Bodo Möller
5fef7d56ce
there is no minimum length for session IDs
...
PR: 274
2002-09-19 11:43:13 +00:00
Bodo Möller
30c37c52c5
fix race condition
...
PR: 262
2002-09-19 11:27:37 +00:00
Lutz Jänicke
06076d9d31
Reorder cleanup sequence in SSL_CTX_free() to leave ex_data for remove_cb().
...
Submitted by:
Reviewed by:
PR: 212
2002-08-16 17:09:31 +00:00
Dr. Stephen Henson
1318510f8c
Fix typo in OBJ_txt2obj which incorrectly passed the content
...
length, instead of the encoding length to d2i_ASN1_OBJECT.
This wasn't visible before becuse ASN1_get_object() used
to read past the length of the supplied buffer.
2002-08-14 00:36:44 +00:00
Richard Levitte
532441a93a
Time to go on...
2002-08-09 12:08:23 +00:00
Richard Levitte
4c68b3239b
Time to release 0.9.6g.
...
The tag will be OpenSSL_0_9_6g.
2002-08-09 11:37:15 +00:00
Bodo Möller
ca2b12feec
entry for change in 'engine' branch
2002-08-09 08:13:13 +00:00
Richard Levitte
18794c6a83
Tagging has been done, update to next development version.
2002-08-08 21:23:51 +00:00
Richard Levitte
df75a709c9
Time to release version 0.9.6f.
...
The tag will be OpenSSL_0_9_6f.
2002-08-08 20:51:52 +00:00
Dr. Stephen Henson
24f55d7675
Fix the ASN1 sanity check: correct header length
...
calculation and check overflow against LONG_MAX.
2002-08-02 18:41:08 +00:00
Bodo Möller
517a0e7fa0
get rid of OpenSSLDie
2002-08-02 10:51:59 +00:00
Lutz Jänicke
2c3bd4778e
Next version of 0.9.6 would be 0.9.6f.
...
Submitted by:
Reviewed by:
PR:
2002-07-30 10:52:36 +00:00
Lutz Jänicke
05ebb1e7cf
Release 0.9.6e.
...
Submitted by:
Reviewed by:
PR:
2002-07-30 10:34:35 +00:00
Lutz Jänicke
bb41724483
OpenSSL Security Advisory [30 July 2002]
...
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
Submitted by:
Reviewed by:
PR:
2002-07-30 10:19:01 +00:00
Lutz Jänicke
d2cbe66ee1
Ciphers with NULL encryption were not properly handled because they were
...
not covered by the strength bit mask.
Submitted by:
Reviewed by:
PR: 130
2002-07-10 06:41:29 +00:00
Bodo Möller
32a76f2c75
New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC
...
vulnerability workaround (included in SSL_OP_ALL).
PR: #90
2002-06-14 12:19:34 +00:00
Bodo Möller
a9950dfb67
fix EVP_dsa_sha macro
...
Submitted by: Nils Larsch
2002-05-16 12:55:56 +00:00
Richard Levitte
be730546c8
Add space for changes in 0.9.6e.
2002-05-09 23:02:13 +00:00
Richard Levitte
5317543ada
About to release 0.9.6d, so set all versoin numbers right.
...
The tag will be OpenSSL_0_9_6d.
2002-05-09 22:40:31 +00:00
Bodo Möller
c15bf8f609
Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not
...
encoded as NULL) with id-dsa-with-sha1.
Submitted by: Nils Larsch
2002-04-26 08:30:31 +00:00
Bodo Möller
5d2175eddb
check return values
...
Submitted by: Nils Larsch
2002-04-17 09:29:54 +00:00
Lutz Jänicke
7680669c33
Fix CRLF problem in BASE64 decode.
2002-04-15 09:51:10 +00:00
Bodo Möller
82c77c1b32
Implement known-IV countermeasure.
...
Fix length checks in ssl3_get_client_hello().
Use s->s3->in_read_app_data differently to fix ssl3_read_internal().
2002-04-13 22:49:28 +00:00
Bodo Möller
4e5b835c6a
synchronize with OpenSSL-engine-0_9_6-stable
2002-04-12 13:44:04 +00:00
Lutz Jänicke
50e4d01fa0
Fix buggy object definitions (Svenning Sorensen <sss@sss.dnsalias.net>).
