wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8226 commits 20 branches 302 tags 153 MiB
Commit graph

8226 commits

This branch
This branch
All branches
Author SHA1 Message Date
Dr. Stephen Henson
1ff44a99a4 PR: 2111 
Submitted by: Martin Olsson <molsson@opera.com>

Check for bn_wexpand errors in bn_mul.c
 2009-12-02 15:27:19 +00:00
Dr. Stephen Henson
6cf61614e4 Replace the broken SPKAC certification with the correct version. 2009-12-02 14:39:12 +00:00
Dr. Stephen Henson
82e448b92b PR: 2115 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Add Renegotiation extension to DTLS, fix DTLS ClientHello processing bug.
 2009-12-01 17:40:46 +00:00
Dr. Stephen Henson
b172352b52 PR: 1432 
Submitted by: "Andrzej Chmielowiec" <achmielowiec@enigma.com.pl>, steve@openssl.org
Approved by: steve@openssl.org

Truncate hash if it is too large: as required by FIPS 186-3.
 2009-12-01 17:32:16 +00:00
Dr. Stephen Henson
95b14fd803 typo 2009-11-29 13:44:59 +00:00
Bodo Möller
553d2e3280 (whitespace) 2009-11-26 18:35:33 +00:00
Bodo Möller
82fb4ee89d The version numbering may change, again; so be careful about what we 
announce in CHANGES.
 2009-11-26 17:30:07 +00:00
Bodo Möller
389fef6c9c Remove attribution -- this wasn't my patch, I only edited and applied it. 2009-11-26 17:28:27 +00:00
Bodo Möller
b6622f9623 Remove obsolete information about a change for 0.9.7n. 
(No further releases from the 0.9.7 branch are planned.  Note that the
"deleted" change is also in 0.9.8f.)
 2009-11-26 17:25:38 +00:00
Dr. Stephen Henson
7f5448e3a8 Servers can't end up talking SSLv2 with legacy renegotiation disabled 2009-11-18 15:08:49 +00:00
Dr. Stephen Henson
5d965f0783 Don't use SSLv2 compatible client hello if we don't tolerate legacy renegotiation 2009-11-18 14:43:27 +00:00
Dr. Stephen Henson
b14713c231 Include a more meaningful error message when rejecting legacy renegotiation 2009-11-18 14:24:00 +00:00
Dr. Stephen Henson
637e0ba420 PR: 2094 
Submitted by: Arkadiusz Miskiewicz <arekm@maven.pl>
Approved by: steve@openssl.org

Fix for out range of signed 32bit displacement error on newer binutils.
 2009-11-13 14:14:46 +00:00
Dr. Stephen Henson
9ac37cb018 PR: 2084 
Submitted by: Mike Frysinger <vapier@gentoo.org>
Approved by: steve@openssl.org

Parallel build fix.
 2009-11-13 14:09:45 +00:00
Dr. Stephen Henson
fb7751b44f PR: 2101 
Submitted by: Doug Kaufman <dkaufman@rahul.net>
Approved by: steve@openssl.org

Fixes for tests in cms-test.pl
 2009-11-13 14:09:09 +00:00
Richard Levitte
e333a8d673 Updated from 1.0.0-stable. 2009-11-12 16:59:18 +00:00
Dr. Stephen Henson
89a6daac00 PR: 1686 
Submitted by: Hanno Böck <hanno@hboeck.de>
Approved by: steve@openssl.org

Create engines dir if it doesn't already exist.
 2009-11-10 01:53:02 +00:00
Dr. Stephen Henson
7e42945918 PR: 2091 
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org

If an OID has no short name or long name return the numerical representation.
 2009-11-10 01:00:37 +00:00
Dr. Stephen Henson
b61a87b26c check new_der for NULL too 2009-11-10 00:46:57 +00:00
Dr. Stephen Henson
2c6b141931 PR: 2090 
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org

Improve error checking in asn1_gen.c
 2009-11-10 00:40:42 +00:00
Dr. Stephen Henson
af13c50d51 Fix wrong function codes and duplicate codes 2009-11-09 18:21:57 +00:00
Dr. Stephen Henson
65c2397fce Remove BF_PTR2 from configuration: it doesn't improve performance any more and causes gcc warnings about arrays out of range 2009-11-09 14:14:26 +00:00
Dr. Stephen Henson
16e7efe3c8 use OPENSSL_assert() and not assert() 2009-11-08 17:07:42 +00:00
Ben Laurie
c2b78c31d6 First cut of renegotiation extension. 2009-11-08 14:51:54 +00:00
Dr. Stephen Henson
a1dc0336dd Re-revert (re-insert?) temporary change that made renegotiation work again 
and add a proper fix: specifically if it is a new session don't send the old
TLS ticket, send a zero length ticket to request a new session.
 2009-11-08 14:30:22 +00:00
Ben Laurie
d99a35f275 Revert renegotiation-breaking change. 2009-11-08 12:14:55 +00:00
Ben Laurie
949fbf073a Disable renegotiation. 2009-11-05 11:28:37 +00:00
Ben Laurie
6156be4da3 Fix compilation problem. 2009-11-05 10:18:11 +00:00
Dr. Stephen Henson
d7d4325655 PR: 2089 
Submitted by: David Woodhouse <dwmw2@infradead.org>
Approved by: steve@openssl.org

