oweals/openssl.git
15 years agoUpdate from 0.9.8-stable.
Dr. Stephen Henson [Fri, 24 Jul 2009 11:24:45 +0000 (11:24 +0000)]
Update from 0.9.8-stable.

15 years agoUpdate from 0.9.8-stable
Dr. Stephen Henson [Fri, 24 Jul 2009 11:15:55 +0000 (11:15 +0000)]
Update from 0.9.8-stable

15 years agoUpdate from 0.9.8-stable.
Dr. Stephen Henson [Fri, 24 Jul 2009 11:10:57 +0000 (11:10 +0000)]
Update from 0.9.8-stable.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Thu, 16 Jul 2009 09:54:49 +0000 (09:54 +0000)]
Update from HEAD.

15 years agoCall CMS tests with "make test"
Dr. Stephen Henson [Wed, 15 Jul 2009 17:59:17 +0000 (17:59 +0000)]
Call CMS tests with "make test"

15 years agoHandle OSX ".dynlib" DSO extension.
Dr. Stephen Henson [Wed, 15 Jul 2009 17:58:57 +0000 (17:58 +0000)]
Handle OSX ".dynlib" DSO extension.

15 years agoUpdate for next beta.
Dr. Stephen Henson [Wed, 15 Jul 2009 12:08:35 +0000 (12:08 +0000)]
Update for next beta.

15 years agoPreparation for beta3 release. OpenSSL_1_0_0-beta3
Dr. Stephen Henson [Wed, 15 Jul 2009 11:37:45 +0000 (11:37 +0000)]
Preparation for beta3 release.

15 years agoFix error codes and indentation.
Dr. Stephen Henson [Wed, 15 Jul 2009 11:32:58 +0000 (11:32 +0000)]
Fix error codes and indentation.

15 years agoPR: 1980
Dr. Stephen Henson [Wed, 15 Jul 2009 11:01:40 +0000 (11:01 +0000)]
PR: 1980
Submitted by: Victor Wagner <vitus@wagner.pp.ru>
Approved by: steve@openssl.org

Fix memory leaks.

15 years agoStop warning of signed/unsigned compare.
Dr. Stephen Henson [Tue, 14 Jul 2009 15:28:44 +0000 (15:28 +0000)]
Stop warning of signed/unsigned compare.

15 years agoOops, use right function name...
Dr. Stephen Henson [Tue, 14 Jul 2009 15:14:39 +0000 (15:14 +0000)]
Oops, use right function name...

15 years agoDocument MD2 deprecation.
Dr. Stephen Henson [Mon, 13 Jul 2009 11:57:15 +0000 (11:57 +0000)]
Document MD2 deprecation.

15 years agoPR: 1984
Dr. Stephen Henson [Mon, 13 Jul 2009 11:44:04 +0000 (11:44 +0000)]
PR: 1984
Submitted by: Michael TÃ\83¼xen <Michael.Tuexen@lurchi.franken.de>
Approved by: steve@openssl.org

Don't concatenate reads in DTLS.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Mon, 13 Jul 2009 11:40:46 +0000 (11:40 +0000)]
Update from HEAD.

15 years agoFix from 0.9.8-stable.
Dr. Stephen Henson [Sat, 11 Jul 2009 22:36:27 +0000 (22:36 +0000)]
Fix from 0.9.8-stable.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Sat, 11 Jul 2009 22:30:02 +0000 (22:30 +0000)]
Update from HEAD.

15 years agoPR: 1985
Dr. Stephen Henson [Sat, 11 Jul 2009 21:42:47 +0000 (21:42 +0000)]
PR: 1985
Submitted by: Artem Chuprina <ran@cryptocom.ru>
Approved by: steve@openssl.org

Initialise flags.

15 years agoMake update.
Dr. Stephen Henson [Wed, 8 Jul 2009 09:13:24 +0000 (09:13 +0000)]
Make update.

15 years agoDelete MD2 from algorithm tables and default compilation.
Dr. Stephen Henson [Wed, 8 Jul 2009 08:50:53 +0000 (08:50 +0000)]
Delete MD2 from algorithm tables and default compilation.

