wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
6288 commits 20 branches 302 tags 153 MiB
Commit graph

1079 commits

Author SHA1 Message Date
Bodo Möller
84b1e84af1 make sure RSA blinding works when the PRNG is not properly seeded; 
enable it automatically only for the built-in engine
 2003-03-19 18:58:55 +00:00
Ben Laurie
96c15b8aad Turn on RSA blinding by default. 2003-03-18 12:12:10 +00:00
Geoff Thorpe
86a925b27e Fix a bone-head bug. This warrants a CHANGES entry because it could affect 
applications if they were passing a bogus 'flags' parameter yet having
things work as they wanted anyway.
 2003-03-13 20:23:19 +00:00
Ulf Möller
5600a9cba1 Add instructions for building the MinGW target in Cygwin, and 
rearrange some of the other text for better readability.
 2003-02-22 23:00:25 +00:00
Richard Levitte
dab0aaa612 Let's move on to development of 0.9.7b. 2003-02-19 12:55:39 +00:00
Richard Levitte
352df99302 Security fix: Vaudenay timing attack on CBC. 
An advisory will be posted to the web.  Expect a release within the hour.
 2003-02-19 12:04:16 +00:00
Richard Levitte
cc811b1d7e Make the no-err option work properly 2003-02-18 12:15:13 +00:00
Richard Levitte
142398d3a7 Add support for IA64. 
PR: 454
 2003-02-14 13:30:43 +00:00
Richard Levitte
e4b95737f0 Adjust DES_cbc_cksum() so the returned value is the same as MIT's 
mit_des_cbc_cksum().  The difference was first observed, then verified by
looking at the MIT source.
 2003-02-12 17:20:50 +00:00
Dr. Stephen Henson
c13eba970c Option to disable auto SSL chain building. 2003-02-12 17:05:17 +00:00
Richard Levitte
6d85cd36e2 Add the possibility to build without the ENGINE framework. 
PR: 287
 2003-01-30 17:37:49 +00:00
Bodo Möller
30e3c99d9f consistency 2003-01-24 22:27:00 +00:00
Dr. Stephen Henson
624feae8af Check return value of gmtime() and add error codes 
where it fails in ASN1_TIME_set().

Clear error queue in req.c if *_min or *_max is absent.
 2003-01-24 00:42:50 +00:00
Lutz Jänicke
0748cdc7f1 Fix initialization sequence to prevent freeing of unitialized objects. 
Submitted by: Nils Larsch <nla@trustcenter.de>

