Dr. Stephen Henson
a3dc628d86
PR: 2433
...
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve
Constify ASN1_STRING_set_default_mask_asc().
2011-01-24 16:21:00 +00:00
Dr. Stephen Henson
3c159fc1a5
check EC public key isn't point at infinity
2011-01-24 15:08:12 +00:00
Dr. Stephen Henson
6056afd223
PR: 1612
...
Submitted by: Robert Jackson <robert@rjsweb.net>
Reviewed by: steve
Fix EC_POINT_cmp function for case where b but not a is the point at infinity.
2011-01-24 14:42:11 +00:00
Richard Levitte
54db796991
PR: 2434
...
Under Windows, there seems to be a problem relinking fips_premain_dso
because that file is locked. Changing from backtick op to using
system() with redirection and reading the hash from the output file
seems to fix the problem.
In an ideal world, there should be no difference, as a command in a
backtick op should terminate before the backtick returns, same as it
does with system(). We suspect, though, that the loaded binary is
cached by Windows for a little while, and that reading the output from
a file provides enough delay for the lock to drop before we try to
relink.
2011-01-20 22:12:50 +00:00
Dr. Stephen Henson
119e912a83
Since DTLS 1.0 is based on TLS 1.1 we should never return a decryption_failed
...
alert.
2011-01-04 19:33:01 +00:00
Dr. Stephen Henson
f4a4a0fdc7
PR: 2411
...
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve
Fix corner cases in RFC3779 code.
2011-01-03 01:40:22 +00:00
Dr. Stephen Henson
9ad765173f
Fix escaping code for string printing. If *any* escaping is enabled we
...
must escape the escape character itself (backslash).
2011-01-03 01:26:33 +00:00
Dr. Stephen Henson
c8e3c1a9b5
PR: 2410
...
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve
Use OPENSSL_assert() instead of assert().
2011-01-03 01:20:03 +00:00
Dr. Stephen Henson
ae378b769a
use fips-dev not dev-fips
2011-01-03 00:43:47 +00:00
Dr. Stephen Henson
4de4e35459
PR: 2416
...
Submitted by: Mark Phalan <mark.phalan@oracle.com>
Reviewed by: steve
Use L suffix in version number.
2011-01-03 00:25:47 +00:00
Bodo Möller
5537a83e56
Add missing explicit instruction size.
...
[CVS head and later branches have this since revision 1.7 of this file.]
Submitted by: Chandler Carruth (Google)
2010-12-13 20:47:26 +00:00
Dr. Stephen Henson
c850d322a6
add Android changes from FIPS 1.2.2 module
2010-12-11 00:30:43 +00:00
Dr. Stephen Henson
b8be571868
update for next release
2010-12-02 19:42:28 +00:00
Dr. Stephen Henson
acd43bf38c
prepare for release
2010-12-02 18:53:52 +00:00
Dr. Stephen Henson
5eaf173647
update FAQ
2010-12-02 18:53:34 +00:00
Dr. Stephen Henson
7890b562bc
fix for CVE-2010-4180
2010-12-02 18:49:28 +00:00
Dr. Stephen Henson
7258d33794
PR: 2386
...
Submitted by: Stefan Birrer <stefan.birrer@adnovum.ch>
Reviewed by: steve
Correct SKM_ASN1_SET_OF_d2i macro.
2010-12-02 18:02:02 +00:00
Dr. Stephen Henson
263979a2a3
use consistent FAQ between version
2010-12-02 00:11:32 +00:00
Dr. Stephen Henson
2c6d83354d
update README
2010-12-01 17:50:41 +00:00
Dr. Stephen Henson
a188fc01fe
oops, no corrected fix needed for 0.9.8 branch
2010-12-01 17:48:59 +00:00
Dr. Stephen Henson
1948f9e042
update NEWS
2010-12-01 17:16:36 +00:00
Dr. Stephen Henson
f7ffc3a6c9
add CVE to JPAKE fix
2010-11-29 18:47:51 +00:00
Dr. Stephen Henson
4d6af5c5d2
../comm.txt
2010-11-27 17:33:34 +00:00
Ben Laurie
efed63d783
Backport J-PAKE fix.
