Commit graph

7846 commits

Author SHA1 Message Date
Dr. Stephen Henson
367316c723 Oops, remove duplicate entry. 2009-01-07 23:45:19 +00:00
Dr. Stephen Henson
d34353cc91 Prepare for next version. 2009-01-07 23:38:34 +00:00
Dr. Stephen Henson
6287fa5396 Prepare for 0.9.8j release. 2009-01-07 10:50:54 +00:00
Dr. Stephen Henson
a00c3c4019 Properly check EVP_VerifyFinal() and similar return values
(CVE-2008-5077).
Submitted by: Ben Laurie, Bodo Moeller, Google Security Team
2009-01-07 10:48:23 +00:00
Lutz Jänicke
f4677b7960 Fix compilation with -no-comp by adding some more #ifndef OPENSSL_NO_COMP
Some #include statements were not properly protected. This will go unnoted
on most systems as openssl/comp.h tends to be installed as a system header
file by default but may become visible when cross compiling.
2009-01-05 14:43:07 +00:00
Dr. Stephen Henson
92308905dd make update. 2009-01-05 12:47:11 +00:00
Dr. Stephen Henson
6f32fc5c4e Update ordinals. 2008-12-31 12:00:35 +00:00
Andy Polyakov
e607e731eb Synchronize with bn_nist.c from HEAD. 2008-12-30 13:41:08 +00:00
Andy Polyakov
f17c45611e Backport http://cvs.openssl.org/chngview?cn=17710 from HEAD.
PR: 1230
2008-12-30 13:30:57 +00:00
Andy Polyakov
1ff7b6492b Some seasoned makes fail to build. For reference. I had problem with Irix
make which doesn't tolerate empty targets, and fips/Makefile ends up with
one when FIPSCANLIB is empty. Build failed as early as 'make links' phase.
2008-12-30 13:26:26 +00:00
Dr. Stephen Henson
20900d6801 Update default compiler options for default tls extension config.
Add -Wsign-compare to debug-steve64
2008-12-29 00:18:23 +00:00
Dr. Stephen Henson
4b253d904d Avoid signed/unsigned compare warnings. 2008-12-29 00:17:36 +00:00
Andy Polyakov
a51c8c64e0 Backport aes-x86_64.pl update from HEAD. 2008-12-27 13:34:30 +00:00
Ben Laurie
c153422388 Enable TLS Extensions by default. 2008-12-26 15:27:51 +00:00
Richard Levitte
7f065cfdbd In BIO_write(), update the write statistics, not the read statistics.
PR: 1803
2008-12-25 22:24:21 +00:00
Richard Levitte
667fbc0847 Further synchronisation with Unix 2008-12-25 22:04:45 +00:00
Richard Levitte
6ba7bd5697 Synchronise with Unixly build. 2008-12-22 09:30:09 +00:00
Dr. Stephen Henson
2cad035c01 Make no-engine work again... 2008-12-20 17:04:09 +00:00
Andy Polyakov
2a76c68842 Backport aes-x86_64.pl update from HEAD and revisit same code in aes-586.pl.
PR: 1801
2008-12-17 14:14:51 +00:00
Ben Laurie
1b00f4bc37 Missing return values (Coverity ID 204). 2008-12-13 17:00:53 +00:00
Ben Laurie
be62eb6d93 Make depend. 2008-12-13 12:22:47 +00:00
Dr. Stephen Henson
5f3878f1e3 Remove tests which rely on old root certs being present. 2008-12-10 17:34:11 +00:00
Lutz Jänicke
a523e997d3 apps/speed.c: children should not inherit buffered I/O
PR: 1787
Submitted by: Artur Klauser <aklauser@google.com>
2008-12-10 08:03:48 +00:00
Dr. Stephen Henson
fe43caa4a4 Fix from HEAD. 2008-12-08 19:13:57 +00:00
Dr. Stephen Henson
792e614144 Fix from HEAD. 2008-12-07 23:59:13 +00:00
Bodo Möller
ce2b87d88a experimental-foo support for mk1mf.pl. 2008-12-02 23:50:21 +00:00
Ben Laurie
f092a073a7 Fix warnings. 2008-12-02 18:14:44 +00:00
Ben Laurie
6fa4cd7136 Warn about JPAKE brokenness. 2008-12-02 13:36:47 +00:00
Bodo Möller
505ed2b076 Implement Configure option pattern "experimental-foo"
(specifically, "experimental-jpake").
2008-12-02 01:21:06 +00:00
Dr. Stephen Henson
cef3e62d2b Don't clobber passed GENERAL_NAME on error. 2008-11-30 16:07:11 +00:00
Geoff Thorpe
40ea9ff9e8 Clarify a 'chil' engine param that is a little unintuitive.
Submitted by: Sander Temme <sander@temme.net>
2008-11-28 22:04:25 +00:00
Dr. Stephen Henson
a97a6b03bc Update dependencies. 2008-11-24 17:49:21 +00:00
Dr. Stephen Henson
516f76fd2c Move new function CRYPTO_strdup to mem_dbg.c because mem.c is excluded in
a fips build.
2008-11-24 17:02:49 +00:00
Dr. Stephen Henson
5a02ac6e5b Revert OPENSSL_EXPERIMENTAL patch.
Change it so JPAKE uses the standard OPENSSL_NO_JPAKE instead.
2008-11-24 16:14:15 +00:00
Dr. Stephen Henson
14d4074ee1 Update from HEAD. 2008-11-21 18:18:28 +00:00
Dr. Stephen Henson
d9f16c405c Commit default dependencies. 2008-11-19 16:03:51 +00:00
Geoff Thorpe
bfc6482a7a Allow the CHIL engine to load even if dynamic locks aren't registered.
Submitted by: Sander Temme
2008-11-19 14:08:06 +00:00
Dr. Stephen Henson
5aa032033e Remove jpake.h dependencies from default build. 2008-11-19 00:40:59 +00:00
Dr. Stephen Henson
2d59f9938f On WIN32 use /MD for static library in FIPS mode to match value of
validated module.
2008-11-18 22:23:20 +00:00
Dr. Stephen Henson
c0ce8fe755 Update .cvsignore 2008-11-15 17:47:31 +00:00
Dr. Stephen Henson
55eff40084 Stop warnings. 2008-11-15 17:46:41 +00:00
Bodo Möller
e5a251843d warnings 2008-11-14 00:18:23 +00:00
Bodo Möller
fe46b0de29 make update 2008-11-14 00:17:43 +00:00
Dr. Stephen Henson
a581439bb1 Fixes for "make depend". Features which need a #define to be set to
enable them, like FIPS and JPAKE need to have these set when building
dependencies.
2008-11-13 15:08:33 +00:00
Ben Laurie
a43337e8c4 Not an error to include jpake.h when disabled. 2008-11-13 11:35:23 +00:00
Ben Laurie
33c51ec143 J-PAKE is not RSA. 2008-11-13 09:50:24 +00:00
Dr. Stephen Henson
448da15fbf Oops... 2008-11-12 19:05:42 +00:00
Dr. Stephen Henson
a1bb2d6c2f Update mk1mf.pl for new JPAKE options. Update jpaketest.c for WIN32. 2008-11-12 18:27:17 +00:00
Dr. Stephen Henson
81dde5e8fe Add support for experimental code, not compiled in by default and
with OPENSSL_EXPERIMENTAL_FOO around it. Make JPAKE experimental.
2008-11-12 16:54:35 +00:00
Dr. Stephen Henson
b84e441861 Don't attempt to enter FIPS mode in autoconfig module if already in FIPS mode. 2008-11-11 12:52:14 +00:00