rpms/openssl
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
529 Commits 35 Branches 198 Tags 8.3 MiB
278731bcc5
Commit Graph

529 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Abdurachmanov
278731bcc5
Merge remote-tracking branch 'up/f33' into f33-riscv64 
Signed-off-by: David Abdurachmanov <david.abdurachmanov@gmail.com>
 2021-05-06 09:44:13 +03:00
Sahana Prasad
0f5f931f9a update to version 1.1.1k 
Signed-off-by: Sahana Prasad <sahana@redhat.com>
 2021-03-26 07:37:03 +01:00
Sahana Prasad
b023ffe39f Upgrade to version 1.1.1.j 
Signed-off-by: Sahana Prasad <sahana@redhat.com>
 2021-03-03 15:08:11 +01:00
Sahana Prasad
fb8e66a58f Fix regression in X509_verify_cert() #bz1916594 
Signed-off-by: Sahana Prasad <sahana@redhat.com>
 2021-02-10 14:56:08 +01:00
Fedora Release Engineering
d34c6392bf - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2021-01-26 22:36:18 +00:00
Tom Stellard
c89aeae26c Add BuildRequires: make 
https://fedoraproject.org/wiki/Changes/Remove_make_from_BuildRoot
 2021-01-07 06:39:07 +00:00
Tomas Mraz
a07706cf0e Update to the 1.1.1i release fixing CVE-2020-1971 2020-12-09 10:49:38 +01:00
David Abdurachmanov
d4908a5fbf
Add --libdir=%{_lib} for riscv64 
We need this because there is no riscv64 specific configuration which
would set multilib to 64. It should be easy to write one and send to
the upstream.

Signed-off-by: David Abdurachmanov <david.abdurachmanov@sifive.com>
 2020-12-01 15:27:49 +02:00
Sahana Prasad
3413ff9700 Upgrade to version 1.1.1h 
Signed-off-by: Sahana Prasad <sahana@redhat.com>
 2020-11-09 10:41:15 +01:00
Jakub Jelen
261f10a200 Do not ship in main package manuals (or aliases) to tools from perl subpackage 2020-10-23 10:06:51 +02:00
Fedora Release Engineering
7ae2c9cd85 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-07-28 12:48:57 +00:00
Tom Stellard
a75e581407 Use make macros 
https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
 2020-07-21 20:31:48 +00:00
Tomas Mraz
067d5800f2 Additional FIPS mode check for EC key generation 2020-07-20 14:51:05 +02:00
Tomas Mraz
04d5ef4d72 Further changes for SP 800-56A rev3 requirements 2020-07-17 12:41:39 +02:00
Tomas Mraz
7f27ca925c Drop long ago obsolete part of the FIPS patch 2020-06-23 15:55:16 +02:00
Tomas Mraz
f023424321 Rewire FIPS_drbg API to use the RAND_DRBG 2020-06-22 13:43:12 +02:00
Tomas Mraz
ef93cf994d SHA1 is allowed in @SECLEVEL=2 only if allowed by TLS SigAlgs configuration 
Also some small TLS protocol fixes/changes:

Disallow dropping Extended Master Secret extension on renegotiation
Return alert from s_server if ALPN protocol does not match
 2020-06-05 17:39:16 +02:00
Tomas Mraz
b9c80ecf85 Add FIPS selftest for PBKDF2 and KBKDF 
Also more adjustments to the FIPS DH handling
 2020-06-03 16:30:12 +02:00
Tomas Mraz
9833eff277 Use the well known DH groups in TLS 2020-05-26 09:28:42 +02:00
Tomas Mraz
8746bcba4c Allow only well known DH groups in the FIPS mode 2020-05-25 18:52:45 +02:00
Adam Williamson
7396eb055e Re-apply change from -2 now we have fixed nosync to work with it 2020-05-21 13:04:18 -07:00
Adam Williamson
6e23655506 Re-apply "FIPS module installed state definition is modified" 
This reverts commit 1bc9545b38 and
re-applies the previous change
"FIPS module installed state definition is modified", commit
89a24d69fc . We have updated the
builders to the newer nosync version that should work OK with
this change now, so we can try it again.
 2020-05-21 13:01:54 -07:00
Adam Williamson
87eaf879ac Revert the change from -2 as it seems to cause segfaults 2020-05-19 18:35:16 -07:00
Adam Williamson
1bc9545b38 Revert "FIPS module installed state definition is modified" 
This reverts commit 89a24d69fc.
 2020-05-19 18:33:30 -07:00
Tomas Mraz
1e6a98d9e9 pull some fixes and improvements from RHEL-8 2020-05-18 13:26:53 +02:00
Tomas Mraz
d902645d90 Unused patch dropped 2020-05-18 13:13:56 +02:00
Tomas Mraz
89a24d69fc FIPS module installed state definition is modified 2020-05-15 17:45:44 +02:00
Miro Hrončok
0f4ce87941 Fedora CI: Test with the "main" Python version 
See https://src.fedoraproject.org/tests/python/pull-request/21
 2020-04-28 19:01:56 +00:00
Tomas Mraz
5888d1863e update to the 1.1.1g release 2020-04-23 13:47:52 +02:00
Tomas Mraz
5004ccfb25 update to the 1.1.1f release 2020-04-07 16:50:53 +02:00
Tomas Mraz
ea310218f3 revert the unexpected EOF error reporting change 
it is too disruptive for the stable release branch
 2020-03-26 15:14:08 +01:00
Tomas Mraz
c9936c55c2 Additional perl module buildrequires 2020-03-20 13:30:41 +01:00
Tomas Mraz
30d45eb047 Add BuildRequires perl(FindBin) 2020-03-20 12:44:34 +01:00
Tomas Mraz
c11b71fd2f update to the 1.1.1e release 
add selftest of the RAND_DRBG implementation
fix incorrect error return value from FIPS_selftest_dsa
 2020-03-19 17:44:25 +01:00
Tomas Mraz
c77593a912 Intel CET patch - also add CFI fixes to sync with upstream 2020-02-17 12:05:57 +01:00
Tomas Mraz
b9b156fb97 apply Intel CET support patches by hjl (#1788699) 2020-02-17 11:54:47 +01:00
Tomas Mraz
d742997a1e Fix incorrect error return value from FIPS_selftest_dsa() 2020-02-12 17:03:11 +01:00
Fedora Release Engineering
898af7893c - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-01-29 20:25:04 +00:00
Tomas Mraz
b8a97dc1d8 allow zero length parameters in KDF_CTX_ctrl() 2019-11-21 14:49:21 +01:00
Tomas Mraz
0536b721ef backport of SSKDF from master 2019-11-14 16:13:49 +01:00
Tomas Mraz
266efa3055 backport of KBKDF and KRB5KDF from master 2019-11-13 13:43:05 +01:00
Tomas Mraz
dc9d5caf5e KBKDF for Kerberos 5 2019-11-12 16:38:11 +01:00
Tomas Mraz
f1c4ba61a3 Multiple fixes 
re-enable the stitched AES-CBC-SHA implementations
make AES-GCM work in FIPS mode again
enable TLS-1.2 AES-CCM ciphers in FIPS mode
fix openssl speed errors in FIPS mode
 2019-10-03 17:43:23 +02:00
Tomas Mraz
10c30b2322 Re-add one hunk of the fips patch accidentally dropped in the rebase. 2019-09-27 08:36:50 +02:00
Tomas Mraz
f6a62c4c2c update to the 1.1.1d release 2019-09-13 17:25:44 +02:00
Tomas Mraz
c44b3f96fe Bump release correctly 2019-09-06 17:18:46 +02:00
Tomas Mraz
45ebb7fdc2 upstream fix for status request extension non-compliance (#1737471) 2019-09-06 17:02:18 +02:00
Fedora Release Engineering
dba4c3b578 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2019-07-25 23:35:44 +00:00
Miro Hrončok
b395c9afd4 Fedora CI: Python: readd test_asyncio 2019-06-25 22:23:49 +02:00
Tomas Mraz
8419f769c7 Do not try to use EC groups disallowed in FIPS mode in TLS 
Also fix Valgrind regression with constant-time code
 2019-06-24 15:13:12 +02:00