oweals/openssl.git
16 years agoUpdate from HEAD.
Dr. Stephen Henson [Thu, 3 Apr 2008 23:29:41 +0000 (23:29 +0000)]
Update from HEAD.

16 years agoUpdate WIN32 build system for CMS.
Dr. Stephen Henson [Thu, 3 Apr 2008 23:21:46 +0000 (23:21 +0000)]
Update WIN32 build system for CMS.

16 years agoUpdate default CFLAGS and dependencies.
Dr. Stephen Henson [Thu, 3 Apr 2008 23:18:27 +0000 (23:18 +0000)]
Update default CFLAGS and dependencies.

16 years agoAdd S/MIME test certs.
Dr. Stephen Henson [Thu, 3 Apr 2008 23:09:50 +0000 (23:09 +0000)]
Add S/MIME test certs.

16 years agoBackport of CMS code to 0.9.8-stable branch. Disabled by default.
Dr. Stephen Henson [Thu, 3 Apr 2008 23:03:56 +0000 (23:03 +0000)]
Backport of CMS code to 0.9.8-stable branch. Disabled by default.

16 years agoAdd -DOPENSSL_NO_DEPRECATED to debug-steve* targets. Add headers to make
Dr. Stephen Henson [Wed, 2 Apr 2008 14:51:09 +0000 (14:51 +0000)]
Add -DOPENSSL_NO_DEPRECATED to debug-steve* targets. Add headers to make
build work.

16 years agoUpdate CHANGES.
Dr. Stephen Henson [Wed, 2 Apr 2008 11:45:34 +0000 (11:45 +0000)]
Update CHANGES.

16 years agoBackport of zlib compression BIO from HEAD. Update mkdef.pl script to handle
Dr. Stephen Henson [Wed, 2 Apr 2008 11:37:25 +0000 (11:37 +0000)]
Backport of zlib compression BIO from HEAD. Update mkdef.pl script to handle
ZLIB. Update ordinals.

16 years agoAdd CHANGES entry for key wrap.
Dr. Stephen Henson [Wed, 2 Apr 2008 11:21:53 +0000 (11:21 +0000)]
Add CHANGES entry for key wrap.

16 years agoAdd RFC3394 compatible key wrap algorithm.
Dr. Stephen Henson [Wed, 2 Apr 2008 11:18:43 +0000 (11:18 +0000)]
Add RFC3394 compatible key wrap algorithm.

16 years agoAvoid "initializer not constant" errors when compiling in pedantic mode.
Dr. Stephen Henson [Wed, 2 Apr 2008 11:15:05 +0000 (11:15 +0000)]
Avoid "initializer not constant" errors when compiling in pedantic mode.

16 years agoBackport some useful ASN1 utility functions from HEAD.
Dr. Stephen Henson [Wed, 2 Apr 2008 11:11:51 +0000 (11:11 +0000)]
Backport some useful ASN1 utility functions from HEAD.

16 years agoAdd debug-steve{32,64} targets to Configure script.
Dr. Stephen Henson [Wed, 2 Apr 2008 11:09:16 +0000 (11:09 +0000)]
Add debug-steve{32,64} targets to Configure script.

16 years agoAdd new missing CMS OIDs.
Dr. Stephen Henson [Wed, 2 Apr 2008 10:45:19 +0000 (10:45 +0000)]
Add new missing CMS OIDs.

16 years agoFix fast reduction on NIST curves [from HEAD].
Andy Polyakov [Tue, 1 Apr 2008 08:40:52 +0000 (08:40 +0000)]
Fix fast reduction on NIST curves [from HEAD].
PR: 1593

16 years agoUpdate from HEAD.
Dr. Stephen Henson [Mon, 31 Mar 2008 14:59:13 +0000 (14:59 +0000)]
Update from HEAD.

16 years agoUpdate year.
Dr. Stephen Henson [Mon, 31 Mar 2008 14:28:44 +0000 (14:28 +0000)]
Update year.

