summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2012-02-27Detect symmetric crypto errors in PKCS7_decrypt.Dr. Stephen Henson
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-26Configure: remove adding of -D_XPG4_2 -D__EXTENSIONS__ in sctp builds,Andy Polyakov
see corresponding commit to HEAD for details.
2012-02-26seed.c: Solaris portability fix from HEAD.Andy Polyakov
2012-02-25PR: 2730Dr. Stephen Henson
Submitted by: Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se> VMS fixes: disable SCTP by default.
2012-02-23correct CHANGESOpenSSL_1_0_1-beta3Dr. Stephen Henson
2012-02-23PR: 2711Dr. Stephen Henson
Submitted by: Tomas Mraz <tmraz@redhat.com> Tolerate bad MIME headers in parser.
2012-02-23PR: 2696Dr. Stephen Henson
Submitted by: Rob Austein <sra@hactrn.net> Fix inverted range problem in RFC3779 code. Thanks to Andrew Chi for generating test cases for this bug.
2012-02-23PR: 2727Dr. Stephen Henson
Submitted by: Bruce Stephens <bruce.stephens@isode.com> Use same construct for EXHEADER in srp/Makefile as other makefiles to cope with possibly empty EXHEADER.
2012-02-22ABI compliance fixes.Dr. Stephen Henson
Move new structure fields to end of structures. Import library codes from 1.0.0 and recreate new ones.
2012-02-21update NEWSDr. Stephen Henson
2012-02-17typoDr. Stephen Henson
2012-02-16Fix bug in CVE-2011-4619: check we have really received a client helloDr. Stephen Henson
before rejecting multiple SGC restarts.
2012-02-15Additional compatibility fix for MDC2 signature format.Dr. Stephen Henson
Update RSA EVP_PKEY_METHOD to use the OCTET STRING form of MDC2 signature: this will make all versions of MDC2 signature equivalent.
2012-02-15An incompatibility has always existed between the format used for RSADr. Stephen Henson
signatures and MDC2 using EVP or RSA_sign. This has become more apparent when the dgst utility in OpenSSL 1.0.0 and later switched to using the EVP_DigestSign functions which call RSA_sign. This means that the signature format OpenSSL 1.0.0 and later used with dgst -sign and MDC2 is incompatible with previous versions. Add detection in RSA_verify so either format works. Note: MDC2 is disabled by default in OpenSSL and very rarely used in practice.
2012-02-12PR: 2708Dr. Stephen Henson
Submitted by: Bruce Stephens <bruce.stephens@isode.com> Translate path separators correctly for $fipsdir in util/mk1mf.pl
2012-02-12PR: 2713Dr. Stephen Henson
Submitted by: Tomas Mraz <tmraz@redhat.com> Move libraries that are not needed for dynamic linking to Libs.private in the .pc files
2012-02-11PR: 2717Dr. Stephen Henson
Submitted by: Tim Rice <tim@multitalents.net> Make compilation work on OpenServer 5.0.7
2012-02-11PR: 2716Dr. Stephen Henson
Submitted by: Adam Langley <agl@google.com> Fix handling of exporter return value and use OpenSSL indentation in s_client, s_server.
2012-02-11PR: 2703Dr. Stephen Henson
Submitted by: Alexey Melnikov <alexey.melnikov@isode.com> Fix some memory and resource leaks in CAPI ENGINE.
2012-02-11PR: 2705Dr. Stephen Henson
Submitted by: Alexey Melnikov <alexey.melnikov@isode.com> Only create ex_data indices once for CAPI engine.
2012-02-11Submitted by: Eric Rescorla <ekr@rtfm.com>Dr. Stephen Henson
Further fixes for use_srtp extension.
2012-02-11apps/s_cb.c: recognize latest TLS versions [from HEAD].Andy Polyakov
2012-02-10PR: 2704Dr. Stephen Henson
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> Fix srp extension.
2012-02-10PR: 2710Dr. Stephen Henson
Submitted by: Tomas Mraz <tmraz@redhat.com> Check return codes for load_certs_crls.
2012-02-10PR: 2714Dr. Stephen Henson
Submitted by: Tomas Mraz <tmraz@redhat.com> Make no-srp work.
2012-02-10only cleanup ctx if we need to, save ctx flags when we doDr. Stephen Henson
2012-02-10add fips hmac option and fips blocking overrides to command line utilitiesDr. Stephen Henson
2012-02-10Submitted by: Eric Rescorla <ekr@rtfm.com>Dr. Stephen Henson
Fix encoding of use_srtp extension to be compliant with RFC5764
2012-02-09Modify client hello version when renegotiating to enhance interop withDr. Stephen Henson
some servers.
2012-02-02bn_nist.c: make new optimized code dependent on BN_LLONG [from HEAD].Andy Polyakov
2012-02-02hpux-parisc2-*: engage assembler [from HEAD] and make it link.Andy Polyakov
2012-01-25ghash-x86.pl: engage original MMX version in no-sse2 builds [from HEAD].Andy Polyakov
2012-01-25x86_64-xlate.pl: 1.0.1-specific typo.Andy Polyakov
2012-01-24only include bn.h onceDr. Stephen Henson
2012-01-24only include evp.h onceDr. Stephen Henson
2012-01-24only include string.h onceDr. Stephen Henson
2012-01-22return error if md is NULLDr. Stephen Henson
2012-01-21cryptlib.c: make even non-Windows builds "strtoull-agnostic" [from HEAD].Andy Polyakov
2012-01-21x86_64-xlate.pl: proper solution for RT#2620 [from HEAD].Andy Polyakov
2012-01-19change version to beta3-devDr. Stephen Henson
2012-01-19update files for beta2 releaseOpenSSL_1_0_1-beta2Dr. Stephen Henson
2012-01-19prepare for beta2Dr. Stephen Henson
2012-01-18Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.Dr. Stephen Henson
Thanks to Antonio Martin, Enterprise Secure Access Research and Development, Cisco Systems, Inc. for discovering this bug and preparing a fix. (CVE-2012-0050)
2012-01-18undef some symbols that cause problems with make depend for fips buildsDr. Stephen Henson
2012-01-17fix CHANGES entryDr. Stephen Henson
2012-01-151.0.1-specific OPNESSL vs. OPENSSL typo.Andy Polyakov
PR: 2613 Submitted by: Leena Heino
2012-01-15Fix OPNESSL vs. OPENSSL typos [from HEAD].Andy Polyakov
PR: 2613 Submitted by: Leena Heino
2012-01-15fix warningDr. Stephen Henson
2012-01-12Sanitize usage of <ctype.h> functions. It's important that charactersAndy Polyakov
are passed zero-extended, not sign-extended [from HEAD]. PR: 2682
2012-01-12sparcv9cap.c: omit unused variable.Andy Polyakov
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-23 18:15:12 +0000