Andy Polyakov [Fri, 4 May 2007 13:06:50 +0000 (13:06 +0000)]
Detect UltraSPARC T1 in ./config [from HEAD].
Andy Polyakov [Mon, 30 Apr 2007 09:26:05 +0000 (09:26 +0000)]
Fix s390x detection in ./config.
Bodo Möller [Wed, 25 Apr 2007 07:58:32 +0000 (07:58 +0000)]
Ensure that AES remains the preferred cipher at any given key length.
(This does not really require a special case for Camellia.)
Bodo Möller [Tue, 24 Apr 2007 00:46:48 +0000 (00:46 +0000)]
remove leftover from editing ...
Bodo Möller [Mon, 23 Apr 2007 23:50:26 +0000 (23:50 +0000)]
Add SEED encryption algorithm.
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
Bodo Möller [Thu, 19 Apr 2007 15:14:39 +0000 (15:14 +0000)]
fix error codes
Bodo Möller [Thu, 19 Apr 2007 14:45:27 +0000 (14:45 +0000)]
don't violate the bn_check_top assertion in BN_mod_inverse_no_branch()
Dr. Stephen Henson [Mon, 9 Apr 2007 11:46:36 +0000 (11:46 +0000)]
Update from HEAD.
Dr. Stephen Henson [Sun, 8 Apr 2007 17:51:00 +0000 (17:51 +0000)]
file evp_cnf.c was added on branch OpenSSL_0_9_8-stable on 2008-09-15 22:21:41 +0000
Dr. Stephen Henson [Sun, 8 Apr 2007 17:45:03 +0000 (17:45 +0000)]
Fix OID config module.
Ben Laurie [Wed, 4 Apr 2007 12:50:13 +0000 (12:50 +0000)]
Make sure we detect corruption.
Bodo Möller [Wed, 28 Mar 2007 18:44:01 +0000 (18:44 +0000)]
make BN_FLG_CONSTTIME semantics more fool-proof
Bodo Möller [Wed, 28 Mar 2007 00:14:25 +0000 (00:14 +0000)]
Change to mitigate branch prediction attacks
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
Dr. Stephen Henson [Tue, 27 Mar 2007 00:04:54 +0000 (00:04 +0000)]
file segrenam.pl was added on branch OpenSSL_0_9_8-stable on 2008-09-18 11:20:08 +0000
Andy Polyakov [Sun, 25 Mar 2007 15:34:42 +0000 (15:34 +0000)]
aix updates from HEAD.
Andy Polyakov [Thu, 22 Mar 2007 09:03:19 +0000 (09:03 +0000)]
aix-shared rules from HEAD.
Dr. Stephen Henson [Thu, 22 Mar 2007 00:39:20 +0000 (00:39 +0000)]
file arx.pl was added on branch OpenSSL_0_9_8-stable on 2008-09-16 21:44:57 +0000
Dr. Stephen Henson [Thu, 22 Mar 2007 00:38:35 +0000 (00:38 +0000)]
file rsa_eng.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 14:55:26 +0000
Dr. Stephen Henson [Thu, 22 Mar 2007 00:38:34 +0000 (00:38 +0000)]
file rsa_x931g.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 22:54:29 +0000
Dr. Stephen Henson [Thu, 22 Mar 2007 00:38:28 +0000 (00:38 +0000)]
file rand_eng.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 11:52:33 +0000
Dr. Stephen Henson [Thu, 22 Mar 2007 00:38:10 +0000 (00:38 +0000)]
file dig_eng.c was added on branch OpenSSL_0_9_8-stable on 2008-09-15 22:21:40 +0000
Dr. Stephen Henson [Thu, 22 Mar 2007 00:38:09 +0000 (00:38 +0000)]
file err_def.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 11:26:29 +0000
Dr. Stephen Henson [Thu, 22 Mar 2007 00:38:08 +0000 (00:38 +0000)]
file err_bio.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 11:26:29 +0000
Dr. Stephen Henson [Thu, 22 Mar 2007 00:38:02 +0000 (00:38 +0000)]
file dsa_utl.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 14:55:24 +0000
Dr. Stephen Henson [Thu, 22 Mar 2007 00:37:58 +0000 (00:37 +0000)]
file des_lib.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 11:17:48 +0000
Dr. Stephen Henson [Thu, 22 Mar 2007 00:37:55 +0000 (00:37 +0000)]
file buf_str.c was added on branch OpenSSL_0_9_8-stable on 2008-09-15 19:56:10 +0000
Dr. Stephen Henson [Thu, 22 Mar 2007 00:37:53 +0000 (00:37 +0000)]
file bn_opt.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 11:08:24 +0000
Dr. Stephen Henson [Thu, 22 Mar 2007 00:37:48 +0000 (00:37 +0000)]
file o_init.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 22:48:18 +0000
Dr. Stephen Henson [Thu, 22 Mar 2007 00:37:45 +0000 (00:37 +0000)]
file dyn_lck.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 15:11:50 +0000
Bodo Möller [Wed, 21 Mar 2007 14:33:01 +0000 (14:33 +0000)]
stricter session ID context matching
Bodo Möller [Wed, 21 Mar 2007 14:18:27 +0000 (14:18 +0000)]
oops -- this should have been in 0.9.8e
Bodo Möller [Wed, 21 Mar 2007 10:58:32 +0000 (10:58 +0000)]
clarification regarding libdes files
Andy Polyakov [Tue, 20 Mar 2007 09:06:52 +0000 (09:06 +0000)]
PowerPC config updates from HEAD.