16 years agoFix from HEAD.
Dr. Stephen Henson [Sat, 29 Mar 2008 13:22:49 +0000 (13:22 +0000)]
Fix from HEAD.

16 years agoUpdate year.
Dr. Stephen Henson [Wed, 12 Mar 2008 13:06:17 +0000 (13:06 +0000)]
Update year.

16 years agoFix from HEAD.
Dr. Stephen Henson [Wed, 12 Mar 2008 00:38:07 +0000 (00:38 +0000)]
Fix from HEAD.

16 years agoAdd missing changelog entry for http://cvs.openssl.org/chngview?cn=16587
Mark J. Cox [Thu, 28 Feb 2008 13:35:58 +0000 (13:35 +0000)]
Add missing changelog entry for cvs.openssl.org/chngview?cn=16587

16 years agoMake x86_64-mont.pl work with debug Win64 build [from HEAD].
Andy Polyakov [Wed, 27 Feb 2008 20:14:46 +0000 (20:14 +0000)]
Make x86_64-mont.pl work with debug Win64 build [from HEAD].

16 years agofix BIGNUM flag handling
Bodo Möller [Wed, 27 Feb 2008 06:02:00 +0000 (06:02 +0000)]
fix BIGNUM flag handling

16 years agoUpdate from HEAD.
Dr. Stephen Henson [Mon, 25 Feb 2008 18:12:30 +0000 (18:12 +0000)]
Update from HEAD.

16 years agoMake sure to set indent-tabs-mode so that we get tabs, not spaces.
Bodo Möller [Thu, 21 Feb 2008 07:23:46 +0000 (07:23 +0000)]
Make sure to set indent-tabs-mode so that we get tabs, not spaces.

16 years agoAllow 32-bit perl to generate x86_64 assembler.
Andy Polyakov [Wed, 13 Feb 2008 20:01:48 +0000 (20:01 +0000)]
Allow 32-bit perl to generate x86_64 assembler.

16 years agoSource readability fix, which incidentally works around XLC compiler bug
Andy Polyakov [Mon, 11 Feb 2008 13:18:40 +0000 (13:18 +0000)]
Source readability fix, which incidentally works around XLC compiler bug
[from HEAD].
PR: 1272

16 years agoMake aes-x86_64 work with debug Win64 build [from HEAD].
Andy Polyakov [Mon, 11 Feb 2008 13:13:11 +0000 (13:13 +0000)]
Make aes-x86_64 work with debug Win64 build [from HEAD].

16 years agox86_64-xlate.pl update from HEAD.
Andy Polyakov [Mon, 11 Feb 2008 13:07:11 +0000 (13:07 +0000)]
x86_64-xlate.pl update from HEAD.

16 years agoAdd missing colon in manpage
Lutz Jänicke [Wed, 30 Jan 2008 08:26:18 +0000 (08:26 +0000)]
Add missing colon in manpage

Submitted by: Richard Hartmann <richih.mailinglist@gmail.com>

16 years agoAdd GlobalSign root CA.
Dr. Stephen Henson [Sat, 26 Jan 2008 23:43:29 +0000 (23:43 +0000)]
Add GlobalSign root CA.

16 years agoUpdate from HEAD.
Dr. Stephen Henson [Wed, 23 Jan 2008 19:25:41 +0000 (19:25 +0000)]
Update from HEAD.

16 years agoStop nasm/nasmw test complaining on stderr.
Dr. Stephen Henson [Fri, 4 Jan 2008 00:40:00 +0000 (00:40 +0000)]
Stop nasm/nasmw test complaining on stderr.

16 years agoNetware support.
Dr. Stephen Henson [Thu, 3 Jan 2008 22:53:06 +0000 (22:53 +0000)]
Netware support.
Submitted by: Guenter Knauf <eflash@gmx.net>

16 years agoTypo in http://cvs.openssl.org/chngview?cn=16833.
Andy Polyakov [Thu, 3 Jan 2008 17:15:20 +0000 (17:15 +0000)]
Typo in http://cvs.openssl.org/chngview?cn=16833.

