Commit graph

7519 commits

Author SHA1 Message Date
Bodo Möller
25550b2dd4 fix typos
Submitted by: Ernst G. Giessmann
2007-11-19 07:23:52 +00:00
Bodo Möller
5c676c47cd The hash length check wasn't strict enough,
as pointed out by Ernst G Giessmann
2007-11-16 13:00:57 +00:00
Ben Laurie
e77f9d5e78 Fix buffer overflow. 2007-11-15 13:33:47 +00:00
Ben Laurie
9c04747623 Make depend. 2007-11-15 13:32:53 +00:00
Ben Laurie
e66deb6817 Fix warnings. 2007-11-15 13:32:16 +00:00
Andy Polyakov
cc9a645a02 Add x86_64-mont.pl [from HEAD]. 2007-11-11 21:04:34 +00:00
Andy Polyakov
18fb9d807e Add framework for bn_mul_mont [from 098-fips]. 2007-11-11 20:43:23 +00:00
Andy Polyakov
a1cc568288 doc/crypto/OPENSSL_ia32cap.pod update [from HEAD]. 2007-11-11 20:10:09 +00:00
Andy Polyakov
2ea3cd8abc Comply with updated x86cpuid.pl. 2007-11-11 20:06:17 +00:00
Andy Polyakov
095db72024 x86cpuid.pl update [from HEAD]. 2007-11-11 19:44:42 +00:00
Andy Polyakov
11eb172b6e Typos in Configure. 2007-11-11 16:39:31 +00:00
Andy Polyakov
4b60f4b175 rc4-x86_64.pl update [from HEAD]. 2007-11-11 16:25:46 +00:00
Andy Polyakov
0794f3a798 x86_64cpuid.pl update [from HEAD]. 2007-11-11 16:25:00 +00:00
Andy Polyakov
2b8e7b5061 Add AES x86_64 assembler. Note that it's not latest version from HEAD,
but older one corresponding to x86 module from 098-stable.
2007-11-11 14:49:56 +00:00
Andy Polyakov
6f57311da0 Add SHA x86_64 assembler [from HEAD]. 2007-11-11 13:56:47 +00:00
Andy Polyakov
98b09d3949 Synchronize message digests in 098-fips with 098. 2007-11-11 13:34:08 +00:00
Andy Polyakov
231a737a82 Commit #16325 fixed one thing but broke DH with certain moduli [from HEAD]. 2007-11-03 20:09:29 +00:00
Dr. Stephen Henson
236860735e Allow new session ticket when resuming. 2007-11-03 13:07:39 +00:00
Lutz Jänicke
ac1ef7ec72 Add OIDs by CMP (RFC 4210) and CRMF (RFC 4211)
Submitted by: Martin Peylo <martinmeis@googlemail.com>
2007-11-01 08:25:28 +00:00
Andy Polyakov
5f761514e1 Make it possible for older masm to compile sse2 modules.
PR: 1592
2007-10-21 14:15:40 +00:00
Lutz Jänicke
32f1f622f6 Release OpenSSL 0.9.8g with various fixes to issues introduced with 0.9.8f 2007-10-19 08:25:53 +00:00
Dr. Stephen Henson
5f95651316 Ensure the ticket expected flag is reset when a stateless resumption is
successful.
2007-10-18 11:39:11 +00:00
Andy Polyakov
ccac657556 New unused field crippled ssl_ctx_st in 0.9.8"f". 2007-10-17 21:22:58 +00:00
Andy Polyakov
a9c23ea079 Don't let DTLS ChangeCipherSpec increment handshake sequence number. From
HEAD with a twist: server interoperates with non-compliant client.
PR: 1587
2007-10-17 21:17:49 +00:00
Dr. Stephen Henson
33ffe2a7f7 Don't try to lookup zero length session. 2007-10-17 17:30:15 +00:00
Dr. Stephen Henson
7c717aafc6 Allow TLS tickets and session ID to both be present if lifetime hint is -1.
This never happens in normal SSL sessions but can be useful if the session
is being used as a "blob" to contain other data.
2007-10-17 11:27:25 +00:00
Lutz Jänicke
225aeb171e Work around inconsistent version numbering in 0.9.8f (release).
The version code of the release should have been 09086f (6=f, f=release)
but accidently it was marked "090870" (which would be "0.9.8g-dev").

