vendor/LIBRESSL: Import LibreSSL 3.6.1

For a full list of changes:

https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.2.6-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.2

vendor/LIBRESSL: Import LibreSSL 3.6.1

For a full list of changes:

https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.2.6-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.2.7-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.3.2-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.3.3-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.3.4-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.3.5-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.3.6-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.0-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.1-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.3-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.1-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.2-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.3-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.0-relnotes.txt
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.6.1-relnotes.txt

show more ...

vendor/libressl: upgrade from 3.1.4 to 3.2.2

Summary of notable changes:

* new TLSv1.3 implementation enabled by default for both client
and server

* new X509 certificate chain validator t

vendor/libressl: upgrade from 3.1.4 to 3.2.2

Summary of notable changes:

* new TLSv1.3 implementation enabled by default for both client
and server

* new X509 certificate chain validator that correctly handles
multiple paths through intermediate certificates

* new name constraints verification implementation which passes
the bettertls.com certificate validation check suite

* numerous leaks and out-of-bounds write fixed

* many improvements, refactoring, optimizations and code cleanups

See ChangeLog for details.

show more ...

vendor/libressl: upgrade from 2.9.1 to 3.1.3

Summary of notable changes:

- fixed CVE-2019-1547 and CVE-2019-1563
- various side channels in DSA and ECDSA were addressed
- fixed PVK format output is

vendor/libressl: upgrade from 2.9.1 to 3.1.3

Summary of notable changes:

- fixed CVE-2019-1547 and CVE-2019-1563
- various side channels in DSA and ECDSA were addressed
- fixed PVK format output issue with openssl(1) dsa and rsa subcommand
- added cms subcommand to openssl(1)
- added -addext option to openssl(1) req subcommand
- added -groups option to openssl(1) s_server subcommand
- improved compatibility by backporting functionality and documentation
from OpenSSL 1.1.1
- added RSA-PSS and RSA-OAEP methods from OpenSSL 1.1.1
- completed the port of RSA_METHOD accessors from the OpenSSL 1.1 API
- ported Cryptographic Message Syntax (CMS) implementation from OpenSSL
1.1.1 and enabled by default
- completed initial TLS 1.3 implementation, TLS 1.3 is now enabled
by default for the client side, with the server side to be enabled
in a future release
- provided TLSv1.3 cipher suite aliases to match the names used
in RFC 8446

For details see ChangeLog.

show more ...

Update LibreSSL from version 2.4.4 => 2.9.1

Submitted-by: Maxim + v2 update to 2.9.1 stable

Import LibreSSL v2.4.2 to vendor branch

vendor/libressl: upgrade from 3.1.4 to 3.2.2

Summary of notable changes:

* new TLSv1.3 implementation enabled by default for both client
and server

* new X509 certificate chain validator t

vendor/libressl: upgrade from 3.1.4 to 3.2.2

Summary of notable changes:

* new TLSv1.3 implementation enabled by default for both client
and server

* new X509 certificate chain validator that correctly handles
multiple paths through intermediate certificates

* new name constraints verification implementation which passes
the bettertls.com certificate validation check suite

* numerous leaks and out-of-bounds write fixed

* many improvements, refactoring, optimizations and code cleanups

See ChangeLog for details.

show more ...

vendor/libressl: upgrade from 2.9.1 to 3.1.3

Summary of notable changes:

- fixed CVE-2019-1547 and CVE-2019-1563
- various side channels in DSA and ECDSA were addressed
- fixed PVK format output is

vendor/libressl: upgrade from 2.9.1 to 3.1.3

Summary of notable changes:

- fixed CVE-2019-1547 and CVE-2019-1563
- various side channels in DSA and ECDSA were addressed
- fixed PVK format output issue with openssl(1) dsa and rsa subcommand
- added cms subcommand to openssl(1)
- added -addext option to openssl(1) req subcommand
- added -groups option to openssl(1) s_server subcommand
- improved compatibility by backporting functionality and documentation
from OpenSSL 1.1.1
- added RSA-PSS and RSA-OAEP methods from OpenSSL 1.1.1
- completed the port of RSA_METHOD accessors from the OpenSSL 1.1 API
- ported Cryptographic Message Syntax (CMS) implementation from OpenSSL
1.1.1 and enabled by default
- completed initial TLS 1.3 implementation, TLS 1.3 is now enabled
by default for the client side, with the server side to be enabled
in a future release
- provided TLSv1.3 cipher suite aliases to match the names used
in RFC 8446

For details see ChangeLog.

show more ...

Update LibreSSL from version 2.4.4 => 2.9.1

Submitted-by: Maxim + v2 update to 2.9.1 stable

Import LibreSSL v2.4.2 to vendor branch