Commit graph

773 commits

Author SHA1 Message Date
Lutz Jänicke
7680669c33 Fix CRLF problem in BASE64 decode. 2002-04-15 09:51:10 +00:00
Bodo Möller
82c77c1b32 Implement known-IV countermeasure.
Fix length checks in ssl3_get_client_hello().

Use s->s3->in_read_app_data differently to fix ssl3_read_internal().
2002-04-13 22:49:28 +00:00
Bodo Möller
4e5b835c6a synchronize with OpenSSL-engine-0_9_6-stable 2002-04-12 13:44:04 +00:00
Lutz Jänicke
50e4d01fa0 Fix buggy object definitions (Svenning Sorensen <sss@sss.dnsalias.net>). 2002-04-04 17:56:57 +00:00
Bodo Möller
687f9d2b94 fix DH_generate_parameters for general 'generator' 2002-03-20 16:01:29 +00:00
Lutz Jänicke
6bcba344b5 Map new X509 verification errors to alert codes (Tom Wu <tom@arcot.com>). 2002-03-19 16:47:09 +00:00
Bodo Möller
7aacd4c458 fix ssl3_pending 2002-03-15 10:53:34 +00:00
Lutz Jänicke
e18ed57afd Add missing strength entries. 2002-03-14 18:56:59 +00:00
Lutz Jänicke
ce1e801013 Make sure to remove bad sessions in SSL_clear() (found by Yoram Zahavi). 2002-02-26 21:50:28 +00:00
Richard Levitte
44bbfcddaf At Corinna Vinschen's request, change CygWin32 to Cygwin 2002-02-14 12:29:02 +00:00
Richard Levitte
52f3038667 Update the configuration of CygWin32 to use the new capabilities of
CygWin 1.3.x, which includes thread and shared library support.

Submitted by Corinna Vinschen <vinschen@redhat.com> and modified a
little bit.
2002-02-13 14:45:19 +00:00
Lutz Jänicke
76dca45720 Backport from 0.9.7:
Make removal from internal session cache more robust and do not store
into internal session cache when it won't be looked up anyway.
2002-02-10 12:52:57 +00:00
Richard Levitte
a5f158fa0b ASN1_BIT_STRING_set_bit() didn't clear previously set bits 2002-02-03 21:27:04 +00:00
Richard Levitte
4fd350e8f5 Apply Neale Ferguson's patch to add a configuration target for linux-s390x 2002-01-25 22:13:26 +00:00
Bodo Möller
19fa8cfe5a Bugfix: In ssl3_accept, don't use a local variable 'got_new_session'
to indicate that a real handshake is taking place (the value will be
lost during multiple invocations). Set s->new_session to 2 instead.
2002-01-14 23:42:47 +00:00
Bodo Möller
5f18fe493e Return -1 from ssl3_get_server_done (ssl3/s3_clnt.c) if
the SSL_R_LENGTH_MISMATCH error is detected.
2002-01-14 12:42:38 +00:00
Bodo Möller
83f1147664 Changes that break something should be included in CHANGES
to make it easier to fix things.
2002-01-04 13:28:04 +00:00
Bodo Möller
4d4744ef48 fix EVP_CIPHER_mode macro
Submitted by: "Dan S. Camper" <dan@bti.net>
2002-01-04 13:04:15 +00:00
Ulf Möller
c99b94be3e ssl3_read_bytes bug fix
Submitted by: D P Chang <dpc@qualys.com>
Reviewed by: Bodo
2001-12-28 17:13:10 +00:00
Richard Levitte
0b421d35fb The release has been tagged, so let's move on to 0.9.6d, which we hope will never be released. 2001-12-21 02:26:39 +00:00
Richard Levitte
b2f570ecbb Time to release 0.9.6c. The tag will be OpenSSL_0_9_6c 2001-12-21 01:21:23 +00:00
Bodo Möller
b35ef576f4 correction: certain changes have been done *after* 0.9.6b was released 2001-12-17 19:08:39 +00:00
Bodo Möller
865ce8abcb fix BN_rand_range 2001-12-14 10:09:01 +00:00
Dr. Stephen Henson
7f0f3f17b3 Don't overwrite signing time. 2001-12-07 00:40:53 +00:00
Bodo Möller
276753772e crypto/objects stuff 2001-12-03 13:54:58 +00:00
Bodo Möller
75140e8bc9 update with info on engine branch 2001-11-23 21:11:46 +00:00
Bodo Möller
f717e5460f fix submitted by Andy Schneider <andy.schneider@bjss.co.uk> 2001-11-23 20:57:59 +00:00
Bodo Möller
2a6db68797 OS/390 support
Submitted by: Richard Shapiro <rshapiro@abinitio.com>
2001-11-22 11:15:00 +00:00
Bodo Möller
926606deab consistency between main branch and stable branch 2001-11-14 21:18:30 +00:00
Richard Levitte
d1ec197e49 Apply the following change from the main trunk:
2000-11-01 01:05  levitte

