-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update OpenSSL to version 3.0.8 in the base system #740
Commits on Mar 1, 2023
-
Configuration menu - View commit details
-
Copy full SHA for aba33b3 - Browse repository at this point
Copy the full SHA aba33b3View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3c320f4 - Browse repository at this point
Copy the full SHA 3c320f4View commit details
Commits on Mar 6, 2023
-
openssl: Vendor import of OpenSSL-3.0.8
Summary: Release notes can be found at https://www.openssl.org/news/openssl-3.0-notes.html . Obtained from: https://www.openssl.org/source/openssl-3.0.8.tar.gz Differential Revision: https://reviews.freebsd.org/D38835 Test Plan: ``` $ git status On branch vendor/openssl-3.0 nothing to commit, working tree clean $ (cd ..; fetch http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz.asc) openssl-3.0.8.tar.gz 14 MB 4507 kBps 04s openssl-3.0.8.tar.gz.asc 833 B 10 MBps 00s $ set | egrep '(XLIST|OSSLVER)=' OSSLVER=3.0.8 XLIST=FREEBSD-Xlist $ gpg --list-keys /home/ngie/.gnupg/pubring.kbx ----------------------------- pub rsa4096 2014-10-04 [SC] 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C uid [ unknown] Richard Levitte <[email protected]> uid [ unknown] Richard Levitte <[email protected]> uid [ unknown] Richard Levitte <[email protected]> sub rsa4096 2014-10-04 [E] $ gpg --verify openssl-${OSSLVER}.tar.gz.asc openssl-${OSSLVER}.tar.gz gpg: Signature made Tue Feb 7 05:43:55 2023 PST gpg: using RSA key 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C gpg: Good signature from "Richard Levitte <[email protected]>" [unknown] gpg: aka "Richard Levitte <[email protected]>" [unknown] gpg: aka "Richard Levitte <[email protected]>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 7953 AC1F BC3D C8B3 B292 393E D5E9 E43F 7DF9 EE8C $ (cd vendor.checkout/; git status; find . -type f -or -type l | cut -c 3- | sort > ../old) On branch vendor/openssl-3.0 nothing to commit, working tree clean $ tar -x -X $XLIST -f ../openssl-${OSSLVER}.tar.gz -C .. $ rsync --exclude FREEBSD.* --delete -avzz ../openssl-${OSSLVER}/* . $ cat .git gitdir: /home/ngie/git/freebsd-src/.git/worktrees/vendor.checkout $ diff -arq ../openssl-3.0.8 . Only in .: .git Only in .: FREEBSD-Xlist Only in .: FREEBSD-upgrade $ git status FREEBSD* On branch vendor/openssl-3.0 nothing to commit, working tree clean $ ``` Reviewers: emaste, jkim Subscribers: imp, andrew, dab Differential Revision: https://reviews.freebsd.org/D38835
Configuration menu - View commit details
-
Copy full SHA for e4520c8 - Browse repository at this point
Copy the full SHA e4520c8View commit details
Commits on May 23, 2023
-
Merge commit 'e4520c8bd1d300a7a338d0ed4af171a2d0e583ef' into khorben/openssl-3.0
Configuration menu - View commit details
-
Copy full SHA for 595cd6b - Browse repository at this point
Copy the full SHA 595cd6bView commit details -
Configuration menu - View commit details
-
Copy full SHA for 57d2e55 - Browse repository at this point
Copy the full SHA 57d2e55View commit details -
Configuration menu - View commit details
-
Copy full SHA for e4950a2 - Browse repository at this point
Copy the full SHA e4950a2View commit details -
Configuration menu - View commit details
-
Copy full SHA for e8002a1 - Browse repository at this point
Copy the full SHA e8002a1View commit details -
openssl: Register new folders and obsolete files
With the update to OpenSSL 3.0, engines are installed into a different folder, and modular providers can be installed into a dedicated folder as well.
Configuration menu - View commit details
-
Copy full SHA for 8ad6669 - Browse repository at this point
Copy the full SHA 8ad6669View commit details -
ldns: Request the OpenSSL 1.1 API
Ed has a better commit message for this in commit 3e98230.
