Andy Polyakov [Tue, 1 Apr 2008 08:40:52 +0000 (08:40 +0000)]
Fix fast reduction on NIST curves [from HEAD].
PR: 1593
Dr. Stephen Henson [Mon, 31 Mar 2008 14:59:13 +0000 (14:59 +0000)]
Update from HEAD.
Dr. Stephen Henson [Mon, 31 Mar 2008 14:28:44 +0000 (14:28 +0000)]
Update year.
Dr. Stephen Henson [Sat, 29 Mar 2008 13:22:49 +0000 (13:22 +0000)]
Fix from HEAD.
Dr. Stephen Henson [Wed, 12 Mar 2008 13:06:17 +0000 (13:06 +0000)]
Update year.
Dr. Stephen Henson [Wed, 12 Mar 2008 00:38:07 +0000 (00:38 +0000)]
Fix from HEAD.
Mark J. Cox [Thu, 28 Feb 2008 13:35:58 +0000 (13:35 +0000)]
Add missing changelog entry for cvs.openssl.org/chngview?cn=16587
Andy Polyakov [Wed, 27 Feb 2008 20:14:46 +0000 (20:14 +0000)]
Make x86_64-mont.pl work with debug Win64 build [from HEAD].
Bodo Möller [Wed, 27 Feb 2008 06:02:00 +0000 (06:02 +0000)]
fix BIGNUM flag handling
Dr. Stephen Henson [Mon, 25 Feb 2008 18:12:30 +0000 (18:12 +0000)]
Update from HEAD.
Bodo Möller [Thu, 21 Feb 2008 07:23:46 +0000 (07:23 +0000)]
Make sure to set indent-tabs-mode so that we get tabs, not spaces.
Andy Polyakov [Wed, 13 Feb 2008 20:01:48 +0000 (20:01 +0000)]
Allow 32-bit perl to generate x86_64 assembler.
Andy Polyakov [Mon, 11 Feb 2008 13:18:40 +0000 (13:18 +0000)]
Source readability fix, which incidentally works around XLC compiler bug
[from HEAD].
PR: 1272
Andy Polyakov [Mon, 11 Feb 2008 13:13:11 +0000 (13:13 +0000)]
Make aes-x86_64 work with debug Win64 build [from HEAD].
Andy Polyakov [Mon, 11 Feb 2008 13:07:11 +0000 (13:07 +0000)]
x86_64-xlate.pl update from HEAD.
Lutz Jänicke [Wed, 30 Jan 2008 08:26:18 +0000 (08:26 +0000)]
Add missing colon in manpage
Submitted by: Richard Hartmann <richih.mailinglist@gmail.com>
Dr. Stephen Henson [Sat, 26 Jan 2008 23:43:29 +0000 (23:43 +0000)]
Add GlobalSign root CA.
Dr. Stephen Henson [Wed, 23 Jan 2008 19:25:41 +0000 (19:25 +0000)]
Update from HEAD.
Dr. Stephen Henson [Fri, 4 Jan 2008 00:40:00 +0000 (00:40 +0000)]
Stop nasm/nasmw test complaining on stderr.
Dr. Stephen Henson [Thu, 3 Jan 2008 22:53:06 +0000 (22:53 +0000)]
Netware support.
Submitted by: Guenter Knauf <eflash@gmx.net>
Andy Polyakov [Thu, 3 Jan 2008 17:15:20 +0000 (17:15 +0000)]
Typo in http://cvs.openssl.org/chngview?cn=16833.
Andy Polyakov [Thu, 3 Jan 2008 17:14:25 +0000 (17:14 +0000)]
NASM has recently changed name of win32 pre-compiled binary [from HEAD].
PR: 1627
Dr. Stephen Henson [Thu, 3 Jan 2008 16:37:21 +0000 (16:37 +0000)]
Update from HEAD
Dr. Stephen Henson [Sun, 23 Dec 2007 13:38:55 +0000 (13:38 +0000)]
Add fips-fingerprint option to dgst.c to use the appropriate FIPS HMAC key.
Dr. Stephen Henson [Sat, 22 Dec 2007 19:31:05 +0000 (19:31 +0000)]
file fipsalgtest.pl was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:10 +0000
Andy Polyakov [Sun, 16 Dec 2007 20:42:42 +0000 (20:42 +0000)]
Typo in darinw64-ppc-cc config line.
PR: 1622
Dr. Stephen Henson [Sun, 16 Dec 2007 16:38:22 +0000 (16:38 +0000)]
Updates from HEAD.
