Andy Polyakov
6da165c631
ans1/tasn_prn.c: avoid bool in variable names.
...
PR: 2776
2012-03-29 17:48:19 +00:00
Dr. Stephen Henson
d0595f170c
Initial revision of ECC extension handling.
...
Tidy some code up.
Don't allocate a structure to handle ECC extensions when it is used for
default values.
Make supported curves configurable.
Add ctrls to retrieve shared curves: not fully integrated with rest of
ECC code yet.
2012-03-28 15:05:04 +00:00
Dr. Stephen Henson
751e26cb9b
fix leak
2012-03-22 16:28:07 +00:00
Dr. Stephen Henson
f404acfa2c
Submitted by: Markus Friedl <mfriedl@gmail.com>
...
Fix memory leaks in 'goto err' cases.
2012-03-22 15:44:51 +00:00
Dr. Stephen Henson
7744ef1ada
use client version when deciding whether to send supported signature algorithms extension
2012-03-21 21:33:23 +00:00
Andy Polyakov
ed998634cd
e_padlock-x86[_64].pl: better understanding of prefetch errata and proper
...
workaround.
2012-03-19 20:23:32 +00:00
Andy Polyakov
884c580e05
eng_all.c: revert previous "disable Padlock" commit, which was unjustified.
2012-03-19 20:20:41 +00:00
Dr. Stephen Henson
bbbe61c958
Always use SSLv23_{client,server}_method in s_client.c and s_server.c,
...
the old code came from SSLeay days before TLS was even supported.
2012-03-18 18:16:46 +00:00
Andy Polyakov
df27a35137
vpaes-x86_64.pl: out-of-date Apple assembler fails to calculate
...
distance between local labels.
PR: 2762
2012-03-17 16:06:31 +00:00
Andy Polyakov
f9ef874a21
bsaes-x86_64.pl: optimize key conversion.
2012-03-16 21:44:19 +00:00
Andy Polyakov
442c9f13d4
bsaes-armv7.pl: optmize Sbox and key conversion.
2012-03-16 21:41:48 +00:00
Dr. Stephen Henson
156421a2af
oops, revert unrelated patches
2012-03-14 13:46:50 +00:00
Dr. Stephen Henson
61ad8262a0
update FAQ, NEWS
2012-03-14 13:44:57 +00:00
Andy Polyakov
5c88dcca5b
ghash-x86.pl: omit unreferenced rem_8bit from no-sse2 build.
2012-03-13 19:43:42 +00:00
Andy Polyakov
d2add2efaa
ssl/t1_enc.c: pay attention to EVP_CIPH_FLAG_CUSTOM_CIPHER.
2012-03-13 19:20:55 +00:00
Andy Polyakov
b2ae61ecf2
x86_64-xlate.pl: remove old kludge.
...
PR: 2435,2440
2012-03-13 19:19:08 +00:00
Dr. Stephen Henson
78dfd43955
corrected fix to PR#2711 and also cover mime_param_cmp
2012-03-12 16:32:19 +00:00
Dr. Stephen Henson
146b52edd1
Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and
...
continue with symmetric decryption process to avoid leaking timing
information to an attacker.
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
2012-03-12 16:31:39 +00:00
Dr. Stephen Henson
13747c6fda
update NEWS
2012-03-12 16:23:00 +00:00
Dr. Stephen Henson
174b07be93
PR: 2744
...
Submitted by: Dmitry Belyavsky <beldmit@gmail.com>
CMS support for ccgost engine
2012-03-11 13:40:17 +00:00
Dr. Stephen Henson
15a40af2ed
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
...
Add more extension names in s_cb.c extension printing code.
2012-03-09 18:38:35 +00:00
Dr. Stephen Henson
ea6e386008
PR: 2756
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix DTLS timeout handling.
2012-03-09 15:52:33 +00:00
Dr. Stephen Henson
34b61f5a25
check return value of BIO_write in PKCS7_decrypt
2012-03-08 14:10:23 +00:00
Dr. Stephen Henson
e7f8ff4382
New ctrls to retrieve supported signature algorithms and curves and
...
extensions to s_client and s_server to print out retrieved valued.
Extend CERT structure to cache supported signature algorithm data.
2012-03-06 14:28:21 +00:00
Dr. Stephen Henson
62b6948a27
PR: 2755
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reduce MTU after failed transmissions.
2012-03-06 13:47:43 +00:00
Dr. Stephen Henson
0fbf8b9cea
PR: 2748
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix possible DTLS timer deadlock.
2012-03-06 13:26:15 +00:00
Dr. Stephen Henson
d895f7f060
don't do loop check for single self signed certificate
2012-03-05 15:48:13 +00:00
Andy Polyakov
ce0ed3b778
Configure: make no-whirlpool work.
