wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
6150 commits 20 branches 302 tags 153 MiB
Commit graph

827 commits

Author SHA1 Message Date
Mark J. Cox
50afd9c9a8 Bump Revision after tagging 2004-03-17 11:44:21 +00:00
Mark J. Cox
8ccf402239 Fix null-pointer assignment in do_change_cipher_spec() revealed 
by using the Codenomicon TLS Test Tool (CAN-2004-0079)

Prepare for 0.9.6m tagging and release

Submitted by: Steven Henson
Reviewed by: Joe Orton
Approved by: Mark Cox
 2004-03-17 11:40:44 +00:00
Mark J. Cox
fbe7cd3138 Bump revision after tagging 2003-11-04 11:37:18 +00:00
Mark J. Cox
83f70d68d6 Stop bug triggering large recursion when presented with 
certain ASN.1 tags (CAN-2003-0851)
 2003-11-04 11:30:40 +00:00
Dr. Stephen Henson
c4c18c82e8 New dev version. 2003-09-30 13:09:07 +00:00
Dr. Stephen Henson
0a0a3ea339 Changes for release 2003-09-30 12:09:13 +00:00
Dr. Stephen Henson
3c28bfdc82 Fix for ASN1 parsing bugs. 2003-09-30 12:05:11 +00:00
Dr. Stephen Henson
3158c87a02 Only accept a client certificate if the server requests 
one, as required by SSL/TLS specs.
 2003-09-03 23:35:54 +00:00
Bodo Möller
702eb4dc0a tolerate extra data at end of client hello for SSL 3.0 2003-07-21 15:16:20 +00:00
Bodo Möller
a7a53184bf typo 2003-07-21 14:58:32 +00:00
Richard Levitte
f6ab5d5761 Document the last change. 
PR: 587
 2003-06-19 19:04:17 +00:00
Richard Levitte
0698f54e0e The release is tagged, time to hope we won't have to work on 0.9.6k. 2003-04-10 20:41:02 +00:00
Richard Levitte
51c4754658 Time to release 0.9.6j. 
The ticket will be OpenSSL_0_9_6j.
 2003-04-10 20:21:28 +00:00
Bodo Möller
223c80ea7d make RSA blinding thread-safe 2003-04-02 09:50:17 +00:00
Bodo Möller
20fda79fab PR:make sure RSA blinding works when the PRNG is not properly seeded; 
enable it automatically only for the built-in engine
 2003-03-20 17:24:54 +00:00
Ben Laurie
66e1081a15 Blinding fix. 2003-03-20 16:00:18 +00:00
Bodo Möller
ef42d6a4ed countermeasure against new Klima-Pokorny-Rosa atack 2003-03-19 19:20:30 +00:00
Richard Levitte
fc68e4a01b Release of 0.9.6i is tagged, let's pretend to move on to 0.9.6j. 2003-02-19 12:56:04 +00:00
Richard Levitte
39c06a8b73 Security fix: Vaudenay timing attack on CBC. 
An advisory will be posted to the web.  Expect a release within the hour.
 2003-02-19 12:04:07 +00:00
Bodo Möller
90f6da7be5 fix release date (CHANGES as released with OpenSSL 0.9.6h on 
2002-12-05 said '[21 Dec 2002]')
 2003-01-13 13:23:08 +00:00
Richard Levitte
8ca0db580e Update version to 0.9.6i, even if that's never going to be released. 2002-12-05 22:53:30 +00:00
Richard Levitte
f94e1dd2d0 Time to release OpenSSL 0.9.6h. 
The tag will be OpenSSL_0_9_6h.
 2002-12-05 21:40:48 +00:00
Richard Levitte
9a7a36db08 Add OPENSSL_cleanse() to help cleanse memory and avoid certain compiler 
and linker optimizations.
PR: 343
 2002-11-27 12:24:54 +00:00
Lutz Jänicke
e824df317a Fix bug introduced by the attempt to fix client side external session 
caching (#288): now internal caching failed (#351):
Make sure, that cipher_id is set before comparing.
Submitted by:
Reviewed by:
PR: 288 (and 351)
 2002-11-20 10:48:05 +00:00
Richard Levitte
7149d5c140 Document the change to remove the 'done' flag variable in the 
OpenSSL_add_all_*() routines
 2002-11-15 13:58:58 +00:00
Richard Levitte
3aefe06f0f We need to read one more byte of the REQUEST-CERTIFICATE message. 
PR: 300
 2002-11-15 09:16:56 +00:00
Richard Levitte
8df1de4e89 Handle last lines that aren't properly terminated. 
PR: 308
 2002-11-14 06:49:45 +00:00
Richard Levitte
82833c523b X509_NAME_cmp() now compares PrintableString and emailAddress with a value of type 
ia5String correctly.
PR: 244
 2002-11-09 21:53:48 +00:00
Geoff Thorpe
69c8c5611c The recent session caching modifications (including docs, and CHANGES) were 
applied to the "engine" 0.9.6 branch rather than the non-engine one. This
merges all the changes back across so they are in-sync w.r.t. these
changes.
 2002-10-29 18:36:51 +00:00
Bodo Möller
c30ab16396 fix some entries for 0.9.6d and 0.9.6e (should look as in the 
0.9.7-stable branch)
 2002-10-11 17:51:25 +00:00
Bodo Möller
b49d33defd fix more race conditions 
Submitted by: "Patrick McCormick" <patrick@tellme.com>
PR: 262
 2002-09-26 15:55:46 +00:00
Bodo Möller
af4396e589 really fix race conditions 
Submitted by: "Patrick McCormick" <patrick@tellme.com>

