mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-23 07:22:33 +00:00
a0814f04ed
Changes between 1.1.1r and 1.1.1s [1 Nov 2022] *) Fixed a regression introduced in 1.1.1r version not refreshing the certificate data to be signed before signing the certificate. [Gibeom Gwon] Changes between 1.1.1q and 1.1.1r [11 Oct 2022] *) Fixed the linux-mips64 Configure target which was missing the SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that platform. [Adam Joseph] *) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was causing incorrect results in some cases as a result. [Paul Dale] *) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to report correct results in some cases [Matt Caswell] *) Fixed a regression introduced in 1.1.1o for re-signing certificates with different key sizes [Todd Short] *) Added the loongarch64 target [Shi Pujin] *) Fixed a DRBG seed propagation thread safety issue [Bernd Edlinger] *) Fixed a memory leak in tls13_generate_secret [Bernd Edlinger] *) Fixed reported performance degradation on aarch64. Restored the implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid 32-bit lane assignment in CTR mode") for 64bit targets only, since it is reportedly 2-17% slower and the silicon errata only affects 32bit targets. The new algorithm is still used for 32 bit targets. [Bernd Edlinger] *) Added a missing header for memcmp that caused compilation failure on some platforms [Gregor Jasny] Build system: x86_64 Build-tested: bcm2711/RPi4B Run-tested: bcm2711/RPi4B Signed-off-by: John Audia <therealgraysky@proton.me>
30 lines
796 B
Diff
30 lines
796 B
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
|
Date: Sat, 27 Mar 2021 17:43:25 -0300
|
|
Subject: openssl.cnf: add engine configuration
|
|
|
|
This adds configuration options for engines, loading all cnf files under
|
|
/etc/ssl/engines.cnf.d/.
|
|
|
|
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
|
|
|
--- a/apps/openssl.cnf
|
|
+++ b/apps/openssl.cnf
|
|
@@ -22,6 +22,16 @@ oid_section = new_oids
|
|
# (Alternatively, use a configuration file that has only
|
|
# X.509v3 extensions in its main [= default] section.)
|
|
|
|
+openssl_conf=openssl_conf
|
|
+
|
|
+[openssl_conf]
|
|
+engines=engines
|
|
+
|
|
+[engines]
|
|
+.include /var/etc/ssl/engines.cnf
|
|
+
|
|
+.include /etc/ssl/engines.cnf.d
|
|
+
|
|
[ new_oids ]
|
|
|
|
# We can add new OIDs in here for use by 'ca', 'req' and 'ts'.
|