Commit graph

7706 commits

Author SHA1 Message Date
Bodo Möller
200d00c854 Fix SSL state transitions.
Submitted by: Nagendra Modadugu
2008-09-14 14:02:01 +00:00
Bodo Möller
669b912dea Really get rid of unsafe double-checked locking.
Also, "CHANGES" clean-ups.
2008-09-14 13:51:49 +00:00
Bodo Möller
36a4a67b2b Some precautions to avoid potential security-relevant problems. 2008-09-14 13:42:40 +00:00
Andy Polyakov
3413424f01 DTLS didn't handle alerts correctly [from HEAD].
PR: 1632
2008-09-13 18:25:36 +00:00
Dr. Stephen Henson
80fc840d89 file rc4_fblk.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 11:02:19 +0000 2008-09-12 17:44:26 +00:00
Andy Polyakov
6455100f7a AIX build updates [from HEAD]. 2008-09-12 14:47:02 +00:00
Ben Laurie
b7c8b4fc95 Allow soft-loading engines. 2008-09-12 13:29:59 +00:00
Ben Laurie
f58d0f70b6 Don't hide commands. 2008-09-12 13:26:07 +00:00
Dr. Stephen Henson
8f59c61d1d If tickets disabled behave as if no ticket received to support
stateful resume.
2008-09-03 22:13:04 +00:00
Dr. Stephen Henson
fd43ae3fe4 Fix flag clash... only used internally when policy checking is
enabled.
2008-08-31 11:15:35 +00:00
Bodo Möller
cdd0f3b328 Don't use assertions to check application-provided arguments;
and don't unnecessarily fail on input size 0.
2008-08-14 21:37:20 +00:00
Bodo Möller
f9f6f0e9f0 sanity check
PR: 1679
2008-08-13 19:44:44 +00:00
Dr. Stephen Henson
405f382144 Fix from HEAD. 2008-08-05 15:56:11 +00:00
Dr. Stephen Henson
a750273546 Fix from HEAD. 2008-08-02 11:17:04 +00:00
Lutz Jänicke
ddc5f6f328 Refer to SSL_pending from the man page for SSL_read 2008-08-01 15:03:22 +00:00
Dr. Stephen Henson
4231b356aa Fix from HEAD. 2008-07-30 15:42:19 +00:00
Bodo Möller
df1f7b4b02 We should check the eight bytes starting at p[-9] for rollback attack
detection, or the probability for an erroneous RSA_R_SSLV3_ROLLBACK_ATTACK
will be larger than necessary.

PR: 1695
2008-07-17 22:11:24 +00:00
Andy Polyakov
0b7545b239 Harmonize darwin-i386-cc config line with HEAD. 2008-07-17 11:59:07 +00:00
Andy Polyakov
3a72137211 darwin64-ppc-cc experimental line accidentally made it to stable:-(
PR: 1699
2008-07-17 10:00:18 +00:00
Andy Polyakov
e5d289cc03 sha1-586.pl: update from HEAD.
PR: 1681
2008-07-17 09:51:34 +00:00
Bodo Möller
0ff3766b0e Make sure not to read beyond end of buffer 2008-07-16 18:10:28 +00:00
Dr. Stephen Henson
3562202306 Fix from HEAD. 2008-07-13 22:38:52 +00:00
Dr. Stephen Henson
2bf4b96aef Update from HEAD. 2008-07-13 15:56:01 +00:00
Dr. Stephen Henson
811e08a2c5 Update from HEAD. 2008-07-13 14:33:16 +00:00
Dr. Stephen Henson
dd6e90465d Add support for Local Machine Keyset attribute in PKCS#12 files. 2008-06-26 23:26:52 +00:00
Dr. Stephen Henson
a86c626802 Sync OIDs with HEAD so we don't need to rebuild OID database and change
all NIDs every time an OID is added to 0.9.8.
2008-06-26 23:20:52 +00:00
Dr. Stephen Henson
705c3dec2c Changes to allow capi ENGINE to compile with older headers on e.g. VC6. 2008-06-25 10:41:48 +00:00
Bodo Möller
4afcee8b4b avoid potential infinite loop in final reduction round of BN_GF2m_mod_arr()
Submitted by: Huang Ying
Reviewed by: Douglas Stebila
2008-06-23 20:46:28 +00:00
Dr. Stephen Henson
9627017f9c Update ordinals. 2008-06-22 01:10:04 +00:00
Dr. Stephen Henson
e0f6c15418 Make WIN32 build work with no-rc4 2008-06-21 23:28:02 +00:00
Dr. Stephen Henson
ecc20b75f8 Fix typo and filter on X509_PURPOSE_SSL_CLIENT when presenting certs. 2008-06-18 14:42:27 +00:00
Dr. Stephen Henson
540e455e3a Add support for machine stores and handle provider type errors properly in keys. 2008-06-18 12:05:23 +00:00
Dr. Stephen Henson
14748adb09 Make ssl code consistent with FIPS branch. The new code has no effect
at present because it asserts either noop flags or is inside
OPENSSL_FIPS #ifdef's.
2008-06-16 16:56:43 +00:00
Dr. Stephen Henson
ff2ab9e6bb Add error code for FIPS library and make library numbers consistent. 2008-06-16 15:22:49 +00:00
Dr. Stephen Henson
cc5cc3bb8f Sync ordinals with FIPS branch. FIPS specific functions currently are place
holders to keep ordinals consistent.
2008-06-15 16:52:37 +00:00
Dr. Stephen Henson
1f3206216b Add acknowledgement. 2008-06-09 16:50:48 +00:00
Ben Laurie
f113bb9f4e OPENSSL_isservice() is defined on all platforms. 2008-06-07 17:22:37 +00:00
Dr. Stephen Henson
4681147bb3 Update from head. 2008-06-06 20:48:57 +00:00
Dr. Stephen Henson
52c3f232e4 Update ordinals. 2008-06-06 15:54:00 +00:00
Dr. Stephen Henson
3dc466424e Update CryptoAPI ENGINE from head. Export OPENSSL_isservice(). 2008-06-06 15:52:32 +00:00
Dr. Stephen Henson
353415cc81 Make headers work with older versions of Window platform SDK. 2008-06-05 16:56:00 +00:00
Dr. Stephen Henson
1a12ce8ea5 Update CHANGES. 2008-06-05 15:32:05 +00:00
Dr. Stephen Henson
0278e15fa3 If auto load ENGINE lookup fails retry adding builtin ENGINEs. 2008-06-05 15:13:03 +00:00
Dr. Stephen Henson
f01f085cb9 Configure options of form -Dfoo=bar should get added to CFLAGS in mk1mf.pl 2008-06-05 15:09:40 +00:00
Dr. Stephen Henson
bca68e90cc Don't show choice dialog if only one cert. 2008-06-05 11:44:53 +00:00
Dr. Stephen Henson
a3f67ec18d Search $OPTIONS for -DOPENSSL_CAPIENG_DIALOG because $cflags is
no complete at this point.
2008-06-05 11:38:03 +00:00
Dr. Stephen Henson
56ef1cbc40 include engine.h if needed. 2008-06-05 11:23:35 +00:00
Dr. Stephen Henson
a1411093f0 Update ordinals. 2008-06-05 10:57:21 +00:00
Dr. Stephen Henson
f35f7d9fbb Update from HEAD. 2008-06-05 10:56:51 +00:00
Dr. Stephen Henson
dfbf646ac4 Remove some unneeded columns from dialog. 2008-06-04 23:00:59 +00:00