Andy Polyakov
0794f3a798
x86_64cpuid.pl update [from HEAD].
2007-11-11 16:25:00 +00:00
Andy Polyakov
2b8e7b5061
Add AES x86_64 assembler. Note that it's not latest version from HEAD,
...
but older one corresponding to x86 module from 098-stable.
2007-11-11 14:49:56 +00:00
Andy Polyakov
6f57311da0
Add SHA x86_64 assembler [from HEAD].
2007-11-11 13:56:47 +00:00
Andy Polyakov
98b09d3949
Synchronize message digests in 098-fips with 098.
2007-11-11 13:34:08 +00:00
Andy Polyakov
231a737a82
Commit #16325 fixed one thing but broke DH with certain moduli [from HEAD].
2007-11-03 20:09:29 +00:00
Dr. Stephen Henson
236860735e
Allow new session ticket when resuming.
2007-11-03 13:07:39 +00:00
Lutz Jänicke
ac1ef7ec72
Add OIDs by CMP (RFC 4210) and CRMF (RFC 4211)
...
Submitted by: Martin Peylo <martinmeis@googlemail.com>
2007-11-01 08:25:28 +00:00
Andy Polyakov
5f761514e1
Make it possible for older masm to compile sse2 modules.
...
PR: 1592
2007-10-21 14:15:40 +00:00
Lutz Jänicke
32f1f622f6
Release OpenSSL 0.9.8g with various fixes to issues introduced with 0.9.8f
2007-10-19 08:25:53 +00:00
Dr. Stephen Henson
5f95651316
Ensure the ticket expected flag is reset when a stateless resumption is
...
successful.
2007-10-18 11:39:11 +00:00
Andy Polyakov
ccac657556
New unused field crippled ssl_ctx_st in 0.9.8"f".
2007-10-17 21:22:58 +00:00
Andy Polyakov
a9c23ea079
Don't let DTLS ChangeCipherSpec increment handshake sequence number. From
...
HEAD with a twist: server interoperates with non-compliant client.
PR: 1587
2007-10-17 21:17:49 +00:00
Dr. Stephen Henson
33ffe2a7f7
Don't try to lookup zero length session.
2007-10-17 17:30:15 +00:00
Dr. Stephen Henson
7c717aafc6
Allow TLS tickets and session ID to both be present if lifetime hint is -1.
...
This never happens in normal SSL sessions but can be useful if the session
is being used as a "blob" to contain other data.
2007-10-17 11:27:25 +00:00
Lutz Jänicke
225aeb171e
Work around inconsistent version numbering in 0.9.8f (release).
...
The version code of the release should have been 09086f (6=f, f=release)
but accidently it was marked "090870" (which would be "0.9.8g-dev").
Therefore we now use "090871" for the development of 0.9.8g. Once
0.9.8g is released, the problem will be "healed". We have never done
beta releases for 0.9.x-stable patch releases, so 090871 would never
be used in practice.
PR: #1589
2007-10-17 07:46:49 +00:00
Andy Polyakov
ffe181c366
Make ssl compile.
2007-10-14 14:07:46 +00:00
Dr. Stephen Henson
fd4e79a9ed
Include USE_SOCKETS #define
2007-10-14 12:19:07 +00:00
Andy Polyakov
299e174d2d
Make it possible to link VC static lib with either /MT or /MD application
...
[from HEAD].
PR: 1230
2007-10-13 12:38:37 +00:00
Andy Polyakov
ce62fc6eae
Copy bn/asm/ia64.S from HEAD.
2007-10-13 11:02:17 +00:00
Dr. Stephen Henson
43490dfb89
Avoid shadow and signed/unsigned warnings.
2007-10-12 00:29:06 +00:00
Dr. Stephen Henson
a523276786
Backport certificate status request TLS extension support to 0.9.8.
2007-10-12 00:00:36 +00:00
Ben Laurie
074471ab0c
Back to -dev.
2007-10-11 18:27:10 +00:00
Ben Laurie
d761421e1d
Minor release cockups.
2007-10-11 18:23:16 +00:00
Ben Laurie
2339c5d722
Next version.
2007-10-11 15:04:32 +00:00
Ben Laurie
dd00266757
Ready to roll.
2007-10-11 14:58:15 +00:00
Ben Laurie
bb99ce5f80
make update, and more DTLS stuff.
2007-10-11 14:36:59 +00:00
Andy Polyakov
49f42ec0f6
Respect cookie length set by app_gen_cookie_cb [from HEAD].