15 years agoFix from HEAD.
Dr. Stephen Henson [Sat, 4 Jul 2009 12:05:14 +0000 (12:05 +0000)]
Fix from HEAD.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Sat, 4 Jul 2009 11:44:01 +0000 (11:44 +0000)]
Update from HEAD.

15 years agoPR: 1976
Dr. Stephen Henson [Wed, 1 Jul 2009 15:46:43 +0000 (15:46 +0000)]
PR: 1976
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org

Cleanup some compile time warnings/magic numbers.

15 years agoPR: 1974(partial)
Dr. Stephen Henson [Wed, 1 Jul 2009 15:42:38 +0000 (15:42 +0000)]
PR: 1974(partial)
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org

Cryptodev digest support.

15 years ago192, 256 bit AES and RC4 support for cryptodev.
Dr. Stephen Henson [Wed, 1 Jul 2009 15:36:55 +0000 (15:36 +0000)]
192, 256 bit AES and RC4 support for cryptodev.

15 years agoPR: 1974(partial)
Dr. Stephen Henson [Wed, 1 Jul 2009 15:25:17 +0000 (15:25 +0000)]
PR: 1974(partial)
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org

Fix up RSA API compliance for rsa_nocrt_mod_exp method.

15 years agoPR: 1974 (partial)
Dr. Stephen Henson [Wed, 1 Jul 2009 14:55:59 +0000 (14:55 +0000)]
PR: 1974 (partial)
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org

If -DHAVE_CRYPTODEV is set enable cryptodev support

15 years agoPR: 1972
Dr. Stephen Henson [Wed, 1 Jul 2009 11:43:57 +0000 (11:43 +0000)]
PR: 1972
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org

Add support for building with the uClinux-dist.

15 years agoPR: 1970
Dr. Stephen Henson [Wed, 1 Jul 2009 11:39:59 +0000 (11:39 +0000)]
PR: 1970
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Reviewed by: steve@openssl.org

Fix unused variable "words" and uninitialised data "b".

15 years agoPR: 1965
Dr. Stephen Henson [Wed, 1 Jul 2009 11:35:46 +0000 (11:35 +0000)]
PR: 1965
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org

Make sure defines to remove SHA are correct.

15 years agoPR: 1962
Dr. Stephen Henson [Wed, 1 Jul 2009 11:29:01 +0000 (11:29 +0000)]
PR: 1962
Submitted by: Daniel Mentz <daniel.m@sent.com>
Reviewed by: steve@openssl.org

Fix "for dtls1_get_record() returns a bad record in one edge case" bug.

15 years agoSubmitted by: "Victor B. Wagner" <vitus@cryptocom.ru>
Dr. Stephen Henson [Wed, 1 Jul 2009 11:23:07 +0000 (11:23 +0000)]
Submitted by: "Victor B. Wagner" <vitus@cryptocom.ru>
Reviewed by: steve@openssl.org

EVP_CTRL_PBE_PRF_NID suppot for Gost engine.

15 years agoUpdate from 0.9.8-stable.
Dr. Stephen Henson [Tue, 30 Jun 2009 22:26:28 +0000 (22:26 +0000)]
Update from 0.9.8-stable.

15 years agoTypo.
Dr. Stephen Henson [Tue, 30 Jun 2009 20:55:55 +0000 (20:55 +0000)]
Typo.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Tue, 30 Jun 2009 16:10:24 +0000 (16:10 +0000)]
Update from HEAD.

15 years agoPR: 1969
Dr. Stephen Henson [Tue, 30 Jun 2009 15:21:48 +0000 (15:21 +0000)]
PR: 1969
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org

Don't use repeating key when testing algs.

15 years agoPR: 1967
Dr. Stephen Henson [Tue, 30 Jun 2009 15:10:54 +0000 (15:10 +0000)]
PR: 1967
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org

Don't go past end of params array.

15 years agoPR: 1966
Dr. Stephen Henson [Tue, 30 Jun 2009 15:08:38 +0000 (15:08 +0000)]
PR: 1966
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Reviewed by: steve@openssl.org

Make no-ocsp work properly.