Use EVP_MD_size() in OpenSSL 0.9.8.
 2009-11-04 12:58:54 +00:00
Dr. Stephen Henson
9f81ffe433 PR: 2089 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS Fragment size bug fix.
 2009-11-02 13:36:56 +00:00
Dr. Stephen Henson
8164930816 Generate stateless session ID just after the ticket is received instead 
of when a session is loaded. This will mean that applications that
just hold onto SSL_SESSION structures and never call d2i_SSL_SESSION()
will still work.
 2009-10-30 14:07:59 +00:00
Dr. Stephen Henson
2a8834cf89 Fix stateless session resumption so it can coexist with SNI 2009-10-30 13:28:07 +00:00
Dr. Stephen Henson
e6e11f4ec3 Don't attempt session resumption if no ticket is present and session 
ID length is zero.
 2009-10-28 19:53:10 +00:00
Dr. Stephen Henson
452e41562c PR: 2085 
Submitted by: Mike Frysinger <vapier@gentoo.org>
Approved by: steve@openssl.org

Change domd test to match 1.0.0+ version: check $MAKEDEPEND
ends in "gcc" to support cross compilers.
 2009-10-28 19:29:05 +00:00
Dr. Stephen Henson
8c6dd96aed Don't replace whole AR line 2009-10-28 15:33:06 +00:00
Dr. Stephen Henson
23a4ccd178 PR: 2081 
Submitted by: Mike Frysinger <vapier@gentoo.org>
Approved by: steve@openssl.org

Respect AR and RANLIB environment variables if set.
 2009-10-28 14:00:54 +00:00
Dr. Stephen Henson
2b4d877a27 PR: 2080 
Submitted by: Mike Frysinger <vapier@gentoo.org>
Approved by: steve@openssl.org

Respect MAKE environment variable if set.
 2009-10-28 13:56:06 +00:00
Dr. Stephen Henson
d916f92d6f PR: 2078 
Submitted by: Dale Anderson <dra@redevised.net>
Approved by: steve@openssl.org

Corrections to bn_internal documentation.
 2009-10-28 13:52:19 +00:00
Dr. Stephen Henson
b9b5134e19 Pick up install prefix from the environment, if set. 2009-10-18 14:24:47 +00:00
Dr. Stephen Henson
9ef6fdab63 PR: 2074 
Submitted by: Bram Neijt <bneijt@gmail.com>
Approved by: steve@openssl.org

Typo: "contet".
 2009-10-16 15:29:07 +00:00
Dr. Stephen Henson
3a0b6de4d0 PR: 2073 
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Don't access freed SSL_CTX in SSL_free().
 2009-10-16 13:42:15 +00:00
Dr. Stephen Henson
08896dc0bd CROSS_COMPILE: don't override command line option from environment 2009-10-15 23:45:22 +00:00
Dr. Stephen Henson
ef62799783 PR: 1847 
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Integrated patches to CA.sh to bring it into line with CA.pl functionality.
 2009-10-15 17:28:02 +00:00
Dr. Stephen Henson
8196257f00 Cross compilation updates. 2009-10-15 14:14:35 +00:00
Dr. Stephen Henson
ac923d3377 Backport cross compilation options from HEAD. 2009-10-15 13:02:42 +00:00
Dr. Stephen Henson
0ec529ac82 Allow uname values to be overridden by the environment 2009-10-15 12:58:00 +00:00
Dr. Stephen Henson
d5b0c872d8 Quote filenames in case they contain spaces. Print out supported values 
for --enable and --disable.
 2009-10-15 12:30:21 +00:00
Dr. Stephen Henson
2e8026b65a Oops! 2009-10-05 13:32:56 +00:00
Dr. Stephen Henson
381a9f04a0 Fix unitialized warnings 2009-10-04 16:53:18 +00:00
Dr. Stephen Henson
d7050b4424 Fix warnings about ignoring fgets return value 2009-10-04 16:43:39 +00:00