wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
7493 commits 20 branches 302 tags 153 MiB
Commit graph

7493 commits

This branch
This branch
All branches
Author SHA1 Message Date
Lutz Jänicke
bfa33c7e91 Release OpenSSL 0.9.8g with various fixes to issues introduced with 0.9.8f 2007-10-19 08:25:15 +00:00
Lutz Jänicke
2808478899 Prepare OpenSSL 0.9.8g: cherry pick 
http://cvs.openssl.org/chngview?cn=16696
Ensure the ticket expected flag is reset when a stateless resumption is successful.

Submitted by: steve
 2007-10-19 07:44:10 +00:00
Lutz Jänicke
98d2eee05e Prepare OpenSSL 0.9.8g: cherry pick 
http://cvs.openssl.org/chngview?cn=16695
New unused field crippled ssl_ctx_st in 0.9.8"f".

Submitted by: appro
 2007-10-19 07:42:38 +00:00
Lutz Jänicke
13e8459dea Prepare OpenSSL 0.9.8g: cherry pick 
http://cvs.openssl.org/chngview?cn=16694
Don't let DTLS ChangeCipherSpec increment handshake sequence number. From HEAD with a twist: server interoperates with non-compliant client.
PR: 1587
Submitted by: appro
 2007-10-19 07:39:53 +00:00
Lutz Jänicke
8c447031ad Prepare OpenSSL 0.9.8g: cherry pick 
http://cvs.openssl.org/chngview?cn=16691
Don't try to lookup zero length session.
PR: 1591
Submitted by: steve
 2007-10-19 07:36:34 +00:00
Lutz Jänicke
4875e097f1 Prepare OpenSSL 0.9.8g: cherry pick 
http://cvs.openssl.org/chngview?cn=16682
Copy bn/asm/ia64.S from HEAD.
PR: 1594
Submitted by: appro
 2007-10-19 07:31:16 +00:00
Lutz Jänicke
9083142ace Prepare OpenSSL 0.9.8g: cherry pick 
http://cvs.openssl.org/chngview?cn=16674
Avoid shadow and signed/unsigned warnings.

Submitted by: steve
 2007-10-19 07:27:51 +00:00
cvs2svn
9f2f46ba02 This commit was manufactured by cvs2svn to create branch 'OpenSSL_0_9_8fg- 
stable'.
 2007-10-11 18:23:19 +00:00
Ben Laurie
d761421e1d Minor release cockups. 2007-10-11 18:23:16 +00:00
Ben Laurie
2339c5d722 Next version. 2007-10-11 15:04:32 +00:00
Ben Laurie
dd00266757 Ready to roll. 2007-10-11 14:58:15 +00:00
Ben Laurie
bb99ce5f80 make update, and more DTLS stuff. 2007-10-11 14:36:59 +00:00
Andy Polyakov
49f42ec0f6 Respect cookie length set by app_gen_cookie_cb [from HEAD]. 
Submitted by: Alex Lam
 2007-10-09 19:31:53 +00:00
Andy Polyakov
91d509f0d9 Make DTLS1 record layer MAC calculation RFC compliant. From HEAD with a 
twist: server interoperates with non-compliant pre-0.9.8f client.
 2007-10-09 19:22:01 +00:00
Andy Polyakov
d5e858c55f Prohibit RC4 in DTLS [from HEAD]. 2007-10-05 21:05:27 +00:00
Dr. Stephen Henson
fb8fcce2ac Fix from fips branch. 2007-10-05 16:47:04 +00:00
Andy Polyakov
d4736ae701 Set client_version earlier in DTLS (this is 0.9.8 specific). 2007-10-03 10:18:06 +00:00
Andy Polyakov
3e1158522a Oops! This was erroneously left out commit #16633. 2007-10-01 06:28:48 +00:00
Andy Polyakov
57191f86d9 Explicit IV update [from HEAD]. 2007-09-30 22:03:07 +00:00
Andy Polyakov
0a89c575de Make ChangeCipherSpec compliant with DTLS RFC4347. From HEAD with a twist: 
server interoperates with non-compliant pre-0.9.8f.
 2007-09-30 21:20:59 +00:00
Andy Polyakov
4c860910df DTLS RFC4347 says HelloVerifyRequest resets Finished MAC. From HEAD with a 
twist: server allows for non-compliant Finished calculations in order to
enable interop with pre-0.9.8f.
 2007-09-30 19:36:32 +00:00
Andy Polyakov
0fc3d51b7d DTLS RFC4347 requires client to use rame random field in reply to 
HelloVerifyRequest [from HEAD].
 2007-09-30 19:15:46 +00:00
Andy Polyakov
c4b0d7879e Switch for RFC-compliant version encoding in DTLS. From HEAD with a twist: 
server accepts even non-compliant encoding in order to enable interop with
pre-0.9.8f clients.
 2007-09-30 18:55:59 +00:00
Dr. Stephen Henson
aab1ec3f36 Update from HEAD. 2007-09-28 16:29:24 +00:00
Lutz Jänicke
fbfa11fb29 Typos 
PR: 1578
Submitted by: Charles Longeau <chl@tuxfamily.org>
 2007-09-24 11:22:31 +00:00
Lutz Jänicke
284498fcef Finish sentence with a "." 2007-09-24 10:58:15 +00:00
Dr. Stephen Henson
07d9808496 Fix from HEAD. 2007-09-23 15:55:54 +00:00
Bodo Möller
4ab0088bfe More changes from HEAD: 
- no need to disable SSL 2.0 for SSL_CTRL_SET_TLSEXT_HOSTNAME
  now that ssl23_client_hello takes care of that

