8ccf402 | Mark J. Cox | 17 March 2004, 11:40:44 UTC | Fix null-pointer assignment in do_change_cipher_spec() revealed by using the Codenomicon TLS Test Tool (CAN-2004-0079) Prepare for 0.9.6m tagging and release Submitted by: Steven Henson Reviewed by: Joe Orton Approved by: Mark Cox | 17 March 2004, 11:40:44 UTC |
8b3b01a | Dr. Stephen Henson | 17 March 2004, 01:05:42 UTC | Win32 fixes. | 17 March 2004, 01:05:42 UTC |
7884f06 | Dr. Stephen Henson | 05 March 2004, 23:40:05 UTC | Memory leak fix. | 05 March 2004, 23:40:05 UTC |
08844f0 | Richard Levitte | 04 March 2004, 07:47:53 UTC | Make our page with pointers to binary distributions visible in the FAQ | 04 March 2004, 07:47:53 UTC |
fcc7c0a | Dr. Stephen Henson | 08 February 2004, 13:31:06 UTC | Fix handling of -offset and -length in asn1parse tool. If -offset exceeds -length of data available exit with an error. Don't read past end of total data available when -offset supplied. If -length exceeds total available truncate it. | 08 February 2004, 13:31:06 UTC |
0faa9d2 | Richard Levitte | 29 January 2004, 09:33:09 UTC | Typo. | 29 January 2004, 09:33:09 UTC |
16c3ccc | Richard Levitte | 29 January 2004, 09:32:48 UTC | Change expt to something else, as in 0.9.7-stable. | 29 January 2004, 09:32:48 UTC |
302b9b0 | Richard Levitte | 29 January 2004, 09:31:51 UTC | send_*_chars() and do_dump() are private functions and should therefore be static. Furthermore, send_mem_chars() is unused, so I #if 0'd it. | 29 January 2004, 09:31:51 UTC |
658cd50 | Richard Levitte | 29 January 2004, 09:30:26 UTC | Include e_os.h the same way as everywhere else. | 29 January 2004, 09:30:26 UTC |
a3940bb | Richard Levitte | 28 January 2004, 23:59:17 UTC | Synchronise my debugging target with 0.9.7-stable. | 28 January 2004, 23:59:17 UTC |
1a4dc04 | Richard Levitte | 22 January 2004, 22:35:56 UTC | [Merged from the main trunk] Adding a slash between the directoryt and the file is a problem with VMS. The C RTL can handle it well if the "directory" is a logical name with no colon, therefore ending being 'logname/file'. However, if the given logical names actually has a colon, or if you use a full VMS-syntax directory, you end up with 'logname:/file' or 'dev:[dir1.dir2]/file', and that isn't handled in any good way. So, on VMS, we need to check if the directory string ends with a separator (one of ':', ']' or '>' (< and > can be used instead [ and ])), and handle that by not inserting anything between the directory spec and the file name. In all other cases, it's assumed the directory spec is a logical name, so we need to place a colon between it and the file. Notified by Kevin Greaney <kevin.greaney@hp.com>. | 22 January 2004, 22:35:56 UTC |
f7191d2 | Dr. Stephen Henson | 21 January 2004, 13:06:05 UTC | Replace expired certificate. | 21 January 2004, 13:06:05 UTC |
e81cea2 | Richard Levitte | 19 January 2004, 09:04:08 UTC | Just include "e_os.h" and trust the -I options to the compiler. | 19 January 2004, 09:04:08 UTC |
2217e86 | Andy Polyakov | 18 January 2004, 16:56:57 UTC | Buffer overrun in e_rc4.c was fixed in Nov 2002 in HEAD and 0_9_7 branches, but never made to 0_9_6... PR: 811 | 18 January 2004, 16:56:57 UTC |
0dbd9cc | Richard Levitte | 01 December 2003, 12:06:17 UTC | CRYPTO_malloc(), CRYPTO_realloc() and variants of them should return NULL if the give size is 0. This is a thought that came up in PR 751. | 01 December 2003, 12:06:17 UTC |
b923cca | Richard Levitte | 29 November 2003, 10:33:26 UTC | Make sure the documentation matches reality. PR: 755 Notified by: Jakub Bogusz <qboosh@pld-linux.org> | 29 November 2003, 10:33:26 UTC |
