openssl

Author	SHA1	Message	Date
Andy Polyakov	bcf9cf89e7	x86_64-xlate.pl: remove old kludge. PR: 2435,2440	2012-03-13 19:19:31 +00:00
Dr. Stephen Henson	f0729fc3e0	corrected fix to PR#2711 and also cover mime_param_cmp	2012-03-12 16:29:47 +00:00
Dr. Stephen Henson	8186c00ef3	Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and continue with symmetric decryption process to avoid leaking timing information to an attacker. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this issue. (CVE-2012-0884)	2012-03-12 16:27:50 +00:00
Dr. Stephen Henson	c0b31ccb87	PR: 2744 Submitted by: Dmitry Belyavsky <beldmit@gmail.com> CMS support for ccgost engine	2012-03-11 13:40:05 +00:00
Dr. Stephen Henson	267c950c5f	Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> Add more extension names in s_cb.c extension printing code.	2012-03-09 18:37:41 +00:00
Dr. Stephen Henson	ce1605b508	PR: 2756 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Fix DTLS timeout handling.	2012-03-09 15:52:20 +00:00
Dr. Stephen Henson	66fdb1c0d4	check return value of BIO_write in PKCS7_decrypt	2012-03-08 14:02:51 +00:00
Dr. Stephen Henson	25bfdca16a	PR: 2755 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reduce MTU after failed transmissions.	2012-03-06 13:47:27 +00:00
Dr. Stephen Henson	9c284f9651	PR: 2748 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Fix possible DTLS timer deadlock.	2012-03-06 13:24:16 +00:00
Andy Polyakov	6d78c381f6	Configure: make no-whirlpool work [from HEAD].	2012-03-03 13:18:06 +00:00
Richard Levitte	784e2080df	On OpenVMS, try sha256 and sha512 et al as well.	2012-03-01 21:29:58 +00:00
Richard Levitte	70505bc334	For OpenVMS, use inttypes.h instead of stdint.h	2012-03-01 21:29:16 +00:00
Dr. Stephen Henson	8e8b247341	PR: 2743 Reported by: Dmitry Belyavsky <beldmit@gmail.com> Fix memory leak if invalid GOST MAC key given.	2012-02-29 14:12:52 +00:00
Dr. Stephen Henson	a8595879ec	PR: 2742 Reported by: Dmitry Belyavsky <beldmit@gmail.com> If resigning with detached content in CMS just copy data across.	2012-02-29 14:01:53 +00:00
Dr. Stephen Henson	33a688e806	Fix memory leak cause by race condition when creating public keys. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.	2012-02-28 14:47:16 +00:00
Andy Polyakov	5c2bfad9b4	x86cpuid.pl: fix processor capability detection on pre-586 [from HEAD].	2012-02-28 14:20:34 +00:00
Dr. Stephen Henson	250f979237	PR: 2736 Reported by: Remi Gacogne <rgacogne-bugs@coredump.fr> Preserve unused bits value in non-canonicalised ASN1_STRING structures by using ASN1_STRING_copy which preseves flags.	2012-02-27 18:45:18 +00:00
Dr. Stephen Henson	b527b6e8ff	PR: 2737 Submitted by: Remi Gacogne <rgacogne-bugs@coredump.fr> Fix double free in PKCS12_parse if we run out of memory.	2012-02-27 16:46:45 +00:00
Dr. Stephen Henson	a54ce007e6	PR: 2739 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Fix padding bugs in Heartbeat support.	2012-02-27 16:38:10 +00:00
Dr. Stephen Henson	4ed1f3490e	PR: 2735 Make cryptodev digests work. Thanks to Nikos Mavrogiannopoulos for this fix.	2012-02-27 16:33:25 +00:00
Dr. Stephen Henson	0a082e9b37	free headers after use in error message	2012-02-27 16:27:09 +00:00
Dr. Stephen Henson	236a99a409	Detect symmetric crypto errors in PKCS7_decrypt. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.	2012-02-27 15:22:54 +00:00
Andy Polyakov	04b4363ec8	Configure: remove adding of -D_XPG4_2 -D__EXTENSIONS__ in sctp builds, see corresponding commit to HEAD for details.	2012-02-26 22:03:41 +00:00
Andy Polyakov	37ebc20093	seed.c: Solaris portability fix from HEAD.	2012-02-26 21:53:28 +00:00
Dr. Stephen Henson	cef781cc87	PR: 2730 Submitted by: Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se> VMS fixes: disable SCTP by default.	2012-02-25 17:58:03 +00:00
Dr. Stephen Henson	08e4c7a967	correct CHANGES	2012-02-23 22:13:59 +00:00
Dr. Stephen Henson	697e4edcad	PR: 2711 Submitted by: Tomas Mraz <tmraz@redhat.com> Tolerate bad MIME headers in parser.	2012-02-23 21:50:32 +00:00
