Note that it initially applies to 1.0.2, and not to HEAD. This is
in order to allow development with existing libunbound installations
that are dependent on OpenSSL 1.0.x. More details in RT.
RT: 3003
Reencode certificates in X509_sign_ctx as well as X509_sign.
This was causing a problem in the x509 application when it modified an
existing certificate.
(cherry picked from commit c6d8adb8a45186617e0a8e2c09469bd164b92b31)
While ARMv7 in general is capable of unaligned access, not all instructions
actually are. And trouble is that compiler doesn't seem to differentiate
those capable and incapable of unaligned access. Side effect is that kernel
goes into endless loop retrying same instruction triggering unaligned trap.
Problem was observed in xts128.c and ccm128.c modules. It's possible to
resolve it by using (volatile u32*) casts, but letting STRICT_ALIGNMENT
be feels more appropriate.
(cherry picked from commit 3bdd80521a81d50ade4214053cd9b293f920a77b)
Don't check for binary curves by checking methods: the values will
be different in FIPS mode as they are redirected to the validated module
version.
(cherry picked from commit 94782e0e9c28bd872107b8f814f4db68c9fbf5ab)
If an ASN1_INTEGER structure is allocated but not explicitly set encode
it as zero: don't generate an invalid zero length INTEGER.
(cherry picked from commit 1643edc63c3e15b6db5a15a728bc288f2cc2bbc7)
Add CMS_RecipientInfo_encrypt: this function encrypts an existing content
encryption key to match the key in the RecipientInfo structure: this is
useful if a new recpient is added to and existing enveloped data structure.
Add documentation.
(cherry picked from commit e1f1d28f34cc5cfc87772e0d8331e00137a4a213)
Two example programs one for command line argument processing and
one for configuration file processing.
(cherry picked from commit 3646578ae7e29230d7b05a5487ad12990b2ae688)
Fix some typos and update version number first added: it has now been
backported to OpenSSL 1.0.2.
(cherry picked from commit 4365e4aad97fa37e4a97eb2270a64c03e6547014)
key to the one in a request. This is useful for cases where the public
key cannot be used for signing e.g. DH.
(cherry picked from commit 43206a2d7cc87c959535c0f69e2aa3b364eafd6e)
podlators 2.5.0 has switched to dying on POD syntax errors. This means
that a bunch of long-standing erroneous POD in the openssl documentation
now leads to fatal errors from pod2man, halting installation.
Unfortunately POD constraints mean that you have to sort numeric lists
in ascending order if they start with 1: you cannot do 1, 0, 2 even if
you want 1 to appear first. I've reshuffled such (alas, I wish there
were a better way but I don't know of one).
(cherry picked from commit 5cc270774258149235f69e1789b3370f57b0e27b)
Add description of "allocate and encode" operation for ASN1 routines.
Document how versioning will for after the letter release reaches
y.
(cherry picked from commit 2527b94fec345c0bec58f4c7a810b7b8d0552b17)
The version check for DTLS1_VERSION was redundant as
DTLS1_VERSION > TLS1_1_VERSION, however we do need to
check for DTLS1_BAD_VER for compatibility.
PR:2984
(cherry picked from commit d980abb22e22661e98e5cee33d760ab0c7584ecc)
Fix the calculation that checks there is enough room in a record
after removing padding and optional explicit IV. (by Steve)
For AEAD remove the correct number of padding bytes (by Andy)
(cherry picked from commit 32cc2479b473c49ce869e57fded7e9a77b695c0d)
MD5 should use little endian order. Fortunately the only ciphersuite
affected is EXP-RC2-CBC-MD5 (TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5) which
is a rarely used export grade ciphersuite.
(cherry picked from commit f306b87d766e6ecf30824635c7c395b67cff9dbc)
Kludge alert. This is arranged by passing padding length in unused
bits of SSL3_RECORD->type, so that orig_len can be reconstructed.
(cherry picked from commit 8bfd4c659f180a6ce34f21c0e62956b362067fba)
RISCs are picky and alignment granted by compiler for md_state can be
insufficient for SHA512.
(cherry picked from commit 36260233e7e3396feed884d3f501283e0453c04f)
Break dependency on uint64_t. It's possible to declare bits as
unsigned int, because TLS packets are limited in size and 32-bit
value can't overflow.
(cherry picked from commit cab13fc8473856a43556d41d8dac5605f4ba1f91)
