system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-10-15 12:54:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
292476 commits 77 branches 139 tags 3.4 GiB
Commit graph

38 commits

Author SHA1 Message Date
Pierre Pronchery aa79573457 OpenSSL: update to 3.0.10 
OpenSSL 3.0.10 addresses:
- CVE-2023-3817
- CVE-2023-3446
- CVE-2023-2975

(Note that the vendor branch commit incorrectly referenced 3.0.9.)

Relnotes:	Yes
Pull request:	https://github.com/freebsd/freebsd-src/pull/808
Sponsored by:	The FreeBSD Foundation
 2023-08-10 12:07:32 -04:00
Pierre Pronchery b077aed33b Merge OpenSSL 3.0.9 
Migrate to OpenSSL 3.0 in advance of FreeBSD 14.0.  OpenSSL 1.1.1 (the
version we were previously using) will be EOL as of 2023-09-11.

Most of the base system has already been updated for a seamless switch
to OpenSSL 3.0.  For many components we've added
`-DOPENSSL_API_COMPAT=0x10100000L` to CFLAGS to specify the API version,
which avoids deprecation warnings from OpenSSL 3.0.  Changes have also
been made to avoid OpenSSL APIs that were already deprecated in OpenSSL
1.1.1.  The process of updating to contemporary APIs can continue after
this merge.

Additional changes are still required for libarchive and Kerberos-
related libraries or tools; workarounds will immediately follow this
commit.  Fixes are in progress in the upstream projects and will be
incorporated when those are next updated.

There are some performance regressions in benchmarks (certain tests in
`openssl speed`) and in some OpenSSL consumers in ports (e.g.  haproxy).
Investigation will continue for these.

Netflix's testing showed no functional regression and a rather small,
albeit statistically significant, increase in CPU consumption with
OpenSSL 3.0.

Thanks to ngie@ and des@ for updating base system components, to
antoine@ and bofh@ for ports exp-runs and port fixes/workarounds, and to
Netflix and everyone who tested prior to commit or contributed to this
update in other ways.

PR:		271615
PR:		271656 [exp-run]
Relnotes:	Yes
Sponsored by:	The FreeBSD Foundation
 2023-06-23 18:53:36 -04:00
Jung-uk Kim cfc39718e9 OpenSSL: Merge OpenSSL 1.1.1s 
Merge commit 'b6b67f23b82101d4c04c89f81d726b902ab77106'
 2022-11-01 18:58:59 -04:00
Jung-uk Kim 88e852c0b5 OpenSSL: Merge OpenSSL 1.1.1j 
Merge commit '4f55bd5321b72491d4eff396e4928e9ab0706735'
 2021-02-16 17:00:27 -05:00
Jung-uk Kim c3c73b4f0a Merge OpenSSL 1.1.1i. 2020-12-09 02:05:14 +00:00
Jung-uk Kim da327cd22e Merge OpenSSL 1.1.1d. 2019-09-10 21:08:17 +00:00
Jung-uk Kim c9cf7b5cb1 Merge OpenSSL 1.1.1a. 2018-11-20 21:10:04 +00:00
Jung-uk Kim e71b70530d Update OpenSSL to 1.1.1. 
Note it does not update build infrastructure.
 2018-09-13 20:40:51 +00:00
Jung-uk Kim dea77ea6fc Merge OpenSSL 1.0.2p. 2018-08-14 17:48:02 +00:00
Jung-uk Kim dee36b4f92 Merge OpenSSL 1.0.2o. 2018-03-27 17:17:58 +00:00
Jung-uk Kim 47902a71f3 Merge OpenSSL 1.0.2m. 2017-11-02 18:04:29 +00:00
Jung-uk Kim ed7112f094 Merge OpenSSL 1.0.2l. 2017-05-25 20:52:16 +00:00
Jung-uk Kim 6cf8931a2f Merge OpenSSL 1.0.2k. 2017-01-26 19:10:29 +00:00
Jung-uk Kim aeb5019c48 Merge OpenSSL 1.0.2i. 2016-09-22 13:27:44 +00:00
Jung-uk Kim 80815a778e Merge OpenSSL 1.0.2e. 2015-12-03 21:13:35 +00:00
Jung-uk Kim 7bded2db17 Merge OpenSSL 1.0.2d. 2015-10-30 20:51:33 +00:00
Jung-uk Kim ed6b93be54 Merge OpenSSL 1.0.1n. 2015-06-11 19:00:55 +00:00
Jung-uk Kim 6f9291cea8 Merge OpenSSL 1.0.1m. 2015-03-20 19:16:18 +00:00
Jung-uk Kim 751d29910b Merge OpenSSL 1.0.1k. 2015-01-08 23:42:41 +00:00
Jung-uk Kim a93cbc2be8 Merge OpenSSL 1.0.1i. 2014-08-07 18:56:10 +00:00
Jung-uk Kim 09286989d3 Merge OpenSSL 1.0.1e. 
Approved by:	secteam (simon), benl (silence)
 2013-02-13 23:07:20 +00:00
Jung-uk Kim 1f13597d10 Merge OpenSSL 1.0.1c. 
Approved by:	benl (maintainer)
 2012-07-12 19:30:53 +00:00
Simon L. B. Nielsen 6a599222bb Merge OpenSSL 0.9.8m into head. 
This also "reverts" some FreeBSD local changes so we should now
be back to using entirely stock OpenSSL.  The local changes were
simple $FreeBSD$ lines additions, which were required in the CVS
days, and the patch for FreeBSD-SA-09:15.ssl which has been
superseded with OpenSSL 0.9.8m's RFC5746 'TLS renegotiation
extension' support.