15 years agoPR: 1963
Dr. Stephen Henson [Tue, 30 Jun 2009 14:59:59 +0000 (14:59 +0000)]
PR: 1963
Submitted by: David McCullough <david_mccullough@securecomputing.com>
Approved by: steve@openssl.org

Make build fail if makedepend not present.

15 years agoAdd "missing" functions for setting all verify parameters for SSL_CTX and SSL
Dr. Stephen Henson [Tue, 30 Jun 2009 11:57:24 +0000 (11:57 +0000)]
Add "missing" functions for setting all verify parameters for SSL_CTX and SSL
structures.

15 years agoRedundant check: s->param is always non-NULL, it is set in SSL_new().
Dr. Stephen Henson [Tue, 30 Jun 2009 11:41:35 +0000 (11:41 +0000)]
Redundant check: s->param is always non-NULL, it is set in SSL_new().

15 years agoInherit parameters properly in SSL contexts: any parameters set should
Dr. Stephen Henson [Tue, 30 Jun 2009 11:21:00 +0000 (11:21 +0000)]
Inherit parameters properly in SSL contexts: any parameters set should
replace those in the current list.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Mon, 29 Jun 2009 16:09:58 +0000 (16:09 +0000)]
Update from HEAD.

15 years agoUpdate from 0.9.8-stable.
Dr. Stephen Henson [Sun, 28 Jun 2009 16:24:11 +0000 (16:24 +0000)]
Update from 0.9.8-stable.

15 years agoFix from 0.9.8-stable
Dr. Stephen Henson [Fri, 26 Jun 2009 23:14:11 +0000 (23:14 +0000)]
Fix from 0.9.8-stable

15 years agoUpdate from 0.9.8-stable.
Dr. Stephen Henson [Fri, 26 Jun 2009 15:04:22 +0000 (15:04 +0000)]
Update from 0.9.8-stable.

15 years agoAllow checking of self-signed certifictes if a flag is set.
Dr. Stephen Henson [Fri, 26 Jun 2009 11:28:52 +0000 (11:28 +0000)]
Allow checking of self-signed certifictes if a flag is set.

15 years agoFix from HEAD.
Dr. Stephen Henson [Thu, 25 Jun 2009 17:11:48 +0000 (17:11 +0000)]
Fix from HEAD.

15 years agoPR: 1748
Dr. Stephen Henson [Thu, 25 Jun 2009 11:26:45 +0000 (11:26 +0000)]
PR: 1748

Fix nasty SSL BIO pop bug. Since this changes the behaviour of SSL BIOs and
will break applications that worked around the bug only included in 1.0.0 and
later.

15 years agoDEBUG_BN_CTX doesn't really debug anything (it is essentially verbosity) and
Ben Laurie [Thu, 25 Jun 2009 10:15:06 +0000 (10:15 +0000)]
DEBUG_BN_CTX doesn't really debug anything (it is essentially verbosity) and
has made make test far too noisy.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Wed, 24 Jun 2009 13:30:07 +0000 (13:30 +0000)]
Update from HEAD.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Wed, 17 Jun 2009 12:19:35 +0000 (12:19 +0000)]
Update from HEAD.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Wed, 17 Jun 2009 12:05:51 +0000 (12:05 +0000)]
Update from HEAD.

15 years agoCheck t too.
Dr. Stephen Henson [Wed, 17 Jun 2009 11:47:54 +0000 (11:47 +0000)]
Check t too.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Wed, 17 Jun 2009 11:38:26 +0000 (11:38 +0000)]
Update from HEAD.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Wed, 17 Jun 2009 11:33:17 +0000 (11:33 +0000)]
Update from HEAD.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Wed, 17 Jun 2009 11:26:09 +0000 (11:26 +0000)]
Update from HEAD.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Tue, 16 Jun 2009 16:55:01 +0000 (16:55 +0000)]
Update from HEAD.

15 years agoUpdates from HEAD.
Dr. Stephen Henson [Tue, 16 Jun 2009 16:39:20 +0000 (16:39 +0000)]
Updates from HEAD.

15 years agoUpdate from 0.9.8-stable.
Dr. Stephen Henson [Mon, 15 Jun 2009 15:00:19 +0000 (15:00 +0000)]
Update from 0.9.8-stable.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Mon, 15 Jun 2009 11:23:33 +0000 (11:23 +0000)]
Update from HEAD.

