Age | Commit message (Collapse) | Author | |
---|---|---|---|
2001-08-07 | Bugfix: larger message size in ssl3_get_key_exchange() because | Bodo Möller | |
ServerKeyExchange message may be skipped. Submitted by: Petr Lampa <lampa@fee.vutbr.cz> | |||
2001-08-03 | remove a comma | Bodo Möller | |
2001-08-03 | Don't disable rollback attack detection as a recommended bug workaround. | Lutz Jänicke | |
2001-08-01 | Mention removed option. | Lutz Jänicke | |
2001-07-31 | Document DES changes better. | Ben Laurie | |
2001-07-30 | Really add the EVP and all of the DES changes. | Ben Laurie | |
2001-07-30 | Enhanced support for IA-64 Linux and HP-UX (as well as better support for | Andy Polyakov | |
HP-UX in common in ./config). Note that for the moment of this writing none of 64-bit platforms pass bntest. I'm committing this anyway as it's too frustrating to patch snapshots over and over while 0.9.6 is known to work. | |||
2001-07-30 | Fix inconsistent behaviour with respect to verify_callback handling. | Lutz Jänicke | |
2001-07-30 | Forgot to mention second fix. | Lutz Jänicke | |
2001-07-27 | Undo DH_generate_key() change: s3_srvr.c was using it correctly | Bodo Möller | |
2001-07-26 | First of several reorganisations to | Dr. Stephen Henson | |
reduce linker bloat. For example the single line: PEM_read_X509() results in a binary of around 400K in Linux! This first step separates some of the PEM functions and avoids linking in some PKCS#7 and PKCS#12 code. | |||
2001-07-26 | Fix problem occuring when used from OpenSSH on Solaris 8. | Lutz Jänicke | |
2001-07-25 | Don't preserve existing keys in DH_generate_key. | Bodo Möller | |
2001-07-25 | md_rand.c thread safety | Bodo Möller | |
2001-07-25 | always reject data >= n | Bodo Möller | |
2001-07-24 | Avoid race condition. | Bodo Möller | |
Submitted by: Travis Vitek <vitek@roguewave.com> | |||
2001-07-21 | Clean up EVP macros, rename DES EDE3 modes correctly, temporary support for | Ben Laurie | |
OpenBSD /dev/crypto (this will be revamped later when the appropriate machinery is available). | |||
2001-07-12 | Initial OCSP server support, using index.txt format. | Dr. Stephen Henson | |
This can process internal requests or behave like a mini responder. Todo: documentation, update usage info. | |||
2001-07-12 | Add the possibility to specify the use of zlib compression and | Richard Levitte | |
decompression. It can be set up to link at link time or to load the zlib library at run-time. | |||
2001-07-12 | Document the recent Kerberos SSL changes. | Richard Levitte | |
2001-07-11 | openssl speed is quite useful for testing hardware support (among other | Geoff Thorpe | |
things), especially as the RSA keys are fixed. However, DSA only fixes the DSA parameters and then generates the public and private components on the fly each time - this commit hard-codes some sampled key values so that this is no longer the case. | |||
2001-07-10 | Fix PRNG. | Bodo Möller | |
2001-07-09 | A better compromise between encrypt and decrypt (but why isn't it as fast | Ben Laurie | |
for encrypt?). | |||
2001-07-08 | Use & instead of % - worth about 4% for 8 byte blocks. | Ben Laurie | |
2001-07-04 | Align with 0.9.6-stable CHANGES file, and make some corrections. | Bodo Möller | |
2001-07-04 | Entry for Andy's mips3.s fix. | Bodo Möller | |
2001-07-03 | When only the key is given to "enc", the IV is undefined | Lutz Jänicke | |
(found by Andy Brown <logic@warthog.com>). | |||
2001-07-01 | Insuline shot | Richard Levitte | |
2001-06-28 | Modify apps to use NCONF code instead of old CONF code. | Dr. Stephen Henson | |
Add new extension functions which work with NCONF. Tidy up extension config routines and remove redundant code. Fix NCONF_get_number(). Todo: more testing of apps to see they still work... | |||
2001-06-26 | Handle empty X509_NAME in printing routines. | Dr. Stephen Henson | |
2001-06-26 | DSA verification should insist that r and s are in the allowed range. | Bodo Möller | |
2001-06-23 | Oops, applies to 0.9.7 only. | Richard Levitte | |
2001-06-23 | Document recent changes. | Richard Levitte | |
2001-06-19 | Change all calls to low level digest routines in the library and | Dr. Stephen Henson | |
applications to use EVP. Add missing calls to HMAC_cleanup() and don't assume HMAC_CTX can be copied using memcpy(). Note: this is almost identical to the patch submitted to openssl-dev by Verdon Walker <VWalker@novell.com> except some redundant EVP_add_digest_()/EVP_cleanup() calls were removed and some changes made to avoid compiler warnings. | |||
2001-06-19 | - Add the possibility to control engines through control names but | Richard Levitte | |
with arbitrary arguments instead of just a string. - Change the key loaders to take a UI_METHOD instead of a callback function pointer. NOTE: this breaks binary compatibility with earlier versions of OpenSSL [engine]. - Addapt the nCipher code for these new conditions and add a card insertion callback. | |||
2001-06-19 | Enhance the user interface with better support for dialog box | Richard Levitte | |
prompting, application-defined prompts, the possibility to use defaults (for example default passwords from somewhere else) and interrupts/cancelations. | |||
2001-06-19 | Don't set pointer if add_lock_callback used. | Dr. Stephen Henson | |
2001-06-15 | pay attention to blocksize before attempting decryption | Bodo Möller | |
2001-06-11 | Add directory name to the entry on /crypto/ui/. | Bodo Möller | |
2001-06-11 | Add support for MS CSP Name PKCS#12 attribute. | Dr. Stephen Henson | |
2001-06-06 | OAEP fix | Bodo Möller | |
2001-06-01 | Fix Bleichenbacher PKCS #1 1.5 countermeasure. | Bodo Möller | |
(The attack against SSL 3.1 and TLS 1.0 is impractical anyway, otherwise this would be a security relevant patch.) | |||
2001-05-31 | Fix a memory leak in 'sk_dup' in the case a realloc() fails. Also, tidy up | Geoff Thorpe | |
a bit of weird code in sk_new. | |||
2001-05-29 | Don't forget responsible person so that its clear who is to blame. | Lutz Jänicke | |
2001-05-26 | Document the latest change in ENGINEs. | Richard Levitte | |
2001-05-24 | Add missing variable length cipher flag for Blowfish. | Dr. Stephen Henson | |
Only use trust settings if either trust or reject settings are present, otherwise use compatibility mode. This stops root CAs being rejected if they have alias of keyid set. | |||
2001-05-15 | Increase ENTROPY_NEEDED to support Rijndael's larger key size. | Lutz Jänicke | |
2001-05-13 | Document the addition. | Richard Levitte | |
2001-05-12 | Change Win32 to use EXPORT_VAR_AS_FN. | Dr. Stephen Henson | |
Fix OPENSSL_IMPLEMENT_GLOBAL. Allow Win32 to use EXPORT_VAR_AS_FN in mkdef.pl make update. | |||
2001-05-10 | Update changelog to reflect additional changes made to the egd-locations. | Lutz Jänicke | |