6287fa5 | Dr. Stephen Henson | 07 January 2009, 10:50:54 UTC | Prepare for 0.9.8j release. | 07 January 2009, 10:50:54 UTC |
a00c3c4 | Dr. Stephen Henson | 07 January 2009, 10:48:23 UTC | Properly check EVP_VerifyFinal() and similar return values (CVE-2008-5077). Submitted by: Ben Laurie, Bodo Moeller, Google Security Team | 07 January 2009, 10:48:23 UTC |
f4677b7 | Lutz Jänicke | 05 January 2009, 14:43:07 UTC | Fix compilation with -no-comp by adding some more #ifndef OPENSSL_NO_COMP Some #include statements were not properly protected. This will go unnoted on most systems as openssl/comp.h tends to be installed as a system header file by default but may become visible when cross compiling. | 05 January 2009, 14:43:07 UTC |
9230890 | Dr. Stephen Henson | 05 January 2009, 12:47:11 UTC | make update. | 05 January 2009, 12:47:11 UTC |
6f32fc5 | Dr. Stephen Henson | 31 December 2008, 12:00:35 UTC | Update ordinals. | 31 December 2008, 12:00:35 UTC |
e607e73 | Andy Polyakov | 30 December 2008, 13:41:08 UTC | Synchronize with bn_nist.c from HEAD. | 30 December 2008, 13:41:08 UTC |
f17c456 | Andy Polyakov | 30 December 2008, 13:30:57 UTC | Backport http://cvs.openssl.org/chngview?cn=17710 from HEAD. PR: 1230 | 30 December 2008, 13:30:57 UTC |
1ff7b64 | Andy Polyakov | 30 December 2008, 13:26:26 UTC | Some seasoned makes fail to build. For reference. I had problem with Irix make which doesn't tolerate empty targets, and fips/Makefile ends up with one when FIPSCANLIB is empty. Build failed as early as 'make links' phase. | 30 December 2008, 13:26:26 UTC |
20900d6 | Dr. Stephen Henson | 29 December 2008, 00:18:23 UTC | Update default compiler options for default tls extension config. Add -Wsign-compare to debug-steve64 | 29 December 2008, 00:18:23 UTC |
4b253d9 | Dr. Stephen Henson | 29 December 2008, 00:17:36 UTC | Avoid signed/unsigned compare warnings. | 29 December 2008, 00:17:36 UTC |
a51c8c6 | Andy Polyakov | 27 December 2008, 13:34:30 UTC | Backport aes-x86_64.pl update from HEAD. | 27 December 2008, 13:34:30 UTC |
c153422 | Ben Laurie | 26 December 2008, 15:27:51 UTC | Enable TLS Extensions by default. | 26 December 2008, 15:27:51 UTC |
7f065cf | Richard Levitte | 25 December 2008, 22:24:21 UTC | In BIO_write(), update the write statistics, not the read statistics. PR: 1803 | 25 December 2008, 22:24:21 UTC |
667fbc0 | Richard Levitte | 25 December 2008, 22:04:45 UTC | Further synchronisation with Unix | 25 December 2008, 22:04:45 UTC |
6ba7bd5 | Richard Levitte | 22 December 2008, 09:30:09 UTC | Synchronise with Unixly build. | 22 December 2008, 09:30:09 UTC |
2cad035 | Dr. Stephen Henson | 20 December 2008, 17:04:09 UTC | Make no-engine work again... | 20 December 2008, 17:04:09 UTC |
2a76c68 | Andy Polyakov | 17 December 2008, 14:14:51 UTC | Backport aes-x86_64.pl update from HEAD and revisit same code in aes-586.pl. PR: 1801 | 17 December 2008, 14:14:51 UTC |
1b00f4b | Ben Laurie | 13 December 2008, 17:00:53 UTC | Missing return values (Coverity ID 204). | 13 December 2008, 17:00:53 UTC |
be62eb6 | Ben Laurie | 13 December 2008, 12:22:47 UTC | Make depend. | 13 December 2008, 12:22:47 UTC |
