Andy Polyakov
adb5a2694a
sha512-sparcv9.pl: work around V8+ warning.
2012-01-13 09:18:05 +00:00
Andy Polyakov
23b93b587b
aes-ppc.pl, sha512-ppc.pl: comply even with Embedded ABI specification
...
(most restrictive about r2 and r13 usage).
2012-01-13 09:16:52 +00:00
Andy Polyakov
a50bce82ec
Sanitize usage of <ctype.h> functions. It's important that characters
...
are passed zero-extended, not sign-extended.
PR: 2682
2012-01-12 16:21:35 +00:00
Andy Polyakov
713f49119f
ec_pmeth.c: fix typo in commentary.
...
PR: 2677
Submitted by: Annue Yousar
2012-01-12 13:22:51 +00:00
Andy Polyakov
677741f87a
doc/apps: formatting fixes.
...
PR: 2683
Submitted by: Annie Yousar
2012-01-11 21:58:19 +00:00
Andy Polyakov
5beb93e114
speed.c: typo in pkey_print_message.
...
PR: 2681
Submitted by: Annie Yousar
2012-01-11 21:48:31 +00:00
Andy Polyakov
62d7dd5ffd
ecdsa.pod: typo.
...
PR: 2678
Submitted by: Annie Yousar
2012-01-11 21:41:32 +00:00
Andy Polyakov
6e913f9901
asn1/t_x509.c: fix serial number print, harmonize with a_int.c.
...
PR: 2675
Submitted by: Annie Yousar
2012-01-11 21:12:22 +00:00
Andy Polyakov
e255024bf7
aes-sparcv9.pl: clean up regexp
...
PR: 2685
2012-01-11 15:30:53 +00:00
Dr. Stephen Henson
8fa397a6bc
fix warning (revert original patch)
2012-01-10 14:36:41 +00:00
Andy Polyakov
03cf7e784c
cmac.c: optimize make_kn and move zero_iv to const segment.
2012-01-06 13:19:16 +00:00
Andy Polyakov
ce0727f9bd
bn_nist.c: harmonize buf in BN_nist_mod_256 with other mod functions.
2012-01-06 13:17:47 +00:00
Bodo Möller
8e85545284
Update for 0.9.8s and 1.0.0f, and for 1.0.1 branch.
...
(While the 1.0.0f CHANGES entry on VOS PRNG seeding was missing
in HEAD, the actual code is here already.)
2012-01-05 13:48:55 +00:00
Bodo Möller
6620bf3444
Fix usage indentation
2012-01-05 13:16:30 +00:00
Bodo Möller
7bb1cc9505
Fix for builds without DTLS support.
...
Submitted by: Brian Carlstrom
2012-01-05 10:22:41 +00:00
Dr. Stephen Henson
59e68615ce
PR: 2671
...
Submitted by: steve
Update maximum message size for certifiate verify messages to support
4096 bit RSA keys again as TLS v1.2 messages is two bytes longer.
2012-01-05 00:28:43 +00:00
Dr. Stephen Henson
192540b522
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
...
Reviewed by: steve
Send fatal alert if heartbeat extension has an illegal value.
2012-01-05 00:23:17 +00:00
Dr. Stephen Henson
e2ca32fc2b
disable heartbeats if tlsext disabled
2012-01-05 00:07:46 +00:00
Dr. Stephen Henson
4d0bafb4ae
update CHANGES
2012-01-04 23:54:17 +00:00
Dr. Stephen Henson
e745572493
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen <tuexen@fh-muenster.de>
...
Reviewed by: steve
Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and
Kenny Paterson.
2012-01-04 23:52:26 +00:00
Dr. Stephen Henson
27dfffd5b7
Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576)
2012-01-04 23:16:15 +00:00
Dr. Stephen Henson
d0dc991c62
Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)
2012-01-04 23:15:51 +00:00
Dr. Stephen Henson
2ec0497f08
fix CHANGES
2012-01-04 23:10:44 +00:00
Dr. Stephen Henson
6bf896d9b1
Check GOST parameters are not NULL (CVE-2012-0027)
2012-01-04 23:03:40 +00:00
Dr. Stephen Henson
be71c37296
Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577)
2012-01-04 23:01:54 +00:00
Dr. Stephen Henson
0015572372
update FAQ
2012-01-04 20:05:58 +00:00
Dr. Stephen Henson
6074fb0979
fix warnings
2012-01-04 14:45:47 +00:00
Dr. Stephen Henson
25536ea6a7
Submitted by: Adam Langley <agl@chromium.org>
...