- fix buffer overrun checks in ssl_add_serverhello_tlsext()
 2007-09-21 14:05:08 +00:00
Dr. Stephen Henson
3bd1690bfb Fixes from HEAD. 2007-09-21 13:40:51 +00:00
Lutz Jänicke
29f4b05954 The use of the PURIFY macro in ssleay_rand_bytes() is sufficient to 
resolve the Valgrind issue with random numbers. Undo the changes to
RAND_bytes() and RAND_pseudo_bytes() that are redundant in this
respect.
Update documentation and FAQ accordingly, as the PURIFY macro is
available at least since 0.9.7.
 2007-09-21 10:10:47 +00:00
Ben Laurie
48ca0c99b2 Use PURIFY instead of PEDANTIC. 2007-09-20 12:33:24 +00:00
Dr. Stephen Henson
015052cf7b Clarify wording a little. 2007-09-20 11:32:09 +00:00
Lutz Jänicke
9ce3ee47ba Add FAQ entry on how to get rid of Valgrind warnings. 
PR: 521
 2007-09-20 07:39:15 +00:00
Lutz Jänicke
2e3fd54337 Add passage to manual page actually reflecting the usage of the 
contents of "buf" when calling RAND_*bytes().
 2007-09-20 07:24:45 +00:00
Dr. Stephen Henson
625782f7ee Wrap "keep valgrind happy" change in #ifdef PEDANTIC so any entropy in the 
buffer can be normally used.
 2007-09-19 13:29:05 +00:00
Ben Laurie
1c90899eef Slight bug in dependencies caused occasional unnecessary diffs. Fixed. 2007-09-19 13:10:34 +00:00
Ben Laurie
4f2b7d48b1 make depend 2007-09-19 12:17:11 +00:00
Ben Laurie
458c3900e1 Lingering "security" fix. 2007-09-19 12:16:21 +00:00
Andy Polyakov
ba75b4e750 Wire DES weak_keys to read-only segment [from HEAD]. 2007-09-18 20:59:33 +00:00
Andy Polyakov
ab011d51be Minimize stack utilization in probable_prime [from HEAD]. 2007-09-18 20:55:10 +00:00
Andy Polyakov
898d9b1a87 Remove excessive whitespaces from bio.h. 2007-09-18 20:49:25 +00:00
Bodo Möller
4f9a9d2b79 Make sure that BN_from_montgomery keeps the BIGNUMS in proper format 2007-09-18 16:31:18 +00:00
Dr. Stephen Henson
346f2f93e1 PR: 1560 2007-09-17 17:54:02 +00:00
Dr. Stephen Henson
25b0e072dd PR: 1582 2007-09-17 17:30:01 +00:00
Andy Polyakov
dc13c882fb enc.pod update [from HEAD]. 
PR: 1529
 2007-09-17 16:43:11 +00:00
Andy Polyakov
12a52467c8 Typo in pq_compat.h [note that this file is not present in HEAD]. 
PR: 1537
 2007-09-17 16:21:21 +00:00
Andy Polyakov
22e6c73dcc Mention SHA2 in apps/dgst and openssl.pod. 
PR: 1575
 2007-09-17 15:57:31 +00:00
Andy Polyakov
53b9696f3f It's inappropraite to override application signal, nor is it appropriate 
to shut down Winsock unless we know it won't be used [and we never do]
[from HEAD].
PR: 1439
 2007-09-16 18:35:45 +00:00
Andy Polyakov
7e4fe4662b Minor fix in link_[oa].hpux [from HEAD]. 2007-09-16 14:11:51 +00:00
Andy Polyakov
18fd413f37 BSD run-time linkers apparently demand RPATH on .so objects [from HEAD]. 
PR: 1381
 2007-09-16 12:24:17 +00:00