Commit graph

9392 commits

Author SHA1 Message Date
Dr. Stephen Henson
9b2cfb890c set engine to NULL after releasing it 2009-11-12 19:24:34 +00:00
Richard Levitte
b2f364ec62 Compiling vms.mar doesn't work on other than VAX. 2009-11-12 14:05:04 +00:00
Richard Levitte
b7aeb4c9b5 Another symbol longer than 31 characters. 2009-11-12 14:04:26 +00:00
Richard Levitte
370f48da2a Typo 2009-11-12 14:03:57 +00:00
Richard Levitte
32def77ace Everywhere was a little too much. 2009-11-12 14:03:35 +00:00
Dr. Stephen Henson
531c81ece8 PR: 2098
Submitted by: Corinna Vinschen <vinschen@redhat.com>
Approved by: steve@openssl.org

For Cygwin enable zlib and mdc2 by default.
2009-11-11 19:04:56 +00:00
Dr. Stephen Henson
73582b8117 add missing parts of reneg port, fix apps patch 2009-11-11 14:51:29 +00:00
Dr. Stephen Henson
5c33091cfa commit missing apps code for reneg fix 2009-11-11 14:10:09 +00:00
Dr. Stephen Henson
56327ebe6a make update 2009-11-10 13:23:04 +00:00
Dr. Stephen Henson
e0031b1c78 Prepare for beta4 release 2009-11-10 13:15:09 +00:00
Dr. Stephen Henson
b2ac5cb2d0 PR: 1686
Submitted by: Hanno Böck <hanno@hboeck.de>
Approved by: steve@openssl.org

Create engines dir if it doesn't already exist.
2009-11-10 01:52:52 +00:00
Dr. Stephen Henson
6757ef89b3 PR: 2091
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org

If an OID has no short name or long name return the numerical representation.
2009-11-10 01:00:23 +00:00
Dr. Stephen Henson
bf6eea6536 PR: 2090
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org

Improve error checking in asn1_gen.c
2009-11-10 00:47:37 +00:00
Dr. Stephen Henson
ec4346f6f9 oops, add missing prototypes 2009-11-09 18:58:50 +00:00
Dr. Stephen Henson
e42ff486a8 fix CHANGES 2009-11-09 18:46:59 +00:00
Dr. Stephen Henson
bc9058d041 First cut of renegotiation extension. (port to 1.0.0-stable) 2009-11-09 18:45:42 +00:00
Dr. Stephen Henson
4a276f3039 make update 2009-11-09 14:35:30 +00:00
Dr. Stephen Henson
acf47d8f24 Remove BF_PTR2 from configuration: it doesn't improve performance any more and causes gcc warnings about arrays out of range 2009-11-09 14:11:13 +00:00
Dr. Stephen Henson
f62d1ea3d5 Combat gcc 4.4.1 aliasing rules. (from HEAD) 2009-11-09 14:09:53 +00:00
Dr. Stephen Henson
f923bba73c file t1_reneg.c was added on branch OpenSSL_1_0_0-stable on 2009-11-09 18:45:42 +0000 2009-11-08 14:51:55 +00:00
Dr. Stephen Henson
e3738c49b8 If it is a new session don't send the old TLS ticket: send a zero length
ticket to request a new session.
2009-11-08 14:36:32 +00:00
Dr. Stephen Henson
41746da8c2 Update ordinals. 2009-11-04 13:29:58 +00:00
Dr. Stephen Henson
23b97c6bb5 PR: 2089
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS Fragment size bug fix.
2009-11-02 13:37:17 +00:00
Dr. Stephen Henson
4a7f7171f5 Add missing functions to allow access to newer X509_STORE_CTX status
information. Add more informative message to verify callback to indicate
when CRL path validation is taking place.
2009-10-31 19:21:47 +00:00
Dr. Stephen Henson
961092281f Add option to allow in-band CRL loading in verify utility. Add function
load_crls and tidy up load_certs. Remove useless purpose variable from
verify utility: now done with args_verify.
2009-10-31 13:34:19 +00:00
Dr. Stephen Henson
036b3f331b Generate stateless session ID just after the ticket is received instead
of when a session is loaded. This will mean that applications that
just hold onto SSL_SESSION structures and never call d2i_SSL_SESSION()
will still work.
2009-10-30 14:06:18 +00:00
Dr. Stephen Henson
9ac5c355a2 Move CHANGES entry to 0.9.8l section 2009-10-30 13:29:08 +00:00
Dr. Stephen Henson
3d0b604c14 Fix statless session resumption so it can coexist with SNI 2009-10-30 13:22:44 +00:00
Dr. Stephen Henson
257b2bfb6c Don't attempt session resumption if no ticket is present and session
ID length is zero.
2009-10-28 19:52:35 +00:00
Dr. Stephen Henson
90528846e8 Add -no_cache option to s_server 2009-10-28 17:49:37 +00:00
Dr. Stephen Henson
32509c9731 Don't replace whole AR line 2009-10-28 15:33:20 +00:00
Dr. Stephen Henson
d3f940833d PR: 2081
Submitted by: Mike Frysinger <vapier@gentoo.org>
Approved by: steve@openssl.org

