Commit graph

9062 commits

Author SHA1 Message Date
Dr. Stephen Henson
4be0a5d429 Get and note keyspec when signing. 2008-06-01 23:24:53 +00:00
Dr. Stephen Henson
bdfe932dca Release engine reference when calling SSL_CTX_free(). 2008-06-01 23:06:48 +00:00
Dr. Stephen Henson
3fc59c8406 Allow ENGINE client cert callback to specify a set of other certs, for
the rest of the certificate chain. Currently unused.
2008-06-01 22:45:08 +00:00
Dr. Stephen Henson
c61915c659 Update error codes. 2008-06-01 22:34:40 +00:00
Dr. Stephen Henson
368888bcb6 Add client cert engine to SSL routines. 2008-06-01 22:33:24 +00:00
Dr. Stephen Henson
eafd6e5110 Update error codes, move typedef of SSL, SSL_CTX to ossl_typ.h 2008-06-01 21:18:47 +00:00
Dr. Stephen Henson
05935c47b2 Add support for ENGINE supplied SSL client auth. 2008-06-01 21:10:30 +00:00
Dr. Stephen Henson
d8bd55a364 Update from stable branch. 2008-06-01 11:07:34 +00:00
Dr. Stephen Henson
841c91d6e4 Update from stable branch. 2008-05-31 23:48:02 +00:00
Dr. Stephen Henson
a4792168ec Update VC-32.pl and load CryptoAPI engine in the right place. 2008-05-31 23:21:40 +00:00
Dr. Stephen Henson
90b96776cd More CryptoAPI engine code from stable branch. 2008-05-31 22:53:16 +00:00
Dr. Stephen Henson
408f906592 Add CryptoAPI error file too. 2008-05-31 22:50:00 +00:00
Dr. Stephen Henson
7a18ecb2df Add CryptoAPI ENGINE from stable branch. 2008-05-31 22:49:32 +00:00
Dr. Stephen Henson
174c86a216 Recognize LHASH_OF(). 2008-05-31 21:20:53 +00:00
Dr. Stephen Henson
c6ddacf7f8 Stop const mismatch warning. 2008-05-31 19:28:57 +00:00
Dr. Stephen Henson
ab3eafd5b5 Stop warning about extra ';' outside of function. 2008-05-31 19:17:25 +00:00
Dr. Stephen Henson
dd043cd501 Stop const mismatch warning in VC++. 2008-05-31 18:55:23 +00:00
Bodo Möller
a75c662fd1 Everyone's had a few years to port their favorite additions to 0.9.7
to HEAD (and the 0.9.8 branch).  Remove the reminder.
2008-05-31 13:42:53 +00:00
Dr. Stephen Henson
83574cf808 Fix from stable branch. 2008-05-30 10:57:49 +00:00
Bodo Möller
2cd81830ef sync with 0.9.8 branch 2008-05-28 22:30:28 +00:00
Bodo Möller
e194fe8f47 From HEAD:
Fix flaw if 'Server Key exchange message' is omitted from a TLS
handshake which could lead to a cilent crash as found using the
Codenomicon TLS test suite (CVE-2008-1672)

Reviewed by: openssl-security@openssl.org

Obtained from: mark@awe.com
2008-05-28 22:17:34 +00:00
Bodo Möller
40a706286f From HEAD:
Fix double-free in TLS server name extensions which could lead to a remote
crash found by Codenomicon TLS test suite (CVE-2008-0891)

