generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
5,524 Commits 16 Branches 258 Tags
Commit Graph

67 Commits

Author SHA1 Message Date
Richard Levitte
0f4d260782 Recent changes from 0.9.6-stable 2003-09-29 15:14:23 +00:00
Richard Levitte
db0edbb745 Recent changes from 0.9.6-stable 2003-09-08 16:57:29 +00:00
Richard Levitte
980645e55e Recent changes from 0.9.6-stable. 2003-08-09 09:35:57 +00:00
Richard Levitte
8aac6ad0f2 Recent changes from 0.9.6-stable. 2003-03-25 01:26:54 +00:00
Richard Levitte
22b3a95d5c Recent changes from 0.9.6-stable. 2002-12-02 03:01:52 +00:00
Richard Levitte
63e86149c1 Recent changes from 0.9.6-stable. 2002-11-28 12:26:05 +00:00
Richard Levitte
7fff663991 Recent changes from 0.9.6-stable. 2002-10-30 12:15:30 +00:00
Richard Levitte
8fd54b07a8 Merge in latest changes from 0.9.6-stable. 2002-10-11 20:54:03 +00:00
Richard Levitte
c4a24b13f3 Merge in recent changes from 0.9.6-stable. 2002-09-25 15:12:13 +00:00
Bodo Möller
1ce60f02d3 merge in changes in OpenSSL_0_9_6-stable (conflicts resolved) 2002-08-02 11:38:07 +00:00
Lutz Jänicke
cfebe39d42 OpenSSL Security Advisory [30 July 2002] 
Changes marked "(CHATS)" were sponsored by the Defense Advanced
Research Projects Agency (DARPA) and Air Force Research Laboratory,
Air Force Materiel Command, USAF, under agreement number
F30602-01-2-0537.
Submitted by:
Reviewed by:
PR:
 2002-07-30 10:26:28 +00:00
Richard Levitte
c1fb6557e5 Merge in the latest changes from 0.9.6d-stable. 2002-04-17 07:02:47 +00:00
Richard Levitte
41aad62a78 Merge in the latest changes from the 0.9.6-stable branch. 2002-01-26 01:18:50 +00:00
Bodo Möller
da904c9cef synchronise with main 0.9.6 stable branch 2001-11-12 22:42:40 +00:00
Richard Levitte
4ae5099856 Add changes from the 0.9.6-stable branch. 2001-06-05 05:08:26 +00:00
Richard Levitte
3d4bb90138 Merge in the 0.9.6-stable branch once more and hope for better 
results.
 2001-03-13 06:49:18 +00:00
Richard Levitte
192295a094 Merge main trunk to engine branch, all conflicts resolved. 2000-09-07 10:59:04 +00:00
Bodo Möller
93d8bfcdc4 typo 2000-05-25 11:24:42 +00:00
Bodo Möller
2c05c494c0 Implement SSL_OP_TLS_ROLLBACK_BUG for servers. 
Call dh_tmp_cb with correct 'is_export' flag.

Avoid tabs in CHANGES.
 2000-05-25 09:50:40 +00:00
Bodo Möller
98e04f9eeb Comments for SSL_get_peer_cert_chain inconsistency. 2000-03-27 18:07:45 +00:00
Dr. Stephen Henson
fbb41ae0ad Allow code which calls RSA temp key callback to cope 
with a failure.

Fix typos in some error codes.
 2000-02-25 00:23:48 +00:00
Ulf Möller
4c5fac4ac4 Fix NO_RSA (misplaced #endif). 2000-02-24 04:41:03 +00:00
Bodo Möller
a2a0158959 Fix some bugs and document others 2000-02-21 17:09:54 +00:00
Bodo Möller
745c70e565 Move MAC computations for Finished from ssl3_read_bytes into 
ssl3_get_message, which is more logical (and avoids a bug,
in addition to the one that I introduced yesterday :-)
and makes Microsoft "fast SGC" less special.
MS SGC should still work now without an extra state of its own
(it goes directly to SSL3_ST_SR_CLNT_HELLO_C, which is the usual state
for reading the body of a Client Hello message), however this should
be tested to make sure, and I don't have a MS SGC client.
 2000-02-21 10:16:30 +00:00
Dr. Stephen Henson
de469ef21e Fix for Netscape "hang" bug. 2000-02-15 14:19:44 +00:00
Ulf Möller
657e60fa00 ispell (and minor modifications) 2000-02-03 23:23:24 +00:00
Ulf Möller
9d1a01be8f Source code cleanups: Use void * rather than char * in lhash, 
eliminate some of the -Wcast-qual warnings (debug-ben-strict target)
 2000-01-30 22:20:28 +00:00
Bodo Möller
a87030a1ed Make DSA_generate_parameters, and fix a couple of bug 
(including another problem in the s3_srvr.c state machine).
 2000-01-30 02:23:03 +00:00
Dr. Stephen Henson
018e57c74d Apply Lutz Behnke's 56 bit cipher patch with a few 
minor changes.

