Dr. Stephen Henson
cab6de03a2
PR: 2149
...
Submitted by: Douglas Stebila <douglas@stebila.ca>
Fix wap OIDs.
2010-01-25 16:07:42 +00:00
Richard Levitte
2d851ab919
There's really no need to use $ENV::HOME
2010-01-25 00:22:57 +00:00
Richard Levitte
04dbf0272e
Forgot to correct the definition of __arch in this file.
...
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:21:12 +00:00
Richard Levitte
d15dd388c1
It seems like sslroot: needs to be defined for some tests to work.
...
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:20:29 +00:00
Richard Levitte
c3502985b2
Compile t1_reneg on VMS as well.
...
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:19:31 +00:00
Richard Levitte
6fa0608eaf
A few more macros for long symbols.
...
Submitted by Steven M. Schweda <sms@antinode.info>
2010-01-25 00:18:29 +00:00
Andy Polyakov
3f2a98acbf
ia64cpuid.S: OPENSSL_cleanse to accept zero length parameter.
2010-01-24 17:08:52 +00:00
Dr. Stephen Henson
bc120a54c9
PR: 2153, 2125
...
Submitted by: steve@openssl.org
The original fix for PR#2125 broke compilation on some Unixware platforms:
revert and make conditional on VMS.
2010-01-24 16:57:20 +00:00
Andy Polyakov
82a66ce313
pariscid.pl: OPENSSL_cleanse to compile on PA-RISC 2.0W and to accept zero
...
length parameter.
2010-01-24 15:04:28 +00:00
Andy Polyakov
7676eebf42
OPENSSL_cleanse to accept zero length parameter [matching C implementation].
2010-01-24 14:54:24 +00:00
Dr. Stephen Henson
21a5c040e5
The fix for PR#1949 unfortunately broke cases where the BIO_CTRL_WPENDING
...
ctrl is incorrectly implemented (e.g. some versions of Apache). As a workaround
call both BIO_CTRL_INFO and BIO_CTRL_WPENDING if it returns zero. This should
both address the original bug and retain compatibility with the old behaviour.
2010-01-24 13:54:20 +00:00
Dr. Stephen Henson
ba64ae6cd1
Tolerate PKCS#8 DSA format with negative private key.
2010-01-22 20:17:12 +00:00
Dr. Stephen Henson
3a88efd48c
If legacy renegotiation is not permitted then send a fatal alert if a patched
...
server attempts to renegotiate with an unpatched client.
2010-01-22 18:49:34 +00:00
Dr. Stephen Henson
3243698f1d
typo
2010-01-21 18:46:15 +00:00
Dr. Stephen Henson
55f39a199d
fix comments
2010-01-21 01:17:17 +00:00
Dr. Stephen Henson
49371e3acb
oops
2010-01-20 17:59:53 +00:00
Dr. Stephen Henson
eb125795d2
update NEWS file
2010-01-20 17:56:34 +00:00
Dr. Stephen Henson
3ec5f38b47
Update demo
2010-01-20 14:06:21 +00:00
Dr. Stephen Henson
a70e377fd8
Support -L options in VC++ link.
2010-01-20 14:04:44 +00:00
Andy Polyakov
b3020393f2
rand_win.c: fix time limit logic.
2010-01-19 20:35:22 +00:00
Dr. Stephen Henson
071ef65cfa
The use of NIDs in the password based encryption table can result in
...
algorithms not found when an application uses PKCS#12 and only calls
SSL_library_init() instead of OpenSSL_add_all_algorithms(). Simple
work around is to add the missing algorithm (40 bit RC2) in
SSL_library_init().
2010-01-19 19:56:06 +00:00
Dr. Stephen Henson
d5e8d8b547
PR: 2141
...
Submitted by: "NARUSE, Yui" <naruse@airemix.jp>
Remove non-ASCII comment which causes compilation errors on some versions
of VC++.
2010-01-19 19:28:18 +00:00
Dr. Stephen Henson
0debb681e1
PR: 2144
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Better fix for PR#2144
2010-01-19 19:11:35 +00:00
Andy Polyakov
46c42e78ff
Enable PA-RISC assembler in Configure (feedback from PA-RISC 2.0 is still
...
needed).
2010-01-19 17:10:24 +00:00
Andy Polyakov
ee2b8ed2f5
x86_64-xlate.pl: refine sign extension logic when handling lea.
...
PR: 2094,2095
2010-01-19 16:15:23 +00:00
Andy Polyakov
7a6e0901ff
rand_win.c: handle GetTickCount wrap-around.
2010-01-19 13:48:18 +00:00
Andy Polyakov
91fdacb2c3
s390x assembler update: add support for run-time facility detection.
