Dr. Stephen Henson
8b634ba029
OSX DSO fix from HEAD.
2009-07-16 09:58:27 +00:00
Dr. Stephen Henson
526228b78e
Update from 1.0.0-stable.
2009-07-15 11:03:08 +00:00
Dr. Stephen Henson
7852c6b075
Update from HEAD
2009-07-11 22:30:49 +00:00
Dr. Stephen Henson
2c5f3606d1
Remove MD2 from digest algorithm table. This follows the recommendation in
...
several places that it is not used in new applications.
2009-07-08 08:33:27 +00:00
Dr. Stephen Henson
f67f815624
Update from 1.0.0-stable.
2009-06-30 11:22:25 +00:00
Dr. Stephen Henson
5e4c2225ed
Oops, moved too much.
2009-06-26 23:56:10 +00:00
Dr. Stephen Henson
167d2a1411
PR: 1961
...
Submitted by: Martin Gerbershagen <martin.gerbershagen@nsn.com>
Approved by: steve@openssl.org
Avoid memory leak if RAND_bytes() fails.
2009-06-26 22:52:18 +00:00
Dr. Stephen Henson
9aecc3e5ff
Update from 1.0.0-stable.
2009-06-26 11:34:22 +00:00
Dr. Stephen Henson
b8a4a5bcba
Fix from HEAD.
2009-06-25 17:12:26 +00:00
Dr. Stephen Henson
efaa569c3b
PR: 1943
...
Submitted by: Guenter <lists@gknw.net>
Approved by: steve@openssl.org
Rename uni2asc and asc2uni on Netware to avoid a name clash.
2009-06-17 11:55:51 +00:00
Dr. Stephen Henson
15684f58c2
Update from 1.0.0-stable.
2009-06-17 11:49:18 +00:00
Dr. Stephen Henson
0e6c24ae4b
Update from HEAD.
2009-06-17 11:26:39 +00:00
Dr. Stephen Henson
1e53b797f6
Don't check self-signed signature in X509_verify_cert(), the check just
...
wastes processing time and doesn't add any security.
2009-06-15 14:52:38 +00:00
Dr. Stephen Henson
1ddf691244
Update from 1.0.0-stable.
2009-06-05 15:05:10 +00:00
Dr. Stephen Henson
78074baadd
Fix from 1.0.0-stable.
2009-06-05 11:53:49 +00:00
Dr. Stephen Henson
7457642b8c
PR: 1937
...
Submitted by: Mark Phalan <Mark.Phalan@Sun.COM>
Reviewed by: steve@openssl.org
Fix misuse of st_mode field in struct stat.
2009-06-02 11:31:32 +00:00
Dr. Stephen Henson
c2f425a06a
PR: 1944
...
Submitted by: Guenter <lists@gknw.net>
Reviewed by: steve@openssl.org
Fix gcc warning on mingw.
2009-06-01 12:18:21 +00:00
Dr. Stephen Henson
4930f8bbd9
Update from HEAD.
2009-06-01 12:14:53 +00:00
Dr. Stephen Henson
4730ea8a38
Fix from 1.0.0-stable branch.
2009-05-18 16:12:56 +00:00
Dr. Stephen Henson
b7d0d35a13
Modified PR#1929 update from 1.0.0-stable.
2009-05-17 16:42:14 +00:00
Richard Levitte
d7c86198d9
Stupid typo
2009-05-17 07:22:18 +00:00
Dr. Stephen Henson
6bf4ca0840
Update from 1.0.0-stable.
2009-05-16 16:18:45 +00:00
Dr. Stephen Henson
efa59b8d59
Updates from 1.0.0-stable.
2009-05-16 15:51:59 +00:00
Dr. Stephen Henson
e1a2bfaaa6
Update from HEAD.
2009-05-15 23:07:59 +00:00
Richard Levitte
48f48d96ce
Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda).
...
Thank you\!
(note: not tested for now, a few nightly builds should give indications though)
2009-05-15 16:37:29 +00:00
Richard Levitte
3166d16f06
Add a comment about libeay.num and ssleay.num
2009-05-15 16:00:11 +00:00
Richard Levitte
3e9b2042d9
Update from HEAD
2009-05-05 08:48:02 +00:00
Richard Levitte
05ee0523c1
Update from HEAD
2009-04-28 13:11:05 +00:00
Dr. Stephen Henson
01cb2049e3
Update from 1.0.0-stable.
2009-04-22 17:37:47 +00:00
Dr. Stephen Henson
b00c36e366
PR: 1829
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS timer bug fix from 1.0.0-stable with fixes.
2009-04-14 15:20:48 +00:00
Dr. Stephen Henson
18df6b30b1
Fix from 1.0.0-stable.
2009-04-08 15:58:26 +00:00
Dr. Stephen Henson
a78ded0b61
PR: 1700
...
Submitted by: "Robbins, Aharon" <aharon.robbins@intel.com>
Approved by: steve@openssl.org
#undef X509_EXTENSIONS for WIN32 too.
