Ben Laurie
d886975835
Fix gcc 4.6 warnings. Check TLS server hello extension length.
2010-06-12 13:18:58 +00:00
Dr. Stephen Henson
22872a5363
Prepare for release.
2010-06-01 14:47:12 +00:00
Dr. Stephen Henson
82b6b541b1
Fix CVE-2010-0742
2010-06-01 14:39:57 +00:00
Dr. Stephen Henson
60a989a76e
fix PR#2261 in a different way
2010-05-31 13:17:52 +00:00
Andy Polyakov
18394ed50f
098 aes-x86_64.pl module was erroneously enabled in Win64 build without
...
being adapted for Win64 ABI. Fix this.
2010-05-30 22:02:03 +00:00
Dr. Stephen Henson
356f164f52
PR: 2258
...
Submitted By: Ger Hobbelt <ger@hobbelt.com>
Base64 BIO fixes:
Use OPENSSL_assert() instead of assert().
Use memmove() as buffers overlap.
Fix write retry logic.
2010-05-27 12:41:33 +00:00
Dr. Stephen Henson
203ef9988c
PR: 2266
...
Submitted By: Jonathan Gray <jsg@goblin.cx>
Correct ioctl definitions.
2010-05-26 23:23:53 +00:00
Dr. Stephen Henson
59c4f46f0f
PR: 2251
...
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org
Memleak, BIO chain leak and realloc checks in v3_pci.c
2010-05-22 00:31:18 +00:00
Dr. Stephen Henson
a7949b8da3
PR: 2253
...
Submitted By: Ger Hobbelt <ger@hobbelt.com>
Check callback return value when outputting errors.
2010-05-15 00:36:40 +00:00
Andy Polyakov
b8febed96a
Prevent ERR_print_errors_fp crash on Win32 [from HEAD].
2010-04-20 20:28:30 +00:00
Andy Polyakov
c25e8ee9b3
md32_common.h: fix copy-n-paste typo. The typo was present in 098 only.
2010-03-29 11:23:11 +00:00
Dr. Stephen Henson
4525a048ec
PR: 1696
...
Check return value if d2i_PBEPARAM().
2010-03-28 00:42:17 +00:00
Dr. Stephen Henson
17a79eec0c
PR: 1763
...
Remove useless num = 0 assignment.
Remove redundant cases on sock_ctrl(): default case handles them.
2010-03-27 23:28:33 +00:00
Dr. Stephen Henson
1eda14b44f
PR: 1813
...
Submitted by: Torsten Hilbrich <torsten.hilbrich@secunet.com>
Fix memory leak when engine name cannot be loaded.
2010-03-27 18:28:24 +00:00
Richard Levitte
ab9c0ec9fc
Have an underscore before <ARCH> to make sure any future architecture
...
name won't be mixed up with any crypto name.
2010-03-25 14:45:22 +00:00
Dr. Stephen Henson
ea5b3f5e62
PR: 2202 (partial)
...
Submitted by: Steven M. Schweda <sms@antinode.info>
Make some declarations conditional on FIPS/ENGINE.
Make pqueue_print non-VAX.
2010-03-25 12:17:17 +00:00
Dr. Stephen Henson
c3c658e1c0
updates for next version
2010-03-25 12:07:04 +00:00
Dr. Stephen Henson
4fae868811
prepare for release
2010-03-24 13:16:55 +00:00
Andy Polyakov
c3484e0268
rand_win.c: fix logical bug in readscreen [from HEAD].
2010-03-22 22:44:48 +00:00
Andy Polyakov
6b0be9c73d
bss_file.c: fix MSC 6.0 warning [from HEAD].
2010-03-22 22:40:18 +00:00
Andy Polyakov
02312a91ca
ppc.pl: assembler Y chokes on apostrophes in comment.
2010-03-22 20:58:43 +00:00
Andy Polyakov
f1502a491e
Fix UPLINK typo [from HEAD].
2010-03-15 22:27:32 +00:00
Dr. Stephen Henson
cc53036744
missing goto meant signature was never printed out
2010-03-12 12:07:16 +00:00
Dr. Stephen Henson
5e8e7054f7
The OID sanity check was incorrect. It should only disallow *leading* 0x80
...
values.
