rpms
/
openssl
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
236 Commits 35 Branches 198 Tags 8.3 MiB
Commit Graph

196 Commits

Author SHA1 Message Date
Tomas Mraz ad05b50537 New upstream release from the 1.0.1 branch, ABI compatible 
- also add documentation for the -no_ign_eof option
 2012-02-07 13:46:42 +01:00
Tomas Mraz d91aea8890 new upstream release fixing CVE-2012-0050 - DoS regression in 
DTLS support introduced by the previous release (#782795)
 2012-01-19 16:48:48 +01:00
Peter Robinson 48bba71e16 mktemp was long obsoleted by coreutils 2012-01-11 10:41:37 +00:00
Tomas Mraz 628d7e4989 new upstream release fixing multiple CVEs 2012-01-05 15:14:10 +01:00
Tomas Mraz c28bd1cc5f Make the non-upstream tarball comment more clear. 2011-11-25 16:32:43 +01:00
Tomas Mraz 497f2d674c move the libraries needed for static linking to Libs.private 2011-11-22 11:53:40 +01:00
Tomas Mraz 6f65ffce68 do not use AVX instructions when osxsave bit not set 
add direct known answer tests for SHA2 algorithms
 2011-11-03 10:18:52 +01:00
Tomas Mraz e4008f0b0e fix missing initialization of variable in CHIL engine 2011-09-21 17:34:13 +02:00
Tomas Mraz 3447c41c99 new upstream release fixing CVE-2011-3207 (#736088) 2011-09-07 18:27:06 +02:00
Tomas Mraz 4c970c62c5 drop the separate engine for Intel acceleration improvements 
and merge in the AES-NI, SHA1, and RC4 optimizations
add support for OPENSSL_DISABLE_AES_NI environment variable
that disables the AES-NI support
 2011-08-24 13:12:33 +02:00
Tomas Mraz 0ed17c0652 correct openssl cms help output (#636266) 
more tolerant starttls detection in XMPP protocol (#608239)
 2011-07-26 13:02:17 +02:00
Tomas Mraz 5c4fc08e4d add support for newest Intel acceleration improvements backported 
from upstream by Intel in form of a separate engine
 2011-07-20 14:56:21 +02:00
Tomas Mraz f4fb8490a9 allow the AES-NI engine in the FIPS mode 2011-06-09 16:22:08 +02:00
Tomas Mraz 19062db533 add API necessary for CAVS testing of the new DSA parameter generation 2011-05-24 14:57:29 +02:00
Tomas Mraz 0b4cee3bc2 Allow easier rebuilds on some multilib arches. 2011-05-19 10:34:38 +02:00
Tomas Mraz 138493a921 add support for VIA Padlock on 64bit arch from upstream (#617539) 
do not return bogus values from load_certs (#652286)
 2011-04-28 21:58:56 +02:00
Tomas Mraz 8d20fec281 clarify apps help texts for available digest algorithms (#693858) 2011-04-05 21:24:01 +02:00
Tomas Mraz 1caf3ae072 - new upstream release fixing CVE-2011-0014 (OCSP stapling vulnerability) 2011-02-10 15:41:44 +01:00
Dennis Gilmore ccc6e6f1c6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild 2011-02-08 21:34:08 -06:00
Tomas Mraz 65ebbaecc7 - add -x931 parameter to openssl genrsa command to use the ANSI X9.31 
key generation method
- use FIPS-186-3 method for DSA parameter generation
- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable
  to allow using MD5 when the system is in the maintenance state
  even if the /proc fips flag is on
- make openssl pkcs12 command work by default in the FIPS mode
 2011-02-04 15:27:28 +01:00
Tomas Mraz 15fad7109b - add -x931 parameter to openssl genrsa command to use the ANSI X9.31 
key generation method
- use FIPS-186-3 method for DSA parameter generation
- add OPENSSL_FIPS_NON_APPROVED_MD5_ALLOW environment variable
  to allow using MD5 when the system is in the maintenance state
  even if the /proc fips flag is on
 2011-02-04 15:14:18 +01:00
Tomas Mraz 09127ac54a - listen on ipv6 wildcard in s_server so we accept connections 
from both ipv4 and ipv6 (#601612)
- fix openssl speed command so it can be used in the FIPS mode