Dr. Stephen Henson [Fri, 9 Mar 2007 14:06:34 +0000 (14:06 +0000)]
Fix kerberos ciphersuite bugs introduced with PR:1336.
Ben Laurie [Thu, 8 Mar 2007 15:52:04 +0000 (15:52 +0000)]
Make local function static.
Dr. Stephen Henson [Mon, 5 Mar 2007 00:06:47 +0000 (00:06 +0000)]
Stop memory leak.
Lutz Jänicke [Fri, 2 Mar 2007 17:54:31 +0000 (17:54 +0000)]
Initialize "buf" to 0 to make valgrind happy :-)
Note: the RAND_bytes() manual page says:
RAND_bytes() puts num cryptographically strong pseudo-random bytes into buf.
It does not talk about using the previous contents of buf so we are working
as documented.
Lutz Jänicke [Fri, 2 Mar 2007 17:44:55 +0000 (17:44 +0000)]
Do not use uninitialized memory to seed the PRNG as it may confuse
code checking tools.
PR: 1499
Dr. Stephen Henson [Tue, 27 Feb 2007 18:42:52 +0000 (18:42 +0000)]
EVP_CIPHER_CTX_key_length() should return the set key length in the
EVP_CIPHER_CTX structure which may not be the same as the underlying
cipher key length for variable length ciphers.
Lutz Jänicke [Tue, 27 Feb 2007 08:26:51 +0000 (08:26 +0000)]
Merge from HEAD
Bodo Möller [Mon, 26 Feb 2007 10:48:56 +0000 (10:48 +0000)]
include complete 0.9.7 history
Bodo Möller [Mon, 26 Feb 2007 10:47:49 +0000 (10:47 +0000)]
use 2007 copyright for generated files
Dr. Stephen Henson [Fri, 23 Feb 2007 12:50:54 +0000 (12:50 +0000)]
Prepare for next version.
Dr. Stephen Henson [Fri, 23 Feb 2007 12:38:11 +0000 (12:38 +0000)]
Add L to version number
Dr. Stephen Henson [Fri, 23 Feb 2007 12:12:28 +0000 (12:12 +0000)]
Prepare for release.
Dr. Stephen Henson [Fri, 23 Feb 2007 01:01:08 +0000 (01:01 +0000)]
Make update.
Lutz Jänicke [Thu, 22 Feb 2007 17:39:50 +0000 (17:39 +0000)]
Fix problem with multi line responses in -starttls by using a buffering
BIO and BIO_gets().
Dr. Stephen Henson [Thu, 22 Feb 2007 02:00:39 +0000 (02:00 +0000)]
Don't use deprecated -mcpu option.
Dr. Stephen Henson [Thu, 22 Feb 2007 01:35:24 +0000 (01:35 +0000)]
Update NEWS file.
