Dr. Stephen Henson
dce7b92d0b
PR: 2533
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Setting SSL_MODE_RELEASE_BUFFERS should be ignored for DTLS, but instead causes
the program to crash. This is due to missing version checks and is fixed with
this patch.
2011-05-25 15:21:12 +00:00
Dr. Stephen Henson
db886c2a2b
PR: 2529
...
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve
Call ssl_new() to reallocate SSL BIO internals if we want to replace
the existing internal SSL structure.
2011-05-25 15:15:52 +00:00
Dr. Stephen Henson
4d43129446
PR: 2527
...
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve
Set cnf to NULL to avoid possible double free.
2011-05-25 15:06:05 +00:00
Dr. Stephen Henson
92107f8150
Fix the ECDSA timing attack mentioned in the paper at:
...
http://eprint.iacr.org/2011/232.pdf
Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
2011-05-25 14:52:44 +00:00
Dr. Stephen Henson
e82d6a2019
Fix the ECDSA timing attack mentioned in the paper at:
...
http://eprint.iacr.org/2011/232.pdf
Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
2011-05-25 14:43:05 +00:00
Dr. Stephen Henson
4e5755cd85
Oops use up to date patch for PR#2506
2011-05-25 14:29:55 +00:00
Dr. Stephen Henson
dda8dcd2c0
PR: 2512
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix BIO_accept so it can be bound to IPv4 or IPv6 sockets consistently.
2011-05-25 12:36:50 +00:00
Dr. Stephen Henson
16646b0018
PR: 2506
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fully implement SSL_clear for DTLS.
2011-05-25 12:28:31 +00:00
Dr. Stephen Henson
320881c25c
PR: 2505
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS session resumption timer bug.
2011-05-25 12:24:26 +00:00
Dr. Stephen Henson
1d23fb382e
update date
2011-05-19 17:56:47 +00:00
Dr. Stephen Henson
c4f1942a76
inherit HMAC flags from MD_CTX
2011-05-19 17:39:49 +00:00
Dr. Stephen Henson
38c42c6eea
set encodedPoint to NULL after freeing it
2011-05-19 16:18:25 +00:00
Dr. Stephen Henson
51eb247d0f
no need to include memory.h
2011-04-30 23:38:24 +00:00
Dr. Stephen Henson
8d22673a62
check buffer is larger enough before overwriting
2011-04-06 18:07:02 +00:00
Dr. Stephen Henson
3622d3743e
PR: 2462
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS Retransmission Buffer Bug
2011-04-03 17:15:08 +00:00
Dr. Stephen Henson
fbbf28e7c2
PR: 2458
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Don't change state when answering DTLS ClientHello.
2011-04-03 16:26:14 +00:00
Dr. Stephen Henson
f5dac77c06
PR: 2457
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS fragment reassembly bug.
2011-04-03 15:49:03 +00:00
Richard Levitte
067d72a082
Corrections to the VMS build system.
...
Submitted by Steven M. Schweda <sms@antinode.info>
2011-03-25 16:21:39 +00:00
Dr. Stephen Henson
ac0f3f506a
make some non-VMS builds work again
2011-03-25 15:06:50 +00:00
Richard Levitte
f819147028
For VMS, implement the possibility to choose 64-bit pointers with
...
different options:
"64" The build system will choose /POINTER_SIZE=64=ARGV if
the compiler supports it, otherwise /POINTER_SIZE=64.
"64=" The build system will force /POINTER_SIZE=64.
"64=ARGV" The build system will force /POINTER_SIZE=64=ARGV.
2011-03-25 09:40:18 +00:00
Richard Levitte
a530963f05
make update (1.0.0-stable)
2011-03-22 23:56:18 +00:00
Richard Levitte
bc5a53f5e9
* util/mkdef.pl: Add crypto/o_str.h and crypto/o_time.h. Maybe some
...
more need to be added...
2011-03-22 23:54:13 +00:00
Richard Levitte
83382fb9d5
* apps/makeapps.com: Forgot to end the check for /POINTER_SIZE=64=ARGV
...
with turning trapping back on.
* test/maketests.com: Do the same check for /POINTER_SIZE=64=ARGV
here.
* test/clean-test.com: A new script for cleaning up.
2011-03-20 14:01:20 +00:00
Richard Levitte
0674370017
* apps/openssl.c: For VMS, take care of copying argv if needed much earlier,
...
directly in main(). 'if needed' also includes when argv is a 32 bit
pointer in an otherwise 64 bit environment.