Dr. Stephen Henson [Fri, 14 Dec 2007 19:36:32 +0000 (19:36 +0000)]
Update .cvsignore
Dr. Stephen Henson [Fri, 14 Dec 2007 19:34:05 +0000 (19:34 +0000)]
Don't shadow.
Andy Polyakov [Tue, 4 Dec 2007 20:30:49 +0000 (20:30 +0000)]
gmp engine was non-operational.
Andy Polyakov [Tue, 4 Dec 2007 20:29:57 +0000 (20:29 +0000)]
opensslwrap.sh update from HEAD.
Andy Polyakov [Sun, 2 Dec 2007 21:32:35 +0000 (21:32 +0000)]
Some assembler are allergic to lea reg,BYTE PTR[...].
Submitted by: Guenter Knauf
Dr. Stephen Henson [Fri, 23 Nov 2007 00:18:00 +0000 (00:18 +0000)]
Learn how to spell "Repository"
Dr. Stephen Henson [Fri, 23 Nov 2007 00:11:54 +0000 (00:11 +0000)]
Oops, use the right caRepository OID this time ;-)
Dr. Stephen Henson [Fri, 23 Nov 2007 00:07:48 +0000 (00:07 +0000)]
Add caRepository OID to OpenSSL.
Lutz Jänicke [Mon, 19 Nov 2007 09:18:01 +0000 (09:18 +0000)]
Typos in man pages: dependant->dependent
Submitted by: Tobias Stoeckmann <tobias@bugol.de>
Bodo Möller [Mon, 19 Nov 2007 07:25:28 +0000 (07:25 +0000)]
Should reject signatures that we can't properly verify
and couldn't generate
(as pointed out by Ernst G Giessmann)
Bodo Möller [Mon, 19 Nov 2007 07:23:52 +0000 (07:23 +0000)]
fix typos
Submitted by: Ernst G. Giessmann
Bodo Möller [Fri, 16 Nov 2007 13:00:57 +0000 (13:00 +0000)]
The hash length check wasn't strict enough,
as pointed out by Ernst G Giessmann
Ben Laurie [Thu, 15 Nov 2007 13:33:47 +0000 (13:33 +0000)]
Fix buffer overflow.
Ben Laurie [Thu, 15 Nov 2007 13:32:53 +0000 (13:32 +0000)]
Make depend.
Ben Laurie [Thu, 15 Nov 2007 13:32:16 +0000 (13:32 +0000)]
Fix warnings.
Andy Polyakov [Sun, 11 Nov 2007 21:04:34 +0000 (21:04 +0000)]
Add x86_64-mont.pl [from HEAD].
Andy Polyakov [Sun, 11 Nov 2007 20:43:23 +0000 (20:43 +0000)]
Add framework for bn_mul_mont [from 098-fips].
Andy Polyakov [Sun, 11 Nov 2007 20:10:09 +0000 (20:10 +0000)]
doc/crypto/OPENSSL_ia32cap.pod update [from HEAD].
Andy Polyakov [Sun, 11 Nov 2007 20:06:17 +0000 (20:06 +0000)]
Comply with updated x86cpuid.pl.
Andy Polyakov [Sun, 11 Nov 2007 19:44:42 +0000 (19:44 +0000)]
x86cpuid.pl update [from HEAD].
Andy Polyakov [Sun, 11 Nov 2007 16:39:31 +0000 (16:39 +0000)]
Typos in Configure.
Andy Polyakov [Sun, 11 Nov 2007 16:25:46 +0000 (16:25 +0000)]
rc4-x86_64.pl update [from HEAD].
Andy Polyakov [Sun, 11 Nov 2007 16:25:00 +0000 (16:25 +0000)]
x86_64cpuid.pl update [from HEAD].
Andy Polyakov [Sun, 11 Nov 2007 14:49:56 +0000 (14:49 +0000)]
Add AES x86_64 assembler. Note that it's not latest version from HEAD,
but older one corresponding to x86 module from 098-stable.
Andy Polyakov [Sun, 11 Nov 2007 13:56:47 +0000 (13:56 +0000)]
Add SHA x86_64 assembler [from HEAD].
Andy Polyakov [Sun, 11 Nov 2007 13:34:08 +0000 (13:34 +0000)]
Synchronize message digests in 098-fips with 098.
Andy Polyakov [Sat, 3 Nov 2007 20:09:29 +0000 (20:09 +0000)]
Commit #16325 fixed one thing but broke DH with certain moduli [from HEAD].
Dr. Stephen Henson [Sat, 3 Nov 2007 13:07:39 +0000 (13:07 +0000)]
Allow new session ticket when resuming.
