Dr. Stephen Henson
7805e23588
PR: 1432
...
Submitted by: "Andrzej Chmielowiec" <achmielowiec@enigma.com.pl>, steve@openssl.org
Approved by: steve@openssl.org
Truncate hash if it is too large: as required by FIPS 186-3.
2009-12-01 17:32:33 +00:00
Dr. Stephen Henson
9117b9d17a
PR: 2118
...
Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net>
Approved by: steve@openssl.org
Check return value of ECDSA_sign() properly.
2009-11-30 13:53:42 +00:00
Dr. Stephen Henson
e274c8fb72
typo
2009-11-29 13:45:18 +00:00
Andy Polyakov
e8dbd66e2b
cms-test.pl: use EXE_EXT (from HEAD).
...
PR: 2107
2009-11-26 21:12:12 +00:00
Andy Polyakov
8b9b23603f
bss_dgram.c: re-fix BIO_CTRL_DGRAM_GET_PEER (from HEAD).
2009-11-26 20:56:05 +00:00
Bodo Möller
aefb9dc5e5
Make CHANGES in the OpenSSL_1_0_0-stable branch consistent with the
...
one in the OpenSSL_0_9_8-stable branch.
2009-11-26 18:37:11 +00:00
Andy Polyakov
a8c1b19a31
x86_64-xlate.pl: fix typo introduced in last commit.
...
PR: 2109
2009-11-23 19:51:24 +00:00
Andy Polyakov
29c8d2a54a
x86_64-xlate.pl: new gas requires sign extension.
...
x86masm.pl: fix linker warning.
PR: 2094,2095
2009-11-22 12:52:18 +00:00
Andy Polyakov
87827be0c2
VC-32.pl: bufferoverlowu.lib only when needed and remove duplicate code
...
(update from HEAD).
PR: 2086
2009-11-22 12:26:15 +00:00
Andy Polyakov
e4572e5210
bio_sock.c and bss_dgram.c: update from HEAD.
...
PR: 2069
2009-11-22 12:24:43 +00:00
Dr. Stephen Henson
3e8e12a6b6
Servers can't end up talking SSLv2 with legacy renegotiation disabled
2009-11-18 15:09:35 +00:00
Dr. Stephen Henson
5ddbb8f41a
Don't use SSLv2 compatible client hello if we don't tolerate legacy renegotiation
2009-11-18 14:45:32 +00:00
Dr. Stephen Henson
3c44e92bcb
Include a more meaningful error message when rejecting legacy renegotiation
2009-11-18 14:19:52 +00:00
Dr. Stephen Henson
5e8d95f590
PR: 2103
...
Submitted by: Rob Austein <sra@hactrn.net>
Approved by: steve@openssl.org
Initialise atm.flags to 0.
2009-11-17 13:25:35 +00:00
Dr. Stephen Henson
2156704924
PR: 2101 (additional)
...
Submitted by: Roumen Petrov <openssl@roumenpetrov.info>
Approved by: steve@openssl.org
Another mingw fix.
2009-11-15 19:06:21 +00:00
Dr. Stephen Henson
4e49aa0ca3
PR: 2095
...
Submitted by: Arkadiusz Miskiewicz <arekm@maven.pl>
Approved by: steve@openssl.org
Fix for out range of signed 32bit displacement error on newer binutils
in file sha1-x86_64.pl
2009-11-13 14:23:44 +00:00
Dr. Stephen Henson
d5d1c53735
PR: 2101
...
Submitted by: Doug Kaufman <dkaufman@rahul.net>
Approved by: steve@openssl.org
Fixes for tests in cms-test.pl
2009-11-13 13:44:14 +00:00
Richard Levitte
1aac5c0ee8
Add test_cms
2009-11-13 08:45:52 +00:00
Dr. Stephen Henson
4434328b0a
PR: 2088
...
Submitted by: Aleksey Samsonov <s4ms0n0v@gmail.com>
Approved by: steve@openssl.org
Fix memory leak in d2i_PublicKey().
2009-11-12 19:57:39 +00:00
Dr. Stephen Henson
9b2cfb890c
set engine to NULL after releasing it
2009-11-12 19:24:34 +00:00
Richard Levitte
b2f364ec62
Compiling vms.mar doesn't work on other than VAX.
2009-11-12 14:05:04 +00:00
Richard Levitte
b7aeb4c9b5
Another symbol longer than 31 characters.
2009-11-12 14:04:26 +00:00
Richard Levitte
370f48da2a
Typo
2009-11-12 14:03:57 +00:00
Richard Levitte
32def77ace
Everywhere was a little too much.
