Commit graph

7756 commits

Author SHA1 Message Date
Dr. Stephen Henson
591371566e Update from HEAD. 2008-06-04 22:39:29 +00:00
Dr. Stephen Henson
5799b72178 Oops... missed this part of backport. 2008-06-04 20:11:17 +00:00
Dr. Stephen Henson
1cfe6842d5 Backport s_client changes. 2008-06-04 19:52:36 +00:00
Dr. Stephen Henson
f4c98a6a3d Update CryptoAPI ENGINE from HEAD. 2008-06-04 18:49:44 +00:00
Dr. Stephen Henson
4aefb1dd98 Backport more ENGINE SSL client auth code to 0.9.8. 2008-06-04 18:35:27 +00:00
Dr. Stephen Henson
aa03989791 Backport ssl client auth ENGINE support to 0.9.8. 2008-06-04 18:01:40 +00:00
Bodo Möller
a865b2c320 Everyone's had a few years to port their favorite additions to 0.9.7
to HEAD (and the 0.9.8 branch).  Remove the reminder.
2008-05-31 13:42:52 +00:00
Dr. Stephen Henson
694ce314a8 DSA method slightly more tested and fixed ;-) 2008-05-30 17:44:36 +00:00
Dr. Stephen Henson
94299a36a6 Update error codes. 2008-05-30 17:07:18 +00:00
Dr. Stephen Henson
3aaeb5c1e5 Untested initial CryptoAPI dsa signing code. 2008-05-30 17:03:16 +00:00
Dr. Stephen Henson
80ec6cc806 Some DSA method structures and placeholders, not complete yet. 2008-05-30 16:31:51 +00:00
Dr. Stephen Henson
3d83320279 Delete unused functions. 2008-05-30 16:14:34 +00:00
Dr. Stephen Henson
4ab252d198 Get BIO_snprintf() argument order right.... 2008-05-30 15:28:40 +00:00
Dr. Stephen Henson
058ffd7623 Add new error codes, log unknown magic or algorithm IDs. 2008-05-30 15:24:19 +00:00
Dr. Stephen Henson
0330a13aea Initial DSA public key loading support in CryptoAPI ENGINE. 2008-05-30 15:05:39 +00:00
Dr. Stephen Henson
467325b81d Add support for ENGINE loaded keys in dsa app. 2008-05-30 15:04:58 +00:00
Dr. Stephen Henson
00f716bbe6 Add error codes for blob sanity checks, rebuild error table. 2008-05-30 11:58:50 +00:00
Dr. Stephen Henson
2f2f032497 Blob type and algorithm type sanity checks 2008-05-30 11:54:51 +00:00
Dr. Stephen Henson
feb200bbb3 Don't set extended type is mbstring flag set. 2008-05-30 10:57:13 +00:00
Dr. Stephen Henson
3894667036 Update default depflag. 2008-05-30 10:31:43 +00:00
Dr. Stephen Henson
203ac694e3 Load CryptoAPI engine if supported. 2008-05-29 23:47:40 +00:00
Dr. Stephen Henson
bb592c75e7 Update mkdef.pl to recognize CAPIENG 2008-05-29 23:15:41 +00:00
Dr. Stephen Henson
777d717c40 Make CryptoAPI engine look more like the others.... 2008-05-29 21:03:48 +00:00
Dr. Stephen Henson
143d84590f Make dynamic engine link work with capi. 2008-05-29 17:51:22 +00:00
Dr. Stephen Henson
a29669d78d Disable CryptoAPI engine compilation by default. 2008-05-29 17:20:42 +00:00
Dr. Stephen Henson
e5be1e1696 Create error codes, compile in source. 2008-05-29 17:13:15 +00:00
Dr. Stephen Henson
9e47c34729 CryptoAPI ENGINE... initial version, not compiled in yet. 2008-05-29 16:46:38 +00:00
Bodo Möller
cb896f8923 FAQ updates from HEAD 2008-05-28 22:30:39 +00:00
Bodo Möller
cec9bce126 fix whitespace 2008-05-28 22:22:50 +00:00
Mark J. Cox
3f79793b7e After tagging, bump ready for 0.9.8i development 2008-05-28 07:47:50 +00:00
Mark J. Cox
0d01d8a735 Prepare for 0.9.8h release 2008-05-28 07:37:14 +00:00
Mark J. Cox
2c0fa03dc6 Fix flaw if 'Server Key exchange message' is omitted from a TLS
handshake which could lead to a cilent crash as found using the
Codenomicon TLS test suite (CVE-2008-1672)

