oweals/openssl.git
15 years agoFree SSL_CTX after BIO
Dr. Stephen Henson [Wed, 30 Sep 2009 21:36:17 +0000 (21:36 +0000)]
Free SSL_CTX after BIO

15 years agoFixup sureware ENGINE to handle new RAND_METHOD
Dr. Stephen Henson [Wed, 23 Sep 2009 23:49:04 +0000 (23:49 +0000)]
Fixup sureware ENGINE to handle new RAND_METHOD

15 years agoAudit libcrypto for unchecked return values: fix all cases enountered
Dr. Stephen Henson [Wed, 23 Sep 2009 23:43:49 +0000 (23:43 +0000)]
Audit libcrypto for unchecked return values: fix all cases enountered

15 years agoAdd more return value checking attributes to evp.h and hmac.h
Dr. Stephen Henson [Wed, 23 Sep 2009 23:40:13 +0000 (23:40 +0000)]
Add more return value checking attributes to evp.h and hmac.h

15 years agoAdd DEBUG_UNUSED to debug-steve* entries
Dr. Stephen Henson [Wed, 23 Sep 2009 16:29:20 +0000 (16:29 +0000)]
Add DEBUG_UNUSED to debug-steve* entries

15 years agoAdd attribute to check if return value of certain functions is incorrectly
Dr. Stephen Henson [Wed, 23 Sep 2009 16:27:10 +0000 (16:27 +0000)]
Add attribute to check if return value of certain functions is incorrectly
ignored.

15 years agoPR: 2050
Dr. Stephen Henson [Tue, 22 Sep 2009 11:34:45 +0000 (11:34 +0000)]
PR: 2050
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

Fix handling of ENOTCONN and EMSGSIZE for dgram BIOs.

15 years agoPR: 2047
Dr. Stephen Henson [Sun, 20 Sep 2009 16:41:27 +0000 (16:41 +0000)]
PR: 2047
Submitted by: David Lee <live4thee@gmail.com>, steve@openssl.org
Approved by: steve@openssl.org

Fix for IPv6 handling in BIO_get_accept_socket().

15 years agoOoops, missing close quote
Dr. Stephen Henson [Sun, 20 Sep 2009 12:46:55 +0000 (12:46 +0000)]
Ooops, missing close quote

15 years agoDon't use __try+__except unless on VC++
Dr. Stephen Henson [Sun, 20 Sep 2009 12:39:32 +0000 (12:39 +0000)]
Don't use __try+__except unless on VC++

15 years agoadd version info for VC-WIN64I too
Dr. Stephen Henson [Sun, 20 Sep 2009 11:40:13 +0000 (11:40 +0000)]
add version info for VC-WIN64I too

15 years agoPR: 2048
Dr. Stephen Henson [Sat, 19 Sep 2009 23:00:55 +0000 (23:00 +0000)]
PR: 2048
Submitted by: john blair <mailtome200420032002@yahoo.com>
Approved by: steve@openssl.org

Add version info in VC-WIN64A too.

15 years agocmll-x86_64.pl: small buglet in CBC subroutine.
Andy Polyakov [Thu, 17 Sep 2009 19:35:13 +0000 (19:35 +0000)]
cmll-x86_64.pl: small buglet in CBC subroutine.
PR: 2035

15 years agoPR: 2039
Dr. Stephen Henson [Tue, 15 Sep 2009 22:48:57 +0000 (22:48 +0000)]
PR: 2039
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS listen bug fix,

15 years agoSubmitted by: Julia Lawall <julia@diku.dk>
Dr. Stephen Henson [Sun, 13 Sep 2009 11:29:29 +0000 (11:29 +0000)]
Submitted by:  Julia Lawall <julia@diku.dk>

The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.

15 years agoPR: 2023
Dr. Stephen Henson [Sat, 12 Sep 2009 23:34:41 +0000 (23:34 +0000)]
PR: 2023
Submitted by: James Beckett <jmb.openssl@nospam.hackery.net>, steve
Approved by: steve@openssl.org

Fix documentation errors in d2i_X509 manual pages.