2009-04-03 16:54:04 +00:00
Dr. Stephen Henson
0a629ddbd6
Update from 1.0.0-stable
2009-04-03 16:28:20 +00:00
Dr. Stephen Henson
353cb367e4
PR: 1616
...
Submitted by: Dequin_Eric@emc.com
Approved by: steve@openssl.org
Check tree->levels to ensure malloc worked.
2009-04-03 11:36:49 +00:00
Dr. Stephen Henson
c342341ea1
Ooops, revert patch... due to non-portable gettimeofday call.
2009-04-02 22:19:07 +00:00
Dr. Stephen Henson
9d396bee8e
PR: 1829
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS timer bug fix.
2009-04-02 22:16:02 +00:00
Dr. Stephen Henson
aca8bf43ce
Submitted by: Ilya O. <vrghost@gmail.com>
...
Approved by: steve@openssl.org
Add 2.5.4.* OIDs.
2009-03-25 19:01:03 +00:00
Dr. Stephen Henson
7de0df694f
Prepare for next version.
2009-03-25 13:02:49 +00:00
Dr. Stephen Henson
15d3cd4680
Aaargh.... wrong version number....
2009-03-25 12:08:14 +00:00
Dr. Stephen Henson
e10051ef3f
Prepare for 0.9.8k release.
2009-03-25 10:46:56 +00:00
Dr. Stephen Henson
c60dca1f95
PR: 1868
...
Submitted by: Paolo Ganci <Paolo.Ganci@AdNovum.CH>
Approved by: steve@openssl.org
Don't set fields to NULL when freeing them up in ASN1 code. On some platforms
with sizeof(long) < sizeof(char *) this can cause a crash.
2009-03-25 10:42:34 +00:00
Dr. Stephen Henson
188abf7e2a
Submitted by: Ivan Nestlerode <inestlerode@us.ibm.com>
...
Approved by: steve@openssl.org
Check return code properly in CMS_SignerInfo_verify_content().
2009-03-25 10:40:32 +00:00
Dr. Stephen Henson
f021b7cca6
Reject BMPStrings and UniversalStrings of invalid length. This prevents
...
a crash in ASN1_STRING_print_ex() which assumes they are valid.
2009-03-25 10:35:57 +00:00
Andy Polyakov
3f03b3569d
des_enc.m4, SPARC DES assembler, update from HEAD: make it Purify-friendly.
...
As side effect it introduces duplicate of 2KB DES_SPtrans table.
2009-03-16 13:43:43 +00:00
Dr. Stephen Henson
07dd3bfcd4
Oops.
2009-03-15 14:03:29 +00:00
Dr. Stephen Henson
37afdc953e
Don't force S/MIME signing purpose: allow it to be overridden by store
...
settings.
Don't set default values in X509_VERIFY_PARAM_new(): it stops parameters
being inherited properly.
2009-03-15 13:36:01 +00:00
Dr. Stephen Henson
044855e146
Permit nested ASN1 string encoding but with a maximum depth to avoid
...
stack overflow.
2009-03-14 18:33:25 +00:00
Dr. Stephen Henson
12379c82ba
Update from HEAD.
2009-03-14 12:40:46 +00:00
Dr. Stephen Henson
be98d6b9ad
PR: 1863
...
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Reviewed by: steve@openssl.org
Check return value, use OPENSSL_assert and unsigned int.
2009-03-14 12:26:03 +00:00
Dr. Stephen Henson
6fe9c925d2
PR: 1856
...
Check return value of PKCS12_add_safes()
2009-03-09 13:07:16 +00:00
Dr. Stephen Henson
0d658ddf25
PR: 1858
...
Submitted by: Jurko Gospodneti <jurko.gospodnetic@docte.hr>
Reviewed by: steve@openssl.org
Make OPENSSL_NO_SOCK work.
2009-03-09 12:09:03 +00:00
Dr. Stephen Henson
cefa7ce284
PR: 1857
...
Submitted by: Jurko GospodnetiÄ <jurko.gospodnetic@docte.hr>
Reviewed by: steve@openssl.org
Make OPENSSL_NO_FP_API work again.
2009-03-09 12:06:23 +00:00
Dr. Stephen Henson
ee4041b8bd
PR: 1841
...
Submitted by: Martin Kaiser <lists@kaiser.cx>
Reviewed by: steve@openssl.org
Remove unused code.
2009-03-08 23:05:34 +00:00
Ben Laurie
a17f351b56
Fix display of all 0 IPv6 address (from Rob Austein).
2009-03-08 10:48:03 +00:00
Dr. Stephen Henson
4fcf8d8b07
Submitted by: Jeremy Shapiro <jnshapir@us.ibm.com>
...
Reviewed by: steve@openssl.org
Improve efficientcy of mem_gets().
2009-03-07 16:58:43 +00:00
Ben Laurie
1eee8a4226
Use the correct length (reported by Quanhong Wang).
2009-03-03 15:06:49 +00:00
Ben Laurie
e26ad0c4fd
Fix FIPS typo.
2009-02-18 10:27:23 +00:00
Dr. Stephen Henson
6e7559ac7f
Update from HEAD.