...
Submitted by: Alex Lam
2007-10-09 19:31:53 +00:00
Andy Polyakov
91d509f0d9
Make DTLS1 record layer MAC calculation RFC compliant. From HEAD with a
...
twist: server interoperates with non-compliant pre-0.9.8f client.
2007-10-09 19:22:01 +00:00
Andy Polyakov
d5e858c55f
Prohibit RC4 in DTLS [from HEAD].
2007-10-05 21:05:27 +00:00
Dr. Stephen Henson
fb8fcce2ac
Fix from fips branch.
2007-10-05 16:47:04 +00:00
Andy Polyakov
d4736ae701
Set client_version earlier in DTLS (this is 0.9.8 specific).
2007-10-03 10:18:06 +00:00
Andy Polyakov
3e1158522a
Oops! This was erroneously left out commit #16633 .
2007-10-01 06:28:48 +00:00
Andy Polyakov
57191f86d9
Explicit IV update [from HEAD].
2007-09-30 22:03:07 +00:00
Andy Polyakov
0a89c575de
Make ChangeCipherSpec compliant with DTLS RFC4347. From HEAD with a twist:
...
server interoperates with non-compliant pre-0.9.8f.
2007-09-30 21:20:59 +00:00
Andy Polyakov
4c860910df
DTLS RFC4347 says HelloVerifyRequest resets Finished MAC. From HEAD with a
...
twist: server allows for non-compliant Finished calculations in order to
enable interop with pre-0.9.8f.
2007-09-30 19:36:32 +00:00
Andy Polyakov
0fc3d51b7d
DTLS RFC4347 requires client to use rame random field in reply to
...
HelloVerifyRequest [from HEAD].
2007-09-30 19:15:46 +00:00
Andy Polyakov
c4b0d7879e
Switch for RFC-compliant version encoding in DTLS. From HEAD with a twist:
...
server accepts even non-compliant encoding in order to enable interop with
pre-0.9.8f clients.
2007-09-30 18:55:59 +00:00
Dr. Stephen Henson
aab1ec3f36
Update from HEAD.
2007-09-28 16:29:24 +00:00
Lutz Jänicke
fbfa11fb29
Typos
...
PR: 1578
Submitted by: Charles Longeau <chl@tuxfamily.org>
2007-09-24 11:22:31 +00:00
Lutz Jänicke
284498fcef
Finish sentence with a "."
2007-09-24 10:58:15 +00:00
Dr. Stephen Henson
07d9808496
Fix from HEAD.
2007-09-23 15:55:54 +00:00
Bodo Möller
4ab0088bfe
More changes from HEAD:
...
- no need to disable SSL 2.0 for SSL_CTRL_SET_TLSEXT_HOSTNAME
now that ssl23_client_hello takes care of that
- fix buffer overrun checks in ssl_add_serverhello_tlsext()
2007-09-21 14:05:08 +00:00
Dr. Stephen Henson
3bd1690bfb
Fixes from HEAD.
2007-09-21 13:40:51 +00:00
Lutz Jänicke
29f4b05954
The use of the PURIFY macro in ssleay_rand_bytes() is sufficient to
...
resolve the Valgrind issue with random numbers. Undo the changes to
RAND_bytes() and RAND_pseudo_bytes() that are redundant in this
respect.
Update documentation and FAQ accordingly, as the PURIFY macro is
available at least since 0.9.7.
2007-09-21 10:10:47 +00:00
Ben Laurie
48ca0c99b2
Use PURIFY instead of PEDANTIC.
2007-09-20 12:33:24 +00:00
Dr. Stephen Henson
015052cf7b
Clarify wording a little.
2007-09-20 11:32:09 +00:00
Lutz Jänicke
9ce3ee47ba
Add FAQ entry on how to get rid of Valgrind warnings.
...
PR: 521
2007-09-20 07:39:15 +00:00
Lutz Jänicke
2e3fd54337
Add passage to manual page actually reflecting the usage of the
...
contents of "buf" when calling RAND_*bytes().
2007-09-20 07:24:45 +00:00
Dr. Stephen Henson
625782f7ee
Wrap "keep valgrind happy" change in #ifdef PEDANTIC so any entropy in the
...
buffer can be normally used.
2007-09-19 13:29:05 +00:00
Ben Laurie
1c90899eef
Slight bug in dependencies caused occasional unnecessary diffs. Fixed.
2007-09-19 13:10:34 +00:00