2010-03-07 16:40:31 +00:00
Dr. Stephen Henson
9a542ea01d
don't add digest alias if signature algorithm is undefined
2010-03-06 20:52:33 +00:00
Dr. Stephen Henson
1939f83709
Fix memory leak: free up ENGINE functional reference if digest is not
...
found in an ENGINE.
2010-03-05 13:35:06 +00:00
Dr. Stephen Henson
7786ed6a64
don't mix definitions and code
2010-03-03 15:30:05 +00:00
Andy Polyakov
bdd08277b8
Fix s390x-specific HOST_l2c|c2l [from HEAD].
...
Submitted by: Andreas Krebbel
2010-03-02 16:26:13 +00:00
Dr. Stephen Henson
2bf4faa7e4
PR: 2178
...
Submitted by: "Kennedy, Brendan" <brendan.kennedy@intel.com>
Handle error codes correctly: cryptodev returns 0 for success whereas OpenSSL
returns 1.
2010-03-01 23:54:19 +00:00
Dr. Stephen Henson
2e5e604b0c
load cryptodev if HAVE_CRYPTODEV is set too
2010-03-01 00:30:11 +00:00
Ben Laurie
ed4cd027f3
Fix warnings.
2010-02-28 13:37:15 +00:00
Dr. Stephen Henson
582eb96d15
Revert CFB block length change. Despite what SP800-38a says the input to
...
CFB mode does *not* have to be a multiple of the block length and several
other specifications (e.g. PKCS#11) do not require this.
2010-02-26 14:41:38 +00:00
Dr. Stephen Henson
2649ce1ebc
Change versions for 0.9.8n-dev
2010-02-26 14:34:24 +00:00
Dr. Stephen Henson
7070cdba4e
Prepare for 0.9.8m release
2010-02-25 17:18:23 +00:00
Richard Levitte
e885de28b1
Since crypto-lib.com is built to be executed in the crypto/ directory,
...
there's no need to specify that directory in the include path.
2010-02-24 01:20:04 +00:00
Bodo Möller
3e4da3f7cb
Always check bn_wexpend() return values for failure (CVE-2009-3245).
...
(The CHANGES entry covers the change from PR #2111 as well, submitted by
Martin Olsson.)
Submitted by: Neel Mehta
2010-02-23 10:36:41 +00:00
Richard Levitte
defede6080
Include [.CRYPTO.<ARCH>] instead of just [.<ARCH>]
2010-02-23 07:50:54 +00:00
Richard Levitte
00d1ecb1da
Add t1_reneg to the VMS build.
...
Hack the symbols with long names.
2010-02-22 07:05:24 +00:00
Bodo Möller
739e0e934a
Fix X509_STORE locking
2010-02-19 18:25:39 +00:00
Dr. Stephen Henson
657b02d0cf
PR: 2100
...
Submitted by: James Baker <jbaker@tableausoftware.com> et al.
Workaround for slow Heap32Next on some versions of Windows.
2010-02-17 14:32:01 +00:00
Dr. Stephen Henson
1b690c1a8b
The "block length" for CFB mode was incorrectly coded as 1 all the time. It
...
should be the number of feedback bits expressed in bytes. For CFB1 mode set
this to 1 by rounding up to the nearest multiple of 8.
2010-02-15 19:40:45 +00:00
Dr. Stephen Henson
2873a53f5f
Correct ECB mode EVP_CIPHER definition: IV length is 0
2010-02-15 19:25:37 +00:00
Dr. Stephen Henson
04a781e844
PR: 2164
...
Submitted by: "Noszticzius, Istvan" <inoszticzius@rightnow.com>
Don't clear the output buffer: ciphers should correctly the same input
and output buffers.
2010-02-15 19:02:53 +00:00
Dr. Stephen Henson
0bbbadf3f5
Fix memory leak in ENGINE autoconfig code. Improve error logging.
2010-02-09 14:18:15 +00:00
Dr. Stephen Henson
4a9d335bb4
tolerate broken CMS/PKCS7 implementations using signature OID instead of digest
2010-02-02 14:19:54 +00:00
Dr. Stephen Henson
0369804ffa
In engine_table_select() don't clear out entire error queue: just clear
...
out any we added using ERR_set_mark() and ERR_pop_to_mark() otherwise
errors from other sources (e.g. SSL library) can be wiped.
2010-01-28 17:53:11 +00:00
Dr. Stephen Henson
b3fb2492d5
eliminate some warnings in fips build
2010-01-27 13:21:34 +00:00
Dr. Stephen Henson
93b810637b
Bypass algorithm blocking with TLS MD5+SHA1 signature in FIPS mode by
...
calling underlying method directly.