2009-11-12 14:03:35 +00:00
Dr. Stephen Henson
531c81ece8
PR: 2098
...
Submitted by: Corinna Vinschen <vinschen@redhat.com>
Approved by: steve@openssl.org
For Cygwin enable zlib and mdc2 by default.
2009-11-11 19:04:56 +00:00
Dr. Stephen Henson
73582b8117
add missing parts of reneg port, fix apps patch
2009-11-11 14:51:29 +00:00
Dr. Stephen Henson
5c33091cfa
commit missing apps code for reneg fix
2009-11-11 14:10:09 +00:00
Dr. Stephen Henson
56327ebe6a
make update
2009-11-10 13:23:04 +00:00
Dr. Stephen Henson
e0031b1c78
Prepare for beta4 release
2009-11-10 13:15:09 +00:00
Dr. Stephen Henson
b2ac5cb2d0
PR: 1686
...
Submitted by: Hanno Böck <hanno@hboeck.de>
Approved by: steve@openssl.org
Create engines dir if it doesn't already exist.
2009-11-10 01:52:52 +00:00
Dr. Stephen Henson
6757ef89b3
PR: 2091
...
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org
If an OID has no short name or long name return the numerical representation.
2009-11-10 01:00:23 +00:00
Dr. Stephen Henson
bf6eea6536
PR: 2090
...
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org
Improve error checking in asn1_gen.c
2009-11-10 00:47:37 +00:00
Dr. Stephen Henson
ec4346f6f9
oops, add missing prototypes
2009-11-09 18:58:50 +00:00
Dr. Stephen Henson
e42ff486a8
fix CHANGES
2009-11-09 18:46:59 +00:00
Dr. Stephen Henson
bc9058d041
First cut of renegotiation extension. (port to 1.0.0-stable)
2009-11-09 18:45:42 +00:00
Dr. Stephen Henson
4a276f3039
make update
2009-11-09 14:35:30 +00:00
Dr. Stephen Henson
acf47d8f24
Remove BF_PTR2 from configuration: it doesn't improve performance any more and causes gcc warnings about arrays out of range
2009-11-09 14:11:13 +00:00
Dr. Stephen Henson
f62d1ea3d5
Combat gcc 4.4.1 aliasing rules. (from HEAD)
2009-11-09 14:09:53 +00:00
Dr. Stephen Henson
f923bba73c
file t1_reneg.c was added on branch OpenSSL_1_0_0-stable on 2009-11-09 18:45:42 +0000
2009-11-08 14:51:55 +00:00
Dr. Stephen Henson
e3738c49b8
If it is a new session don't send the old TLS ticket: send a zero length
...
ticket to request a new session.
2009-11-08 14:36:32 +00:00
Dr. Stephen Henson
41746da8c2
Update ordinals.
2009-11-04 13:29:58 +00:00
Dr. Stephen Henson
23b97c6bb5
PR: 2089
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS Fragment size bug fix.
2009-11-02 13:37:17 +00:00
Dr. Stephen Henson
4a7f7171f5
Add missing functions to allow access to newer X509_STORE_CTX status
...
information. Add more informative message to verify callback to indicate
when CRL path validation is taking place.
2009-10-31 19:21:47 +00:00
Dr. Stephen Henson
961092281f
Add option to allow in-band CRL loading in verify utility. Add function
...
load_crls and tidy up load_certs. Remove useless purpose variable from
verify utility: now done with args_verify.
2009-10-31 13:34:19 +00:00
Dr. Stephen Henson
036b3f331b
Generate stateless session ID just after the ticket is received instead
...
of when a session is loaded. This will mean that applications that
just hold onto SSL_SESSION structures and never call d2i_SSL_SESSION()
will still work.
2009-10-30 14:06:18 +00:00
Dr. Stephen Henson
9ac5c355a2
Move CHANGES entry to 0.9.8l section
2009-10-30 13:29:08 +00:00
Dr. Stephen Henson
3d0b604c14
Fix statless session resumption so it can coexist with SNI
2009-10-30 13:22:44 +00:00
Dr. Stephen Henson
257b2bfb6c
Don't attempt session resumption if no ticket is present and session
...
ID length is zero.
2009-10-28 19:52:35 +00:00
Dr. Stephen Henson
90528846e8
Add -no_cache option to s_server
2009-10-28 17:49:37 +00:00
Dr. Stephen Henson
32509c9731
Don't replace whole AR line
2009-10-28 15:33:20 +00:00