16 years agoNASM has recently changed name of win32 pre-compiled binary [from HEAD].
Andy Polyakov [Thu, 3 Jan 2008 17:14:25 +0000 (17:14 +0000)]
NASM has recently changed name of win32 pre-compiled binary [from HEAD].
PR: 1627

16 years agoUpdate from HEAD
Dr. Stephen Henson [Thu, 3 Jan 2008 16:37:21 +0000 (16:37 +0000)]
Update from HEAD

16 years agoAdd fips-fingerprint option to dgst.c to use the appropriate FIPS HMAC key.
Dr. Stephen Henson [Sun, 23 Dec 2007 13:38:55 +0000 (13:38 +0000)]
Add fips-fingerprint option to dgst.c to use the appropriate FIPS HMAC key.

16 years agofile fipsalgtest.pl was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12...
Dr. Stephen Henson [Sat, 22 Dec 2007 19:31:05 +0000 (19:31 +0000)]
file fipsalgtest.pl was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:10 +0000

16 years agoTypo in darinw64-ppc-cc config line.
Andy Polyakov [Sun, 16 Dec 2007 20:42:42 +0000 (20:42 +0000)]
Typo in darinw64-ppc-cc config line.
PR: 1622

16 years agoUpdates from HEAD.
Dr. Stephen Henson [Sun, 16 Dec 2007 16:38:22 +0000 (16:38 +0000)]
Updates from HEAD.

16 years agoUpdate .cvsignore
Dr. Stephen Henson [Fri, 14 Dec 2007 19:36:32 +0000 (19:36 +0000)]
Update .cvsignore

16 years agoDon't shadow.
Dr. Stephen Henson [Fri, 14 Dec 2007 19:34:05 +0000 (19:34 +0000)]
Don't shadow.

16 years agogmp engine was non-operational.
Andy Polyakov [Tue, 4 Dec 2007 20:30:49 +0000 (20:30 +0000)]
gmp engine was non-operational.

16 years agoopensslwrap.sh update from HEAD.
Andy Polyakov [Tue, 4 Dec 2007 20:29:57 +0000 (20:29 +0000)]
opensslwrap.sh update from HEAD.

16 years agoSome assembler are allergic to lea reg,BYTE PTR[...].
Andy Polyakov [Sun, 2 Dec 2007 21:32:35 +0000 (21:32 +0000)]
Some assembler are allergic to lea reg,BYTE PTR[...].

Submitted by: Guenter Knauf

16 years agoLearn how to spell "Repository"
Dr. Stephen Henson [Fri, 23 Nov 2007 00:18:00 +0000 (00:18 +0000)]
Learn how to spell "Repository"

16 years agoOops, use the right caRepository OID this time ;-)
Dr. Stephen Henson [Fri, 23 Nov 2007 00:11:54 +0000 (00:11 +0000)]
Oops, use the right caRepository OID this time ;-)

16 years agoAdd caRepository OID to OpenSSL.
Dr. Stephen Henson [Fri, 23 Nov 2007 00:07:48 +0000 (00:07 +0000)]
Add caRepository OID to OpenSSL.

17 years agoTypos in man pages: dependant->dependent
Lutz Jänicke [Mon, 19 Nov 2007 09:18:01 +0000 (09:18 +0000)]
Typos in man pages: dependant->dependent

Submitted by: Tobias Stoeckmann <tobias@bugol.de>

17 years agoShould reject signatures that we can't properly verify
Bodo Möller [Mon, 19 Nov 2007 07:25:28 +0000 (07:25 +0000)]
Should reject signatures that we can't properly verify
and couldn't generate
(as pointed out by Ernst G Giessmann)

17 years agofix typos
Bodo Möller [Mon, 19 Nov 2007 07:23:52 +0000 (07:23 +0000)]
fix typos

Submitted by: Ernst G. Giessmann

17 years agoThe hash length check wasn't strict enough,
Bodo Möller [Fri, 16 Nov 2007 13:00:57 +0000 (13:00 +0000)]
The hash length check wasn't strict enough,
as pointed out by Ernst G Giessmann

17 years agoFix buffer overflow.
Ben Laurie [Thu, 15 Nov 2007 13:33:47 +0000 (13:33 +0000)]
Fix buffer overflow.

