summaryrefslogtreecommitdiffstats
path: root/crypto
Commit message (Collapse)AuthorAgeFilesLines
* Vendor import of OpenSSL 0.9.8i.simon2008-09-21212-6663/+19478
|
* Remove files from vendor tree which were not part of OpenSSL 0.9.8esimon2008-09-2165-21917/+0
| | | | | | | (last vendor import). The file were removed in different earlier releases, but were not removed from the CVS vendor branch at the time.
* Flatten OpenSSL vendor tree.simon2008-08-231806-183756/+0
|
* Import DTLS security fix from upstream OpenSSL_0_9_8-stable branch.simon2007-10-184-615/+544
| | | | | | | | | | | | | | | | | | From the OpenSSL advisory: Andy Polyakov discovered a flaw in OpenSSL's DTLS implementation which could lead to the compromise of clients and servers with DTLS enabled. DTLS is a datagram variant of TLS specified in RFC 4347 first supported in OpenSSL version 0.9.8. Note that the vulnerabilities do not affect SSL and TLS so only clients and servers explicitly using DTLS are affected. We believe this flaw will permit remote code execution. Security: CVE-2007-4995 Security: http://www.openssl.org/news/secadv_20071012.txt
* Import fix from upstream OpenSSL_0_9_8-stable branch:simon2007-03-151-1/+1
| | | | | | | | | | | EVP_CIPHER_CTX_key_length() should return the set key length in the EVP_CIPHER_CTX structure which may not be the same as the underlying cipher key length for variable length ciphers. This fixes problems in OpenSSH using some ciphers, and possibly other applications. See also: http://bugzilla.mindrot.org/show_bug.cgi?id=1291
* Vendor import of OpenSSL 0.9.8e.simon2007-03-15203-805/+4104
|
* Import from upstream OpenSSL 0.9.8 branch:simon2006-10-011-1/+1
| | | | | | | Fix uninitialized free of ctx in compute_key() when the OPENSSL_DH_MAX_MODULUS_BITS check is triggered. This fixes the same issue as FreeBSD-SA-06:23.openssl v1.1.
* Vendor import of OpenSSL 0.9.8d.simon2006-10-0198-511/+6053
|
* Vendor import of OpenSSL 0.9.8bsimon2006-07-29915-20663/+98999
|
* Remove files that are no longer part of OpenSSL from the vendornectar2005-02-2557-15302/+0
| | | | branch. This time, these are mostly the `Makefile.ssl' files.
* Vendor import of OpenSSL 0.9.7e.nectar2005-02-25216-812/+17288
|
* Clean up the OpenSSL vendor branch by removing files that are notnectar2005-02-25207-36723/+0
| | | | part of recent releases.
* Bring in support for VIA C3 Nehemiah Padlock crypto support (AES).markm2004-08-131-0/+1054
| | | | This is from the upcoming OpenSSL 0.9.8 release.
* Repair a regression in OpenSSL 0.9.7d: processing an unsigned PKCS#7nectar2004-04-051-4/+9
| | | | | | | | object could cause a null pointer dereference. Obtained from: OpenSSL CVS (change number 12080) MFC After: 1 day Reported by: Daniel Lang <dl@leo.org>
* Vendor import of OpenSSL 0.9.7d.nectar2004-03-17190-1517/+2619
|
* Correct a denial-of-service vulnerability in OpenSSL (CAN-2004-0079).nectar2004-03-171-0/+8
| | | | Obtained from: OpenSSL CVS (http://cvs.openssl.org/chngview?cn=12033)
* Vendor import of OpenSSL 0.9.7cnectar2003-10-01137-589/+1616
|
* Enable RSA blinding by default.jedgar2003-03-202-5/+30
| | | | http://www.openssl.org/news/secadv_20030317.txt
* Import of PKCS #1 security fix.jedgar2003-03-201-13/+12
| | | | http://www.openssl.org/news/secadv_20030319.txt
* Vendor import of OpenSSL 0.9.7a.nectar2003-02-19157-647/+1688
|
* = Fix a bug in UI_UTIL_read_pw's error handling that causednectar2003-01-295-29/+33
| | | | | | | | | | des_read_pw_string to break (and thus rather mysteriously breaking utilities such as kinit). = Enable the BSD /dev/crypto interface. (These changes are being imported on the vendor branch, as they have already been accepted and committed to the OpenSSL CVS repository.)
* Vendor import of OpenSSL release 0.9.7. This release includesmarkm2003-01-28965-20829/+103840
| | | | support for AES and OpenBSD's hardware crypto.
* Import of OpenSSL 0.9.6g.nectar2002-08-109-12/+27
|
* Import of OpenSSL 0.9.6f.nectar2002-08-1013-42/+134
|
* Import of OpenSSL 0.9.6f.nectar2002-08-1019-61/+92
|
* Correct a bug in the ASN.1 decoder which was introduced with thenectar2002-08-051-1/+1
| | | | | | recent OpenSSL update. Obtained from: OpenSSL CVS
* Import of OpenSSL 0.9.6e.nectar2002-07-30110-329/+968
|
* Import of OpenSSL 0.9.6d.nectar2002-07-30104-1511/+2704
|
* Initial import of OpenSSL 0.9.6ckris2002-01-27149-838/+5487
|
* Initial import of OpenSSL 0.9.6bkris2001-07-1997-1460/+2538
|
* Initial import of OpenSSL 0.9.6akris2001-05-20122-841/+1941
|
* Import of OpenSSL 0.9.6-STABLE snapshot dated 2001-02-10kris2001-02-18154-359/+5666
|
* Initial import of OpenSSL 0.9.6kris2000-11-13598-11885/+39181
|
* Virgin import of OpenSSL v0.9.5amarkm2000-04-164-5/+97
|
* Initial import of OpenSSL 0.9.5akris2000-04-13713-9597/+56254
|
* Import the RSA support code. There shouldn't be any actual RSAkris2000-01-1613-0/+2601
| | | | cryptography here.
* This commit was manufactured by cvs2svn to create branchcvs2svn2000-01-101-0/+25
| | | | 'VENDOR-crypto-openssl'.
* Initial import of OpenSSL 0.9.4, sans IDEA and RSA code for patentkris2000-01-101108-0/+223134
| | | | infringement reasons.
* Initial import of OpenSSL v0.9.4kris1999-12-2513-0/+2145
OpenPOWER on IntegriCloud