Commit graph

7473 commits

Author SHA1 Message Date
Andy Polyakov
4c860910df DTLS RFC4347 says HelloVerifyRequest resets Finished MAC. From HEAD with a
twist: server allows for non-compliant Finished calculations in order to
enable interop with pre-0.9.8f.
2007-09-30 19:36:32 +00:00
Andy Polyakov
0fc3d51b7d DTLS RFC4347 requires client to use rame random field in reply to
HelloVerifyRequest [from HEAD].
2007-09-30 19:15:46 +00:00
Andy Polyakov
c4b0d7879e Switch for RFC-compliant version encoding in DTLS. From HEAD with a twist:
server accepts even non-compliant encoding in order to enable interop with
pre-0.9.8f clients.
2007-09-30 18:55:59 +00:00
Dr. Stephen Henson
aab1ec3f36 Update from HEAD. 2007-09-28 16:29:24 +00:00
Lutz Jänicke
fbfa11fb29 Typos
PR: 1578
Submitted by: Charles Longeau <chl@tuxfamily.org>
2007-09-24 11:22:31 +00:00
Lutz Jänicke
284498fcef Finish sentence with a "." 2007-09-24 10:58:15 +00:00
Dr. Stephen Henson
07d9808496 Fix from HEAD. 2007-09-23 15:55:54 +00:00
Bodo Möller
4ab0088bfe More changes from HEAD:
- no need to disable SSL 2.0 for SSL_CTRL_SET_TLSEXT_HOSTNAME
  now that ssl23_client_hello takes care of that