* apps/makeapps.com: When using /POINTER_SIZE=64, try to use the additional
=ARGV, but only if it's supported. Fortunately, DCL is very helpful
telling us in this case.
2011-03-20 13:15:41 +00:00
Richard Levitte
2f91cb2c5e
Keep file references in the VMS build files in the same order as they
...
are in the Unix Makefiles
2011-03-19 10:44:41 +00:00
Richard Levitte
acb25c2327
Change INSTALL.VMS to reflect the changes done on the build and
...
install scripts. This could need some more work.
2011-03-19 09:45:45 +00:00
Richard Levitte
2d842a90f8
Apply all the changes submitted by Steven M. Schweda <sms@antinode.info>
2011-03-19 09:44:53 +00:00
Dr. Stephen Henson
80705bfc50
PR: 2469
...
Submitted by: Jim Studt <jim@studt.net>
Reviewed by: steve
Check mac is present before trying to retrieve mac iteration count.
2011-03-13 18:20:14 +00:00
Dr. Stephen Henson
2a8692311d
make no-dsa work again
2011-03-10 18:27:56 +00:00
Andy Polyakov
7d0ed89d57
s390x-mont.pl: optimize for z196.
2011-03-04 13:11:54 +00:00
Andy Polyakov
0912fae6ce
dso_dlfcn.c: make it work on Tru64 4.0 [from HEAD].
...
PR: 2316
2011-02-12 16:46:10 +00:00
Bodo Möller
0bb2154ee9
Sync with 0.9.8 branch.
2011-02-08 19:06:57 +00:00
Bodo Möller
c9355e20c3
start 1.0.0e-dev
2011-02-08 17:58:45 +00:00
Bodo Möller
6545372c24
OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d)
...
Submitted by: Neel Mehta, Adam Langley, Bodo Moeller
2011-02-08 17:10:53 +00:00
Bodo Möller
17f8412983
Add complete information on 0.9.8 branch.
2011-02-08 08:42:15 +00:00
Bodo Möller
d48df9a91b
Assorted bugfixes:
...
- safestack macro changes for C++ were incomplete
- RLE decompression boundary case
- SSL 2.0 key arg length check
Submitted by: Google (Adam Langley, Neel Mehta, Bodo Moeller)
2011-02-03 12:04:40 +00:00
Bodo Möller
65448fd0d3
fix omission
2011-02-03 11:21:20 +00:00
Dr. Stephen Henson
a677c87b7b
Since FIPS 186-3 specifies we use the leftmost bits of the digest
...
we shouldn't reject digest lengths larger than SHA256: the FIPS
algorithm tests include SHA384 and SHA512 tests.
2011-02-01 12:54:04 +00:00
Dr. Stephen Henson
f8a123b4a2
stop warnings about no previous prototype when compiling shared engines
2011-01-30 01:05:38 +00:00
Dr. Stephen Henson
c64beae686
PR: 2433
...
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve
Constify ASN1_STRING_set_default_mask_asc().
2011-01-24 16:20:15 +00:00
Dr. Stephen Henson
99ef8323e4
check EC public key isn't point at infinity
2011-01-24 15:08:01 +00:00
Dr. Stephen Henson
2668c58969
PR: 1612
...
Submitted by: Robert Jackson <robert@rjsweb.net>
Reviewed by: steve
Fix EC_POINT_cmp function for case where b but not a is the point at infinity.
2011-01-24 14:41:58 +00:00
Dr. Stephen Henson
5ae3168a77
stop warning with no-engine
2011-01-13 15:42:59 +00:00
Richard Levitte
559579659c
The previous change was incorrect in this branch...
2011-01-10 21:00:25 +00:00
Richard Levitte
2dd74160cc
PR: 2425
...
Synchronise VMS build with Unixly build.
2011-01-10 20:55:24 +00:00
Richard Levitte
2adf63272c
PR: 2407
...
Fix fault include.
Submitted by Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>
2011-01-06 20:56:07 +00:00
Dr. Stephen Henson
fb5a0fb8f1
Since DTLS 1.0 is based on TLS 1.1 we should never return a decryption_failed
...
alert.
2011-01-04 19:33:22 +00:00
Dr. Stephen Henson
c222de16ce
oops missed an assert
2011-01-03 12:53:33 +00:00
Dr. Stephen Henson
19091ac236
PR: 2411
...
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve
Fix corner cases in RFC3779 code.
2011-01-03 01:40:34 +00:00
Dr. Stephen Henson
2fcf251d3d
Fix escaping code for string printing. If *any* escaping is enabled we
...
must escape the escape character itself (backslash).
2011-01-03 01:27:00 +00:00