mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-18 13:44:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
9,474 Commits 34 Branches 385 Tags 436 MiB
3efe51a407
Commit Graph

4998 Commits

Author SHA1 Message Date
Andy Polyakov
d976f99294 Add AES counter mode to EVP. 2010-02-23 16:48:41 +00:00
Andy Polyakov
e5a4de9e44 Add assigned OIDs, as well as "anonymous" ones for AES counter mode. 2010-02-23 16:47:17 +00:00
Bodo Möller
2d9dcd4ff0 Always check bn_wexpend() return values for failure (CVE-2009-3245). 
(The CHANGES entry covers the change from PR #2111 as well, submitted by
Martin Olsson.)

Submitted by: Neel Mehta
 2010-02-23 10:36:35 +00:00
Bodo Möller
a839755329 Fix X509_STORE locking 2010-02-19 18:27:07 +00:00
Dr. Stephen Henson
47e0a1c335 PR: 2100 
Submitted by: James Baker <jbaker@tableausoftware.com> et al.

Workaround for slow Heap32Next on some versions of Windows.
 2010-02-17 14:32:41 +00:00
Dr. Stephen Henson
1458b931eb The "block length" for CFB mode was incorrectly coded as 1 all the time. It 
should be the number of feedback bits expressed in bytes. For CFB1 mode set
this to 1 by rounding up to the nearest multiple of 8.
 2010-02-15 19:40:16 +00:00
Dr. Stephen Henson
20eb7238cb Correct ECB mode EVP_CIPHER definition: IV length is 0 2010-02-15 19:26:02 +00:00
Dr. Stephen Henson
79cfc3ac54 add EVP_CIPH_FLAG_LENGTH_BITS from 0.9.8-stable 2010-02-15 19:20:13 +00:00
Dr. Stephen Henson
918a5d04e4 PR: 2164 
Submitted by: "Noszticzius, Istvan" <inoszticzius@rightnow.com>

Don't clear the output buffer: ciphers should correctly the same input
and output buffers.
 2010-02-15 19:00:12 +00:00
Dr. Stephen Henson
29e722f031 Fix memory leak in ENGINE autoconfig code. Improve error logging. 2010-02-09 14:17:14 +00:00
Dr. Stephen Henson
e3e31ff482 Use supplied ENGINE when initialising CMAC. Restore pctx setting. 2010-02-08 16:31:28 +00:00
Dr. Stephen Henson
bae060c06a add cvsignore 2010-02-08 15:34:02 +00:00
Dr. Stephen Henson
0ff907caf8 Make update. 2010-02-08 15:33:23 +00:00
Dr. Stephen Henson
c8ef656df2 Make CMAC API similar to HMAC API. Add methods for CMAC. 2010-02-08 15:31:35 +00:00
Dr. Stephen Henson
8c968e0355 Initial experimental CMAC implementation. 2010-02-07 18:01:07 +00:00
Dr. Stephen Henson
cc0661374f make update 2010-02-07 13:54:30 +00:00
Dr. Stephen Henson
089f02c577 oops, use new value for new flag 2010-02-07 13:50:36 +00:00
Dr. Stephen Henson
c2bf720842 Add missing function EVP_CIPHER_CTX_copy(). Current code uses memcpy() to copy 
an EVP_CIPHER_CTX structure which may have problems with external ENGINEs
who need to duplicate internal handles etc.
 2010-02-07 13:39:39 +00:00
Dr. Stephen Henson
c95bf51167 don't assume 0x is at start of string 2010-02-03 18:19:22 +00:00
Dr. Stephen Henson
2712a2f625 tolerate broken CMS/PKCS7 implementations using signature OID instead of digest 2010-02-02 14:30:39 +00:00
Dr. Stephen Henson
17ebc10ffa PR: 2161 
Submitted by: Doug Goldstein <cardoe@gentoo.org>, Steve.

