generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
8,891 Commits 16 Branches 258 Tags 86 MiB
3c0ce01cea
Commit Graph

954 Commits

Author SHA1 Message Date
Dr. Stephen Henson
3c0ce01cea PR: 1827 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Updated patch for PR #1827
 2009-04-14 14:20:57 +00:00
Dr. Stephen Henson
9fcbefebdb PR: 1828 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Update from 0.9.8-stable.
 2009-04-14 14:19:46 +00:00
Dr. Stephen Henson
017d2a887f PR: 1838 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Updated patch from 0.9.8-stable.
 2009-04-14 14:18:16 +00:00
Dr. Stephen Henson
9ae5743515 Disable SSLv2 cipher suites by default and avoid SSLv2 compatible client 
hello if no SSLv2 cipher suites are included. This effectively disables
the broken SSLv2 use by default.
 2009-04-07 17:01:07 +00:00
Dr. Stephen Henson
c184b140df Update from 0.9.8-stable. 2009-04-07 16:30:32 +00:00
Dr. Stephen Henson
9d80aa7e3f Update from 0.9.8-stable 2009-04-07 12:10:59 +00:00
Dr. Stephen Henson
c9a1778134 Fix error codes. 2009-04-05 11:54:34 +00:00
Dr. Stephen Henson
2dd5ca1fbc Make no-ssl2 work including on Win32 builds. 2009-04-04 17:57:34 +00:00
Dr. Stephen Henson
c6196da587 Update from 0.9.8-stable. 2009-04-02 22:28:52 +00:00
Dr. Stephen Henson
78625cac82 Submitted by: Victor Duchovni <Victor.Duchovni@morganstanley.com> 
Reviewed by: steve@openssl.org

Check return value of sk_SSL_COMP_find() properly.
 2009-03-12 17:30:29 +00:00
Ben Laurie
7587347bc4 Fix memory leak. 2009-02-23 16:40:59 +00:00
Ben Laurie
b3f3407850 Use new common flags and fix resulting warnings. 2009-02-15 14:08:51 +00:00
Dr. Stephen Henson
477fd4596f PR: 1835 
Submitted by: Damien Miller <djm@mindrot.org>
Approved by: steve@openssl.org

Fix various typos.
 2009-02-14 21:49:38 +00:00
Bodo Möller
d8e8fc4803 Put back a variable deleted by the previous revision, 
but used in the code.
 2009-02-01 01:08:13 +00:00
Richard Levitte
c7ba21493a Hopefully resolve signed vs unsigned issue. 2009-01-28 07:09:23 +00:00
Dr. Stephen Henson
d7ecd42255 Fix warnings properly this time ;-) 2009-01-11 20:34:23 +00:00
Dr. Stephen Henson
211655fcdd Fix sign-compare warnings. 2009-01-11 15:58:51 +00:00
Dr. Stephen Henson
bab534057b Updatde from stable branch. 2009-01-07 23:44:27 +00:00
Lutz Jänicke
fceac0bc74 Fix compilation with -no-comp by adding some more #ifndef OPENSSL_NO_COMP 
Some #include statements were not properly protected. This will go unnoted
on most systems as openssl/comp.h tends to be installed as a system header
file by default but may become visible when cross compiling.
 2009-01-05 14:43:05 +00:00
Ben Laurie
4a94003a51 srvr_ecdh cannot be NULL at this point (Coverity ID 232). 2009-01-02 12:49:07 +00:00
Ben Laurie
d41c785d69 Document dead code. 2008-12-30 13:02:02 +00:00
Ben Laurie
2bd45dc94c Apparently s->ctx could be NULL. (Coverity ID 147). 2008-12-29 16:15:27 +00:00
Ben Laurie
121f9e743c Apparently s->ctx could be NULL at this point (see earlier 
test). (Coverity ID 148).
 2008-12-29 16:13:49 +00:00
Ben Laurie
0eab41fb78 If we're going to return errors (no matter how stupid), then we should 
test for them!
 2008-12-29 16:11:58 +00:00
Ben Laurie
8aa02e97a7 Make sure a bad parameter to RSA_verify_PKCS1_PSS() doesn't lead to a crash. 
(Coverity ID 135).
 2008-12-29 13:35:08 +00:00
Ben Laurie
85e878f224 Die earlier if hash is NULL. (Coverity IDs 137 & 138). 2008-12-29 11:54:56 +00:00
Ben Laurie
fe1c7fecf1 Reverse incorrect earlier fix. 2008-12-29 11:47:08 +00:00
Ben Laurie
0e941da6fa Die earlier if we have no hash function. 2008-12-29 11:46:44 +00:00
Ben Laurie
9b9cb004f7 Deal with the unlikely event that EVP_MD_CTX_size() returns an error. 
(Coverity ID 140).
 2008-12-27 02:09:24 +00:00
Ben Laurie
6ba71a7173 Handle the unlikely event that BIO_get_mem_data() returns -ve. 2008-12-27 02:00:38 +00:00
Dr. Stephen Henson
70531c147c Make no-engine work again. 2008-12-20 17:04:40 +00:00
Ben Laurie
a9dbe71ee0 Back out pointless change. 2008-12-13 17:45:49 +00:00
Ben Laurie
ecd3370ba0 *** empty log message *** 2008-12-13 17:45:27 +00:00
Dr. Stephen Henson
349e78e2e8 Stop warning about different const qualifiers. 2008-11-24 17:39:42 +00:00
Ben Laurie
f3b7bdadbc Integrate J-PAKE and TLS-PSK. Increase PSK buffer size. Fix memory leaks. 2008-11-16 12:47:12 +00:00
Dr. Stephen Henson
12bf56c017 PR: 1574 
Submitted by: Jouni Malinen <j@w1.fi>
Approved by: steve@openssl.org