2010-11-26 16:03:23 +00:00
Dr. Stephen Henson
7e351bb560
add acknowledgements file to 0.9.8 branch too
2010-11-22 16:35:15 +00:00
Dr. Stephen Henson
0067580321
update for next version
2010-11-16 16:35:37 +00:00
Dr. Stephen Henson
82e0073624
oops, correct version number
2010-11-16 14:56:17 +00:00
Dr. Stephen Henson
7e541b1a7f
prepare for release
2010-11-16 14:37:28 +00:00
Dr. Stephen Henson
2ae47ddbc2
fix CVE-2010-3864
2010-11-16 14:26:18 +00:00
Dr. Stephen Henson
3e8b8b8990
Submitted by: Jonathan Dixon <joth@chromium.org>
...
Reviewed by: steve
If store is NULL set flags correctly.
2010-11-02 15:57:00 +00:00
Dr. Stephen Henson
05bbbe9204
PR: 2295
...
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve
OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.
2010-10-11 23:28:54 +00:00
Dr. Stephen Henson
a073129293
PR: 2314
...
Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net>
Reviewed by: steve
Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
2010-10-10 12:21:23 +00:00
Dr. Stephen Henson
93fc0e0e40
We can't always read 6 bytes in an OCSP response: fix so error statuses
...
are read correctly for non-blocking I/O.
2010-10-06 18:01:35 +00:00
Dr. Stephen Henson
84f1c14396
Minor documentation fixes, PR#2345
2010-10-04 13:28:15 +00:00
Dr. Stephen Henson
f10986bab4
Minor documentation fixes, PR#2344
2010-10-04 13:25:29 +00:00
Dr. Stephen Henson
6cb5746b65
Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(),
...
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.
Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
2010-10-03 18:55:57 +00:00
Dr. Stephen Henson
0061aa9f32
Don't announce tests run in empty directories
2010-09-20 23:25:07 +00:00
Dr. Stephen Henson
3926bbcf6d
support customisable rm and mkdir commands
2010-09-19 15:34:23 +00:00
Dr. Stephen Henson
b5cee977c2
update FIPS script generator to make output easier to hand edit
2010-09-19 11:30:14 +00:00
Dr. Stephen Henson
ae3b60ba99
fix bug in AES_unwrap()
2010-08-30 23:57:03 +00:00
Bodo Möller
d4ba6424a1
ECC library bugfixes.
...
Submitted by: Emilia Kapser (Google)
2010-08-26 12:10:25 +00:00
Bodo Möller
92a97e52a0
Version tree clarification.
2010-08-26 11:15:09 +00:00
Dr. Stephen Henson
78dcaa0609
PR: 2297
...
Submitted by: Antony, Benoy <bantony@ebay.com>
Approved by: steve@openssl.org
Fix bug in AES wrap code when t > 0xff.
2010-07-09 17:24:29 +00:00
Dr. Stephen Henson
65b4c34d86
initialise pbe_tmp
2010-07-08 16:51:48 +00:00
Andy Polyakov
d8486c312c
rand_nw.c: compensate for gcc bug (using %edx instead of %eax at -O3)
...
[from HEAD].
PR: 2296
2010-07-08 09:15:14 +00:00
Andy Polyakov
8d4baaf2f0
PROBLEMS: MacOS X is not necessarily a problem anymore [from HEAD].
2010-07-08 09:01:33 +00:00
Dr. Stephen Henson
50fb940f05
make WIN32 compile work again
2010-07-08 01:23:25 +00:00
Dr. Stephen Henson
63e3676e68
fix so it is safe to repeatedly add PBE algorithms
2010-06-26 12:55:01 +00:00
Dr. Stephen Henson
1dac2cae68
prepare for next release
2010-06-16 13:40:09 +00:00
Ben Laurie
d886975835
Fix gcc 4.6 warnings. Check TLS server hello extension length.
2010-06-12 13:18:58 +00:00