openssl.git
8 years agoaes-s390x.pl: make it link.
Andy Polyakov [Tue, 15 Nov 2011 12:20:55 +0000 (12:20 +0000)]
aes-s390x.pl: make it link.

8 years agoConfigure, e_aes.c: allow for XTS assembler implementation [from HEAD].
Andy Polyakov [Tue, 15 Nov 2011 12:19:56 +0000 (12:19 +0000)]
Configure, e_aes.c: allow for XTS assembler implementation [from HEAD].

8 years agoe_aes.c: jumbo update from HEAD.
Andy Polyakov [Mon, 14 Nov 2011 21:17:08 +0000 (21:17 +0000)]
e_aes.c: jumbo update from HEAD.

8 years agoec_cvt.c: performance update from HEAD.
Andy Polyakov [Mon, 14 Nov 2011 21:14:53 +0000 (21:14 +0000)]
ec_cvt.c: performance update from HEAD.

8 years agoc_allc.c: add XTS ciphers [from HEAD].
Andy Polyakov [Mon, 14 Nov 2011 21:13:35 +0000 (21:13 +0000)]
c_allc.c: add XTS ciphers [from HEAD].

8 years agoconfig: platform and poratbility updates from HEAD.
Andy Polyakov [Mon, 14 Nov 2011 21:12:53 +0000 (21:12 +0000)]
config: platform and poratbility updates from HEAD.

8 years agoConfigure, etc.: engage additional assembler modules.
Andy Polyakov [Mon, 14 Nov 2011 21:12:05 +0000 (21:12 +0000)]
Configure, etc.: engage additional assembler modules.

8 years agospeed.c: add ghash benchmark [from HEAD].
Andy Polyakov [Mon, 14 Nov 2011 21:09:30 +0000 (21:09 +0000)]
speed.c: add ghash benchmark [from HEAD].

8 years agox86 assembler pack update from HEAD.
Andy Polyakov [Mon, 14 Nov 2011 21:06:50 +0000 (21:06 +0000)]
x86 assembler pack update from HEAD.

8 years agoBN update from HEAD.
Andy Polyakov [Mon, 14 Nov 2011 21:05:42 +0000 (21:05 +0000)]
BN update from HEAD.

8 years agox86_64 assembler pack update from HEAD.
Andy Polyakov [Mon, 14 Nov 2011 21:01:21 +0000 (21:01 +0000)]
x86_64 assembler pack update from HEAD.

8 years agoARM assembler pack update from HEAD.
Andy Polyakov [Mon, 14 Nov 2011 20:58:01 +0000 (20:58 +0000)]
ARM assembler pack update from HEAD.

8 years agoAlpha assembler pack update from HEAD.
Andy Polyakov [Mon, 14 Nov 2011 20:56:15 +0000 (20:56 +0000)]
Alpha assembler pack update from HEAD.

8 years agoMIPS assembler pack update from HEAD.
Andy Polyakov [Mon, 14 Nov 2011 20:55:24 +0000 (20:55 +0000)]
MIPS assembler pack update from HEAD.

8 years agoPPC assembler pack update from HEAD.
Andy Polyakov [Mon, 14 Nov 2011 20:54:17 +0000 (20:54 +0000)]
PPC assembler pack update from HEAD.

8 years agoPA-RISC assembler pack update from HEAD.
Andy Polyakov [Mon, 14 Nov 2011 20:50:15 +0000 (20:50 +0000)]
PA-RISC assembler pack update from HEAD.

8 years agoSPARCv9 assembler pack update from HEAD.
Andy Polyakov [Mon, 14 Nov 2011 20:48:35 +0000 (20:48 +0000)]
SPARCv9 assembler pack update from HEAD.

8 years agos390x assembler pack update from HEAD.
Andy Polyakov [Mon, 14 Nov 2011 20:47:22 +0000 (20:47 +0000)]
s390x assembler pack update from HEAD.

8 years agoIA64 assembler pack update from HEAD.
Andy Polyakov [Mon, 14 Nov 2011 20:45:57 +0000 (20:45 +0000)]
IA64 assembler pack update from HEAD.

8 years agoperlasm update from HEAD.
Andy Polyakov [Mon, 14 Nov 2011 20:44:20 +0000 (20:44 +0000)]
perlasm update from HEAD.