17 years agoMake depend.
Ben Laurie [Thu, 15 Nov 2007 13:32:53 +0000 (13:32 +0000)]
Make depend.

17 years agoFix warnings.
Ben Laurie [Thu, 15 Nov 2007 13:32:16 +0000 (13:32 +0000)]
Fix warnings.

17 years agoAdd x86_64-mont.pl [from HEAD].
Andy Polyakov [Sun, 11 Nov 2007 21:04:34 +0000 (21:04 +0000)]
Add x86_64-mont.pl [from HEAD].

17 years agoAdd framework for bn_mul_mont [from 098-fips].
Andy Polyakov [Sun, 11 Nov 2007 20:43:23 +0000 (20:43 +0000)]
Add framework for bn_mul_mont [from 098-fips].

17 years agodoc/crypto/OPENSSL_ia32cap.pod update [from HEAD].
Andy Polyakov [Sun, 11 Nov 2007 20:10:09 +0000 (20:10 +0000)]
doc/crypto/OPENSSL_ia32cap.pod update [from HEAD].

17 years agoComply with updated x86cpuid.pl.
Andy Polyakov [Sun, 11 Nov 2007 20:06:17 +0000 (20:06 +0000)]
Comply with updated x86cpuid.pl.

17 years agox86cpuid.pl update [from HEAD].
Andy Polyakov [Sun, 11 Nov 2007 19:44:42 +0000 (19:44 +0000)]
x86cpuid.pl update [from HEAD].

17 years agoTypos in Configure.
Andy Polyakov [Sun, 11 Nov 2007 16:39:31 +0000 (16:39 +0000)]
Typos in Configure.

17 years agorc4-x86_64.pl update [from HEAD].
Andy Polyakov [Sun, 11 Nov 2007 16:25:46 +0000 (16:25 +0000)]
rc4-x86_64.pl update [from HEAD].

17 years agox86_64cpuid.pl update [from HEAD].
Andy Polyakov [Sun, 11 Nov 2007 16:25:00 +0000 (16:25 +0000)]
x86_64cpuid.pl update [from HEAD].

17 years agoAdd AES x86_64 assembler. Note that it's not latest version from HEAD,
Andy Polyakov [Sun, 11 Nov 2007 14:49:56 +0000 (14:49 +0000)]
Add AES x86_64 assembler. Note that it's not latest version from HEAD,
but older one corresponding to x86 module from 098-stable.

17 years agoAdd SHA x86_64 assembler [from HEAD].
Andy Polyakov [Sun, 11 Nov 2007 13:56:47 +0000 (13:56 +0000)]
Add SHA x86_64 assembler [from HEAD].

17 years agoSynchronize message digests in 098-fips with 098.
Andy Polyakov [Sun, 11 Nov 2007 13:34:08 +0000 (13:34 +0000)]
Synchronize message digests in 098-fips with 098.

17 years agoCommit #16325 fixed one thing but broke DH with certain moduli [from HEAD].
Andy Polyakov [Sat, 3 Nov 2007 20:09:29 +0000 (20:09 +0000)]
Commit #16325 fixed one thing but broke DH with certain moduli [from HEAD].

17 years agoAllow new session ticket when resuming.
Dr. Stephen Henson [Sat, 3 Nov 2007 13:07:39 +0000 (13:07 +0000)]
Allow new session ticket when resuming.

