Vendor import of OpenSSL 0.9.8i.
- Remove files which aren't in the vendor distribution anymore.
- Remove all of include as there is only the openssl subdir with
symlinks (which were always removed).
- Remove all of include as there is only the openssl subdir with
symlinks (which were always removed).
- Change FREEBSD-Xlist so it can be used as input to tar(1).
Remove files from vendor tree which were not part of OpenSSL 0.9.8e
(last vendor import).
The file were removed in different earlier releases, but were not
removed from the CVS vendor branch at the time.
(last vendor import).
The file were removed in different earlier releases, but were not
removed from the CVS vendor branch at the time.
The vendor area is the proper home for these files now.
Disable keyword expansion on vendor tree.
Flatten OpenSSL vendor tree.
Import DTLS security fix from upstream OpenSSL_0_9_8-stable branch.
From the OpenSSL advisory:
Andy Polyakov discovered a flaw in OpenSSL's DTLS
implementation which could lead to the compromise of clients
and servers with DTLS enabled.
DTLS is a datagram variant of TLS specified in RFC 4347 first
supported in OpenSSL version 0.9.8. Note that the
vulnerabilities do not affect SSL and TLS so only clients and
servers explicitly using DTLS are affected.
We believe this flaw will permit remote code execution.
Security: CVE-2007-4995
Security: http://www.openssl.org/news/secadv_20071012.txt
From the OpenSSL advisory:
Andy Polyakov discovered a flaw in OpenSSL's DTLS
implementation which could lead to the compromise of clients
and servers with DTLS enabled.
DTLS is a datagram variant of TLS specified in RFC 4347 first
supported in OpenSSL version 0.9.8. Note that the
vulnerabilities do not affect SSL and TLS so only clients and
servers explicitly using DTLS are affected.
We believe this flaw will permit remote code execution.
Security: CVE-2007-4995
Security: http://www.openssl.org/news/secadv_20071012.txt
Import fix from upstream OpenSSL_0_9_8-stable branch:
EVP_CIPHER_CTX_key_length() should return the set key length
in the EVP_CIPHER_CTX structure which may not be the same as
the underlying cipher key length for variable length ciphers.
This fixes problems in OpenSSH using some ciphers, and possibly other
applications.
See also: http://bugzilla.mindrot.org/show_bug.cgi?id=1291
EVP_CIPHER_CTX_key_length() should return the set key length
in the EVP_CIPHER_CTX structure which may not be the same as
the underlying cipher key length for variable length ciphers.
This fixes problems in OpenSSH using some ciphers, and possibly other
applications.
See also: http://bugzilla.mindrot.org/show_bug.cgi?id=1291
Vendor import of OpenSSL 0.9.8e.
Import from upstream OpenSSL 0.9.8 branch:
Fix uninitialized free of ctx in compute_key() when the
OPENSSL_DH_MAX_MODULUS_BITS check is triggered.
This fixes the same issue as FreeBSD-SA-06:23.openssl v1.1.
Fix uninitialized free of ctx in compute_key() when the
OPENSSL_DH_MAX_MODULUS_BITS check is triggered.
This fixes the same issue as FreeBSD-SA-06:23.openssl v1.1.
Vendor import of OpenSSL 0.9.8d.
Vendor import of OpenSSL 0.9.8b
Remove files that are no longer part of OpenSSL from the vendor
branch. This time, these are mostly the `Makefile.ssl' files.
branch. This time, these are mostly the `Makefile.ssl' files.
Vendor import of OpenSSL 0.9.7e.
Clean up the OpenSSL vendor branch by removing files that are not
part of recent releases.
part of recent releases.
Bring in support for VIA C3 Nehemiah Padlock crypto support (AES).
This is from the upcoming OpenSSL 0.9.8 release.
This is from the upcoming OpenSSL 0.9.8 release.
Repair a regression in OpenSSL 0.9.7d: processing an unsigned PKCS#7
object could cause a null pointer dereference.
Obtained from: OpenSSL CVS (change number 12080)
MFC After: 1 day
Reported by: Daniel Lang <dl@leo.org>
object could cause a null pointer dereference.
Obtained from: OpenSSL CVS (change number 12080)
MFC After: 1 day
Reported by: Daniel Lang <dl@leo.org>
Vendor import of OpenSSL 0.9.7d.
Correct a denial-of-service vulnerability in OpenSSL (CAN-2004-0079).
Obtained from: OpenSSL CVS (http://cvs.openssl.org/chngview?cn=12033)
Obtained from: OpenSSL CVS (http://cvs.openssl.org/chngview?cn=12033)
Vendor import of OpenSSL 0.9.7c
Enable RSA blinding by default.
http://www.openssl.org/news/secadv_20030317.txt
http://www.openssl.org/news/secadv_20030317.txt
Import of PKCS #1 security fix.
http://www.openssl.org/news/secadv_20030319.txt
http://www.openssl.org/news/secadv_20030319.txt
Vendor import of OpenSSL 0.9.7a.
= Fix a bug in UI_UTIL_read_pw's error handling that caused
des_read_pw_string to break (and thus rather mysteriously
breaking utilities such as kinit).
= Enable the BSD /dev/crypto interface.
(These changes are being imported on the vendor branch, as they have
already been accepted and committed to the OpenSSL CVS repository.)
des_read_pw_string to break (and thus rather mysteriously
breaking utilities such as kinit).
= Enable the BSD /dev/crypto interface.
(These changes are being imported on the vendor branch, as they have
already been accepted and committed to the OpenSSL CVS repository.)
Vendor import of OpenSSL release 0.9.7. This release includes
support for AES and OpenBSD's hardware crypto.
support for AES and OpenBSD's hardware crypto.
Import of OpenSSL 0.9.6g.
Import of OpenSSL 0.9.6f.
Import of OpenSSL 0.9.6f.
Correct a bug in the ASN.1 decoder which was introduced with the
recent OpenSSL update.
Obtained from: OpenSSL CVS
recent OpenSSL update.
Obtained from: OpenSSL CVS
Import of OpenSSL 0.9.6e.
Import of OpenSSL 0.9.6d.
Initial import of OpenSSL 0.9.6c
Initial import of OpenSSL 0.9.6b
Initial import of OpenSSL 0.9.6a
Import of OpenSSL 0.9.6-STABLE snapshot dated 2001-02-10
Initial import of OpenSSL 0.9.6
Virgin import of OpenSSL v0.9.5a
Initial import of OpenSSL 0.9.5a
Import the RSA support code. There shouldn't be any actual RSA
cryptography here.
cryptography here.
This commit was manufactured by cvs2svn to create branch
'VENDOR-crypto-openssl'.
'VENDOR-crypto-openssl'.
Initial import of OpenSSL 0.9.4, sans IDEA and RSA code for patent
infringement reasons.
infringement reasons.
Initial import of OpenSSL v0.9.4