Dr. Stephen Henson
1a684d0020
file mksdef.pl was added on branch OpenSSL_0_9_8-stable on 2008-09-18 11:20:08 +0000
2007-01-27 13:19:43 +00:00
Dr. Stephen Henson
1f4a5a3339
file fips_rsa_sign.c was added on branch OpenSSL-fips-0_9_8-stable on 2007-03-22 00:39:05 +0000
2007-01-24 13:00:16 +00:00
Dr. Stephen Henson
dc3b721fa0
Update from 0.9.7-stable.
2007-01-23 17:54:22 +00:00
Dr. Stephen Henson
4479ce9c1c
Update from HEAD.
2007-01-21 16:07:25 +00:00
Dr. Stephen Henson
4a0d3530e0
Update from HEAD.
2007-01-21 13:16:49 +00:00
Dr. Stephen Henson
9907d2992d
Update from HEAD.
2007-01-18 21:25:24 +00:00
Dr. Stephen Henson
20fb51b1a7
file fips_premain.c.sha1 was added on branch OpenSSL-fips-0_9_8-stable on 2007-03-22 00:38:45 +0000
2007-01-16 14:06:34 +00:00
Dr. Stephen Henson
551bfa60e0
file mkfipsscr.pl was added on branch OpenSSL-fips-0_9_8-stable on 2007-03-22 00:38:46 +0000
2007-01-15 00:25:58 +00:00
Lutz Jänicke
9d9224f184
Update do new home page
2007-01-12 18:47:28 +00:00
Andy Polyakov
78d4d87e39
Initialize padlock in shared build.
2007-01-04 22:55:25 +00:00
Andy Polyakov
6211633273
#include <stddef.h> in digest headers [from HEAD].
2006-12-29 14:55:43 +00:00
Nils Larsch
3a4cf918bf
fix return value of get_cert_chain()
...
PR: 1441
2006-12-27 09:39:51 +00:00
Richard Levitte
e25eb309ec
From HEAD
2006-12-26 21:23:38 +00:00
Richard Levitte
ffa2b2aa7d
Synchronise with Unixly build
2006-12-25 10:57:20 +00:00
Andy Polyakov
a77a95584d
Make sha.h more "portable" [from HEAD].
2006-12-22 16:04:56 +00:00
Nils Larsch
68bb98159f
fix typos
...
PR: 1354, 1355, 1398
2006-12-21 21:11:44 +00:00
Nils Larsch
8e6905d238
remove trailing '\'
...
PR: 1438
2006-12-19 19:47:39 +00:00
Bodo Möller
1a8521ff24
Fix the BIT STRING encoding of EC points or parameter seeds
...
(need to prevent the removal of trailing zero bits).
2006-12-19 15:10:46 +00:00
Nils Larsch
9d5460d72d
properly initialize SSL context, check return value
2006-12-13 22:08:20 +00:00
Dr. Stephen Henson
35e59297fc
Update from 0.9.7-stable branch
2006-12-07 13:28:07 +00:00
Dr. Stephen Henson
9b945233b1
Update from HEAD.
2006-12-06 13:38:59 +00:00
Nils Larsch
b065dc2eee
fix documentation
...
PR: 1343
2006-12-06 09:12:28 +00:00
Nils Larsch
66c4bb1a70
avoid duplicate entries in add_cert_dir()
...
PR: 1407
Submitted by: Tomas Mraz <tmraz@redhat.com>
2006-12-05 21:21:10 +00:00
Nils Larsch
36abe6fe61
return 0 if 'noout' is used and no has occurred
...
PR: 1435
Submitted by: "Haridharan" <haridharan@gmail.com>
2006-12-05 20:08:03 +00:00
Nils Larsch
3c786aa6c8
allocate a new attributes entry in X509_REQ_add_extensions()
...
if it's NULL (in case of a malformed pkcs10 request)
PR: 1347
Submitted by: Remo Inverardi <invi@your.toilet.ch>
2006-12-04 19:10:58 +00:00
Nils Larsch
e5cce6d356
add "Certificate Issuer", "Issuing Distribution Point" and
...
"Subject Directory Attributes" OIDs
PR: 1433
2006-12-04 18:48:16 +00:00
Andy Polyakov
723b7d81e4
Camellia fixes and improvements from HEAD.
2006-12-02 12:00:27 +00:00
Andy Polyakov
a3ddd7358b
Camellia portability fixes.
...