Make no-dsa, no-ecdsa and no-rsa compile again.
 2010-02-02 13:35:27 +00:00
Richard Levitte
1d62de0395 The previous take went wrong, try again. 2010-01-29 12:02:50 +00:00
Richard Levitte
d7b99700c0 Architecture specific header files need special handling. 2010-01-29 11:44:36 +00:00
Dr. Stephen Henson
92714455af In engine_table_select() don't clear out entire error queue: just clear 
out any we added using ERR_set_mark() and ERR_pop_to_mark() otherwise
errors from other sources (e.g. SSL library) can be wiped.
 2010-01-28 17:49:25 +00:00
Dr. Stephen Henson
891d3c7a60 revert previous change 2010-01-28 14:17:39 +00:00
Dr. Stephen Henson
9fb6fd34f8 reword RI description 2010-01-27 18:53:33 +00:00
Richard Levitte
407a410136 Have the VMS build system catch up with the 1.0.0-stable branch. 2010-01-27 09:18:42 +00:00
Dr. Stephen Henson
1bfdbd8e75 PR: 2138 
Submitted by: Kevin Regan <k.regan@f5.com>

Clear stat structure if -DPURIFY is set to avoid problems on some
platforms which include unitialised fields.
 2010-01-26 18:07:26 +00:00
Dr. Stephen Henson
e92f9f45e8 Add flags functions which were added to 0.9.8 for fips but not 1.0.0 and 
later.
 2010-01-26 14:29:06 +00:00
Dr. Stephen Henson
8c02119e39 OPENSSL_isservice is now defined on all platforms not just WIN32 2010-01-26 13:59:32 +00:00
Dr. Stephen Henson
ca9f55f710 export OPENSSL_isservice and make update 2010-01-26 13:52:36 +00:00
Andy Polyakov
964ed94649 parisc-mont.pl: PA-RISC 2.0 code path optimization based on intruction- 
level profiling data resulted in almost 50% performance improvement.
PA-RISC 1.1 is also reordered in same manner, mostly to be consistent,
as no gain was observed, not on PA-7100LC.
 2010-01-25 23:12:00 +00:00
Dr. Stephen Henson
cab6de03a2 PR: 2149 
Submitted by: Douglas Stebila <douglas@stebila.ca>

Fix wap OIDs.
 2010-01-25 16:07:42 +00:00
Richard Levitte
6fa0608eaf A few more macros for long symbols. 
Submitted by Steven M. Schweda <sms@antinode.info>
 2010-01-25 00:18:29 +00:00
Andy Polyakov
3f2a98acbf ia64cpuid.S: OPENSSL_cleanse to accept zero length parameter. 2010-01-24 17:08:52 +00:00
Andy Polyakov
82a66ce313 pariscid.pl: OPENSSL_cleanse to compile on PA-RISC 2.0W and to accept zero 
length parameter.
 2010-01-24 15:04:28 +00:00
Andy Polyakov
7676eebf42 OPENSSL_cleanse to accept zero length parameter [matching C implementation]. 2010-01-24 14:54:24 +00:00
Dr. Stephen Henson
ba64ae6cd1 Tolerate PKCS#8 DSA format with negative private key. 2010-01-22 20:17:12 +00:00
Andy Polyakov
b3020393f2 rand_win.c: fix time limit logic. 2010-01-19 20:35:22 +00:00
Andy Polyakov
ee2b8ed2f5 x86_64-xlate.pl: refine sign extension logic when handling lea. 
PR: 2094,2095
 2010-01-19 16:15:23 +00:00
Andy Polyakov
7a6e0901ff rand_win.c: handle GetTickCount wrap-around. 2010-01-19 13:48:18 +00:00
Andy Polyakov
91fdacb2c3 s390x assembler update: add support for run-time facility detection. 2010-01-19 12:24:59 +00:00
Andy Polyakov
78a533cb93 Minor updates to ppccap.c and ppccpuid.pl. 2010-01-17 13:44:14 +00:00
Andy Polyakov
4f38565204 bn_lcl.h: add MIPS III-specific BN_UMULT_LOHI as alternative to porting 
crypto/bn/asm/mips3.s from IRIX. Performance improvement is not as
impressive as with complete assembler, but still... it's almost 2.5x
[on R5000].
 2010-01-17 12:08:24 +00:00
Andy Polyakov
4407700c40 ia64-mont.pl: add shorter vector support ("shorter" refers to 512 bits and 
less).
 2010-01-17 11:33:59 +00:00
Dr. Stephen Henson
031c78901b make update 2010-01-15 15:24:19 +00:00
Dr. Stephen Henson
1b31b5ad56 Modify compression code so it avoids using ex_data free functions. This 
stops applications that call CRYPTO_free_all_ex_data() prematurely leaking
memory.
 2010-01-13 18:57:40 +00:00
Dr. Stephen Henson
0e0c6821fa PR: 2136 
Submitted by: Willy Weisz <weisz@vcpc.univie.ac.at>