8 years agoMafiles updates to accomodate assembler update from HEAD.
Andy Polyakov [Mon, 14 Nov 2011 20:42:22 +0000 (20:42 +0000)]
Mafiles updates to accomodate assembler update from HEAD.

8 years agoDH keys have an (until now) unused 'q' parameter. When creating from DSA copy
Dr. Stephen Henson [Mon, 14 Nov 2011 14:16:09 +0000 (14:16 +0000)]
DH keys have an (until now) unused 'q' parameter. When creating from DSA copy
q across and if q present generate DH key in the correct range. (from HEAD)

8 years agoCall OPENSSL_init after we've checked to see if customisation is permissible.
Dr. Stephen Henson [Mon, 14 Nov 2011 14:15:29 +0000 (14:15 +0000)]
Call OPENSSL_init after we've checked to see if customisation is permissible.

8 years agoIgnorance.
Ben Laurie [Mon, 14 Nov 2011 02:42:26 +0000 (02:42 +0000)]
Ignorance.

8 years agoNext Protocol Negotiation.
Ben Laurie [Mon, 14 Nov 2011 02:25:04 +0000 (02:25 +0000)]
Next Protocol Negotiation.

8 years agoAdd Next Protocol Negotiation.
Ben Laurie [Sun, 13 Nov 2011 21:55:42 +0000 (21:55 +0000)]
Add Next Protocol Negotiation.

8 years agomake depend.
Ben Laurie [Sun, 13 Nov 2011 20:23:34 +0000 (20:23 +0000)]
make depend.

8 years agoFix one of the no-tlsext build errors (there are more).
Ben Laurie [Sun, 13 Nov 2011 20:19:21 +0000 (20:19 +0000)]
Fix one of the no-tlsext build errors (there are more).

8 years agoPR: 1794
Dr. Stephen Henson [Sun, 13 Nov 2011 13:13:14 +0000 (13:13 +0000)]
PR: 1794
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

Document unknown_psk_identify alert, remove pre-RFC 5054 string from
ssl_stat.c

8 years agox86cpuid.pl: compensate for imaginary virtual machines [from HEAD].
Andy Polyakov [Tue, 8 Nov 2011 21:28:14 +0000 (21:28 +0000)]
x86cpuid.pl: compensate for imaginary virtual machines [from HEAD].
PR: 2633

8 years agox86cpuid.pl: don't punish "last-year" OSes on "this-year" CPUs.
Andy Polyakov [Sat, 5 Nov 2011 10:44:25 +0000 (10:44 +0000)]
x86cpuid.pl: don't punish "last-year" OSes on "this-year" CPUs.
PR: 2633

8 years agoppc.pl: fix bug in bn_mul_comba4 [from HEAD].
Andy Polyakov [Sat, 5 Nov 2011 10:16:30 +0000 (10:16 +0000)]
ppc.pl: fix bug in bn_mul_comba4 [from HEAD].
PR: 2636
Submitted by: Charles Bryant

8 years agoAdd missing algorithms to disable, and in particular, disable
Richard Levitte [Sun, 30 Oct 2011 11:45:30 +0000 (11:45 +0000)]
Add missing algorithms to disable, and in particular, disable
EC_NISTP_64_GCC_128 by default, as GCC isn't currently supported on
VMS.  Add CMAC to the modules to build, and synchronise with Unix.

8 years agoTeach mkshared.com to have a look for disabled algorithms in opensslconf.h
Richard Levitte [Sun, 30 Oct 2011 11:40:56 +0000 (11:40 +0000)]
Teach mkshared.com to have a look for disabled algorithms in opensslconf.h

8 years agoPR: 2628
Dr. Stephen Henson [Thu, 27 Oct 2011 13:06:43 +0000 (13:06 +0000)]
PR: 2628
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Send alert instead of assertion failure for incorrectly formatted DTLS
fragments.

8 years agoPR: 2628
Dr. Stephen Henson [Thu, 27 Oct 2011 13:01:20 +0000 (13:01 +0000)]
PR: 2628
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix for ECC keys and DTLS.

8 years agoPR: 2632
Dr. Stephen Henson [Wed, 26 Oct 2011 16:43:23 +0000 (16:43 +0000)]
PR: 2632
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Return -1 immediately if not affine coordinates as BN_CTX has not been
set up.

8 years agoUse correct tag for SRP username.
Dr. Stephen Henson [Tue, 25 Oct 2011 12:52:47 +0000 (12:52 +0000)]
Use correct tag for SRP username.

