Commit graph

521 commits

Author SHA1 Message Date
Dr. Stephen Henson
a523276786 Backport certificate status request TLS extension support to 0.9.8. 2007-10-12 00:00:36 +00:00
Dr. Stephen Henson
927a28ba3b gcc 4.2 fixes to avoid use or function pointer casts in OpenSSL.
Fix various "computed value not used" warnings too.
2007-09-06 12:43:54 +00:00
Andy Polyakov
1040deb0c5 Respect ISO aliasing rules [from HEAD].
PR: 1296
2007-07-27 20:34:56 +00:00
Dr. Stephen Henson
d9a9aa027d Update from HEAD. 2007-05-22 23:33:08 +00:00
Dr. Stephen Henson
1cb7e5be5b Fix OID config module. 2007-04-08 17:45:03 +00:00
Lutz Jänicke
d69f85bf15 Fix incorrect handling of special characters
PR: 1459
Submitted by: tnitschke@innominate.com
Reviewed by: steve@openssl.org
2007-02-21 17:44:51 +00:00
Nils Larsch
5eee0253e5 remove unreachable code 2007-02-10 09:48:42 +00:00
Dr. Stephen Henson
dc3b721fa0 Update from 0.9.7-stable. 2007-01-23 17:54:22 +00:00
Dr. Stephen Henson
4a0d3530e0 Update from HEAD. 2007-01-21 13:16:49 +00:00
Nils Larsch
8e6905d238 remove trailing '\'
PR: 1438
2006-12-19 19:47:39 +00:00
Dr. Stephen Henson
9b945233b1 Update from HEAD. 2006-12-06 13:38:59 +00:00
Ben Laurie
4636341b05 Add RFC 3779 support, contributed by ARIN. 2006-11-27 13:36:55 +00:00
Dr. Stephen Henson
115fc340cb Rebuild error file C source files. 2006-11-21 20:14:46 +00:00
Mark J. Cox
951dfbb13a Introduce limits to prevent malicious keys being able to
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
2006-09-28 11:29:03 +00:00
Dr. Stephen Henson
c987c3f999 Fix from HEAD. 2006-09-22 17:07:40 +00:00
Dr. Stephen Henson
340b4dd7df Fix from HEAD. 2006-08-31 20:11:09 +00:00
Dr. Stephen Henson
eb2ec6bee9 make update 2006-05-04 12:15:59 +00:00
Dr. Stephen Henson
d6fd880481 Fix on the right branch this time :-) 2006-04-15 13:17:53 +00:00
Dr. Stephen Henson
cbb0b734c7 If cipher list contains a match for an explicit ciphersuite only match that
one suite.
2006-04-15 00:22:34 +00:00
Dr. Stephen Henson
9d01d50459 Update from head. 2006-02-21 01:00:47 +00:00
Dr. Stephen Henson
e27c67c5c5 Fix from HEAD. 2006-02-19 13:45:22 +00:00
Nils Larsch
22d1087e16 backport recent changes from the cvs head 2006-02-08 19:16:33 +00:00
Dr. Stephen Henson
9f85fcefdc Update filenames in makefiles 2006-02-04 01:49:36 +00:00
Dr. Stephen Henson
c42cd4b831 Fix from HEAD. 2006-01-31 18:37:41 +00:00
Dr. Stephen Henson
02df47d349 Fixes for BOOL handling: produce errors for invalid string for mini-compiler,
correctly encode FALSE for BOOL in ASN1_TYPE.
2006-01-19 17:17:33 +00:00
Bodo Möller
c55d882fab Avoid contradictive error code assignments.
"make error".
2006-01-08 21:52:46 +00:00
Bodo Möller
2e885232c2 Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts) 2006-01-08 19:41:25 +00:00
Dr. Stephen Henson
970d9b3795 Update from HEAD. 2006-01-03 14:20:47 +00:00
Dr. Stephen Henson
0632284f79 Fix warning. 2005-12-04 21:34:51 +00:00
Dr. Stephen Henson
feef17fd88 Update from HEAD. 2005-11-20 13:26:57 +00:00
Andy Polyakov
ed1f716022 "Overload" SunOS 4.x memcmp, which ruins ASN1_OBJECT table lookups [from HEAD].
PR: 1196
Submitted by: Russel Ruby
2005-09-20 20:25:17 +00:00
Nils Larsch
7f622f6c04 fix warnings when building openssl with (gcc 3.3.1):
-Wmissing-prototypes -Wcomment -Wformat -Wimplicit -Wmain -Wmultichar
-Wswitch -Wshadow -Wtrigraphs -Werror -Wchar-subscripts
-Wstrict-prototypes -Wreturn-type -Wpointer-arith  -W -Wunused
-Wno-unused-parameter -Wuninitialized
2005-08-28 23:20:52 +00:00
Ben Laurie
9ddb11f11c Avoid weak subgroups in Diffie Hellman. 2005-08-20 18:35:53 +00:00
Nils Larsch
104a66f256 remove unused variable 2005-07-27 20:19:51 +00:00
Nils Larsch
3de6d65ea3 improved error checking and some fixes
PR: 1170
Submitted by: Yair Elharrar
Reviewed and edited by: Nils Larsch
2005-07-26 20:55:17 +00:00
Dr. Stephen Henson
fdb0a6e004 Update from head. 2005-07-26 12:46:53 +00:00
Nils Larsch
4913b88f70 make
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
	make all test
work again (+ make update)