Add options to output hash using older algorithm compatible with OpenSSL
versions before 1.0.0
 2010-01-12 17:29:34 +00:00
Andy Polyakov
74f2260694 ia64-mont.pl: addp4 is not needed when referring to stack (this is 32-bit 
HP-UX thing).
 2010-01-07 15:36:59 +00:00
Andy Polyakov
25d1d62275 http://cvs.openssl.org/chngview?cn=19053 made me wonder if bind() and 
connect() are as finicky as sendto() when it comes to socket address
length. As it turned out they are, therefore the fix. Note that you
can't reproduce the problem on Linux, it was failing on Solaris,
FreeBSD, most likely on more...
 2010-01-07 13:12:30 +00:00
Andy Polyakov
9b5ca55695 sendto is reportedly picky about destination socket address length. 
PR: 2114
Submitted by: Robin Seggelmann
 2010-01-07 10:42:39 +00:00
Andy Polyakov
cba9ffc32a Fix compilation on older Linux. Linux didn't always have sockaddr_storage, 
not to mention that first sockaddr_storage had __ss_family, not ss_family.
In other words it makes more sense to avoid sockaddr_storage...
 2010-01-06 21:22:56 +00:00
Dr. Stephen Henson
f8e1ab79f5 ENGINE_load_capi() now exists on all platforms (but no op on non-WIN32) 2010-01-06 13:21:08 +00:00
Andy Polyakov
1f23001d07 ppc64-mont.pl: commentary update. 2010-01-06 10:58:59 +00:00
Andy Polyakov
dacdcf3c15 Add Montgomery multiplication module for IA-64. 2010-01-06 10:57:55 +00:00
Dr. Stephen Henson
60c52245e1 PR: 2102 
Submitted by: John Fitzgibbon <john_fitzgibbon@yahoo.com>

Remove duplicate definitions.
 2010-01-05 17:57:33 +00:00
Andy Polyakov
2f4c1dc86c b_sock.c: correct indirect calls on WinSock platforms. 
PR: 2130
Submitted by: Eugeny Gostyukhin
 2009-12-30 12:55:23 +00:00
Andy Polyakov
70b76d392f ppccap.c: fix compiler warning and perform sanity check outside signal masking. 
ppc64-mont.pl: clarify comment and fix spelling.
 2009-12-29 11:18:16 +00:00
Andy Polyakov
3fc2efd241 PA-RISC assembler: missing symbol and typos. 2009-12-28 16:13:35 +00:00
Andy Polyakov
b57599b70c Update sha512-parisc.pl and add make rules. 2009-12-27 21:05:19 +00:00
Andy Polyakov
cb3b9b1323 Throw in more PA-RISC assembler. 2009-12-27 20:49:40 +00:00
Andy Polyakov
beef714599 Switch to new uplink assembler. 2009-12-27 20:38:32 +00:00
Andy Polyakov
d741cf2267 ppccap.c: tidy up. 
ppc64-mont.pl: missing predicate in commentary.
 2009-12-27 11:25:24 +00:00
Andy Polyakov
b4b48a107c ppc64-mont.pl: adapt for 32-bit and engage for all builds. 2009-12-26 21:30:13 +00:00
Dr. Stephen Henson
7e765bf29a Traditional Yuletide commit ;-) 
Add Triple DES CFB1 and CFB8 to algorithm list and NID translation.
 2009-12-25 14:13:11 +00:00
Bodo Möller
f21516075f Constify crypto/cast. 2009-12-22 11:46:00 +00:00
Bodo Möller
7427379e9b Constify crypto/cast. 2009-12-22 10:58:33 +00:00
Dr. Stephen Henson
e50858c559 PR: 2127 
Submitted by: Tomas Mraz <tmraz@redhat.com>