8 years agoUpdate error codes for FIPS.
Dr. Stephen Henson [Fri, 21 Oct 2011 13:04:27 +0000 (13:04 +0000)]
Update error codes for FIPS.
Add support for authentication in FIPS_mode_set().

8 years agoRecognise new ECC option (from HEAD).
Dr. Stephen Henson [Fri, 21 Oct 2011 12:53:07 +0000 (12:53 +0000)]
Recognise new ECC option (from HEAD).

8 years ago"make update"
Bodo Möller [Wed, 19 Oct 2011 15:24:44 +0000 (15:24 +0000)]
"make update"

8 years agoBN_BLINDING multi-threading fix.
Bodo Möller [Wed, 19 Oct 2011 14:58:59 +0000 (14:58 +0000)]
BN_BLINDING multi-threading fix.

Submitted by: Emilia Kasper (Google)

8 years agoFix indentation
Bodo Möller [Wed, 19 Oct 2011 09:24:05 +0000 (09:24 +0000)]
Fix indentation

8 years agoFix warnings.
Bodo Möller [Wed, 19 Oct 2011 08:58:35 +0000 (08:58 +0000)]
Fix warnings.
Also, use the common Configure mechanism for enabling/disabling the 64-bit ECC code.

8 years agoImprove optional 64-bit NIST-P224 implementation, and add NIST-P256 and
Bodo Möller [Tue, 18 Oct 2011 19:43:54 +0000 (19:43 +0000)]
Improve optional 64-bit NIST-P224 implementation, and add NIST-P256 and
NIST-P521. (Now -DEC_NISTP_64_GCC_128 enables all three of these;
-DEC_NISTP224_64_GCC_128 no longer works.)

Submitted by: Google Inc.

8 years agoRecognise no-rsax option.
Dr. Stephen Henson [Sat, 15 Oct 2011 13:22:26 +0000 (13:22 +0000)]
Recognise no-rsax option.

8 years agoe_aes.c: fix bug in aesni_gcm_tls_cipher [in HEAD].
Andy Polyakov [Fri, 14 Oct 2011 09:34:14 +0000 (09:34 +0000)]
e_aes.c: fix bug in aesni_gcm_tls_cipher [in HEAD].

8 years agoaesni-x86[_64].pl: pull from HEAD.
Andy Polyakov [Fri, 14 Oct 2011 09:21:03 +0000 (09:21 +0000)]
aesni-x86[_64].pl: pull from HEAD.

8 years agouse -no_ecdhe when using -no_dhe
Bodo Möller [Thu, 13 Oct 2011 15:07:05 +0000 (15:07 +0000)]
use -no_ecdhe when using -no_dhe

8 years agoMake CTR mode behaviour consistent with other modes:
Bodo Möller [Thu, 13 Oct 2011 13:42:29 +0000 (13:42 +0000)]
Make CTR mode behaviour consistent with other modes:
clear ctx->num in EVP_CipherInit_ex

Submitted by: Emilia Kasper

8 years agoClarify warning
Bodo Möller [Thu, 13 Oct 2011 13:25:03 +0000 (13:25 +0000)]
Clarify warning

8 years agoIn ssl3_clear, preserve s3->init_extra along with s3->rbuf.
Bodo Möller [Thu, 13 Oct 2011 13:05:35 +0000 (13:05 +0000)]
In ssl3_clear, preserve s3->init_extra along with s3->rbuf.

Submitted by: Bob Buckholz <bbuckholz@google.com>

8 years agoFor now disable RSAX ENGINE for FIPS builds: it sets a non-FIPS RSA
Dr. Stephen Henson [Thu, 13 Oct 2011 11:43:44 +0000 (11:43 +0000)]
For now disable RSAX ENGINE for FIPS builds: it sets a non-FIPS RSA
method which stops FIPS mode working.

8 years agoincrease test RSA key size to 1024 bits
Dr. Stephen Henson [Wed, 12 Oct 2011 21:55:42 +0000 (21:55 +0000)]
increase test RSA key size to 1024 bits

8 years agoupdate pkey method initialisation and copy
Dr. Stephen Henson [Tue, 11 Oct 2011 18:16:02 +0000 (18:16 +0000)]
update pkey method initialisation and copy

8 years agoBackport ossl_ssize_t type from HEAD.
Dr. Stephen Henson [Mon, 10 Oct 2011 22:33:50 +0000 (22:33 +0000)]
Backport ossl_ssize_t type from HEAD.

