Dr. Stephen Henson
b172352b52
PR: 1432
...
Submitted by: "Andrzej Chmielowiec" <achmielowiec@enigma.com.pl>, steve@openssl.org
Approved by: steve@openssl.org
Truncate hash if it is too large: as required by FIPS 186-3.
2009-12-01 17:32:16 +00:00
Dr. Stephen Henson
95b14fd803
typo
2009-11-29 13:44:59 +00:00
Bodo Möller
553d2e3280
(whitespace)
2009-11-26 18:35:33 +00:00
Bodo Möller
82fb4ee89d
The version numbering may change, again; so be careful about what we
...
announce in CHANGES.
2009-11-26 17:30:07 +00:00
Bodo Möller
389fef6c9c
Remove attribution -- this wasn't my patch, I only edited and applied it.
2009-11-26 17:28:27 +00:00
Bodo Möller
b6622f9623
Remove obsolete information about a change for 0.9.7n.
...
(No further releases from the 0.9.7 branch are planned. Note that the
"deleted" change is also in 0.9.8f.)
2009-11-26 17:25:38 +00:00
Dr. Stephen Henson
7f5448e3a8
Servers can't end up talking SSLv2 with legacy renegotiation disabled
2009-11-18 15:08:49 +00:00
Dr. Stephen Henson
5d965f0783
Don't use SSLv2 compatible client hello if we don't tolerate legacy renegotiation
2009-11-18 14:43:27 +00:00
Dr. Stephen Henson
b14713c231
Include a more meaningful error message when rejecting legacy renegotiation
2009-11-18 14:24:00 +00:00
Dr. Stephen Henson
637e0ba420
PR: 2094
...
Submitted by: Arkadiusz Miskiewicz <arekm@maven.pl>
Approved by: steve@openssl.org
Fix for out range of signed 32bit displacement error on newer binutils.
2009-11-13 14:14:46 +00:00
Dr. Stephen Henson
9ac37cb018
PR: 2084
...
Submitted by: Mike Frysinger <vapier@gentoo.org>
Approved by: steve@openssl.org
Parallel build fix.
2009-11-13 14:09:45 +00:00
Dr. Stephen Henson
fb7751b44f
PR: 2101
...
Submitted by: Doug Kaufman <dkaufman@rahul.net>
Approved by: steve@openssl.org
Fixes for tests in cms-test.pl
2009-11-13 14:09:09 +00:00
Richard Levitte
e333a8d673
Updated from 1.0.0-stable.
2009-11-12 16:59:18 +00:00
Dr. Stephen Henson
89a6daac00
PR: 1686
...
Submitted by: Hanno Böck <hanno@hboeck.de>
Approved by: steve@openssl.org
Create engines dir if it doesn't already exist.
2009-11-10 01:53:02 +00:00
Dr. Stephen Henson
7e42945918
PR: 2091
...
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org
If an OID has no short name or long name return the numerical representation.
2009-11-10 01:00:37 +00:00
Dr. Stephen Henson
b61a87b26c
check new_der for NULL too
2009-11-10 00:46:57 +00:00
Dr. Stephen Henson
2c6b141931
PR: 2090
...
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org
Improve error checking in asn1_gen.c
2009-11-10 00:40:42 +00:00
Dr. Stephen Henson
af13c50d51
Fix wrong function codes and duplicate codes
2009-11-09 18:21:57 +00:00
Dr. Stephen Henson
65c2397fce
Remove BF_PTR2 from configuration: it doesn't improve performance any more and causes gcc warnings about arrays out of range
2009-11-09 14:14:26 +00:00
Dr. Stephen Henson
16e7efe3c8
use OPENSSL_assert() and not assert()
2009-11-08 17:07:42 +00:00
Ben Laurie
c2b78c31d6
First cut of renegotiation extension.
2009-11-08 14:51:54 +00:00
Dr. Stephen Henson
a1dc0336dd
Re-revert (re-insert?) temporary change that made renegotiation work again
...
and add a proper fix: specifically if it is a new session don't send the old
TLS ticket, send a zero length ticket to request a new session.
2009-11-08 14:30:22 +00:00
Ben Laurie
d99a35f275
Revert renegotiation-breaking change.
2009-11-08 12:14:55 +00:00
Ben Laurie
949fbf073a
Disable renegotiation.
2009-11-05 11:28:37 +00:00
Ben Laurie
6156be4da3
Fix compilation problem.
2009-11-05 10:18:11 +00:00
Dr. Stephen Henson
d7d4325655
PR: 2089
...