Lutz Jänicke [Wed, 21 Feb 2007 18:20:33 +0000 (18:20 +0000)]
Extend SMTP and IMAP protocol handling to perform the required
EHLO or CAPABILITY handshake before sending STARTTLS
Submitted by: Goetz Babin-Ebell <goetz@shomitefo.de>
Lutz Jänicke [Wed, 21 Feb 2007 18:10:19 +0000 (18:10 +0000)]
Add automatic detection for Linux on SuperH
PR: 1152
Submitted by: Mike Frysinger <vapier@gentoo.org>
Lutz Jänicke [Wed, 21 Feb 2007 17:58:51 +0000 (17:58 +0000)]
Add support for m68 linux
PR: 1277
Submitted by: Mike Frysinger <vapier@gentoo.org>
Lutz Jänicke [Wed, 21 Feb 2007 17:44:51 +0000 (17:44 +0000)]
Fix incorrect handling of special characters
PR: 1459
Submitted by: tnitschke@innominate.com
Reviewed by: steve@openssl.org
Dr. Stephen Henson [Wed, 21 Feb 2007 13:48:49 +0000 (13:48 +0000)]
Update from 0.9.7-stable.
Bodo Möller [Mon, 19 Feb 2007 18:38:11 +0000 (18:38 +0000)]
Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that a
ciphersuite string such as "DEFAULT:RSA" cannot enable
authentication-only ciphersuites.
Bodo Möller [Mon, 19 Feb 2007 17:55:07 +0000 (17:55 +0000)]
remove inconsistency between builds with and without Camellia enabled
Bodo Möller [Mon, 19 Feb 2007 14:47:21 +0000 (14:47 +0000)]
fix incorrect strength bit values for certain Kerberos ciphersuites
Submitted by: Victor Duchovni
Dr. Stephen Henson [Sun, 18 Feb 2007 18:18:31 +0000 (18:18 +0000)]
Avoid warning.
Dr. Stephen Henson [Sun, 18 Feb 2007 17:23:20 +0000 (17:23 +0000)]
Fix Win32 warnings.
Bodo Möller [Sat, 17 Feb 2007 06:52:42 +0000 (06:52 +0000)]
Some fixes for ciphersuite string processing:
- add a workaround provided by Victor Duchovni so that 128- and
256-bit variants of otherwise identical ciphersuites are treated
correctly;
- also, correctly skip invalid parts of ciphersuite description strings.
Submitted by: Victor Duchovni, Bodo Moeller
Nils Larsch [Fri, 16 Feb 2007 20:40:07 +0000 (20:40 +0000)]
ensure that the EVP_CIPHER_CTX object is initialized
PR: 1490
Richard Levitte [Fri, 16 Feb 2007 18:12:20 +0000 (18:12 +0000)]
Add STARTTLS support for IMAP and FTP.
Submitted by Kees Cook <kees@outflux.net>
Nils Larsch [Wed, 14 Feb 2007 21:50:26 +0000 (21:50 +0000)]
- use OPENSSL_malloc() etc. in zlib
- move zlib_stateful_ex_idx initialization to COMP_zlib()
PR: 1468
Nils Larsch [Sat, 10 Feb 2007 10:40:24 +0000 (10:40 +0000)]
use user-supplied malloc functions for persistent kssl objects
PR: 1467
Submitted by: Andrei Pelinescu-Onciul <andrei@iptel.org>
Nils Larsch [Sat, 10 Feb 2007 09:48:42 +0000 (09:48 +0000)]
remove unreachable code
Dr. Stephen Henson [Thu, 8 Feb 2007 19:08:21 +0000 (19:08 +0000)]
Add hmac option to dgst from 0.9.7-stable.
Nils Larsch [Wed, 7 Feb 2007 20:36:40 +0000 (20:36 +0000)]
ensure that a ec key is used
PR: 1476
Richard Levitte [Wed, 7 Feb 2007 01:42:51 +0000 (01:42 +0000)]
After objects have been freed, NULLify the pointers so there will be no double
free of those objects
Nils Larsch [Tue, 6 Feb 2007 19:48:36 +0000 (19:48 +0000)]
fix typo
Nils Larsch [Tue, 6 Feb 2007 19:40:45 +0000 (19:40 +0000)]
add note about 56 bit ciphers
PR: 1461
Dr. Stephen Henson [Sat, 3 Feb 2007 17:32:14 +0000 (17:32 +0000)]
Update from fips2 branch.