8 years agodef_rsa_finish not used anymore.
Dr. Stephen Henson [Mon, 10 Oct 2011 20:34:17 +0000 (20:34 +0000)]
def_rsa_finish not used anymore.

8 years agofix leak properly this time...
Dr. Stephen Henson [Mon, 10 Oct 2011 14:09:05 +0000 (14:09 +0000)]
fix leak properly this time...

8 years agoadd GCM ciphers in SSL_library_init
Dr. Stephen Henson [Mon, 10 Oct 2011 12:56:11 +0000 (12:56 +0000)]
add GCM ciphers in SSL_library_init

8 years agodisable GCM if not available
Dr. Stephen Henson [Mon, 10 Oct 2011 12:40:13 +0000 (12:40 +0000)]
disable GCM if not available

8 years agoAdd some entries for 1.0.1 in NEWS.
Dr. Stephen Henson [Mon, 10 Oct 2011 00:27:52 +0000 (00:27 +0000)]
Add some entries for 1.0.1 in NEWS.

8 years agosync NEWS with 1.0.0 branch
Dr. Stephen Henson [Mon, 10 Oct 2011 00:23:14 +0000 (00:23 +0000)]
sync NEWS with 1.0.0 branch

8 years agoDon't disable TLS v1.2 by default any more.
Dr. Stephen Henson [Sun, 9 Oct 2011 23:28:25 +0000 (23:28 +0000)]
Don't disable TLS v1.2 by default any more.

8 years agoUpdate ordinals.
Dr. Stephen Henson [Sun, 9 Oct 2011 23:14:20 +0000 (23:14 +0000)]
Update ordinals.

8 years agoBackport PSS signature support from HEAD.
Dr. Stephen Henson [Sun, 9 Oct 2011 23:13:50 +0000 (23:13 +0000)]
Backport PSS signature support from HEAD.

8 years agofix CHANGES entry
Dr. Stephen Henson [Sun, 9 Oct 2011 23:11:09 +0000 (23:11 +0000)]
fix CHANGES entry

8 years agofix memory leaks
Dr. Stephen Henson [Sun, 9 Oct 2011 23:09:22 +0000 (23:09 +0000)]
fix memory leaks

8 years agoFix memory leak. From HEAD.
Dr. Stephen Henson [Sun, 9 Oct 2011 16:04:17 +0000 (16:04 +0000)]
Fix memory leak. From HEAD.

8 years agoUpdate ordinals.
Dr. Stephen Henson [Sun, 9 Oct 2011 15:28:52 +0000 (15:28 +0000)]
Update ordinals.

8 years agoBackport of password based CMS support from HEAD.
Dr. Stephen Henson [Sun, 9 Oct 2011 15:28:02 +0000 (15:28 +0000)]
Backport of password based CMS support from HEAD.

8 years agoPR: 2482
Dr. Stephen Henson [Sun, 9 Oct 2011 00:56:43 +0000 (00:56 +0000)]
PR: 2482
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.

8 years agouse client version when eliminating TLS v1.2 ciphersuites in client hello
Dr. Stephen Henson [Fri, 7 Oct 2011 15:07:36 +0000 (15:07 +0000)]
use client version when eliminating TLS v1.2 ciphersuites in client hello