2010-01-27 00:51:24 +00:00
Dr. Stephen Henson
9413788571
PR: 2138
...
Submitted by: Kevin Regan <k.regan@f5.com>
Clear stat structure if -DPURIFY is set to avoid problems on some
platforms which include unitialised fields.
2010-01-26 18:08:42 +00:00
Dr. Stephen Henson
1b32943215
Update OID table too.
2010-01-25 16:08:52 +00:00
Dr. Stephen Henson
a231d99d4c
PR: 2149
...
Submitted by: Douglas Stebila <douglas@stebila.ca>
Fix wap OIDs.
2010-01-25 16:08:01 +00:00
Dr. Stephen Henson
cf876a9893
change versions back to 0.9.8m-dev
2010-01-20 18:22:04 +00:00
Dr. Stephen Henson
8b8a2928af
prepare for release
2010-01-20 17:26:02 +00:00
Andy Polyakov
b86ebb55ff
rand_win.c: handel GetTickCount wrap-around [from HEAD].
2010-01-19 21:45:45 +00:00
Andy Polyakov
66956eaba3
x86_64-xlate.pl: refine sign extension logic when handling lea [from HEAD].
...
PR: 2094,2095
2010-01-19 21:45:16 +00:00
Andy Polyakov
2557c6a812
Valgrind fix to aes-x86_64.pl in 0.9.8. For reference, newer aes-x86_64.pl
...
don't suffer from the problem after Win64 SEH support was added.
PR: 2075
Submitted by: Peter Klotz
2010-01-17 19:43:49 +00:00
Dr. Stephen Henson
06e2670a57
Modify compression code so it avoids using ex_data free functions. This
...
stops applications that call CRYPTO_free_all_ex_data() prematurely leaking
memory.
2010-01-13 18:45:03 +00:00
Andy Polyakov
5b8246d6eb
x86_64-xlate.pl: new gas requires sign extention in lea instruction
...
[from HEAD].
PR: 2094,2095
2010-01-07 11:22:25 +00:00
Dr. Stephen Henson
c22050be29
Traditional Yuletide commit ;-)
...
Add Triple DES CFB1 and CFB8 to algorithm list and NID translation.
2009-12-25 14:11:18 +00:00
Bodo Möller
54ca55fd81
Constify crypto/cast.
2009-12-22 11:45:57 +00:00
Bodo Möller
d0e79d7e2c
Constify crypto/cast.
2009-12-22 10:59:03 +00:00
Dr. Stephen Henson
c1003dfd15
Ooops, engage ENGINE initialisation code correctly in FIPS builds.
2009-12-17 16:38:18 +00:00
Dr. Stephen Henson
9e5dea0ffd
PR: 2124
...
Submitted by: Jan Pechanec <Jan.Pechanec@Sun.COM>
Check for memory allocation failures.
2009-12-09 13:41:50 +00:00
Dr. Stephen Henson
1ff44a99a4
PR: 2111
...
Submitted by: Martin Olsson <molsson@opera.com>
Check for bn_wexpand errors in bn_mul.c
2009-12-02 15:27:19 +00:00
Dr. Stephen Henson
b172352b52
PR: 1432
...
Submitted by: "Andrzej Chmielowiec" <achmielowiec@enigma.com.pl>, steve@openssl.org
Approved by: steve@openssl.org
Truncate hash if it is too large: as required by FIPS 186-3.
2009-12-01 17:32:16 +00:00
Dr. Stephen Henson
637e0ba420
PR: 2094
...
Submitted by: Arkadiusz Miskiewicz <arekm@maven.pl>
Approved by: steve@openssl.org
Fix for out range of signed 32bit displacement error on newer binutils.
2009-11-13 14:14:46 +00:00
Richard Levitte
e333a8d673
Updated from 1.0.0-stable.
2009-11-12 16:59:18 +00:00
Dr. Stephen Henson
7e42945918
PR: 2091
...
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org
If an OID has no short name or long name return the numerical representation.
2009-11-10 01:00:37 +00:00
Dr. Stephen Henson
b61a87b26c
check new_der for NULL too
2009-11-10 00:46:57 +00:00
Dr. Stephen Henson
2c6b141931
PR: 2090
...