Respect AR and RANLIB environment variables if set.
2009-10-28 14:00:41 +00:00
Dr. Stephen Henson
b335e351d4 PR: 2080
Submitted by: Mike Frysinger <vapier@gentoo.org>
Approved by: steve@openssl.org

Respect MAKE environment variable if set.
2009-10-28 13:55:55 +00:00
Dr. Stephen Henson
67bcde9ba8 PR: 2078
Submitted by: Dale Anderson <dra@redevised.net>
Approved by: steve@openssl.org

Corrections to bn_internal documentation.
2009-10-28 13:51:56 +00:00
Dr. Stephen Henson
169bfde4d4 Clarification 2009-10-23 12:47:01 +00:00
Dr. Stephen Henson
0a7f291268 Sync FAQ with HEAD. 2009-10-23 12:24:54 +00:00
Dr. Stephen Henson
0c2c2e71a6 If not checking all certificates don't attempt to find a CRL
for the leaf certificate of a CRL path.
2009-10-23 12:05:54 +00:00
Dr. Stephen Henson
d1d746afb4 Need to check <= 0 here. 2009-10-22 23:14:12 +00:00
Dr. Stephen Henson
db6e41f0ed PR: 2070
Submitted by: Alexander Nikitovskiy <Nikitovski@ya.ru>
Approved by: steve@openssl.org

Fix wrong cast.
2009-10-19 13:13:14 +00:00
Dr. Stephen Henson
5b2b60ae98 Document additions for X509 chain verification from HEAD 2009-10-18 15:28:59 +00:00
Dr. Stephen Henson
c90a1ae0c9 make update 2009-10-18 14:44:51 +00:00
Dr. Stephen Henson
c679fb298e Add new function X509_STORE_set_verify_cb and use it in apps 2009-10-18 14:42:27 +00:00
Dr. Stephen Henson
17c7cad545 take install prefix from the environment 2009-10-18 14:26:46 +00:00
Dr. Stephen Henson
164c263b5c PR: 2074
Submitted by: Bram Neijt <bneijt@gmail.com>
Approved by: steve@openssl.org

Typo: "contet".
2009-10-16 15:29:34 +00:00
Dr. Stephen Henson
a9bb9d0eb4 PR: 2072
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Avoid potential doublefree and reuse of freed handshake_buffer.
2009-10-16 15:24:19 +00:00
Dr. Stephen Henson
cc6688d796 PR: 2073
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Don't access freed SSL_CTX in SSL_free().
2009-10-16 13:41:52 +00:00
Dr. Stephen Henson
9b1f24df3d Fixes to CROSS_COMPILE, don't override command line option from environment 2009-10-15 23:44:11 +00:00
Dr. Stephen Henson
595e804ae3 Fix for WIN32 (and possibly other platforms) which don't define in_port_t. 2009-10-15 18:48:47 +00:00
Dr. Stephen Henson
b381e9b952 Update ordinals. 2009-10-15 18:04:43 +00:00
Dr. Stephen Henson
28418076b2 PR: 2069
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

IPv6 support for DTLS.
2009-10-15 17:41:44 +00:00