Dr. Stephen Henson [Thu, 29 May 2008 17:20:42 +0000 (17:20 +0000)]
Disable CryptoAPI engine compilation by default.
Dr. Stephen Henson [Thu, 29 May 2008 17:13:15 +0000 (17:13 +0000)]
Create error codes, compile in source.
Dr. Stephen Henson [Thu, 29 May 2008 16:46:38 +0000 (16:46 +0000)]
CryptoAPI ENGINE... initial version, not compiled in yet.
Bodo Möller [Wed, 28 May 2008 22:30:39 +0000 (22:30 +0000)]
FAQ updates from HEAD
Bodo Möller [Wed, 28 May 2008 22:22:50 +0000 (22:22 +0000)]
fix whitespace
Mark J. Cox [Wed, 28 May 2008 07:47:50 +0000 (07:47 +0000)]
After tagging, bump ready for 0.9.8i development
Mark J. Cox [Wed, 28 May 2008 07:37:14 +0000 (07:37 +0000)]
Prepare for 0.9.8h release
Mark J. Cox [Wed, 28 May 2008 07:29:27 +0000 (07:29 +0000)]
Fix flaw if 'Server Key exchange message' is omitted from a TLS
handshake which could lead to a cilent crash as found using the
Codenomicon TLS test suite (CVE-2008-1672)
Reviewed by: openssl-security@openssl.org
Obtained from: mark@awe.com
Mark J. Cox [Wed, 28 May 2008 07:26:33 +0000 (07:26 +0000)]
Fix double-free in TLS server name extensions which could lead to a remote
crash found by Codenomicon TLS test suite (CVE-2008-0891)
Reviewed by: openssl-security@openssl.org
Obtained from: jorton@redhat.com
Bodo Möller [Tue, 27 May 2008 18:43:30 +0000 (18:43 +0000)]
grammar
Bodo Möller [Tue, 27 May 2008 18:41:02 +0000 (18:41 +0000)]
year 2008
Lutz Jänicke [Mon, 26 May 2008 06:23:55 +0000 (06:23 +0000)]
Add README about removed root CA certificates.
Lutz Jänicke [Mon, 26 May 2008 06:21:10 +0000 (06:21 +0000)]
Reword comment to be much shorter to stop other people from complaining
about "overcommenting"
Lutz Jänicke [Fri, 23 May 2008 10:37:22 +0000 (10:37 +0000)]
Clear error queue when starting SSL_CTX_use_certificate_chain_file
PR: 1417, 1513
Submitted by: Erik de Castro Lopo <mle+openssl@mega-nerd.com>
Lutz Jänicke [Fri, 23 May 2008 08:59:56 +0000 (08:59 +0000)]
Remove all root CA files (beyond test CAs including private key)
from the OpenSSL distribution.
Dr. Stephen Henson [Tue, 20 May 2008 18:48:22 +0000 (18:48 +0000)]
Fix off by one error ;-)
Dr. Stephen Henson [Tue, 20 May 2008 16:13:11 +0000 (16:13 +0000)]
Typo.
Dr. Stephen Henson [Tue, 20 May 2008 12:12:22 +0000 (12:12 +0000)]
Update ordinals.
Dr. Stephen Henson [Tue, 20 May 2008 12:10:28 +0000 (12:10 +0000)]
Oops... PEM_write_bio_ASN1_stream() shouldn't be in 0.9.8 CMS backport.
Dr. Stephen Henson [Tue, 20 May 2008 11:50:13 +0000 (11:50 +0000)]
Remove deleted function definitions from header files
so Windows build picks it up.
Recognize new option in mk1mf.pl
Dr. Stephen Henson [Tue, 20 May 2008 11:23:49 +0000 (11:23 +0000)]
Remove old DES definition of deleted function too.
Lutz Jänicke [Tue, 20 May 2008 08:10:51 +0000 (08:10 +0000)]
Correctly adjust location of comment
Submitted by: Ben Laurie <ben@links.org>
Ben Laurie [Tue, 20 May 2008 03:05:50 +0000 (03:05 +0000)]
Fix warning.
Dr. Stephen Henson [Mon, 19 May 2008 21:26:28 +0000 (21:26 +0000)]
Fix two invalid memory reads in RSA OAEP mode.
Submitted by: Ivan Nestlerode <inestlerode@us.ibm.com>
Reviewed by: steve
Bodo Möller [Mon, 19 May 2008 19:44:33 +0000 (19:44 +0000)]
Disable code that clearly doesn't currently serve any useful purpose.