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org
Improve error checking in asn1_gen.c
2009-11-10 00:40:42 +00:00
Dr. Stephen Henson
381a9f04a0
Fix unitialized warnings
2009-10-04 16:53:18 +00:00
Dr. Stephen Henson
d7050b4424
Fix warnings about ignoring fgets return value
2009-10-04 16:43:39 +00:00
Dr. Stephen Henson
91ca332058
Prevent ignored return value warning
2009-10-04 14:04:36 +00:00
Dr. Stephen Henson
ff095a8ac8
Prevent aliasing warning
2009-10-04 14:02:35 +00:00
Dr. Stephen Henson
ae37f9f3a2
PR: 2062
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct BN_rand error handling in bntest.c
2009-10-01 00:22:23 +00:00
Dr. Stephen Henson
95d66bd867
PR: 2059
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct EVP_SealInit error handling in pem_seal.c
2009-10-01 00:18:09 +00:00
Dr. Stephen Henson
6d73e9d8e8
PR: 2056
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct BIO_wirte error handling in asn1_par.c
2009-10-01 00:12:49 +00:00
Dr. Stephen Henson
36a38a7a27
PR: 2063
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct BIO_write error handling in ocsp_prn.c
2009-09-30 23:59:42 +00:00
Dr. Stephen Henson
2a4dc7e505
PR: 2057
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct BIO_write, BIO_printf, i2a_ASN1_INTEGER and i2a_ASN1_OBJECT
error handling in OCSP print routines.
2009-09-30 23:56:29 +00:00
Ben Laurie
4e92353d23
Make it build, plus make depend.
2009-09-27 14:04:33 +00:00
Dr. Stephen Henson
0badc909ae
PR: 2050
...
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org
Fix handling of ENOTCONN and EMSGSIZE for dgram BIOs.
2009-09-22 11:33:58 +00:00
Dr. Stephen Henson
3cc52ee97a
Don't set non fips allow flags when calling RSA_new() and DSA_new().
2009-09-22 11:28:05 +00:00
Dr. Stephen Henson
9e6c97703c
Don't use __try+__except unless on VC++
2009-09-20 12:38:46 +00:00
Dr. Stephen Henson
e1246e1ad7
Submitted by: Julia Lawall <julia@diku.dk>
...
The functions ENGINE_ctrl(), OPENSSL_isservice(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.
2009-09-13 11:20:38 +00:00
Dr. Stephen Henson
cf51a0dccb
Seed PRNG with DSA and ECDSA digests for additional protection against
...
possible PRNG state duplication.
2009-09-09 12:07:41 +00:00
Dr. Stephen Henson
48b30bf0e2
make update
2009-09-06 16:14:20 +00:00
Dr. Stephen Henson
17b08b6a64
PR: 1644
...
Submitted by: steve@openssl.org
Fix to make DHparams_dup() et al work in C++.
For 0.9.8, we just change the macro to avoid making incompatible changes to
the API.
2009-09-06 15:46:46 +00:00
Dr. Stephen Henson
197ab47bdd
PR: 2028
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Fix DTLS cookie management bugs.
2009-09-04 17:53:30 +00:00
Richard Levitte
2c83b24cad
Remove tmdiff.h from EXHEADERS as it doesn't exist.
...
Don't have separate installation directory variables for VAX and AXP.
Submitted by Zoltan Arpadffy <zoli@polarhome.com>
2009-08-25 07:28:18 +00:00
Richard Levitte
c21a427a14
Make it possible to compile non-assembler routines on AXP as well.
...
Submitted by Zoltan Arpadffy <arpadffy@polarhome.com>
2009-08-25 07:22:07 +00:00
Dr. Stephen Henson
3af16cf694
Backport GeneralizedTime fractional seconds support from HEAD.
2009-08-10 15:15:27 +00:00
Dr. Stephen Henson
759b287f15
Add COMP error strings.
2009-08-09 14:51:56 +00:00
Dr. Stephen Henson
5fffb5b3d9
Backport modified version of MIME wrapper for PKCS#7. This ensures
...
correct values for micalg among other things.
2009-08-09 14:49:00 +00:00
Dr. Stephen Henson
059230b320
Reject leading 0x80 in OID subidentifiers.
2009-08-06 16:22:57 +00:00
Dr. Stephen Henson
b0080e3817
PR: 1992
...
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org
RAND_poll() and CreateToolhelp32Snapshot() stability for WIN32.
