Richard Levitte
959ba907df
Add better support for FreeBSD on non-x86 machines.
...
Add specific support for FreeBSD on sparc64.
PR: 427
2003-01-12 04:43:52 +00:00
Richard Levitte
fa47b4d8b8
When preparing a separate build tree, don't make softlinks to softlinks.
...
Add instructions in INSTALL, for easy access.
PR: 437
2003-01-10 10:56:21 +00:00
Richard Levitte
4a2e36b19e
It's rather silly to believe we'd release 0.9.7a in 2002 :-).
2002-12-31 00:59:36 +00:00
Richard Levitte
1c2018f37f
Tagging is done, move on to development of 0.9.7a.
2002-12-31 00:02:34 +00:00
Richard Levitte
04572965ea
Time for release of OpenSSL 0.9.7.
...
The tag will be OpenSSL_0_9_7.
2002-12-30 23:54:11 +00:00
Lutz Jänicke
ef9d3a10c3
Fix wrong handling of session ID in SSLv2 client code.
...
PR: 377
2002-12-29 20:58:55 +00:00
Richard Levitte
e286dfe6ed
We stupidly had a separate LIBKRB5 variable for KRB5 library dependencies,
...
and then didn't support it very well. And that when there already is a
useful variable for exactly this kind of thing; EX_LIBS...
2002-12-19 22:10:20 +00:00
Richard Levitte
04c71cd725
OK, there's at least one application author who has provided dynamic locking
...
callbacks
2002-12-13 07:30:59 +00:00
Richard Levitte
5c72869563
Add a static lock called HWCRHK, for the case of having an application
...
that wants to use the hw_ncipher engine without having given any
callbacks for the dynamic type of locks.
2002-12-12 17:41:36 +00:00
Richard Levitte
a272f7eb08
Merge in relevant changes from the OpenSSL 0.9.6h release.
2002-12-05 21:51:57 +00:00
Dr. Stephen Henson
38b085902f
In asn1_d2i_read_bio, don't assume BIO_read will
...
return the requested number of bytes when reading
content.
2002-12-03 23:49:12 +00:00
Richard Levitte
0a3af9a403
Add OPENSSL_cleanse() to help cleanse memory and avoid certain compiler
...
and linker optimizations.
PR: 343
2002-11-27 12:25:52 +00:00
Richard Levitte
a5fd84de41
Heimdal isn't really supported right now. Say so, and offer a possibility
...
to force the use of Heimdal, and warn if that's used.
PR: 346
2002-11-26 10:11:25 +00:00
Lutz Jänicke
a153c46d7f
Fix bug introduced by the attempt to fix client side external session
...
caching (#288 ): now internal caching failed (#351 ):
Make sure, that cipher_id is set before comparing.
Submitted by:
Reviewed by:
PR: 288 (and 351)
2002-11-20 10:46:35 +00:00
Richard Levitte
29ca164513
WinCE patches
2002-11-15 22:44:08 +00:00
Richard Levitte
082cd4e564
Changes to make shared library building and use work better with Cygwin
2002-11-15 16:49:34 +00:00
Richard Levitte
2115a89212
Document the change to remove the 'done' flag variable in the
...
OpenSSL_add_all_*() routines
2002-11-15 14:01:15 +00:00
Richard Levitte
0439a5a8a7
We need to read one more byte of the REQUEST-CERTIFICATE message.
...
PR: 300
2002-11-15 09:17:45 +00:00
Bodo Möller
402b4a784d
use same entry as in more recent CHANGES revision in CVS head
2002-11-14 12:11:44 +00:00
Bodo Möller
651e7ddf7e
fix order again
2002-11-14 12:08:16 +00:00
Richard Levitte
5b1aea7afe
Handle last lines that aren't properly terminated.
...
PR: 308
2002-11-14 06:50:32 +00:00
Bodo Möller
46ce790727
fix order of changes -- if B depends on A, A should be listed
...
after B (reversed 'chronological' order)
2002-11-12 13:35:27 +00:00
Ben Laurie
9831d941ca
Many security improvements (CHATS) and a warning fix.
2002-11-12 13:23:40 +00:00
Richard Levitte
8bcc049399
X509_NAME_cmp() now compares PrintableString and emailAddress with a value of type
...
ia5String correctly.
PR: 244
2002-11-09 21:55:12 +00:00
Geoff Thorpe
96a2c35d91
The recent CHANGES note between 0.9.6g and 0.9.6h needs copying into the
...
other branches.
