Richard Levitte
51c21d0fec
Memory leak fix: local blinding structure not freed in rsa_eay_private_decrypt()
2003-04-15 13:01:43 +00:00
Richard Levitte
0698f54e0e
The release is tagged, time to hope we won't have to work on 0.9.6k.
2003-04-10 20:41:02 +00:00
Richard Levitte
e352a9e6ec
I forgot to change the status bits to release.
...
This file will be retagged.
2003-04-10 20:30:41 +00:00
Richard Levitte
51c4754658
Time to release 0.9.6j.
...
The ticket will be OpenSSL_0_9_6j.
2003-04-10 20:21:28 +00:00
Richard Levitte
335340af42
make update
2003-04-10 20:11:28 +00:00
Richard Levitte
d373ca98fd
Add the change from HEAD that allows us to parse multi-line comments.
2003-04-10 20:07:51 +00:00
Richard Levitte
1db625bcfd
new NEWS
2003-04-10 19:33:23 +00:00
Richard Levitte
86d79b3cef
Make the same changes for svr5 shared library building as in
...
0.9.7-stable.
2003-04-09 06:49:01 +00:00
Richard Levitte
e45b2a6218
Some ld implementations use LD_LIBRARY_PATH to find libraries, and
...
what's worse, they seem to use LD_LIBRARY_PATH as the first
directories to look into. This is documented in the manual page for
ld on OpenUNIX 8. Therefore, we need to hack LD_LIBRARY_PATH to
include the directory where the newly built libcrypto and libssl are.
2003-04-09 06:48:19 +00:00
Richard Levitte
5d4bf96a65
Include rand.h, so RAND_status() and friends get properly declared.
2003-04-08 11:07:09 +00:00
Bodo Möller
223c80ea7d
make RSA blinding thread-safe
2003-04-02 09:50:17 +00:00
Richard Levitte
60511b8bb8
Fix the problem with missing definition of THREADS on VMS.
...
Also produce a better configuration header file.
PR: 548
2003-03-27 12:25:12 +00:00
Bodo Möller
20fda79fab
PR:make sure RSA blinding works when the PRNG is not properly seeded;
...
enable it automatically only for the built-in engine
2003-03-20 17:24:54 +00:00
Ben Laurie
66e1081a15
Blinding fix.
2003-03-20 16:00:18 +00:00
Bodo Möller
ef42d6a4ed
countermeasure against new Klima-Pokorny-Rosa atack
2003-03-19 19:20:30 +00:00
Bodo Möller
00223b969d
fix formatting
2003-03-18 12:50:07 +00:00
Bodo Möller
3d1120f61a
year 2003
2003-02-24 17:46:46 +00:00
Richard Levitte
fc68e4a01b
Release of 0.9.6i is tagged, let's pretend to move on to 0.9.6j.
2003-02-19 12:56:04 +00:00
Richard Levitte
84c1d096e4
Time to release 0.9.6i.
...
The tag will be OpenSSL_0_9_6i.
2003-02-19 12:34:21 +00:00
Richard Levitte
39c06a8b73
Security fix: Vaudenay timing attack on CBC.
...
An advisory will be posted to the web. Expect a release within the hour.
2003-02-19 12:04:07 +00:00
Richard Levitte
c0a48f4cfd
Make sure the memory allocation routines check for negative sizes
2003-02-19 11:54:53 +00:00
Richard Levitte
1254766dad
Change no_rmd160 to no_ripemd for consistency.
...
PR: 500
2003-02-14 05:20:32 +00:00
Bodo Möller
b73de7334a
comments
2003-02-12 14:17:33 +00:00
Bodo Möller
a71f9eeb9f
typo in WIN16 section
...
Submitted by: Toni Andjelkovic <toni@soth.at>
2003-02-05 16:52:37 +00:00
Bodo Möller
d76434fe5a
typo
2003-02-04 12:57:51 +00:00
Bodo Möller
ac3b89d8e5
Update PRNG entry:
...
- OpenSSL version differences
- Sun /dev/urandom patch information
2003-02-04 12:26:30 +00:00
Richard Levitte
e59199444c
Correct an example that has a few typos.
