![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / lib / libssl
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.25, Fri Apr 11 22:51:53 2014 UTC (10 years, 2 months ago) by miod
Branch: MAIN
CVS Tags: HEAD
Changes since 1.24: +0 -0 lines
FILE REMOVED
Move build machinery for libcrypto from libssl/crypto to libcrypto, as well as configuration files; split manpages and .pc files between libcrypto and libssl. No functional change, only there to make engineering easier, and libcrypto sources are still found in libssl/src/crypto at the moment. ok reyk@, also discussed with deraadt@ beck@ and the usual crypto suspects.
Revision 1.24 / (download) - annotate - [select for diffs], Wed Apr 9 14:33:39 2014 UTC (10 years, 2 months ago) by sthen
Branch: MAIN
Changes since 1.23: +19 -1842 lines
Diff to previous 1.23 (colored)
Remove CA certificates which are not listed in Mozilla's certdata.txt. Notably this removes CAcert who it turns out have strict requirements on redistribution (http://www.cacert.org/policy/RootDistributionLicense.php) which we don't meet.
Revision 1.23 / (download) - annotate - [select for diffs], Wed Apr 9 12:51:15 2014 UTC (10 years, 2 months ago) by reyk
Branch: MAIN
Changes since 1.22: +313 -0 lines
Diff to previous 1.22 (colored)
Use root CAs that are used by TeleSec (Deutsche Telekom AG): - Baltimore CyberTrust Root - Deutsche Telekom Root CA 2 - T-TeleSec GlobalRoot Class 2 - T-TeleSec GlobalRoot Class 3 ok sthen@
Revision 1.22 / (download) - annotate - [select for diffs], Mon Dec 3 10:19:09 2012 UTC (11 years, 6 months ago) by sthen
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5,
OPENBSD_5_4_BASE,
OPENBSD_5_4,
OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.21: +1758 -152 lines
Diff to previous 1.21 (colored)
New CA root certificates, ok beck@. - additional cert's from GlobalSign. - additional cert's from VeriSign and replace existing ones with 'Signature Algorithm: md2WithRSAEncryption' with their currently distributed sha1WithRSAEncryption versions. - new CAs: AddTrust (root for most Comodo certificates also heavily used in academic networks), Comodo (most of their certs are rooted in AddTrust but TERENA use the Comodo AAA Certificate Services root for some things so add that separately), UserTrust Network/UTN (part of Comodo) and Starfield (part of Go Daddy).
Revision 1.21 / (download) - annotate - [select for diffs], Sat Dec 1 09:22:33 2012 UTC (11 years, 6 months ago) by sthen
Branch: MAIN
Changes since 1.20: +1187 -0 lines
Diff to previous 1.20 (colored)
Additional CA root certificates: GeoTrust/Equifax, Go Daddy, StartCom, thawte. ok beck@ william@ todd@
Revision 1.20 / (download) - annotate - [select for diffs], Fri Nov 30 21:20:24 2012 UTC (11 years, 6 months ago) by sthen
Branch: MAIN
Changes since 1.19: +465 -439 lines
Diff to previous 1.19 (colored)
Regenerate the text information for all certificates with recent openssl and include sha1 signatures for all certs (some were missing). No certificate changes, this is just for consistency. ok beck@
Revision 1.19 / (download) - annotate - [select for diffs], Fri Nov 30 18:19:42 2012 UTC (11 years, 6 months ago) by sthen
Branch: MAIN
Changes since 1.18: +0 -499 lines
Diff to previous 1.18 (colored)
Remove retired Thawte/Verisign certificates. Remove intermediate GoDaddy certificate, this file should just contain roots. ok beck@ phessler@
Revision 1.18 / (download) - annotate - [select for diffs], Wed Jul 20 16:43:18 2011 UTC (12 years, 10 months ago) by sthen
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2,
OPENBSD_5_1_BASE,
OPENBSD_5_1,
OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.17: +247 -114 lines
Diff to previous 1.17 (colored)
- Replace digicert 2nd-level cert with the root which issued it. Allows https checkouts from github to work. - Add digicert's other root certs. Fingerprints carefully checked against those in the built-in roots supplied with Mozilla. ok dcoppa@ jcs@
Revision 1.17 / (download) - annotate - [select for diffs], Wed Jun 15 19:20:47 2011 UTC (12 years, 11 months ago) by dhill
Branch: MAIN
Changes since 1.16: +563 -0 lines
Diff to previous 1.16 (colored)
Add the following certs: DigiCert High Assurance CA-3 Go Daddy Secure Certification Authority/serialNumber=07969287 Equifax Secure Certificate Authority VeriSign Class 3 Public Primary Certification Authority - G5 Entrust Certification Authority - L1C Entrust.net Secure Server Certification Authority ok mikeb@ beck@ fgsch@ constant prodding by marco@
Revision 1.16 / (download) - annotate - [select for diffs], Fri Mar 25 16:17:15 2011 UTC (13 years, 2 months ago) by beck
Branch: MAIN
Changes since 1.15: +0 -665 lines
Diff to previous 1.15 (colored)
back out previous commit. "if you have checked this I am ok with it" does not mean 1) not to pay attention to breaking news after I tell you that and 2) not to get ok's from the others this had been shown to. I am absolutely not ok with thig going in with only *my* ok. There's a reason why we want more than one ok on important commits ok deraadt@ for the backout
Revision 1.15 / (download) - annotate - [select for diffs], Fri Mar 25 15:45:02 2011 UTC (13 years, 2 months ago) by dhill
Branch: MAIN
Changes since 1.14: +665 -0 lines
Diff to previous 1.14 (colored)
Add the following certs: DigiCert High Assurance CA-3 Go Daddy Secure Certification Authority COMODO High-Assurance Secure Server CA Equifax Secure Certificate Authority VeriSign Class 3 Public Primary Certification Authority - G5 Entrust Certification Authority - L1C Entrust.net Secure Server Certification Authority cross checked with mozilla ok beck@
Revision 1.14 / (download) - annotate - [select for diffs], Thu Mar 3 16:44:18 2011 UTC (13 years, 3 months ago) by dhill
Branch: MAIN
Changes since 1.13: +0 -174 lines
Diff to previous 1.13 (colored)
Remove expired certs. ok beck@ fgsch@
Revision 1.13 / (download) - annotate - [select for diffs], Thu Dec 31 07:13:15 2009 UTC (14 years, 5 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9,
OPENBSD_4_8_BASE,
OPENBSD_4_8,
OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.12: +108 -0 lines
Diff to previous 1.12 (colored)
new ipsca root.