2009-07-24 13:47:32 +00:00
Dr. Stephen Henson
ded8aff2c8
PR: 1990
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS socket timeout bug fix.
2009-07-24 13:06:35 +00:00
Dr. Stephen Henson
32d4496c1e
PR: 1989
...
Submitted by: Viktor Szakáts <harbour.01@syenar.hu>
Approved by: steve@openssl.org
Too few arguments in definition of BIO_get_cont_int_port macro.
2009-07-24 11:24:07 +00:00
Dr. Stephen Henson
8b634ba029
OSX DSO fix from HEAD.
2009-07-16 09:58:27 +00:00
Dr. Stephen Henson
526228b78e
Update from 1.0.0-stable.
2009-07-15 11:03:08 +00:00
Dr. Stephen Henson
7852c6b075
Update from HEAD
2009-07-11 22:30:49 +00:00
Dr. Stephen Henson
2c5f3606d1
Remove MD2 from digest algorithm table. This follows the recommendation in
...
several places that it is not used in new applications.
2009-07-08 08:33:27 +00:00
Dr. Stephen Henson
f67f815624
Update from 1.0.0-stable.
2009-06-30 11:22:25 +00:00
Dr. Stephen Henson
5e4c2225ed
Oops, moved too much.
2009-06-26 23:56:10 +00:00
Dr. Stephen Henson
167d2a1411
PR: 1961
...
Submitted by: Martin Gerbershagen <martin.gerbershagen@nsn.com>
Approved by: steve@openssl.org
Avoid memory leak if RAND_bytes() fails.
2009-06-26 22:52:18 +00:00
Dr. Stephen Henson
9aecc3e5ff
Update from 1.0.0-stable.
2009-06-26 11:34:22 +00:00
Dr. Stephen Henson
b8a4a5bcba
Fix from HEAD.
2009-06-25 17:12:26 +00:00
Dr. Stephen Henson
efaa569c3b
PR: 1943
...
Submitted by: Guenter <lists@gknw.net>
Approved by: steve@openssl.org
Rename uni2asc and asc2uni on Netware to avoid a name clash.
2009-06-17 11:55:51 +00:00
Dr. Stephen Henson
15684f58c2
Update from 1.0.0-stable.
2009-06-17 11:49:18 +00:00
Dr. Stephen Henson
0e6c24ae4b
Update from HEAD.
2009-06-17 11:26:39 +00:00
Dr. Stephen Henson
1e53b797f6
Don't check self-signed signature in X509_verify_cert(), the check just
...
wastes processing time and doesn't add any security.
2009-06-15 14:52:38 +00:00
Dr. Stephen Henson
1ddf691244
Update from 1.0.0-stable.
2009-06-05 15:05:10 +00:00
Dr. Stephen Henson
78074baadd
Fix from 1.0.0-stable.
2009-06-05 11:53:49 +00:00
Dr. Stephen Henson
7457642b8c
PR: 1937
...
Submitted by: Mark Phalan <Mark.Phalan@Sun.COM>
Reviewed by: steve@openssl.org
Fix misuse of st_mode field in struct stat.
2009-06-02 11:31:32 +00:00
Dr. Stephen Henson
c2f425a06a
PR: 1944
...
Submitted by: Guenter <lists@gknw.net>
Reviewed by: steve@openssl.org
Fix gcc warning on mingw.
2009-06-01 12:18:21 +00:00
Dr. Stephen Henson
4930f8bbd9
Update from HEAD.
2009-06-01 12:14:53 +00:00
Dr. Stephen Henson
4730ea8a38
Fix from 1.0.0-stable branch.
2009-05-18 16:12:56 +00:00
Dr. Stephen Henson
b7d0d35a13
Modified PR#1929 update from 1.0.0-stable.
2009-05-17 16:42:14 +00:00
Richard Levitte
d7c86198d9
Stupid typo
2009-05-17 07:22:18 +00:00
Dr. Stephen Henson
6bf4ca0840
Update from 1.0.0-stable.
2009-05-16 16:18:45 +00:00
Dr. Stephen Henson
efa59b8d59
Updates from 1.0.0-stable.
2009-05-16 15:51:59 +00:00
Dr. Stephen Henson
e1a2bfaaa6
Update from HEAD.
2009-05-15 23:07:59 +00:00
Richard Levitte
48f48d96ce
Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda).
...
Thank you\!