5f3878f | Dr. Stephen Henson | 10 December 2008, 17:34:11 UTC | Remove tests which rely on old root certs being present. | 10 December 2008, 17:34:11 UTC |
a523e99 | Lutz Jänicke | 10 December 2008, 08:03:48 UTC | apps/speed.c: children should not inherit buffered I/O PR: 1787 Submitted by: Artur Klauser <aklauser@google.com> | 10 December 2008, 08:03:48 UTC |
fe43caa | Dr. Stephen Henson | 08 December 2008, 19:13:57 UTC | Fix from HEAD. | 08 December 2008, 19:13:57 UTC |
792e614 | Dr. Stephen Henson | 07 December 2008, 23:59:13 UTC | Fix from HEAD. | 07 December 2008, 23:59:13 UTC |
ce2b87d | Bodo Möller | 02 December 2008, 23:50:21 UTC | experimental-foo support for mk1mf.pl. | 02 December 2008, 23:50:21 UTC |
f092a07 | Ben Laurie | 02 December 2008, 18:14:44 UTC | Fix warnings. | 02 December 2008, 18:14:44 UTC |
6fa4cd7 | Ben Laurie | 02 December 2008, 13:36:47 UTC | Warn about JPAKE brokenness. | 02 December 2008, 13:36:47 UTC |
505ed2b | Bodo Möller | 02 December 2008, 01:21:06 UTC | Implement Configure option pattern "experimental-foo" (specifically, "experimental-jpake"). | 02 December 2008, 01:21:06 UTC |
cef3e62 | Dr. Stephen Henson | 30 November 2008, 16:07:11 UTC | Don't clobber passed GENERAL_NAME on error. | 30 November 2008, 16:07:11 UTC |
40ea9ff | Geoff Thorpe | 28 November 2008, 22:04:25 UTC | Clarify a 'chil' engine param that is a little unintuitive. Submitted by: Sander Temme <sander@temme.net> | 28 November 2008, 22:04:25 UTC |
a97a6b0 | Dr. Stephen Henson | 24 November 2008, 17:49:21 UTC | Update dependencies. | 24 November 2008, 17:49:21 UTC |
516f76f | Dr. Stephen Henson | 24 November 2008, 17:02:49 UTC | Move new function CRYPTO_strdup to mem_dbg.c because mem.c is excluded in a fips build. | 24 November 2008, 17:02:49 UTC |
5a02ac6 | Dr. Stephen Henson | 24 November 2008, 16:14:15 UTC | Revert OPENSSL_EXPERIMENTAL patch. Change it so JPAKE uses the standard OPENSSL_NO_JPAKE instead. | 24 November 2008, 16:14:15 UTC |
14d4074 | Dr. Stephen Henson | 21 November 2008, 18:18:28 UTC | Update from HEAD. | 21 November 2008, 18:18:28 UTC |
d9f16c4 | Dr. Stephen Henson | 19 November 2008, 16:03:51 UTC | Commit default dependencies. | 19 November 2008, 16:03:51 UTC |
bfc6482 | Geoff Thorpe | 19 November 2008, 14:08:06 UTC | Allow the CHIL engine to load even if dynamic locks aren't registered. Submitted by: Sander Temme | 19 November 2008, 14:08:06 UTC |
5aa0320 | Dr. Stephen Henson | 19 November 2008, 00:40:59 UTC | Remove jpake.h dependencies from default build. | 19 November 2008, 00:40:59 UTC |
2d59f99 | Dr. Stephen Henson | 18 November 2008, 22:23:20 UTC | On WIN32 use /MD for static library in FIPS mode to match value of validated module. | 18 November 2008, 22:23:20 UTC |
c0ce8fe | Dr. Stephen Henson | 15 November 2008, 17:47:31 UTC | Update .cvsignore | 15 November 2008, 17:47:31 UTC |
55eff40 | Dr. Stephen Henson | 15 November 2008, 17:46:41 UTC | Stop warnings. | 15 November 2008, 17:46:41 UTC |
e5a2518 | Bodo Möller | 14 November 2008, 00:18:23 UTC | warnings | 14 November 2008, 00:18:23 UTC |