Lutz Jänicke [Thu, 1 Nov 2007 08:25:28 +0000 (08:25 +0000)]
Add OIDs by CMP (RFC 4210) and CRMF (RFC 4211)
Submitted by: Martin Peylo <martinmeis@googlemail.com>
Andy Polyakov [Sun, 21 Oct 2007 14:15:40 +0000 (14:15 +0000)]
Make it possible for older masm to compile sse2 modules.
PR: 1592
Lutz Jänicke [Fri, 19 Oct 2007 08:25:53 +0000 (08:25 +0000)]
Release OpenSSL 0.9.8g with various fixes to issues introduced with 0.9.8f
Dr. Stephen Henson [Thu, 18 Oct 2007 11:39:11 +0000 (11:39 +0000)]
Ensure the ticket expected flag is reset when a stateless resumption is
successful.
Andy Polyakov [Wed, 17 Oct 2007 21:22:58 +0000 (21:22 +0000)]
New unused field crippled ssl_ctx_st in 0.9.8"f".
Andy Polyakov [Wed, 17 Oct 2007 21:17:49 +0000 (21:17 +0000)]
Don't let DTLS ChangeCipherSpec increment handshake sequence number. From
HEAD with a twist: server interoperates with non-compliant client.
PR: 1587
Dr. Stephen Henson [Wed, 17 Oct 2007 17:30:15 +0000 (17:30 +0000)]
Don't try to lookup zero length session.
Dr. Stephen Henson [Wed, 17 Oct 2007 11:27:25 +0000 (11:27 +0000)]
Allow TLS tickets and session ID to both be present if lifetime hint is -1.
This never happens in normal SSL sessions but can be useful if the session
is being used as a "blob" to contain other data.
Lutz Jänicke [Wed, 17 Oct 2007 07:46:49 +0000 (07:46 +0000)]
Work around inconsistent version numbering in 0.9.8f (release).
The version code of the release should have been 09086f (6=f, f=release)
but accidently it was marked "090870" (which would be "0.9.8g-dev").
Therefore we now use "090871" for the development of 0.9.8g. Once
0.9.8g is released, the problem will be "healed". We have never done
beta releases for 0.9.x-stable patch releases, so 090871 would never
be used in practice.
PR: #1589
Andy Polyakov [Sun, 14 Oct 2007 14:07:46 +0000 (14:07 +0000)]
Make ssl compile.
Dr. Stephen Henson [Sun, 14 Oct 2007 12:19:07 +0000 (12:19 +0000)]
Include USE_SOCKETS #define
Andy Polyakov [Sat, 13 Oct 2007 12:38:37 +0000 (12:38 +0000)]
Make it possible to link VC static lib with either /MT or /MD application
[from HEAD].
PR: 1230
Andy Polyakov [Sat, 13 Oct 2007 11:02:17 +0000 (11:02 +0000)]
Copy bn/asm/ia64.S from HEAD.
Dr. Stephen Henson [Fri, 12 Oct 2007 00:29:06 +0000 (00:29 +0000)]
Avoid shadow and signed/unsigned warnings.
Dr. Stephen Henson [Fri, 12 Oct 2007 00:00:36 +0000 (00:00 +0000)]
Backport certificate status request TLS extension support to 0.9.8.
Ben Laurie [Thu, 11 Oct 2007 18:27:10 +0000 (18:27 +0000)]
Back to -dev.
Ben Laurie [Thu, 11 Oct 2007 18:23:16 +0000 (18:23 +0000)]
Minor release cockups.
Ben Laurie [Thu, 11 Oct 2007 15:04:32 +0000 (15:04 +0000)]
Next version.
Ben Laurie [Thu, 11 Oct 2007 14:58:15 +0000 (14:58 +0000)]
Ready to roll.
Ben Laurie [Thu, 11 Oct 2007 14:36:59 +0000 (14:36 +0000)]
make update, and more DTLS stuff.
Andy Polyakov [Tue, 9 Oct 2007 19:31:53 +0000 (19:31 +0000)]
Respect cookie length set by app_gen_cookie_cb [from HEAD].
Submitted by: Alex Lam
Andy Polyakov [Tue, 9 Oct 2007 19:22:01 +0000 (19:22 +0000)]
Make DTLS1 record layer MAC calculation RFC compliant. From HEAD with a
twist: server interoperates with non-compliant pre-0.9.8f client.
Andy Polyakov [Fri, 5 Oct 2007 21:05:27 +0000 (21:05 +0000)]
Prohibit RC4 in DTLS [from HEAD].