15 years agoPR: 2025
Dr. Stephen Henson [Sat, 12 Sep 2009 23:17:39 +0000 (23:17 +0000)]
PR: 2025
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Constify SSL_CIPHER_description

15 years agoPR: 1411
Dr. Stephen Henson [Sat, 12 Sep 2009 23:09:45 +0000 (23:09 +0000)]
PR: 1411
Submitted by: steve@openssl.org

Allow use of trusted certificates in SSL_CTX_use_chain_file()

15 years agoPR: 2038
Dr. Stephen Henson [Fri, 11 Sep 2009 11:02:52 +0000 (11:02 +0000)]
PR: 2038
Submitted by: Artem Chuprina <ran@cryptocom.ru>
Approved by: steve@openssl.org

Avoid double call to BIO_free().

15 years agoPR: 2033
Dr. Stephen Henson [Wed, 9 Sep 2009 17:05:18 +0000 (17:05 +0000)]
PR: 2033
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS listen support.

15 years agoAdd new option --strict-warnings to Configure script. This is used to add
Dr. Stephen Henson [Wed, 9 Sep 2009 16:31:32 +0000 (16:31 +0000)]
Add new option --strict-warnings to Configure script. This is used to add
in devteam warnings into other configurations.

15 years agoSeed PRNG with DSA and ECDSA digests for additional protection against
Dr. Stephen Henson [Wed, 9 Sep 2009 12:15:08 +0000 (12:15 +0000)]
Seed PRNG with DSA and ECDSA digests for additional protection against
possible PRNG state duplication.

15 years agoPR: 2031
Dr. Stephen Henson [Mon, 7 Sep 2009 17:57:18 +0000 (17:57 +0000)]
PR: 2031
Submitted by: steve@openssl.org

Tolerate application/timestamp-response which some servers send out.

15 years agoTypo presumably....
Dr. Stephen Henson [Sun, 6 Sep 2009 17:56:30 +0000 (17:56 +0000)]
Typo presumably....

15 years agoMake update, deleting bogus DTLS error code
Dr. Stephen Henson [Sun, 6 Sep 2009 15:58:19 +0000 (15:58 +0000)]
Make update, deleting bogus DTLS error code

15 years agoPR: 1644
Dr. Stephen Henson [Sun, 6 Sep 2009 15:49:46 +0000 (15:49 +0000)]
PR: 1644
Submitted by: steve@openssl.org

Fix to make DHparams_dup() et al work in C++.

For 1.0 fix the final argument to ASN1_dup() so it is void *. Replace some
*_dup macros with functions.

15 years agoPR: 2028
Dr. Stephen Henson [Fri, 4 Sep 2009 17:42:53 +0000 (17:42 +0000)]
PR: 2028
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS cookie management bugs.

15 years agoCorrection: salt is now default
Dr. Stephen Henson [Fri, 4 Sep 2009 12:27:12 +0000 (12:27 +0000)]
Correction: salt is now default

15 years agoOops, s can be NULL
Dr. Stephen Henson [Fri, 4 Sep 2009 11:30:59 +0000 (11:30 +0000)]
Oops, s can be NULL

15 years agoPR: 2020
Dr. Stephen Henson [Wed, 2 Sep 2009 15:57:24 +0000 (15:57 +0000)]
PR: 2020
Submitted by: Keith Beckman <kbeckman@mcg.edu>,  Tomas Mraz <tmraz@redhat.com>
Checked by: steve@openssl.org

Fix improperly capitalized references to WWW::Curl::Easy.

15 years agoPR: 2029
Dr. Stephen Henson [Wed, 2 Sep 2009 15:51:19 +0000 (15:51 +0000)]
PR: 2029
Submitted by: Tomas Mraz <tmraz@redhat.com>
Checked by: steve@openssl.org

Fix so that the legacy digest EVP_dss1() still works.