(Buggy line reported by Matthias Koenig.)
Lutz Jänicke [Mon, 19 May 2008 07:52:17 +0000 (07:52 +0000)]
Document "openssl s_server" -crl_check* options
Submitted by: Daniel Black <daniel.subs@internode.on.net>
Lutz Jänicke [Mon, 19 May 2008 07:43:41 +0000 (07:43 +0000)]
Provide information about "openssl dgst" -hmac option.
Dr. Stephen Henson [Sun, 18 May 2008 13:52:05 +0000 (13:52 +0000)]
Typo.
PR: 1672
Lutz Jänicke [Fri, 16 May 2008 07:14:58 +0000 (07:14 +0000)]
Another occurance of possible valgrind/purify "uninitialized memory"
complaint related to the PRNG: with PURIFY policy don't feed uninitialized
memory into the PRNG.
Submitted by: Bodo Moeller <bmoeller@openssl.org> :-)
Dr. Stephen Henson [Mon, 12 May 2008 16:07:00 +0000 (16:07 +0000)]
Always seed PRNG for new requests no matter what key type. RSA may need
the PRNG for blinding.
PR: 1666
Dr. Stephen Henson [Fri, 9 May 2008 23:17:10 +0000 (23:17 +0000)]
Fix from HEAD.
Bodo Möller [Fri, 2 May 2008 18:47:19 +0000 (18:47 +0000)]
Avoid BN_MONT_CTX incompatibility.
Dr. Stephen Henson [Thu, 1 May 2008 23:31:03 +0000 (23:31 +0000)]
Update from HEAD.
Bodo Möller [Thu, 1 May 2008 23:11:34 +0000 (23:11 +0000)]
Unobtrusive backport of 32-bit x86 Montgomery improvements from 0.9.9-dev:
you need to use "enable-montasm" to see a difference. (Huge speed
advantage, but BN_MONT_CTX is not binary compatible, so this can't be
enabled by default in the 0.9.8 branch.)
The CHANGES entry also covers the 64-bit x86 backport in November 2007
by appro.
Dr. Stephen Henson [Wed, 30 Apr 2008 16:11:33 +0000 (16:11 +0000)]
TLS ticket key setting callback: this allows and application to set
its own TLS ticket keys.
Dr. Stephen Henson [Tue, 29 Apr 2008 17:22:01 +0000 (17:22 +0000)]
Do not permit stateless session resumption is session IDs mismatch.
Dr. Stephen Henson [Tue, 29 Apr 2008 16:41:53 +0000 (16:41 +0000)]
Support ticket renewal in state machine (not used at present).
Dr. Stephen Henson [Tue, 29 Apr 2008 16:38:26 +0000 (16:38 +0000)]
Status strings for ticket states.
Geoff Thorpe [Mon, 28 Apr 2008 21:45:43 +0000 (21:45 +0000)]
Fix auto-discovery of ENGINEs, ported from HEAD.
NB, this fixes a regression relative to 0.9.7 and the documented behaviour,
but it would make sense for distro maintainers and others with an interest
in system behaviour to test with this change. The fix re-enables behaviour
that was broken and thus inherently disabled. In particular, if you
register an ENGINE implementation, and that ENGINE is able to successfully
self-initialise on the host, it will get used automatically (as claimed in
the documentation and as was the case for 0.9.7) - this was not the case
with 0.9.8 until now because of a bug.
PR: 1668
Submitted by: Ian Lister
Reviewed by: Geoff Thorpe
Geoff Thorpe [Sun, 27 Apr 2008 18:52:14 +0000 (18:52 +0000)]
Update from HEAD.
Dr. Stephen Henson [Fri, 25 Apr 2008 16:27:25 +0000 (16:27 +0000)]
Fix from HEAD.
Andy Polyakov [Thu, 24 Apr 2008 10:00:40 +0000 (10:00 +0000)]
Compensate inline assembler in sha512.c for gcc 2.7.2 compiler bug [from HEAD].
PR: 1667
Andy Polyakov [Fri, 18 Apr 2008 15:51:31 +0000 (15:51 +0000)]
bn_nist.c update from HEAD.
PR: 1593
Dr. Stephen Henson [Fri, 18 Apr 2008 11:19:56 +0000 (11:19 +0000)]
Update from HEAD.
