aboutsummaryrefslogtreecommitdiffstats
path: root/package/libs/openssl/patches/100-Configure-afalg-support.patch
Commit message (Collapse)AuthorAgeFilesLines
* openssl: config engines in /etc/ssl/engines.cnf.dEneas U de Queiroz2022-02-221-2/+1
| | | | | | | | | | | This changes the configuration of engines from the global openssl.cnf to files in the /etc/ssl/engines.cnf.d directory. The engines.cnf file has the list of enabled engines, while each engine has its own configuration file installed under /etc/ssl/engines.cnf.d. Patches were refreshed with --zero-commit. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* openssl: bump to 1.1.1mEneas U de Queiroz2022-01-011-1/+1
| | | | | | | | | | | | | This is a bugfix release. Changelog: *) Avoid loading of a dynamic engine twice. *) Fixed building on Debian with kfreebsd kernels *) Prioritise DANE TLSA issuer certs over peer certs *) Fixed random API for MacOS prior to 10.12 Patches were refreshed. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* Revert "openssl: refresh patches"Kevin Darbyshire-Bryant2021-03-261-1/+3
| | | | | | This reverts commit e27ef2da0d513494c3e9926ce8d44b63e4236a32. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* openssl: refresh patchesKevin Darbyshire-Bryant2021-03-261-3/+1
| | | | | | Tidy up some patch fuzz. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* openssl: bump to 1.1.1hEneas U de Queiroz2020-09-281-1/+1
| | | | | | This is a bug-fix release. Patches were refreshed. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* openssl: bump to 1.1.1dEneas U de Queiroz2019-09-191-2/+4
| | | | | | | | | | | | | This version fixes 3 low-severity vulnerabilities: - CVE-2019-1547: ECDSA remote timing attack - CVE-2019-1549: Fork Protection - CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey Patches were refreshed. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* openssl: refresh patchesChristian Lamparter2019-08-241-1/+1
| | | | Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* openssl: backport devcrypto changes from masterEneas U de Queiroz2019-03-091-1/+1
| | | | | | | | | | | | | | | | | | | The patches to the /dev/crypto engine were commited to openssl master, and will be in the next major version (3.0). Changes: - Optimization in computing a digest in one operation, saving an ioctl - Runtime configuration options for the choice of algorithms to use - Command to dump useful information about the algorithms supported by the engine and the system. - Build the devcrypto engine as a dynamic module, like other engines. The devcrypto engine is built as a separate package by default, but options were added to allow building the engines into the main library. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com> [refresh patches] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* openssl: update to version 1.1.1aEneas U de Queiroz2019-02-121-0/+23
This version adds the following functionality: * TLS 1.3 * AFALG engine support for hardware accelleration * x25519 ECC curve support * CRIME protection: disable use of compression by default * Support for ChaCha20 and Poly1305 Patches fixing bugs in the /dev/crypto engine were applied, from https://github.com/openssl/openssl/pull/7585 This increses the size of the ipk binray on MIPS32 by about 32%: old: 693.941 bin/packages/mips_24kc/base/libopenssl1.0.0_1.0.2q-2_mips_24kc.ipk 193.827 bin/packages/mips_24kc/base/openssl-util_1.0.2q-2_mips_24kc.ipk new: 912.493 bin/packages/mips_24kc/base/libopenssl1.1_1.1.1a-2_mips_24kc.ipk 239.316 bin/packages/mips_24kc/base/openssl-util_1.1.1a-2_mips_24kc.ipk Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-05 20:16:59 +0000