15 years agoTwo digits is not wide enough.
Ben Laurie [Sun, 14 Jun 2009 10:23:29 +0000 (10:23 +0000)]
Two digits is not wide enough.

15 years agoMake depend.
Ben Laurie [Sun, 14 Jun 2009 02:37:22 +0000 (02:37 +0000)]
Make depend.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Sat, 13 Jun 2009 20:47:09 +0000 (20:47 +0000)]
Update from HEAD.

15 years agoStop gcc bracket warning.
Dr. Stephen Henson [Fri, 5 Jun 2009 14:57:10 +0000 (14:57 +0000)]
Stop gcc bracket warning.

15 years agoStop warning if dtls disabled.
Dr. Stephen Henson [Fri, 5 Jun 2009 14:56:48 +0000 (14:56 +0000)]
Stop warning if dtls disabled.

15 years agoPR: 1950
Dr. Stephen Henson [Fri, 5 Jun 2009 14:46:49 +0000 (14:46 +0000)]
PR: 1950
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve@openssl.org

DTLS fragment retransmission bug.

15 years agoNot always used.
Ben Laurie [Fri, 5 Jun 2009 08:35:54 +0000 (08:35 +0000)]
Not always used.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Tue, 2 Jun 2009 11:23:30 +0000 (11:23 +0000)]
Update from HEAD.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Tue, 2 Jun 2009 11:06:28 +0000 (11:06 +0000)]
Update from HEAD.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Mon, 1 Jun 2009 12:14:15 +0000 (12:14 +0000)]
Update from HEAD.

15 years agoPR: 1921
Dr. Stephen Henson [Sun, 31 May 2009 17:11:24 +0000 (17:11 +0000)]
PR: 1921
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Reviewed by: steve@openssl.org

Add ECDHE and PSK support to DTLS.

15 years agoEnsure canonical encodings of X509_NAME structures are valid.
Dr. Stephen Henson [Sat, 30 May 2009 18:10:59 +0000 (18:10 +0000)]
Ensure canonical encodings of X509_NAME structures are valid.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Fri, 29 May 2009 18:58:59 +0000 (18:58 +0000)]
Update from HEAD.

15 years agoUpdate from 0.9.8-stable.
Dr. Stephen Henson [Fri, 29 May 2009 14:02:30 +0000 (14:02 +0000)]
Update from 0.9.8-stable.

15 years agoNeed definition of struct timeval for dtls1.h which broke WIN32 builds,
Dr. Stephen Henson [Thu, 28 May 2009 20:53:16 +0000 (20:53 +0000)]
Need definition of struct timeval for dtls1.h which broke WIN32 builds,
so include winsock.h. (might be a cleaner way to do this...)

15 years agoUpdate ordinals and sync with 0.9.8
Dr. Stephen Henson [Thu, 28 May 2009 20:49:29 +0000 (20:49 +0000)]
Update ordinals and sync with 0.9.8

15 years agomake errors
Dr. Stephen Henson [Thu, 28 May 2009 20:45:26 +0000 (20:45 +0000)]
make errors

15 years agoSubmitted by: Artem Chuprina <ran@cryptocom.ru>
Dr. Stephen Henson [Thu, 28 May 2009 18:10:47 +0000 (18:10 +0000)]
Submitted by: Artem Chuprina <ran@cryptocom.ru>
Reviewed by: steve@openssl.org

Fix to match latest GOST in TLS draft.

15 years agoAdd CHANGES entries from 0.9.8-stable.
Dr. Stephen Henson [Mon, 18 May 2009 17:37:13 +0000 (17:37 +0000)]
Add CHANGES entries from 0.9.8-stable.

15 years agoDelete line which should have gone with PR#1922.
Dr. Stephen Henson [Mon, 18 May 2009 16:11:58 +0000 (16:11 +0000)]
Delete line which should have gone with PR#1922.

15 years agoPR: 1929
Dr. Stephen Henson [Sun, 17 May 2009 16:04:21 +0000 (16:04 +0000)]
PR: 1929
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

Updated DTLS MTU bug fix.