Ticket override support for EAP-FAST.
 2008-11-15 17:18:12 +00:00
Ben Laurie
774b2fe700 Aftermath of a clashing size_t fix (now only format changes). 2008-11-13 09:48:47 +00:00
Geoff Thorpe
6343829a39 Revert the size_t modifications from HEAD that had led to more 
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
 2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
7b808412c9 Make -DKSSL_DEBUG work again. 2008-11-10 19:08:37 +00:00
Dr. Stephen Henson
c76fd290be Fix warnings about mismatched prototypes, undefined size_t and value computed 
not used.
 2008-11-02 12:50:48 +00:00
Ben Laurie
5e4430e70d More size_tification. 2008-11-01 16:40:37 +00:00
Ben Laurie
bfaead2b12 Fix warning. 2008-10-29 05:10:09 +00:00
Dr. Stephen Henson
ab7e09f59b Win32 fixes... add new directory to build system. Fix warnings. 2008-10-27 12:31:13 +00:00
Dr. Stephen Henson
e19106f5fb Create function of the form OBJ_bsearch_xxx() in bsearch typesafe macros 
with the appropriate parameters which calls OBJ_bsearch(). A compiler will
typically inline this.

This avoids the need for cmp_xxx variables and fixes unchecked const issues
with CHECKED_PTR_OF()
 2008-10-22 15:43:01 +00:00
Dr. Stephen Henson
606f6c477a Fix a shed load or warnings: 
Duplicate const.
Use of ; outside function.
 2008-10-20 15:12:00 +00:00
Lutz Jänicke
b8dfde2a36 Remove the DTLS1_BAD_VER thing from 0.9.9-dev. It is present in 0.9.8 
but has been omitted from HEAD (0.9.9), see commit
  http://cvs.openssl.org/chngview?cn=16627
by appro.
 2008-10-13 06:45:59 +00:00
Lutz Jänicke
570006f3a2 Half of the commit for 0.9.8 as the bitmap handling has changed. 
(Firstly... ommitted)

Secondly, it wasn't even _dropping_ the offending packets, in the
non-blocking case. It was just returning garbage instead.
PR: #1752
Submitted by: David Woodhouse <dwmw2@infradead.org>
 2008-10-13 06:43:03 +00:00
Ben Laurie
babb379849 Type-checked (and modern C compliant) OBJ_bsearch. 2008-10-12 14:32:47 +00:00
Ben Laurie
6665ef303e Add missing DTLS1_BAD_VER (hope I got the value right). 2008-10-12 14:04:34 +00:00
Lutz Jänicke
7e7af0bc51 When the underlying BIO_write() fails to send a datagram, we leave the 
offending record queued as 'pending'. The DTLS code doesn't expect this,
and we end up hitting an OPENSSL_assert() in do_dtls1_write().

The simple fix is just _not_ to leave it queued. In DTLS, dropping
packets is perfectly acceptable -- and even preferable. If we wanted a
service with retries and guaranteed delivery, we'd be using TCP.
PR: #1703
Submitted by: David Woodhouse <dwmw2@infradead.org>
 2008-10-10 10:41:35 +00:00