wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10062 commits 20 branches 302 tags 153 MiB
Commit graph

10062 commits

This branch
This branch
All branches
Author SHA1 Message Date
Andy Polyakov
69e9c69e70 apps/s_cb.c: recognize latest TLS versions [from HEAD]. 2012-02-11 13:31:16 +00:00
Dr. Stephen Henson
c489ea7d01 PR: 2704 
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>

Fix srp extension.
 2012-02-10 20:08:49 +00:00
Dr. Stephen Henson
26c6857a59 PR: 2710 
Submitted by: Tomas Mraz <tmraz@redhat.com>

Check return codes for load_certs_crls.
 2012-02-10 19:54:46 +00:00
Dr. Stephen Henson
508bd3d1aa PR: 2714 
Submitted by: Tomas Mraz <tmraz@redhat.com>

Make no-srp work.
 2012-02-10 19:44:00 +00:00
Dr. Stephen Henson
8705846710 only cleanup ctx if we need to, save ctx flags when we do 2012-02-10 16:54:56 +00:00
Dr. Stephen Henson
c944a9696e add fips hmac option and fips blocking overrides to command line utilities 2012-02-10 16:46:19 +00:00
Dr. Stephen Henson
943cc09d8a Submitted by: Eric Rescorla <ekr@rtfm.com> 
Fix encoding of use_srtp extension to be compliant with RFC5764
 2012-02-10 00:03:37 +00:00
Dr. Stephen Henson
fc6800d19f Modify client hello version when renegotiating to enhance interop with 
some servers.
 2012-02-09 15:41:44 +00:00
Andy Polyakov
d06f047b04 bn_nist.c: make new optimized code dependent on BN_LLONG [from HEAD]. 2012-02-02 07:46:19 +00:00
Andy Polyakov
ddc899bada hpux-parisc2-*: engage assembler [from HEAD] and make it link. 2012-02-02 07:42:31 +00:00
Andy Polyakov
bd479e25c7 ghash-x86.pl: engage original MMX version in no-sse2 builds [from HEAD]. 2012-01-25 17:56:25 +00:00
Andy Polyakov
eaf5bd168e x86_64-xlate.pl: 1.0.1-specific typo. 2012-01-25 17:50:23 +00:00
Dr. Stephen Henson
d7ecc206ba only include bn.h once 2012-01-24 23:00:36 +00:00
Dr. Stephen Henson
11ea212e8c only include evp.h once 2012-01-24 22:59:46 +00:00
Dr. Stephen Henson
cb29d8c11f only include string.h once 2012-01-24 22:58:46 +00:00
Dr. Stephen Henson
adcea5a043 return error if md is NULL 2012-01-22 13:12:50 +00:00
Andy Polyakov
f02f7c2c4a cryptlib.c: make even non-Windows builds "strtoull-agnostic" [from HEAD]. 2012-01-21 12:18:29 +00:00
Andy Polyakov
a1e44cc14f x86_64-xlate.pl: proper solution for RT#2620 [from HEAD]. 2012-01-21 11:35:20 +00:00
Dr. Stephen Henson
d2d09bf68c change version to beta3-dev 2012-01-19 17:14:17 +00:00
Dr. Stephen Henson
e2dfb655f7 update files for beta2 release 2012-01-19 15:46:43 +00:00
Dr. Stephen Henson
463e76b63c prepare for beta2 2012-01-19 15:37:57 +00:00
Dr. Stephen Henson
2dc4b0dbe8 Fix for DTLS DoS issue introduced by fix for CVE-2011-4109. 
Thanks to Antonio Martin, Enterprise Secure Access Research and
Development, Cisco Systems, Inc. for discovering this bug and
preparing a fix. (CVE-2012-0050)
 2012-01-18 18:14:56 +00:00
Dr. Stephen Henson
7b23c126e6 undef some symbols that cause problems with make depend for fips builds 2012-01-18 01:40:36 +00:00
Dr. Stephen Henson
25e3d2225a fix CHANGES entry 2012-01-17 14:19:09 +00:00
Andy Polyakov
c8e0b5d7b6 1.0.1-specific OPNESSL vs. OPENSSL typo. 
PR: 2613
Submitted by: Leena Heino
 2012-01-15 13:42:50 +00:00
Andy Polyakov
4fb7e2b445 Fix OPNESSL vs. OPENSSL typos [from HEAD]. 
PR: 2613
Submitted by: Leena Heino
 2012-01-15 13:40:21 +00:00
Dr. Stephen Henson
9138e3c061 fix warning 2012-01-15 13:30:52 +00:00
Andy Polyakov
9b2a29660b Sanitize usage of <ctype.h> functions. It's important that characters 
are passed zero-extended, not sign-extended [from HEAD].
PR: 2682
 2012-01-12 16:28:03 +00:00
Andy Polyakov
b7b4a9fa57 sparcv9cap.c: omit unused variable. 2012-01-12 14:19:52 +00:00
Andy Polyakov
1fb07a7de8 doc/apps: formatting fixes [from HEAD]. 
PR: 2683
Submitted by: Annie Yousar
 2012-01-11 21:58:42 +00:00
Andy Polyakov
b9cbcaad58 speed.c: typo in pkey_print_message [from HEAD]. 
PR: 2681
Submitted by: Annie Yousar
 2012-01-11 21:49:16 +00:00
Andy Polyakov
c6706a6f6c ecdsa.pod: typo. 
PR: 2678
Submitted by: Annie Yousar
 2012-01-11 21:41:50 +00:00
Andy Polyakov
958e6a75a1 asn1/t_x509.c: fix serial number print, harmonize with a_int.c [from HEAD]. 
PR: 2675
Submitted by: Annie Yousar
 2012-01-11 21:12:47 +00:00
Andy Polyakov
397977726c aes-sparcv9.pl: clean up regexp [from HEAD]. 
PR: 2685
 2012-01-11 15:32:08 +00:00
Dr. Stephen Henson
285d9189c7 PR: 2652 
Submitted by: Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>