Revision 1.12 / (download) - annotate - [select for diffs], Thu Dec 31 07:06:29 2009 UTC (14 years, 5 months ago) by dlg
Branch: MAIN
Changes since 1.11: +0 -51 lines
Diff to previous 1.11 (colored)
ipsca has expired
Revision 1.11 / (download) - annotate - [select for diffs], Mon Oct 12 07:44:44 2009 UTC (14 years, 8 months ago) by fgsch
Branch: MAIN
Changes since 1.10: +51 -0 lines
Diff to previous 1.10 (colored)
another cert that makes godaddy.com and launchpad.net (among others) happy. found by Guillaume Protet (guillaume dot protet at mortheres dot info) while testing bzr update. deraadt@ ok
Revision 1.10 / (download) - annotate - [select for diffs], Sat Aug 8 11:46:02 2009 UTC (14 years, 10 months ago) by fgsch
Branch: MAIN
Changes since 1.9: +148 -839 lines
Diff to previous 1.9 (colored)
remove expired certificates and add startcom ltd. beck@ ok
Revision 1.9 / (download) - annotate - [select for diffs], Mon May 25 21:07:38 2009 UTC (15 years ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6
Changes since 1.8: +51 -0 lines
Diff to previous 1.8 (colored)
add ipsCA as a valid authority. ok beck@
Revision 1.8 / (download) - annotate - [select for diffs], Sat Feb 17 14:51:36 2007 UTC (17 years, 3 months ago) by grunk
Branch: MAIN
CVS Tags: pre_openssl_0_9_8h,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4,
OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2,
OPENBSD_4_1_BASE,
OPENBSD_4_1
Changes since 1.7: +0 -97 lines
Diff to previous 1.7 (colored)
remove two expired certificates, diff from <Christian_Rusch@genua.de> ok jakob@
Revision 1.7 / (download) - annotate - [select for diffs], Mon Jun 12 14:06:14 2006 UTC (18 years ago) by jakob
Branch: MAIN
CVS Tags: OPENBSD_4_0_BASE,
OPENBSD_4_0
Changes since 1.6: +268 -0 lines
Diff to previous 1.6 (colored)
add class 1 and class 3 root certificates from CAcert.org. ok beck@
Revision 1.6 / (download) - annotate - [select for diffs], Wed Jun 7 15:16:19 2006 UTC (18 years ago) by jakob
Branch: MAIN
Changes since 1.5: +0 -541 lines
Diff to previous 1.5 (colored)
remove expired certificates. ok beck@
Revision 1.5 / (download) - annotate - [select for diffs], Wed Jun 7 05:27:17 2006 UTC (18 years ago) by jakob
Branch: MAIN
Changes since 1.4: +89 -107 lines
Diff to previous 1.4 (colored)
update a couple of existing CAs that has been changed. ok beck@
Revision 1.4 / (download) - annotate - [select for diffs], Wed Jun 7 05:25:55 2006 UTC (18 years ago) by jakob
Branch: MAIN
Changes since 1.3: +2549 -2744 lines
Diff to previous 1.3 (colored)
reformat using 'openssl x509 -text -fingerprint -sha1' and sort by 'openssl x509 -hash'. ok beck@
Revision 1.3 / (download) - annotate - [select for diffs], Wed Jun 7 05:20:10 2006 UTC (18 years ago) by jakob
Branch: MAIN
Changes since 1.2: +2704 -2509 lines
Diff to previous 1.2 (colored)
back out last patch due to updated committed prematurely
Revision 1.2 / (download) - annotate - [select for diffs], Wed Jun 7 05:16:43 2006 UTC (18 years ago) by jakob
Branch: MAIN
Changes since 1.1: +2549 -2744 lines
Diff to previous 1.1 (colored)
reformat using 'openssl x509 -text -fingerprint -sha1' and sort by 'openssl x509 -hash'. ok beck@
Revision 1.1 / (download) - annotate - [select for diffs], Fri Apr 1 05:31:40 2005 UTC (19 years, 2 months ago) by beck
Branch: MAIN
CVS Tags: OPENBSD_3_9_BASE,
OPENBSD_3_9,
OPENBSD_3_8_BASE,
OPENBSD_3_8
Add a reasonably sane CA bundle to /etc/ssl/cert.pem, the default location for libssl, this makes lynx not bitch when seeing sites with certificates signed by these issuers. We should probably think carefully about adding a few more in here too.