7a035a4 | Richard Levitte | 29 November 2003, 10:26:41 UTC | We're getting a clash with C++ because it has a type called 'list'. Therefore, change all instances of the symbol 'list' to something else. PR: 758 Submitted by: Frédéric Giudicelli <groups@newpki.org> | 29 November 2003, 10:26:41 UTC |
e57c110 | Richard Levitte | 28 November 2003, 23:03:16 UTC | RSA_size() and DH_size() return the amount of bytes in a key, and we compared it to the amount of bits required... PR: 770 Submitted by: c zhang <czhang2005@hotmail.com> | 28 November 2003, 23:03:16 UTC |
bc4de79 | Richard Levitte | 28 November 2003, 22:39:20 UTC | 1024 is the export key bits limit according to current regulations, not 512. PR: 771 Submitted by: c zhang <czhang2005@hotmail.com> | 28 November 2003, 22:39:20 UTC |
ffa2037 | Richard Levitte | 28 November 2003, 14:32:33 UTC | Let's use text/plain in the example instead of crapy HTML. PR: 777 Submitted by: Michael Shields <mshields@sunblocksystems.com> | 28 November 2003, 14:32:33 UTC |
1a517f0 | Lutz Jänicke | 16 November 2003, 15:57:33 UTC | Fix typo breaking linux-s390x target: "," -> "." . PR: #759 Submitted by: Martin Kraemer <Martin.Kraemer@Fujitsu-Siemens.com> | 16 November 2003, 15:57:33 UTC |
fbe7cd3 | Mark J. Cox | 04 November 2003, 11:37:18 UTC | Bump revision after tagging | 04 November 2003, 11:37:18 UTC |
83f70d6 | Mark J. Cox | 04 November 2003, 11:30:40 UTC | Stop bug triggering large recursion when presented with certain ASN.1 tags (CAN-2003-0851) | 04 November 2003, 11:30:40 UTC |
3db7c09 | Richard Levitte | 03 November 2003, 09:14:48 UTC | In this version of OpenSSL, declarations aren't always strict prototypes, so I'm removing -Wstrict-prototypes and -Wmissing-prototypes from my debugging target in favor of -Wmissing-declarations. That will make other issues more visible than in the middle of a thousand warnings telling me there isn't a proper prototype for this or that function pointer... | 03 November 2003, 09:14:48 UTC |
c0ec5de | Richard Levitte | 02 October 2003, 10:39:31 UTC | Correct a mixup of return values | 02 October 2003, 10:39:31 UTC |
3074ade | Richard Levitte | 01 October 2003, 20:43:30 UTC | Include e_os.h to get a proper definition of memmove on the platforms that do not have it. | 01 October 2003, 20:43:30 UTC |
c4c18c8 | Dr. Stephen Henson | 30 September 2003, 13:09:07 UTC | New dev version. | 30 September 2003, 13:09:07 UTC |
0a0a3ea | Dr. Stephen Henson | 30 September 2003, 12:09:13 UTC | Changes for release | 30 September 2003, 12:09:13 UTC |
3c28bfd | Dr. Stephen Henson | 30 September 2003, 12:05:11 UTC | Fix for ASN1 parsing bugs. | 30 September 2003, 12:05:11 UTC |
4b650cb | Dr. Stephen Henson | 29 September 2003, 17:17:54 UTC | Fix warning on Win32. | 29 September 2003, 17:17:54 UTC |
411a301 | Richard Levitte | 27 September 2003, 22:14:43 UTC | Make MD5 assembler code able to handle messages larger than 2GB on 32-bit systems and above. PR: 664 | 27 September 2003, 22:14:43 UTC |
3cb08a4 | Richard Levitte | 27 September 2003, 19:32:12 UTC | Have ssl3_ssl3_send_client_verify() change the state to SSL3_ST_SW_CERT_VRFY_B. PR: 679 | 27 September 2003, 19:32:12 UTC |
a01fc63 | Richard Levitte | 27 September 2003, 19:28:54 UTC | Have ssl3_send_certificate_request() change the state to SSL3_ST_SW_CERT_REQ_B. PR: 680 | 27 September 2003, 19:28:54 UTC |
a5bb5c9 | Richard Levitte | 27 September 2003, 18:31:43 UTC | Remove extra argument to BIO_printf(). PR: 685 | 27 September 2003, 18:31:43 UTC |
6023462 | Richard Levitte | 27 September 2003, 10:39:21 UTC | Correct small documentation error. PR: 698 | 27 September 2003, 10:39:21 UTC |