PR: 459
 2003-01-15 14:56:47 +00:00
Lutz Jänicke
b2c71c489d Really fix SSLv2 session ID handling 
PR: 377
 2003-01-15 09:48:29 +00:00
Andy Polyakov
e5658b9331 Note IA-32 assembler support enhancements in CHANGES. 2003-01-13 16:39:41 +00:00
Richard Levitte
959ba907df Add better support for FreeBSD on non-x86 machines. 
Add specific support for FreeBSD on sparc64.
PR: 427
 2003-01-12 04:43:52 +00:00
Richard Levitte
fa47b4d8b8 When preparing a separate build tree, don't make softlinks to softlinks. 
Add instructions in INSTALL, for easy access.
PR: 437
 2003-01-10 10:56:21 +00:00
Richard Levitte
4a2e36b19e It's rather silly to believe we'd release 0.9.7a in 2002 :-). 2002-12-31 00:59:36 +00:00
Richard Levitte
1c2018f37f Tagging is done, move on to development of 0.9.7a. 2002-12-31 00:02:34 +00:00
Richard Levitte
04572965ea Time for release of OpenSSL 0.9.7. 
The tag will be OpenSSL_0_9_7.
 2002-12-30 23:54:11 +00:00
Lutz Jänicke
ef9d3a10c3 Fix wrong handling of session ID in SSLv2 client code. 
PR: 377
 2002-12-29 20:58:55 +00:00
Richard Levitte
e286dfe6ed We stupidly had a separate LIBKRB5 variable for KRB5 library dependencies, 
and then didn't support it very well.  And that when there already is a
useful variable for exactly this kind of thing; EX_LIBS...
 2002-12-19 22:10:20 +00:00
Richard Levitte
04c71cd725 OK, there's at least one application author who has provided dynamic locking 
callbacks
 2002-12-13 07:30:59 +00:00
Richard Levitte
5c72869563 Add a static lock called HWCRHK, for the case of having an application 
that wants to use the hw_ncipher engine without having given any
callbacks for the dynamic type of locks.
 2002-12-12 17:41:36 +00:00
Richard Levitte
a272f7eb08 Merge in relevant changes from the OpenSSL 0.9.6h release. 2002-12-05 21:51:57 +00:00
Dr. Stephen Henson
38b085902f In asn1_d2i_read_bio, don't assume BIO_read will 
return the requested number of bytes when reading
content.
 2002-12-03 23:49:12 +00:00
Richard Levitte
0a3af9a403 Add OPENSSL_cleanse() to help cleanse memory and avoid certain compiler 
and linker optimizations.
PR: 343
 2002-11-27 12:25:52 +00:00
Richard Levitte
a5fd84de41 Heimdal isn't really supported right now. Say so, and offer a possibility 
to force the use of Heimdal, and warn if that's used.
PR: 346
 2002-11-26 10:11:25 +00:00
Lutz Jänicke
a153c46d7f Fix bug introduced by the attempt to fix client side external session 
caching (#288): now internal caching failed (#351):
Make sure, that cipher_id is set before comparing.
Submitted by:
Reviewed by:
PR: 288 (and 351)
 2002-11-20 10:46:35 +00:00
Richard Levitte
29ca164513 WinCE patches 2002-11-15 22:44:08 +00:00
Richard Levitte
082cd4e564 Changes to make shared library building and use work better with Cygwin 2002-11-15 16:49:34 +00:00
Richard Levitte
2115a89212 Document the change to remove the 'done' flag variable in the 
OpenSSL_add_all_*() routines
 2002-11-15 14:01:15 +00:00
Richard Levitte
0439a5a8a7 We need to read one more byte of the REQUEST-CERTIFICATE message. 
PR: 300
 2002-11-15 09:17:45 +00:00
Bodo Möller
402b4a784d use same entry as in more recent CHANGES revision in CVS head 2002-11-14 12:11:44 +00:00
Bodo Möller
651e7ddf7e fix order again 2002-11-14 12:08:16 +00:00
Richard Levitte
5b1aea7afe Handle last lines that aren't properly terminated. 
PR: 308
 2002-11-14 06:50:32 +00:00
Bodo Möller
46ce790727 fix order of changes -- if B depends on A, A should be listed 
after B (reversed 'chronological' order)
 2002-11-12 13:35:27 +00:00
Ben Laurie
9831d941ca Many security improvements (CHATS) and a warning fix. 2002-11-12 13:23:40 +00:00
Richard Levitte
8bcc049399 X509_NAME_cmp() now compares PrintableString and emailAddress with a value of type 
ia5String correctly.
PR: 244
 2002-11-09 21:55:12 +00:00
Geoff Thorpe
96a2c35d91 The recent CHANGES note between 0.9.6g and 0.9.6h needs copying into the 
other branches.
 2002-10-29 17:59:18 +00:00
Bodo Möller
84236041c1 synchronize with 0.9.6-stable version of this file 2002-10-11 17:53:21 +00:00
Bodo Möller
8d44d96ec3 remove redundant empty line 2002-10-11 17:29:07 +00:00
Richard Levitte
12a2ff9625 RFC 2712 redefines the codes for use of Kerberos 5 in SSL/TLS. 
PR: 189
 2002-10-10 07:59:45 +00:00
Bodo Möller
64cb996206 fix more race conditions 
Submitted by: "Patrick McCormick" <patrick@tellme.com>
PR: 262
 2002-09-26 15:54:15 +00:00
Bodo Möller
fbf4c7b4f1 really fix race conditions 
Submitted by: "Patrick McCormick" <patrick@tellme.com>

PR: 262
PR: 291
 2002-09-25 15:38:17 +00:00
Bodo Möller
4e33db9a3f really fix race condition 
PR: 262
 2002-09-23 14:28:12 +00:00
Bodo Möller
f7eb95852c there is no minimum length for session IDs 
PR: 274

fix race condition
PR: 262
 2002-09-20 08:37:13 +00:00
Dr. Stephen Henson
a98beb3a2d Apply -nameopt patches to 0.9.7 2002-08-30 18:26:26 +00:00
Lutz Jänicke
68a9ee13e8 Reorder cleanup sequence in SSL_CTX_free() to leave ex_data for remove_cb(). 
Submitted by:
Reviewed by:
PR: 212
 2002-08-16 17:02:30 +00:00