2009-02-16 23:24:06 +00:00
Richard Levitte
9feda63955
Data not initialised.
...
Notified by Gerardo Ganis <gerardo.ganis@cern.ch>
2009-02-16 15:17:26 +00:00
Ben Laurie
1ed81ff731
Use shared dev team flags, fix resulting warning.
2009-02-16 08:44:23 +00:00
Dr. Stephen Henson
9a6401acdf
PR: 1422
...
Fix return value of X509_NAME_cmp() so it works with qsort/bsearch again.
2009-02-15 12:10:39 +00:00
Dr. Stephen Henson
f908ca4db4
PR: 1840
...
Submitted by: Martin Kaiser <lists@kaiser.cx>
Approved by: steve@openssl.org
Handle NULL passing in parameter and BN_CTX_new() error correctly.
2009-02-14 22:19:31 +00:00
Dr. Stephen Henson
72f6453c48
PR: 1835
...
Submitted by: Damien Miller <djm@mindrot.org>
Approved by: steve@openssl.org
Fix various typos.
2009-02-14 21:50:14 +00:00
Dr. Stephen Henson
73cb37295d
Update from HEAD.
2009-01-28 12:55:36 +00:00
Dr. Stephen Henson
1f35508ae6
Support NumericString for name components.
2009-01-28 12:35:10 +00:00
Richard Levitte
3e2a74c294
Add missing modules
2009-01-28 07:54:16 +00:00
Richard Levitte
ab31dbc482
Another symbol that's longer than 31 characters.
2009-01-17 12:33:43 +00:00
Richard Levitte
36e9d3ee91
A forgotten module...
2009-01-17 12:33:11 +00:00
Dr. Stephen Henson
5f3ad8f82c
Update from HEAD.
2009-01-14 10:46:00 +00:00
Dr. Stephen Henson
d34353cc91
Prepare for next version.
2009-01-07 23:38:34 +00:00
Dr. Stephen Henson
6287fa5396
Prepare for 0.9.8j release.
2009-01-07 10:50:54 +00:00
Dr. Stephen Henson
a00c3c4019
Properly check EVP_VerifyFinal() and similar return values
...
(CVE-2008-5077).
Submitted by: Ben Laurie, Bodo Moeller, Google Security Team
2009-01-07 10:48:23 +00:00
Dr. Stephen Henson
92308905dd
make update.
2009-01-05 12:47:11 +00:00
Andy Polyakov
e607e731eb
Synchronize with bn_nist.c from HEAD.
2008-12-30 13:41:08 +00:00
Andy Polyakov
f17c45611e
Backport http://cvs.openssl.org/chngview?cn=17710 from HEAD.
...
PR: 1230
2008-12-30 13:30:57 +00:00
Andy Polyakov
a51c8c64e0
Backport aes-x86_64.pl update from HEAD.
2008-12-27 13:34:30 +00:00
Richard Levitte
7f065cfdbd
In BIO_write(), update the write statistics, not the read statistics.
...
PR: 1803
2008-12-25 22:24:21 +00:00
Richard Levitte
667fbc0847
Further synchronisation with Unix
2008-12-25 22:04:45 +00:00
Richard Levitte
6ba7bd5697
Synchronise with Unixly build.
2008-12-22 09:30:09 +00:00
Dr. Stephen Henson
2cad035c01
Make no-engine work again...
2008-12-20 17:04:09 +00:00
Andy Polyakov
2a76c68842
Backport aes-x86_64.pl update from HEAD and revisit same code in aes-586.pl.
...
PR: 1801
2008-12-17 14:14:51 +00:00
Ben Laurie
1b00f4bc37
Missing return values (Coverity ID 204).
2008-12-13 17:00:53 +00:00
Dr. Stephen Henson
fe43caa4a4
Fix from HEAD.
2008-12-08 19:13:57 +00:00
Dr. Stephen Henson
792e614144
Fix from HEAD.
2008-12-07 23:59:13 +00:00
Ben Laurie
f092a073a7
Fix warnings.
2008-12-02 18:14:44 +00:00
Bodo Möller
505ed2b076
Implement Configure option pattern "experimental-foo"
...
(specifically, "experimental-jpake").
2008-12-02 01:21:06 +00:00
Dr. Stephen Henson
cef3e62d2b
Don't clobber passed GENERAL_NAME on error.
2008-11-30 16:07:11 +00:00
Dr. Stephen Henson
516f76fd2c
Move new function CRYPTO_strdup to mem_dbg.c because mem.c is excluded in
...
a fips build.
2008-11-24 17:02:49 +00:00
Dr. Stephen Henson
5a02ac6e5b
Revert OPENSSL_EXPERIMENTAL patch.
...
Change it so JPAKE uses the standard OPENSSL_NO_JPAKE instead.
2008-11-24 16:14:15 +00:00
Dr. Stephen Henson
14d4074ee1
Update from HEAD.
2008-11-21 18:18:28 +00:00
Dr. Stephen Henson
d9f16c405c
Commit default dependencies.