Therefore we now use "090871" for the development of 0.9.8g. Once
0.9.8g is released, the problem will be "healed". We have never done
beta releases for 0.9.x-stable patch releases, so 090871 would never
be used in practice.

PR: #1589
2007-10-17 07:46:49 +00:00
Andy Polyakov
ffe181c366 Make ssl compile. 2007-10-14 14:07:46 +00:00
Dr. Stephen Henson
fd4e79a9ed Include USE_SOCKETS #define 2007-10-14 12:19:07 +00:00
Andy Polyakov
299e174d2d Make it possible to link VC static lib with either /MT or /MD application
[from HEAD].
PR: 1230
2007-10-13 12:38:37 +00:00
Andy Polyakov
ce62fc6eae Copy bn/asm/ia64.S from HEAD. 2007-10-13 11:02:17 +00:00
Dr. Stephen Henson
43490dfb89 Avoid shadow and signed/unsigned warnings. 2007-10-12 00:29:06 +00:00
Dr. Stephen Henson
a523276786 Backport certificate status request TLS extension support to 0.9.8. 2007-10-12 00:00:36 +00:00
Ben Laurie
074471ab0c Back to -dev. 2007-10-11 18:27:10 +00:00
Ben Laurie
d761421e1d Minor release cockups. 2007-10-11 18:23:16 +00:00
Ben Laurie
2339c5d722 Next version. 2007-10-11 15:04:32 +00:00
Ben Laurie
dd00266757 Ready to roll. 2007-10-11 14:58:15 +00:00
Ben Laurie
bb99ce5f80 make update, and more DTLS stuff. 2007-10-11 14:36:59 +00:00
Andy Polyakov
49f42ec0f6 Respect cookie length set by app_gen_cookie_cb [from HEAD].
Submitted by: Alex Lam
2007-10-09 19:31:53 +00:00
Andy Polyakov
91d509f0d9 Make DTLS1 record layer MAC calculation RFC compliant. From HEAD with a
twist: server interoperates with non-compliant pre-0.9.8f client.
2007-10-09 19:22:01 +00:00
Andy Polyakov
d5e858c55f Prohibit RC4 in DTLS [from HEAD]. 2007-10-05 21:05:27 +00:00
Dr. Stephen Henson
fb8fcce2ac Fix from fips branch. 2007-10-05 16:47:04 +00:00
Andy Polyakov
d4736ae701 Set client_version earlier in DTLS (this is 0.9.8 specific). 2007-10-03 10:18:06 +00:00
Andy Polyakov
3e1158522a Oops! This was erroneously left out commit #16633. 2007-10-01 06:28:48 +00:00
Andy Polyakov
57191f86d9 Explicit IV update [from HEAD]. 2007-09-30 22:03:07 +00:00
Andy Polyakov
0a89c575de Make ChangeCipherSpec compliant with DTLS RFC4347. From HEAD with a twist:
server interoperates with non-compliant pre-0.9.8f.
2007-09-30 21:20:59 +00:00
Andy Polyakov
4c860910df DTLS RFC4347 says HelloVerifyRequest resets Finished MAC. From HEAD with a
twist: server allows for non-compliant Finished calculations in order to
enable interop with pre-0.9.8f.
2007-09-30 19:36:32 +00:00
Andy Polyakov
0fc3d51b7d DTLS RFC4347 requires client to use rame random field in reply to
HelloVerifyRequest [from HEAD].
2007-09-30 19:15:46 +00:00
Andy Polyakov
c4b0d7879e Switch for RFC-compliant version encoding in DTLS. From HEAD with a twist:
server accepts even non-compliant encoding in order to enable interop with
pre-0.9.8f clients.
2007-09-30 18:55:59 +00:00
Dr. Stephen Henson
aab1ec3f36 Update from HEAD. 2007-09-28 16:29:24 +00:00