Dr. Stephen Henson
55768cf773
Forward FIPS DLL implementations from libcrypto DLL under Win32.
2007-03-22 18:31:35 +00:00
Dr. Stephen Henson
aeb9ccfaad
And so it begins...
2007-03-22 00:39:24 +00:00
Bodo Möller
6fd3f3260d
stricter session ID context matching
2007-03-21 14:33:01 +00:00
Bodo Möller
d9e262443c
oops -- this should have been in 0.9.8e
2007-03-21 14:18:27 +00:00
Bodo Möller
402b951804
include complete 0.9.7 history
2007-02-26 10:48:56 +00:00
Dr. Stephen Henson
5dd24ead57
Prepare for next version.
2007-02-23 12:50:54 +00:00
Dr. Stephen Henson
0615396d2d
Prepare for release.
2007-02-23 12:12:28 +00:00
Lutz Jänicke
cdb13ae8d0
Extend SMTP and IMAP protocol handling to perform the required
...
EHLO or CAPABILITY handshake before sending STARTTLS
Submitted by: Goetz Babin-Ebell <goetz@shomitefo.de>
2007-02-21 18:20:33 +00:00
Dr. Stephen Henson
52ee969e29
Update from 0.9.7-stable.
2007-02-21 13:48:49 +00:00
Bodo Möller
55f0501201
Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that a
...
ciphersuite string such as "DEFAULT:RSA" cannot enable
authentication-only ciphersuites.
2007-02-19 18:38:11 +00:00
Bodo Möller
5f4cc234fb
Some fixes for ciphersuite string processing:
...
- add a workaround provided by Victor Duchovni so that 128- and
256-bit variants of otherwise identical ciphersuites are treated
correctly;
- also, correctly skip invalid parts of ciphersuite description strings.
Submitted by: Victor Duchovni, Bodo Moeller
2007-02-17 06:52:42 +00:00
Nils Larsch
68bb98159f
fix typos
...
PR: 1354, 1355, 1398
2006-12-21 21:11:44 +00:00
Bodo Möller
1a8521ff24
Fix the BIT STRING encoding of EC points or parameter seeds
...
(need to prevent the removal of trailing zero bits).
2006-12-19 15:10:46 +00:00
Bodo Möller
5c6f76da0a
fix support for receiving fragmented handshake messages
2006-11-29 14:45:14 +00:00
Ben Laurie
4636341b05
Add RFC 3779 support, contributed by ARIN.
2006-11-27 13:36:55 +00:00
Dr. Stephen Henson
900f7a8776
Update from 0.9.7-stable.
...
Improve mkerr.pl header file function name parsing.
2006-11-21 20:14:05 +00:00
Bodo Möller
bd869183d5
for completeness, include 0.9.7l information
2006-09-28 13:29:08 +00:00
Mark J. Cox
25e52a78fb
After tagging, bump ready for 0.9.8e development
2006-09-28 11:39:33 +00:00
Mark J. Cox
47c4bb2ddf
Prepare for 0.9.8d release
2006-09-28 11:32:42 +00:00
Mark J. Cox
951dfbb13a
Introduce limits to prevent malicious keys being able to
...
cause a denial of service. (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service. (CVE-2006-2937) [Steve Henson]
Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
Fix SSL client code which could crash if connecting to a
malicious SSLv2 server. (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
2006-09-28 11:29:03 +00:00
Bodo Möller
8fdb296cbd
Update
2006-09-12 14:42:09 +00:00
Bodo Möller
879b30aaa3
ensure that ciphersuite strings such as "RC4-MD5" match the SSL 2.0
...
ciphersuite as well
2006-09-11 09:48:46 +00:00
Mark J. Cox
da1841a075
After tagging, prep for next release
2006-09-05 08:51:30 +00:00
Mark J. Cox
0a0a10d127
Ready for 0.9.8c release
2006-09-05 08:45:37 +00:00
Mark J. Cox
df20b6e79b
Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
...
(CVE-2006-4339)
Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
2006-09-05 08:25:42 +00:00
Ben Laurie
4b9dcd821f
Add IGE and biIGE modes.
2006-08-28 11:00:32 +00:00
Bodo Möller
ec67e3b7e4
always read in RAND_poll() if we can't use select because of a too
...
large FD: it's non-blocking mode anyway
2006-06-28 14:50:00 +00:00
Richard Levitte
8de95bc05b
Use poll() when possible to gather Unix randomness entropy
2006-06-27 06:31:57 +00:00
Bodo Möller
aa17ab7e57
Put ECCdraft ciphersuites back into default build (but disabled
...
unless specifically requested)
2006-06-22 12:35:54 +00:00
Bodo Möller
35908bd040
Remove ECC ciphersuites from 0.9.8 branch (should use 0.9.9 branch)
2006-06-20 08:50:33 +00:00
Bodo Möller
0e73294e26
Disable invalid ciphersuites
2006-06-14 17:52:01 +00:00
Bodo Möller
6d2cd23f40
Thread-safety fixes
2006-06-14 08:51:41 +00:00
Bodo Möller
e18eef3d7a
Camellia cipher, contributed by NTT
...
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-09 15:42:21 +00:00
Dr. Stephen Henson
b723a7b11b
Don't check for padding bug if compression is negotiated.
...
PR: 1204
2006-05-07 12:27:48 +00:00
Dr. Stephen Henson
1c5dc844e7
Update for next dev version.
2006-05-04 13:08:35 +00:00
Dr. Stephen Henson
f871949efd
Prepare for new release.
2006-05-04 12:46:42 +00:00
Dr. Stephen Henson
cbb0b734c7
If cipher list contains a match for an explicit ciphersuite only match that
...
one suite.
2006-04-15 00:22:34 +00:00
Bodo Möller
5586a71a6e
clarification
2006-03-11 22:10:46 +00:00
Dr. Stephen Henson
217382d584
Handle manifest files for VC++
...
Submitted by: Austin Ziegler <halostatue@gmail.com>
2006-01-15 13:46:20 +00:00
Bodo Möller
bc9320452c
update TLS-ECC code
...
Submitted by: Douglas Stebila
2005-12-13 07:41:47 +00:00
Bodo Möller
23d43aae27
add missing entry (the corresponding code *is* in the 0.9.8 branch,
...
and both the code and the CHANGES entry are in HEAD)
2005-12-13 07:32:10 +00:00
Dr. Stephen Henson
7614f0e55e
Various zlib related fixes and enhancements.
2005-12-05 13:34:56 +00:00
Dr. Stephen Henson
feef17fd88
Update from HEAD.
2005-11-20 13:26:57 +00:00
Dr. Stephen Henson
abb0c2bba4
Update VC++ build engine to include supported engine DLL builds.
2005-11-06 17:49:00 +00:00
Richard Levitte
d3afc92bc9
Document it
2005-11-01 07:53:43 +00:00
Bodo Möller
20f7053254
harmonize with 0.9.7-stable CHANGES
2005-10-26 19:26:15 +00:00
Mark J. Cox
802c014656
One time CAN->CVE change
2005-10-19 10:51:36 +00:00
Richard Levitte
860841794d
Add in CHANGES for 0.9.7i.
2005-10-15 04:27:05 +00:00
Mark J. Cox
d8b408b1de
Bump after tag
2005-10-11 10:21:22 +00:00
Mark J. Cox
64932f9e4a
Add fixes for CAN-2005-2969
...
Bump release ready for OpenSSL_0_9_8a tag
2005-10-11 10:16:21 +00:00