Richard Levitte 
							
						 
					 
					
						
						
							
						
						a01fc63c11 
					 
					
						
						
							
							Have ssl3_send_certificate_request() change the state to SSL3_ST_SW_CERT_REQ_B.  
						
						... 
						
						
						
						PR: 680 
						
						
					 
					
						2003-09-27 19:28:54 +00:00 
						 
				 
			
				
					
						
							
							
								Dr. Stephen Henson 
							
						 
					 
					
						
						
							
						
						3158c87a02 
					 
					
						
						
							
							Only accept a client certificate if the server requests  
						
						... 
						
						
						
						one, as required by SSL/TLS specs. 
						
						
					 
					
						2003-09-03 23:35:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						702eb4dc0a 
					 
					
						
						
							
							tolerate extra data at end of client hello for SSL 3.0  
						
						
						
						
					 
					
						2003-07-21 15:16:20 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						ef42d6a4ed 
					 
					
						
						
							
							countermeasure against new Klima-Pokorny-Rosa atack  
						
						
						
						
					 
					
						2003-03-19 19:20:30 +00:00 
						 
				 
			
				
					
						
							
							
								Richard Levitte 
							
						 
					 
					
						
						
							
						
						6bad9d0522 
					 
					
						
						
							
							A few more memset()s converted to OPENSSL_cleanse().  
						
						... 
						
						
						
						I *think* I got them all covered by now, bu please, if you find any more,
tell me and I'll correct it.
PR: 343 
						
						
					 
					
						2002-11-29 11:31:18 +00:00 
						 
				 
			
				
					
						
							
							
								Richard Levitte 
							
						 
					 
					
						
						
							
						
						920b700d4a 
					 
					
						
						
							
							Cleanse memory using the new OPENSSL_cleanse() function.  
						
						... 
						
						
						
						I've covered all the memset()s I felt safe modifying, but may have missed some. 
						
						
					 
					
						2002-11-28 08:06:36 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						96eef150d6 
					 
					
						
						
							
							increase permissible message length so that we can handle  
						
						... 
						
						
						
						CertificateVerify for 4096 bit RSA signatures 
						
						
					 
					
						2002-10-28 15:40:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						af4396e589 
					 
					
						
						
							
							really fix race conditions  
						
						... 
						
						
						
						Submitted by: "Patrick McCormick" <patrick@tellme.com >
PR: 262
PR: 291 
						
						
					 
					
						2002-09-25 15:36:21 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						924b6006d7 
					 
					
						
						
							
							really fix race condition  
						
						... 
						
						
						
						PR: 262 
						
						
					 
					
						2002-09-23 14:30:59 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						517a0e7fa0 
					 
					
						
						
							
							get rid of OpenSSLDie  
						
						
						
						
					 
					
						2002-08-02 10:51:59 +00:00 
						 
				 
			
				
					
						
							
							
								Lutz Jänicke 
							
						 
					 
					
						
						
							
						
						bb41724483 
					 
					
						
						
							
							OpenSSL Security Advisory [30 July 2002]  
						
						... 
						
						
						
						Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
Submitted by:
Reviewed by:
PR: 
						
						
					 
					
						2002-07-30 10:19:01 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						82c77c1b32 
					 
					
						
						
							
							Implement known-IV countermeasure.  
						
						... 
						
						
						
						Fix length checks in ssl3_get_client_hello().
Use s->s3->in_read_app_data differently to fix ssl3_read_internal(). 
						
						
					 
					
						2002-04-13 22:49:28 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						19fa8cfe5a 
					 
					
						
						
							
							Bugfix: In ssl3_accept, don't use a local variable 'got_new_session'  
						
						... 
						
						
						
						to indicate that a real handshake is taking place (the value will be
lost during multiple invocations). Set s->new_session to 2 instead. 
						
						
					 
					
						2002-01-14 23:42:47 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						0b9925be4f 
					 
					
						
						
							
							Consistency with s2_... and s23_... variants (no real functional  
						
						... 
						
						
						
						change) 
						
						
					 
					
						2001-10-25 08:18:56 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						38b3e9edde 
					 
					
						
						
							
							Fix SSL handshake functions and SSL_clear() such that SSL_clear()  
						
						... 
						
						
						
						never resets s->method to s->ctx->method when called from within one
of the SSL handshake functions. 
						
						
					 
					
						2001-10-24 19:05:26 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						9ccadf1c6f 
					 
					
						
						
							
							In ssl3_get_client_hello (ssl/s3_srvr.c), generate a fatal alert if  
						
						... 
						
						
						
						client_version is smaller than the protocol version in use.
Also change ssl23_get_client_hello (ssl/s23_srvr.c) to select TLS 1.0
if the client demanded SSL 3.0 but only TLS 1.0 is enabled; then the
client will at least see that alert. 
						