Check for lookup failures in EVP_PBE_CipherInit().
 2009-12-17 15:27:57 +00:00
Dr. Stephen Henson
338a61b94e Add patch to crypto/evp which didn't apply from PR#2124 2009-12-09 15:01:39 +00:00
Dr. Stephen Henson
e4bcadb302 Revert lhash patch for PR#2124 2009-12-09 14:59:47 +00:00
Dr. Stephen Henson
fdb2c6e4e5 PR: 2124 
Submitted by: Jan Pechanec <Jan.Pechanec@Sun.COM>

Check for memory allocation failures.
 2009-12-09 13:38:05 +00:00
Dr. Stephen Henson
7e4cae1d2f PR: 2111 
Submitted by: Martin Olsson <molsson@opera.com>

Check for bn_wexpand errors in bn_mul.c
 2009-12-02 15:28:42 +00:00
Dr. Stephen Henson
ec7d16ffdd Check it actually compiles this time ;-) 2009-12-02 14:25:40 +00:00
Dr. Stephen Henson
5656f33cea PR: 2120 
Submitted by: steve@openssl.org

Initialize fields correctly if pem_str or info are NULL in  EVP_PKEY_asn1_new().
 2009-12-02 13:56:45 +00:00
Dr. Stephen Henson
6732e14278 check DSA_sign() return value properly 2009-12-01 18:39:33 +00:00
Dr. Stephen Henson
606c46fb6f PR: 1432 
Submitted by: "Andrzej Chmielowiec" <achmielowiec@enigma.com.pl>, steve@openssl.org
Approved by: steve@openssl.org

Truncate hash if it is too large: as required by FIPS 186-3.
 2009-12-01 17:32:44 +00:00
Dr. Stephen Henson
fed8dbf46d PR: 2118 
Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net>
Approved by: steve@openssl.org

Check return value of ECDSA_sign() properly.
 2009-11-30 13:56:04 +00:00
Andy Polyakov
b6bf9e2ea7 bss_dgram.c: re-fix BIO_CTRL_DGRAM_GET_PEER. 
PR: 2110
 2009-11-26 20:52:08 +00:00
Dr. Stephen Henson
d2a53c2238 Experimental CMS password based recipient Info support. 2009-11-26 18:57:39 +00:00
Dr. Stephen Henson
f2334630a7 Add OID for PWRI KEK algorithm. 2009-11-25 22:07:49 +00:00
Dr. Stephen Henson
007f7ec1bd Add PBKFD2 prototype. 2009-11-25 22:07:22 +00:00
Dr. Stephen Henson
3d63b3966f Split PBES2 into cipher and PBKDF2 versions. This tidies the code somewhat 
and is a pre-requisite to adding password based CMS support.
 2009-11-25 22:01:06 +00:00
Dr. Stephen Henson
446a6a8af7 PR: 2103 
Submitted by: Rob Austein <sra@hactrn.net>
Approved by: steve@openssl.org

