Age | Commit message (Collapse) | Author | |
---|---|---|---|
2005-06-02 | Typo. | Dr. Stephen Henson | |
2005-06-02 | Update CHANGES. | Dr. Stephen Henson | |
2005-05-29 | Change the source and output paths for 'chil' and '4758cca' engines so that | Geoff Thorpe | |
dynamic loading is consistent with respect to engine ids. | |||
2005-05-26 | make sure DSA signing exponentiations really are constant-time | Bodo Möller | |
2005-05-18 | Version changes where needed. | Richard Levitte | |
2005-05-16 | Change wording for BN_mod_exp_mont_consttime() entry | Bodo Möller | |
2005-05-16 | Implement fixed-window exponentiation to mitigate hyper-threading | Bodo Möller | |
timing attacks. BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for RSA/DSA/DH private key computations unless RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/ DH_FLAG_NO_EXP_CONSTTIME is set. Submitted by: Matthew D Wood Reviewed by: Bodo Moeller | |||
2005-05-15 | Make -CSP option work again in pkcs12 utility by checking for | Dr. Stephen Henson | |
attribute in EVP_PKEY structure. | |||
2005-05-11 | Don't use the SSL 2.0 Client Hello format if SSL 2.0 is disabled | Bodo Möller | |
with the SSL_OP_NO_SSLv2 option. | |||
2005-05-10 | give EC_GROUP_new_by_nid a more meanigful name: | Nils Larsch | |
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name | |||
2005-05-09 | give EC_GROUP_*_nid functions a more meaningful name | Bodo Möller | |
EC_GROUP_get_nid -> EC_GROUP_get_curve_name EC_GROUP_set_nid -> EC_GROUP_set_curve_name | |||
2005-05-01 | Support for smime-type MIME parameter. | Dr. Stephen Henson | |
2005-04-26 | Port BN_MONT_CTX_set_locked() from stable branch. | Dr. Stephen Henson | |
The function rsa_eay_mont_helper() has been removed because it is no longer needed after this change. | |||
2005-04-26 | some updates for the blinding code; summary: | Nils Larsch | |
- possibility of re-creation of the blinding parameters after a fixed number of uses (suggested by Bodo) - calculatition of the rsa::e in case it's absent and p and q are present (see bug report #785) - improve the performance when if one rsa structure is shared by more than a thread (see bug report #555) - fix the problem described in bug report #827 - hide the definition ot the BN_BLINDING structure in bn_blind.c | |||
2005-04-26 | Add DTLS support. | Ben Laurie | |
2005-04-25 | first step to melt down ChangeLog.0_9_7-stable_not-in-head :-) | Bodo Möller | |
2005-04-22 | - use BN_set_negative and BN_is_negative instead of BN_set_sign | Nils Larsch | |
and BN_get_sign - implement BN_set_negative as a function - always use "#define BN_is_zero(a) ((a)->top == 0)" | |||
2005-04-12 | Include error library value in C error source files instead of fixing up | Dr. Stephen Henson | |
at runtime. | |||
2005-04-09 | Make kerberos ciphersuite code work with newer header files | Dr. Stephen Henson | |
2005-04-09 | Added restrictions on the use of proxy certificates, as they may pose | Richard Levitte | |
a security threat on unexpecting applications. Document and test. | |||
2005-04-08 | add support for DER encoded private keys to SSL_CTX_use_PrivateKey_file() | Nils Larsch | |
and SSL_use_PrivateKey_file() PR: 1035 Submitted by: Walter Goulet Reviewed by: Nils Larsch | |||
2005-04-07 | get rid of very buggy and very imcomplete DH cert support | Nils Larsch | |
Reviewed by: Bodo Moeller | |||
2005-04-02 | use SHA-1 as the default digest for the apps/openssl commands | Nils Larsch | |
2005-03-31 | Give everything prototypes (well, everything that's actually used). | Ben Laurie | |
2005-03-24 | Harmonize with CHANGES as distributed in OpenSSL 0.9.7f. | Bodo Möller | |