Submitted by: David Woodhouse <dwmw2@infradead.org>
Approved by: steve@openssl.org
Use EVP_MD_size() in OpenSSL 0.9.8.
2009-11-04 12:58:54 +00:00
Dr. Stephen Henson
9f81ffe433
PR: 2089
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS Fragment size bug fix.
2009-11-02 13:36:56 +00:00
Dr. Stephen Henson
8164930816
Generate stateless session ID just after the ticket is received instead
...
of when a session is loaded. This will mean that applications that
just hold onto SSL_SESSION structures and never call d2i_SSL_SESSION()
will still work.
2009-10-30 14:07:59 +00:00
Dr. Stephen Henson
2a8834cf89
Fix stateless session resumption so it can coexist with SNI
2009-10-30 13:28:07 +00:00
Dr. Stephen Henson
e6e11f4ec3
Don't attempt session resumption if no ticket is present and session
...
ID length is zero.
2009-10-28 19:53:10 +00:00
Dr. Stephen Henson
452e41562c
PR: 2085
...
Submitted by: Mike Frysinger <vapier@gentoo.org>
Approved by: steve@openssl.org
Change domd test to match 1.0.0+ version: check $MAKEDEPEND
ends in "gcc" to support cross compilers.
2009-10-28 19:29:05 +00:00
Dr. Stephen Henson
8c6dd96aed
Don't replace whole AR line
2009-10-28 15:33:06 +00:00
Dr. Stephen Henson
23a4ccd178
PR: 2081
...
Submitted by: Mike Frysinger <vapier@gentoo.org>
Approved by: steve@openssl.org
Respect AR and RANLIB environment variables if set.
2009-10-28 14:00:54 +00:00
Dr. Stephen Henson
2b4d877a27
PR: 2080
...
Submitted by: Mike Frysinger <vapier@gentoo.org>
Approved by: steve@openssl.org
Respect MAKE environment variable if set.
2009-10-28 13:56:06 +00:00
Dr. Stephen Henson
d916f92d6f
PR: 2078
...
Submitted by: Dale Anderson <dra@redevised.net>
Approved by: steve@openssl.org
Corrections to bn_internal documentation.
2009-10-28 13:52:19 +00:00
Dr. Stephen Henson
b9b5134e19
Pick up install prefix from the environment, if set.
2009-10-18 14:24:47 +00:00
Dr. Stephen Henson
9ef6fdab63
PR: 2074
...
Submitted by: Bram Neijt <bneijt@gmail.com>
Approved by: steve@openssl.org
Typo: "contet".
2009-10-16 15:29:07 +00:00
Dr. Stephen Henson
3a0b6de4d0
PR: 2073
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org
Don't access freed SSL_CTX in SSL_free().
2009-10-16 13:42:15 +00:00
Dr. Stephen Henson
08896dc0bd
CROSS_COMPILE: don't override command line option from environment
2009-10-15 23:45:22 +00:00
Dr. Stephen Henson
ef62799783
PR: 1847
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org
Integrated patches to CA.sh to bring it into line with CA.pl functionality.
2009-10-15 17:28:02 +00:00
Dr. Stephen Henson
8196257f00
Cross compilation updates.
2009-10-15 14:14:35 +00:00
Dr. Stephen Henson
ac923d3377
Backport cross compilation options from HEAD.
2009-10-15 13:02:42 +00:00
Dr. Stephen Henson
0ec529ac82
Allow uname values to be overridden by the environment
2009-10-15 12:58:00 +00:00
Dr. Stephen Henson
d5b0c872d8
Quote filenames in case they contain spaces. Print out supported values
...
for --enable and --disable.
2009-10-15 12:30:21 +00:00
Dr. Stephen Henson
2e8026b65a
Oops!
2009-10-05 13:32:56 +00:00
Dr. Stephen Henson
381a9f04a0
Fix unitialized warnings
2009-10-04 16:53:18 +00:00
Dr. Stephen Henson
d7050b4424
Fix warnings about ignoring fgets return value
2009-10-04 16:43:39 +00:00
Dr. Stephen Henson
91ca332058
Prevent ignored return value warning
2009-10-04 14:04:36 +00:00
Dr. Stephen Henson
ff095a8ac8
Prevent aliasing warning
2009-10-04 14:02:35 +00:00
Dr. Stephen Henson
ae37f9f3a2
PR: 2062
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct BN_rand error handling in bntest.c
2009-10-01 00:22:23 +00:00