Initialise atm.flags to 0.
 2009-11-17 13:25:53 +00:00
Andy Polyakov
a83f83aac8 Add sha512-parisc.pl. 2009-11-15 17:29:31 +00:00
Andy Polyakov
5727f1f790 SHA1 assembler show off: minor performance updates and new modules for 
forgotten CPUs.
 2009-11-15 17:26:11 +00:00
Andy Polyakov
53f73afc4d sha512.c: there apparently is ILP32 PowerPC platform, where it is safe to 
inline 64-bit assembler instructions. Normally it's inappropriate, because
signalling doesn't preserve upper halves of general purpose registers.
Meaning that it's only safe if signals are blocked for the time "wide"
code executes.
PR: 1998
 2009-11-15 17:19:49 +00:00
Andy Polyakov
10232bdc0e x86_64-xlate.pl: new gas requires sign extention in lea instruction. 
This resolves md5-x86_64.pl and sha1-x86_64.pl bugs, but without modifying
the code.
PR: 2094,2095
 2009-11-15 17:11:38 +00:00
Andy Polyakov
55ff3aff8c x86masm.pl: eliminate linker "multiple sections found with different 
attributes" warning.
 2009-11-15 17:06:44 +00:00
Andy Polyakov
b7cec490fa bss_dgram.c: more elegant solution to PR#2069. Use socklen_t heuristic 
from b_sock.c, don't assume that caller always passes pointer to buffer
large enough to hold sockaddr_storage.
PR: 2069
 2009-11-15 17:03:33 +00:00
Andy Polyakov
2335e8a9cc b_sock.c: fix compiler warning. 2009-11-15 16:52:11 +00:00
Andy Polyakov
6f766a4181 aesni-x86.pl: eliminate development comments. 2009-11-15 16:40:22 +00:00
Dr. Stephen Henson
c18e51ba5e PR: 2088 
Submitted by: Aleksey Samsonov <s4ms0n0v@gmail.com>
Approved by: steve@openssl.org

Fix memory leak in d2i_PublicKey().
 2009-11-12 19:56:56 +00:00
Dr. Stephen Henson
773b63d6f9 set engine to NULL after releasing it 2009-11-12 19:25:37 +00:00
Richard Levitte
0a02d1db34 Update from 1.0.0-stable 2009-11-12 17:03:10 +00:00
Dr. Stephen Henson
709a395d1c PR: 2091 
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org

If an OID has no short name or long name return the numerical representation.
 2009-11-10 01:00:07 +00:00
Dr. Stephen Henson
b599006751 PR: 2090 
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org

Improve error checking in asn1_gen.c
 2009-11-10 00:48:07 +00:00
Dr. Stephen Henson
2008e714f3 Add missing functions to allow access to newer X509_STORE_CTX status 
information. Add more informative message to verify callback to indicate
when CRL path validation is taking place.
 2009-10-31 19:22:18 +00:00
Dr. Stephen Henson
45cd59ac71 If not checking all certificates don't attempt to find a CRL 
for the leaf certificate of a CRL path.
 2009-10-23 12:06:35 +00:00
Dr. Stephen Henson
d11d977da4 Need to check <= 0 here. 2009-10-22 23:12:05 +00:00
Dr. Stephen Henson
19a9d0fcea make update 2009-10-18 14:53:00 +00:00
Dr. Stephen Henson
a5b37fca0a Add "missing" function X509_STORE_set_verify_cb(). 2009-10-18 13:24:16 +00:00
Dr. Stephen Henson
636b6b450d PR: 2069 
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

