Mark J. Cox
25e52a78fb
After tagging, bump ready for 0.9.8e development
2006-09-28 11:39:33 +00:00
Mark J. Cox
47c4bb2ddf
Prepare for 0.9.8d release
2006-09-28 11:32:42 +00:00
Mark J. Cox
951dfbb13a
Introduce limits to prevent malicious keys being able to
...
cause a denial of service. (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service. (CVE-2006-2937) [Steve Henson]
Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
Fix SSL client code which could crash if connecting to a
malicious SSLv2 server. (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
2006-09-28 11:29:03 +00:00
Dr. Stephen Henson
c987c3f999
Fix from HEAD.
2006-09-22 17:07:40 +00:00
Bodo Möller
7d5af5e0fa
Ensure that the addition mods[i]+delta cannot overflow in probable_prime().
...
[Problem pointed out by Adam Young <adamy (at) acm.org>]
2006-09-18 14:01:39 +00:00
Bodo Möller
40ddcb717a
Remove non-functional part of recent patch, after discussion with
...
Colin Percival (this would have caused more problems than solved,
and isn't really necessary anyway)
2006-09-06 06:43:26 +00:00
Mark J. Cox
da1841a075
After tagging, prep for next release
2006-09-05 08:51:30 +00:00
Mark J. Cox
0a0a10d127
Ready for 0.9.8c release
2006-09-05 08:45:37 +00:00
Mark J. Cox
df20b6e79b
Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
...
(CVE-2006-4339)
Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
2006-09-05 08:25:42 +00:00
Dr. Stephen Henson
f4f1dc39e0
Fix from HEAD.
2006-08-31 21:01:41 +00:00
Dr. Stephen Henson
340b4dd7df
Fix from HEAD.
2006-08-31 20:11:09 +00:00
Ben Laurie
4b9dcd821f
Add IGE and biIGE modes.
2006-08-28 11:00:32 +00:00
Andy Polyakov
669c5c9380
Engage assembler in solaris64-x86_64-cc [backport from HEAD].
2006-08-01 16:13:47 +00:00
Bodo Möller
d9c06b56ca
New Camellia implementation (replacing previous version)
...
Submitted by: NTT
2006-07-19 13:38:27 +00:00
Dr. Stephen Henson
eb499b2854
Oops...
2006-07-09 12:07:22 +00:00
Dr. Stephen Henson
65a82ef6d7
Fix from HEAD.
2006-07-09 12:03:02 +00:00
Bodo Möller
5d7f15daf8
use <poll.h> as by Single Unix Specification
2006-06-30 08:14:50 +00:00
Bodo Möller
ec67e3b7e4
always read in RAND_poll() if we can't use select because of a too
...
large FD: it's non-blocking mode anyway
2006-06-28 14:50:00 +00:00
Andy Polyakov
0d3ff3c073
aes-586.pl sync from HEAD.
2006-06-28 09:01:40 +00:00
Andy Polyakov
325e48867c
Mitigate the hazard of cache-collision timing attack on last round
...
[from HEAD].
2006-06-28 08:58:15 +00:00
Richard Levitte
8de95bc05b
Use poll() when possible to gather Unix randomness entropy
2006-06-27 06:31:57 +00:00
Bodo Möller
4a9cfd763e
Another thread-safety fix
2006-06-16 01:01:14 +00:00
Bodo Möller
1921a1adb2
"make depend" for the default configuration, i.e. no-camellia here in
...
the 0.9.8 branch!
2006-06-14 09:56:08 +00:00
Bodo Möller
6d2cd23f40
Thread-safety fixes
2006-06-14 08:51:41 +00:00
Bodo Möller
14fb67f28a
make update
2006-06-14 08:47:00 +00:00
Richard Levitte
c552680473
Keep synchronised with Unix
2006-06-12 06:46:27 +00:00
Bodo Möller
edbf9f878d
Camellia cipher, contributed by NTT
...
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-11 01:08:15 +00:00
Richard Levitte
2745ddfc33
Keep synchronised with the Unix build
2006-06-10 05:38:29 +00:00
Bodo Möller
808606034a
Camellia cipher, contributed by NTT
...
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-09 22:31:05 +00:00
Bodo Möller
e18eef3d7a
Camellia cipher, contributed by NTT
...
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-09 15:42:21 +00:00
Dr. Stephen Henson
986ad56124
Fix from HEAD.
2006-05-17 18:20:27 +00:00
Dr. Stephen Henson
1c5dc844e7
Update for next dev version.
2006-05-04 13:08:35 +00:00
Dr. Stephen Henson
f871949efd
Prepare for new release.
2006-05-04 12:46:42 +00:00
Dr. Stephen Henson
eb2ec6bee9
make update
2006-05-04 12:15:59 +00:00
Dr. Stephen Henson
db0edc3273
Inherit check time if appropriate.
2006-05-03 13:16:02 +00:00
Dr. Stephen Henson
d4426e79a7
Fix warning.
2006-04-15 17:53:52 +00:00
Dr. Stephen Henson
b095418d20
Fix from 0.9.7-stable.
2006-04-15 17:43:18 +00:00
Dr. Stephen Henson
d6fd880481
Fix on the right branch this time :-)
2006-04-15 13:17:53 +00:00
Dr. Stephen Henson
cbb0b734c7
If cipher list contains a match for an explicit ciphersuite only match that
...
one suite.
2006-04-15 00:22:34 +00:00
Nils Larsch
d5cc2f19cd
fix error found by coverity: check if ctx is != NULL before calling BN_CTX_end()
2006-03-14 22:48:31 +00:00
Nils Larsch
b7a80146f4
fix error found by coverity: check if ctx is != NULL before calling BN_CTX_end()
2006-03-13 23:12:08 +00:00
Dr. Stephen Henson
81418b7c77
Update from HEAD.
2006-03-01 21:17:50 +00:00
Nils Larsch
e2217e7ed5
fix "#ifndef HZ" statement
...
PR: 1287
2006-02-28 20:08:46 +00:00
Dr. Stephen Henson
9d01d50459
Update from head.
2006-02-21 01:00:47 +00:00
Dr. Stephen Henson
e27c67c5c5
Fix from HEAD.
2006-02-19 13:45:22 +00:00
Dr. Stephen Henson
38a3178185
Fix OBJ_obj2txt() for large OIDs.
2006-02-15 15:03:47 +00:00
Nils Larsch
58828ae573
fix typo: pass pre-computed parameters to the underlying signature function; thanks to Lucas Newman
2006-02-13 08:22:39 +00:00
Nils Larsch
22d1087e16
backport recent changes from the cvs head
2006-02-08 19:16:33 +00:00
Dr. Stephen Henson
9f85fcefdc
Update filenames in makefiles
2006-02-04 01:49:36 +00:00
Dr. Stephen Henson
269d2575cd
Fix from HEAD.
2006-02-04 01:26:49 +00:00