Lutz Jänicke [Fri, 18 Apr 2008 07:43:23 +0000 (07:43 +0000)]
Add missing 'extern "C" {' to some _err.h files in crypto/engines/
PR: 1609
Richard Levitte [Fri, 18 Apr 2008 06:07:43 +0000 (06:07 +0000)]
Synchronise with Unix
Lutz Jänicke [Thu, 17 Apr 2008 14:15:29 +0000 (14:15 +0000)]
Fix incorrect return value in apps/apps.c:parse_yesno()
PR: 1607
Submitted by: "Christophe Macé" <mace.christophe@gmail.com>
Lutz Jänicke [Thu, 17 Apr 2008 13:36:16 +0000 (13:36 +0000)]
Correctly handle case of bad arguments supplied to rsautl
PR: 1659
Dr. Stephen Henson [Sat, 12 Apr 2008 10:15:33 +0000 (10:15 +0000)]
Update from HEAD.
Richard Levitte [Sat, 12 Apr 2008 08:40:03 +0000 (08:40 +0000)]
Provide other forms for symbols that are too long or that clash with others
Dr. Stephen Henson [Fri, 11 Apr 2008 23:23:57 +0000 (23:23 +0000)]
Revert change from HEAD.
Dr. Stephen Henson [Fri, 11 Apr 2008 17:34:42 +0000 (17:34 +0000)]
Fix from HEAD.
Richard Levitte [Fri, 11 Apr 2008 01:53:19 +0000 (01:53 +0000)]
Synchronise with Unix build
Dr. Stephen Henson [Wed, 9 Apr 2008 22:12:10 +0000 (22:12 +0000)]
Update from HEAD.
Dr. Stephen Henson [Mon, 7 Apr 2008 11:01:43 +0000 (11:01 +0000)]
Fix from HEAD.
Lutz Jänicke [Mon, 7 Apr 2008 06:35:42 +0000 (06:35 +0000)]
Fix URI of OpenSSL Request Tracker information
PR: 1661
Dr. Stephen Henson [Sun, 6 Apr 2008 16:30:38 +0000 (16:30 +0000)]
Update from HEAD.
Dr. Stephen Henson [Sun, 6 Apr 2008 15:57:44 +0000 (15:57 +0000)]
Fix from HEAD.
Dr. Stephen Henson [Sun, 6 Apr 2008 15:46:17 +0000 (15:46 +0000)]
Update error codes.
Dr. Stephen Henson [Sun, 6 Apr 2008 15:42:29 +0000 (15:42 +0000)]
Fix from HEAD.
Dr. Stephen Henson [Thu, 3 Apr 2008 23:45:16 +0000 (23:45 +0000)]
Update WIN32 build system for CMS and update ordinals.
Dr. Stephen Henson [Thu, 3 Apr 2008 23:31:35 +0000 (23:31 +0000)]
Delete functions not implemented in 0.9.8 from cms.h
Dr. Stephen Henson [Thu, 3 Apr 2008 23:29:41 +0000 (23:29 +0000)]
Update from HEAD.
Dr. Stephen Henson [Thu, 3 Apr 2008 23:21:46 +0000 (23:21 +0000)]
Update WIN32 build system for CMS.
Dr. Stephen Henson [Thu, 3 Apr 2008 23:18:27 +0000 (23:18 +0000)]
Update default CFLAGS and dependencies.
Dr. Stephen Henson [Thu, 3 Apr 2008 23:09:50 +0000 (23:09 +0000)]
Add S/MIME test certs.
Dr. Stephen Henson [Thu, 3 Apr 2008 23:03:56 +0000 (23:03 +0000)]
Backport of CMS code to 0.9.8-stable branch. Disabled by default.
Dr. Stephen Henson [Wed, 2 Apr 2008 14:51:09 +0000 (14:51 +0000)]
Add -DOPENSSL_NO_DEPRECATED to debug-steve* targets. Add headers to make
build work.
Dr. Stephen Henson [Wed, 2 Apr 2008 11:45:34 +0000 (11:45 +0000)]
Update CHANGES.
Dr. Stephen Henson [Wed, 2 Apr 2008 11:37:25 +0000 (11:37 +0000)]
Backport of zlib compression BIO from HEAD. Update mkdef.pl script to handle
ZLIB. Update ordinals.
Dr. Stephen Henson [Wed, 2 Apr 2008 11:21:53 +0000 (11:21 +0000)]
Add CHANGES entry for key wrap.
Dr. Stephen Henson [Wed, 2 Apr 2008 11:18:43 +0000 (11:18 +0000)]
Add RFC3394 compatible key wrap algorithm.
Dr. Stephen Henson [Wed, 2 Apr 2008 11:15:05 +0000 (11:15 +0000)]
Avoid "initializer not constant" errors when compiling in pedantic mode.