Reviewed by: openssl-security@openssl.org

Obtained from: jorton@redhat.com
2008-05-28 22:15:48 +00:00
Bodo Möller
c6f6c380c7 grammar 2008-05-27 18:43:20 +00:00
Bodo Möller
8f395e0f4d year 2008 2008-05-27 18:41:09 +00:00
Dr. Stephen Henson
595852f3b5 Avoid "duplicate const" warnings. 2008-05-27 11:44:03 +00:00
Dr. Stephen Henson
0a56761f19 Avoid warning about empty structures and always define CHECKED_PTR_OF 2008-05-27 11:28:49 +00:00
Dr. Stephen Henson
220903f92e C++ style comments fixed. 2008-05-26 15:39:36 +00:00
Ben Laurie
3c1d6bbc92 LHASH revamp. make depend. 2008-05-26 11:24:29 +00:00
Lutz Jänicke
cab14b9803 Add README about removed root CA certificates. 2008-05-26 06:23:57 +00:00
Lutz Jänicke
17a4a4dff8 Reword comment to be much shorter to stop other people from complaining
about "overcommenting".
2008-05-26 06:21:13 +00:00
Lutz Jänicke
c2c2e7a438 Clear error queue when starting SSL_CTX_use_certificate_chain_file
PR: 1417, 1513
Submitted by: Erik de Castro Lopo <mle+openssl@mega-nerd.com>
2008-05-23 10:37:52 +00:00
Lutz Jänicke
d18ef847f4 Remove all root CA files (beyond test CAs including private key)
from the OpenSSL distribution.
2008-05-23 08:59:23 +00:00
Dr. Stephen Henson
5c0d90a699 Typo. 2008-05-20 18:49:00 +00:00
Dr. Stephen Henson
f434730524 Typo. 2008-05-20 16:13:57 +00:00
Dr. Stephen Henson
65fd877515 Update ordinals. 2008-05-20 12:23:38 +00:00
Dr. Stephen Henson
64ddafc6b6 Update from stable branch. 2008-05-20 11:52:57 +00:00
Dr. Stephen Henson
781f0a9bb5 Fix from stable branch. 2008-05-20 11:30:27 +00:00
Lutz Jänicke
3de5a7745f Correctly adjust location of comment
Submitted by: Ben Laurie <ben@links.org>
2008-05-20 08:10:48 +00:00
Dr. Stephen Henson
94fd382f8b Fix two invalid memory reads in RSA OAEP mode.
Submitted by: Ivan Nestlerode <inestlerode@us.ibm.com>
Reviewed by: steve
2008-05-19 21:33:55 +00:00
Bodo Möller
4bd4afa34e Change use of CRYPTO_THREADID so that we always use both the ulong and
ptr members.

(So if the id_callback is bogus, we still have &errno.)
2008-05-19 20:45:25 +00:00
Bodo Möller
148bb9515c Disable code that clearly doesn't currently serve any useful purpose.
(Buggy line reported by Matthias Koenig.)
2008-05-19 19:44:45 +00:00
Lutz Jänicke
51e00db226 Document "openssl s_server" -crl_check* options
Submitted by: Daniel Black <daniel.subs@internode.on.net>
2008-05-19 07:52:15 +00:00
Lutz Jänicke
a92ebf2290 Provide information about "openssl dgst" -hmac option. 2008-05-19 07:43:34 +00:00
Lutz Jänicke
f49c687507 Typo. (From 0.9.8-stable/S. Henson)
PR: 1672
2008-05-19 06:21:05 +00:00
Lutz Jänicke
8b99c79fae Another occurance of possible valgrind/purify "uninitialized memory"
complaint related to the PRNG: with PURIFY policy don't feed uninitialized
memory into the PRNG.

Submitted by: Bodo Moeller <bmoeller@openssl.org> :-)
2008-05-16 07:14:26 +00:00
Dr. Stephen Henson
718f8f7a9e Fix from stable branch. 2008-05-12 16:24:31 +00:00
Dr. Stephen Henson
e718520cc5 Add missing cast. 2008-05-09 23:16:24 +00:00
Andy Polyakov
4f46934269 Depict future Win64/x64 development. 2008-05-03 18:34:59 +00:00
Bodo Möller
fabe640f5e Clarifying comment. 2008-05-02 18:47:48 +00:00
Dr. Stephen Henson
19048b5c8d New function CMS_add1_crl(). 2008-05-02 17:27:01 +00:00