RHEL-94614
 2025-06-04 14:16:20 +02:00
Dmitry Belyavskiy
0367bee51d Compact patches for better maintainability 
Related: RHEL-80811
 2025-06-03 17:26:56 +02:00
Eduard Abdullin
74b93665b4 Redefine sslarch for x86_64_v2 arch 2025-05-23 02:38:19 +00:00
Dmitry Belyavskiy
63b528e647 Fix UEFI builds on double function definitions 
Resolves: RHEL-93168
 2025-05-22 13:30:46 +02:00
Dmitry Belyavskiy
062693b2b8 Fix regressions caused by rebase to OpenSSL 3.5 
Related: RHEL-80811
 2025-05-22 12:59:35 +02:00
Eduard Abdullin
13de65a2dd Redefine sslarch for x86_64_v2 arch 2025-05-15 02:53:32 +00:00
Dmitry Belyavskiy
dc0e1f27f5 Fix UEFI builds 
Resolves: RHEL-89137
 2025-05-14 12:54:07 +02:00
Dmitry Belyavskiy
f911c21296 Enable sslkeylog support 
Resolves: RHEL-90853
 2025-05-14 11:48:09 +02:00
Dmitry Belyavskiy
4b761c8ea2 Restore RHEL9-style indicators defines 
Resolves: RHEL-88906
 2025-05-14 11:41:03 +02:00
Dmitry Belyavskiy
154d1831cd Expose settable params for EVP_SKEY 
Resolves: RHEL-88913
 2025-05-14 11:38:56 +02:00
Dmitry Belyavskiy
1934b43ef1 pkeyutl ecdsa signature with sha1 shouldn't work by default 
Resolves: RHEL-88911
 2025-05-14 11:36:32 +02:00
Dmitry Belyavskiy
b5cbb03855 Fix openssl speed running in FIPS mode 
Resolves: RHEL-88908
 2025-05-14 11:33:54 +02:00
Eduard Abdullin
c38d293785 Redefine sslarch for x86_64_v2 arch 2025-04-18 02:42:59 +00:00
Dmitry Belyavskiy
cad2bb93ac Update depencency on crypto-policies 
Related: RHEL-80811
 2025-04-17 10:59:34 +02:00
Eduard Abdullin
1d120570ad Redefine sslarch for x86_64_v2 arch 2025-04-17 02:42:05 +00:00
George Pantelakis
06ffd03349 plans: update the CI plan with the correct plan names 2025-04-16 16:58:23 +02:00
Dmitry Belyavskiy
296ae60f11 Rebasing OpenSSL to 3.5 
Resolves: RHEL-80811
Resolves: RHEL-57022
Resolves: RHEL-24098
Resolves: RHEL-24097
Resolves: RHEL-86865
 2025-04-16 10:23:19 +02:00
Eduard Abdullin
e530f5c8f7 Redefine sslarch for x86_64_v2 arch 2025-02-18 17:46:53 +03:00
Dmitry Belyavskiy
fb8a97e51d Fix segfault on printing the temp key from s_client when connection is not established 
Resolves: RHEL-79045
 2025-02-12 14:59:33 +01:00
Dmitry Belyavskiy
f784b47db4 RFC7250 handshakes with unauthenticated servers don't abort as expected (CVE-2024-12797) 
Resolves: RHEL-76754
 2025-02-12 14:58:19 +01:00
eabdullin
ef76bdc634 Merge branch 'c10s' into a10s 2025-02-04 13:52:58 +03:00
Dmitry Belyavskiy
7840be76de Load system default cipher string from crypto-policies configuration file 
...should ignore errors.

Related: RHEL-71132
 2025-01-29 21:36:05 +01:00
Dmitry Belyavskiy
d6a9e4cbb6 Fix timing side-channel in ECDSA signature computation (CVE-2024-13176) 
Resolves: RHEL-70879
 2025-01-29 18:34:26 +01:00
Dmitry Belyavskiy
34e41ff200 Get rid of checking /etc/crypto-policies/back-ends/openssl.config 
Resolves: RHEL-71132
 2025-01-24 17:39:21 +01:00
Dmitry Belyavskiy
a4086ec177 Locally configured providers should not interfere with openssl build-time tests 
Resolves: RHEL-76182
 2025-01-24 17:36:21 +01:00
Dmitry Belyavskiy
e5573d1b8d Ensure correct fips.so checksum calculation 
Resolves: RHEL-73170
 2025-01-24 17:36:21 +01:00
Dmitry Belyavskiy
9a7c320d2c Print key exchange group for hybrid PQC 
Resolves: RHEL-66163
 2025-01-24 17:36:21 +01:00
Dmitry Belyavskiy
bdb28e8ff0 Fix pkcs12 command line segfault 
Resolves: RHEL-70878
 2025-01-24 17:36:14 +01:00
Dmitry Belyavskiy
5fae31daba - Fix providers no_cache behavior 
Resolves: RHEL-71903
 2025-01-24 17:34:42 +01:00
eabdullin
fee9e80345 Merge branch 'c10s' into a10s 2024-12-06 16:37:58 +03:00
Troy Dawson
8b5d84e945 Bump release for October 2024 mass rebuild: 
Resolves: RHEL-64018
 2024-10-29 08:53:09 -07:00
eabdullin
994352a698 Merge branch 'c10s' into a10s 2024-10-21 11:59:34 +03:00