2008-11-19 16:03:51 +00:00
Dr. Stephen Henson
5aa032033e
Remove jpake.h dependencies from default build.
2008-11-19 00:40:59 +00:00
Dr. Stephen Henson
c0ce8fe755
Update .cvsignore
2008-11-15 17:47:31 +00:00
Dr. Stephen Henson
55eff40084
Stop warnings.
2008-11-15 17:46:41 +00:00
Bodo Möller
fe46b0de29
make update
2008-11-14 00:17:43 +00:00
Dr. Stephen Henson
a581439bb1
Fixes for "make depend". Features which need a #define to be set to
...
enable them, like FIPS and JPAKE need to have these set when building
dependencies.
2008-11-13 15:08:33 +00:00
Ben Laurie
a43337e8c4
Not an error to include jpake.h when disabled.
2008-11-13 11:35:23 +00:00
Ben Laurie
33c51ec143
J-PAKE is not RSA.
2008-11-13 09:50:24 +00:00
Dr. Stephen Henson
a1bb2d6c2f
Update mk1mf.pl for new JPAKE options. Update jpaketest.c for WIN32.
2008-11-12 18:27:17 +00:00
Dr. Stephen Henson
81dde5e8fe
Add support for experimental code, not compiled in by default and
...
with OPENSSL_EXPERIMENTAL_FOO around it. Make JPAKE experimental.
2008-11-12 16:54:35 +00:00
Dr. Stephen Henson
b84e441861
Don't attempt to enter FIPS mode in autoconfig module if already in FIPS mode.
2008-11-11 12:52:14 +00:00
Dr. Stephen Henson
08e012bbec
Update from HEAD.
2008-11-11 12:42:32 +00:00
Dr. Stephen Henson
b46acc392b
Avoid conflict with some version of Windows platform SDK.
2008-11-11 12:22:17 +00:00
Dr. Stephen Henson
2c17b493b1
Make -DKSSL_DEBUG work again.
2008-11-10 18:55:07 +00:00
Dr. Stephen Henson
3795297af8
Change old obsolete email address...
2008-11-05 18:36:57 +00:00
Dr. Stephen Henson
33fd33d423
Fix from HEAD.
2008-11-05 18:29:49 +00:00
Dr. Stephen Henson
582ef3dbdb
Fix from HEAD.
2008-10-31 12:09:18 +00:00
Andy Polyakov
6a933782fa
randfile.c: .rnd can become orphaned on VMS [from HEAD].
...
Submitted by: David North
2008-10-28 16:30:09 +00:00
Andy Polyakov
8d64abacc6
Fix crash in BN_rshift [from HEAD].
...
PR: 1663
2008-10-28 13:47:38 +00:00
Dr. Stephen Henson
9af6802943
Win32 fixes, add new directory to WIN32 build system.
2008-10-27 12:30:33 +00:00
Dr. Stephen Henson
c10f53a897
Fixes from HEAD.
2008-10-27 12:04:04 +00:00
Ben Laurie
2124e869a8
Add JPAKE.
2008-10-26 18:42:05 +00:00
Dr. Stephen Henson
ff09931e22
Sync OIDS with HEAD.
2008-10-22 18:48:50 +00:00
Lutz Jänicke
312539ae9f
Armor pq_compat.h header file against multiple inclusion
...
Submitted by: Alex Chen <alex_chen@filemaker.com>
2008-10-20 12:40:20 +00:00
Ben Laurie
b76306c983
Constification.
2008-10-18 14:27:36 +00:00
Ben Laurie
cdffc716c9
Set the comparison function in v3_addr_canonize().
2008-10-14 19:21:30 +00:00
Lutz Jänicke
cfe04f607d
Fix incorrect command for assember file generation on IA64
...
Submitted by: Amadeu A. Barbosa Jr <amadeu@tecgraf.puc-rio.br>
2008-10-06 10:35:29 +00:00
Dr. Stephen Henson
c0e9f540e0
Check for errors in ASN1 sign and verify routines.
2008-09-25 16:38:07 +00:00
Andy Polyakov
7c97aacbe8
Fix EC_KEY_check_key [from HEAD].
2008-09-23 17:34:08 +00:00
Dr. Stephen Henson
155ad6d219
Fix warnings when more pedantic "debuge-steve32" target is used.
2008-09-21 11:40:36 +00:00
Dr. Stephen Henson
138f20433e
Camellia low level API algorithm blocking.
2008-09-21 11:21:43 +00:00
Dr. Stephen Henson
7747c67861
Make camellia work with updated EVP macros.
2008-09-21 10:24:08 +00:00
Dr. Stephen Henson
e852835da6
Make update: delete duplicate error code.
2008-09-17 17:11:09 +00:00
Dr. Stephen Henson
52702f6f92
Updates to build system from FIPS branch. Make fipscanisterbuild work and
...
build FIPS test programs.
2008-09-17 15:56:42 +00:00
Dr. Stephen Henson
05794d983f
Add RSA update from FIPS branch that got omitted....
2008-09-17 15:53:59 +00:00
Dr. Stephen Henson
364f36f851
Don't change NUM_LOCKS value for non-FIPS builds.
