wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8454 commits 20 branches 302 tags 153 MiB
Commit graph

8454 commits

This branch
This branch
All branches
Author SHA1 Message Date
Dr. Stephen Henson
22f531f55c Don't use deprecated -mcpu option. 2007-01-16 13:48:16 +00:00
Dr. Stephen Henson
0ab595d6f7 Oops... 2007-01-15 00:29:39 +00:00
Dr. Stephen Henson
d107905b31 Perl script to build shell scripts and batch files to run algorithm test programs. 2007-01-15 00:25:59 +00:00
Dr. Stephen Henson
7c4dd3fefe Make algorithm test programs tolerate whitespace in input files. 2007-01-14 17:01:31 +00:00
Lutz Jänicke
bdc778a795 Update to new home page 2007-01-12 18:48:00 +00:00
Dr. Stephen Henson
618def59f7 Remove 'done' variable since it stops error codes being reloaded. 2006-12-07 13:23:22 +00:00
Nils Larsch
54a2631eb3 fix no-ssl2 build 2006-12-06 16:52:55 +00:00
Nils Larsch
492a907089 fix function names in RSAerr calls 
PR: 1403
 2006-12-04 20:41:46 +00:00
Bodo Möller
9dc705a2ac fix support for receiving fragmented handshake messages 2006-11-29 14:44:07 +00:00
Dr. Stephen Henson
ea474c567f Rebuild error source files. 2006-11-21 19:27:19 +00:00
Dr. Stephen Henson
f6cdaa96c0 Use error table to determine if errors should be loaded. 2006-11-21 19:19:09 +00:00
Dr. Stephen Henson
0e5d87d76f Fix from HEAD. 2006-11-13 13:23:33 +00:00
Mark J. Cox
055fa1c35c Initialise ctx to NULL to avoid uninitialized free, noticed by 
Steve Kiernan
 2006-09-29 08:20:11 +00:00
Richard Levitte
90a63277e2 Oops, some changes forgotten... 2006-09-28 19:48:48 +00:00
Mark J. Cox
6b131d9c45 After tagging, open up 0.9.7m-dev 2006-09-28 12:00:30 +00:00
Mark J. Cox
c830c1a209 Prepare for 0.9.7l release 2006-09-28 11:56:57 +00:00
Mark J. Cox
b213966415 Introduce limits to prevent malicious keys being able to 
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
 2006-09-28 11:53:51 +00:00
Dr. Stephen Henson
8db3f4ace9 Fix from HEAD. 2006-09-22 17:15:04 +00:00
Dr. Stephen Henson
4ebd255a5b Fix from head. 2006-09-22 17:06:51 +00:00
Bodo Möller
d9d294463e Ensure that the addition mods[i]+delta cannot overflow in probable_prime(). 
[Problem pointed out by Adam Young <adamy (at) acm.org>]
 2006-09-19 10:00:29 +00:00
Bodo Möller
ea43804bda Backport from HEAD: fix ciphersuite selection 2006-09-12 14:41:50 +00:00
Bodo Möller
c2293d2e9a make consistent with 0.9.8-branch version of this file 2006-09-06 06:41:32 +00:00
Mark J. Cox
e872398844 Don't forget to put back the -dev 2006-09-05 08:46:18 +00:00
Mark J. Cox
60bee5d44c Bump for 0.9.7l-dev 2006-09-05 08:38:12 +00:00
Mark J. Cox
975a7a483f Prepare 0.9.7k release 2006-09-05 08:34:07 +00:00
Mark J. Cox
ffa0407233 Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher 
(CVE-2006-4339)  [Ben Laurie and Google Security Team]

Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
 2006-09-05 08:24:14 +00:00
Dr. Stephen Henson
6f414aef0e Update from HEAD. 2006-08-31 20:11:30 +00:00
Dr. Stephen Henson
45e33ebeab Fix from HEAD. Except we can't stream multipart/signed in 0.9.7 so that case 
still rewinds the stream.
 2006-07-13 20:36:51 +00:00
Dr. Stephen Henson
0f562e2a2c Fix from HEAD. 2006-07-09 12:05:10 +00:00
Bodo Möller
ae2684851f documentation for "HIGH" vs. "MEDIUM" was not up-to-date 2006-06-30 22:03:18 +00:00
Bodo Möller
feee55c65d use <poll.h> as by Single Unix Specification 2006-06-30 08:15:13 +00:00
Bodo Möller
81edd235b1 always read if we can't use select because of a too large FD 
(it's non-blocking mode anyway)
 2006-06-28 14:49:39 +00:00
Andy Polyakov
23c13189e9 Mitigate the hazard of cache-collision timing attack on last round 
[from HEAD].
 2006-06-28 08:57:22 +00:00
Richard Levitte
bdd00f8c8a Use poll() when possible to gather Unix randomness entropy 2006-06-27 06:31:48 +00:00
Bodo Möller
30c99d45b7 Be more explicit about requirements for multi-threading. 2006-06-23 14:59:43 +00:00
Richard Levitte
e4a901b0b3 Synchronise with the Unix build 2006-06-21 05:08:36 +00:00
Dr. Stephen Henson
e25a2423da Place hex_to_string and string_to_hex in separate source file to avoid 
dragging in extra dependencies when just these functions are used.
 2006-06-20 18:06:40 +00:00
Bodo Möller
094c6aa51d Thread-safety fixes 2006-06-16 01:01:34 +00:00
Bodo Möller
c098e8b6ca Disable invalid ciphersuites 2006-06-14 17:51:36 +00:00
Bodo Möller
019a63f9c9 Thread-safety fixes 2006-06-14 08:50:11 +00:00
Dr. Stephen Henson
6651ac386e Fix from head. 2006-05-17 18:25:38 +00:00
Dr. Stephen Henson
0be0592ec4 Fix from HEAD. 2006-05-17 18:20:53 +00:00
Dr. Stephen Henson
a6fb8a8203 Update for next dev version. 2006-05-04 13:08:01 +00:00
Dr. Stephen Henson
d26d236162 Prepare for release 2006-05-04 12:52:59 +00:00
Dr. Stephen Henson
3dcd6cf004 make update 2006-05-04 12:32:36 +00:00
Dr. Stephen Henson
daaca57e55 Use new fips-1.0 directory in error library. 2006-05-04 12:09:04 +00:00
Dr. Stephen Henson
309d74c8f0 Update CHANGES. 2006-05-04 11:16:20 +00:00
Dr. Stephen Henson
234f2f67ac Add new --with-baseaddr command line option to allow the FIPS base address of 
libeay32.dll to be explicitly specified.
 2006-04-24 13:32:58 +00:00
Dr. Stephen Henson
d4e81773cc Check pbe2->keyfunc->parameter is not NULL before dereferencing. 
PR: 1316
 2006-04-15 17:42:46 +00:00
Dr. Stephen Henson
d366bf7948 Typos. 2006-04-07 00:15:44 +00:00