upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-08 00:02:14 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/README.md
Pierre Pronchery 315108b816 openssl: Vendor import of OpenSSL 3.0.11 
Major changes between OpenSSL 3.0.10 and OpenSSL 3.0.11:

* Fix POLY1305 MAC implementation corrupting XMM registers on Windows
  ([CVE-2023-4807])

Release notes can otherwise be found at
https://www.openssl.org/news/openssl-3.0-notes.html.

Obtained from:	https://www.openssl.org/source/openssl-3.0.11.tar.gz
Sponsored by:	The FreeBSD Foundation

Test Plan:
```
$ git status
On branch vendor/openssl-3.0
Your branch is up to date with 'origin/vendor/openssl-3.0'.

nothing to commit, working tree clean
$ OSSLVER=3.0.11
$ XLIST=FREEBSD-Xlist
$ (cd ..; fetch https://www.openssl.org/source/openssl-${OSSLVER}.tar.gz https://www.openssl.org/source/openssl-${OSSLVER}.tar.gz.asc)
openssl-3.0.11.tar.gz                                   14 MB   17 MBps    01s
openssl-3.0.11.tar.gz.asc                              833  B 8301 kBps    00s
$ gpg --list-keys
/home/khorben/.gnupg/pubring.kbx
--------------------------------
pub   rsa4096 2011-03-01 [SCA]
  DC34EE5DB2417BCC151E5100E5F8F8212F77A498
uid           [ unknown] Willem Toorop <willem@nlnetlabs.nl>
sub   rsa4096 2011-03-01 [E]

pub   rsa4096 2014-10-04 [SC] [expires: 2024-01-30]
  EFC0A467D613CB83C7ED6D30D894E2CE8B3D79F5
uid           [ unknown] OpenSSL security team <openssl-security@openssl.org>
uid           [ unknown] OpenSSL OMC <openssl-omc@openssl.org>
uid           [ unknown] OpenSSL Security <openssl-security@openssl.org>
sub   rsa4096 2014-10-04 [E] [expires: 2024-01-30]

$ gpg --verify ../openssl-${OSSLVER}.tar.gz.asc ../openssl-${OSSLVER}.tar.gz
gpg: Signature made Tue Sep 19 15:02:51 2023 CEST
gpg:                using RSA key EFC0A467D613CB83C7ED6D30D894E2CE8B3D79F5
gpg: Good signature from "OpenSSL security team <openssl-security@openssl.org>" [unknown]
gpg:                 aka "OpenSSL OMC <openssl-omc@openssl.org>" [unknown]
gpg:                 aka "OpenSSL Security <openssl-security@openssl.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: EFC0 A467 D613 CB83 C7ED  6D30 D894 E2CE 8B3D 79F5
$ tar -x -X $XLIST -f ../openssl-${OSSLVER}.tar.gz -C ..
$ rsync --exclude FREEBSD.* --delete -av ../openssl-${OSSLVER}/* .
[...]
$ diff -arq ../openssl-${OSSLVER}  .
Only in .: .git
Only in .: FREEBSD-Xlist
Only in .: FREEBSD-upgrade
Only in .: appveyor.yml
$ git status FREEBSD*
On branch vendor/openssl-3.0
Your branch is up to date with 'origin/vendor/openssl-3.0'.

nothing to commit, working tree clean
```
2023-09-22 11:55:26 -04:00

2.8 KiB
Raw Blame History

FreeBSD Source:

This is the top level of the FreeBSD source directory.

FreeBSD is an operating system used to power modern servers, desktops, and embedded platforms. A large community has continually developed it for more than thirty years. Its advanced networking, security, and storage features have made FreeBSD the platform of choice for many of the busiest web sites and most pervasive embedded networking and storage devices.

For copyright information, please see the file COPYRIGHT in this directory. Additional copyright information also exists for some sources in this tree - please see the specific source directories for more information.

The Makefile in this directory supports a number of targets for building components (or all) of the FreeBSD source tree. See build(7), config(8), FreeBSD handbook on building userland, and Handbook for kernels for more information, including setting make(1) variables.

For information on the CPU architectures and platforms supported by FreeBSD, see the FreeBSD website's Platforms page.

Source Roadmap:

Directory Description
bin System/user commands.
cddl Various commands and libraries under the Common Development and Distribution License.
contrib Packages contributed by 3rd parties.
crypto Cryptography stuff (see crypto/README).
etc Template files for /etc.
gnu Commands and libraries under the GNU General Public License (GPL) or Lesser General Public License (LGPL). Please see gnu/COPYING and gnu/COPYING.LIB for more information.
include System include files.
kerberos5 Kerberos5 (Heimdal) package.
lib System libraries.
libexec System daemons.
release Release building Makefile & associated tools.
rescue Build system for statically linked /rescue utilities.
sbin System commands.
secure Cryptographic libraries and commands.
share Shared resources.
stand Boot loader sources.
sys Kernel sources (see sys/README.md).
targets Support for experimental DIRDEPS_BUILD
tests Regression tests which can be run by Kyua. See tests/README for additional information.
tools Utilities for regression testing and miscellaneous tasks.
usr.bin User commands.
usr.sbin System administration commands.

For information on synchronizing your source tree with one or more of the FreeBSD Project's development branches, please see FreeBSD Handbook.