						
					 
					
						2001-10-20 17:52:40 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						1147fa5a5f 
					 
					
						
						
							
							the previous commit accidentily removed 'ret = 1' from the SSL_ST_OK  
						
						... 
						
						
						
						case of ssl3_accept 
						
						
					 
					
						2001-10-15 17:40:22 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						f8845509b6 
					 
					
						
						
							
							Disable session related stuff in SSL_ST_OK case of ssl3_accept if we  
						
						... 
						
						
						
						just sent a HelloRequest. 
						
						
					 
					
						2001-09-21 07:01:04 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						3f98e1dd11 
					 
					
						
						
							
							Bugfix: correct cleanup after sending a HelloRequest  
						
						
						
						
					 
					
						2001-09-21 00:03:00 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						e53afa9e9b 
					 
					
						
						
							
							fix ssl3_accept: don't call ssl_init_wbio_buffer() in HelloRequest case  
						
						
						
						
					 
					
						2001-09-20 21:36:39 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						10981a5c84 
					 
					
						
						
							
							add comment  
						
						
						
						
					 
					
						2001-09-14 13:48:37 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						9cf8888149 
					 
					
						
						
							
							Increase permissible ClientKeyExchange message length as in main  
						
						... 
						
						
						
						branch (revision 1.50, 2000-11-17) 
						
						
					 
					
						2001-09-14 13:32:03 +00:00 
						 
				 
			
				
					
						
							
							
								Lutz Jänicke 
							
						 
					 
					
						
						
							
						
						a04baf9b5c 
					 
					
						
						
							
							Allow client certificate lists > 16kB ("Douglas E. Engert" <deengert@anl.gov>.)  
						
						
						
						
					 
					
						2001-08-25 11:48:35 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						83583e9479 
					 
					
						
						
							
							Fix Bleichenbacher PKCS  #1  1.5 countermeasure.  
						
						... 
						
						
						
						(The attack against SSL 3.1 and TLS 1.0 is impractical anyway,
otherwise this would be a security relevant patch.) 
						
						
					 
					
						2001-06-01 09:43:23 +00:00 
						 
				 
			
				
					
						
							
							
								Dr. Stephen Henson 
							
						 
					 
					
						
						
							
						
						de0b3ab7fb 
					 
					
						
						
							
							Zero the premaster secret after deriving the master secret in DH  
						
						... 
						
						
						
						ciphersuites. 
						
						
					 
					
						2001-01-25 13:20:39 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						bbb8de0966 
					 
					
						
						
							
							Avoid abort() throughout the library, except when preprocessor  
						
						... 
						
						
						
						symbols for debugging are defined. 
						
						
					 
					
						2000-09-04 15:34:43 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						93d8bfcdc4 
					 
					
						
						
							
							typo  
						
						
						
						
					 
					
						2000-05-25 11:24:42 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						2c05c494c0 
					 
					
						
						
							
							Implement SSL_OP_TLS_ROLLBACK_BUG for servers.  
						
						... 
						
						
						
						Call dh_tmp_cb with correct 'is_export' flag.
Avoid tabs in CHANGES. 
						
						
					 
					
						2000-05-25 09:50:40 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						98e04f9eeb 
					 
					
						
						
							
							Comments for SSL_get_peer_cert_chain inconsistency.  
						
						
						
						
					 
					
						2000-03-27 18:07:45 +00:00 
						 
				 
			
				
					
						
							
							
								Dr. Stephen Henson 
							
						 
					 
					
						
						
							
						
						fbb41ae0ad 
					 
					
						
						
							
							Allow code which calls RSA temp key callback to cope  
						
						... 
						
						
						
						with a failure.
Fix typos in some error codes. 
						
						
					 
					
						2000-02-25 00:23:48 +00:00 
						 
				 
			
				
					
						
							
							
								Ulf Möller 
							
						 
					 
					
						
						
							
						
						4c5fac4ac4 
					 
					
						
						
							
							Fix NO_RSA (misplaced #endif).  
						
						
						
						
					 
					
						2000-02-24 04:41:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						a2a0158959 
					 
					
						
						
							
							Fix some bugs and document others  
						
						
						
						
					 
					
						2000-02-21 17:09:54 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						745c70e565 
					 
					
						
						
							
							Move MAC computations for Finished from ssl3_read_bytes into  
						
						... 
						
						
						
						ssl3_get_message, which is more logical (and avoids a bug,
in addition to the one that I introduced yesterday :-)
and makes Microsoft "fast SGC" less special.
MS SGC should still work now without an extra state of its own
(it goes directly to SSL3_ST_SR_CLNT_HELLO_C, which is the usual state
for reading the body of a Client Hello message), however this should
be tested to make sure, and I don't have a MS SGC client. 
						
						
					 
					
						2000-02-21 10:16:30 +00:00 
						 
				 
			
				
					
						
							
							
								Dr. Stephen Henson 
							
						 
					 
					
						
						
							
						
						de469ef21e 
					 
					
						
						
							
							Fix for Netscape "hang" bug.  
						