Dr. Stephen Henson	b26297ca51	PR: 2696 Submitted by: Rob Austein <sra@hactrn.net> Fix inverted range problem in RFC3779 code. Thanks to Andrew Chi for generating test cases for this bug.	2012-02-23 21:31:22 +00:00
Dr. Stephen Henson	6ca7dba0cf	PR: 2727 Submitted by: Bruce Stephens <bruce.stephens@isode.com> Use same construct for EXHEADER in srp/Makefile as other makefiles to cope with possibly empty EXHEADER.	2012-02-23 13:49:22 +00:00
Dr. Stephen Henson	f1fa05b407	ABI compliance fixes. Move new structure fields to end of structures. Import library codes from 1.0.0 and recreate new ones.	2012-02-22 14:01:44 +00:00
Dr. Stephen Henson	02e22c35fe	update NEWS	2012-02-21 14:21:32 +00:00
Dr. Stephen Henson	b935714237	typo	2012-02-17 17:31:32 +00:00
Dr. Stephen Henson	a8314df902	Fix bug in CVE-2011-4619: check we have really received a client hello before rejecting multiple SGC restarts.	2012-02-16 15:25:39 +00:00
Dr. Stephen Henson	0cd7a0325f	Additional compatibility fix for MDC2 signature format. Update RSA EVP_PKEY_METHOD to use the OCTET STRING form of MDC2 signature: this will make all versions of MDC2 signature equivalent.	2012-02-15 14:14:01 +00:00
Dr. Stephen Henson	16b7c81d55	An incompatibility has always existed between the format used for RSA signatures and MDC2 using EVP or RSA_sign. This has become more apparent when the dgst utility in OpenSSL 1.0.0 and later switched to using the EVP_DigestSign functions which call RSA_sign. This means that the signature format OpenSSL 1.0.0 and later used with dgst -sign and MDC2 is incompatible with previous versions. Add detection in RSA_verify so either format works. Note: MDC2 is disabled by default in OpenSSL and very rarely used in practice.	2012-02-15 14:00:09 +00:00
Dr. Stephen Henson	424ba8b588	PR: 2708 Submitted by: Bruce Stephens <bruce.stephens@isode.com> Translate path separators correctly for $fipsdir in util/mk1mf.pl	2012-02-12 23:20:21 +00:00
Dr. Stephen Henson	bf493e8d62	PR: 2713 Submitted by: Tomas Mraz <tmraz@redhat.com> Move libraries that are not needed for dynamic linking to Libs.private in the .pc files	2012-02-12 18:47:36 +00:00
Dr. Stephen Henson	c714e43c8d	PR: 2717 Submitted by: Tim Rice <tim@multitalents.net> Make compilation work on OpenServer 5.0.7	2012-02-11 23:38:49 +00:00
Dr. Stephen Henson	cdf9d6f6ed	PR: 2716 Submitted by: Adam Langley <agl@google.com> Fix handling of exporter return value and use OpenSSL indentation in s_client, s_server.	2012-02-11 23:21:09 +00:00
Dr. Stephen Henson	cc4b48c27c	PR: 2703 Submitted by: Alexey Melnikov <alexey.melnikov@isode.com> Fix some memory and resource leaks in CAPI ENGINE.	2012-02-11 23:12:59 +00:00
Dr. Stephen Henson	cac9c92cc0	PR: 2705 Submitted by: Alexey Melnikov <alexey.melnikov@isode.com> Only create ex_data indices once for CAPI engine.	2012-02-11 23:07:58 +00:00
Dr. Stephen Henson	d40abf1689	Submitted by: Eric Rescorla <ekr@rtfm.com> Further fixes for use_srtp extension.	2012-02-11 22:53:48 +00:00
Andy Polyakov	69e9c69e70	apps/s_cb.c: recognize latest TLS versions [from HEAD].	2012-02-11 13:31:16 +00:00
Dr. Stephen Henson	c489ea7d01	PR: 2704 Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> Fix srp extension.	2012-02-10 20:08:49 +00:00
Dr. Stephen Henson	26c6857a59	PR: 2710 Submitted by: Tomas Mraz <tmraz@redhat.com> Check return codes for load_certs_crls.	2012-02-10 19:54:46 +00:00
Dr. Stephen Henson	508bd3d1aa	PR: 2714 Submitted by: Tomas Mraz <tmraz@redhat.com> Make no-srp work.	2012-02-10 19:44:00 +00:00
Dr. Stephen Henson	8705846710	only cleanup ctx if we need to, save ctx flags when we do	2012-02-10 16:54:56 +00:00
Dr. Stephen Henson	c944a9696e	add fips hmac option and fips blocking overrides to command line utilities	2012-02-10 16:46:19 +00:00
Dr. Stephen Henson	943cc09d8a	Submitted by: Eric Rescorla <ekr@rtfm.com> Fix encoding of use_srtp extension to be compliant with RFC5764	2012-02-10 00:03:37 +00:00
Dr. Stephen Henson	fc6800d19f	Modify client hello version when renegotiating to enhance interop with some servers.	2012-02-09 15:41:44 +00:00

1 2 3 4 5 ...

10054 commits