94f5c93 | Dr. Stephen Henson | 21 September 2003, 02:11:31 UTC | In order to get the expected self signed error when calling X509_verify_cert() in x509.c the cert should not be added to the trusted store. | 21 September 2003, 02:11:31 UTC |
19ed670 | Geoff Thorpe | 08 September 2003, 16:01:38 UTC | These should be write-locks, not read-locks. | 08 September 2003, 16:01:38 UTC |
3158c87 | Dr. Stephen Henson | 03 September 2003, 23:35:54 UTC | Only accept a client certificate if the server requests one, as required by SSL/TLS specs. | 03 September 2003, 23:35:54 UTC |
0841f28 | Richard Levitte | 14 August 2003, 06:30:32 UTC | Undo the change that left LD_LIBRARY_PATH unchanged. The errors I saw weren't due to that, but to a change on the SCO machines I used for testing, where my $PATH was suddenly incorrect. | 14 August 2003, 06:30:32 UTC |
46a539a | Bodo Möller | 11 August 2003, 18:56:50 UTC | make sure no error is left in the queue that is intentionally ignored | 11 August 2003, 18:56:50 UTC |
58c84c1 | Richard Levitte | 09 August 2003, 09:30:39 UTC | Typo, I had typed { instead of [. | 09 August 2003, 09:30:39 UTC |
e5c1a02 | Richard Levitte | 08 August 2003, 09:36:46 UTC | Some installations (currently, it's been noted on a sco5 system where gcc is used to build with) don't take it too well if LD_LIBRARY_PATH is messed with when linknig programs. I'm going to assume that it's OK to leave it unchanged when linking non-shared. | 08 August 2003, 09:36:46 UTC |
782576d | Richard Levitte | 07 August 2003, 11:57:45 UTC | Correct two problems, found by Martin Kochanski <cardbox@easynet.co.uk>: 1. CreateToolhelp32Snapshot returns INVALID_HANDLE_VALUE, not NULL, on error. 2. On Windows CE, a snapshot handle is closed with CloseToolhelp32Snapshot, not CloseHandle. | 07 August 2003, 11:57:45 UTC |
e9dcc3f | Bodo Möller | 06 August 2003, 10:40:19 UTC | add OpenSSL license fix typo | 06 August 2003, 10:40:19 UTC |
702eb4d | Bodo Möller | 21 July 2003, 15:16:20 UTC | tolerate extra data at end of client hello for SSL 3.0 | 21 July 2003, 15:16:20 UTC |
a7a5318 | Bodo Möller | 21 July 2003, 14:58:32 UTC | typo | 21 July 2003, 14:58:32 UTC |
8848960 | Richard Levitte | 03 July 2003, 21:43:50 UTC | Add a slash so grep doesn't return both ./crypto/bio/bss_mem.o and ./crypto/mem.o when we're looking for mem.o. | 03 July 2003, 21:43:50 UTC |
f6ab5d5 | Richard Levitte | 19 June 2003, 19:04:17 UTC | Document the last change. PR: 587 | 19 June 2003, 19:04:17 UTC |
a974518 | Richard Levitte | 19 June 2003, 18:55:53 UTC | We set the export flag for 512 *bit* keys, not 512 *byte* ones. PR: 587 | 19 June 2003, 18:55:53 UTC |
d84aa43 | Richard Levitte | 12 June 2003, 06:56:45 UTC | Incorrect patching removed. | 12 June 2003, 06:56:45 UTC |
647cfb9 | Richard Levitte | 12 June 2003, 01:04:09 UTC | Typo. PR: 584 | 12 June 2003, 01:04:09 UTC |
9f0d2f6 | Richard Levitte | 12 June 2003, 00:56:30 UTC | Make sure ssize_t is defined on SunOS4. PR: 585 | 12 June 2003, 00:56:30 UTC |
29e3010 | Richard Levitte | 12 June 2003, 00:51:57 UTC | Make sure DSO-dlfcn works properly on SunOS4. PR: 585 | 12 June 2003, 00:51:57 UTC |
b9c2b03 | Richard Levitte | 11 June 2003, 18:46:22 UTC | Remove debugging output that wasn't supposed to be committed in the first place. | 11 June 2003, 18:46:22 UTC |
c2edb62 | Richard Levitte | 11 June 2003, 18:43:47 UTC | Make sure to NUL-terminate the string on end-of-file (and error) PR: 643 | 11 June 2003, 18:43:47 UTC |
0a02757 | Richard Levitte | 22 May 2003, 09:35:46 UTC | Correct a typo (basically, one can't just replace 'memset' with 'OPENSSL_cleanse', there's an argument to remove as well). | 22 May 2003, 09:35:46 UTC |