PR: 262
PR: 291
 2002-09-25 15:36:21 +00:00
Bodo Möller
924b6006d7 really fix race condition 
PR: 262
 2002-09-23 14:30:59 +00:00
Bodo Möller
5fef7d56ce there is no minimum length for session IDs 
PR: 274
 2002-09-19 11:43:13 +00:00
Bodo Möller
30c37c52c5 fix race condition 
PR: 262
 2002-09-19 11:27:37 +00:00
Lutz Jänicke
06076d9d31 Reorder cleanup sequence in SSL_CTX_free() to leave ex_data for remove_cb(). 
Submitted by:
Reviewed by:
PR: 212
 2002-08-16 17:09:31 +00:00
Dr. Stephen Henson
1318510f8c Fix typo in OBJ_txt2obj which incorrectly passed the content 
length, instead of the encoding length to d2i_ASN1_OBJECT.

This wasn't visible before becuse ASN1_get_object() used
to read past the length of the supplied buffer.
 2002-08-14 00:36:44 +00:00
Richard Levitte
532441a93a Time to go on... 2002-08-09 12:08:23 +00:00
Richard Levitte
4c68b3239b Time to release 0.9.6g. 
The tag will be OpenSSL_0_9_6g.
 2002-08-09 11:37:15 +00:00
Bodo Möller
ca2b12feec entry for change in 'engine' branch 2002-08-09 08:13:13 +00:00
Richard Levitte
18794c6a83 Tagging has been done, update to next development version. 2002-08-08 21:23:51 +00:00
Richard Levitte
df75a709c9 Time to release version 0.9.6f. 
The tag will be OpenSSL_0_9_6f.
 2002-08-08 20:51:52 +00:00
Dr. Stephen Henson
24f55d7675 Fix the ASN1 sanity check: correct header length 
calculation and check overflow against LONG_MAX.
 2002-08-02 18:41:08 +00:00
Bodo Möller
517a0e7fa0 get rid of OpenSSLDie 2002-08-02 10:51:59 +00:00
Lutz Jänicke
2c3bd4778e Next version of 0.9.6 would be 0.9.6f. 
Submitted by:
Reviewed by:
PR:
 2002-07-30 10:52:36 +00:00
Lutz Jänicke
05ebb1e7cf Release 0.9.6e. 
Submitted by:
Reviewed by:
PR:
 2002-07-30 10:34:35 +00:00
Lutz Jänicke
bb41724483 OpenSSL Security Advisory [30 July 2002] 
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
Submitted by:
Reviewed by:
PR:
 2002-07-30 10:19:01 +00:00
Lutz Jänicke
d2cbe66ee1 Ciphers with NULL encryption were not properly handled because they were 
not covered by the strength bit mask.
Submitted by:
Reviewed by:
PR: 130
 2002-07-10 06:41:29 +00:00
Bodo Möller
32a76f2c75 New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC 
vulnerability workaround (included in SSL_OP_ALL).

PR: #90
 2002-06-14 12:19:34 +00:00
Bodo Möller
a9950dfb67 fix EVP_dsa_sha macro 
Submitted by: Nils Larsch
 2002-05-16 12:55:56 +00:00