Commit graph

9403 commits

Author SHA1 Message Date
Richard Levitte
d2f098b33d Spelling 2010-04-13 14:34:48 +00:00
Richard Levitte
6f4f7f35f3 Rework the configuration of avoided algorithms.
Avoid copying test modules.
2010-04-13 14:33:04 +00:00
Richard Levitte
0a4fe6c8db Undo the previous change, it was incorrect in this branch. 2010-04-13 11:10:07 +00:00
Richard Levitte
7bba401d5d Third argument to dtls1_buffer_record is by reference 2010-04-13 08:41:58 +00:00
Andy Polyakov
c73cff12f1 aes-ppc.pl: 10% performance improvement on Power6 [from HEAD]. 2010-04-10 14:54:34 +00:00
Andy Polyakov
b32d93840e cryptlib.c: allow application to override OPENSSL_isservice [from HEAD]. 2010-04-10 14:13:12 +00:00
Andy Polyakov
cb457849fd ctr129.c: fix typo, simplify ctr128_inc and fix "n=0" bug [from HEAD]. 2010-04-10 13:47:11 +00:00
Andy Polyakov
cb3c30059a darwin-ppc-cc: add -Wa,-force_cpusubtype_ALL to produce binaries not
specific to G5. This was already added to HEAD earlier.
PR: 2231
2010-04-10 13:41:58 +00:00
Andy Polyakov
20dc93e49e sparccpuid.S: some assembler is allergic to apostrophes in comments [from HEAD]. 2010-04-10 13:37:06 +00:00
Andy Polyakov
b620447dcc alpha-mont.pl: comply with stack alignment requirement [from HEAD]. 2010-04-10 13:33:46 +00:00
Dr. Stephen Henson
4ffd2ad1d3 make GOST MAC work again 2010-04-08 10:54:54 +00:00
Dr. Stephen Henson
acc9938ba5 Add SHA2 algorithms to SSL_library_init(). Although these aren't used
directly by SSL/TLS SHA2 certificates are becoming more common and
applications that only call SSL_library_init() and not
OpenSSL_add_all_alrgorithms() will fail when verifying certificates.

Update docs.
2010-04-07 13:18:30 +00:00
Dr. Stephen Henson
f6d13ac8cf Remove obsolete PRNG note. Add comment about use of SHA256 et al. 2010-04-06 15:05:47 +00:00
Dr. Stephen Henson
24cb653c6b PR: 2209
Submitted Daniel Mentz <danielml@sent.com>

Documentation typo.
2010-04-06 14:45:31 +00:00
Dr. Stephen Henson
6dfd3cf68e PR: 2218
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS replay bug.
2010-04-06 12:44:55 +00:00
Dr. Stephen Henson
073775cbbb PR: 2219
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS buffering bug.
2010-04-06 12:40:10 +00:00
Dr. Stephen Henson
e995d5044e PR: 2223
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS timeout bug
2010-04-06 12:29:21 +00:00
Dr. Stephen Henson
5b0a79a27a PR: 2220
Fixes to make OpenSSL compile with no-rc4
2010-04-06 11:18:32 +00:00
Dr. Stephen Henson
6747de655e updates for next release 2010-03-30 00:55:00 +00:00
Dr. Stephen Henson
91bad2b09e Prepare for 1.0.0 release - finally ;-) 2010-03-29 13:11:54 +00:00
Andy Polyakov
1244d5b713 ARMv4 assembler: [unconfirmed] fix for compilation failure [from HEAD]. 2010-03-29 09:59:58 +00:00
Andy Polyakov
c0ed5cd47b dso_dlfcn.c: fix compile failure on Tru64 [from HEAD]. 2010-03-29 09:50:33 +00:00
Dr. Stephen Henson
c8281fd38e PR: 1696
Check return value if d2i_PBEPARAM().
2010-03-28 00:42:29 +00:00
Dr. Stephen Henson
fe8e6bff9b PR: 1763
Remove useless num = 0 assignment.

