Dr. Stephen Henson [Fri, 11 Sep 2009 11:02:52 +0000 (11:02 +0000)]
PR: 2038
Submitted by: Artem Chuprina <ran@cryptocom.ru>
Approved by: steve@openssl.org
Avoid double call to BIO_free().
Dr. Stephen Henson [Wed, 9 Sep 2009 17:05:18 +0000 (17:05 +0000)]
PR: 2033
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS listen support.
Dr. Stephen Henson [Wed, 9 Sep 2009 16:31:32 +0000 (16:31 +0000)]
Add new option --strict-warnings to Configure script. This is used to add
in devteam warnings into other configurations.
Dr. Stephen Henson [Wed, 9 Sep 2009 12:15:08 +0000 (12:15 +0000)]
Seed PRNG with DSA and ECDSA digests for additional protection against
possible PRNG state duplication.
Dr. Stephen Henson [Mon, 7 Sep 2009 17:57:18 +0000 (17:57 +0000)]
PR: 2031
Submitted by: steve@openssl.org
Tolerate application/timestamp-response which some servers send out.
Dr. Stephen Henson [Sun, 6 Sep 2009 17:56:30 +0000 (17:56 +0000)]
Typo presumably....
Dr. Stephen Henson [Sun, 6 Sep 2009 15:58:19 +0000 (15:58 +0000)]
Make update, deleting bogus DTLS error code
Dr. Stephen Henson [Sun, 6 Sep 2009 15:49:46 +0000 (15:49 +0000)]
PR: 1644
Submitted by: steve@openssl.org
Fix to make DHparams_dup() et al work in C++.
For 1.0 fix the final argument to ASN1_dup() so it is void *. Replace some
*_dup macros with functions.
Dr. Stephen Henson [Fri, 4 Sep 2009 17:42:53 +0000 (17:42 +0000)]
PR: 2028
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Fix DTLS cookie management bugs.
Dr. Stephen Henson [Fri, 4 Sep 2009 12:27:12 +0000 (12:27 +0000)]
Correction: salt is now default
Dr. Stephen Henson [Fri, 4 Sep 2009 11:30:59 +0000 (11:30 +0000)]
Oops, s can be NULL
Dr. Stephen Henson [Wed, 2 Sep 2009 15:57:24 +0000 (15:57 +0000)]
PR: 2020
Submitted by: Keith Beckman <kbeckman@mcg.edu>, Tomas Mraz <tmraz@redhat.com>
Checked by: steve@openssl.org
Fix improperly capitalized references to WWW::Curl::Easy.
Dr. Stephen Henson [Wed, 2 Sep 2009 15:51:19 +0000 (15:51 +0000)]
PR: 2029
Submitted by: Tomas Mraz <tmraz@redhat.com>
Checked by: steve@openssl.org
Fix so that the legacy digest EVP_dss1() still works.
Dr. Stephen Henson [Wed, 2 Sep 2009 13:54:50 +0000 (13:54 +0000)]
PR: 2013
Submitted by: steve@openssl.org
Include a flag ASN1_STRING_FLAG_MSTRING when a multi string type is created.
This makes it possible to tell if the underlying type is UTCTime,
GeneralizedTime or Time when the structure is reused and X509_time_adj_ex()
can handle each case in an appropriate manner.
Add error checking to CRL generation in ca utility when nextUpdate is being
set.
Dr. Stephen Henson [Wed, 2 Sep 2009 13:20:32 +0000 (13:20 +0000)]
PR: 2009
Submitted by: "Alexei Khlebnikov" <alexei.khlebnikov@opera.com>
Approved by: steve@openssl.org
Avoid memory leak and fix error reporting in d2i_SSL_SESSION(). NB: although
the ticket mentions buffer overruns this isn't a security issue because
the SSL_SESSION structure is generated internally and it should never be
possible to supply its contents from an untrusted application (this would
among other things destroy session cache security).
Dr. Stephen Henson [Wed, 2 Sep 2009 12:53:52 +0000 (12:53 +0000)]
PR: 2022
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Fix DTLS record header length bug.
Dr. Stephen Henson [Wed, 2 Sep 2009 12:47:28 +0000 (12:47 +0000)]
Tidy up and fix verify callbacks to avoid structure dereference, use of
obsolete functions and enhance to handle new conditions such as policy printing.
Dr. Stephen Henson [Mon, 31 Aug 2009 22:19:26 +0000 (22:19 +0000)]
Missing break.
Dr. Stephen Henson [Wed, 26 Aug 2009 15:15:15 +0000 (15:15 +0000)]
PR: 2005
Submitted by: steve@openssl.org
Some systems have broken IPv6 headers and/or implementations. If
OPENSSL_USE_IPV6 is set to 0 IPv6 is not used, if it is set to 1 it is used
and if undefined an attempt is made to detect at compile time by checking
if AF_INET6 is set and excluding known problem platforms.