15 years agoPR: 2013
Dr. Stephen Henson [Wed, 2 Sep 2009 13:54:50 +0000 (13:54 +0000)]
PR: 2013
Submitted by: steve@openssl.org

Include a flag ASN1_STRING_FLAG_MSTRING when a multi string type is created.
This makes it possible to tell if the underlying type is UTCTime,
GeneralizedTime or Time when the structure is reused and X509_time_adj_ex()
can handle each case in an appropriate manner.

Add error checking to CRL generation in ca utility when nextUpdate is being
set.

15 years agoPR: 2009
Dr. Stephen Henson [Wed, 2 Sep 2009 13:20:32 +0000 (13:20 +0000)]
PR: 2009
Submitted by: "Alexei Khlebnikov" <alexei.khlebnikov@opera.com>
Approved by: steve@openssl.org

Avoid memory leak and fix error reporting in d2i_SSL_SESSION(). NB: although
the ticket mentions buffer overruns this isn't a security issue because
the SSL_SESSION structure is generated internally and it should never be
possible to supply its contents from an untrusted application (this would
among other things destroy session cache security).

15 years agoPR: 2022
Dr. Stephen Henson [Wed, 2 Sep 2009 12:53:52 +0000 (12:53 +0000)]
PR: 2022
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS record header length bug.

15 years agoTidy up and fix verify callbacks to avoid structure dereference, use of
Dr. Stephen Henson [Wed, 2 Sep 2009 12:47:28 +0000 (12:47 +0000)]
Tidy up and fix verify callbacks to avoid structure dereference, use of
obsolete functions and enhance to handle new conditions such as policy printing.

15 years agoMissing break.
Dr. Stephen Henson [Mon, 31 Aug 2009 22:19:26 +0000 (22:19 +0000)]
Missing break.

15 years agoPR: 2005
Dr. Stephen Henson [Wed, 26 Aug 2009 15:15:15 +0000 (15:15 +0000)]
PR: 2005
Submitted by: steve@openssl.org

Some systems have broken IPv6 headers and/or implementations. If
OPENSSL_USE_IPV6 is set to 0 IPv6 is not used, if it is set to 1 it is used
and if undefined an attempt is made to detect at compile time by checking
if AF_INET6 is set and excluding known problem platforms.

15 years agoPR: 2006
Dr. Stephen Henson [Wed, 26 Aug 2009 11:51:57 +0000 (11:51 +0000)]
PR: 2006
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Do not use multiple DTLS records for a single user message

15 years agoPR: 2015
Dr. Stephen Henson [Wed, 26 Aug 2009 11:42:11 +0000 (11:42 +0000)]
PR: 2015
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Define LIBDIR properly.

15 years agosha1-x86* assembler update: F_40_59 and Atom-specific optimizations.
Andy Polyakov [Tue, 18 Aug 2009 19:24:50 +0000 (19:24 +0000)]
sha1-x86* assembler update: F_40_59 and Atom-specific optimizations.

15 years agoStop unused variable warning on WIN32 et al.
Dr. Stephen Henson [Tue, 18 Aug 2009 11:15:33 +0000 (11:15 +0000)]
Stop unused variable warning on WIN32 et al.

15 years agoUse SHA1 and not deprecated MD5 in demos.
Dr. Stephen Henson [Sat, 15 Aug 2009 11:01:09 +0000 (11:01 +0000)]
Use SHA1 and not deprecated MD5 in demos.

15 years agoUpdate default dependency flags.
Dr. Stephen Henson [Wed, 12 Aug 2009 17:30:37 +0000 (17:30 +0000)]
Update default dependency flags.
Make error name discrepancies a fatal error.
Fix error codes.
make update

15 years agoEnable mdc2 support by default as the patent has now expired.
Dr. Stephen Henson [Wed, 12 Aug 2009 16:46:26 +0000 (16:46 +0000)]
Enable mdc2 support by default as the patent has now expired.