Dr. Stephen Henson [Fri, 5 Oct 2007 16:47:04 +0000 (16:47 +0000)]
Fix from fips branch.
Andy Polyakov [Wed, 3 Oct 2007 10:18:06 +0000 (10:18 +0000)]
Set client_version earlier in DTLS (this is 0.9.8 specific).
Andy Polyakov [Mon, 1 Oct 2007 06:28:48 +0000 (06:28 +0000)]
Oops! This was erroneously left out commit #16633.
Andy Polyakov [Sun, 30 Sep 2007 22:03:07 +0000 (22:03 +0000)]
Explicit IV update [from HEAD].
Andy Polyakov [Sun, 30 Sep 2007 21:20:59 +0000 (21:20 +0000)]
Make ChangeCipherSpec compliant with DTLS RFC4347. From HEAD with a twist:
server interoperates with non-compliant pre-0.9.8f.
Andy Polyakov [Sun, 30 Sep 2007 19:36:32 +0000 (19:36 +0000)]
DTLS RFC4347 says HelloVerifyRequest resets Finished MAC. From HEAD with a
twist: server allows for non-compliant Finished calculations in order to
enable interop with pre-0.9.8f.
Andy Polyakov [Sun, 30 Sep 2007 19:15:46 +0000 (19:15 +0000)]
DTLS RFC4347 requires client to use rame random field in reply to
HelloVerifyRequest [from HEAD].
Andy Polyakov [Sun, 30 Sep 2007 18:55:59 +0000 (18:55 +0000)]
Switch for RFC-compliant version encoding in DTLS. From HEAD with a twist:
server accepts even non-compliant encoding in order to enable interop with
pre-0.9.8f clients.
Dr. Stephen Henson [Fri, 28 Sep 2007 16:29:24 +0000 (16:29 +0000)]
Update from HEAD.
Lutz Jänicke [Mon, 24 Sep 2007 11:22:31 +0000 (11:22 +0000)]
Typos
PR: 1578
Submitted by: Charles Longeau <chl@tuxfamily.org>
Lutz Jänicke [Mon, 24 Sep 2007 10:58:15 +0000 (10:58 +0000)]
Finish sentence with a "."
Dr. Stephen Henson [Sun, 23 Sep 2007 15:55:54 +0000 (15:55 +0000)]
Fix from HEAD.
Bodo Möller [Fri, 21 Sep 2007 14:05:08 +0000 (14:05 +0000)]
More changes from HEAD:
- no need to disable SSL 2.0 for SSL_CTRL_SET_TLSEXT_HOSTNAME
now that ssl23_client_hello takes care of that
- fix buffer overrun checks in ssl_add_serverhello_tlsext()
Dr. Stephen Henson [Fri, 21 Sep 2007 13:40:51 +0000 (13:40 +0000)]
Fixes from HEAD.
Lutz Jänicke [Fri, 21 Sep 2007 10:10:47 +0000 (10:10 +0000)]
The use of the PURIFY macro in ssleay_rand_bytes() is sufficient to
resolve the Valgrind issue with random numbers. Undo the changes to
RAND_bytes() and RAND_pseudo_bytes() that are redundant in this
respect.
Update documentation and FAQ accordingly, as the PURIFY macro is
available at least since 0.9.7.
Ben Laurie [Thu, 20 Sep 2007 12:33:24 +0000 (12:33 +0000)]
Use PURIFY instead of PEDANTIC.
Dr. Stephen Henson [Thu, 20 Sep 2007 11:32:09 +0000 (11:32 +0000)]
Clarify wording a little.
Lutz Jänicke [Thu, 20 Sep 2007 07:39:15 +0000 (07:39 +0000)]
Add FAQ entry on how to get rid of Valgrind warnings.
PR: 521
Lutz Jänicke [Thu, 20 Sep 2007 07:24:45 +0000 (07:24 +0000)]
Add passage to manual page actually reflecting the usage of the
contents of "buf" when calling RAND_*bytes().
Dr. Stephen Henson [Wed, 19 Sep 2007 13:29:05 +0000 (13:29 +0000)]
Wrap "keep valgrind happy" change in #ifdef PEDANTIC so any entropy in the
buffer can be normally used.
Ben Laurie [Wed, 19 Sep 2007 13:10:34 +0000 (13:10 +0000)]
Slight bug in dependencies caused occasional unnecessary diffs. Fixed.
Ben Laurie [Wed, 19 Sep 2007 12:17:11 +0000 (12:17 +0000)]
make depend