...
PR: 458
2003-01-14 13:56:44 +00:00
Bodo Möller
90f6da7be5
fix release date (CHANGES as released with OpenSSL 0.9.6h on
...
2002-12-05 said '[21 Dec 2002]')
2003-01-13 13:23:08 +00:00
Bodo Möller
ad4875986f
typo
2003-01-13 13:16:49 +00:00
Richard Levitte
b2359d5116
A function returning int should really return an int, even if it exits
...
first...
2002-12-28 01:47:11 +00:00
Richard Levitte
84d964a59f
Make sure OPENSSL_cleanse is declared properly.
2002-12-28 01:46:21 +00:00
Richard Levitte
6c8aa1ec9c
Merge from HEAD...
2002-12-21 23:54:23 +00:00
Richard Levitte
6d62e85d84
Skip DH-specific tests when no-dh has been configured.
...
PR: 353
2002-12-12 18:43:29 +00:00
Richard Levitte
a01461da99
In CRYPTO_lock(), check that the application cares about locking (provided
...
callbacks) before attempting to lock.
2002-12-11 08:56:38 +00:00
Richard Levitte
9576c150a4
sk_*_push() returns the number of items on the stack, not the index of the
...
pushed item. The index is the number of items - 1. And if a NULL item was
found, actually use it.
Finally, provide a little bit of safety in CRYPTO_lock() by asserting the a
requested dynamic lock really must exist, instead of just being silent about it
2002-12-11 08:33:34 +00:00
Richard Levitte
56f940edc9
A memset() too many got converted into a OPENSSL_cleanse().
...
PR: 393
2002-12-10 08:28:16 +00:00
Lutz Jänicke
aa61140a59
Fix wrong URI.
...
Submitted by: assar@kth.se
Reviewed by:
PR: 390
2002-12-09 08:49:03 +00:00
Richard Levitte
8ca0db580e
Update version to 0.9.6i, even if that's never going to be released.
2002-12-05 22:53:30 +00:00
Richard Levitte
631cdb9f69
Small fault corrected
2002-12-05 22:44:12 +00:00
Richard Levitte
e98b0d6883
make update
2002-12-05 21:51:02 +00:00
Richard Levitte
f94e1dd2d0
Time to release OpenSSL 0.9.6h.
...
The tag will be OpenSSL_0_9_6h.
2002-12-05 21:40:48 +00:00
Richard Levitte
3124dd9c13
Make sure using SSL_CERT_FILE actually works, and has priority over system defaults.
...
PR: 376
2002-12-05 01:20:53 +00:00
Richard Levitte
e5040378df
Fixes for VxWorks. Are these needed for 0.9.7 and up as well?
...
PR: 374
2002-12-04 23:13:07 +00:00
Dr. Stephen Henson
0b7497310d
Include crypto.h to pull in definition of OPENSSL_cleanse in various
...
places.
2002-12-04 23:08:08 +00:00
Lutz Jänicke
98c3eccc83
Missing ")"
...
Submitted by: Christian Hohnstaedt <chohnstaedt@innominate.com>
Reviewed by:
PR:
2002-12-04 13:30:16 +00:00
Richard Levitte
7000fd8418
A gcc 3.0 bug is triggered by our code. Add a section about it in PROBLEMS.
...
PR: 375
2002-12-04 08:24:23 +00:00
Richard Levitte
811cd997ae
EXIT() may mean return(). That's confusing, so let's have it really mean
...
exit() in whatever way works for the intended platform, and define
OPENSSL_EXIT() to have the old meaning (the name is of course because
it's only used in the openssl program)
2002-12-03 16:51:51 +00:00
Richard Levitte
29a0f955b8
Make CRYPTO_cleanse() independent of endianness.
2002-12-03 16:06:52 +00:00
Richard Levitte
5a6a8963ad
EXIT() needs to be in a function that returns int.
2002-12-01 01:23:13 +00:00
Richard Levitte
b760880094
Correct some names.
2002-11-29 14:21:58 +00:00