8 years ago? crypto/aes/aes-armv4.S
Dr. Stephen Henson [Thu, 6 Oct 2011 20:45:08 +0000 (20:45 +0000)]
? crypto/aes/aes-armv4.S
? crypto/aes/aesni-sha1-x86_64.s
? crypto/aes/aesni-x86_64.s
? crypto/aes/foo.pl
? crypto/aes/vpaes-x86_64.s
? crypto/bn/.bn_lib.c.swp
? crypto/bn/armv4-gf2m.S
? crypto/bn/diffs
? crypto/bn/modexp512-x86_64.s
? crypto/bn/x86_64-gf2m.s
? crypto/bn/x86_64-mont5.s
? crypto/ec/bc.txt
? crypto/ec/diffs
? crypto/modes/a.out
? crypto/modes/diffs
? crypto/modes/ghash-armv4.S
? crypto/modes/ghash-x86_64.s
? crypto/modes/op.h
? crypto/modes/tst.c
? crypto/modes/x.h
? crypto/objects/.obj_xref.txt.swp
? crypto/rand/diffs
? crypto/sha/sha-512
? crypto/sha/sha1-armv4-large.S
? crypto/sha/sha256-armv4.S
? crypto/sha/sha512-armv4.S
Index: crypto/objects/obj_xref.c
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/objects/obj_xref.c,v
retrieving revision 1.9
diff -u -r1.9 obj_xref.c
--- crypto/objects/obj_xref.c 5 Nov 2008 18:38:58 -0000 1.9
+++ crypto/objects/obj_xref.c 6 Oct 2011 20:30:21 -0000
@@ -110,8 +110,10 @@
 #endif
  if (rv == NULL)
  return 0;
- *pdig_nid = rv->hash_id;
- *ppkey_nid = rv->pkey_id;
+ if (pdig_nid)
+ *pdig_nid = rv->hash_id;
+ if (ppkey_nid)
+ *ppkey_nid = rv->pkey_id;
  return 1;
  }

@@ -144,7 +146,8 @@
 #endif
  if (rv == NULL)
  return 0;
- *psignid = (*rv)->sign_id;
+ if (psignid)
+ *psignid = (*rv)->sign_id;
  return 1;
  }

Index: crypto/x509/x509type.c
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/x509/x509type.c,v
retrieving revision 1.10
diff -u -r1.10 x509type.c
--- crypto/x509/x509type.c 26 Oct 2007 12:06:33 -0000 1.10
+++ crypto/x509/x509type.c 6 Oct 2011 20:36:04 -0000
@@ -100,20 +100,26 @@
  break;
  }

- i=X509_get_signature_type(x);
- switch (i)
+ i=OBJ_obj2nid(x->sig_alg->algorithm);
+ if (i && OBJ_find_sigid_algs(i, NULL, &i))
  {
- case EVP_PKEY_RSA:
- ret|=EVP_PKS_RSA;
- break;
- case EVP_PKEY_DSA:
- ret|=EVP_PKS_DSA;
- break;
- case EVP_PKEY_EC:
- ret|=EVP_PKS_EC;
- break;
- default:
- break;
+
+ switch (i)
+ {
+ case NID_rsaEncryption:
+ case NID_rsa:
+ ret|=EVP_PKS_RSA;
+ break;
+ case NID_dsa:
+ case NID_dsa_2:
+ ret|=EVP_PKS_DSA;
+ break;
+ case NID_X9_62_id_ecPublicKey:
+ ret|=EVP_PKS_EC;
+ break;
+ default:
+ break;
+ }
  }

  if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look

8 years agofix signed/unsigned warning
Dr. Stephen Henson [Mon, 26 Sep 2011 17:04:41 +0000 (17:04 +0000)]
fix signed/unsigned warning

8 years agomake sure eivlen is initialised
Dr. Stephen Henson [Sat, 24 Sep 2011 23:06:35 +0000 (23:06 +0000)]
make sure eivlen is initialised

8 years agouse keyformat for -x509toreq, don't hard code PEM
Dr. Stephen Henson [Fri, 23 Sep 2011 21:48:50 +0000 (21:48 +0000)]
use keyformat for -x509toreq, don't hard code PEM

8 years agoPR: 2606
Dr. Stephen Henson [Fri, 23 Sep 2011 13:39:35 +0000 (13:39 +0000)]
PR: 2606
Submitted by: Christoph Viethen <cv@kawo2.rwth-aachen.de>
Reviewed by: steve

Handle timezones correctly in UTCTime.

8 years agoPR: 2602
Dr. Stephen Henson [Fri, 23 Sep 2011 13:35:05 +0000 (13:35 +0000)]
PR: 2602
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS bug which prevents manual MTU setting

8 years agoPR: 2347
Dr. Stephen Henson [Fri, 23 Sep 2011 13:12:41 +0000 (13:12 +0000)]
PR: 2347
Submitted by: Tomas Mraz <tmraz@redhat.com>
Reviewed by: steve

Fix usage message.

8 years agomake depend
Dr. Stephen Henson [Fri, 16 Sep 2011 23:15:22 +0000 (23:15 +0000)]
make depend

8 years agoImproved error checking for DRBG calls.
Dr. Stephen Henson [Fri, 16 Sep 2011 23:12:34 +0000 (23:12 +0000)]
Improved error checking for DRBG calls.