Dr. Stephen Henson [Wed, 26 Aug 2009 11:51:57 +0000 (11:51 +0000)]
PR: 2006
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Do not use multiple DTLS records for a single user message
Dr. Stephen Henson [Wed, 26 Aug 2009 11:42:11 +0000 (11:42 +0000)]
PR: 2015
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
Define LIBDIR properly.
Andy Polyakov [Tue, 18 Aug 2009 19:24:50 +0000 (19:24 +0000)]
sha1-x86* assembler update: F_40_59 and Atom-specific optimizations.
Dr. Stephen Henson [Tue, 18 Aug 2009 11:15:33 +0000 (11:15 +0000)]
Stop unused variable warning on WIN32 et al.
Dr. Stephen Henson [Sat, 15 Aug 2009 11:01:09 +0000 (11:01 +0000)]
Use SHA1 and not deprecated MD5 in demos.
Dr. Stephen Henson [Wed, 12 Aug 2009 17:30:37 +0000 (17:30 +0000)]
Update default dependency flags.
Make error name discrepancies a fatal error.
Fix error codes.
make update
Dr. Stephen Henson [Wed, 12 Aug 2009 16:46:26 +0000 (16:46 +0000)]
Enable mdc2 support by default as the patent has now expired.
Dr. Stephen Henson [Wed, 12 Aug 2009 16:44:33 +0000 (16:44 +0000)]
Update README with bug report and contribution details.
Dr. Stephen Henson [Wed, 12 Aug 2009 13:19:54 +0000 (13:19 +0000)]
PR: 1997
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS timeout handling fix.
Dr. Stephen Henson [Mon, 10 Aug 2009 15:52:49 +0000 (15:52 +0000)]
Typo
Dr. Stephen Henson [Mon, 10 Aug 2009 15:30:40 +0000 (15:30 +0000)]
PR: 1999
Submitted by: "Bayram Kurumahmut" <kbayram@ubicom.com>
Approved by: steve@openssl.org
Don't use HAVE_FORK in apps/speed.c it can conflict with configured version.
Dr. Stephen Henson [Mon, 10 Aug 2009 14:56:57 +0000 (14:56 +0000)]
PR: 2004
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Approved by: steve@openssl.org
Handle fractional seconds properly in ASN1_GENERALIZEDTIME_print
Dr. Stephen Henson [Mon, 10 Aug 2009 14:48:40 +0000 (14:48 +0000)]
PR: 2003
Make it possible to install OpenSSL in directories with name other
than "lib" for example "lib64". Based on patch from Jeremy Utley.
Dr. Stephen Henson [Sun, 9 Aug 2009 14:58:37 +0000 (14:58 +0000)]
Add COMP error strings.
Dr. Stephen Henson [Thu, 6 Aug 2009 16:39:34 +0000 (16:39 +0000)]
Fix error code.
Dr. Stephen Henson [Thu, 6 Aug 2009 16:32:54 +0000 (16:32 +0000)]
Reject leading 0x80 in OID subidentifiers.
Dr. Stephen Henson [Wed, 5 Aug 2009 15:51:39 +0000 (15:51 +0000)]
PR: 2002
Submitted by: Tomas Mraz <tmraz@redhat.com>
Obtained from: steve@openssl.org
Fix bug in libssl and krb5 linking in Makefile.org
Dr. Stephen Henson [Wed, 5 Aug 2009 15:32:10 +0000 (15:32 +0000)]
Oops!
Dr. Stephen Henson [Wed, 5 Aug 2009 15:29:58 +0000 (15:29 +0000)]
Update from 1.0.0-stable.
Dr. Stephen Henson [Wed, 5 Aug 2009 14:55:20 +0000 (14:55 +0000)]
PR: 2001
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org
Add patch: http://cvs.openssl.org/chngview?cn=14635 which never made it to
1.0.0, HEAD.
Dr. Stephen Henson [Mon, 27 Jul 2009 21:22:02 +0000 (21:22 +0000)]
Update from 1.0.0-stable.
Dr. Stephen Henson [Mon, 27 Jul 2009 21:10:00 +0000 (21:10 +0000)]
Update from 1.0.0-stable
Ben Laurie [Sun, 26 Jul 2009 12:09:21 +0000 (12:09 +0000)]
Fix warnings.
Dr. Stephen Henson [Fri, 24 Jul 2009 13:48:07 +0000 (13:48 +0000)]
Update from 0.9.8-stable.
Dr. Stephen Henson [Fri, 24 Jul 2009 13:43:59 +0000 (13:43 +0000)]
Remove MD2 test from WIN32 as we don't compile it in by default any more.