15 years agoUpdate README with bug report and contribution details.
Dr. Stephen Henson [Wed, 12 Aug 2009 16:44:33 +0000 (16:44 +0000)]
Update README with bug report and contribution details.

15 years agoPR: 1997
Dr. Stephen Henson [Wed, 12 Aug 2009 13:19:54 +0000 (13:19 +0000)]
PR: 1997
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS timeout handling fix.

15 years agoTypo
Dr. Stephen Henson [Mon, 10 Aug 2009 15:52:49 +0000 (15:52 +0000)]
Typo

15 years agoPR: 1999
Dr. Stephen Henson [Mon, 10 Aug 2009 15:30:40 +0000 (15:30 +0000)]
PR: 1999
Submitted by: "Bayram Kurumahmut" <kbayram@ubicom.com>
Approved by: steve@openssl.org

Don't use HAVE_FORK in apps/speed.c it can conflict with configured version.

15 years agoPR: 2004
Dr. Stephen Henson [Mon, 10 Aug 2009 14:56:57 +0000 (14:56 +0000)]
PR: 2004
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Approved by: steve@openssl.org

Handle fractional seconds properly in ASN1_GENERALIZEDTIME_print

15 years agoPR: 2003
Dr. Stephen Henson [Mon, 10 Aug 2009 14:48:40 +0000 (14:48 +0000)]
PR: 2003
Make it possible to install OpenSSL in directories with name other
than "lib" for example "lib64". Based on patch from Jeremy Utley.

15 years agoAdd COMP error strings.
Dr. Stephen Henson [Sun, 9 Aug 2009 14:58:37 +0000 (14:58 +0000)]
Add COMP error strings.

15 years agoFix error code.
Dr. Stephen Henson [Thu, 6 Aug 2009 16:39:34 +0000 (16:39 +0000)]
Fix error code.

15 years agoReject leading 0x80 in OID subidentifiers.
Dr. Stephen Henson [Thu, 6 Aug 2009 16:32:54 +0000 (16:32 +0000)]
Reject leading 0x80 in OID subidentifiers.

15 years agoPR: 2002
Dr. Stephen Henson [Wed, 5 Aug 2009 15:51:39 +0000 (15:51 +0000)]
PR: 2002
Submitted by: Tomas Mraz <tmraz@redhat.com>
Obtained from: steve@openssl.org

Fix bug in libssl and krb5 linking in Makefile.org

15 years agoOops!
Dr. Stephen Henson [Wed, 5 Aug 2009 15:32:10 +0000 (15:32 +0000)]
Oops!

15 years agoUpdate from 1.0.0-stable.
Dr. Stephen Henson [Wed, 5 Aug 2009 15:29:58 +0000 (15:29 +0000)]
Update from 1.0.0-stable.

15 years agoPR: 2001
Dr. Stephen Henson [Wed, 5 Aug 2009 14:55:20 +0000 (14:55 +0000)]
PR: 2001
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Add patch: http://cvs.openssl.org/chngview?cn=14635 which never made it to
1.0.0, HEAD.

15 years agoUpdate from 1.0.0-stable.
Dr. Stephen Henson [Mon, 27 Jul 2009 21:22:02 +0000 (21:22 +0000)]
Update from 1.0.0-stable.

15 years agoUpdate from 1.0.0-stable
Dr. Stephen Henson [Mon, 27 Jul 2009 21:10:00 +0000 (21:10 +0000)]
Update from 1.0.0-stable

15 years agoFix warnings.
Ben Laurie [Sun, 26 Jul 2009 12:09:21 +0000 (12:09 +0000)]
Fix warnings.

15 years agoUpdate from 0.9.8-stable.
Dr. Stephen Henson [Fri, 24 Jul 2009 13:48:07 +0000 (13:48 +0000)]
Update from 0.9.8-stable.

15 years agoRemove MD2 test from WIN32 as we don't compile it in by default any more.
Dr. Stephen Henson [Fri, 24 Jul 2009 13:43:59 +0000 (13:43 +0000)]
Remove MD2 test from WIN32 as we don't compile it in by default any more.

