Ben Laurie
2339c5d722
Next version.
2007-10-11 15:04:32 +00:00
Ben Laurie
dd00266757
Ready to roll.
2007-10-11 14:58:15 +00:00
Ben Laurie
bb99ce5f80
make update, and more DTLS stuff.
2007-10-11 14:36:59 +00:00
Andy Polyakov
49f42ec0f6
Respect cookie length set by app_gen_cookie_cb [from HEAD].
...
Submitted by: Alex Lam
2007-10-09 19:31:53 +00:00
Andy Polyakov
91d509f0d9
Make DTLS1 record layer MAC calculation RFC compliant. From HEAD with a
...
twist: server interoperates with non-compliant pre-0.9.8f client.
2007-10-09 19:22:01 +00:00
Andy Polyakov
d5e858c55f
Prohibit RC4 in DTLS [from HEAD].
2007-10-05 21:05:27 +00:00
Dr. Stephen Henson
fb8fcce2ac
Fix from fips branch.
2007-10-05 16:47:04 +00:00
Andy Polyakov
d4736ae701
Set client_version earlier in DTLS (this is 0.9.8 specific).
2007-10-03 10:18:06 +00:00
Andy Polyakov
3e1158522a
Oops! This was erroneously left out commit #16633 .
2007-10-01 06:28:48 +00:00
Andy Polyakov
57191f86d9
Explicit IV update [from HEAD].
2007-09-30 22:03:07 +00:00
Andy Polyakov
0a89c575de
Make ChangeCipherSpec compliant with DTLS RFC4347. From HEAD with a twist:
...
server interoperates with non-compliant pre-0.9.8f.
2007-09-30 21:20:59 +00:00
Andy Polyakov
4c860910df
DTLS RFC4347 says HelloVerifyRequest resets Finished MAC. From HEAD with a
...
twist: server allows for non-compliant Finished calculations in order to
enable interop with pre-0.9.8f.
2007-09-30 19:36:32 +00:00
Andy Polyakov
0fc3d51b7d
DTLS RFC4347 requires client to use rame random field in reply to
...
HelloVerifyRequest [from HEAD].
2007-09-30 19:15:46 +00:00
Andy Polyakov
c4b0d7879e
Switch for RFC-compliant version encoding in DTLS. From HEAD with a twist:
...
server accepts even non-compliant encoding in order to enable interop with
pre-0.9.8f clients.
2007-09-30 18:55:59 +00:00
Dr. Stephen Henson
aab1ec3f36
Update from HEAD.
2007-09-28 16:29:24 +00:00
Lutz Jänicke
fbfa11fb29
Typos
...
PR: 1578
Submitted by: Charles Longeau <chl@tuxfamily.org>
2007-09-24 11:22:31 +00:00
Lutz Jänicke
284498fcef
Finish sentence with a "."
2007-09-24 10:58:15 +00:00
Dr. Stephen Henson
07d9808496
Fix from HEAD.
2007-09-23 15:55:54 +00:00
Bodo Möller
4ab0088bfe
More changes from HEAD:
...
- no need to disable SSL 2.0 for SSL_CTRL_SET_TLSEXT_HOSTNAME
now that ssl23_client_hello takes care of that
- fix buffer overrun checks in ssl_add_serverhello_tlsext()
2007-09-21 14:05:08 +00:00
Dr. Stephen Henson
3bd1690bfb
Fixes from HEAD.
2007-09-21 13:40:51 +00:00
Lutz Jänicke
29f4b05954
The use of the PURIFY macro in ssleay_rand_bytes() is sufficient to
...
resolve the Valgrind issue with random numbers. Undo the changes to
RAND_bytes() and RAND_pseudo_bytes() that are redundant in this
respect.
Update documentation and FAQ accordingly, as the PURIFY macro is
available at least since 0.9.7.
2007-09-21 10:10:47 +00:00
Ben Laurie
48ca0c99b2
Use PURIFY instead of PEDANTIC.
2007-09-20 12:33:24 +00:00
Dr. Stephen Henson
015052cf7b
Clarify wording a little.
2007-09-20 11:32:09 +00:00
Lutz Jänicke
9ce3ee47ba
Add FAQ entry on how to get rid of Valgrind warnings.
