Commit graph

9453 commits

Author SHA1 Message Date
Dr. Stephen Henson
d793c292cb add CHANGES entry 2010-01-26 19:48:10 +00:00
Dr. Stephen Henson
57749b1b9f PR: 1949
Submitted by: steve@openssl.org

More robust fix and workaround for PR#1949. Don't try to work out if there
is any write pending data as this can be unreliable: always flush.
2010-01-26 19:46:30 +00:00
Dr. Stephen Henson
1cdb7854a5 PR: 2138
Submitted by: Kevin Regan <k.regan@f5.com>

Clear stat structure if -DPURIFY is set to avoid problems on some
platforms which include unitialised fields.
2010-01-26 18:07:41 +00:00
Dr. Stephen Henson
704d33b347 Add flags functions which were added to 0.9.8 for fips but not 1.0.0 and
later.
2010-01-26 14:33:52 +00:00
Dr. Stephen Henson
b2a7515ee8 OPENSSL_isservice is now defined on all platforms not just WIN32 2010-01-26 13:58:49 +00:00
Dr. Stephen Henson
f4f2b52995 oops 2010-01-26 13:56:15 +00:00
Dr. Stephen Henson
c7d5edbf5e export OPENSSL_isservice and make update 2010-01-26 13:55:33 +00:00
Dr. Stephen Henson
d8f07f1674 Typo 2010-01-26 12:29:48 +00:00
Dr. Stephen Henson
78bfb45b07 PR: 2149
Submitted by: Douglas Stebila <douglas@stebila.ca>

Fix wap OIDs.
2010-01-25 16:07:51 +00:00
Richard Levitte
6ad4d60555 There's really no need to use $ENV::HOME 2010-01-25 00:22:52 +00:00
Richard Levitte
2fad8aa209 Forgot to correct the definition of __arch in this file.
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:21:14 +00:00
Richard Levitte
74397d45b2 It seems like sslroot: needs to be defined for some tests to work.
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:20:32 +00:00
Richard Levitte
c8ca769d3b Compile t1_reneg on VMS as well.
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:19:33 +00:00
Richard Levitte
25d42c17e3 A few more macros for long symbols.
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:18:31 +00:00
Dr. Stephen Henson
a377811f15 PR: 2153, 2125
Submitted by: steve@openssl.org

The original fix for PR#2125 broke compilation on some Unixware platforms:
revert and make conditional on VMS.
2010-01-24 16:57:38 +00:00
Dr. Stephen Henson
ef1b6b2cf2 The fix for PR#1949 unfortunately broke cases where the BIO_CTRL_WPENDING
ctrl is incorrectly implemented (e.g. some versions of Apache). As a workaround
call both BIO_CTRL_INFO and BIO_CTRL_WPENDING if it returns zero. This should
both address the original bug and retain compatibility with the old behaviour.
2010-01-24 13:54:07 +00:00
Dr. Stephen Henson
1699389a46 Tolerate PKCS#8 DSA format with negative private key. 2010-01-22 20:17:30 +00:00
Dr. Stephen Henson
ad8ee3d7d1 If legacy renegotiation is not permitted then send a fatal alert if a patched
server attempts to renegotiate with an unpatched client.
2010-01-22 18:49:19 +00:00
Dr. Stephen Henson
39f0a4d8e9 typo 2010-01-21 18:46:28 +00:00
Dr. Stephen Henson
15a9821cc2 fix comments 2010-01-21 01:17:45 +00:00
Dr. Stephen Henson
53e97e7433 update version for next beta if we have one... 2010-01-20 15:40:27 +00:00
Dr. Stephen Henson
bc0ecd202a make update 2010-01-20 15:05:52 +00:00
Dr. Stephen Henson
b307daa23f Prepare for beta5 release 2010-01-20 15:00:49 +00:00
Dr. Stephen Henson
4c95b1bfda Update demo 2010-01-20 14:05:56 +00:00
Dr. Stephen Henson
9359fc5ff2 Support -L options in VC++ link. 2010-01-20 14:04:55 +00:00
Andy Polyakov
a238d7d1eb rand_win.c: handel GetTickCount wrap-around [from HEAD]. 2010-01-19 21:44:07 +00:00
Andy Polyakov
0e92313331 x86_64-xlate.pl: refine sign extension logic when handling lea [from HEAD].
PR: 2094,2095
2010-01-19 21:43:05 +00:00
Andy Polyakov
3e719c99f5 s390x assembler update: add support for run-time facility detection [from HEAD]. 2010-01-19 21:40:58 +00:00
Dr. Stephen Henson
2a4d0dcb89 The use of NIDs in the password based encryption table can result in
algorithms not found when an application uses PKCS#12 and only calls
SSL_library_init() instead of OpenSSL_add_all_algorithms(). Simple
work around is to add the missing algorithm (40 bit RC2) in
SSL_library_init().
2010-01-19 19:55:47 +00:00
Dr. Stephen Henson
2e155fde39 PR: 2141
Submitted by: "NARUSE, Yui" <naruse@airemix.jp>