IPv6 support for DTLS.
 2009-10-15 17:41:31 +00:00
Andy Polyakov
b34d449c42 Combat gcc 4.4.1 aliasing rules. 2009-10-06 07:17:57 +00:00
Dr. Stephen Henson
04f9095d9e Fix unitialized warnings 2009-10-04 16:52:51 +00:00
Dr. Stephen Henson
0e039aa797 Fix warnings about ignoring fgets return value 2009-10-04 16:42:56 +00:00
Dr. Stephen Henson
c21869fb07 Prevent ignored return value warning 2009-10-04 14:04:27 +00:00
Dr. Stephen Henson
9a0c776c60 Prevent aliasing warning 2009-10-04 14:02:22 +00:00
Dr. Stephen Henson
77db140f94 Typo. 2009-10-02 18:20:22 +00:00
Dr. Stephen Henson
fecef70773 Yes it is a typo ;-) 2009-10-01 12:17:44 +00:00
Dr. Stephen Henson
e8a682f223 PR: 2062 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BN_rand error handling in bntest.c
 2009-10-01 00:21:20 +00:00
Dr. Stephen Henson
98fbfff417 PR: 2059 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct EVP_SealInit error handling in pem_seal.c
 2009-10-01 00:17:59 +00:00
Dr. Stephen Henson
78ca13a272 PR: 2056 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_wirte error handling in asn1_par.c
 2009-10-01 00:11:04 +00:00
Dr. Stephen Henson
aec13c1a9f PR: 2063 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_write error handling in ocsp_prn.c
 2009-09-30 23:58:37 +00:00
Dr. Stephen Henson
64f0f80eb6 PR: 2057 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_write, BIO_printf, i2a_ASN1_INTEGER and i2a_ASN1_OBJECT
error handling in OCSP print routines.
 2009-09-30 23:55:53 +00:00
Dr. Stephen Henson
d71061122c PR: 2058 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct EVP_DigestVerifyFinal error handling.
 2009-09-30 23:49:11 +00:00
Dr. Stephen Henson
18e503f30f PR: 2064, 728 
Submitted by: steve@openssl.org

Add support for custom headers in OCSP requests.
 2009-09-30 21:40:55 +00:00
Dr. Stephen Henson
b6dcdbfc94 Audit libcrypto for unchecked return values: fix all cases enountered 2009-09-23 23:43:49 +00:00
Dr. Stephen Henson
cd4f7cddc7 Add more return value checking attributes to evp.h and hmac.h 2009-09-23 23:40:13 +00:00
Dr. Stephen Henson
acf20c7dbd Add attribute to check if return value of certain functions is incorrectly 
ignored.
 2009-09-23 16:27:10 +00:00
Dr. Stephen Henson
7c75f462e8 PR: 2050 
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

Fix handling of ENOTCONN and EMSGSIZE for dgram BIOs.
 2009-09-22 11:34:45 +00:00
Dr. Stephen Henson
d636aa7109 PR: 2047 
Submitted by: David Lee <live4thee@gmail.com>, steve@openssl.org
Approved by: steve@openssl.org

Fix for IPv6 handling in BIO_get_accept_socket().
 2009-09-20 16:41:27 +00:00
Dr. Stephen Henson
44c8b81eea Don't use __try+__except unless on VC++ 2009-09-20 12:39:32 +00:00
Andy Polyakov
282feebab3 cmll-x86_64.pl: small buglet in CBC subroutine. 
PR: 2035
 2009-09-17 19:35:13 +00:00
Dr. Stephen Henson
a25f33d28a Submitted by: Julia Lawall <julia@diku.dk> 
The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.
 2009-09-13 11:29:29 +00:00
Dr. Stephen Henson
8c7168698e Seed PRNG with DSA and ECDSA digests for additional protection against 
possible PRNG state duplication.
 2009-09-09 12:15:08 +00:00
Dr. Stephen Henson
f4274da164 PR: 1644 
Submitted by: steve@openssl.org

Fix to make DHparams_dup() et al work in C++.