Submitted by: Masashi Fujita, NTT
2006-12-02 11:57:40 +00:00
Dr. Stephen Henson
45c027f31f
Update dependencies.
2006-11-30 14:03:58 +00:00
Dr. Stephen Henson
3b62e9eb0d
Fix default depflags.
2006-11-30 14:01:38 +00:00
Dr. Stephen Henson
34a8c7ec87
Win32 fixes.
...
Use OPENSSL_NO_RFC3779 instead of OPENSSL_RFC3779: this makes the Win32 scripts
work and is consistent with other options.
Fix Win32 scripts and Configure to process OPENSSL_NO_RFC3779 properly.
Update ordinals.
Change some prototypes for LSB because VC++ 6 doesn't like the */ sequence and thinks it is an invalid end of comment.
2006-11-30 13:04:43 +00:00
Nils Larsch
d4a6240005
replace macros with functions
...
Submitted by: Tracy Camp <tracyx.e.camp@intel.com>
2006-11-29 20:47:15 +00:00
Bodo Möller
5c6f76da0a
fix support for receiving fragmented handshake messages
2006-11-29 14:45:14 +00:00
Ben Laurie
4636341b05
Add RFC 3779 support, contributed by ARIN.
2006-11-27 13:36:55 +00:00
Nils Larsch
be3b770d8f
register the engine as default engine in ENGINE_set_default()
...
PR: 1431
2006-11-24 18:44:26 +00:00
Ulf Möller
af32387b3f
wording, as in head
2006-11-21 20:51:47 +00:00
Dr. Stephen Henson
115fc340cb
Rebuild error file C source files.
2006-11-21 20:14:46 +00:00
Dr. Stephen Henson
900f7a8776
Update from 0.9.7-stable.
...
Improve mkerr.pl header file function name parsing.
2006-11-21 20:14:05 +00:00
Dr. Stephen Henson
4877e30504
Fix from HEAD.
2006-11-13 13:23:05 +00:00
Nils Larsch
4656ec3852
update md docs
2006-10-27 21:59:48 +00:00
Andy Polyakov
e336441197
Gcc over-optimizes PadLock AES CFB codepath, tell it not to [from HEAD].
2006-10-19 20:56:31 +00:00
Dr. Stephen Henson
20d6182f33
Typo.
2006-10-05 21:59:09 +00:00
Nils Larsch
aa145866f9
return an error if the supplied precomputed values lead to an invalid signature
2006-10-04 19:55:03 +00:00
Mark J. Cox
fdff41e166
Initialise ctx to NULL to avoid uninitialized free, noticed by
...
Steve Kiernan
2006-09-29 08:21:07 +00:00
Richard Levitte
07b4bc3979
APP_FILES is no longer used, remove it everywhere.
2006-09-29 06:54:39 +00:00
Bodo Möller
0c66d3ae37
fix typo
2006-09-28 13:30:28 +00:00
Bodo Möller
bd869183d5
for completeness, include 0.9.7l information
2006-09-28 13:29:08 +00:00
Richard Levitte
7e2bf83100
Fixes for the following claims:
...
1) Certificate Message with no certs
OpenSSL implementation sends the Certificate message during SSL
handshake, however as per the specification, these have been omitted.
-- RFC 2712 --
CertificateRequest, and the ServerKeyExchange shown in Figure 1
will be omitted since authentication and the establishment of a
master secret will be done using the client's Kerberos credentials
for the TLS server. The client's certificate will be omitted for
the same reason.
-- RFC 2712 --
3) Pre-master secret Protocol version
The pre-master secret generated by OpenSSL does not have the correct
client version.
RFC 2712 says, if the Kerberos option is selected, the pre-master
secret structure is the same as that used in the RSA case.
TLS specification defines pre-master secret as:
struct {
ProtocolVersion client_version;
opaque random[46];
} PreMasterSecret;
where client_version is the latest protocol version supported by the
client
The pre-master secret generated by OpenSSL does not have the correct
client version. The implementation does not update the first 2 bytes
of random secret for Kerberos Cipher suites. At the server-end, the
client version from the pre-master secret is not validated.
PR: 1336
2006-09-28 12:23:15 +00:00
Mark J. Cox
25e52a78fb
After tagging, bump ready for 0.9.8e development
2006-09-28 11:39:33 +00:00
Mark J. Cox
47c4bb2ddf
Prepare for 0.9.8d release
2006-09-28 11:32:42 +00:00