Commit graph

807 commits

Author SHA1 Message Date
Richard Levitte
8ca0db580e Update version to 0.9.6i, even if that's never going to be released. 2002-12-05 22:53:30 +00:00
Richard Levitte
f94e1dd2d0 Time to release OpenSSL 0.9.6h.
The tag will be OpenSSL_0_9_6h.
2002-12-05 21:40:48 +00:00
Richard Levitte
9a7a36db08 Add OPENSSL_cleanse() to help cleanse memory and avoid certain compiler
and linker optimizations.
PR: 343
2002-11-27 12:24:54 +00:00
Lutz Jänicke
e824df317a Fix bug introduced by the attempt to fix client side external session
caching (#288): now internal caching failed (#351):
Make sure, that cipher_id is set before comparing.
Submitted by:
Reviewed by:
PR: 288 (and 351)
2002-11-20 10:48:05 +00:00
Richard Levitte
7149d5c140 Document the change to remove the 'done' flag variable in the
OpenSSL_add_all_*() routines
2002-11-15 13:58:58 +00:00
Richard Levitte
3aefe06f0f We need to read one more byte of the REQUEST-CERTIFICATE message.
PR: 300
2002-11-15 09:16:56 +00:00
Richard Levitte
8df1de4e89 Handle last lines that aren't properly terminated.
PR: 308
2002-11-14 06:49:45 +00:00
Richard Levitte
82833c523b X509_NAME_cmp() now compares PrintableString and emailAddress with a value of type
ia5String correctly.
PR: 244
2002-11-09 21:53:48 +00:00
Geoff Thorpe
69c8c5611c The recent session caching modifications (including docs, and CHANGES) were
applied to the "engine" 0.9.6 branch rather than the non-engine one. This
merges all the changes back across so they are in-sync w.r.t. these
changes.
2002-10-29 18:36:51 +00:00
Bodo Möller
c30ab16396 fix some entries for 0.9.6d and 0.9.6e (should look as in the
0.9.7-stable branch)
2002-10-11 17:51:25 +00:00
Bodo Möller
b49d33defd fix more race conditions
Submitted by: "Patrick McCormick" <patrick@tellme.com>
PR: 262
2002-09-26 15:55:46 +00:00
Bodo Möller
af4396e589 really fix race conditions
Submitted by: "Patrick McCormick" <patrick@tellme.com>

PR: 262
PR: 291
2002-09-25 15:36:21 +00:00
Bodo Möller
924b6006d7 really fix race condition
PR: 262
2002-09-23 14:30:59 +00:00
Bodo Möller
5fef7d56ce there is no minimum length for session IDs
PR: 274
2002-09-19 11:43:13 +00:00
Bodo Möller
30c37c52c5 fix race condition
PR: 262
2002-09-19 11:27:37 +00:00
Lutz Jänicke
06076d9d31 Reorder cleanup sequence in SSL_CTX_free() to leave ex_data for remove_cb().
Submitted by:
Reviewed by:
PR: 212
2002-08-16 17:09:31 +00:00
Dr. Stephen Henson
1318510f8c Fix typo in OBJ_txt2obj which incorrectly passed the content
length, instead of the encoding length to d2i_ASN1_OBJECT.

This wasn't visible before becuse ASN1_get_object() used
to read past the length of the supplied buffer.
2002-08-14 00:36:44 +00:00
Richard Levitte
532441a93a Time to go on... 2002-08-09 12:08:23 +00:00
Richard Levitte
4c68b3239b Time to release 0.9.6g.
The tag will be OpenSSL_0_9_6g.
2002-08-09 11:37:15 +00:00
Bodo Möller
ca2b12feec entry for change in 'engine' branch 2002-08-09 08:13:13 +00:00
Richard Levitte
18794c6a83 Tagging has been done, update to next development version. 2002-08-08 21:23:51 +00:00
Richard Levitte
df75a709c9 Time to release version 0.9.6f.
The tag will be OpenSSL_0_9_6f.
2002-08-08 20:51:52 +00:00
Dr. Stephen Henson
24f55d7675 Fix the ASN1 sanity check: correct header length
calculation and check overflow against LONG_MAX.
2002-08-02 18:41:08 +00:00
Bodo Möller
517a0e7fa0 get rid of OpenSSLDie 2002-08-02 10:51:59 +00:00
Lutz Jänicke
2c3bd4778e Next version of 0.9.6 would be 0.9.6f.
Submitted by:
Reviewed by:
PR:
2002-07-30 10:52:36 +00:00
Lutz Jänicke
05ebb1e7cf Release 0.9.6e.
Submitted by:
Reviewed by:
PR:
2002-07-30 10:34:35 +00:00
Lutz Jänicke
bb41724483 OpenSSL Security Advisory [30 July 2002]
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
Submitted by:
Reviewed by:
PR:
2002-07-30 10:19:01 +00:00
Lutz Jänicke
d2cbe66ee1 Ciphers with NULL encryption were not properly handled because they were
not covered by the strength bit mask.
Submitted by:
Reviewed by:
PR: 130
2002-07-10 06:41:29 +00:00
Bodo Möller
32a76f2c75 New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC
vulnerability workaround (included in SSL_OP_ALL).