15 years agoRevert previous MTU patch from PR#1929
Dr. Stephen Henson [Sun, 17 May 2009 15:57:51 +0000 (15:57 +0000)]
Revert previous MTU patch from PR#1929

15 years agoPR: 1599
Dr. Stephen Henson [Sun, 17 May 2009 14:48:02 +0000 (14:48 +0000)]
PR: 1599

Reformat PKCS12_parse manual page, document return values.

15 years agoStupid typo
Richard Levitte [Sun, 17 May 2009 07:22:15 +0000 (07:22 +0000)]
Stupid typo

15 years agoPR: 1931
Dr. Stephen Henson [Sat, 16 May 2009 16:22:11 +0000 (16:22 +0000)]
PR: 1931
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix fragment handling memory leak.

15 years agoPR: 1930
Dr. Stephen Henson [Sat, 16 May 2009 16:17:46 +0000 (16:17 +0000)]
PR: 1930
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Limit size of DTLS record buffer queue.

15 years agoDisable ECDHE in DTLS in a cleaner way.
Dr. Stephen Henson [Sat, 16 May 2009 11:16:15 +0000 (11:16 +0000)]
Disable ECDHE in DTLS in a cleaner way.

15 years agoMake the stuff compile again, fix missing prototype warnings.
Dr. Stephen Henson [Sat, 16 May 2009 11:14:55 +0000 (11:14 +0000)]
Make the stuff compile again, fix missing prototype warnings.

15 years agoUpdate from HEAD.
Dr. Stephen Henson [Fri, 15 May 2009 23:07:41 +0000 (23:07 +0000)]
Update from HEAD.

15 years agoPR: 1922
Dr. Stephen Henson [Fri, 15 May 2009 22:58:13 +0000 (22:58 +0000)]
PR: 1922
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS Timer bug fix.

15 years agoPR: 1925
Dr. Stephen Henson [Fri, 15 May 2009 22:50:12 +0000 (22:50 +0000)]
PR: 1925
Submitted by: "Green, Paul" <Paul.Green@stratus.com>
Approved by: steve@openssl.org

VOS extended name support.

15 years agoFunctional VMS changes submitted by sms@antinode.info (Steven M. Schweda).
Richard Levitte [Fri, 15 May 2009 16:37:08 +0000 (16:37 +0000)]
Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda).
Thank you\!
(note: not tested for now, a few nightly builds should give indications though)

15 years agoHave mkdef.pl also handle VAX and Non-VAX differences for VMS
Richard Levitte [Fri, 15 May 2009 16:01:42 +0000 (16:01 +0000)]
Have mkdef.pl also handle VAX and Non-VAX differences for VMS

15 years agoAdd a comment about libeay.num and ssleay.num
Richard Levitte [Fri, 15 May 2009 16:00:08 +0000 (16:00 +0000)]
Add a comment about libeay.num and ssleay.num

15 years agox86[_64]cpuid.pl: update from HEAD.
Andy Polyakov [Thu, 14 May 2009 18:25:29 +0000 (18:25 +0000)]
x86[_64]cpuid.pl: update from HEAD.

15 years agoPR: 1921
Dr. Stephen Henson [Wed, 13 May 2009 16:25:35 +0000 (16:25 +0000)]
PR: 1921
Submitted by: steve@openssl.org

Our DTLS implementation doesn't currently handle ECDHE so don't include
unsupported ciphers in client hello.

15 years agoPrint out DTLS versions too.
Dr. Stephen Henson [Wed, 13 May 2009 16:24:12 +0000 (16:24 +0000)]
Print out DTLS versions too.

15 years agoPR: 1923
Dr. Stephen Henson [Wed, 13 May 2009 11:51:30 +0000 (11:51 +0000)]
PR: 1923
Submitted by: Daniel Mentz <daniel.m@sent.com>, Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Don't access freed data structure.

15 years agoPR: 1924
Dr. Stephen Henson [Wed, 13 May 2009 11:32:24 +0000 (11:32 +0000)]
PR: 1924
Submitted by: "Green, Paul" <Paul.Green@stratus.com>
Approved by: steve@openssl.org

Fix _POSIX_C_SOURCE usage.