2008-09-17 15:07:41 +00:00
Dr. Stephen Henson
9b809d6278
Add missing files.
2008-09-16 22:54:30 +00:00
Dr. Stephen Henson
bbefea3387
Add missing files.
2008-09-16 22:48:18 +00:00
Dr. Stephen Henson
d83dde6180
Merge changes to build system from fips branch.
2008-09-16 21:44:57 +00:00
Dr. Stephen Henson
8067d34b3a
FIPS merge "crypto" functions.
2008-09-16 15:11:50 +00:00
Dr. Stephen Henson
e3f2860e73
Merge public key FIPS code, RSA, DSA, DH.
2008-09-16 14:55:26 +00:00
Dr. Stephen Henson
92eb44d238
Add missing file.
2008-09-16 11:52:33 +00:00
Dr. Stephen Henson
f4179bead4
RAND library FIPS merge.
2008-09-16 11:50:05 +00:00
Dr. Stephen Henson
fced277486
conf/hmac FIPS merge.
2008-09-16 11:37:03 +00:00
Dr. Stephen Henson
3d1be455ce
ERR library FIPS merge. Reorganise functions and add FIPS error
...
definitions.
2008-09-16 11:26:29 +00:00
Dr. Stephen Henson
dee4d129cb
FIPS des library merge.
2008-09-16 11:17:48 +00:00
Dr. Stephen Henson
0067bd77a8
Part FIPS bn merge: move functiosn to bn_opt.c to reduce dependencies.
2008-09-16 11:08:24 +00:00
Dr. Stephen Henson
d98904e5a7
Add missing RC4 algorithm block source file.
2008-09-16 11:02:19 +00:00
Dr. Stephen Henson
96a259e81e
Merge FIPS low level algorithm blocking code. Give hard errors if non-FIPS
...
algorithms are use in FIPS mode using low level API. No effect in non-FIPS
mode.
2008-09-16 10:47:28 +00:00
Dr. Stephen Henson
f947b818bf
Oops, restore change that got reverted accidentally.
2008-09-15 22:32:23 +00:00
Dr. Stephen Henson
a2dc9b6be2
Merge EVP changes in from FIPS branch.
2008-09-15 22:21:42 +00:00
Dr. Stephen Henson
16349eeceb
Port X931 key generation routines from FIPS branch. Don't include deprecated
...
versions as they weren't in 0.9.8 before now anyway.
2008-09-15 21:42:28 +00:00
Bodo Möller
aecf1c1f96
Fix intendation
2008-09-15 20:39:32 +00:00
Dr. Stephen Henson
5d582fd516
pkcs12 FIPS changes.
2008-09-15 20:16:04 +00:00
Dr. Stephen Henson
8ec86dcf04
Merge minor FIPS branch changes: buffer, objects, pem, x509.
2008-09-15 19:56:12 +00:00
Dr. Stephen Henson
6d3b70c8da
Prepare for next version...
2008-09-15 15:30:20 +00:00
Dr. Stephen Henson
0a4fda742b
Oops... use correct version number this time....
2008-09-15 14:26:34 +00:00
Dr. Stephen Henson
3745e57bf9
Prepare for next version....
2008-09-15 12:19:09 +00:00
Dr. Stephen Henson
b7e7aa00de
Begin release of OpenSSL 0.9.8i.
2008-09-15 10:28:13 +00:00
Andy Polyakov
1098fd48ce
Compilation warning fix [from HEAD, "must have, as our Windows build does
...
not tolerate warnings].
2008-09-15 07:19:41 +00:00
Andy Polyakov
393906d9be
Fix yesterday typos in bss_dgram.c [from HEAD].
2008-09-15 05:45:36 +00:00
Andy Polyakov
cfb95ba9f6
Winsock handles SO_RCVTIMEO in unique manner... [from HEAD].
...
PR: 1648
2008-09-14 19:23:46 +00:00
Dr. Stephen Henson
1af12ff1d1
Fix error code discrepancy.
...
Make update.
2008-09-14 16:43:37 +00:00
Dr. Stephen Henson
bd72b8eca6
Stop warnings about value not used.
2008-09-14 15:46:36 +00:00
Bodo Möller
669b912dea
Really get rid of unsafe double-checked locking.
...
Also, "CHANGES" clean-ups.
2008-09-14 13:51:49 +00:00
Bodo Möller
36a4a67b2b
Some precautions to avoid potential security-relevant problems.
2008-09-14 13:42:40 +00:00
Ben Laurie
b7c8b4fc95
Allow soft-loading engines.
2008-09-12 13:29:59 +00:00
Dr. Stephen Henson
fd43ae3fe4
Fix flag clash... only used internally when policy checking is
...
enabled.
2008-08-31 11:15:35 +00:00
Bodo Möller
cdd0f3b328
Don't use assertions to check application-provided arguments;
...
and don't unnecessarily fail on input size 0.
2008-08-14 21:37:20 +00:00
Dr. Stephen Henson
405f382144
Fix from HEAD.
