Lutz Jänicke
7680669c33
Fix CRLF problem in BASE64 decode.
2002-04-15 09:51:10 +00:00
Bodo Möller
82c77c1b32
Implement known-IV countermeasure.
...
Fix length checks in ssl3_get_client_hello().
Use s->s3->in_read_app_data differently to fix ssl3_read_internal().
2002-04-13 22:49:28 +00:00
Bodo Möller
4e5b835c6a
synchronize with OpenSSL-engine-0_9_6-stable
2002-04-12 13:44:04 +00:00
Lutz Jänicke
50e4d01fa0
Fix buggy object definitions (Svenning Sorensen <sss@sss.dnsalias.net>).
2002-04-04 17:56:57 +00:00
Bodo Möller
687f9d2b94
fix DH_generate_parameters for general 'generator'
2002-03-20 16:01:29 +00:00
Lutz Jänicke
6bcba344b5
Map new X509 verification errors to alert codes (Tom Wu <tom@arcot.com>).
2002-03-19 16:47:09 +00:00
Bodo Möller
7aacd4c458
fix ssl3_pending
2002-03-15 10:53:34 +00:00
Lutz Jänicke
e18ed57afd
Add missing strength entries.
2002-03-14 18:56:59 +00:00
Lutz Jänicke
ce1e801013
Make sure to remove bad sessions in SSL_clear() (found by Yoram Zahavi).
2002-02-26 21:50:28 +00:00
Richard Levitte
44bbfcddaf
At Corinna Vinschen's request, change CygWin32 to Cygwin
2002-02-14 12:29:02 +00:00
Richard Levitte
52f3038667
Update the configuration of CygWin32 to use the new capabilities of
...
CygWin 1.3.x, which includes thread and shared library support.
Submitted by Corinna Vinschen <vinschen@redhat.com> and modified a
little bit.
2002-02-13 14:45:19 +00:00
Lutz Jänicke
76dca45720
Backport from 0.9.7:
...
Make removal from internal session cache more robust and do not store
into internal session cache when it won't be looked up anyway.
2002-02-10 12:52:57 +00:00
Richard Levitte
a5f158fa0b
ASN1_BIT_STRING_set_bit() didn't clear previously set bits
2002-02-03 21:27:04 +00:00
Richard Levitte
4fd350e8f5
Apply Neale Ferguson's patch to add a configuration target for linux-s390x
2002-01-25 22:13:26 +00:00
Bodo Möller
19fa8cfe5a
Bugfix: In ssl3_accept, don't use a local variable 'got_new_session'
...
to indicate that a real handshake is taking place (the value will be
lost during multiple invocations). Set s->new_session to 2 instead.
2002-01-14 23:42:47 +00:00
Bodo Möller
5f18fe493e
Return -1 from ssl3_get_server_done (ssl3/s3_clnt.c) if
...
the SSL_R_LENGTH_MISMATCH error is detected.
2002-01-14 12:42:38 +00:00
Bodo Möller
83f1147664
Changes that break something should be included in CHANGES
...
to make it easier to fix things.
2002-01-04 13:28:04 +00:00
Bodo Möller
4d4744ef48
fix EVP_CIPHER_mode macro
...
Submitted by: "Dan S. Camper" <dan@bti.net>
2002-01-04 13:04:15 +00:00
Ulf Möller
c99b94be3e
ssl3_read_bytes bug fix
...
Submitted by: D P Chang <dpc@qualys.com>
Reviewed by: Bodo
2001-12-28 17:13:10 +00:00
Richard Levitte
0b421d35fb
The release has been tagged, so let's move on to 0.9.6d, which we hope will never be released.
2001-12-21 02:26:39 +00:00
Richard Levitte
b2f570ecbb
Time to release 0.9.6c. The tag will be OpenSSL_0_9_6c
2001-12-21 01:21:23 +00:00
Bodo Möller
b35ef576f4
correction: certain changes have been done *after* 0.9.6b was released
2001-12-17 19:08:39 +00:00
Bodo Möller
865ce8abcb
fix BN_rand_range
2001-12-14 10:09:01 +00:00
Dr. Stephen Henson
7f0f3f17b3
Don't overwrite signing time.
