summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2012-10-16aix[64]-cc: get MT support right [from HEAD].Andy Polyakov
PR: 2896
2012-10-05Fix EC_KEY initialization race.Bodo Möller
Submitted by: Adam Langley
2012-09-24Fix Valgrind warning.Bodo Möller
Submitted by: Adam Langley
2012-09-24* Configure: make the debug-levitte-linux{elf,noasm} less extreme.Richard Levitte
2012-09-21Minor enhancement to PR#2836 fix. Instead of modifying SSL_get_certificateDr. Stephen Henson
change the current certificate (in s->cert->key) to the one used and then SSL_get_certificate and SSL_get_privatekey will automatically work. Note for 1.0.1 and earlier also includes backport of the function ssl_get_server_send_pkey.
2012-09-21* ssl/t1_enc.c (tls1_change_cipher_state): Stupid bug. Fortunately inRichard Levitte
debugging code that's seldom used.
2012-09-17Fix warning.Bodo Möller
Submitted by: Chromium Authors
2012-09-17Call OCSP Stapling callback after ciphersuite has been chosen, so theBen Laurie
right response is stapled. Also change SSL_get_certificate() so it returns the certificate actually sent. See http://rt.openssl.org/Ticket/Display.html?id=2836.
2012-09-15e_aes.c: uninitialized variable in aes_ccm_init_key [from HEAD].Andy Polyakov
PR: 2874 Submitted by: Tomas Mraz
2012-09-11fix memory leakDr. Stephen Henson
2012-09-01bn_lcl.h: gcc removed support for "h" constraint, which broke inlineAndy Polyakov
assembler [from HEAD].
2012-09-01Don't load GOST ENGINE if it is already loaded.Dr. Stephen Henson
Multiple copies of the ENGINE will cause problems when it is cleaned up as the methods are stored in static structures which will be overwritten and freed up more than once. Set static methods to NULL when the ENGINE is freed so it can be reloaded.
2012-08-22PR: 2786Dr. Stephen Henson
Reported by: Tomas Mraz <tmraz@redhat.com> Treat a NULL value passed to drbg_free_entropy callback as non-op. This can happen if the call to fips_get_entropy fails.
2012-08-17sha1-armv4-large.pl: comply with ABI [from HEAD].Andy Polyakov
2012-08-17aes-mips.pl: harmonize with fips module.Andy Polyakov
PR: 2863 Submitted by: Duane Sand
2012-08-16Enable message names for TLS 1.1, 1.2 with -msg.Bodo Möller
2012-08-13gosthash.c: use memmove in circle_xor8, as input pointers can be equalAndy Polyakov
[from HEAD]. PR: 2858
2012-08-13./Configure: libcrypto.a can grow to many GB on Solaris 10, because of ar bugAndy Polyakov
[from HEAD]. PR: 2838
2012-08-13gcm128.c: fix AAD-only case with AAD length not divisible by 16 [from HEAD].Andy Polyakov
PR: 2859 Submitted by: John Foley
2012-07-05Add evp_cnf in the build.Richard Levitte
2012-07-05update NEWSDr. Stephen Henson
2012-07-05Have the new names start in column 48, that makes it easy to see whenRichard Levitte
the 31 character limit is reached (on a 80 column display, do the math)
2012-07-05Cosmetics: remove duplicate symbol in crypto/symhacks.hRichard Levitte
2012-07-04add missing evp_cnf.c fileDr. Stephen Henson
2012-07-03PR: 2840Dr. Stephen Henson
Reported by: David McCullough <david_mccullough@mcafee.com> Restore fips configuration module from 0.9.8.
2012-07-03Fix memory leak.Dr. Stephen Henson
Always perform nexproto callback argument initialisation in s_server otherwise we use uninitialised data if -nocert is specified.
2012-07-01Unused variable.Ben Laurie
2012-07-01bss_dgram.c: fix typos in Windows code.Andy Polyakov
2012-06-27don't use pseudo digests for default values of keysDr. Stephen Henson
2012-06-27x86_64 assembly pack: make it possible to compile with Perl locatedAndy Polyakov
on path with spaces [from HEAD]. PR: 2835
2012-06-19oops, add -debug_decrypt option which was accidenatally left outDr. Stephen Henson
2012-06-19bss_dgram.c: fix bugs [from HEAD].Andy Polyakov
PR: 2833
2012-06-10revert more "version skew" changes that break FIPS buildsDr. Stephen Henson
2012-06-09Revert "version skew" patches that break FIPS compilation.Dr. Stephen Henson
2012-06-08Reduce version skew.Ben Laurie
2012-05-16s2_clnt.c: compensate for compiler bug [from HEAD].Andy Polyakov
2012-05-16ppccap.c: assume no features under 32-bit AIX kernel [from HEAD].Andy Polyakov
PR: 2810
2012-05-11PR: 2813Dr. Stephen Henson
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com> Fix possible deadlock when decoding public keys.
2012-05-11PR: 2811Dr. Stephen Henson
Reported by: Phil Pennock <openssl-dev@spodhuis.org> Make renegotiation work for TLS 1.2, 1.1 by not using a lower record version client hello workaround if renegotiating.
2012-05-10PR: 2806Dr. Stephen Henson
Submitted by: PK <runningdoglackey@yahoo.com> Correct ciphersuite signature algorithm definitions.
2012-05-10prepare for next versionDr. Stephen Henson
2012-05-10prepare for 1.0.1c releaseOpenSSL_1_0_1cDr. Stephen Henson
2012-05-10update NEWSDr. Stephen Henson
2012-05-10Sanity check record length before skipping explicit IV in TLS 1.2, 1.1 andDr. Stephen Henson
DTLS to fix DoS attack. Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic fuzzing as a service testing platform. (CVE-2012-2333)
2012-05-10Don't forget to install srtp.h as wellRichard Levitte
2012-05-10oops, revert unrelated changeDr. Stephen Henson
2012-05-10Reported by: Solar Designer of OpenwallDr. Stephen Henson
Make sure tkeylen is initialised properly when encrypting CMS messages.
2012-05-04Correct environment variable is OPENSSL_ALLOW_PROXY_CERTS.Richard Levitte
2012-04-27ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performanceAndy Polyakov
of digest algorithms, mosty SHA, on Power7. Mystery of century, why SHA, why slower algorithm are affected more... [from HEAD]. PR: 2794 Submitted by: Ashley Lai
2012-04-26Don't try to use unvalidated composite ciphers in FIPS modeDr. Stephen Henson
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-07 02:56:31 +0000