fe46b0d | Bodo Möller | 14 November 2008, 00:17:43 UTC | make update | 14 November 2008, 00:17:43 UTC |
a581439 | Dr. Stephen Henson | 13 November 2008, 15:08:33 UTC | Fixes for "make depend". Features which need a #define to be set to enable them, like FIPS and JPAKE need to have these set when building dependencies. | 13 November 2008, 15:08:33 UTC |
a43337e | Ben Laurie | 13 November 2008, 11:35:23 UTC | Not an error to include jpake.h when disabled. | 13 November 2008, 11:35:23 UTC |
33c51ec | Ben Laurie | 13 November 2008, 09:50:24 UTC | J-PAKE is not RSA. | 13 November 2008, 09:50:24 UTC |
448da15 | Dr. Stephen Henson | 12 November 2008, 19:05:42 UTC | Oops... | 12 November 2008, 19:05:42 UTC |
a1bb2d6 | Dr. Stephen Henson | 12 November 2008, 18:27:17 UTC | Update mk1mf.pl for new JPAKE options. Update jpaketest.c for WIN32. | 12 November 2008, 18:27:17 UTC |
81dde5e | Dr. Stephen Henson | 12 November 2008, 16:54:35 UTC | Add support for experimental code, not compiled in by default and with OPENSSL_EXPERIMENTAL_FOO around it. Make JPAKE experimental. | 12 November 2008, 16:54:35 UTC |
b84e441 | Dr. Stephen Henson | 11 November 2008, 12:52:14 UTC | Don't attempt to enter FIPS mode in autoconfig module if already in FIPS mode. | 11 November 2008, 12:52:14 UTC |
08e012b | Dr. Stephen Henson | 11 November 2008, 12:42:32 UTC | Update from HEAD. | 11 November 2008, 12:42:32 UTC |
b46acc3 | Dr. Stephen Henson | 11 November 2008, 12:22:17 UTC | Avoid conflict with some version of Windows platform SDK. | 11 November 2008, 12:22:17 UTC |
28af636 | Dr. Stephen Henson | 11 November 2008, 10:17:22 UTC | PR: 1782 Submitted by: Philip Prindeville <philipp_subx@redfish-solutions.com> Approved by: steve@openssl.org | 11 November 2008, 10:17:22 UTC |
2c17b49 | Dr. Stephen Henson | 10 November 2008, 18:55:07 UTC | Make -DKSSL_DEBUG work again. | 10 November 2008, 18:55:07 UTC |
ea725a6 | Dr. Stephen Henson | 10 November 2008, 18:22:50 UTC | Fix warnings. | 10 November 2008, 18:22:50 UTC |
1532493 | Lutz Jänicke | 10 November 2008, 11:26:46 UTC | Clarify (non-)blocking behavior of EGD socket interface used by RAND_egd(). | 10 November 2008, 11:26:46 UTC |
3795297 | Dr. Stephen Henson | 05 November 2008, 18:36:57 UTC | Change old obsolete email address... | 05 November 2008, 18:36:57 UTC |
33fd33d | Dr. Stephen Henson | 05 November 2008, 18:29:49 UTC | Fix from HEAD. | 05 November 2008, 18:29:49 UTC |
4e98f88 | Dr. Stephen Henson | 31 October 2008, 12:18:42 UTC | Oops... | 31 October 2008, 12:18:42 UTC |
582ef3d | Dr. Stephen Henson | 31 October 2008, 12:09:18 UTC | Fix from HEAD. | 31 October 2008, 12:09:18 UTC |
6a93378 | Andy Polyakov | 28 October 2008, 16:30:09 UTC | randfile.c: .rnd can become orphaned on VMS [from HEAD]. Submitted by: David North | 28 October 2008, 16:30:09 UTC |
d1c2778 | Andy Polyakov | 28 October 2008, 15:33:07 UTC | .cvsignore update: ignore all flavors of shared objects [from HEAD]. | 28 October 2008, 15:33:07 UTC |
8d64aba | Andy Polyakov | 28 October 2008, 13:47:38 UTC | Fix crash in BN_rshift [from HEAD]. PR: 1663 | 28 October 2008, 13:47:38 UTC |
