src - OpenBSD base system

Age	Commit message (Collapse)	Author
2003-08-25	You shall NOT BREAK THE TREE	Theo de Raadt

2003-08-25	Setup /dev/crypto early (SSL_library_init) to make sure it's actually done	Jason Wright
	for all applications; ok markus and deraadt
2003-08-06	Remove some double semicolons (hmm, do two semis equal a maxi?).	Todd C. Miller
	I've skipped the GNU stuff for now. From Patrick Latifi.
2003-05-12	merge 0.9.7b with local changes; crank majors for libssl/libcrypto	Markus Friedl

2003-05-11	import 0.9.7b (without idea and rc5)	Markus Friedl

2003-03-19	Fix for Klima-Pokorny-Rosa attack on RSA in SSL/TLS, see	Markus Friedl
	http://marc.theaimsgroup.com/?l=bugtraq&m=104811162730834&w=2
2003-02-19	security fix from openssl 0.9.7a:	Markus Friedl
	In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked via timing by performing a MAC computation even if incorrrect block cipher padding has been found. This is a countermeasure against active attacks where the attacker has to distinguish between bad padding and a MAC verification error. (CAN-2003-0078)
2002-12-03	Crank all library major numbers. Needed due to the fact that we	Todd C. Miller
	now build libraries with propolice enabled. Without this, existing binaries (such as ports/packages) that link with any system library other than libc will fail with an undefined symbol of "___guard" (__guard on ELF). Pointed out by markus@ and discussed with deraadt@
2002-09-23	pull in fix from openssl-0.9.7-stable-SNAP-20020921:	Markus Friedl
	*) Don't impose a 16-byte length minimum on session IDs in ssl/s3_clnt.c (the SSL 3.0 and TLS 1.0 specifications allow any length up to 32 bytes). [Bodo Moeller]
2002-09-14	merge with openssl-0.9.7-stable-SNAP-20020911,	Markus Friedl
	new minor for libcrypto (_X509_REQ_print_ex) tested by miod@, pb@
2002-09-10	merge openssl-0.9.7-beta3, tested on vax by miod@	Markus Friedl

2002-09-05	import openssl-0.9.7-beta3	Markus Friedl

2002-09-05	merge with 0.9.7-beta1	Markus Friedl

2002-09-04	more cruft	Markus Friedl

2002-09-04	more cruft.	Markus Friedl

2002-09-04	execute bourne shell scripts with 'sh' and not with $SHELL	Markus Friedl

2002-09-03	sync tests with 0.9.7-beta1	Markus Friedl

2002-09-03	sync these files with openssl-0.9.7-beta1, too	Markus Friedl

2002-08-30	protect <openssl/krb5_asn.h> with OPENSSL_NO_KRB5	Markus Friedl

2002-07-30	sync with http://www.openssl.org/news/patch_20020730_0_9_7.txt	Markus Friedl
	(adds fix for unused kerberos and engine code, and some more assertions, as well as a 64bit integer string fix for conf_mod.c)
2002-07-30	apply patches from OpenSSL Security Advisory [30 July 2002],	Markus Friedl
	http://marc.theaimsgroup.com/?l=openssl-dev&m=102802395104110&w=2
2002-06-07	do not propose IDEA cipher on SSL connection. tested by beck	Jun-ichiro itojun Hagino
	noticed by Sverre Froyen <sverre@viewmark.com>
2002-06-07	Merge OpenSSL 0.9.7-stable-20020605,	Bob Beck
	correctly autogenerate obj_mac.h
2002-05-21	Merge openssl-0.9.7-stable-SNAP-20020519	Bob Beck

2002-05-15	OpenSSL 0.9.7 stable 2002 05 08 merge	Bob Beck

2002-05-15	OpenSSL 0.9.7	Bob Beck

2001-08-01	import openssl-0.9.7-beta1	Bob Beck

2001-08-01	merge openssl 0.9.6b-engine	Bob Beck
	Note that this is a maintenence release, API's appear not to have changed. As such, I have only increased the minor number on these libraries
2001-06-22	openssl-engine-0.9.6a merge	Bob Beck

2001-04-23	crank ssl lib version, just in case	Theo de Raadt

2001-04-22	CRT and DH+SSL fix from 0.9.6a, ok provos@/deraadt@	Markus Friedl

2001-03-10	Crank major number. openssl on m68k is now compiled in 32 bit mode instead	Theo de Raadt
	of 64 bit mode. This makes ssh -2 run about 10x faster, because the 64 bit mul instructions no longer need emulation.
2000-12-15	Oops, missed makefile change, and must crank major on these, some	Bob Beck
	routines which used to be externally used are now macros. ugh.
2000-12-15	openssl-engine0.9.6 merge	Bob Beck
	Again, be sure to whack an old /usr/obj/lib/libssl if you are doing builds
2000-12-15	openssl-engine-0.9.6 merge	Bob Beck

2000-12-15	import openssl-0.9.7-beta1	Bob Beck

2000-10-16	fix missing closedir() that could allow apacheSSL to leak fd's,	Bob Beck
	from netbsd (taca) credited to TAKANO Yuji <takachan@running-dog.net>
2000-06-15	RSA goes in tree for next our next release, as it will be after	Bob Beck
	Sept 21. Note: This means you shouldn't really be running -current for anything in the United States. Either wait for Sept 21, or for the next release, or move to the free world :)
2000-04-15	OpenSSL 0.9.5a merge	Bob Beck

2000-03-19	OpenSSL 0.9.5 merge	Bob Beck
	warning this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
1999-11-23	do not assume shell scripts are +x; d	Theo de Raadt

1999-09-29	OpenSSL 0.9.4 merge	Bob Beck

1999-09-29	import openssl-0.9.7-beta1	Bob Beck

1999-09-26	crank to version 2 for release, in case any dependencies have crept in	Theo de Raadt

1998-10-05	Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD build	ryker
	functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.
2016-08-31	Crank minor due to API addition	Bob Beck

2016-08-31	Avoid undefined-behavior right-shifting by a word-size # of bits.	Brent Cook
	Found with STACK, originally from OpenSSL, ok @beck
2016-08-31	Bring in functions used by stunnel and exim from BoringSSL - this brings	Bob Beck
	in X509_check_host, X509_check_email, X509_check_ip, and X509_check_ip_asc, with some cleanup on the way in by myself and jsing@ ok bcook@
2016-08-31	Fix some very unnecessary convoultion.	Bob Beck
	ok krw@
2016-08-27	Be more strict when parsing TLS extensions.	Joel Sing
	Based on a diff from Kinichiro Inoguchi. ok beck@