Dr. Stephen Henson [Wed, 2 Apr 2008 11:11:51 +0000 (11:11 +0000)]
Backport some useful ASN1 utility functions from HEAD.
Dr. Stephen Henson [Wed, 2 Apr 2008 11:09:16 +0000 (11:09 +0000)]
Add debug-steve{32,64} targets to Configure script.
Dr. Stephen Henson [Wed, 2 Apr 2008 10:45:19 +0000 (10:45 +0000)]
Add new missing CMS OIDs.
Andy Polyakov [Tue, 1 Apr 2008 08:40:52 +0000 (08:40 +0000)]
Fix fast reduction on NIST curves [from HEAD].
PR: 1593
Dr. Stephen Henson [Mon, 31 Mar 2008 14:59:13 +0000 (14:59 +0000)]
Update from HEAD.
Dr. Stephen Henson [Mon, 31 Mar 2008 14:28:44 +0000 (14:28 +0000)]
Update year.
Dr. Stephen Henson [Sat, 29 Mar 2008 13:22:49 +0000 (13:22 +0000)]
Fix from HEAD.
Dr. Stephen Henson [Wed, 12 Mar 2008 13:06:17 +0000 (13:06 +0000)]
Update year.
Dr. Stephen Henson [Wed, 12 Mar 2008 00:38:07 +0000 (00:38 +0000)]
Fix from HEAD.
Mark J. Cox [Thu, 28 Feb 2008 13:35:58 +0000 (13:35 +0000)]
Add missing changelog entry for cvs.openssl.org/chngview?cn=16587
Andy Polyakov [Wed, 27 Feb 2008 20:14:46 +0000 (20:14 +0000)]
Make x86_64-mont.pl work with debug Win64 build [from HEAD].
Bodo Möller [Wed, 27 Feb 2008 06:02:00 +0000 (06:02 +0000)]
fix BIGNUM flag handling
Dr. Stephen Henson [Mon, 25 Feb 2008 18:12:30 +0000 (18:12 +0000)]
Update from HEAD.
Bodo Möller [Thu, 21 Feb 2008 07:23:46 +0000 (07:23 +0000)]
Make sure to set indent-tabs-mode so that we get tabs, not spaces.
Andy Polyakov [Wed, 13 Feb 2008 20:01:48 +0000 (20:01 +0000)]
Allow 32-bit perl to generate x86_64 assembler.
Andy Polyakov [Mon, 11 Feb 2008 13:18:40 +0000 (13:18 +0000)]
Source readability fix, which incidentally works around XLC compiler bug
[from HEAD].
PR: 1272
Andy Polyakov [Mon, 11 Feb 2008 13:13:11 +0000 (13:13 +0000)]
Make aes-x86_64 work with debug Win64 build [from HEAD].
Andy Polyakov [Mon, 11 Feb 2008 13:07:11 +0000 (13:07 +0000)]
x86_64-xlate.pl update from HEAD.
Lutz Jänicke [Wed, 30 Jan 2008 08:26:18 +0000 (08:26 +0000)]
Add missing colon in manpage
Submitted by: Richard Hartmann <richih.mailinglist@gmail.com>
Dr. Stephen Henson [Sat, 26 Jan 2008 23:43:29 +0000 (23:43 +0000)]
Add GlobalSign root CA.
Dr. Stephen Henson [Wed, 23 Jan 2008 19:25:41 +0000 (19:25 +0000)]
Update from HEAD.
Dr. Stephen Henson [Fri, 4 Jan 2008 00:40:00 +0000 (00:40 +0000)]
Stop nasm/nasmw test complaining on stderr.
Dr. Stephen Henson [Thu, 3 Jan 2008 22:53:06 +0000 (22:53 +0000)]
Netware support.
Submitted by: Guenter Knauf <eflash@gmx.net>
Andy Polyakov [Thu, 3 Jan 2008 17:15:20 +0000 (17:15 +0000)]
Typo in http://cvs.openssl.org/chngview?cn=16833.
Andy Polyakov [Thu, 3 Jan 2008 17:14:25 +0000 (17:14 +0000)]
NASM has recently changed name of win32 pre-compiled binary [from HEAD].
PR: 1627
Dr. Stephen Henson [Thu, 3 Jan 2008 16:37:21 +0000 (16:37 +0000)]
Update from HEAD
Dr. Stephen Henson [Sun, 23 Dec 2007 13:38:55 +0000 (13:38 +0000)]
Add fips-fingerprint option to dgst.c to use the appropriate FIPS HMAC key.
projects / openssl.git / log