Docs haven't been added at this stage. They are probably
best included in the 'ciphers' program docs.
 2000-01-22 03:17:06 +00:00
Ulf Möller
e7f97e2d22 Check RAND_bytes() return value or use RAND_pseudo_bytes(). 2000-01-21 01:15:56 +00:00
Ulf Möller
eb952088f0 Precautions against using the PRNG uninitialized: RAND_bytes() now 
returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.
 2000-01-13 20:59:17 +00:00
Bodo Möller
c51ae173a6 Clean up some of the SSL server code. 2000-01-11 01:07:26 +00:00
Ben Laurie
752d706aaf Make NO_RSA compile with pedantic. 2000-01-08 21:06:24 +00:00
Bodo Möller
f2d9a32cf4 Use separate arrays for certificate verify and for finished hashes. 2000-01-06 00:24:24 +00:00
Bodo Möller
c44f754047 Slight code cleanup for handling finished labels. 2000-01-05 23:11:51 +00:00
Dr. Stephen Henson
3d14b9d04a Add support for MS "fast SGC". 2000-01-02 18:52:58 +00:00
Bodo Möller
47134b7864 Don't request client certificate in anonymous ciphersuites 
except when following the specs is bound to fail.
 1999-12-29 17:43:03 +00:00
Bodo Möller
b1fe6ca175 Store verify_result with sessions to avoid potential security hole. 1999-11-16 23:15:41 +00:00
Ben Laurie
ca7fea9656 Fix warnings. 1999-09-24 19:10:57 +00:00
Dr. Stephen Henson
1c80019a2c Add new sign and verify members to RSA_METHOD and change SSL code to use sign 
and verify rather than direct encrypt/decrypt.
 1999-09-18 22:37:44 +00:00
Bodo Möller
5bdae1675c Fix yet another bug for client hello handling. 1999-09-11 10:36:41 +00:00
Bodo Möller
074309b7ee Fix server behaviour when facing backwards-compatible client hellos. 1999-09-03 16:33:11 +00:00
Bodo Möller
8876bc0548 Let ssl_get_prev_session reliably work in multi-threaded settings. 1999-05-23 13:07:03 +00:00
Bodo Möller
b56bce4fc7 New structure type SESS_CERT used instead of CERT inside SSL_SESSION. 
While modifying the sources, I found some inconsistencies on the use of
s->cert vs. s->session->sess_cert; I don't know if those could
really have caused problems, but possibly this is a proper bug-fix
and not just a clean-up.
 1999-05-13 15:09:38 +00:00
Bodo Möller
9d5cceac6f No actual change, but the cert_st member of struct ssl_session_st is now 
called sess_cert instead of just cert.  This is in preparation of further
changes: Probably often when s->session->sess_cert is used, we should
use s->cert instead; s->session->sess_cert should be a new structure
containing only the stuff that is for just one connection (e.g.
the peer's certificate, which the SSL client implementations currently
store in s->session->[sess_]cert, which is a very confusing thing to do).
Submitted by:
Reviewed by:
PR:
 1999-05-09 21:22:45 +00:00
Bodo Möller
ca8e5b9b8a Create a duplicate of the SSL_CTX's CERT in SSL_new instead of copying 
pointers.  The cert_st handling is changed by this in various ways.
Submitted by:
Reviewed by:
PR:
 1999-05-09 20:12:44 +00:00
Bodo Möller
8051996a5b Annotate a bug. 
Submitted by:
Reviewed by:
PR:
 1999-05-02 04:03:22 +00:00
Ulf Möller
d02f751ce1 Message digest stuff. 1999-04-27 04:18:53 +00:00
Ulf Möller
79df9d6272 New Configure option no-<cipher> (rsa, idea, rc5, ...). 1999-04-27 03:19:12 +00:00
Ulf Möller
a9be3af5ad Remove NOPROTO definitions and error code comments. 1999-04-26 16:43:10 +00:00