MFC after:	3 weeks
 2010-03-13 19:22:41 +00:00
Simon L. B. Nielsen db522d3ae4 Merge OpenSSL 0.9.8k into head. 
Approved by:	re
 2009-06-14 19:45:16 +00:00
Simon L. B. Nielsen c4a78426be Flatten OpenSSL vendor tree. 2008-08-23 10:51:00 +00:00
Simon L. B. Nielsen 5471f83ea7 Vendor import of OpenSSL 0.9.8e. 2007-03-15 20:03:30 +00:00
Simon L. B. Nielsen 3b4e3dcb9f Vendor import of OpenSSL 0.9.8b 2006-07-29 19:10:21 +00:00
Jacques Vidrine 6be8ae0724 Vendor import of OpenSSL 0.9.7e. 2005-02-25 05:39:05 +00:00
Jacques Vidrine ced566fd0b Vendor import of OpenSSL 0.9.7d. 2004-03-17 15:49:33 +00:00
Jacques Vidrine 50ef009353 Vendor import of OpenSSL 0.9.7c 2003-10-01 12:32:41 +00:00
Jacques Vidrine fceca8a377 Vendor import of OpenSSL 0.9.7a. 2003-02-19 23:17:42 +00:00
Mark Murray 5c87c606cd Vendor import of OpenSSL release 0.9.7. This release includes 
support for AES and OpenBSD's hardware crypto.
 2003-01-28 21:43:22 +00:00
Jacques Vidrine 4f20a5a274 Import of OpenSSL 0.9.6e. 2002-07-30 13:38:06 +00:00
Jacques Vidrine c1803d7836 Import of OpenSSL 0.9.6d. 2002-07-30 12:44:15 +00:00
Kris Kennaway 26d191b459 Initial import of OpenSSL 0.9.6b 2001-07-19 19:59:37 +00:00
Kris Kennaway ddd58736f0 Initial import of OpenSSL 0.9.6 2000-11-13 01:03:58 +00:00
Kris Kennaway f579bf8ec7 Initial import of OpenSSL 0.9.5a 2000-04-13 06:33:22 +00:00
Kris Kennaway 7466462628 Initial import of OpenSSL 0.9.4, sans IDEA and RSA code for patent 
infringement reasons.
 2000-01-10 06:22:05 +00:00