17 years agoAdd OIDs by CMP (RFC 4210) and CRMF (RFC 4211)
Lutz Jänicke [Thu, 1 Nov 2007 08:25:28 +0000 (08:25 +0000)]
Add OIDs by CMP (RFC 4210) and CRMF (RFC 4211)

Submitted by: Martin Peylo <martinmeis@googlemail.com>

17 years agoMake it possible for older masm to compile sse2 modules.
Andy Polyakov [Sun, 21 Oct 2007 14:15:40 +0000 (14:15 +0000)]
Make it possible for older masm to compile sse2 modules.
PR: 1592

17 years agoRelease OpenSSL 0.9.8g with various fixes to issues introduced with 0.9.8f
Lutz Jänicke [Fri, 19 Oct 2007 08:25:53 +0000 (08:25 +0000)]
Release OpenSSL 0.9.8g with various fixes to issues introduced with 0.9.8f

17 years agoEnsure the ticket expected flag is reset when a stateless resumption is
Dr. Stephen Henson [Thu, 18 Oct 2007 11:39:11 +0000 (11:39 +0000)]
Ensure the ticket expected flag is reset when a stateless resumption is
successful.

17 years agoNew unused field crippled ssl_ctx_st in 0.9.8"f".
Andy Polyakov [Wed, 17 Oct 2007 21:22:58 +0000 (21:22 +0000)]
New unused field crippled ssl_ctx_st in 0.9.8"f".

17 years agoDon't let DTLS ChangeCipherSpec increment handshake sequence number. From
Andy Polyakov [Wed, 17 Oct 2007 21:17:49 +0000 (21:17 +0000)]
Don't let DTLS ChangeCipherSpec increment handshake sequence number. From
HEAD with a twist: server interoperates with non-compliant client.
PR: 1587

17 years agoDon't try to lookup zero length session.
Dr. Stephen Henson [Wed, 17 Oct 2007 17:30:15 +0000 (17:30 +0000)]
Don't try to lookup zero length session.

17 years agoAllow TLS tickets and session ID to both be present if lifetime hint is -1.
Dr. Stephen Henson [Wed, 17 Oct 2007 11:27:25 +0000 (11:27 +0000)]
Allow TLS tickets and session ID to both be present if lifetime hint is -1.
This never happens in normal SSL sessions but can be useful if the session
is being used as a "blob" to contain other data.

17 years agoWork around inconsistent version numbering in 0.9.8f (release).
Lutz Jänicke [Wed, 17 Oct 2007 07:46:49 +0000 (07:46 +0000)]
Work around inconsistent version numbering in 0.9.8f (release).
The version code of the release should have been 09086f (6=f, f=release)
but accidently it was marked "090870" (which would be "0.9.8g-dev").

Therefore we now use "090871" for the development of 0.9.8g. Once
0.9.8g is released, the problem will be "healed". We have never done
beta releases for 0.9.x-stable patch releases, so 090871 would never
be used in practice.

PR: #1589

17 years agoMake ssl compile.
Andy Polyakov [Sun, 14 Oct 2007 14:07:46 +0000 (14:07 +0000)]
Make ssl compile.

17 years agoInclude USE_SOCKETS #define
Dr. Stephen Henson [Sun, 14 Oct 2007 12:19:07 +0000 (12:19 +0000)]
Include USE_SOCKETS #define

17 years agoMake it possible to link VC static lib with either /MT or /MD application
Andy Polyakov [Sat, 13 Oct 2007 12:38:37 +0000 (12:38 +0000)]
Make it possible to link VC static lib with either /MT or /MD application
[from HEAD].
PR: 1230

17 years agoCopy bn/asm/ia64.S from HEAD.
Andy Polyakov [Sat, 13 Oct 2007 11:02:17 +0000 (11:02 +0000)]
Copy bn/asm/ia64.S from HEAD.

17 years agoAvoid shadow and signed/unsigned warnings.
Dr. Stephen Henson [Fri, 12 Oct 2007 00:29:06 +0000 (00:29 +0000)]
Avoid shadow and signed/unsigned warnings.

17 years agoBackport certificate status request TLS extension support to 0.9.8.
Dr. Stephen Henson [Fri, 12 Oct 2007 00:00:36 +0000 (00:00 +0000)]
Backport certificate status request TLS extension support to 0.9.8.