(note: not tested for now, a few nightly builds should give indications though)
2009-05-15 16:37:29 +00:00
Richard Levitte
3166d16f06
Add a comment about libeay.num and ssleay.num
2009-05-15 16:00:11 +00:00
Richard Levitte
3e9b2042d9
Update from HEAD
2009-05-05 08:48:02 +00:00
Richard Levitte
05ee0523c1
Update from HEAD
2009-04-28 13:11:05 +00:00
Dr. Stephen Henson
01cb2049e3
Update from 1.0.0-stable.
2009-04-22 17:37:47 +00:00
Dr. Stephen Henson
b00c36e366
PR: 1829
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS timer bug fix from 1.0.0-stable with fixes.
2009-04-14 15:20:48 +00:00
Dr. Stephen Henson
18df6b30b1
Fix from 1.0.0-stable.
2009-04-08 15:58:26 +00:00
Dr. Stephen Henson
a78ded0b61
PR: 1700
...
Submitted by: "Robbins, Aharon" <aharon.robbins@intel.com>
Approved by: steve@openssl.org
#undef X509_EXTENSIONS for WIN32 too.
2009-04-03 16:54:04 +00:00
Dr. Stephen Henson
0a629ddbd6
Update from 1.0.0-stable
2009-04-03 16:28:20 +00:00
Dr. Stephen Henson
353cb367e4
PR: 1616
...
Submitted by: Dequin_Eric@emc.com
Approved by: steve@openssl.org
Check tree->levels to ensure malloc worked.
2009-04-03 11:36:49 +00:00
Dr. Stephen Henson
c342341ea1
Ooops, revert patch... due to non-portable gettimeofday call.
2009-04-02 22:19:07 +00:00
Dr. Stephen Henson
9d396bee8e
PR: 1829
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS timer bug fix.
2009-04-02 22:16:02 +00:00
Dr. Stephen Henson
aca8bf43ce
Submitted by: Ilya O. <vrghost@gmail.com>
...
Approved by: steve@openssl.org
Add 2.5.4.* OIDs.
2009-03-25 19:01:03 +00:00
Dr. Stephen Henson
7de0df694f
Prepare for next version.
2009-03-25 13:02:49 +00:00
Dr. Stephen Henson
15d3cd4680
Aaargh.... wrong version number....
2009-03-25 12:08:14 +00:00
Dr. Stephen Henson
e10051ef3f
Prepare for 0.9.8k release.
2009-03-25 10:46:56 +00:00
Dr. Stephen Henson
c60dca1f95
PR: 1868
...
Submitted by: Paolo Ganci <Paolo.Ganci@AdNovum.CH>
Approved by: steve@openssl.org
Don't set fields to NULL when freeing them up in ASN1 code. On some platforms
with sizeof(long) < sizeof(char *) this can cause a crash.
2009-03-25 10:42:34 +00:00
Dr. Stephen Henson
188abf7e2a
Submitted by: Ivan Nestlerode <inestlerode@us.ibm.com>
...
Approved by: steve@openssl.org
Check return code properly in CMS_SignerInfo_verify_content().
2009-03-25 10:40:32 +00:00
Dr. Stephen Henson
f021b7cca6
Reject BMPStrings and UniversalStrings of invalid length. This prevents
...
a crash in ASN1_STRING_print_ex() which assumes they are valid.
2009-03-25 10:35:57 +00:00
Andy Polyakov
3f03b3569d
des_enc.m4, SPARC DES assembler, update from HEAD: make it Purify-friendly.
...
As side effect it introduces duplicate of 2KB DES_SPtrans table.
2009-03-16 13:43:43 +00:00
Dr. Stephen Henson
07dd3bfcd4
Oops.
2009-03-15 14:03:29 +00:00
Dr. Stephen Henson
37afdc953e
Don't force S/MIME signing purpose: allow it to be overridden by store
...
settings.
Don't set default values in X509_VERIFY_PARAM_new(): it stops parameters
being inherited properly.
2009-03-15 13:36:01 +00:00
Dr. Stephen Henson
044855e146
Permit nested ASN1 string encoding but with a maximum depth to avoid
...
stack overflow.
2009-03-14 18:33:25 +00:00
Dr. Stephen Henson
12379c82ba
Update from HEAD.
2009-03-14 12:40:46 +00:00
Dr. Stephen Henson
be98d6b9ad
PR: 1863
...