2001-12-07 00:40:53 +00:00
Bodo Möller
276753772e
crypto/objects stuff
2001-12-03 13:54:58 +00:00
Bodo Möller
75140e8bc9
update with info on engine branch
2001-11-23 21:11:46 +00:00
Bodo Möller
f717e5460f
fix submitted by Andy Schneider <andy.schneider@bjss.co.uk>
2001-11-23 20:57:59 +00:00
Bodo Möller
2a6db68797
OS/390 support
...
Submitted by: Richard Shapiro <rshapiro@abinitio.com>
2001-11-22 11:15:00 +00:00
Bodo Möller
926606deab
consistency between main branch and stable branch
2001-11-14 21:18:30 +00:00
Richard Levitte
d1ec197e49
Apply the following change from the main trunk:
...
2000-11-01 01:05 levitte
* Configure (1.236), Makefile.org (1.110), CHANGES (1.640): Add
support for shared libraries under Irix. Submitted by Albert
Chin-A-Young <china@thewrittenword.com>
2001-11-14 07:52:33 +00:00
Richard Levitte
e3f47ba87f
Correct the order of the changes.
2001-11-14 07:23:45 +00:00
Richard Levitte
ab665f4a7e
Apply the following change from the main trunk:
...
2000-11-01 00:14 levitte
* Configure (1.234), config (1.68), CHANGES (1.638): Add
configuration option to build on Linux on both big-endian and
little-endian MIPS. Submitted by Ralf Baechle
<ralf@uni-koblenz.de>
2001-11-14 07:18:47 +00:00
Richard Levitte
888b8f32d7
Apply the following change from the main trunk:
...
2000-10-21 23:24 levitte
* CHANGES (1.631), Configure (1.231), Makefile.org (1.104):
Add what's needed to get shared libraries on HP-UX.
2001-11-14 06:59:15 +00:00
Bodo Möller
f089efdfab
synchronise with HEAD branch,
...
remove redundant name OpenUNIX for OpenUNIX-8 configuration
2001-11-12 23:29:23 +00:00
Bodo Möller
a236373435
information on 0.9.6c-engine
2001-11-12 22:13:28 +00:00
Bodo Möller
7d555c8615
order entries as in main branch
2001-11-12 15:25:17 +00:00
Mark J. Cox
b4bf34ce39
Add an entry for gcc on UnixWare
...
Submitted by: Gary Benson
Reviewed by: Mark Cox
PR:
2001-11-12 13:22:14 +00:00
Mark J. Cox
f99ac98efb
Add assembler implementation for IA-64
...
Submitted by: Andy Polyakov
Reviewed by: Mark Cox
PR:
2001-11-12 12:49:25 +00:00
Bodo Möller
3f64d0bf3b
synchronize with HEAD branch
2001-11-12 11:22:45 +00:00
Bodo Möller
fab972b914
order chronologically: move entry for recent s2_clnt.c/s2_srvr.c fixes to the top
2001-11-10 15:09:47 +00:00
Bodo Möller
a10b85d9e6
make code a little more similar to what it looked like before the fixes
2001-11-10 10:43:51 +00:00
Bodo Möller
a807f6460e
important SSL 2.0 bugfixes
2001-11-10 01:15:29 +00:00
Bodo Möller
70bed0ca2d
typo
2001-10-26 14:03:51 +00:00
Bodo Möller
e20788700c
disable caching in BIO_gethostbyname
2001-10-26 13:03:28 +00:00
Bodo Möller
96ec4ce0d2
Assume TLS 1.0 if ClientHello fragment is too short.
2001-10-25 06:06:50 +00:00
Bodo Möller
38b3e9edde
Fix SSL handshake functions and SSL_clear() such that SSL_clear()
...
never resets s->method to s->ctx->method when called from within one
of the SSL handshake functions.
2001-10-24 19:05:26 +00:00
Bodo Möller
9ccadf1c6f
In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if
...
client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert.
2001-10-20 17:52:40 +00:00
Bodo Möller
2dbdcd9734
Fix ssl3_get_message to handle message fragmentation correctly.
2001-10-15 17:42:43 +00:00
Bodo Möller
029dfa64d4
bugfix: handle HelloRequest received during handshake correctly
2001-09-21 11:19:26 +00:00
Bodo Möller
f8845509b6
Disable session related stuff in SSL_ST_OK case of ssl3_accept if we
...
just sent a HelloRequest.
2001-09-21 07:01:04 +00:00