Remove non-ASCII comment which causes compilation errors on some versions
of VC++.
2010-01-19 19:28:03 +00:00
Dr. Stephen Henson
9a8c8cb22e stop asn1test compilation producing link errors 2010-01-19 19:25:16 +00:00
Dr. Stephen Henson
04aa7441ab PR: 2144
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Better fix for PR#2144
2010-01-19 19:11:21 +00:00
Dr. Stephen Henson
28dc54f6d9 Reverted patch for PR#2095. Addressed by Andy now in x86_64-xlate.pl 2010-01-17 16:58:56 +00:00
Dr. Stephen Henson
a1e1165200 PR: 2135
Submitted by: Mike Frysinger <vapier@gentoo.org>

Change missed references to lib to $(LIBDIR)
2010-01-16 20:06:10 +00:00
Dr. Stephen Henson
ddba003d5e PR: 2144
Submitted by: steve@openssl.org

Fix DTLS connection so new_session is reset if we read second client hello:
new_session is used to detect renegotiation.
2010-01-16 19:45:59 +00:00
Dr. Stephen Henson
e59d9a34c9 PR: 2133
Submitted by: steve@openssl.org

Add missing DTLS state strings.
2010-01-16 19:20:38 +00:00
Ben Laurie
9e198c4bd0 Fix type-checking/casting issue. 2010-01-16 13:32:14 +00:00
Dr. Stephen Henson
7eceffbfef convert to Unix EOL form 2010-01-15 15:26:32 +00:00
Dr. Stephen Henson
8043f01b13 PR: 2125
Submitted by: "Alon Bar-Lev" <alon.barlev@gmail.com>

Fix gcc-aix compilation issue.
2010-01-14 17:51:52 +00:00
Dr. Stephen Henson
41c0f68630 Fix version handling so it can cope with a major version >3.
Although it will be many years before TLS v2.0 or later appears old versions
of servers have a habit of hanging around for a considerable time so best
if we handle this properly now.
2010-01-13 19:08:29 +00:00
Dr. Stephen Henson
2c627637c5 Modify compression code so it avoids using ex_data free functions. This
stops applications that call CRYPTO_free_all_ex_data() prematurely leaking
memory.
2010-01-13 18:46:01 +00:00
Dr. Stephen Henson
58f4b3511e update ordinals 2010-01-12 17:33:59 +00:00
Dr. Stephen Henson
93fac08ec3 PR: 2136
Submitted by: Willy Weisz <weisz@vcpc.univie.ac.at>

Add options to output hash using older algorithm compatible with OpenSSL
versions before 1.0.0
2010-01-12 17:27:11 +00:00
Dr. Stephen Henson
23c3bee970 make update 2010-01-12 01:59:11 +00:00
Dr. Stephen Henson
73ff97ad76 Simplify RI+SCSV logic:
1. Send SCSV is not renegotiating, never empty RI.
2. Send RI if renegotiating.
2010-01-07 19:05:03 +00:00
Andy Polyakov
0d8ffc2007 b_sock.c: bind/connect are picky about socket address length [from HEAD]. 2010-01-07 13:15:39 +00:00
Andy Polyakov
a32f7fb832 sendto is reportedly picky about destination socket address length [from HEAD].
PR: 2114
Submitted by: Robin Seggelmann
2010-01-07 10:44:21 +00:00
Andy Polyakov
496cf69e40 Fix compilation on older Linux [from HEAD]. 2010-01-06 21:25:22 +00:00
Dr. Stephen Henson
eb17330837 Updates to conform with draft-ietf-tls-renegotiation-03.txt:
1. Add provisional SCSV value.
2. Don't send SCSV and RI at same time.
3. Fatal error is SCSV received when renegotiating.
2010-01-06 17:37:38 +00:00
Dr. Stephen Henson
2708603bb4 ENGINE_load_capi() now exists on all platforms (but no op on non-WIN32) 2010-01-06 13:20:52 +00:00