Reviewed by: openssl-security@openssl.org

Obtained from: mark@awe.com
2008-05-28 07:29:27 +00:00
Mark J. Cox
d3b3a6d389 Fix double-free in TLS server name extensions which could lead to a remote
crash found by Codenomicon TLS test suite (CVE-2008-0891)

Reviewed by: openssl-security@openssl.org

Obtained from: jorton@redhat.com
2008-05-28 07:26:33 +00:00
Bodo Möller
fc260b09a1 grammar 2008-05-27 18:43:30 +00:00
Bodo Möller
b3c79a8a27 year 2008 2008-05-27 18:41:02 +00:00
Lutz Jänicke
f0ecefc0c0 Add README about removed root CA certificates. 2008-05-26 06:23:55 +00:00
Lutz Jänicke
b0118409a9 Reword comment to be much shorter to stop other people from complaining
about "overcommenting"
2008-05-26 06:21:10 +00:00
Lutz Jänicke
5f23288692 Clear error queue when starting SSL_CTX_use_certificate_chain_file
PR: 1417, 1513
Submitted by: Erik de Castro Lopo <mle+openssl@mega-nerd.com>
2008-05-23 10:37:22 +00:00
Lutz Jänicke
45c58c7d10 Remove all root CA files (beyond test CAs including private key)
from the OpenSSL distribution.
2008-05-23 08:59:56 +00:00
Dr. Stephen Henson
112591be76 Fix off by one error ;-) 2008-05-20 18:48:22 +00:00
Dr. Stephen Henson
1b8daa3693 Typo. 2008-05-20 16:13:11 +00:00
Dr. Stephen Henson
1cdbc755ee Update ordinals. 2008-05-20 12:12:22 +00:00
Dr. Stephen Henson
aa9c7e4b8c Oops... PEM_write_bio_ASN1_stream() shouldn't be in 0.9.8 CMS backport. 2008-05-20 12:10:28 +00:00
Dr. Stephen Henson
6be69a168f Remove deleted function definitions from header files
so Windows build picks it up.

Recognize new option in mk1mf.pl
2008-05-20 11:50:13 +00:00
Dr. Stephen Henson
eaf76feeb6 Remove old DES definition of deleted function too. 2008-05-20 11:23:49 +00:00
Lutz Jänicke
03e79ed05e Correctly adjust location of comment
Submitted by: Ben Laurie <ben@links.org>
2008-05-20 08:10:51 +00:00
Ben Laurie
56bef2df4f Fix warning. 2008-05-20 03:05:50 +00:00
Dr. Stephen Henson
10d3886c51 Fix two invalid memory reads in RSA OAEP mode.
Submitted by: Ivan Nestlerode <inestlerode@us.ibm.com>
Reviewed by: steve
2008-05-19 21:26:28 +00:00
Bodo Möller
f1c0cf5b70 Disable code that clearly doesn't currently serve any useful purpose.
(Buggy line reported by Matthias Koenig.)
2008-05-19 19:44:33 +00:00
Lutz Jänicke
2a7ac69ee4 Document "openssl s_server" -crl_check* options
Submitted by: Daniel Black <daniel.subs@internode.on.net>
2008-05-19 07:52:17 +00:00