Dr. Stephen Henson
900f7a8776
Update from 0.9.7-stable.
...
Improve mkerr.pl header file function name parsing.
2006-11-21 20:14:05 +00:00
Bodo Möller
bd869183d5
for completeness, include 0.9.7l information
2006-09-28 13:29:08 +00:00
Mark J. Cox
25e52a78fb
After tagging, bump ready for 0.9.8e development
2006-09-28 11:39:33 +00:00
Mark J. Cox
47c4bb2ddf
Prepare for 0.9.8d release
2006-09-28 11:32:42 +00:00
Mark J. Cox
951dfbb13a
Introduce limits to prevent malicious keys being able to
...
cause a denial of service. (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service. (CVE-2006-2937) [Steve Henson]
Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
Fix SSL client code which could crash if connecting to a
malicious SSLv2 server. (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
2006-09-28 11:29:03 +00:00
Bodo Möller
8fdb296cbd
Update
2006-09-12 14:42:09 +00:00
Bodo Möller
879b30aaa3
ensure that ciphersuite strings such as "RC4-MD5" match the SSL 2.0
...
ciphersuite as well
2006-09-11 09:48:46 +00:00
Mark J. Cox
da1841a075
After tagging, prep for next release
2006-09-05 08:51:30 +00:00
Mark J. Cox
0a0a10d127
Ready for 0.9.8c release
2006-09-05 08:45:37 +00:00
Mark J. Cox
df20b6e79b
Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
...
(CVE-2006-4339)
Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
2006-09-05 08:25:42 +00:00
Ben Laurie
4b9dcd821f
Add IGE and biIGE modes.
2006-08-28 11:00:32 +00:00
Bodo Möller
ec67e3b7e4
always read in RAND_poll() if we can't use select because of a too
...
large FD: it's non-blocking mode anyway
2006-06-28 14:50:00 +00:00
Richard Levitte
8de95bc05b
Use poll() when possible to gather Unix randomness entropy
2006-06-27 06:31:57 +00:00
Bodo Möller
aa17ab7e57
Put ECCdraft ciphersuites back into default build (but disabled
...
unless specifically requested)
2006-06-22 12:35:54 +00:00
Bodo Möller
35908bd040
Remove ECC ciphersuites from 0.9.8 branch (should use 0.9.9 branch)
2006-06-20 08:50:33 +00:00
Bodo Möller
0e73294e26
Disable invalid ciphersuites
2006-06-14 17:52:01 +00:00
Bodo Möller
6d2cd23f40
Thread-safety fixes
2006-06-14 08:51:41 +00:00
Bodo Möller
e18eef3d7a
Camellia cipher, contributed by NTT
...
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-09 15:42:21 +00:00
Dr. Stephen Henson
b723a7b11b
Don't check for padding bug if compression is negotiated.
...
PR: 1204
2006-05-07 12:27:48 +00:00
Dr. Stephen Henson
1c5dc844e7
Update for next dev version.
2006-05-04 13:08:35 +00:00
Dr. Stephen Henson
f871949efd
Prepare for new release.
2006-05-04 12:46:42 +00:00
Dr. Stephen Henson
cbb0b734c7
If cipher list contains a match for an explicit ciphersuite only match that
...
one suite.
2006-04-15 00:22:34 +00:00
Bodo Möller
5586a71a6e
clarification
2006-03-11 22:10:46 +00:00
Dr. Stephen Henson
217382d584
Handle manifest files for VC++
...
Submitted by: Austin Ziegler <halostatue@gmail.com>
2006-01-15 13:46:20 +00:00
Bodo Möller
bc9320452c
update TLS-ECC code
...
Submitted by: Douglas Stebila
2005-12-13 07:41:47 +00:00
Bodo Möller
23d43aae27
add missing entry (the corresponding code *is* in the 0.9.8 branch,
...
and both the code and the CHANGES entry are in HEAD)
2005-12-13 07:32:10 +00:00
Dr. Stephen Henson
7614f0e55e
Various zlib related fixes and enhancements.
2005-12-05 13:34:56 +00:00
Dr. Stephen Henson
feef17fd88
Update from HEAD.
2005-11-20 13:26:57 +00:00
Dr. Stephen Henson
abb0c2bba4
Update VC++ build engine to include supported engine DLL builds.
2005-11-06 17:49:00 +00:00
Richard Levitte
d3afc92bc9
Document it
2005-11-01 07:53:43 +00:00
Bodo Möller
20f7053254
harmonize with 0.9.7-stable CHANGES
2005-10-26 19:26:15 +00:00
Mark J. Cox
802c014656
One time CAN->CVE change
2005-10-19 10:51:36 +00:00
Richard Levitte
860841794d
Add in CHANGES for 0.9.7i.
2005-10-15 04:27:05 +00:00
Mark J. Cox
d8b408b1de
Bump after tag
2005-10-11 10:21:22 +00:00
Mark J. Cox
64932f9e4a
Add fixes for CAN-2005-2969
...
Bump release ready for OpenSSL_0_9_8a tag
2005-10-11 10:16:21 +00:00
Dr. Stephen Henson
0fce007b8e
Add two extra verify flags functions.
2005-09-02 22:48:21 +00:00
Nils Larsch
3c0e39c539
Keep cipher lists sorted in the source instead of sorting them at
...
runtime, thus removing the need for a lock. Add a test to ssltest
to verify that the cipher lists are sorted.
2005-08-25 07:43:04 +00:00
Bodo Möller
19fddebf0e
recent DH change does not avoid *all* possible small-subgroup attacks;
...
let's be clear about that
2005-08-23 06:55:45 +00:00
Ben Laurie
6086422193
Missed stuff.
2005-08-20 21:30:33 +00:00
Ben Laurie
9ddb11f11c
Avoid weak subgroups in Diffie Hellman.
2005-08-20 18:35:53 +00:00
Andy Polyakov
98e986141b
Windows CE update from HEAD.
2005-08-07 22:29:58 +00:00
Dr. Stephen Henson
222f224664
Initialize SSL_METHOD structures at compile time. This removes the need
...
for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.
2005-08-05 23:52:08 +00:00
Dr. Stephen Henson
1682e8fb12
Allow PKCS7_decrypt() to work if no cert supplied.
2005-08-04 22:10:05 +00:00
Richard Levitte
750cb3d248
Now that 0.9.8 has been tagged, it's time to move on.
2005-07-05 19:11:56 +00:00
Richard Levitte
f254b540b8
Time to release OpenSSL 0.9.8.
...
The tag will be OpenSSL_0_9_8.
2005-07-05 18:49:43 +00:00
Richard Levitte
1d01c9d43d
Last additions to the release documentation.
2005-07-05 18:32:05 +00:00
Andy Polyakov
e32ea81876
Mention Win64 support in CHANGES and throw in building instructions.
2005-07-05 10:53:13 +00:00
Dr. Stephen Henson
09c1a425a9
Add utf8 options to ca utility.
...
PR:1109
2005-07-04 23:04:28 +00:00
Dr. Stephen Henson
ab95eac286
Typo.
2005-06-02 20:30:46 +00:00
Dr. Stephen Henson
1cd76233d1
Update CHANGES.
2005-06-02 20:09:43 +00:00