aboutsummaryrefslogtreecommitdiffstats
path: root/package/libs/openssl/patches/430-e_devcrypto-make-the-dev-crypto-engine-dynamic.patch
Commit message (Collapse)AuthorAgeFilesLines
* openssl: bump to 1.1.1oEneas U de Queiroz2022-05-171-4/+4
| | | | | | | | | | | This release comes with a security fix related to c_rehash. OpenWrt does not ship or use it, so it was not affected by the bug. There is a fix for a possible crash in ERR_load_strings() when configured with no-err, which OpenWrt does by default. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit 7a5ddc0d06895bde7538d78c8dad2c863d70f946)
* openssl: config engines in /etc/ssl/engines.cnf.dEneas U de Queiroz2022-02-221-4/+0
| | | | | | | | | | | This changes the configuration of engines from the global openssl.cnf to files in the /etc/ssl/engines.cnf.d directory. The engines.cnf file has the list of enabled engines, while each engine has its own configuration file installed under /etc/ssl/engines.cnf.d. Patches were refreshed with --zero-commit. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* openssl: bump to 1.1.1kEneas U de Queiroz2021-03-261-22/+21
| | | | | | | | | | | | This version fixes 2 security vulnerabilities, among other changes: - CVE-2021-3450: problem with verifying a certificate chain when using the X509_V_FLAG_X509_STRICT flag. - CVE-2021-3449: OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* Revert "openssl: refresh patches"Kevin Darbyshire-Bryant2021-03-261-2473/+131
| | | | | | This reverts commit e27ef2da0d513494c3e9926ce8d44b63e4236a32. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* openssl: refresh patchesKevin Darbyshire-Bryant2021-03-261-131/+2473
| | | | | | Tidy up some patch fuzz. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* openssl: update to 1.1.1eEneas U de Queiroz2020-03-211-31/+12
| | | | | | | This version includes bug and security fixes, including medium-severity CVE-2019-1551, affecting RSA1024, RSA1536, DSA1024 & DH512 on x86_64. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* openssl: bump to 1.1.1dEneas U de Queiroz2019-09-191-2479/+154
| | | | | | | | | | | | | This version fixes 3 low-severity vulnerabilities: - CVE-2019-1547: ECDSA remote timing attack - CVE-2019-1549: Fork Protection - CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey Patches were refreshed. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* openssl: refresh patchesChristian Lamparter2019-08-241-4/+4
| | | | Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* openssl: backport devcrypto changes from masterEneas U de Queiroz2019-03-091-0/+2693
The patches to the /dev/crypto engine were commited to openssl master, and will be in the next major version (3.0). Changes: - Optimization in computing a digest in one operation, saving an ioctl - Runtime configuration options for the choice of algorithms to use - Command to dump useful information about the algorithms supported by the engine and the system. - Build the devcrypto engine as a dynamic module, like other engines. The devcrypto engine is built as a separate package by default, but options were added to allow building the engines into the main library. Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com> [refresh patches] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-09 21:32:07 +0000