Reviewed by: steve
Fix memory leaks.
2012-01-04 14:25:42 +00:00
Dr. Stephen Henson
b3720c34e5
oops, revert wrong patch
2012-01-03 22:06:21 +00:00
Dr. Stephen Henson
5733919dbc
only send heartbeat extension from server if client sent one
2012-01-03 22:03:20 +00:00
Dr. Stephen Henson
b333905011
incomplete provisional OAEP CMS decrypt support
2012-01-02 18:25:37 +00:00
Dr. Stephen Henson
918fc30fa4
recognise HEARTBEATS in mkdef.pl script
2011-12-31 23:50:01 +00:00
Dr. Stephen Henson
0b9f5ef809
update CHANGES
2011-12-31 23:08:15 +00:00
Dr. Stephen Henson
4817504d06
PR: 2658
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Support for TLS/DTLS heartbeats.
2011-12-31 22:59:57 +00:00
Dr. Stephen Henson
84b6e277d4
make update
2011-12-27 14:46:03 +00:00
Dr. Stephen Henson
fa2c72e549
update default depflags
2011-12-27 14:45:32 +00:00
Dr. Stephen Henson
ffdfce8d14
fix error code
2011-12-27 14:40:21 +00:00
Dr. Stephen Henson
816e243a87
fix deprecated statement
2011-12-27 14:39:13 +00:00
Dr. Stephen Henson
c79f22c63a
PR: 1794
...
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve
- remove some unncessary SSL_err and permit
an srp user callback to allow a worker to obtain
a user verifier.
- cleanup and comments in s_server and demonstration
for asynchronous srp user lookup
2011-12-27 14:21:45 +00:00
Dr. Stephen Henson
f3d781bb43
PR: 2326
...
Submitted by: Tianjie Mao <tjmao@tjmao.net>
Reviewed by: steve
Fix incorrect comma expressions and goto f_err as alert has been set.
2011-12-26 19:37:58 +00:00
Dr. Stephen Henson
995a6b10e1
recognise no-sctp
2011-12-25 14:59:52 +00:00
Dr. Stephen Henson
9ef562bcc6
recognise SCTP in mkdef.pl script
2011-12-25 14:46:15 +00:00
Dr. Stephen Henson
7e159e0133
PR: 2535
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Add SCTP support for DTLS (RFC 6083).
2011-12-25 14:45:15 +00:00
Dr. Stephen Henson
b9e1488865
typo
2011-12-23 15:03:03 +00:00
Dr. Stephen Henson
e43bfb2906
recognise DECLARE_PEM_write_const, update ordinals
2011-12-23 14:58:30 +00:00
Dr. Stephen Henson
9c52c3e07c
delete unimplemented function from header file, update ordinals
2011-12-23 14:09:30 +00:00
Dr. Stephen Henson
1394b29120
sync and update ordinals
2011-12-22 16:11:47 +00:00
Dr. Stephen Henson
b646fc409d
remove prototype for deleted SRP function
2011-12-22 16:05:02 +00:00
Dr. Stephen Henson
f9b0b45238
New ctrl values to clear or retrieve extra chain certs from an SSL_CTX.
...
New function to retrieve compression method from SSL_SESSION structure.
Delete SSL_SESSION_get_id_len and SSL_SESSION_get0_id functions
as they duplicate functionality of SSL_SESSION_get_id. Note: these functions
have never appeared in any release version of OpenSSL.
2011-12-22 15:14:32 +00:00
Dr. Stephen Henson
ad89bf7894
PR: 2563
...
Submitted by: Paul Green <Paul.Green@stratus.com>
Reviewed by: steve
Improved PRNG seeding for VOS.
2011-12-19 17:01:37 +00:00