  with FIPS allowed ciphers
 2011-01-24 17:41:43 +01:00
Tomas Mraz 154f82b97d - new upstream version fixing CVE-2010-4180 2010-12-03 14:23:13 +01:00
Tomas Mraz 0a5657ab94 - replace the revert for the s390x bignum asm routines with 
fix from upstream
 2010-12-03 14:19:39 +01:00
Tomas Mraz 143a23a635 - bump release 2010-11-23 10:07:16 +01:00
Tomas Mraz 6e7d6d4dfd - replace the revert for the s390x bignum asm routines with 
fix from upstream
 2010-11-23 09:51:17 +01:00
Tomas Mraz 23675ff78b - revert upstream change in s390x bignum asm routines 2010-11-22 15:15:11 +01:00
Tomas Mraz 3ff2d49a83 - new upstream version fixing CVE-2010-3864 (#649304) 2010-11-16 18:21:39 +01:00
Tomas Mraz 17a6aec60b - make SHLIB_VERSION reflect the library suffix 2010-09-07 21:41:52 +02:00
Tomáš Mráz 56642f75b1 - openssl man page fix (#609484) 2010-06-30 12:36:47 +00:00
Tomáš Mráz 1b4b1eaf63 - new upstream patch release, fixes CVE-2010-0742 (#598738) and 
CVE-2010-1633 (#598732)
 2010-06-04 12:23:14 +00:00
Tomáš Mráz 6adf85458c - pkgconfig files now contain the correct libdir (#593723) 2010-05-19 15:39:13 +00:00
Tomáš Mráz ae0beee7db - make CA dir readable - the private keys are in private subdir (#584810) 2010-05-18 15:40:32 +00:00
Tomáš Mráz 290d51ec7f - make CA dir readable - the private keys are in private subdir (#584810) 2010-05-18 15:34:17 +00:00
Tomáš Mráz 3bdf494b4f - a few fixes from upstream CVS 
- move libcrypto to /lib (#559953)
 2010-04-09 15:25:39 +00:00
Tomáš Mráz 7325c65a3e - set UTC timezone on pod2man run (#578842) 
- make X509_NAME_hash_old work in FIPS mode
 2010-04-06 14:49:34 +00:00
Tomáš Mráz c2fc1058b4 - set UTC timezone on pod2man run (#578842) 2010-04-06 14:35:57 +00:00
Tomáš Mráz fa66cf4b52 - update to final 1.0.0 upstream release 2010-03-30 09:37:41 +00:00
Tomáš Mráz 7c4ab8ff8e - make TLS work in the FIPS mode 2010-02-16 23:21:07 +00:00
Tomáš Mráz bffe20438c - gracefully handle zero length in assembler implementations of 
OPENSSL_cleanse (#564029)
- do not fail in s_server if client hostname not resolvable (#561260)
 2010-02-12 17:20:50 +00:00
Tomáš Mráz ae5568515b - new upstream release 2010-01-21 08:12:12 +00:00
Tomáš Mráz 79249339a7 - fix CVE-2009-4355 - leak in applications incorrectly calling 
CRYPTO_free_all_ex_data() before application exit (#546707)
- upstream fix for future TLS protocol version handling
 2010-01-14 08:57:34 +00:00
Tomáš Mráz 7f0747ce73 - add support for Intel AES-NI 2010-01-13 09:21:02 +00:00
Tomáš Mráz 2d6ef07fa3 - upstream fix compression handling on session resumption 
- various null checks and other small fixes from upstream
- upstream changes for the renegotiation info according to the latest draft
 2010-01-07 22:43:57 +00:00
Tomáš Mráz 5845987ab4 - fix non-fips mingw build (patch by Kalev Lember) 
- add IPV6 fix for DTLS
 2009-11-23 07:54:08 +00:00
Tomáš Mráz c9026def03 - add better error reporting for the unsafe renegotiation 2009-11-20 17:30:27 +00:00
Tomáš Mráz 359f84cd81 - fix build on s390x 2009-11-20 09:27:16 +00:00
Tomáš Mráz 5b761f5986 - disable enforcement of the renegotiation extension on the client 
(#537962)
- add fixes from the current upstream snapshot
 2009-11-18 13:14:13 +00:00
Tomáš Mráz 982ac6e5f9 - keep the beta status in version number at 3 so we do not have to rebuild 
openssh and possibly other dependencies with too strict version check
 2009-11-13 12:11:41 +00:00
Tomáš Mráz a9fcedd3fb - keep the beta status in version number at 3 so we do not have to rebuild 
openssh and possibly other dependencies with too strict version check
 2009-11-13 11:45:07 +00:00