fd37856 | Richard Levitte | 21 May 2003, 14:44:59 UTC | String not properly NUL-terminated when no X509_NAME is given. PR: 618 | 21 May 2003, 14:44:59 UTC |
46956f0 | Richard Levitte | 21 May 2003, 14:41:02 UTC | Don't forget that strlen() doesn't include the ending NUL. PR: 618 | 21 May 2003, 14:41:02 UTC |
528c1ad | Richard Levitte | 21 May 2003, 14:35:04 UTC | Cleanse the MD context properly when done adding or getting random data. PR: 619 | 21 May 2003, 14:35:04 UTC |
3b9e8c7 | Richard Levitte | 21 May 2003, 14:29:22 UTC | Fix sign bugs. PR: 621 | 21 May 2003, 14:29:22 UTC |
3ad23eb | Bodo Möller | 22 April 2003, 12:45:47 UTC | fix typo Submitted by: Nils Larsch | 22 April 2003, 12:45:47 UTC |
adc8858 | Richard Levitte | 17 April 2003, 21:49:47 UTC | Typo. PR: 562 | 17 April 2003, 21:49:47 UTC |
19b1144 | Richard Levitte | 16 April 2003, 06:25:25 UTC | Memory leak fix: RSA_blinding_on() didn't free Ai under certain circumstances. Memory leak fix: RSA_blinding_on() would leave a dangling pointer in rsa->blinding under certain circumstances. Double definition fix: RSA_FLAG_NO_BLINDING was defined twice. | 16 April 2003, 06:25:25 UTC |
51c21d0 | Richard Levitte | 15 April 2003, 13:01:43 UTC | Memory leak fix: local blinding structure not freed in rsa_eay_private_decrypt() | 15 April 2003, 13:01:43 UTC |
0698f54 | Richard Levitte | 10 April 2003, 20:41:02 UTC | The release is tagged, time to hope we won't have to work on 0.9.6k. | 10 April 2003, 20:41:02 UTC |
e352a9e | Richard Levitte | 10 April 2003, 20:30:41 UTC | I forgot to change the status bits to release. This file will be retagged. | 10 April 2003, 20:30:41 UTC |
51c4754 | Richard Levitte | 10 April 2003, 20:21:28 UTC | Time to release 0.9.6j. The ticket will be OpenSSL_0_9_6j. | 10 April 2003, 20:21:28 UTC |
335340a | Richard Levitte | 10 April 2003, 20:11:28 UTC | make update | 10 April 2003, 20:11:28 UTC |
d373ca9 | Richard Levitte | 10 April 2003, 20:07:51 UTC | Add the change from HEAD that allows us to parse multi-line comments. | 10 April 2003, 20:07:51 UTC |
1db625b | Richard Levitte | 10 April 2003, 19:33:23 UTC | new NEWS | 10 April 2003, 19:33:23 UTC |
86d79b3 | Richard Levitte | 09 April 2003, 06:49:01 UTC | Make the same changes for svr5 shared library building as in 0.9.7-stable. | 09 April 2003, 06:49:01 UTC |
e45b2a6 | Richard Levitte | 09 April 2003, 06:48:19 UTC | Some ld implementations use LD_LIBRARY_PATH to find libraries, and what's worse, they seem to use LD_LIBRARY_PATH as the first directories to look into. This is documented in the manual page for ld on OpenUNIX 8. Therefore, we need to hack LD_LIBRARY_PATH to include the directory where the newly built libcrypto and libssl are. | 09 April 2003, 06:48:19 UTC |
5d4bf96 | Richard Levitte | 08 April 2003, 11:07:09 UTC | Include rand.h, so RAND_status() and friends get properly declared. | 08 April 2003, 11:07:09 UTC |
223c80e | Bodo Möller | 02 April 2003, 09:50:17 UTC | make RSA blinding thread-safe | 02 April 2003, 09:50:17 UTC |
60511b8 | Richard Levitte | 27 March 2003, 12:25:12 UTC | Fix the problem with missing definition of THREADS on VMS. Also produce a better configuration header file. PR: 548 | 27 March 2003, 12:25:12 UTC |
20fda79 | Bodo Möller | 20 March 2003, 17:24:54 UTC | PR:make sure RSA blinding works when the PRNG is not properly seeded; enable it automatically only for the built-in engine | 20 March 2003, 17:24:54 UTC |
66e1081 | Ben Laurie | 20 March 2003, 16:00:18 UTC | Blinding fix. | 20 March 2003, 16:00:18 UTC |