17 years agoBack to -dev.
Ben Laurie [Thu, 11 Oct 2007 18:27:10 +0000 (18:27 +0000)]
Back to -dev.

17 years agoMinor release cockups.
Ben Laurie [Thu, 11 Oct 2007 18:23:16 +0000 (18:23 +0000)]
Minor release cockups.

17 years agoNext version.
Ben Laurie [Thu, 11 Oct 2007 15:04:32 +0000 (15:04 +0000)]
Next version.

17 years agoReady to roll.
Ben Laurie [Thu, 11 Oct 2007 14:58:15 +0000 (14:58 +0000)]
Ready to roll.

17 years agomake update, and more DTLS stuff.
Ben Laurie [Thu, 11 Oct 2007 14:36:59 +0000 (14:36 +0000)]
make update, and more DTLS stuff.

17 years agoRespect cookie length set by app_gen_cookie_cb [from HEAD].
Andy Polyakov [Tue, 9 Oct 2007 19:31:53 +0000 (19:31 +0000)]
Respect cookie length set by app_gen_cookie_cb [from HEAD].

Submitted by: Alex Lam

17 years agoMake DTLS1 record layer MAC calculation RFC compliant. From HEAD with a
Andy Polyakov [Tue, 9 Oct 2007 19:22:01 +0000 (19:22 +0000)]
Make DTLS1 record layer MAC calculation RFC compliant. From HEAD with a
twist: server interoperates with non-compliant pre-0.9.8f client.

17 years agoProhibit RC4 in DTLS [from HEAD].
Andy Polyakov [Fri, 5 Oct 2007 21:05:27 +0000 (21:05 +0000)]
Prohibit RC4 in DTLS [from HEAD].

17 years agoFix from fips branch.
Dr. Stephen Henson [Fri, 5 Oct 2007 16:47:04 +0000 (16:47 +0000)]
Fix from fips branch.

17 years agoSet client_version earlier in DTLS (this is 0.9.8 specific).
Andy Polyakov [Wed, 3 Oct 2007 10:18:06 +0000 (10:18 +0000)]
Set client_version earlier in DTLS (this is 0.9.8 specific).

17 years agoOops! This was erroneously left out commit #16633.
Andy Polyakov [Mon, 1 Oct 2007 06:28:48 +0000 (06:28 +0000)]
Oops! This was erroneously left out commit #16633.

17 years agoExplicit IV update [from HEAD].
Andy Polyakov [Sun, 30 Sep 2007 22:03:07 +0000 (22:03 +0000)]
Explicit IV update [from HEAD].

17 years agoMake ChangeCipherSpec compliant with DTLS RFC4347. From HEAD with a twist:
Andy Polyakov [Sun, 30 Sep 2007 21:20:59 +0000 (21:20 +0000)]
Make ChangeCipherSpec compliant with DTLS RFC4347. From HEAD with a twist:
server interoperates with non-compliant pre-0.9.8f.

17 years agoDTLS RFC4347 says HelloVerifyRequest resets Finished MAC. From HEAD with a
Andy Polyakov [Sun, 30 Sep 2007 19:36:32 +0000 (19:36 +0000)]
DTLS RFC4347 says HelloVerifyRequest resets Finished MAC. From HEAD with a
twist: server allows for non-compliant Finished calculations in order to
enable interop with pre-0.9.8f.

17 years agoDTLS RFC4347 requires client to use rame random field in reply to
Andy Polyakov [Sun, 30 Sep 2007 19:15:46 +0000 (19:15 +0000)]
DTLS RFC4347 requires client to use rame random field in reply to
HelloVerifyRequest [from HEAD].

17 years agoSwitch for RFC-compliant version encoding in DTLS. From HEAD with a twist:
Andy Polyakov [Sun, 30 Sep 2007 18:55:59 +0000 (18:55 +0000)]
Switch for RFC-compliant version encoding in DTLS. From HEAD with a twist:
server accepts even non-compliant encoding in order to enable interop with
pre-0.9.8f clients.