2002-04-04 17:56:57 +00:00
Bodo Möller
687f9d2b94
fix DH_generate_parameters for general 'generator'
2002-03-20 16:01:29 +00:00
Lutz Jänicke
6bcba344b5
Map new X509 verification errors to alert codes (Tom Wu <tom@arcot.com>).
2002-03-19 16:47:09 +00:00
Bodo Möller
7aacd4c458
fix ssl3_pending
2002-03-15 10:53:34 +00:00
Lutz Jänicke
e18ed57afd
Add missing strength entries.
2002-03-14 18:56:59 +00:00
Lutz Jänicke
ce1e801013
Make sure to remove bad sessions in SSL_clear() (found by Yoram Zahavi).
2002-02-26 21:50:28 +00:00
Richard Levitte
44bbfcddaf
At Corinna Vinschen's request, change CygWin32 to Cygwin
2002-02-14 12:29:02 +00:00
Richard Levitte
52f3038667
Update the configuration of CygWin32 to use the new capabilities of
...
CygWin 1.3.x, which includes thread and shared library support.
Submitted by Corinna Vinschen <vinschen@redhat.com> and modified a
little bit.
2002-02-13 14:45:19 +00:00
Lutz Jänicke
76dca45720
Backport from 0.9.7:
...
Make removal from internal session cache more robust and do not store
into internal session cache when it won't be looked up anyway.
2002-02-10 12:52:57 +00:00
Richard Levitte
a5f158fa0b
ASN1_BIT_STRING_set_bit() didn't clear previously set bits
2002-02-03 21:27:04 +00:00
Richard Levitte
4fd350e8f5
Apply Neale Ferguson's patch to add a configuration target for linux-s390x
2002-01-25 22:13:26 +00:00
Bodo Möller
19fa8cfe5a
Bugfix: In ssl3_accept, don't use a local variable 'got_new_session'
...
to indicate that a real handshake is taking place (the value will be
lost during multiple invocations). Set s->new_session to 2 instead.
2002-01-14 23:42:47 +00:00
Bodo Möller
5f18fe493e
Return -1 from ssl3_get_server_done (ssl3/s3_clnt.c) if
...
the SSL_R_LENGTH_MISMATCH error is detected.
2002-01-14 12:42:38 +00:00
Bodo Möller
83f1147664
Changes that break something should be included in CHANGES
...
to make it easier to fix things.
2002-01-04 13:28:04 +00:00
Bodo Möller
4d4744ef48
fix EVP_CIPHER_mode macro
...
Submitted by: "Dan S. Camper" <dan@bti.net>
2002-01-04 13:04:15 +00:00
Ulf Möller
c99b94be3e
ssl3_read_bytes bug fix
...
Submitted by: D P Chang <dpc@qualys.com>
Reviewed by: Bodo
2001-12-28 17:13:10 +00:00
Richard Levitte
0b421d35fb
The release has been tagged, so let's move on to 0.9.6d, which we hope will never be released.
2001-12-21 02:26:39 +00:00
Richard Levitte
b2f570ecbb
Time to release 0.9.6c. The tag will be OpenSSL_0_9_6c
2001-12-21 01:21:23 +00:00
Bodo Möller
b35ef576f4
correction: certain changes have been done *after* 0.9.6b was released
2001-12-17 19:08:39 +00:00
Bodo Möller
865ce8abcb
fix BN_rand_range
2001-12-14 10:09:01 +00:00
Dr. Stephen Henson
7f0f3f17b3
Don't overwrite signing time.
2001-12-07 00:40:53 +00:00
Bodo Möller
276753772e
crypto/objects stuff
2001-12-03 13:54:58 +00:00
Bodo Möller
75140e8bc9
update with info on engine branch
2001-11-23 21:11:46 +00:00
Bodo Möller
f717e5460f
fix submitted by Andy Schneider <andy.schneider@bjss.co.uk>
2001-11-23 20:57:59 +00:00
Bodo Möller
2a6db68797
OS/390 support
...
Submitted by: Richard Shapiro <rshapiro@abinitio.com>
2001-11-22 11:15:00 +00:00
Bodo Möller
926606deab
consistency between main branch and stable branch
2001-11-14 21:18:30 +00:00