15 years agoFix typos.
Dr. Stephen Henson [Fri, 24 Jul 2009 13:37:18 +0000 (13:37 +0000)]
Fix typos.

15 years agoNew debug targets from 1.0.0-stable
Dr. Stephen Henson [Fri, 24 Jul 2009 13:31:12 +0000 (13:31 +0000)]
New debug targets from 1.0.0-stable

15 years agoPR: 1990
Dr. Stephen Henson [Fri, 24 Jul 2009 13:07:30 +0000 (13:07 +0000)]
PR: 1990

Update from 0.9.8-stable

15 years agoDocument removal of digest+signature algorithm link.
Dr. Stephen Henson [Fri, 24 Jul 2009 13:01:40 +0000 (13:01 +0000)]
Document removal of digest+signature algorithm link.

15 years agoPR: 1993
Dr. Stephen Henson [Fri, 24 Jul 2009 11:52:55 +0000 (11:52 +0000)]
PR: 1993

Fix from 0.9.8-stable.

15 years agoFix from 0.9.8-stable
Dr. Stephen Henson [Fri, 24 Jul 2009 11:34:59 +0000 (11:34 +0000)]
Fix from 0.9.8-stable

15 years agoUpdate from 0.9.8-stable.
Dr. Stephen Henson [Fri, 24 Jul 2009 11:25:13 +0000 (11:25 +0000)]
Update from 0.9.8-stable.

15 years agoUpdate from 0.9.8-stable
Dr. Stephen Henson [Fri, 24 Jul 2009 11:17:10 +0000 (11:17 +0000)]
Update from 0.9.8-stable

15 years agoUpdate from 0.9.8-stable
Dr. Stephen Henson [Fri, 24 Jul 2009 11:11:30 +0000 (11:11 +0000)]
Update from 0.9.8-stable

15 years agoUse correct extension and OSX detection.
Dr. Stephen Henson [Thu, 16 Jul 2009 09:52:59 +0000 (09:52 +0000)]
Use correct extension and OSX detection.

15 years agoUpdates from 1.0.0-stable
Dr. Stephen Henson [Wed, 15 Jul 2009 18:00:04 +0000 (18:00 +0000)]
Updates from 1.0.0-stable

15 years agoUpdate from 1.0.0-stable.
Dr. Stephen Henson [Wed, 15 Jul 2009 11:33:24 +0000 (11:33 +0000)]
Update from 1.0.0-stable.

15 years agoUpdates from 1.0.0-stable
Dr. Stephen Henson [Wed, 15 Jul 2009 11:02:24 +0000 (11:02 +0000)]
Updates from 1.0.0-stable

15 years agoUpdates from 1.0.0-stable.
Dr. Stephen Henson [Tue, 14 Jul 2009 15:30:05 +0000 (15:30 +0000)]
Updates from 1.0.0-stable.

15 years agoDocument MD2 deprecation.
Dr. Stephen Henson [Mon, 13 Jul 2009 11:58:05 +0000 (11:58 +0000)]
Document MD2 deprecation.

15 years agoUpdate from 1.0.0-stable.
Dr. Stephen Henson [Mon, 13 Jul 2009 11:44:30 +0000 (11:44 +0000)]
Update from 1.0.0-stable.

15 years agoUse new time routines to avoid possible overflow.
Dr. Stephen Henson [Mon, 13 Jul 2009 11:40:14 +0000 (11:40 +0000)]
Use new time routines to avoid possible overflow.

15 years agoUpdate from 0.9.8-stable
Dr. Stephen Henson [Sat, 11 Jul 2009 22:36:59 +0000 (22:36 +0000)]
Update from 0.9.8-stable

15 years agoPR: 1624
Dr. Stephen Henson [Sat, 11 Jul 2009 22:28:45 +0000 (22:28 +0000)]
PR: 1624
Submitted by: "Simon L. Nielsen" <simon@FreeBSD.org>
Obtained from: steve@openssl.org

Correct FreeBSD check.

