Commit graph

6068 commits

Author SHA1 Message Date
Richard Levitte
51c21d0fec Memory leak fix: local blinding structure not freed in rsa_eay_private_decrypt() 2003-04-15 13:01:43 +00:00
Richard Levitte
0698f54e0e The release is tagged, time to hope we won't have to work on 0.9.6k. 2003-04-10 20:41:02 +00:00
Richard Levitte
e352a9e6ec I forgot to change the status bits to release.
This file will be retagged.
2003-04-10 20:30:41 +00:00
Richard Levitte
51c4754658 Time to release 0.9.6j.
The ticket will be OpenSSL_0_9_6j.
2003-04-10 20:21:28 +00:00
Richard Levitte
335340af42 make update 2003-04-10 20:11:28 +00:00
Richard Levitte
d373ca98fd Add the change from HEAD that allows us to parse multi-line comments. 2003-04-10 20:07:51 +00:00
Richard Levitte
1db625bcfd new NEWS 2003-04-10 19:33:23 +00:00
Richard Levitte
86d79b3cef Make the same changes for svr5 shared library building as in
0.9.7-stable.
2003-04-09 06:49:01 +00:00
Richard Levitte
e45b2a6218 Some ld implementations use LD_LIBRARY_PATH to find libraries, and
what's worse, they seem to use LD_LIBRARY_PATH as the first
directories to look into.  This is documented in the manual page for
ld on OpenUNIX 8.  Therefore, we need to hack LD_LIBRARY_PATH to
include the directory where the newly built libcrypto and libssl are.
2003-04-09 06:48:19 +00:00
Richard Levitte
5d4bf96a65 Include rand.h, so RAND_status() and friends get properly declared. 2003-04-08 11:07:09 +00:00
Bodo Möller
223c80ea7d make RSA blinding thread-safe 2003-04-02 09:50:17 +00:00
Richard Levitte
60511b8bb8 Fix the problem with missing definition of THREADS on VMS.
Also produce a better configuration header file.
PR: 548
2003-03-27 12:25:12 +00:00
Bodo Möller
20fda79fab PR:make sure RSA blinding works when the PRNG is not properly seeded;
enable it automatically only for the built-in engine
2003-03-20 17:24:54 +00:00
Ben Laurie
66e1081a15 Blinding fix. 2003-03-20 16:00:18 +00:00
Bodo Möller
ef42d6a4ed countermeasure against new Klima-Pokorny-Rosa atack 2003-03-19 19:20:30 +00:00
Bodo Möller
00223b969d fix formatting 2003-03-18 12:50:07 +00:00
Bodo Möller
3d1120f61a year 2003 2003-02-24 17:46:46 +00:00
Richard Levitte
fc68e4a01b Release of 0.9.6i is tagged, let's pretend to move on to 0.9.6j. 2003-02-19 12:56:04 +00:00
Richard Levitte
84c1d096e4 Time to release 0.9.6i.
The tag will be OpenSSL_0_9_6i.
2003-02-19 12:34:21 +00:00
Richard Levitte
39c06a8b73 Security fix: Vaudenay timing attack on CBC.
An advisory will be posted to the web.  Expect a release within the hour.
2003-02-19 12:04:07 +00:00
Richard Levitte
c0a48f4cfd Make sure the memory allocation routines check for negative sizes 2003-02-19 11:54:53 +00:00
Richard Levitte
1254766dad Change no_rmd160 to no_ripemd for consistency.
PR: 500
2003-02-14 05:20:32 +00:00
Bodo Möller
b73de7334a comments 2003-02-12 14:17:33 +00:00
Bodo Möller
a71f9eeb9f typo in WIN16 section
Submitted by: Toni Andjelkovic <toni@soth.at>
2003-02-05 16:52:37 +00:00
Bodo Möller
d76434fe5a typo 2003-02-04 12:57:51 +00:00
Bodo Möller
ac3b89d8e5 Update PRNG entry:
- OpenSSL version differences
- Sun /dev/urandom patch information
2003-02-04 12:26:30 +00:00
Richard Levitte
e59199444c Correct an example that has a few typos.