9af6802 | Dr. Stephen Henson | 27 October 2008, 12:30:33 UTC | Win32 fixes, add new directory to WIN32 build system. | 27 October 2008, 12:30:33 UTC |
c10f53a | Dr. Stephen Henson | 27 October 2008, 12:04:04 UTC | Fixes from HEAD. | 27 October 2008, 12:04:04 UTC |
2124e86 | Ben Laurie | 26 October 2008, 18:42:05 UTC | Add JPAKE. | 26 October 2008, 18:42:05 UTC |
3b668ee | Ben Laurie | 26 October 2008, 15:37:31 UTC | Minor clarity enhancements. | 26 October 2008, 15:37:31 UTC |
7471431 | Dr. Stephen Henson | 26 October 2008, 11:54:26 UTC | Avoid warning. | 26 October 2008, 11:54:26 UTC |
1542de4 | Dr. Stephen Henson | 22 October 2008, 19:55:25 UTC | Update from HEAD. | 22 October 2008, 19:55:25 UTC |
b6c2bff | Dr. Stephen Henson | 22 October 2008, 18:51:37 UTC | Return correct exit code if there is an error in dgst command. | 22 October 2008, 18:51:37 UTC |
ff09931 | Dr. Stephen Henson | 22 October 2008, 18:48:50 UTC | Sync OIDS with HEAD. | 22 October 2008, 18:48:50 UTC |
155c70b | Lutz Jänicke | 22 October 2008, 06:46:13 UTC | Allow detection of input EOF in quiet mode by adding -no_ign_eof option to s_client application. PR: #1761 Submitted by: David Woodhouse <dwmw2@infradead.org> | 22 October 2008, 06:46:13 UTC |
7c49452 | Lutz Jänicke | 20 October 2008, 12:53:33 UTC | Add missing "-d" to option list of openssl version. Submitted by: Alex Chen <alex_chen@filemaker.com> | 20 October 2008, 12:53:33 UTC |
312539a | Lutz Jänicke | 20 October 2008, 12:40:20 UTC | Armor pq_compat.h header file against multiple inclusion Submitted by: Alex Chen <alex_chen@filemaker.com> | 20 October 2008, 12:40:20 UTC |
cc40dcc | Ben Laurie | 20 October 2008, 09:26:04 UTC | Distinguish public/private data more clearly. | 20 October 2008, 09:26:04 UTC |
5790921 | Ben Laurie | 19 October 2008, 15:34:13 UTC | Ignore executable. | 19 October 2008, 15:34:13 UTC |
df84c11 | Ben Laurie | 19 October 2008, 15:33:32 UTC | Add J-PAKE demo. | 19 October 2008, 15:33:32 UTC |
b76306c | Ben Laurie | 18 October 2008, 14:27:36 UTC | Constification. | 18 October 2008, 14:27:36 UTC |
cdffc71 | Ben Laurie | 14 October 2008, 19:21:30 UTC | Set the comparison function in v3_addr_canonize(). | 14 October 2008, 19:21:30 UTC |
5dffc13 | Ben Laurie | 14 October 2008, 19:09:47 UTC | Add XMPP STARTTLS support. | 14 October 2008, 19:09:47 UTC |
a5873a8 | Ben Laurie | 14 October 2008, 19:05:02 UTC | Fix warnings. | 14 October 2008, 19:05:02 UTC |
4db3e88 | Lutz Jänicke | 13 October 2008, 06:43:06 UTC | Firstly, the bitmap we use for replay protection was ending up with zero length, so a _single_ pair of packets getting switched around would cause one of them to be 'dropped'. Secondly, it wasn't even _dropping_ the offending packets, in the non-blocking case. It was just returning garbage instead. PR: #1752 Submitted by: David Woodhouse <dwmw2@infradead.org> | 13 October 2008, 06:43:06 UTC |
ab073ba | Lutz Jänicke | 10 October 2008, 10:41:32 UTC | When the underlying BIO_write() fails to send a datagram, we leave the offending record queued as 'pending'. The DTLS code doesn't expect this, and we end up hitting an OPENSSL_assert() in do_dtls1_write(). The simple fix is just _not_ to leave it queued. In DTLS, dropping packets is perfectly acceptable -- and even preferable. If we wanted a service with retries and guaranteed delivery, we'd be using TCP. PR: #1703 Submitted by: David Woodhouse <dwmw2@infradead.org> | 10 October 2008, 10:41:32 UTC |
