summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2012-03-22Submitted by: Markus Friedl <mfriedl@gmail.com>Dr. Stephen Henson
Fix memory leaks in 'goto err' cases.
2012-03-22update version to 1.0.1a-devDr. Stephen Henson
2012-03-21use client version when deciding whether to send supported signature ↵Dr. Stephen Henson
algorithms extension
2012-03-18Always use SSLv23_{client,server}_method in s_client.c and s_server.c,Dr. Stephen Henson
the old code came from SSLeay days before TLS was even supported.
2012-03-16bsaes-x86_64.pl: optimize key conversion [from HEAD].Andy Polyakov
2012-03-14remove trailing slashDr. Stephen Henson
2012-03-14cipher should only be set to PSK if JPAKE is used.OpenSSL_1_0_1Richard Levitte
2012-03-14update STATUSDr. Stephen Henson
2012-03-14prepare for 1.0.1 releaseDr. Stephen Henson
2012-03-13update NEWSDr. Stephen Henson
2012-03-13ssl/t1_enc.c: pay attention to EVP_CIPH_FLAG_CUSTOM_CIPHER [from HEAD].Andy Polyakov
2012-03-13x86_64-xlate.pl: remove old kludge.Andy Polyakov
PR: 2435,2440
2012-03-12corrected fix to PR#2711 and also cover mime_param_cmpDr. Stephen Henson
2012-03-12Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key andDr. Stephen Henson
continue with symmetric decryption process to avoid leaking timing information to an attacker. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this issue. (CVE-2012-0884)
2012-03-11PR: 2744Dr. Stephen Henson
Submitted by: Dmitry Belyavsky <beldmit@gmail.com> CMS support for ccgost engine
2012-03-09Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>Dr. Stephen Henson
Add more extension names in s_cb.c extension printing code.
2012-03-09PR: 2756Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Fix DTLS timeout handling.
2012-03-08check return value of BIO_write in PKCS7_decryptDr. Stephen Henson
2012-03-06PR: 2755Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reduce MTU after failed transmissions.
2012-03-06PR: 2748Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Fix possible DTLS timer deadlock.
2012-03-03Configure: make no-whirlpool work [from HEAD].Andy Polyakov
2012-03-01On OpenVMS, try sha256 and sha512 et al as well.Richard Levitte
2012-03-01For OpenVMS, use inttypes.h instead of stdint.hRichard Levitte
2012-02-29PR: 2743Dr. Stephen Henson
Reported by: Dmitry Belyavsky <beldmit@gmail.com> Fix memory leak if invalid GOST MAC key given.
2012-02-29PR: 2742Dr. Stephen Henson
Reported by: Dmitry Belyavsky <beldmit@gmail.com> If resigning with detached content in CMS just copy data across.
2012-02-28Fix memory leak cause by race condition when creating public keys.Dr. Stephen Henson
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-28x86cpuid.pl: fix processor capability detection on pre-586 [from HEAD].Andy Polyakov
2012-02-27PR: 2736Dr. Stephen Henson
Reported by: Remi Gacogne <rgacogne-bugs@coredump.fr> Preserve unused bits value in non-canonicalised ASN1_STRING structures by using ASN1_STRING_copy which preseves flags.
2012-02-27PR: 2737Dr. Stephen Henson
Submitted by: Remi Gacogne <rgacogne-bugs@coredump.fr> Fix double free in PKCS12_parse if we run out of memory.
2012-02-27PR: 2739Dr. Stephen Henson
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Fix padding bugs in Heartbeat support.
2012-02-27PR: 2735Dr. Stephen Henson
Make cryptodev digests work. Thanks to Nikos Mavrogiannopoulos for this fix.
2012-02-27free headers after use in error messageDr. Stephen Henson
2012-02-27Detect symmetric crypto errors in PKCS7_decrypt.Dr. Stephen Henson
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-26Configure: remove adding of -D_XPG4_2 -D__EXTENSIONS__ in sctp builds,Andy Polyakov
see corresponding commit to HEAD for details.
2012-02-26seed.c: Solaris portability fix from HEAD.Andy Polyakov
2012-02-25PR: 2730Dr. Stephen Henson
Submitted by: Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se> VMS fixes: disable SCTP by default.
2012-02-23correct CHANGESOpenSSL_1_0_1-beta3Dr. Stephen Henson
2012-02-23PR: 2711Dr. Stephen Henson
Submitted by: Tomas Mraz <tmraz@redhat.com> Tolerate bad MIME headers in parser.
2012-02-23PR: 2696Dr. Stephen Henson
Submitted by: Rob Austein <sra@hactrn.net> Fix inverted range problem in RFC3779 code. Thanks to Andrew Chi for generating test cases for this bug.
2012-02-23PR: 2727Dr. Stephen Henson
Submitted by: Bruce Stephens <bruce.stephens@isode.com> Use same construct for EXHEADER in srp/Makefile as other makefiles to cope with possibly empty EXHEADER.
2012-02-22ABI compliance fixes.Dr. Stephen Henson
Move new structure fields to end of structures. Import library codes from 1.0.0 and recreate new ones.
2012-02-21update NEWSDr. Stephen Henson
2012-02-17typoDr. Stephen Henson
2012-02-16Fix bug in CVE-2011-4619: check we have really received a client helloDr. Stephen Henson
before rejecting multiple SGC restarts.
2012-02-15Additional compatibility fix for MDC2 signature format.Dr. Stephen Henson
Update RSA EVP_PKEY_METHOD to use the OCTET STRING form of MDC2 signature: this will make all versions of MDC2 signature equivalent.
2012-02-15An incompatibility has always existed between the format used for RSADr. Stephen Henson
signatures and MDC2 using EVP or RSA_sign. This has become more apparent when the dgst utility in OpenSSL 1.0.0 and later switched to using the EVP_DigestSign functions which call RSA_sign. This means that the signature format OpenSSL 1.0.0 and later used with dgst -sign and MDC2 is incompatible with previous versions. Add detection in RSA_verify so either format works. Note: MDC2 is disabled by default in OpenSSL and very rarely used in practice.
2012-02-12PR: 2708Dr. Stephen Henson
Submitted by: Bruce Stephens <bruce.stephens@isode.com> Translate path separators correctly for $fipsdir in util/mk1mf.pl
2012-02-12PR: 2713Dr. Stephen Henson
Submitted by: Tomas Mraz <tmraz@redhat.com> Move libraries that are not needed for dynamic linking to Libs.private in the .pc files
2012-02-11PR: 2717Dr. Stephen Henson
Submitted by: Tim Rice <tim@multitalents.net> Make compilation work on OpenServer 5.0.7
2012-02-11PR: 2716Dr. Stephen Henson
Submitted by: Adam Langley <agl@google.com> Fix handling of exporter return value and use OpenSSL indentation in s_client, s_server.
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-12 11:51:21 +0000