For 1.0 fix the final argument to ASN1_dup() so it is void *. Replace some
*_dup macros with functions.
 2009-09-06 15:49:46 +00:00
Dr. Stephen Henson
07a9d1a2c2 PR: 2028 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS cookie management bugs.
 2009-09-04 17:42:53 +00:00
Dr. Stephen Henson
4f59432c06 Oops, s can be NULL 2009-09-04 11:30:59 +00:00
Dr. Stephen Henson
fc68056917 PR: 2029 
Submitted by: Tomas Mraz <tmraz@redhat.com>
Checked by: steve@openssl.org

Fix so that the legacy digest EVP_dss1() still works.
 2009-09-02 15:51:19 +00:00
Dr. Stephen Henson
17b5326ba9 PR: 2013 
Submitted by: steve@openssl.org

Include a flag ASN1_STRING_FLAG_MSTRING when a multi string type is created.
This makes it possible to tell if the underlying type is UTCTime,
GeneralizedTime or Time when the structure is reused and X509_time_adj_ex()
can handle each case in an appropriate manner.

Add error checking to CRL generation in ca utility when nextUpdate is being
set.
 2009-09-02 13:54:50 +00:00
Dr. Stephen Henson
38663fcc82 Missing break. 2009-08-31 22:19:26 +00:00
Dr. Stephen Henson
a6dab873d9 PR: 2005 
Submitted by: steve@openssl.org

Some systems have broken IPv6 headers and/or implementations. If
OPENSSL_USE_IPV6 is set to 0 IPv6 is not used, if it is set to 1 it is used
and if undefined an attempt is made to detect at compile time by checking
if AF_INET6 is set and excluding known problem platforms.
 2009-08-26 15:15:15 +00:00
Andy Polyakov
c372482c1b sha1-x86* assembler update: F_40_59 and Atom-specific optimizations. 2009-08-18 19:24:50 +00:00
Dr. Stephen Henson
3ed3603b60 Update default dependency flags. 
Make error name discrepancies a fatal error.
Fix error codes.
make update
 2009-08-12 17:30:37 +00:00
Dr. Stephen Henson
e33d290159 PR: 2004 
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Approved by: steve@openssl.org

Handle fractional seconds properly in ASN1_GENERALIZEDTIME_print
 2009-08-10 14:56:57 +00:00
Dr. Stephen Henson
a0778bfae5 Add COMP error strings. 2009-08-09 14:58:37 +00:00
Dr. Stephen Henson
0f1d77a870 Fix error code. 2009-08-06 16:39:34 +00:00
Dr. Stephen Henson
d9d0f1b52c Reject leading 0x80 in OID subidentifiers. 2009-08-06 16:32:54 +00:00
Dr. Stephen Henson
bc32dbbea9 Oops! 2009-08-05 15:32:10 +00:00
Dr. Stephen Henson
f10f4447da Update from 1.0.0-stable. 2009-08-05 15:29:58 +00:00
Dr. Stephen Henson
d76b8c89ec PR: 2001 
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Add patch: http://cvs.openssl.org/chngview?cn=14635 which never made it to
1.0.0, HEAD.
 2009-08-05 14:55:20 +00:00
Dr. Stephen Henson
512d359e26 Update from 1.0.0-stable. 2009-07-27 21:22:02 +00:00
Dr. Stephen Henson
c869da8839 Update from 1.0.0-stable 2009-07-27 21:10:00 +00:00
Ben Laurie
d80866041e Fix warnings. 2009-07-26 12:09:21 +00:00
Dr. Stephen Henson
75a86fa024 Update from 0.9.8-stable. 2009-07-24 13:48:07 +00:00
Dr. Stephen Henson
6aa220c935 PR: 1990 
Update from 0.9.8-stable
 2009-07-24 13:07:30 +00:00
Dr. Stephen Henson
83019f7e12 Update from 0.9.8-stable. 2009-07-24 11:25:13 +00:00
Dr. Stephen Henson
3c630352e2 Use correct extension and OSX detection. 2009-07-16 09:52:59 +00:00
Dr. Stephen Henson
4a620922e2 Updates from 1.0.0-stable 2009-07-15 18:00:04 +00:00
Dr. Stephen Henson
6bb7dc1e90 Updates from 1.0.0-stable 2009-07-15 11:02:24 +00:00