2008-08-05 15:56:11 +00:00
Dr. Stephen Henson
a750273546
Fix from HEAD.
2008-08-02 11:17:04 +00:00
Dr. Stephen Henson
4231b356aa
Fix from HEAD.
2008-07-30 15:42:19 +00:00
Bodo Möller
df1f7b4b02
We should check the eight bytes starting at p[-9] for rollback attack
...
detection, or the probability for an erroneous RSA_R_SSLV3_ROLLBACK_ATTACK
will be larger than necessary.
PR: 1695
2008-07-17 22:11:24 +00:00
Andy Polyakov
3a72137211
darwin64-ppc-cc experimental line accidentally made it to stable:-(
...
PR: 1699
2008-07-17 10:00:18 +00:00
Andy Polyakov
e5d289cc03
sha1-586.pl: update from HEAD.
...
PR: 1681
2008-07-17 09:51:34 +00:00
Bodo Möller
0ff3766b0e
Make sure not to read beyond end of buffer
2008-07-16 18:10:28 +00:00
Dr. Stephen Henson
3562202306
Fix from HEAD.
2008-07-13 22:38:52 +00:00
Dr. Stephen Henson
2bf4b96aef
Update from HEAD.
2008-07-13 15:56:01 +00:00
Dr. Stephen Henson
811e08a2c5
Update from HEAD.
2008-07-13 14:33:16 +00:00
Dr. Stephen Henson
dd6e90465d
Add support for Local Machine Keyset attribute in PKCS#12 files.
2008-06-26 23:26:52 +00:00
Dr. Stephen Henson
a86c626802
Sync OIDs with HEAD so we don't need to rebuild OID database and change
...
all NIDs every time an OID is added to 0.9.8.
2008-06-26 23:20:52 +00:00
Bodo Möller
4afcee8b4b
avoid potential infinite loop in final reduction round of BN_GF2m_mod_arr()
...
Submitted by: Huang Ying
Reviewed by: Douglas Stebila
2008-06-23 20:46:28 +00:00
Dr. Stephen Henson
e0f6c15418
Make WIN32 build work with no-rc4
2008-06-21 23:28:02 +00:00
Dr. Stephen Henson
14748adb09
Make ssl code consistent with FIPS branch. The new code has no effect
...
at present because it asserts either noop flags or is inside
OPENSSL_FIPS #ifdef's.
2008-06-16 16:56:43 +00:00
Dr. Stephen Henson
ff2ab9e6bb
Add error code for FIPS library and make library numbers consistent.
2008-06-16 15:22:49 +00:00
Ben Laurie
f113bb9f4e
OPENSSL_isservice() is defined on all platforms.
2008-06-07 17:22:37 +00:00
Dr. Stephen Henson
3dc466424e
Update CryptoAPI ENGINE from head. Export OPENSSL_isservice().
2008-06-06 15:52:32 +00:00
Dr. Stephen Henson
aa03989791
Backport ssl client auth ENGINE support to 0.9.8.
2008-06-04 18:01:40 +00:00
Dr. Stephen Henson
feb200bbb3
Don't set extended type is mbstring flag set.
2008-05-30 10:57:13 +00:00
Dr. Stephen Henson
203ac694e3
Load CryptoAPI engine if supported.
2008-05-29 23:47:40 +00:00
Mark J. Cox
3f79793b7e
After tagging, bump ready for 0.9.8i development
2008-05-28 07:47:50 +00:00
Mark J. Cox
0d01d8a735
Prepare for 0.9.8h release
2008-05-28 07:37:14 +00:00
Dr. Stephen Henson
aa9c7e4b8c
Oops... PEM_write_bio_ASN1_stream() shouldn't be in 0.9.8 CMS backport.
2008-05-20 12:10:28 +00:00
Dr. Stephen Henson
6be69a168f
Remove deleted function definitions from header files
...
so Windows build picks it up.
Recognize new option in mk1mf.pl
2008-05-20 11:50:13 +00:00
Dr. Stephen Henson
eaf76feeb6
Remove old DES definition of deleted function too.
2008-05-20 11:23:49 +00:00
Lutz Jänicke
03e79ed05e
Correctly adjust location of comment
...
Submitted by: Ben Laurie <ben@links.org>
2008-05-20 08:10:51 +00:00
Ben Laurie
56bef2df4f
Fix warning.
2008-05-20 03:05:50 +00:00
Dr. Stephen Henson
10d3886c51
Fix two invalid memory reads in RSA OAEP mode.
...
Submitted by: Ivan Nestlerode <inestlerode@us.ibm.com>
Reviewed by: steve
2008-05-19 21:26:28 +00:00
Bodo Möller
f1c0cf5b70
Disable code that clearly doesn't currently serve any useful purpose.
...
(Buggy line reported by Matthias Koenig.)
2008-05-19 19:44:33 +00:00
Lutz Jänicke
439b7ef463
Another occurance of possible valgrind/purify "uninitialized memory"
...
complaint related to the PRNG: with PURIFY policy don't feed uninitialized
memory into the PRNG.