New functionality to allow default DRBG type to be set during compilation or during runtime.

8 years agoImproved error checking for DRBG calls.
Dr. Stephen Henson [Fri, 16 Sep 2011 23:08:57 +0000 (23:08 +0000)]
Improved error checking for DRBG calls.

New functionality to allow default DRBG type to be set during compilation
or during runtime.

8 years agoTypo.
Dr. Stephen Henson [Fri, 16 Sep 2011 23:04:07 +0000 (23:04 +0000)]
Typo.

8 years agoFix warnings (from HEAD).
Dr. Stephen Henson [Sat, 10 Sep 2011 21:18:37 +0000 (21:18 +0000)]
Fix warnings (from HEAD).

8 years agoInitialise X509_STORE_CTX properly so CRLs with nextUpdate date in the past
Dr. Stephen Henson [Tue, 6 Sep 2011 15:14:41 +0000 (15:14 +0000)]
Initialise X509_STORE_CTX properly so CRLs with nextUpdate date in the past
produce an error (CVE-2011-3207)

8 years agoconfig: don't add -Wa options with no-asm [from HEAD].
Andy Polyakov [Mon, 5 Sep 2011 16:33:48 +0000 (16:33 +0000)]
config: don't add -Wa options with no-asm [from HEAD].

8 years agooops
Bodo Möller [Mon, 5 Sep 2011 13:43:53 +0000 (13:43 +0000)]
oops

8 years agoFix session handling.
Bodo Möller [Mon, 5 Sep 2011 13:36:55 +0000 (13:36 +0000)]
Fix session handling.

8 years agoFix d2i_SSL_SESSION.
Bodo Möller [Mon, 5 Sep 2011 13:31:07 +0000 (13:31 +0000)]
Fix d2i_SSL_SESSION.

8 years ago(EC)DH memory handling fixes.
Bodo Möller [Mon, 5 Sep 2011 10:25:27 +0000 (10:25 +0000)]
(EC)DH memory handling fixes.

Submitted by: Adam Langley

8 years agoFix memory leak on bad inputs.
Bodo Möller [Mon, 5 Sep 2011 09:57:15 +0000 (09:57 +0000)]
Fix memory leak on bad inputs.

8 years agomake update
Bodo Möller [Mon, 5 Sep 2011 09:44:54 +0000 (09:44 +0000)]
make update

8 years agoFix expected DEFFLAG for default config.
Bodo Möller [Mon, 5 Sep 2011 09:43:56 +0000 (09:43 +0000)]
Fix expected DEFFLAG for default config.

8 years agoFix error codes.
Bodo Möller [Mon, 5 Sep 2011 09:42:55 +0000 (09:42 +0000)]
Fix error codes.

8 years agoDon't use *from++ in tolower as this is implemented as a macro on some
Dr. Stephen Henson [Fri, 2 Sep 2011 11:28:18 +0000 (11:28 +0000)]
Don't use *from++ in tolower as this is implemented as a macro on some
platforms. Thanks to Shayne Murray <Shayne.Murray@Polycom.com> for
reporting this issue.

8 years agoPR: 2576
Dr. Stephen Henson [Fri, 2 Sep 2011 11:20:32 +0000 (11:20 +0000)]
PR: 2576
Submitted by: Doug Goldstein <cardoe@gentoo.org>
Reviewed by: steve

Include header file stdlib.h which is needed on some platforms to get
getenv() declaration.

8 years agoPR: 2340
Dr. Stephen Henson [Thu, 1 Sep 2011 15:01:55 +0000 (15:01 +0000)]
PR: 2340
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar>
Reviewed by: steve

Stop warnings if OPENSSL_NO_DGRAM is defined.

8 years agomake timing attack protection unconditional
Dr. Stephen Henson [Thu, 1 Sep 2011 14:23:22 +0000 (14:23 +0000)]
make timing attack protection unconditional

8 years agoPR: 2573
Dr. Stephen Henson [Thu, 1 Sep 2011 14:02:14 +0000 (14:02 +0000)]
PR: 2573
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS buffering and decryption bug.

8 years agoPR: 2589
Dr. Stephen Henson [Thu, 1 Sep 2011 13:52:38 +0000 (13:52 +0000)]
PR: 2589
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Initialise p pointer.