OpenVMS fixes.
 2012-01-05 14:30:08 +00:00
Bodo Möller
767d3e0054 Update for 0.9.8s and 1.0.0f. 
(While the 1.0.0f CHANGES entry on VOS PRNG seeding was missing
in the 1.0.1 branch, the actual code is here already.)
 2012-01-05 13:46:27 +00:00
Bodo Möller
409d2a1b71 Fix for builds without DTLS support. 
Submitted by: Brian Carlstrom
 2012-01-05 10:22:39 +00:00
Dr. Stephen Henson
e0b9678d7f PR: 2671 
Submitted by: steve

Update maximum message size for certifiate verify messages to support
4096 bit RSA keys again as TLS v1.2 messages is two bytes longer.
 2012-01-05 00:28:29 +00:00
Dr. Stephen Henson
166dea6ac8 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> 
Reviewed by: steve

Send fatal alert if heartbeat extension has an illegal value.
 2012-01-05 00:23:31 +00:00
Dr. Stephen Henson
52bef4d677 disable heartbeats if tlsext disabled 2012-01-05 00:07:34 +00:00
Dr. Stephen Henson
801e5ef840 update CHANGES 2012-01-04 23:53:52 +00:00
Dr. Stephen Henson
0044739ae5 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen <tuexen@fh-muenster.de> 
Reviewed by: steve

Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and
Kenny Paterson.
 2012-01-04 23:52:05 +00:00
Dr. Stephen Henson
4e44bd3650 Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576) 2012-01-04 23:13:29 +00:00
Dr. Stephen Henson
0cffb0cd3e fix CHANGES 2012-01-04 23:11:43 +00:00
Dr. Stephen Henson
aaa3850ccd Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619) 2012-01-04 23:07:54 +00:00
Dr. Stephen Henson
a17b5d5a4f Check GOST parameters are not NULL (CVE-2012-0027) 2012-01-04 23:03:20 +00:00
Dr. Stephen Henson
2f97765bc3 Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577) 2012-01-04 23:01:19 +00:00
Dr. Stephen Henson
3205ca8deb fix warnings 2012-01-04 14:46:04 +00:00
Dr. Stephen Henson
1cb4d65b87 Submitted by: Adam Langley <agl@chromium.org> 
Reviewed by: steve

Fix memory leaks.
 2012-01-04 14:25:28 +00:00
Dr. Stephen Henson
7b2dd292bc only send heartbeat extension from server if client sent one 2012-01-03 22:03:07 +00:00