Dr. Stephen Henson [Fri, 24 Jul 2009 13:37:18 +0000 (13:37 +0000)]
Fix typos.
Dr. Stephen Henson [Fri, 24 Jul 2009 13:31:12 +0000 (13:31 +0000)]
New debug targets from 1.0.0-stable
Dr. Stephen Henson [Fri, 24 Jul 2009 13:07:30 +0000 (13:07 +0000)]
PR: 1990
Update from 0.9.8-stable
Dr. Stephen Henson [Fri, 24 Jul 2009 13:01:40 +0000 (13:01 +0000)]
Document removal of digest+signature algorithm link.
Dr. Stephen Henson [Fri, 24 Jul 2009 11:52:55 +0000 (11:52 +0000)]
PR: 1993
Fix from 0.9.8-stable.
Dr. Stephen Henson [Fri, 24 Jul 2009 11:34:59 +0000 (11:34 +0000)]
Fix from 0.9.8-stable
Dr. Stephen Henson [Fri, 24 Jul 2009 11:25:13 +0000 (11:25 +0000)]
Update from 0.9.8-stable.
Dr. Stephen Henson [Fri, 24 Jul 2009 11:17:10 +0000 (11:17 +0000)]
Update from 0.9.8-stable
Dr. Stephen Henson [Fri, 24 Jul 2009 11:11:30 +0000 (11:11 +0000)]
Update from 0.9.8-stable
Dr. Stephen Henson [Thu, 16 Jul 2009 09:52:59 +0000 (09:52 +0000)]
Use correct extension and OSX detection.
Dr. Stephen Henson [Wed, 15 Jul 2009 18:00:04 +0000 (18:00 +0000)]
Updates from 1.0.0-stable
Dr. Stephen Henson [Wed, 15 Jul 2009 11:33:24 +0000 (11:33 +0000)]
Update from 1.0.0-stable.
Dr. Stephen Henson [Wed, 15 Jul 2009 11:02:24 +0000 (11:02 +0000)]
Updates from 1.0.0-stable
Dr. Stephen Henson [Tue, 14 Jul 2009 15:30:05 +0000 (15:30 +0000)]
Updates from 1.0.0-stable.
Dr. Stephen Henson [Mon, 13 Jul 2009 11:58:05 +0000 (11:58 +0000)]
Document MD2 deprecation.
Dr. Stephen Henson [Mon, 13 Jul 2009 11:44:30 +0000 (11:44 +0000)]
Update from 1.0.0-stable.
Dr. Stephen Henson [Mon, 13 Jul 2009 11:40:14 +0000 (11:40 +0000)]
Use new time routines to avoid possible overflow.
Dr. Stephen Henson [Sat, 11 Jul 2009 22:36:59 +0000 (22:36 +0000)]
Update from 0.9.8-stable
Dr. Stephen Henson [Sat, 11 Jul 2009 22:28:45 +0000 (22:28 +0000)]
PR: 1624
Submitted by: "Simon L. Nielsen" <simon@FreeBSD.org>
Obtained from: steve@openssl.org
Correct FreeBSD check.
Dr. Stephen Henson [Sat, 11 Jul 2009 21:43:50 +0000 (21:43 +0000)]
Update from 1.0.0-stable.
Dr. Stephen Henson [Wed, 8 Jul 2009 09:19:53 +0000 (09:19 +0000)]
Make update.
Dr. Stephen Henson [Wed, 8 Jul 2009 08:49:17 +0000 (08:49 +0000)]
Delete MD2 from algorithm tables as in 0.9.8-stable. However since this is
a new branch we can also disable it by default.
Dr. Stephen Henson [Sat, 4 Jul 2009 12:04:06 +0000 (12:04 +0000)]
Fix warnings.
Dr. Stephen Henson [Sat, 4 Jul 2009 11:38:40 +0000 (11:38 +0000)]
PR: 1981
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org
DTLS record header bugfix.
Dr. Stephen Henson [Wed, 1 Jul 2009 15:47:04 +0000 (15:47 +0000)]
Upadte from 1.0.0-stable
Dr. Stephen Henson [Wed, 1 Jul 2009 15:43:04 +0000 (15:43 +0000)]
Update from 1.0.0-stable.
Dr. Stephen Henson [Wed, 1 Jul 2009 15:37:17 +0000 (15:37 +0000)]
Update from 1.0.0-stable
Dr. Stephen Henson [Wed, 1 Jul 2009 15:26:00 +0000 (15:26 +0000)]
Update from 1.0.0-stable
Dr. Stephen Henson [Wed, 1 Jul 2009 11:46:03 +0000 (11:46 +0000)]
Update from 1.0.0-stable
Dr. Stephen Henson [Wed, 1 Jul 2009 11:40:19 +0000 (11:40 +0000)]
Update from 1.0.0-stable
Dr. Stephen Henson [Wed, 1 Jul 2009 11:29:25 +0000 (11:29 +0000)]
Update from 1.0.0-stable
Dr. Stephen Henson [Tue, 30 Jun 2009 22:27:33 +0000 (22:27 +0000)]
Update from 0.9.8-stable
Dr. Stephen Henson [Tue, 30 Jun 2009 18:27:03 +0000 (18:27 +0000)]
Typo.