...
PR: 521
2007-09-20 07:39:15 +00:00
Lutz Jänicke
2e3fd54337
Add passage to manual page actually reflecting the usage of the
...
contents of "buf" when calling RAND_*bytes().
2007-09-20 07:24:45 +00:00
Dr. Stephen Henson
625782f7ee
Wrap "keep valgrind happy" change in #ifdef PEDANTIC so any entropy in the
...
buffer can be normally used.
2007-09-19 13:29:05 +00:00
Ben Laurie
1c90899eef
Slight bug in dependencies caused occasional unnecessary diffs. Fixed.
2007-09-19 13:10:34 +00:00
Ben Laurie
4f2b7d48b1
make depend
2007-09-19 12:17:11 +00:00
Ben Laurie
458c3900e1
Lingering "security" fix.
2007-09-19 12:16:21 +00:00
Andy Polyakov
ba75b4e750
Wire DES weak_keys to read-only segment [from HEAD].
2007-09-18 20:59:33 +00:00
Andy Polyakov
ab011d51be
Minimize stack utilization in probable_prime [from HEAD].
2007-09-18 20:55:10 +00:00
Andy Polyakov
898d9b1a87
Remove excessive whitespaces from bio.h.
2007-09-18 20:49:25 +00:00
Bodo Möller
4f9a9d2b79
Make sure that BN_from_montgomery keeps the BIGNUMS in proper format
2007-09-18 16:31:18 +00:00
Dr. Stephen Henson
346f2f93e1
PR: 1560
2007-09-17 17:54:02 +00:00
Dr. Stephen Henson
25b0e072dd
PR: 1582
2007-09-17 17:30:01 +00:00
Andy Polyakov
dc13c882fb
enc.pod update [from HEAD].
...
PR: 1529
2007-09-17 16:43:11 +00:00
Andy Polyakov
12a52467c8
Typo in pq_compat.h [note that this file is not present in HEAD].
...
PR: 1537
2007-09-17 16:21:21 +00:00
Andy Polyakov
22e6c73dcc
Mention SHA2 in apps/dgst and openssl.pod.
...
PR: 1575
2007-09-17 15:57:31 +00:00
Andy Polyakov
53b9696f3f
It's inappropraite to override application signal, nor is it appropriate
...
to shut down Winsock unless we know it won't be used [and we never do]
[from HEAD].
PR: 1439
2007-09-16 18:35:45 +00:00
Andy Polyakov
7e4fe4662b
Minor fix in link_[oa].hpux [from HEAD].
2007-09-16 14:11:51 +00:00
Andy Polyakov
18fd413f37
BSD run-time linkers apparently demand RPATH on .so objects [from HEAD].
...
PR: 1381
2007-09-16 12:24:17 +00:00
Andy Polyakov
80ed5f84de
Make bn2dec work on "SIXTY_FOUR_BIT" platforms [from HEAD].
...
PR: 1456
2007-09-15 17:05:57 +00:00
Andy Polyakov
b48111df7c
More Intel cc fix-ups [from HEAD].
2007-09-14 19:32:54 +00:00
Andy Polyakov
73e3edd70d
It's unfortunate, but we have to disengage DES assembler in linux64-sparcv9
...
build, because it expects DES_INT and the latter didn't make it to first
0.9.8.
2007-09-14 15:39:49 +00:00
Andy Polyakov
d4cfbdf2c0
Integrate remaining parts of #14247 [from HEAD].
2007-09-07 12:27:50 +00:00
Dr. Stephen Henson
294f03a812
Reimplement safestack to avoid function pointer casts.
2007-09-06 21:07:43 +00:00
Dr. Stephen Henson
272f9f3d27
Update NEWS file.
2007-09-06 12:59:34 +00:00
Dr. Stephen Henson
927a28ba3b
gcc 4.2 fixes to avoid use or function pointer casts in OpenSSL.
...
Fix various "computed value not used" warnings too.
2007-09-06 12:43:54 +00:00
Dr. Stephen Henson
a938c4284e
Update from HEAD.
2007-08-31 00:28:51 +00:00
Andy Polyakov
7a44a0cee7
aes_ige update [from HEAD].
2007-08-30 08:11:25 +00:00