Dr. Stephen Henson [Sat, 3 Feb 2007 17:19:41 +0000 (17:19 +0000)]
file err_str.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 11:26:29 +0000
Dr. Stephen Henson [Sat, 3 Feb 2007 17:19:39 +0000 (17:19 +0000)]
file fips_err.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 22:48:18 +0000
Dr. Stephen Henson [Sat, 3 Feb 2007 17:19:37 +0000 (17:19 +0000)]
file fips_err.h was added on branch OpenSSL_0_9_8-stable on 2008-09-16 22:48:18 +0000
Nils Larsch [Sat, 3 Feb 2007 10:27:31 +0000 (10:27 +0000)]
fix documentation
PR: 1466
Nils Larsch [Sat, 3 Feb 2007 09:51:59 +0000 (09:51 +0000)]
fix potential memory leaks
PR: 1462
Submitted by: Charles Hardin <chardin@2wire.com>
Dr. Stephen Henson [Sat, 27 Jan 2007 13:19:43 +0000 (13:19 +0000)]
file mksdef.pl was added on branch OpenSSL_0_9_8-stable on 2008-09-18 11:20:08 +0000
Dr. Stephen Henson [Tue, 23 Jan 2007 17:54:22 +0000 (17:54 +0000)]
Update from 0.9.7-stable.
Dr. Stephen Henson [Sun, 21 Jan 2007 16:07:25 +0000 (16:07 +0000)]
Update from HEAD.
Dr. Stephen Henson [Sun, 21 Jan 2007 13:16:49 +0000 (13:16 +0000)]
Update from HEAD.
Dr. Stephen Henson [Thu, 18 Jan 2007 21:25:24 +0000 (21:25 +0000)]
Update from HEAD.
Lutz Jänicke [Fri, 12 Jan 2007 18:47:28 +0000 (18:47 +0000)]
Update do new home page
Andy Polyakov [Thu, 4 Jan 2007 22:55:25 +0000 (22:55 +0000)]
Initialize padlock in shared build.
Andy Polyakov [Fri, 29 Dec 2006 14:55:43 +0000 (14:55 +0000)]
#include <stddef.h> in digest headers [from HEAD].
Nils Larsch [Wed, 27 Dec 2006 09:39:51 +0000 (09:39 +0000)]
fix return value of get_cert_chain()
PR: 1441
Richard Levitte [Tue, 26 Dec 2006 21:23:38 +0000 (21:23 +0000)]
From HEAD
Richard Levitte [Mon, 25 Dec 2006 10:57:20 +0000 (10:57 +0000)]
Synchronise with Unixly build
Andy Polyakov [Fri, 22 Dec 2006 16:04:56 +0000 (16:04 +0000)]
Make sha.h more "portable" [from HEAD].
Nils Larsch [Thu, 21 Dec 2006 21:11:44 +0000 (21:11 +0000)]
fix typos
PR: 1354, 1355, 1398
Nils Larsch [Tue, 19 Dec 2006 19:47:39 +0000 (19:47 +0000)]
remove trailing '\'
PR: 1438
Bodo Möller [Tue, 19 Dec 2006 15:10:46 +0000 (15:10 +0000)]
Fix the BIT STRING encoding of EC points or parameter seeds
(need to prevent the removal of trailing zero bits).
Nils Larsch [Wed, 13 Dec 2006 22:08:20 +0000 (22:08 +0000)]
properly initialize SSL context, check return value
Dr. Stephen Henson [Thu, 7 Dec 2006 13:28:07 +0000 (13:28 +0000)]
Update from 0.9.7-stable branch
Dr. Stephen Henson [Wed, 6 Dec 2006 13:38:59 +0000 (13:38 +0000)]
Update from HEAD.
Nils Larsch [Wed, 6 Dec 2006 09:12:28 +0000 (09:12 +0000)]
fix documentation
PR: 1343
Nils Larsch [Tue, 5 Dec 2006 21:21:10 +0000 (21:21 +0000)]
avoid duplicate entries in add_cert_dir()
PR: 1407
Submitted by: Tomas Mraz <tmraz@redhat.com>
Nils Larsch [Tue, 5 Dec 2006 20:08:03 +0000 (20:08 +0000)]
return 0 if 'noout' is used and no has occurred
PR: 1435
Submitted by: "Haridharan" <haridharan@gmail.com>
Nils Larsch [Mon, 4 Dec 2006 19:10:58 +0000 (19:10 +0000)]
allocate a new attributes entry in X509_REQ_add_extensions()
if it's NULL (in case of a malformed pkcs10 request)
PR: 1347
Submitted by: Remo Inverardi <invi@your.toilet.ch>
Nils Larsch [Mon, 4 Dec 2006 18:48:16 +0000 (18:48 +0000)]
add "Certificate Issuer", "Issuing Distribution Point" and
"Subject Directory Attributes" OIDs
PR: 1433
Andy Polyakov [Sat, 2 Dec 2006 12:00:27 +0000 (12:00 +0000)]
Camellia fixes and improvements from HEAD.