ef42d6a | Bodo Möller | 19 March 2003, 19:20:30 UTC | countermeasure against new Klima-Pokorny-Rosa atack | 19 March 2003, 19:20:30 UTC |
00223b9 | Bodo Möller | 18 March 2003, 12:50:07 UTC | fix formatting | 18 March 2003, 12:50:07 UTC |
3d1120f | Bodo Möller | 24 February 2003, 17:46:46 UTC | year 2003 | 24 February 2003, 17:46:46 UTC |
fc68e4a | Richard Levitte | 19 February 2003, 12:56:04 UTC | Release of 0.9.6i is tagged, let's pretend to move on to 0.9.6j. | 19 February 2003, 12:56:04 UTC |
84c1d09 | Richard Levitte | 19 February 2003, 12:34:21 UTC | Time to release 0.9.6i. The tag will be OpenSSL_0_9_6i. | 19 February 2003, 12:34:21 UTC |
39c06a8 | Richard Levitte | 19 February 2003, 12:04:07 UTC | Security fix: Vaudenay timing attack on CBC. An advisory will be posted to the web. Expect a release within the hour. | 19 February 2003, 12:04:07 UTC |
c0a48f4 | Richard Levitte | 19 February 2003, 11:54:53 UTC | Make sure the memory allocation routines check for negative sizes | 19 February 2003, 11:54:53 UTC |
1254766 | Richard Levitte | 14 February 2003, 05:20:32 UTC | Change no_rmd160 to no_ripemd for consistency. PR: 500 | 14 February 2003, 05:20:32 UTC |
b73de73 | Bodo Möller | 12 February 2003, 14:17:33 UTC | comments | 12 February 2003, 14:17:33 UTC |
a71f9ee | Bodo Möller | 05 February 2003, 16:52:37 UTC | typo in WIN16 section Submitted by: Toni Andjelkovic <toni@soth.at> | 05 February 2003, 16:52:37 UTC |
d76434f | Bodo Möller | 04 February 2003, 12:57:51 UTC | typo | 04 February 2003, 12:57:51 UTC |
ac3b89d | Bodo Möller | 04 February 2003, 12:26:30 UTC | Update PRNG entry: - OpenSSL version differences - Sun /dev/urandom patch information | 04 February 2003, 12:26:30 UTC |
e591994 | Richard Levitte | 14 January 2003, 13:56:44 UTC | Correct an example that has a few typos. PR: 458 | 14 January 2003, 13:56:44 UTC |
90f6da7 | Bodo Möller | 13 January 2003, 13:23:08 UTC | fix release date (CHANGES as released with OpenSSL 0.9.6h on 2002-12-05 said '[21 Dec 2002]') | 13 January 2003, 13:23:08 UTC |
ad48759 | Bodo Möller | 13 January 2003, 13:16:49 UTC | typo | 13 January 2003, 13:16:49 UTC |
b2359d5 | Richard Levitte | 28 December 2002, 01:47:11 UTC | A function returning int should really return an int, even if it exits first... | 28 December 2002, 01:47:11 UTC |
84d964a | Richard Levitte | 28 December 2002, 01:46:21 UTC | Make sure OPENSSL_cleanse is declared properly. | 28 December 2002, 01:46:21 UTC |
6c8aa1e | Richard Levitte | 21 December 2002, 23:54:23 UTC | Merge from HEAD... | 21 December 2002, 23:54:23 UTC |
6d62e85 | Richard Levitte | 12 December 2002, 18:43:29 UTC | Skip DH-specific tests when no-dh has been configured. PR: 353 | 12 December 2002, 18:43:29 UTC |
a01461d | Richard Levitte | 11 December 2002, 08:56:38 UTC | In CRYPTO_lock(), check that the application cares about locking (provided callbacks) before attempting to lock. | 11 December 2002, 08:56:38 UTC |
9576c15 | Richard Levitte | 11 December 2002, 08:33:34 UTC | sk_*_push() returns the number of items on the stack, not the index of the pushed item. The index is the number of items - 1. And if a NULL item was found, actually use it. Finally, provide a little bit of safety in CRYPTO_lock() by asserting the a requested dynamic lock really must exist, instead of just being silent about it | 11 December 2002, 08:33:34 UTC |
56f940e | Richard Levitte | 10 December 2002, 08:28:16 UTC | A memset() too many got converted into a OPENSSL_cleanse(). PR: 393 | 10 December 2002, 08:28:16 UTC |
aa61140 | Lutz Jänicke | 09 December 2002, 08:49:03 UTC | Fix wrong URI. Submitted by: assar@kth.se Reviewed by: PR: 390 | 09 December 2002, 08:49:03 UTC |