Commit graph

9465 commits

Author SHA1 Message Date
Andy Polyakov
964ed94649 parisc-mont.pl: PA-RISC 2.0 code path optimization based on intruction-
level profiling data resulted in almost 50% performance improvement.
PA-RISC 1.1 is also reordered in same manner, mostly to be consistent,
as no gain was observed, not on PA-7100LC.
2010-01-25 23:12:00 +00:00
Dr. Stephen Henson
cab6de03a2 PR: 2149
Submitted by: Douglas Stebila <douglas@stebila.ca>

Fix wap OIDs.
2010-01-25 16:07:42 +00:00
Richard Levitte
2d851ab919 There's really no need to use $ENV::HOME 2010-01-25 00:22:57 +00:00
Richard Levitte
04dbf0272e Forgot to correct the definition of __arch in this file.
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:21:12 +00:00
Richard Levitte
d15dd388c1 It seems like sslroot: needs to be defined for some tests to work.
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:20:29 +00:00
Richard Levitte
c3502985b2 Compile t1_reneg on VMS as well.
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:19:31 +00:00
Richard Levitte
6fa0608eaf A few more macros for long symbols.
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:18:29 +00:00
Andy Polyakov
3f2a98acbf ia64cpuid.S: OPENSSL_cleanse to accept zero length parameter. 2010-01-24 17:08:52 +00:00
Dr. Stephen Henson
bc120a54c9 PR: 2153, 2125
Submitted by: steve@openssl.org

The original fix for PR#2125 broke compilation on some Unixware platforms:
revert and make conditional on VMS.
2010-01-24 16:57:20 +00:00
Andy Polyakov
82a66ce313 pariscid.pl: OPENSSL_cleanse to compile on PA-RISC 2.0W and to accept zero
length parameter.
2010-01-24 15:04:28 +00:00
Andy Polyakov
7676eebf42 OPENSSL_cleanse to accept zero length parameter [matching C implementation]. 2010-01-24 14:54:24 +00:00
Dr. Stephen Henson
21a5c040e5 The fix for PR#1949 unfortunately broke cases where the BIO_CTRL_WPENDING
ctrl is incorrectly implemented (e.g. some versions of Apache). As a workaround
call both BIO_CTRL_INFO and BIO_CTRL_WPENDING if it returns zero. This should
both address the original bug and retain compatibility with the old behaviour.
2010-01-24 13:54:20 +00:00
Dr. Stephen Henson
ba64ae6cd1 Tolerate PKCS#8 DSA format with negative private key. 2010-01-22 20:17:12 +00:00
Dr. Stephen Henson
3a88efd48c If legacy renegotiation is not permitted then send a fatal alert if a patched
server attempts to renegotiate with an unpatched client.
2010-01-22 18:49:34 +00:00
Dr. Stephen Henson
3243698f1d typo 2010-01-21 18:46:15 +00:00
Dr. Stephen Henson
55f39a199d fix comments 2010-01-21 01:17:17 +00:00
Dr. Stephen Henson
49371e3acb oops 2010-01-20 17:59:53 +00:00
Dr. Stephen Henson
eb125795d2 update NEWS file 2010-01-20 17:56:34 +00:00
Dr. Stephen Henson
3ec5f38b47 Update demo 2010-01-20 14:06:21 +00:00
Dr. Stephen Henson
a70e377fd8 Support -L options in VC++ link. 2010-01-20 14:04:44 +00:00
Andy Polyakov
b3020393f2 rand_win.c: fix time limit logic. 2010-01-19 20:35:22 +00:00
Dr. Stephen Henson
071ef65cfa The use of NIDs in the password based encryption table can result in
algorithms not found when an application uses PKCS#12 and only calls
SSL_library_init() instead of OpenSSL_add_all_algorithms(). Simple
work around is to add the missing algorithm (40 bit RC2) in
SSL_library_init().
2010-01-19 19:56:06 +00:00
Dr. Stephen Henson
d5e8d8b547 PR: 2141
Submitted by: "NARUSE, Yui" <naruse@airemix.jp>