						
						
						
					 
					
						2000-02-15 14:19:44 +00:00 
						 
				 
			
				
					
						
							
							
								Ulf Möller 
							
						 
					 
					
						
						
							
						
						657e60fa00 
					 
					
						
						
							
							ispell (and minor modifications)  
						
						
						
						
					 
					
						2000-02-03 23:23:24 +00:00 
						 
				 
			
				
					
						
							
							
								Ulf Möller 
							
						 
					 
					
						
						
							
						
						9d1a01be8f 
					 
					
						
						
							
							Source code cleanups: Use void * rather than char * in lhash,  
						
						... 
						
						
						
						eliminate some of the -Wcast-qual warnings (debug-ben-strict target) 
						
						
					 
					
						2000-01-30 22:20:28 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						a87030a1ed 
					 
					
						
						
							
							Make DSA_generate_parameters, and fix a couple of bug  
						
						... 
						
						
						
						(including another problem in the s3_srvr.c state machine). 
						
						
					 
					
						2000-01-30 02:23:03 +00:00 
						 
				 
			
				
					
						
							
							
								Dr. Stephen Henson 
							
						 
					 
					
						
						
							
						
						018e57c74d 
					 
					
						
						
							
							Apply Lutz Behnke's 56 bit cipher patch with a few  
						
						... 
						
						
						
						minor changes.
Docs haven't been added at this stage. They are probably
best included in the 'ciphers' program docs. 
						
						
					 
					
						2000-01-22 03:17:06 +00:00 
						 
				 
			
				
					
						
							
							
								Ulf Möller 
							
						 
					 
					
						
						
							
						
						e7f97e2d22 
					 
					
						
						
							
							Check RAND_bytes() return value or use RAND_pseudo_bytes().  
						
						
						
						
					 
					
						2000-01-21 01:15:56 +00:00 
						 
				 
			
				
					
						
							
							
								Ulf Möller 
							
						 
					 
					
						
						
							
						
						eb952088f0 
					 
					
						
						
							
							Precautions against using the PRNG uninitialized: RAND_bytes() now  
						
						... 
						
						
						
						returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument. 
						
						
					 
					
						2000-01-13 20:59:17 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						c51ae173a6 
					 
					
						
						
							
							Clean up some of the SSL server code.  
						
						
						
						
					 
					
						2000-01-11 01:07:26 +00:00 
						 
				 
			
				
					
						
							
							
								Ben Laurie 
							
						 
					 
					
						
						
							
						
						752d706aaf 
					 
					
						
						
							
							Make NO_RSA compile with pedantic.  
						
						
						
						
					 
					
						2000-01-08 21:06:24 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						f2d9a32cf4 
					 
					
						
						
							
							Use separate arrays for certificate verify and for finished hashes.  
						
						
						
						
					 
					
						2000-01-06 00:24:24 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						c44f754047 
					 
					
						
						
							
							Slight code cleanup for handling finished labels.  
						
						
						
						
					 
					
						2000-01-05 23:11:51 +00:00 
						 
				 
			
				
					
						
							
							
								Dr. Stephen Henson 
							
						 
					 
					
						
						
							
						
						3d14b9d04a 
					 
					
						
						
							
							Add support for MS "fast SGC".  
						
						
						
						
					 
					
						2000-01-02 18:52:58 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						47134b7864 
					 
					
						
						
							
							Don't request client certificate in anonymous ciphersuites  
						
						... 
						
						
						
						except when following the specs is bound to fail. 
						
						
					 
					
						1999-12-29 17:43:03 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						b1fe6ca175 
					 
					
						
						
							
							Store verify_result with sessions to avoid potential security hole.  
						
						
						
						
					 
					
						1999-11-16 23:15:41 +00:00 
						 
				 
			
				
					
						
							
							
								Ben Laurie 
							
						 
					 
					
						
						
							
						
						ca7fea9656 
					 
					
						
						
							
							Fix warnings.  
						
						
						
						
					 
					
						1999-09-24 19:10:57 +00:00 
						 
				 
			
				
					
						
							
							
								Dr. Stephen Henson 
							
						 
					 
					
						
						
							
						
						1c80019a2c 
					 
					
						
						
							
							Add new sign and verify members to RSA_METHOD and change SSL code to use sign  
						
						... 
						
						
						
						and verify rather than direct encrypt/decrypt. 
						
						
					 
					
						1999-09-18 22:37:44 +00:00 
						 
				 
			
				
					
						
							
							
								Bodo Möller 
							
						 
					 
					
						
						
							
						
						5bdae1675c 
					 
					
						
						
							
							Fix yet another bug for client hello handling.  
						
						
						
						
					 
					
						1999-09-11 10:36:41 +00:00