15 years agoUpdate from 1.0.0-stable.
Dr. Stephen Henson [Sat, 11 Jul 2009 21:43:50 +0000 (21:43 +0000)]
Update from 1.0.0-stable.

15 years agoMake update.
Dr. Stephen Henson [Wed, 8 Jul 2009 09:19:53 +0000 (09:19 +0000)]
Make update.

15 years agoDelete MD2 from algorithm tables as in 0.9.8-stable. However since this is
Dr. Stephen Henson [Wed, 8 Jul 2009 08:49:17 +0000 (08:49 +0000)]
Delete MD2 from algorithm tables as in 0.9.8-stable. However since this is
a new branch we can also disable it by default.

15 years agoFix warnings.
Dr. Stephen Henson [Sat, 4 Jul 2009 12:04:06 +0000 (12:04 +0000)]
Fix warnings.

15 years agoPR: 1981
Dr. Stephen Henson [Sat, 4 Jul 2009 11:38:40 +0000 (11:38 +0000)]
PR: 1981
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS record header bugfix.

15 years agoUpadte from 1.0.0-stable
Dr. Stephen Henson [Wed, 1 Jul 2009 15:47:04 +0000 (15:47 +0000)]
Upadte from 1.0.0-stable

15 years agoUpdate from 1.0.0-stable.
Dr. Stephen Henson [Wed, 1 Jul 2009 15:43:04 +0000 (15:43 +0000)]
Update from 1.0.0-stable.

15 years agoUpdate from 1.0.0-stable
Dr. Stephen Henson [Wed, 1 Jul 2009 15:37:17 +0000 (15:37 +0000)]
Update from 1.0.0-stable

15 years agoUpdate from 1.0.0-stable
Dr. Stephen Henson [Wed, 1 Jul 2009 15:26:00 +0000 (15:26 +0000)]
Update from 1.0.0-stable

15 years agoUpdate from 1.0.0-stable
Dr. Stephen Henson [Wed, 1 Jul 2009 11:46:03 +0000 (11:46 +0000)]
Update from 1.0.0-stable

15 years agoUpdate from 1.0.0-stable
Dr. Stephen Henson [Wed, 1 Jul 2009 11:40:19 +0000 (11:40 +0000)]
Update from 1.0.0-stable

15 years agoUpdate from 1.0.0-stable
Dr. Stephen Henson [Wed, 1 Jul 2009 11:29:25 +0000 (11:29 +0000)]
Update from 1.0.0-stable

15 years agoUpdate from 0.9.8-stable
Dr. Stephen Henson [Tue, 30 Jun 2009 22:27:33 +0000 (22:27 +0000)]
Update from 0.9.8-stable

15 years agoTypo.
Dr. Stephen Henson [Tue, 30 Jun 2009 18:27:03 +0000 (18:27 +0000)]
Typo.

15 years agoUse common verify parameters instead of the small ad-hoc subset in
Dr. Stephen Henson [Tue, 30 Jun 2009 15:56:35 +0000 (15:56 +0000)]
Use common verify parameters instead of the small ad-hoc subset in
s_client, s_server.

15 years agoUpdates from 1.0.0-stable
Dr. Stephen Henson [Tue, 30 Jun 2009 15:28:16 +0000 (15:28 +0000)]
Updates from 1.0.0-stable

15 years agoUpdate from 1.0.0-stable.
Dr. Stephen Henson [Tue, 30 Jun 2009 11:58:10 +0000 (11:58 +0000)]
Update from 1.0.0-stable.

15 years agoUpdate from 1.0.0-stable.
Dr. Stephen Henson [Tue, 30 Jun 2009 11:42:04 +0000 (11:42 +0000)]
Update from 1.0.0-stable.

15 years agoUpdate from 1.0.0-stable
Dr. Stephen Henson [Tue, 30 Jun 2009 11:24:57 +0000 (11:24 +0000)]
Update from 1.0.0-stable