2012-03-03 13:17:47 +00:00
Andy Polyakov
358c372d16
bsaes-armv7.pl: change preferred contact.
2012-03-03 13:04:53 +00:00
Andy Polyakov
c4a52a6dca
Add bit-sliced AES for ARM NEON. This initial version is effectively
...
reference implementation, it does not interface to OpenSSL yet.
2012-03-03 12:33:28 +00:00
Dr. Stephen Henson
797a2a102d
PR: 2743
...
Reported by: Dmitry Belyavsky <beldmit@gmail.com>
Fix memory leak if invalid GOST MAC key given.
2012-02-29 14:13:00 +00:00
Dr. Stephen Henson
3c6a7cd44b
PR: 2742
...
Reported by: Dmitry Belyavsky <beldmit@gmail.com>
If resigning with detached content in CMS just copy data across.
2012-02-29 14:02:02 +00:00
Dr. Stephen Henson
dc4f678cdc
Fix memory leak cause by race condition when creating public keys.
...
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-28 14:47:02 +00:00
Andy Polyakov
0f2ece872d
x86cpuid.pl: fix processor capability detection on pre-586.
2012-02-28 14:20:21 +00:00
Dr. Stephen Henson
68a7b5ae1e
PR: 2736
...
Reported by: Remi Gacogne <rgacogne-bugs@coredump.fr>
Preserve unused bits value in non-canonicalised ASN1_STRING structures
by using ASN1_STRING_copy which preseves flags.
2012-02-27 18:45:28 +00:00
Dr. Stephen Henson
161c9b4262
PR: 2737
...
Submitted by: Remi Gacogne <rgacogne-bugs@coredump.fr>
Fix double free in PKCS12_parse if we run out of memory.
2012-02-27 16:46:34 +00:00
Dr. Stephen Henson
57cb030cea
PR: 2739
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix padding bugs in Heartbeat support.
2012-02-27 16:38:24 +00:00
Dr. Stephen Henson
d441e6d8db
PR: 2735
...
Make cryptodev digests work. Thanks to Nikos Mavrogiannopoulos for
this fix.
2012-02-27 16:33:34 +00:00
Dr. Stephen Henson
228a8599ff
free headers after use in error message
2012-02-27 16:27:17 +00:00
Dr. Stephen Henson
d16bb406d4
Detect symmetric crypto errors in PKCS7_decrypt.
...
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-27 15:22:41 +00:00
Andy Polyakov
f7ef20c5ee
Configure: I remove adding of -D_XPG4_2 -D__EXTENSIONS__ in sctp builds for
...
following reasons:
- it's not the way to engage XPG4v2 mode, defining _XOPEN_SOURCE to
value less than 500 is (see standards(5));
- we need to work out strategy to handle _XOPEN_SOURCE, current state
when we define e.g. _XOPEN_SOURCE to 500 in some files is inappropriate;
- sctp implementation on Solaris is incomplete, in sense that bss_dgram.c
doesn't compile, because not all structures are defined, so that
enabling sctp doesn't work anyway;
2012-02-26 22:02:59 +00:00
Andy Polyakov
d0e68a98c5
seed.c: incredibly enough seed.c can fail to compile on Solaris with certain
...
flags, because SS is defined after inclusion of <stdlib.h>, in <sys/regset.h>
2012-02-26 21:52:43 +00:00
Dr. Stephen Henson
a36fb72584
PR: 2730
...
Submitted by: Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>
VMS fixes: disable SCTP by default.
2012-02-25 17:59:40 +00:00
Dr. Stephen Henson
8f27a92754
ABI fixes from 1.0.1-stable
2012-02-23 22:25:52 +00:00
Dr. Stephen Henson
6941b7b918
PR: 2711
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Tolerate bad MIME headers in parser.
2012-02-23 21:50:44 +00:00
Dr. Stephen Henson
ef570cc869
PR: 2696
...
Submitted by: Rob Austein <sra@hactrn.net>
Fix inverted range problem in RFC3779 code.
Thanks to Andrew Chi for generating test cases for this bug.
2012-02-23 21:31:37 +00:00
Dr. Stephen Henson
4d3670fa50
PR: 2727
...
Submitted by: Bruce Stephens <bruce.stephens@isode.com>
Use same construct for EXHEADER in srp/Makefile as other makefiles to cope
with possibly empty EXHEADER.
2012-02-23 13:49:35 +00:00
Dr. Stephen Henson
5421196eca
ABI compliance fixes.
...
Move new structure fields to end of structures.
2012-02-22 15:39:54 +00:00
Dr. Stephen Henson
74b4b49494
SSL export fixes (from Adam Langley) [original from 1.0.1]
2012-02-22 15:06:56 +00:00
Dr. Stephen Henson
de2b5b7439
initialise i if n == 0
2012-02-22 15:03:44 +00:00