PR: 458
2003-01-14 13:56:44 +00:00
Bodo Möller
90f6da7be5 fix release date (CHANGES as released with OpenSSL 0.9.6h on
2002-12-05 said '[21 Dec 2002]')
2003-01-13 13:23:08 +00:00
Bodo Möller
ad4875986f typo 2003-01-13 13:16:49 +00:00
Richard Levitte
b2359d5116 A function returning int should really return an int, even if it exits
first...
2002-12-28 01:47:11 +00:00
Richard Levitte
84d964a59f Make sure OPENSSL_cleanse is declared properly. 2002-12-28 01:46:21 +00:00
Richard Levitte
6c8aa1ec9c Merge from HEAD... 2002-12-21 23:54:23 +00:00
Richard Levitte
6d62e85d84 Skip DH-specific tests when no-dh has been configured.
PR: 353
2002-12-12 18:43:29 +00:00
Richard Levitte
a01461da99 In CRYPTO_lock(), check that the application cares about locking (provided
callbacks) before attempting to lock.
2002-12-11 08:56:38 +00:00
Richard Levitte
9576c150a4 sk_*_push() returns the number of items on the stack, not the index of the
pushed item.  The index is the number of items - 1.  And if a NULL item was
found, actually use it.
Finally, provide a little bit of safety in CRYPTO_lock() by asserting the a
requested dynamic lock really must exist, instead of just being silent about it
2002-12-11 08:33:34 +00:00
Richard Levitte
56f940edc9 A memset() too many got converted into a OPENSSL_cleanse().
PR: 393
2002-12-10 08:28:16 +00:00
Lutz Jänicke
aa61140a59 Fix wrong URI.
Submitted by: assar@kth.se
Reviewed by:
PR: 390
2002-12-09 08:49:03 +00:00
Richard Levitte
8ca0db580e Update version to 0.9.6i, even if that's never going to be released. 2002-12-05 22:53:30 +00:00
Richard Levitte
631cdb9f69 Small fault corrected 2002-12-05 22:44:12 +00:00
Richard Levitte
e98b0d6883 make update 2002-12-05 21:51:02 +00:00
Richard Levitte
f94e1dd2d0 Time to release OpenSSL 0.9.6h.
The tag will be OpenSSL_0_9_6h.
2002-12-05 21:40:48 +00:00
Richard Levitte
3124dd9c13 Make sure using SSL_CERT_FILE actually works, and has priority over system defaults.
PR: 376
2002-12-05 01:20:53 +00:00
Richard Levitte
e5040378df Fixes for VxWorks. Are these needed for 0.9.7 and up as well?
PR: 374
2002-12-04 23:13:07 +00:00
Dr. Stephen Henson
0b7497310d Include crypto.h to pull in definition of OPENSSL_cleanse in various
places.
2002-12-04 23:08:08 +00:00
Lutz Jänicke
98c3eccc83 Missing ")"
Submitted by: Christian Hohnstaedt <chohnstaedt@innominate.com>
Reviewed by:
PR:
2002-12-04 13:30:16 +00:00
Richard Levitte
7000fd8418 A gcc 3.0 bug is triggered by our code. Add a section about it in PROBLEMS.
PR: 375
2002-12-04 08:24:23 +00:00
Richard Levitte
811cd997ae EXIT() may mean return(). That's confusing, so let's have it really mean
exit() in whatever way works for the intended platform, and define
OPENSSL_EXIT() to have the old meaning (the name is of course because
it's only used in the openssl program)
2002-12-03 16:51:51 +00:00
Richard Levitte
29a0f955b8 Make CRYPTO_cleanse() independent of endianness. 2002-12-03 16:06:52 +00:00
Richard Levitte
5a6a8963ad EXIT() needs to be in a function that returns int. 2002-12-01 01:23:13 +00:00
Richard Levitte
b760880094 Correct some names. 2002-11-29 14:21:58 +00:00