2005-03-24 | undo Cygwin change | Ulf Möller | |
2005-03-22 | Ensure (SSL_RANDOM_BYTES - 4) of pseudo random data is used for server and | Dr. Stephen Henson | |
client random values. | |||
2005-03-19 | Use Windows randomness code on Cygwin | Ulf Möller | |
2005-03-02 | In addition to RC5, also exclude MDC2 from compilation unless | Bodo Möller | |
the algorithm is explicitly requested. | |||
2005-02-22 | Change ./Configure so that certain algorithms can be disabled by default. | Bodo Möller | |
This is now the case for RC5. As a side effect, the OPTIONS in the Makefile will usually look a little different now, but they are essentially only for information anyway. | |||
2005-02-19 | Fix hang in EGD/PRNGD query when communication socket is closed | Lutz Jänicke | |
prematurely by EGD/PRNGD. PR: 1014 Submitted by: Darren Tucker <dtucker@zip.com.au> | |||
2004-12-29 | Prompt for passphrases for PKCS12 input format | Dr. Stephen Henson | |
2004-12-28 | Add functionality needed to process proxy certificates. | Richard Levitte | |
2004-12-05 | Add lots of checks for memory allocation failure, error codes to indicate | Dr. Stephen Henson | |
failure and freeing up memory if a failure occurs. PR:620 | |||
2004-12-03 | Add -passin argument to dgst command. | Dr. Stephen Henson | |
2004-12-01 | Perform partial comparison of different character types in X509_NAME_cmp(). | Dr. Stephen Henson | |
2004-11-29 | Document the change. | Richard Levitte | |
2004-11-26 | Summarize recent RC4 tune-ups. | Andy Polyakov | |
2004-11-25 | Allow alternative manual sections to be embedded in .pod file comments. | Dr. Stephen Henson | |
2004-11-16 | PR: 910 | Dr. Stephen Henson | |
Add command line options -certform, -keyform and -pass to s_client and s_server. This supports the use of alternative passphrase sources, key formats and keys handled by an ENGINE. Update docs. | |||
2004-10-04 | Fix race condition when CRL checking is enabled. | Dr. Stephen Henson | |
2004-09-06 | New X509_VERIFY_PARAM structure and associated functionality. | Dr. Stephen Henson | |
This tidies up verify parameters and adds support for integrated policy checking. Add support for policy related command line options. Currently only in smime application. WARNING: experimental code subject to change. | |||
2004-08-04 | Make a note of the new engine. | Geoff Thorpe | |
2004-07-06 | Delta CRL support in extension code. | Dr. Stephen Henson | |
2004-06-17 | Deprecate unused cruft, and "make update". | Geoff Thorpe | |
2004-05-31 | Mention new SHA algorithms in CHANGES. This completes the integration. | Andy Polyakov | |
2004-05-15 | Fixes so alerts are sent properly in s3_pkt.c | Dr. Stephen Henson | |
PR: 851 | |||
2004-05-13 | CHANGES to mention improved PowerPC platform support. | Andy Polyakov | |
2004-05-04 | - update from current 0.9.6-stable CHANGES file | Bodo Möller | |
- update from current 0.9.7-stable CHANGES file: Now here we have "CHANGES between 0.9.7e and 0.9.8", and I hope that all patches mentioned for 0.9.7d and 0.9.7e actually are in the CVS HEAD, i.e. what is to become 0.9.8. I have rewritten the 'openssl ca -create_serial' entry (0.9.8) so that it explains the earlier change that is now listed (0.9.7e). The ENGINE_set_default typo bug entry has been moved from 0.9.8 to 0.9.7b, which is where it belongs. | |||
2004-04-26 | Allow RSA key-generation to specify an arbitrary public exponent. Jelte | Geoff Thorpe | |
proposed the change and submitted the patch, I jiggled it slightly and adjusted the other parts of openssl that were affected. PR: 867 Submitted by: Jelte Jansen Reviewed by: Geoff Thorpe |