Configuration menu - View commit details
-
Copy full SHA for 4acc6ab - Browse repository at this point
Copy the full SHA 4acc6abView commit details -
Configuration menu - View commit details
-
Copy full SHA for abdbec3 - Browse repository at this point
Copy the full SHA abdbec3View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6992c9d - Browse repository at this point
Copy the full SHA 6992c9dView commit details -
Configuration menu - View commit details
-
Copy full SHA for 1c7f1f2 - Browse repository at this point
Copy the full SHA 1c7f1f2View commit details -
Configuration menu - View commit details
-
Copy full SHA for 0bb9b6b - Browse repository at this point
Copy the full SHA 0bb9b6bView commit details -
Configuration menu - View commit details
-
Copy full SHA for d57615d - Browse repository at this point
Copy the full SHA d57615dView commit details -
Configuration menu - View commit details
-
Copy full SHA for ab38636 - Browse repository at this point
Copy the full SHA ab38636View commit details -
Configuration menu - View commit details
-
Copy full SHA for a0ee985 - Browse repository at this point
Copy the full SHA a0ee985View commit details -
Configuration menu - View commit details
-
Copy full SHA for 8824e2a - Browse repository at this point
Copy the full SHA 8824e2aView commit details -
Configuration menu - View commit details
-
Copy full SHA for 35ba896 - Browse repository at this point
Copy the full SHA 35ba896View commit details -
Configuration menu - View commit details
-
Copy full SHA for 9a662d0 - Browse repository at this point
Copy the full SHA 9a662d0View commit details -
libarchive: Request the OpenSSL 1.1 API
This also requires lowering the level of warnings for archive_hmac.c when building with OpenSSL 3.
Configuration menu - View commit details
-
Copy full SHA for 393199d - Browse repository at this point
Copy the full SHA 393199dView commit details -
Configuration menu - View commit details
-
Copy full SHA for 1303d78 - Browse repository at this point
Copy the full SHA 1303d78View commit details -
Configuration menu - View commit details
-
Copy full SHA for d49b727 - Browse repository at this point
Copy the full SHA d49b727View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4c581da - Browse repository at this point
Copy the full SHA 4c581daView commit details -
Configuration menu - View commit details
-
Copy full SHA for 0475235 - Browse repository at this point
Copy the full SHA 0475235View commit details -
Configuration menu - View commit details
-
Copy full SHA for a693794 - Browse repository at this point
Copy the full SHA a693794View commit details -
Configuration menu - View commit details
-
Copy full SHA for 490e6dd - Browse repository at this point
Copy the full SHA 490e6ddView commit details -
Configuration menu - View commit details
-
Copy full SHA for 12d7220 - Browse repository at this point
Copy the full SHA 12d7220View commit details -
libarchive: Avoid a build error with OpenSSL 3.0.8
This disables warning-errors for: archive_hmac.c:241:64: error: passing argument 2 of 'OSSL_PARAM_construct_utf8_string' discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
Configuration menu - View commit details
-
Copy full SHA for c9f9966 - Browse repository at this point
Copy the full SHA c9f9966View commit details -
Configuration menu - View commit details
-
Copy full SHA for d5b2a96 - Browse repository at this point
Copy the full SHA d5b2a96View commit details -
openssl: Re-generate the assembly files
This commit leveraged the updated Makefile.asm in order to re-generate the assembly files provided by OpenSSL.
Configuration menu - View commit details
-
Copy full SHA for 4c50d46 - Browse repository at this point
Copy the full SHA 4c50d46View commit details -
libarchive: New workaround to build with OpenSSL 3
This casts the second parameter to OSSL_PARAM_construct_utf8_string() as a char * for a string litteral, as documented in EVP_MAC(3).
Configuration menu - View commit details
-
Copy full SHA for 9a1ea7f - Browse repository at this point
Copy the full SHA 9a1ea7fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 8a4d596 - Browse repository at this point
Copy the full SHA 8a4d596View commit details -
openssl: Disable ec_nistp_64_gcc_128 on big-endian systems
ec_nistp_64_gcc_128 is only supported on 64-bit systems, but also only on little-endian systems. This fixes the build on PowerPC 64 (big-endian).
Configuration menu - View commit details
-
Copy full SHA for 069e79e - Browse repository at this point
Copy the full SHA 069e79eView commit details