crypto/openssl: make vendor imports easier/less error proneThis change adds a custom BSD makefile containing multiple high-level PHONYtargets, similar to targets provided by the ports framework.
crypto/openssl: make vendor imports easier/less error proneThis change adds a custom BSD makefile containing multiple high-level PHONYtargets, similar to targets provided by the ports framework.The Makefile does the following:- Reruns Configure with a deterministic set of arguments to ensure that all appropriate features have been enabled/disabled in OpenSSL.- Preens the pkgconfig files to remove duplicate paths in their `CFLAGS` and `includedir` variables.- Rebuilds all ASM files to ensure that the content contained is fresh.- Rebuilds all manpages to ensure that the content contained in the manpages is fresh.Some additional work needs to be done to make the manpage regeneration"operation" reproducible (the date the manpages were generated isembedded in the files).All dynamic configuration previously captured in`include/openssl/configuration.h` and `include/crypto/bn_conf.h` has beenmoved to `freebsd/include/dynamic_freebsd_configuration.h` and`freebsd/include/crypto/bn_conf.h`, respectively. This helpsensure that future updates don't wipe out FreeBSD customizations tothese files, which tune behavior on a per-target architecture basis, e.g.,ARM vs x86, 32-bit vs 64-bit, etc.MFC after: 1 monthDifferential Revision: https://reviews.freebsd.org/D51663
show more ...
openssl: Import version 3.5.1Migrate to OpenSSL 3.5 in advance of FreeBSD 15.0. OpenSSL 3.0 will beEOL after 2026-09-07.Approved by: philip (mentor)Sponsored by: Alpha-Omega Beach Cleaning Proj
openssl: Import version 3.5.1Migrate to OpenSSL 3.5 in advance of FreeBSD 15.0. OpenSSL 3.0 will beEOL after 2026-09-07.Approved by: philip (mentor)Sponsored by: Alpha-Omega Beach Cleaning ProjectSponsored by: The FreeBSD FoundationDifferential revision: https://reviews.freebsd.org/D51613
Merge commit '1095efe41feed8ea5a6fe5ca123c347ae0914801'Approved by: philip (mentor)Sponsored by: Alpha-Omega Beach Cleaning ProjectSponsored by: The FreeBSD Foundation
OpenSSL: Vendor import of OpenSSL 3.0.13 * Fixed PKCS12 Decoding crashes ([CVE-2024-0727]) * Fixed Excessive time spent checking invalid RSA public keys ([CVE-2023-6237]) * Fixed POLY1305 MAC
OpenSSL: Vendor import of OpenSSL 3.0.13 * Fixed PKCS12 Decoding crashes ([CVE-2024-0727]) * Fixed Excessive time spent checking invalid RSA public keys ([CVE-2023-6237]) * Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC CPUs which support PowerISA 2.07 ([CVE-2023-6129]) * Fix excessive time spent in DH check / generation with large Q parameter value ([CVE-2023-5678])Release notes can be found at https://www.openssl.org/news/openssl-3.0-notes.html.Approved by: emasteMFC after: 3 daysMerge commit '9dd13e84fa8eca8f3462bd55485aa3da8c37f54a'