PR: #90
2002-06-14 12:19:34 +00:00
Bodo Möller
a9950dfb67 fix EVP_dsa_sha macro
Submitted by: Nils Larsch
2002-05-16 12:55:56 +00:00
Richard Levitte
be730546c8 Add space for changes in 0.9.6e. 2002-05-09 23:02:13 +00:00
Richard Levitte
5317543ada About to release 0.9.6d, so set all versoin numbers right.
The tag will be OpenSSL_0_9_6d.
2002-05-09 22:40:31 +00:00
Bodo Möller
c15bf8f609 Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not
encoded as NULL) with id-dsa-with-sha1.

Submitted by: Nils Larsch
2002-04-26 08:30:31 +00:00
Bodo Möller
5d2175eddb check return values
Submitted by: Nils Larsch
2002-04-17 09:29:54 +00:00
Lutz Jänicke
7680669c33 Fix CRLF problem in BASE64 decode. 2002-04-15 09:51:10 +00:00
Bodo Möller
82c77c1b32 Implement known-IV countermeasure.
Fix length checks in ssl3_get_client_hello().

Use s->s3->in_read_app_data differently to fix ssl3_read_internal().
2002-04-13 22:49:28 +00:00
Bodo Möller
4e5b835c6a synchronize with OpenSSL-engine-0_9_6-stable 2002-04-12 13:44:04 +00:00
Lutz Jänicke
50e4d01fa0 Fix buggy object definitions (Svenning Sorensen <sss@sss.dnsalias.net>). 2002-04-04 17:56:57 +00:00
Bodo Möller
687f9d2b94 fix DH_generate_parameters for general 'generator' 2002-03-20 16:01:29 +00:00
Lutz Jänicke
6bcba344b5 Map new X509 verification errors to alert codes (Tom Wu <tom@arcot.com>). 2002-03-19 16:47:09 +00:00
Bodo Möller
7aacd4c458 fix ssl3_pending 2002-03-15 10:53:34 +00:00
Lutz Jänicke
e18ed57afd Add missing strength entries. 2002-03-14 18:56:59 +00:00
Lutz Jänicke
ce1e801013 Make sure to remove bad sessions in SSL_clear() (found by Yoram Zahavi). 2002-02-26 21:50:28 +00:00
Richard Levitte
44bbfcddaf At Corinna Vinschen's request, change CygWin32 to Cygwin 2002-02-14 12:29:02 +00:00
Richard Levitte
52f3038667 Update the configuration of CygWin32 to use the new capabilities of
CygWin 1.3.x, which includes thread and shared library support.

Submitted by Corinna Vinschen <vinschen@redhat.com> and modified a
little bit.
2002-02-13 14:45:19 +00:00
Lutz Jänicke
76dca45720 Backport from 0.9.7:
Make removal from internal session cache more robust and do not store
into internal session cache when it won't be looked up anyway.
2002-02-10 12:52:57 +00:00
Richard Levitte
a5f158fa0b ASN1_BIT_STRING_set_bit() didn't clear previously set bits 2002-02-03 21:27:04 +00:00
Richard Levitte
4fd350e8f5 Apply Neale Ferguson's patch to add a configuration target for linux-s390x 2002-01-25 22:13:26 +00:00
Bodo Möller
19fa8cfe5a Bugfix: In ssl3_accept, don't use a local variable 'got_new_session'
to indicate that a real handshake is taking place (the value will be
lost during multiple invocations). Set s->new_session to 2 instead.
2002-01-14 23:42:47 +00:00
Bodo Möller
5f18fe493e Return -1 from ssl3_get_server_done (ssl3/s3_clnt.c) if
the SSL_R_LENGTH_MISMATCH error is detected.
2002-01-14 12:42:38 +00:00