Remove redundant cases on sock_ctrl(): default case handles them.
2010-03-27 23:28:23 +00:00
Dr. Stephen Henson
9caf25d144 PR: 1904
Submitted by: David Woodhouse <dwmw2@infradead.org>

Pass passphrase minimum length down to UI.
2010-03-27 19:27:51 +00:00
Dr. Stephen Henson
348620c7ac PR: 1813
Submitted by: Torsten Hilbrich <torsten.hilbrich@secunet.com>

Fix memory leak when engine name cannot be loaded.
2010-03-27 18:28:13 +00:00
Dr. Stephen Henson
30fc2ab92b update FAQ 2010-03-25 12:07:45 +00:00
Bodo Möller
5b5464d525 Fix for "Record of death" vulnerability CVE-2010-0740.
Also, add missing CHANGES entry for CVE-2009-3245 (code changes submitted to this branch on 23 Feb 2010).
2010-03-25 11:22:42 +00:00
Dr. Stephen Henson
cd15a0528f initialise buf if wrong_info not used 2010-03-24 23:42:20 +00:00
Dr. Stephen Henson
7b52778eff PR: 1731 and maybe 2197
Clear error queue in a few places in SSL code where errors are expected
so they don't stay in the queue.
2010-03-24 23:16:49 +00:00
Andy Polyakov
162de2f2b5 rand_win.c: fix logical bug in readscreen [from HEAD]. 2010-03-22 22:44:35 +00:00
Andy Polyakov
f6e4af6fd7 bss_file.c: fix MSC 6.0 warning [from HEAD]. 2010-03-22 22:39:46 +00:00
Andy Polyakov
32b76dcdac e_capi.c: fix typo. 2010-03-15 22:29:20 +00:00
Andy Polyakov
bcfd252052 Fix UPLINK typo [from HEAD]. 2010-03-15 22:26:33 +00:00
Dr. Stephen Henson
32c452779e workaround for missing definition in some headers 2010-03-15 13:09:39 +00:00
Dr. Stephen Henson
118b90c59e PR: 2192
Submitted By: Jaroslav Imrich <jaroslav.imrich@disig.sk>

The prompt_info and wrong_info parameters can be empty strings which
can produce confusing prompts. Treat empty string same as NULL.
2010-03-12 12:48:46 +00:00
Dr. Stephen Henson
f6a61b140e missing goto meant signature was never printed out 2010-03-12 12:07:05 +00:00
Dr. Stephen Henson
75ece4b5cf don't leave bogus errors in the queue 2010-03-10 13:48:21 +00:00
Dr. Stephen Henson
724cca4178 make update 2010-03-09 17:23:51 +00:00
Dr. Stephen Henson
5b3fdb0181 PR: 2188
Submitted By: Jaroslav Imrich <jaroslav.imrich@disig.sk>

Add "missing" functions to get and set prompt constructor.
2010-03-09 17:18:17 +00:00
Dr. Stephen Henson
fcc3d0265d PR: 2186
Submitted By: "Joel Rabinovitch" <Joel.Rabinovitch@tecsys.com>

Detect aix64-gcc
2010-03-09 17:08:39 +00:00
Dr. Stephen Henson
5356ea7cde reserve a few more bits for future cipher modes 2010-03-08 23:47:57 +00:00
Dr. Stephen Henson
06226df1a9 The OID sanity check was incorrect. It should only disallow *leading* 0x80
values.
2010-03-07 16:40:19 +00:00
Dr. Stephen Henson
bf638ef026 don't add digest alias if signature algorithm is undefined 2010-03-06 20:47:45 +00:00
Dr. Stephen Henson
07973d5db8 Fix memory leak: free up ENGINE functional reference if digest is not
found in an ENGINE.
2010-03-05 13:33:43 +00:00
Dr. Stephen Henson
3b3f71121b PR: 2183
PR#1999 broke fork detection by assuming HAVE_FORK was set for all platforms.
Include original HAVE_FORK detection logic while allowing it to be
overridden on specific platforms with -DHAVE_FORK=1 or -DHAVE_FORK=0
2010-03-03 19:56:17 +00:00
Dr. Stephen Henson
47333a34d5 Submitted by: Tomas Hoger <thoger@redhat.com>
Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).
2010-03-03 15:41:00 +00:00
Dr. Stephen Henson
d92138f703 don't mix definitions and code 2010-03-03 15:30:26 +00:00
Andy Polyakov
b2bf335327 Fix s390x-specific HOST_l2c|c2l [from HEAD].
Submitted by: Andreas Krebbel
2010-03-02 16:25:10 +00:00
Dr. Stephen Henson
33bec62a20 PR: 2178
Submitted by: "Kennedy, Brendan" <brendan.kennedy@intel.com>

Handle error codes correctly: cryptodev returns 0 for success whereas OpenSSL
returns 1.
2010-03-01 23:54:34 +00:00