	* Configure (1.236), Makefile.org (1.110), CHANGES (1.640): Add
	support for shared libraries under Irix.  Submitted by Albert
	Chin-A-Young <china@thewrittenword.com>
2001-11-14 07:52:33 +00:00
Richard Levitte
e3f47ba87f Correct the order of the changes. 2001-11-14 07:23:45 +00:00
Richard Levitte
ab665f4a7e Apply the following change from the main trunk:
2000-11-01 00:14  levitte

	* Configure (1.234), config (1.68), CHANGES (1.638): Add
	configuration option to build on Linux on both big-endian and
	little-endian MIPS.  Submitted by Ralf Baechle
	<ralf@uni-koblenz.de>
2001-11-14 07:18:47 +00:00
Richard Levitte
888b8f32d7 Apply the following change from the main trunk:
2000-10-21 23:24  levitte

	* CHANGES (1.631), Configure (1.231), Makefile.org (1.104):
	Add what's needed to get shared libraries on HP-UX.
2001-11-14 06:59:15 +00:00
Bodo Möller
f089efdfab synchronise with HEAD branch,
remove redundant name OpenUNIX for OpenUNIX-8 configuration
2001-11-12 23:29:23 +00:00
Bodo Möller
a236373435 information on 0.9.6c-engine 2001-11-12 22:13:28 +00:00
Bodo Möller
7d555c8615 order entries as in main branch 2001-11-12 15:25:17 +00:00
Mark J. Cox
b4bf34ce39 Add an entry for gcc on UnixWare
Submitted by: Gary Benson
Reviewed by: Mark Cox
PR:
2001-11-12 13:22:14 +00:00
Mark J. Cox
f99ac98efb Add assembler implementation for IA-64
Submitted by: Andy Polyakov
Reviewed by: Mark Cox
PR:
2001-11-12 12:49:25 +00:00
Bodo Möller
3f64d0bf3b synchronize with HEAD branch 2001-11-12 11:22:45 +00:00
Bodo Möller
fab972b914 order chronologically: move entry for recent s2_clnt.c/s2_srvr.c fixes to the top 2001-11-10 15:09:47 +00:00
Bodo Möller
a10b85d9e6 make code a little more similar to what it looked like before the fixes 2001-11-10 10:43:51 +00:00
Bodo Möller
a807f6460e important SSL 2.0 bugfixes 2001-11-10 01:15:29 +00:00
Bodo Möller
70bed0ca2d typo 2001-10-26 14:03:51 +00:00
Bodo Möller
e20788700c disable caching in BIO_gethostbyname 2001-10-26 13:03:28 +00:00
Bodo Möller
96ec4ce0d2 Assume TLS 1.0 if ClientHello fragment is too short. 2001-10-25 06:06:50 +00:00
Bodo Möller
38b3e9edde Fix SSL handshake functions and SSL_clear() such that SSL_clear()
never resets s->method to s->ctx->method when called from within one
of the SSL handshake functions.
2001-10-24 19:05:26 +00:00
Bodo Möller
9ccadf1c6f In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.
2001-10-20 17:52:40 +00:00
Bodo Möller
2dbdcd9734 Fix ssl3_get_message to handle message fragmentation correctly. 2001-10-15 17:42:43 +00:00
Bodo Möller
029dfa64d4 bugfix: handle HelloRequest received during handshake correctly 2001-09-21 11:19:26 +00:00
Bodo Möller
f8845509b6 Disable session related stuff in SSL_ST_OK case of ssl3_accept if we
just sent a HelloRequest.
2001-09-21 07:01:04 +00:00