PR: 1159
2005-07-16 11:13:10 +00:00
Nils Larsch
9f197f9da5 make the type parameter const when ID2_OF_const() is used 2005-05-18 22:29:17 +00:00
Andy Polyakov
53d8996764 Engage Applink for VC builds. 2005-05-17 16:50:46 +00:00
Andy Polyakov
25a66ee3cb Move cryptlib.h prior bio.h. Actually it makes sense to include cryptlib.h
first everywhere in crypto and skip stdio.h and string.h [because it
includes them].
2005-05-17 00:01:48 +00:00
Andy Polyakov
ce92b6eb9c Further BUILDENV refinement, further fool-proofing of Makefiles and
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
2005-05-16 16:55:47 +00:00
Nils Larsch
9dd8405341 ecc api cleanup; summary:
- hide the EC_KEY structure definition in ec_lcl.c + add
  some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
  attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
  additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
2005-05-16 10:11:04 +00:00
Andy Polyakov
81a86fcf17 Fool-proofing Makefiles 2005-05-15 22:23:26 +00:00
Dr. Stephen Henson
fe86616c72 Some C compilers produce warnings or compilation errors if an attempt
is made to directly cast a function of one type to what it considers and
incompatible type. In particular gcc 3.4.2.

Add new openssl_fcast macro to place functions into a form where the compiler
will allow them to be cast.

The current version achives this by casting to: void function(void).
2005-05-12 23:01:44 +00:00
Bodo Möller
8afca8d9c6 Fix more error codes.
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
2005-05-11 03:45:39 +00:00
Nils Larsch
8b15c74018 give EC_GROUP_new_by_nid a more meanigful name:
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
2005-05-10 11:37:47 +00:00
Bodo Möller
fbeaa3c47d Update util/ck_errf.pl script, and have it run automatically
during "make errors" and thus during "make update".

Fix lots of bugs that util/ck_errf.pl can detect automatically.
Various others of these are still left to fix; that's why
"make update" will complain loudly when run now.
2005-05-09 00:27:37 +00:00
Nils Larsch
7dc17a6cf0 give EC_GROUP_*_nid functions a more meaningful name
EC_GROUP_get_nid -> EC_GROUP_get_curve_name
	EC_GROUP_set_nid -> EC_GROUP_set_curve_name
2005-05-08 22:09:12 +00:00
Dr. Stephen Henson
98a2fd32a0 Typo. 2005-04-30 18:07:30 +00:00
Dr. Stephen Henson
7bdeeb64ac Don't attempt to parse nested ASN1 strings by default. 2005-04-30 18:02:54 +00:00