Submitted by: Bodo Moeller <bmoeller@openssl.org> :-)
2008-05-16 07:14:58 +00:00
Dr. Stephen Henson
6168067160
Fix from HEAD.
2008-05-09 23:17:10 +00:00
Bodo Möller
c3031a4610
Avoid BN_MONT_CTX incompatibility.
2008-05-02 18:47:19 +00:00
Bodo Möller
812d8a176c
Unobtrusive backport of 32-bit x86 Montgomery improvements from 0.9.9-dev:
...
you need to use "enable-montasm" to see a difference. (Huge speed
advantage, but BN_MONT_CTX is not binary compatible, so this can't be
enabled by default in the 0.9.8 branch.)
The CHANGES entry also covers the 64-bit x86 backport in November 2007
by appro.
2008-05-01 23:11:34 +00:00
Geoff Thorpe
98bd148b1a
Fix auto-discovery of ENGINEs, ported from HEAD.
...
NB, this fixes a regression relative to 0.9.7 and the documented behaviour,
but it would make sense for distro maintainers and others with an interest
in system behaviour to test with this change. The fix re-enables behaviour
that was broken and thus inherently disabled. In particular, if you
register an ENGINE implementation, and that ENGINE is able to successfully
self-initialise on the host, it will get used automatically (as claimed in
the documentation and as was the case for 0.9.7) - this was not the case
with 0.9.8 until now because of a bug.
PR: 1668
Submitted by: Ian Lister
Reviewed by: Geoff Thorpe
2008-04-28 21:45:43 +00:00
Andy Polyakov
c5fbf8c1ba
Compensate inline assembler in sha512.c for gcc 2.7.2 compiler bug [from HEAD].
...
PR: 1667
2008-04-24 10:00:40 +00:00
Andy Polyakov
1ed2d8f512
bn_nist.c update from HEAD.
...
PR: 1593
2008-04-18 15:51:31 +00:00
Dr. Stephen Henson
d140890259
Update from HEAD.
2008-04-18 11:19:56 +00:00
Richard Levitte
2c16e78400
Synchronise with Unix
2008-04-18 06:07:43 +00:00
Dr. Stephen Henson
501af5ba89
Update from HEAD.
2008-04-12 10:15:33 +00:00
Richard Levitte
31d6e7b7ba
Provide other forms for symbols that are too long or that clash with others
2008-04-12 08:40:03 +00:00
Dr. Stephen Henson
b983322bfb
Revert change from HEAD.
2008-04-11 23:23:57 +00:00
Dr. Stephen Henson
339654e163
Fix from HEAD.
2008-04-11 17:34:42 +00:00
Richard Levitte
5ca48cc853
Synchronise with Unix build
2008-04-11 01:53:19 +00:00
Dr. Stephen Henson
173acc185c
Fix from HEAD.
2008-04-07 11:01:43 +00:00
Dr. Stephen Henson
fb4c24b6e7
Update from HEAD.
2008-04-06 16:30:38 +00:00
Dr. Stephen Henson
1366f6b9bd
Fix from HEAD.
2008-04-06 15:57:44 +00:00
Dr. Stephen Henson
e13546f739
Update error codes.
2008-04-06 15:46:17 +00:00
Dr. Stephen Henson
d6c813daff
Fix from HEAD.
2008-04-06 15:42:29 +00:00
Dr. Stephen Henson
415fe2abe9
Delete functions not implemented in 0.9.8 from cms.h
2008-04-03 23:31:35 +00:00
Dr. Stephen Henson
8e42429c9d
Update default CFLAGS and dependencies.
2008-04-03 23:18:27 +00:00
Dr. Stephen Henson
94b2c29f9d
Backport of CMS code to 0.9.8-stable branch. Disabled by default.
2008-04-03 23:03:56 +00:00
Dr. Stephen Henson
090f931a35
Add -DOPENSSL_NO_DEPRECATED to debug-steve* targets. Add headers to make
...
build work.
2008-04-02 14:51:09 +00:00
Dr. Stephen Henson
7ec2d392e7
Backport of zlib compression BIO from HEAD. Update mkdef.pl script to handle
...
ZLIB. Update ordinals.
2008-04-02 11:37:25 +00:00
Dr. Stephen Henson
28a2759ab8
Add RFC3394 compatible key wrap algorithm.
2008-04-02 11:18:43 +00:00
Dr. Stephen Henson
9e7459fc5d
Backport some useful ASN1 utility functions from HEAD.
2008-04-02 11:11:51 +00:00
Dr. Stephen Henson
a6d4f79f24
Add new missing CMS OIDs.
2008-04-02 10:45:19 +00:00
Andy Polyakov
efcb7a75fc
Fix fast reduction on NIST curves [from HEAD].
...
PR: 1593
2008-04-01 08:40:52 +00:00
Dr. Stephen Henson
30aa23fea2
Update from HEAD.
2008-03-31 14:59:13 +00:00
Dr. Stephen Henson
fd6fa9c0b2
Fix from HEAD.
2008-03-29 13:22:49 +00:00
Dr. Stephen Henson
3fb0f01001
Fix from HEAD.