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Reviewed by: steve@openssl.org
Check return value, use OPENSSL_assert and unsigned int.
2009-03-14 12:26:03 +00:00
Dr. Stephen Henson
6fe9c925d2
PR: 1856
...
Check return value of PKCS12_add_safes()
2009-03-09 13:07:16 +00:00
Dr. Stephen Henson
0d658ddf25
PR: 1858
...
Submitted by: Jurko Gospodneti <jurko.gospodnetic@docte.hr>
Reviewed by: steve@openssl.org
Make OPENSSL_NO_SOCK work.
2009-03-09 12:09:03 +00:00
Dr. Stephen Henson
cefa7ce284
PR: 1857
...
Submitted by: Jurko GospodnetiÄ <jurko.gospodnetic@docte.hr>
Reviewed by: steve@openssl.org
Make OPENSSL_NO_FP_API work again.
2009-03-09 12:06:23 +00:00
Dr. Stephen Henson
ee4041b8bd
PR: 1841
...
Submitted by: Martin Kaiser <lists@kaiser.cx>
Reviewed by: steve@openssl.org
Remove unused code.
2009-03-08 23:05:34 +00:00
Ben Laurie
a17f351b56
Fix display of all 0 IPv6 address (from Rob Austein).
2009-03-08 10:48:03 +00:00
Dr. Stephen Henson
4fcf8d8b07
Submitted by: Jeremy Shapiro <jnshapir@us.ibm.com>
...
Reviewed by: steve@openssl.org
Improve efficientcy of mem_gets().
2009-03-07 16:58:43 +00:00
Ben Laurie
1eee8a4226
Use the correct length (reported by Quanhong Wang).
2009-03-03 15:06:49 +00:00
Ben Laurie
e26ad0c4fd
Fix FIPS typo.
2009-02-18 10:27:23 +00:00
Dr. Stephen Henson
6e7559ac7f
Update from HEAD.
2009-02-16 23:24:06 +00:00
Richard Levitte
9feda63955
Data not initialised.
...
Notified by Gerardo Ganis <gerardo.ganis@cern.ch>
2009-02-16 15:17:26 +00:00
Ben Laurie
1ed81ff731
Use shared dev team flags, fix resulting warning.
2009-02-16 08:44:23 +00:00
Dr. Stephen Henson
9a6401acdf
PR: 1422
...
Fix return value of X509_NAME_cmp() so it works with qsort/bsearch again.
2009-02-15 12:10:39 +00:00
Dr. Stephen Henson
f908ca4db4
PR: 1840
...
Submitted by: Martin Kaiser <lists@kaiser.cx>
Approved by: steve@openssl.org
Handle NULL passing in parameter and BN_CTX_new() error correctly.
2009-02-14 22:19:31 +00:00
Dr. Stephen Henson
72f6453c48
PR: 1835
...
Submitted by: Damien Miller <djm@mindrot.org>
Approved by: steve@openssl.org
Fix various typos.
2009-02-14 21:50:14 +00:00
Dr. Stephen Henson
73cb37295d
Update from HEAD.
2009-01-28 12:55:36 +00:00
Dr. Stephen Henson
1f35508ae6
Support NumericString for name components.
2009-01-28 12:35:10 +00:00
Richard Levitte
3e2a74c294
Add missing modules
2009-01-28 07:54:16 +00:00
Richard Levitte
ab31dbc482
Another symbol that's longer than 31 characters.
2009-01-17 12:33:43 +00:00
Richard Levitte
36e9d3ee91
A forgotten module...
2009-01-17 12:33:11 +00:00
Dr. Stephen Henson
5f3ad8f82c
Update from HEAD.
2009-01-14 10:46:00 +00:00
Dr. Stephen Henson
d34353cc91
Prepare for next version.
2009-01-07 23:38:34 +00:00
Dr. Stephen Henson
6287fa5396
Prepare for 0.9.8j release.
2009-01-07 10:50:54 +00:00
Dr. Stephen Henson
a00c3c4019
Properly check EVP_VerifyFinal() and similar return values
...
(CVE-2008-5077).
Submitted by: Ben Laurie, Bodo Moeller, Google Security Team
2009-01-07 10:48:23 +00:00
Dr. Stephen Henson
92308905dd
make update.
2009-01-05 12:47:11 +00:00
Andy Polyakov
e607e731eb
Synchronize with bn_nist.c from HEAD.