Remove non-ASCII comment which causes compilation errors on some versions
of VC++.
2010-01-19 19:28:18 +00:00
Dr. Stephen Henson
0debb681e1 PR: 2144
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Better fix for PR#2144
2010-01-19 19:11:35 +00:00
Andy Polyakov
46c42e78ff Enable PA-RISC assembler in Configure (feedback from PA-RISC 2.0 is still
needed).
2010-01-19 17:10:24 +00:00
Andy Polyakov
ee2b8ed2f5 x86_64-xlate.pl: refine sign extension logic when handling lea.
PR: 2094,2095
2010-01-19 16:15:23 +00:00
Andy Polyakov
7a6e0901ff rand_win.c: handle GetTickCount wrap-around. 2010-01-19 13:48:18 +00:00
Andy Polyakov
91fdacb2c3 s390x assembler update: add support for run-time facility detection. 2010-01-19 12:24:59 +00:00
Andy Polyakov
d582c98d8f apps/speed.c: limit loop counters to 2^31 in order to avoid overflows
in performance calculations. For the moment there is only one code
fast enough to suffer from this: Intel AES-NI engine.
PR: 2096
2010-01-17 17:31:38 +00:00
Andy Polyakov
78a533cb93 Minor updates to ppccap.c and ppccpuid.pl. 2010-01-17 13:44:14 +00:00
Andy Polyakov
4f38565204 bn_lcl.h: add MIPS III-specific BN_UMULT_LOHI as alternative to porting
crypto/bn/asm/mips3.s from IRIX. Performance improvement is not as
impressive as with complete assembler, but still... it's almost 2.5x
[on R5000].
2010-01-17 12:08:24 +00:00
Andy Polyakov
4407700c40 ia64-mont.pl: add shorter vector support ("shorter" refers to 512 bits and
less).
2010-01-17 11:33:59 +00:00
Dr. Stephen Henson
72a9776abc PR: 2135
Submitted by: Mike Frysinger <vapier@gentoo.org>

Change missed references to lib to $(LIBDIR)
2010-01-16 20:05:59 +00:00
Dr. Stephen Henson
8d39d2800a PR: 2144
Submitted by: steve@openssl.org

Fix DTLS connection so new_session is reset if we read second client hello:
new_session is used to detect renegotiation.
2010-01-16 19:46:10 +00:00
Dr. Stephen Henson
598b562a7f PR: 2133
Submitted by: steve@openssl.org

Add missing DTLS state strings.
2010-01-16 19:20:52 +00:00
Dr. Stephen Henson
dac40f87df convert to Unix EOL form 2010-01-15 15:26:12 +00:00
Dr. Stephen Henson
031c78901b make update 2010-01-15 15:24:19 +00:00
Dr. Stephen Henson
ce1ec9c35e PR: 2125
Submitted by: "Alon Bar-Lev" <alon.barlev@gmail.com>

Fix gcc-aix compilation issue.
2010-01-14 17:51:29 +00:00
Dr. Stephen Henson
bd5f21a4ae Fix version handling so it can cope with a major version >3.
Although it will be many years before TLS v2.0 or later appears old versions
of servers have a habit of hanging around for a considerable time so best
if we handle this properly now.
2010-01-13 19:08:02 +00:00
Dr. Stephen Henson
1b31b5ad56 Modify compression code so it avoids using ex_data free functions. This
stops applications that call CRYPTO_free_all_ex_data() prematurely leaking
memory.
2010-01-13 18:57:40 +00:00
Dr. Stephen Henson
97438f38df update and sync ordinals 2010-01-12 17:34:39 +00:00
Dr. Stephen Henson
0e0c6821fa PR: 2136
Submitted by: Willy Weisz <weisz@vcpc.univie.ac.at>

Add options to output hash using older algorithm compatible with OpenSSL
versions before 1.0.0
2010-01-12 17:29:34 +00:00
Dr. Stephen Henson
423c66f10e Simplify RI+SCSV logic:
1. Send SCSV is not renegotiating, never empty RI.
2. Send RI if renegotiating.
2010-01-07 19:04:52 +00:00
Andy Polyakov
74f2260694 ia64-mont.pl: addp4 is not needed when referring to stack (this is 32-bit
HP-UX thing).
2010-01-07 15:36:59 +00:00
Andy Polyakov
25d1d62275 http://cvs.openssl.org/chngview?cn=19053 made me wonder if bind() and
connect() are as finicky as sendto() when it comes to socket address
length. As it turned out they are, therefore the fix. Note that you
can't reproduce the problem on Linux, it was failing on Solaris,
FreeBSD, most likely on more...
2010-01-07 13:12:30 +00:00
Andy Polyakov
9b5ca55695 sendto is reportedly picky about destination socket address length.
PR: 2114
Submitted by: Robin Seggelmann
2010-01-07 10:42:39 +00:00
Andy Polyakov
cba9ffc32a Fix compilation on older Linux. Linux didn't always have sockaddr_storage,
not to mention that first sockaddr_storage had __ss_family, not ss_family.
In other words it makes more sense to avoid sockaddr_storage...
2010-01-06 21:22:56 +00:00
Dr. Stephen Henson
76998a71bc Updates to conform with draft-ietf-tls-renegotiation-03.txt:
1. Add provisional SCSV value.
2. Don't send SCSV and RI at same time.
3. Fatal error is SCSV received when renegotiating.
2010-01-06 17:37:09 +00:00
Dr. Stephen Henson
dd792d6222 Missing commit from change ofr compress_meth to unsigned 2010-01-06 17:35:27 +00:00
Dr. Stephen Henson
82a107eaa8 compress_meth should be unsigned 2010-01-06 14:01:45 +00:00