2008-03-12 00:38:07 +00:00
Andy Polyakov
2035af2091
Make x86_64-mont.pl work with debug Win64 build [from HEAD].
2008-02-27 20:14:46 +00:00
Bodo Möller
19398a175a
fix BIGNUM flag handling
2008-02-27 06:02:00 +00:00
Andy Polyakov
2923e91a98
Allow 32-bit perl to generate x86_64 assembler.
2008-02-13 20:01:48 +00:00
Andy Polyakov
7c52b7706f
Source readability fix, which incidentally works around XLC compiler bug
...
[from HEAD].
PR: 1272
2008-02-11 13:18:40 +00:00
Andy Polyakov
ddec587581
Make aes-x86_64 work with debug Win64 build [from HEAD].
2008-02-11 13:13:11 +00:00
Andy Polyakov
4f466f8e81
x86_64-xlate.pl update from HEAD.
2008-02-11 13:07:11 +00:00
Dr. Stephen Henson
3b0e61a812
Netware support.
...
Submitted by: Guenter Knauf <eflash@gmx.net>
2008-01-03 22:53:06 +00:00
Dr. Stephen Henson
5f297c4504
Updates from HEAD.
2007-12-16 16:38:22 +00:00
Dr. Stephen Henson
d7623ff9f3
Update .cvsignore
2007-12-14 19:36:32 +00:00
Dr. Stephen Henson
df9b5405e8
Don't shadow.
2007-12-14 19:34:05 +00:00
Andy Polyakov
187b655bc2
Some assembler are allergic to lea reg,BYTE PTR[...].
...
Submitted by: Guenter Knauf
2007-12-02 21:32:35 +00:00
Dr. Stephen Henson
8612cb9239
Learn how to spell "Repository"
2007-11-23 00:18:00 +00:00
Dr. Stephen Henson
b2f3fafa6a
Oops, use the right caRepository OID this time ;-)
2007-11-23 00:11:54 +00:00
Dr. Stephen Henson
483dab147d
Add caRepository OID to OpenSSL.
2007-11-23 00:07:48 +00:00
Bodo Möller
7d610299c9
Should reject signatures that we can't properly verify
...
and couldn't generate
(as pointed out by Ernst G Giessmann)
2007-11-19 07:25:28 +00:00
Bodo Möller
5c676c47cd
The hash length check wasn't strict enough,
...
as pointed out by Ernst G Giessmann
2007-11-16 13:00:57 +00:00
Andy Polyakov
cc9a645a02
Add x86_64-mont.pl [from HEAD].
2007-11-11 21:04:34 +00:00
Andy Polyakov
18fb9d807e
Add framework for bn_mul_mont [from 098-fips].
2007-11-11 20:43:23 +00:00
Andy Polyakov
2ea3cd8abc
Comply with updated x86cpuid.pl.
2007-11-11 20:06:17 +00:00
Andy Polyakov
095db72024
x86cpuid.pl update [from HEAD].
2007-11-11 19:44:42 +00:00
Andy Polyakov
4b60f4b175
rc4-x86_64.pl update [from HEAD].
2007-11-11 16:25:46 +00:00
Andy Polyakov
0794f3a798
x86_64cpuid.pl update [from HEAD].
2007-11-11 16:25:00 +00:00
Andy Polyakov
2b8e7b5061
Add AES x86_64 assembler. Note that it's not latest version from HEAD,
...
but older one corresponding to x86 module from 098-stable.
2007-11-11 14:49:56 +00:00
Andy Polyakov
6f57311da0
Add SHA x86_64 assembler [from HEAD].
2007-11-11 13:56:47 +00:00
Andy Polyakov
98b09d3949
Synchronize message digests in 098-fips with 098.
2007-11-11 13:34:08 +00:00
Andy Polyakov
231a737a82
Commit #16325 fixed one thing but broke DH with certain moduli [from HEAD].
2007-11-03 20:09:29 +00:00
Lutz Jänicke
ac1ef7ec72
Add OIDs by CMP (RFC 4210) and CRMF (RFC 4211)
...
Submitted by: Martin Peylo <martinmeis@googlemail.com>
2007-11-01 08:25:28 +00:00
Andy Polyakov
5f761514e1
Make it possible for older masm to compile sse2 modules.
...
PR: 1592
2007-10-21 14:15:40 +00:00
Lutz Jänicke
32f1f622f6
Release OpenSSL 0.9.8g with various fixes to issues introduced with 0.9.8f
2007-10-19 08:25:53 +00:00
Lutz Jänicke
225aeb171e
Work around inconsistent version numbering in 0.9.8f (release).
...
The version code of the release should have been 09086f (6=f, f=release)
but accidently it was marked "090870" (which would be "0.9.8g-dev").
Therefore we now use "090871" for the development of 0.9.8g. Once
0.9.8g is released, the problem will be "healed". We have never done
beta releases for 0.9.x-stable patch releases, so 090871 would never
be used in practice.
PR: #1589
2007-10-17 07:46:49 +00:00