2008-12-30 13:41:08 +00:00
Andy Polyakov
f17c45611e
Backport http://cvs.openssl.org/chngview?cn=17710 from HEAD.
...
PR: 1230
2008-12-30 13:30:57 +00:00
Andy Polyakov
a51c8c64e0
Backport aes-x86_64.pl update from HEAD.
2008-12-27 13:34:30 +00:00
Richard Levitte
7f065cfdbd
In BIO_write(), update the write statistics, not the read statistics.
...
PR: 1803
2008-12-25 22:24:21 +00:00
Richard Levitte
667fbc0847
Further synchronisation with Unix
2008-12-25 22:04:45 +00:00
Richard Levitte
6ba7bd5697
Synchronise with Unixly build.
2008-12-22 09:30:09 +00:00
Dr. Stephen Henson
2cad035c01
Make no-engine work again...
2008-12-20 17:04:09 +00:00
Andy Polyakov
2a76c68842
Backport aes-x86_64.pl update from HEAD and revisit same code in aes-586.pl.
...
PR: 1801
2008-12-17 14:14:51 +00:00
Ben Laurie
1b00f4bc37
Missing return values (Coverity ID 204).
2008-12-13 17:00:53 +00:00
Dr. Stephen Henson
fe43caa4a4
Fix from HEAD.
2008-12-08 19:13:57 +00:00
Dr. Stephen Henson
792e614144
Fix from HEAD.
2008-12-07 23:59:13 +00:00
Ben Laurie
f092a073a7
Fix warnings.
2008-12-02 18:14:44 +00:00
Bodo Möller
505ed2b076
Implement Configure option pattern "experimental-foo"
...
(specifically, "experimental-jpake").
2008-12-02 01:21:06 +00:00
Dr. Stephen Henson
cef3e62d2b
Don't clobber passed GENERAL_NAME on error.
2008-11-30 16:07:11 +00:00
Dr. Stephen Henson
516f76fd2c
Move new function CRYPTO_strdup to mem_dbg.c because mem.c is excluded in
...
a fips build.
2008-11-24 17:02:49 +00:00
Dr. Stephen Henson
5a02ac6e5b
Revert OPENSSL_EXPERIMENTAL patch.
...
Change it so JPAKE uses the standard OPENSSL_NO_JPAKE instead.
2008-11-24 16:14:15 +00:00
Dr. Stephen Henson
14d4074ee1
Update from HEAD.
2008-11-21 18:18:28 +00:00
Dr. Stephen Henson
d9f16c405c
Commit default dependencies.
2008-11-19 16:03:51 +00:00
Dr. Stephen Henson
5aa032033e
Remove jpake.h dependencies from default build.
2008-11-19 00:40:59 +00:00
Dr. Stephen Henson
c0ce8fe755
Update .cvsignore
2008-11-15 17:47:31 +00:00
Dr. Stephen Henson
55eff40084
Stop warnings.
2008-11-15 17:46:41 +00:00
Bodo Möller
fe46b0de29
make update
2008-11-14 00:17:43 +00:00
Dr. Stephen Henson
a581439bb1
Fixes for "make depend". Features which need a #define to be set to
...
enable them, like FIPS and JPAKE need to have these set when building
dependencies.
2008-11-13 15:08:33 +00:00
Ben Laurie
a43337e8c4
Not an error to include jpake.h when disabled.
2008-11-13 11:35:23 +00:00
Ben Laurie
33c51ec143
J-PAKE is not RSA.
2008-11-13 09:50:24 +00:00
Dr. Stephen Henson
a1bb2d6c2f
Update mk1mf.pl for new JPAKE options. Update jpaketest.c for WIN32.
2008-11-12 18:27:17 +00:00
Dr. Stephen Henson
81dde5e8fe
Add support for experimental code, not compiled in by default and
...
with OPENSSL_EXPERIMENTAL_FOO around it. Make JPAKE experimental.
2008-11-12 16:54:35 +00:00
Dr. Stephen Henson
b84e441861
Don't attempt to enter FIPS mode in autoconfig module if already in FIPS mode.
2008-11-11 12:52:14 +00:00
Dr. Stephen Henson
08e012bbec
Update from HEAD.
2008-11-11 12:42:32 +00:00
Dr. Stephen Henson
b46acc392b
Avoid conflict with some version of Windows platform SDK.
2008-11-11 12:22:17 +00:00