cfe04f6 | Lutz Jänicke | 06 October 2008, 10:35:29 UTC | Fix incorrect command for assember file generation on IA64 Submitted by: Amadeu A. Barbosa Jr <amadeu@tecgraf.puc-rio.br> | 06 October 2008, 10:35:29 UTC |
c0e9f54 | Dr. Stephen Henson | 25 September 2008, 16:38:07 UTC | Check for errors in ASN1 sign and verify routines. | 25 September 2008, 16:38:07 UTC |
7c97aac | Andy Polyakov | 23 September 2008, 17:34:08 UTC | Fix EC_KEY_check_key [from HEAD]. | 23 September 2008, 17:34:08 UTC |
36b8f87 | Dr. Stephen Henson | 23 September 2008, 11:21:17 UTC | Typo. | 23 September 2008, 11:21:17 UTC |
d875413 | Bodo Möller | 22 September 2008, 21:22:51 UTC | Make sure that SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG can't enable disabled ciphersuites. | 22 September 2008, 21:22:51 UTC |
155ad6d | Dr. Stephen Henson | 21 September 2008, 11:40:36 UTC | Fix warnings when more pedantic "debuge-steve32" target is used. | 21 September 2008, 11:40:36 UTC |
138f204 | Dr. Stephen Henson | 21 September 2008, 11:21:43 UTC | Camellia low level API algorithm blocking. | 21 September 2008, 11:21:43 UTC |
7747c67 | Dr. Stephen Henson | 21 September 2008, 10:24:08 UTC | Make camellia work with updated EVP macros. | 21 September 2008, 10:24:08 UTC |
237a6f0 | Dr. Stephen Henson | 18 September 2008, 12:13:54 UTC | Add do_fips.bat WIN32 build script. Update version in Configure. | 18 September 2008, 12:13:54 UTC |
fe99beb | Dr. Stephen Henson | 18 September 2008, 11:56:09 UTC | Build montgomery ASM file on WIN32. | 18 September 2008, 11:56:09 UTC |
736a77f | Dr. Stephen Henson | 18 September 2008, 11:45:30 UTC | Merge FIPS changes to VC-32 build system. | 18 September 2008, 11:45:30 UTC |
9453921 | Dr. Stephen Henson | 18 September 2008, 11:20:08 UTC | Add extra utilities from FIPS branch. | 18 September 2008, 11:20:08 UTC |
c5c4246 | Dr. Stephen Henson | 17 September 2008, 17:21:31 UTC | Add FIPS changes to mk1mf.pl | 17 September 2008, 17:21:31 UTC |
2e6d8a8 | Dr. Stephen Henson | 17 September 2008, 17:12:53 UTC | Update defs. | 17 September 2008, 17:12:53 UTC |
e852835 | Dr. Stephen Henson | 17 September 2008, 17:11:09 UTC | Make update: delete duplicate error code. | 17 September 2008, 17:11:09 UTC |
d245c32 | Dr. Stephen Henson | 17 September 2008, 16:58:01 UTC | Update some util files to recognize new FIPS directories. | 17 September 2008, 16:58:01 UTC |
964d58b | Dr. Stephen Henson | 17 September 2008, 16:27:50 UTC | Add missing files. | 17 September 2008, 16:27:50 UTC |
52702f6 | Dr. Stephen Henson | 17 September 2008, 15:56:42 UTC | Updates to build system from FIPS branch. Make fipscanisterbuild work and build FIPS test programs. | 17 September 2008, 15:56:42 UTC |
05794d9 | Dr. Stephen Henson | 17 September 2008, 15:53:59 UTC | Add RSA update from FIPS branch that got omitted.... | 17 September 2008, 15:53:59 UTC |