- fix buffer overrun checks in ssl_add_serverhello_tlsext()
2007-09-21 14:05:08 +00:00
Dr. Stephen Henson
3bd1690bfb Fixes from HEAD. 2007-09-21 13:40:51 +00:00
Lutz Jänicke
29f4b05954 The use of the PURIFY macro in ssleay_rand_bytes() is sufficient to
resolve the Valgrind issue with random numbers. Undo the changes to
RAND_bytes() and RAND_pseudo_bytes() that are redundant in this
respect.
Update documentation and FAQ accordingly, as the PURIFY macro is
available at least since 0.9.7.
2007-09-21 10:10:47 +00:00
Ben Laurie
48ca0c99b2 Use PURIFY instead of PEDANTIC. 2007-09-20 12:33:24 +00:00
Dr. Stephen Henson
015052cf7b Clarify wording a little. 2007-09-20 11:32:09 +00:00
Lutz Jänicke
9ce3ee47ba Add FAQ entry on how to get rid of Valgrind warnings.
PR: 521
2007-09-20 07:39:15 +00:00
Lutz Jänicke
2e3fd54337 Add passage to manual page actually reflecting the usage of the
contents of "buf" when calling RAND_*bytes().
2007-09-20 07:24:45 +00:00
Dr. Stephen Henson
625782f7ee Wrap "keep valgrind happy" change in #ifdef PEDANTIC so any entropy in the
buffer can be normally used.
2007-09-19 13:29:05 +00:00
Ben Laurie
1c90899eef Slight bug in dependencies caused occasional unnecessary diffs. Fixed. 2007-09-19 13:10:34 +00:00
Ben Laurie
4f2b7d48b1 make depend 2007-09-19 12:17:11 +00:00
Ben Laurie
458c3900e1 Lingering "security" fix. 2007-09-19 12:16:21 +00:00
Andy Polyakov
ba75b4e750 Wire DES weak_keys to read-only segment [from HEAD]. 2007-09-18 20:59:33 +00:00
Andy Polyakov
ab011d51be Minimize stack utilization in probable_prime [from HEAD]. 2007-09-18 20:55:10 +00:00
Andy Polyakov
898d9b1a87 Remove excessive whitespaces from bio.h. 2007-09-18 20:49:25 +00:00
Bodo Möller
4f9a9d2b79 Make sure that BN_from_montgomery keeps the BIGNUMS in proper format 2007-09-18 16:31:18 +00:00
Dr. Stephen Henson
346f2f93e1 PR: 1560 2007-09-17 17:54:02 +00:00
Dr. Stephen Henson
25b0e072dd PR: 1582 2007-09-17 17:30:01 +00:00
Andy Polyakov
dc13c882fb enc.pod update [from HEAD].
PR: 1529
2007-09-17 16:43:11 +00:00
Andy Polyakov
12a52467c8 Typo in pq_compat.h [note that this file is not present in HEAD].
PR: 1537
2007-09-17 16:21:21 +00:00
Andy Polyakov
22e6c73dcc Mention SHA2 in apps/dgst and openssl.pod.
PR: 1575
2007-09-17 15:57:31 +00:00
Andy Polyakov
53b9696f3f It's inappropraite to override application signal, nor is it appropriate
to shut down Winsock unless we know it won't be used [and we never do]
[from HEAD].
PR: 1439
2007-09-16 18:35:45 +00:00
Andy Polyakov
7e4fe4662b Minor fix in link_[oa].hpux [from HEAD]. 2007-09-16 14:11:51 +00:00
Andy Polyakov
18fd413f37 BSD run-time linkers apparently demand RPATH on .so objects [from HEAD].
PR: 1381
2007-09-16 12:24:17 +00:00
Andy Polyakov
80ed5f84de Make bn2dec work on "SIXTY_FOUR_BIT" platforms [from HEAD].
PR: 1456
2007-09-15 17:05:57 +00:00
Andy Polyakov
b48111df7c More Intel cc fix-ups [from HEAD]. 2007-09-14 19:32:54 +00:00
Andy Polyakov
73e3edd70d It's unfortunate, but we have to disengage DES assembler in linux64-sparcv9
build, because it expects DES_INT and the latter didn't make it to first
0.9.8.
2007-09-14 15:39:49 +00:00
Andy Polyakov
d4cfbdf2c0 Integrate remaining parts of #14247 [from HEAD]. 2007-09-07 12:27:50 +00:00
Dr. Stephen Henson
294f03a812 Reimplement safestack to avoid function pointer casts. 2007-09-06 21:07:43 +00:00
Dr. Stephen Henson
272f9f3d27 Update NEWS file. 2007-09-06 12:59:34 +00:00
Dr. Stephen Henson
927a28ba3b gcc 4.2 fixes to avoid use or function pointer casts in OpenSSL.
Fix various "computed value not used" warnings too.
2007-09-06 12:43:54 +00:00
Dr. Stephen Henson
a938c4284e Update from HEAD. 2007-08-31 00:28:51 +00:00
Andy Polyakov
7a44a0cee7 aes_ige update [from HEAD]. 2007-08-30 08:11:25 +00:00
Andy Polyakov
82430309ac darwin platform updates [from HEAD]. 2007-08-30 08:10:39 +00:00
Dr. Stephen Henson
c2079de880 Update from HEAD. 2007-08-28 01:12:44 +00:00
Dr. Stephen Henson
967ead7269 Update from HEAD. 2007-08-27 23:47:10 +00:00
Andy Polyakov
c9255df519 shlib_wrap update [from HEAD]. 2007-08-27 08:52:57 +00:00
Andy Polyakov
27c824a1c9 IRIX and Tru64 platform updates [from HEAD]. 2007-08-26 14:18:05 +00:00
Dr. Stephen Henson
5b96d1ccf9 Clarify CHANGES entry. 2007-08-23 22:58:24 +00:00
Dr. Stephen Henson
29c0866b38 Update docs and NEWS file. 2007-08-23 22:53:57 +00:00
Dr. Stephen Henson
0214ea0dfe Update from HEAD. 2007-08-23 22:49:42 +00:00
Dr. Stephen Henson
80355002a1 Update from HEAD. 2007-08-23 12:20:56 +00:00
Dr. Stephen Henson
0e36825228 Update docs. 2007-08-23 12:16:03 +00:00
Richard Levitte
95a8f1469f VAX C can't handle 64 bit integers, making SHA512 impossible... 2007-08-22 20:58:56 +00:00