Dr. Stephen Henson
0cffb0cd3e
fix CHANGES
2012-01-04 23:11:43 +00:00
Dr. Stephen Henson
aaa3850ccd
Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)
2012-01-04 23:07:54 +00:00
Dr. Stephen Henson
a17b5d5a4f
Check GOST parameters are not NULL (CVE-2012-0027)
2012-01-04 23:03:20 +00:00
Dr. Stephen Henson
2f97765bc3
Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577)
2012-01-04 23:01:19 +00:00
Dr. Stephen Henson
3205ca8deb
fix warnings
2012-01-04 14:46:04 +00:00
Dr. Stephen Henson
1cb4d65b87
Submitted by: Adam Langley <agl@chromium.org>
...
Reviewed by: steve
Fix memory leaks.
2012-01-04 14:25:28 +00:00
Dr. Stephen Henson
7b2dd292bc
only send heartbeat extension from server if client sent one
2012-01-03 22:03:07 +00:00
Dr. Stephen Henson
ab585551c0
prepare for 1.0.1-beta1
2012-01-03 13:30:28 +00:00
Dr. Stephen Henson
6cf0d7b999
OpenSSL 1.0.1 is now in beta.
2012-01-02 18:28:28 +00:00
Dr. Stephen Henson
9d972207f0
incomplete provisional OAEP CMS decrypt support
2012-01-02 18:16:40 +00:00
Dr. Stephen Henson
d9834ff24b
make update
2012-01-02 16:41:11 +00:00
Dr. Stephen Henson
d9c3ba05e7
update NEWS
2012-01-02 16:31:46 +00:00
Dr. Stephen Henson
03467ce6bd
recognise HEARTBEATS in mkdef.pl script
2011-12-31 23:49:45 +00:00
Dr. Stephen Henson
6e750fcb1e
update CHANGES
2011-12-31 23:07:28 +00:00
Dr. Stephen Henson
bd6941cfaa
PR: 2658
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Support for TLS/DTLS heartbeats.
2011-12-31 23:00:36 +00:00
Dr. Stephen Henson
578519edd0
make error code checking strict
2011-12-27 15:17:50 +00:00
Dr. Stephen Henson
5c05f69450
make update
2011-12-27 14:38:27 +00:00
Dr. Stephen Henson
f529dca488
fix error code
2011-12-27 14:37:43 +00:00
Dr. Stephen Henson
296aca9dcf
fix deprecated statement
2011-12-27 14:36:57 +00:00
Dr. Stephen Henson
b170703128
update default depflags
2011-12-27 14:28:25 +00:00
Dr. Stephen Henson
b300fb7734
PR: 1794
...
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve
- remove some unncessary SSL_err and permit
an srp user callback to allow a worker to obtain
a user verifier.
- cleanup and comments in s_server and demonstration
for asynchronous srp user lookup
2011-12-27 14:23:22 +00:00
Dr. Stephen Henson
f89af47438
PR: 2326
...
Submitted by: Tianjie Mao <tjmao@tjmao.net>
Reviewed by: steve
Fix incorrect comma expressions and goto f_err as alert has been set.
2011-12-26 19:38:09 +00:00
Dr. Stephen Henson
7bb4f8ff12
recognise no-sctp
2011-12-25 14:59:40 +00:00
Dr. Stephen Henson
7dd6407a4c
update ordinals
2011-12-25 14:48:44 +00:00
Dr. Stephen Henson
53de315b78
recognise SCTP in mkdef.pl script
2011-12-25 14:47:46 +00:00
Dr. Stephen Henson
e065e6cda2
PR: 2535
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Add SCTP support for DTLS (RFC 6083).
2011-12-25 14:45:40 +00:00
Dr. Stephen Henson
60553cc209
typo
2011-12-23 15:03:16 +00:00
Dr. Stephen Henson
2d4c9ab518
delete unimplemented function from header file, update ordinals
2011-12-23 14:10:35 +00:00
Dr. Stephen Henson
50771f7ce3
update ordinals
2011-12-22 16:10:04 +00:00
Dr. Stephen Henson
242f8d644c
remove prototype for deleted SRP function
2011-12-22 16:01:23 +00:00
Dr. Stephen Henson
f5575cd167
New ctrl values to clear or retrieve extra chain certs from an SSL_CTX.
...
New function to retrieve compression method from SSL_SESSION structure.
Delete SSL_SESSION_get_id_len and SSL_SESSION_get0_id functions
as they duplicate functionality of SSL_SESSION_get_id. Note: these functions
have never appeared in any release version of OpenSSL.
2011-12-22 15:01:16 +00:00
Ben Laurie
dd0ddc3e78
Fix DTLS.
2011-12-20 15:05:03 +00:00
Dr. Stephen Henson
62308f3f4a
PR: 2563
...
Submitted by: Paul Green <Paul.Green@stratus.com>
Reviewed by: steve
Improved PRNG seeding for VOS.
2011-12-19 17:02:35 +00:00
Andy Polyakov
cecafcce94
update CHANGES.
2011-12-19 14:49:05 +00:00
Dr. Stephen Henson
ca0efb7594
update CHANGES
2011-12-19 14:40:02 +00:00
Andy Polyakov
1d05ff2779
apps/speed.c: fix typo in last commit.
2011-12-19 14:33:37 +00:00
Andy Polyakov
941811ccb9
apps/speed.c: Cygwin alarm() fails sometimes.
...
PR: 2655
2011-12-15 22:30:11 +00:00
Andy Polyakov
700384be8e
vpaes-x86.pl: revert previous commit and solve the problem through x86masm.pl [from HEAD].
...
PR: 2657
2011-12-15 22:20:26 +00:00
Dr. Stephen Henson
b8a22c40e0
PR: 1794
...
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve
Remove unnecessary code for srp and to add some comments to
s_client.
- the callback to provide a user during client connect is
no longer necessary since rfc 5054 a connection attempt
with an srp cipher and no user is terminated when the
cipher is acceptable
- comments to indicate in s_client the (non-)usefulness of
th primalaty tests for non known group parameters.
2011-12-14 22:18:03 +00:00
Andy Polyakov
3918de9ad1
vpaes-x86.pl: portability fix.
...
PR: 2657
2011-12-14 21:30:25 +00:00
Ben Laurie
96fe35e7d4
Remove redundant TLS exporter.
2011-12-13 14:35:12 +00:00
Ben Laurie
e87afb1518
SSL export fixes (from Adam Langley).
2011-12-13 14:25:11 +00:00
Andy Polyakov
7b467c6b81
modexp512-x86_64.pl: Solaris portability fix [from HEAD].
...
PR: 2656
2011-12-12 15:12:09 +00:00
Dr. Stephen Henson
eb8ebafe87
detect and use older PKITS data
2011-12-11 16:39:56 +00:00
Dr. Stephen Henson
e559febaf1
typo
2011-12-10 01:37:55 +00:00
Dr. Stephen Henson
6bcc6d38c7
add commented out option to allow use of older PKITS data
2011-12-10 00:50:16 +00:00
Dr. Stephen Henson
8173960305
remove old -attime code, new version includes all old functionality
2011-12-10 00:42:48 +00:00
Dr. Stephen Henson
f2e590942e
implement -attime option as a verify parameter then it works with all relevant applications
2011-12-10 00:37:42 +00:00
Ben Laurie
6a4b87eb9d
Fix warning.
2011-12-09 20:15:48 +00:00
Andy Polyakov
edcba19c23
perlasm/x86gas.pl: give a hand old assemblers assembling loop instruction
...
[from HEAD].
2011-12-09 19:16:35 +00:00