Dr. Stephen Henson [Tue, 30 Jun 2009 15:56:35 +0000 (15:56 +0000)]
Use common verify parameters instead of the small ad-hoc subset in
s_client, s_server.
Dr. Stephen Henson [Tue, 30 Jun 2009 15:28:16 +0000 (15:28 +0000)]
Updates from 1.0.0-stable
Dr. Stephen Henson [Tue, 30 Jun 2009 11:58:10 +0000 (11:58 +0000)]
Update from 1.0.0-stable.
Dr. Stephen Henson [Tue, 30 Jun 2009 11:42:04 +0000 (11:42 +0000)]
Update from 1.0.0-stable.
Dr. Stephen Henson [Tue, 30 Jun 2009 11:24:57 +0000 (11:24 +0000)]
Update from 1.0.0-stable
Dr. Stephen Henson [Mon, 29 Jun 2009 16:09:37 +0000 (16:09 +0000)]
Allow setting of verify depth in verify parameters (as opposed to the depth
implemented using the verify callback).
Dr. Stephen Henson [Sun, 28 Jun 2009 16:24:37 +0000 (16:24 +0000)]
Update from 0.9.8-stable.
Dr. Stephen Henson [Fri, 26 Jun 2009 23:14:39 +0000 (23:14 +0000)]
Fix from 0.9.8-stable.
Dr. Stephen Henson [Fri, 26 Jun 2009 15:03:35 +0000 (15:03 +0000)]
Update from 0.9.8-stable.
Dr. Stephen Henson [Fri, 26 Jun 2009 11:29:26 +0000 (11:29 +0000)]
Update from 1.0.0-stable.
Dr. Stephen Henson [Thu, 25 Jun 2009 17:10:44 +0000 (17:10 +0000)]
Stop warnings in gcc where "a" is const passed as a non-const argument.
Dr. Stephen Henson [Thu, 25 Jun 2009 11:29:30 +0000 (11:29 +0000)]
Update from 1.0.0-stable
Dr. Stephen Henson [Wed, 24 Jun 2009 13:50:05 +0000 (13:50 +0000)]
Update FAQ with note about online docs.
Dr. Stephen Henson [Wed, 24 Jun 2009 13:29:29 +0000 (13:29 +0000)]
Initialize outlen.
Dr. Stephen Henson [Wed, 17 Jun 2009 12:19:09 +0000 (12:19 +0000)]
Add beos as a supported DSO scheme.
Dr. Stephen Henson [Wed, 17 Jun 2009 12:04:56 +0000 (12:04 +0000)]
Rename asc2uni and uni2asc functions to avoid clashes.
Dr. Stephen Henson [Wed, 17 Jun 2009 11:48:22 +0000 (11:48 +0000)]
Update from 1.0.0-stable.
Dr. Stephen Henson [Wed, 17 Jun 2009 11:37:44 +0000 (11:37 +0000)]
PR: 1958
Submitted by: Sean Boudreau <seanb@qnx.com>
Approved by: steve@openssl.org
qnx6 support.
Dr. Stephen Henson [Wed, 17 Jun 2009 11:32:59 +0000 (11:32 +0000)]
PR: 1956
Submitted by: Guenter <lists@gknw.net>
Approved by: steve@openssl.org
Netware doesn't have strings.h
Dr. Stephen Henson [Wed, 17 Jun 2009 11:25:42 +0000 (11:25 +0000)]
Submitted by: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Approved by: steve@openssl.org
Check return values for NULL in case of malloc failure.
Dr. Stephen Henson [Tue, 16 Jun 2009 16:54:44 +0000 (16:54 +0000)]
PR: 1946
Submitted by: Guenter <lists@gknw.net>
Approved by: steve@openssl.org
Netware header fix.
Dr. Stephen Henson [Tue, 16 Jun 2009 16:38:47 +0000 (16:38 +0000)]
Submitted by: Artem Chuprina <ran@cryptocom.ru>
Reviewed by: steve@openssl.org
Various GOST ciphersuite and ENGINE fixes. Including...
Allow EVP_PKEY_set_derive_peerkey() in encryption operations.
New flag when certificate verify should be omitted in client key exchange.
Dr. Stephen Henson [Mon, 15 Jun 2009 15:01:00 +0000 (15:01 +0000)]
Update from 0.9.8-stable.