2002-10-29 17:59:18 +00:00
Bodo Möller
84236041c1
synchronize with 0.9.6-stable version of this file
2002-10-11 17:53:21 +00:00
Bodo Möller
8d44d96ec3
remove redundant empty line
2002-10-11 17:29:07 +00:00
Richard Levitte
12a2ff9625
RFC 2712 redefines the codes for use of Kerberos 5 in SSL/TLS.
...
PR: 189
2002-10-10 07:59:45 +00:00
Bodo Möller
64cb996206
fix more race conditions
...
Submitted by: "Patrick McCormick" <patrick@tellme.com>
PR: 262
2002-09-26 15:54:15 +00:00
Bodo Möller
fbf4c7b4f1
really fix race conditions
...
Submitted by: "Patrick McCormick" <patrick@tellme.com>
PR: 262
PR: 291
2002-09-25 15:38:17 +00:00
Bodo Möller
4e33db9a3f
really fix race condition
...
PR: 262
2002-09-23 14:28:12 +00:00
Bodo Möller
f7eb95852c
there is no minimum length for session IDs
...
PR: 274
fix race condition
PR: 262
2002-09-20 08:37:13 +00:00
Dr. Stephen Henson
a98beb3a2d
Apply -nameopt patches to 0.9.7
2002-08-30 18:26:26 +00:00
Lutz Jänicke
68a9ee13e8
Reorder cleanup sequence in SSL_CTX_free() to leave ex_data for remove_cb().
...
Submitted by:
Reviewed by:
PR: 212
2002-08-16 17:02:30 +00:00
Dr. Stephen Henson
ea050a6eb3
Fix block_size field for CFB and OFB modes: it should be 1.
2002-08-16 01:38:34 +00:00
Dr. Stephen Henson
f84acec8ea
Fix typo in OBJ_txt2obj which incorrectly passed the content
...
length, instead of the encoding length to d2i_ASN1_OBJECT.
This wasn't visible before becuse ASN1_get_object() used
to read past the length of the supplied buffer.
2002-08-14 00:50:35 +00:00
Bodo Möller
3c1a6f441b
add 0.9.6g information
2002-08-12 08:43:32 +00:00
Richard Levitte
00c8546d21
0.9.6f is released
2002-08-08 22:56:05 +00:00
Dr. Stephen Henson
b012127a99
Fix the ASN1 sanity check: correct header length
...
calculation and check overflow against LONG_MAX.
2002-08-02 18:42:40 +00:00
Bodo Möller
265a9e2c5d
get rid of OpenSSLDie
2002-08-02 11:47:24 +00:00
Lutz Jänicke
bca9dc2a51
OpenSSL Security Advisory [30 July 2002]
...
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
Submitted by:
Reviewed by:
PR:
2002-07-30 11:21:19 +00:00
Richard Levitte
b721e1e239
Document the recent DJGPP-related changes
2002-07-23 13:46:05 +00:00
Bodo Möller
16758de0a2
add an explanation and fix a typo
2002-07-22 08:38:14 +00:00
Lutz Jänicke
f19b6474fe
New cipher selection options COMPLEMENTOFALL and COMPLEMENTOFDEFAULT.
...
Submitted by:
Reviewed by:
PR: 127
2002-07-19 19:53:02 +00:00
Richard Levitte
4810644f65
For those wanting to build for several platforms with the same source
...
directory, making a separate directory tree with lots of symbolic links
seems to be the solution. Unfortunately, Configure doesn't take appropriate
steps to support this solution (as in removing a file that's going to be
rewritten). This change corrects that situation. Now I just have to
find all other places where there's lack of support for this.
2002-07-16 09:18:25 +00:00
Lutz Jänicke
4064a85205
Ciphers with NULL encryption were not properly handled because they were
...
not covered by the strength bit mask.
Submitted by:
Reviewed by:
PR: 130
2002-07-10 06:40:18 +00:00
Bodo Möller
5af9fcaf35
AES cipher suites are now official (RFC3268)
2002-07-04 08:50:33 +00:00
Bodo Möller
e003386793
update an entry on EVP changes
2002-06-26 14:22:39 +00:00
Geoff Thorpe
a2ffad81c8
Make sure any ENGINE control commands make local copies of string
...
pointers passed to them whenever necessary. Otherwise it is possible the
caller may have overwritten (or deallocated) the original string data
when a later ENGINE operation tries to use the stored values.
Submitted by: Götz Babin-Ebell <babinebell@trustcenter.de>
Reviewed by: Geoff Thorpe
PR: 98
2002-06-21 02:48:57 +00:00
Bodo Möller
2f8275c52d
New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC
...
vulnerability workaround (included in SSL_OP_ALL).
PR: #90
2002-06-14 12:20:27 +00:00