Overview Repositories Revisions Requests Users Attributes Meta

Secure Sockets and Transport Layer Security

Edit Package openssl

The OpenSSL Project is a collaborative effort to develop a robust,
commercial-grade, full-featured, and open source toolkit implementing
the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS
v1) protocols with full-strength cryptography. The project is managed
by a worldwide community of volunteers that use the Internet to
communicate, plan, and develop the OpenSSL toolkit and its related
documentation.

Derivation and License

OpenSSL is based on the excellent SSLeay library developed by Eric A.
Young and Tim J. Hudson. The OpenSSL toolkit is licensed under an
Apache-style license, which basically means that you are free to get it
and to use it for commercial and noncommercial purposes.

Refresh
Refresh
Source Files
Filename Size Changed
0001-Axe-builtin-printf-implementation-use-glibc-instead.patch 0000024068 23.5 KB
0001-libcrypto-Hide-library-private-symbols.patch 0000034264 33.5 KB
0005-libssl-Hide-library-private-symbols.patch 0000005860 5.72 KB
README-FIPS.txt 0000009637 9.41 KB
README.SUSE 0000000370 370 Bytes
baselibs.conf 0000000295 295 Bytes
bug610223.patch 0000000503 503 Bytes
compression_methods_switch.patch 0000002277 2.22 KB
merge_from_0.9.8k.patch 0000002910 2.84 KB
openssl-1.0.0-c_rehash-compat.diff 0000001364 1.33 KB
openssl-1.0.1e-add-suse-default-cipher.patch 0000002151 2.1 KB
openssl-1.0.1e-add-test-suse-default-cipher-suite.patch 0000000995 995 Bytes
openssl-1.0.1e-truststore.diff 0000000750 750 Bytes
openssl-1.0.2a-default-paths.patch 0000002956 2.89 KB
openssl-1.0.2a-fips-ctor.patch 0000004928 4.81 KB
openssl-1.0.2a-fips-ec.patch 0000064031 62.5 KB
openssl-1.0.2a-ipv6-apps.patch 0000016872 16.5 KB
openssl-1.0.2a-padlock64.patch 0000006684 6.53 KB
openssl-1.0.2i-fips.patch 0000510004 498 KB
openssl-1.0.2i-new-fips-reqs.patch 0000067677 66.1 KB
openssl-1.0.2j.tar.gz 0005307912 5.06 MB
openssl-1.0.2j.tar.gz.asc 0000000473 473 Bytes
openssl-fips-clearerror.patch 0000000545 545 Bytes
openssl-fips-dont-fall-back-to-default-digest.patch 0000004280 4.18 KB
openssl-fips-dont_run_FIPS_module_installed.patch 0000000547 547 Bytes
openssl-fips-fix-odd-rsakeybits.patch 0000000584 584 Bytes
openssl-fips-hidden.patch 0000001314 1.28 KB
openssl-fips-rsagen-d-bits.patch 0000001268 1.24 KB
openssl-fips-selftests_in_nonfips_mode.patch 0000002935 2.87 KB
openssl-fips_disallow_ENGINE_loading.patch 0000000674 674 Bytes
openssl-fips_disallow_x931_rand_method.patch 0000000644 644 Bytes
openssl-fipslocking.patch 0000010393 10.1 KB
openssl-fix-pod-syntax.diff 0000006981 6.82 KB
openssl-gcc-attributes.patch 0000002047 2 KB
openssl-missing_FIPS_ec_group_new_by_curve_name.patch 0000000524 524 Bytes
openssl-no-egd.patch 0000000909 909 Bytes
openssl-ocloexec.patch 0000007489 7.31 KB
openssl-pkgconfig.patch 0000001008 1008 Bytes
openssl-print_notice-NULL_crash.patch 0000000578 578 Bytes
openssl-randfile_fread_interrupt.patch 0000000585 585 Bytes
openssl-rsakeygen-minimum-distance.patch 0000002576 2.52 KB
openssl-urandom-reseeding.patch 0000003985 3.89 KB
openssl.changes 0000091892 89.7 KB
openssl.keyring 0000009998 9.76 KB
openssl.spec 0000017676 17.3 KB
openssl.test 0000000063 63 Bytes
Revision 134 (latest revision is 171)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 433063 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 134) 
- resume reading from /dev/urandom when interrupted by a signal
  (bsc#995075)
  * add openssl-randfile_fread_interrupt.patch

- add FIPS changes from SP2:
- fix problems with locking in FIPS mode (bsc#992120)
  * duplicates: bsc#991877, bsc#991193, bsc#990392, bsc#990428
    and bsc#990207
  * bring back openssl-fipslocking.patch
- drop openssl-fips_RSA_compute_d_with_lcm.patch (upstream)
  (bsc#984323)
- don't check for /etc/system-fips (bsc#982268)
  * add openssl-fips-dont_run_FIPS_module_installed.patch
- refresh openssl-fips-rsagen-d-bits.patch (forwarded request 431508 from vitezslav_cizek)
Comments 10
Thiru Shetty's avatar
Thiru Shetty (ntshetty) -

Can anyone explain, openssl-1.0.2i-new-fips-reqs.patch is for what and which code based ? I'm unable to map to any code base either openssl-1.0.2i nor openssl-fips which found in https://www.openssl.org/

Marcus Meissner's avatar
Marcus Meissner (msmeissn) -

It is from a seperate FIPS patchset which we used for FIPS certification of openssl in SLES 12 and SLES 12 SP2.

Thiru Shetty's avatar
Thiru Shetty (ntshetty) -

Can i get the source copy of it ?

Marcus Meissner's avatar
Marcus Meissner (msmeissn) -

check out these sources: SUSE:SLE-12-SP2:Update openssl

Thiru Shetty's avatar
Thiru Shetty (ntshetty) -

I'm sorry, couldn't able to locate the exact link. If you don't mind can you help me to point the link ?

Marcus Meissner's avatar
Marcus Meissner (msmeissn) -

https://build.opensuse.org/package/show/SUSE:SLE-12:Update/openssl

Thiru Shetty's avatar
Thiru Shetty (ntshetty) -

Thanks a lot. anyway i can't find openssl-1.0.2i-new-fips-reqs.patch in this path of any updation. I think it's been deleted, prior to this can find openssl-1.0.1i-new-fips-reqs.patch.

Marcus Meissner's avatar
Marcus Meissner (msmeissn) -

make that https://build.opensuse.org/package/show/SUSE:SLE-12-SP2:Update/openssl

Thiru Shetty's avatar
Thiru Shetty (ntshetty) -

Thank you, got it. Basically the New requirements of FIPS 140-2 RSA/DSA were adopted from Red Hat Inc right ?

Marcus Meissner's avatar
Marcus Meissner (msmeissn) -

The patchset is largely from Redhat, we did some small adaptions to even stricter FIPS requirements but I do not recall the details.

openSUSE Build Service is sponsored by
Places