2010-01-19 12:24:59 +00:00
Andy Polyakov
d582c98d8f
apps/speed.c: limit loop counters to 2^31 in order to avoid overflows
...
in performance calculations. For the moment there is only one code
fast enough to suffer from this: Intel AES-NI engine.
PR: 2096
2010-01-17 17:31:38 +00:00
Andy Polyakov
78a533cb93
Minor updates to ppccap.c and ppccpuid.pl.
2010-01-17 13:44:14 +00:00
Andy Polyakov
4f38565204
bn_lcl.h: add MIPS III-specific BN_UMULT_LOHI as alternative to porting
...
crypto/bn/asm/mips3.s from IRIX. Performance improvement is not as
impressive as with complete assembler, but still... it's almost 2.5x
[on R5000].
2010-01-17 12:08:24 +00:00
Andy Polyakov
4407700c40
ia64-mont.pl: add shorter vector support ("shorter" refers to 512 bits and
...
less).
2010-01-17 11:33:59 +00:00
Dr. Stephen Henson
72a9776abc
PR: 2135
...
Submitted by: Mike Frysinger <vapier@gentoo.org>
Change missed references to lib to $(LIBDIR)
2010-01-16 20:05:59 +00:00
Dr. Stephen Henson
8d39d2800a
PR: 2144
...
Submitted by: steve@openssl.org
Fix DTLS connection so new_session is reset if we read second client hello:
new_session is used to detect renegotiation.
2010-01-16 19:46:10 +00:00
Dr. Stephen Henson
598b562a7f
PR: 2133
...
Submitted by: steve@openssl.org
Add missing DTLS state strings.
2010-01-16 19:20:52 +00:00
Dr. Stephen Henson
dac40f87df
convert to Unix EOL form
2010-01-15 15:26:12 +00:00
Dr. Stephen Henson
031c78901b
make update
2010-01-15 15:24:19 +00:00
Dr. Stephen Henson
ce1ec9c35e
PR: 2125
...
Submitted by: "Alon Bar-Lev" <alon.barlev@gmail.com>
Fix gcc-aix compilation issue.
2010-01-14 17:51:29 +00:00
Dr. Stephen Henson
bd5f21a4ae
Fix version handling so it can cope with a major version >3.
...
Although it will be many years before TLS v2.0 or later appears old versions
of servers have a habit of hanging around for a considerable time so best
if we handle this properly now.
2010-01-13 19:08:02 +00:00
Dr. Stephen Henson
1b31b5ad56
Modify compression code so it avoids using ex_data free functions. This
...
stops applications that call CRYPTO_free_all_ex_data() prematurely leaking
memory.
2010-01-13 18:57:40 +00:00
Dr. Stephen Henson
97438f38df
update and sync ordinals
2010-01-12 17:34:39 +00:00
Dr. Stephen Henson
0e0c6821fa
PR: 2136
...
Submitted by: Willy Weisz <weisz@vcpc.univie.ac.at>
Add options to output hash using older algorithm compatible with OpenSSL
versions before 1.0.0
2010-01-12 17:29:34 +00:00
Dr. Stephen Henson
423c66f10e
Simplify RI+SCSV logic:
...
1. Send SCSV is not renegotiating, never empty RI.
2. Send RI if renegotiating.
2010-01-07 19:04:52 +00:00
Andy Polyakov
74f2260694
ia64-mont.pl: addp4 is not needed when referring to stack (this is 32-bit
...
HP-UX thing).
2010-01-07 15:36:59 +00:00
Andy Polyakov
25d1d62275
http://cvs.openssl.org/chngview?cn=19053 made me wonder if bind() and
...
connect() are as finicky as sendto() when it comes to socket address
length. As it turned out they are, therefore the fix. Note that you
can't reproduce the problem on Linux, it was failing on Solaris,
FreeBSD, most likely on more...
2010-01-07 13:12:30 +00:00
Andy Polyakov
9b5ca55695
sendto is reportedly picky about destination socket address length.
...
PR: 2114
Submitted by: Robin Seggelmann
2010-01-07 10:42:39 +00:00
Andy Polyakov
cba9ffc32a
Fix compilation on older Linux. Linux didn't always have sockaddr_storage,
...
not to mention that first sockaddr_storage had __ss_family, not ss_family.
In other words it makes more sense to avoid sockaddr_storage...
2010-01-06 21:22:56 +00:00
Dr. Stephen Henson
76998a71bc
Updates to conform with draft-ietf-tls-renegotiation-03.txt:
...
1. Add provisional SCSV value.
2. Don't send SCSV and RI at same time.
3. Fatal error is SCSV received when renegotiating.
2010-01-06 17:37:09 +00:00
Dr. Stephen Henson
dd792d6222
Missing commit from change ofr compress_meth to unsigned
2010-01-06 17:35:27 +00:00
Dr. Stephen Henson
82a107eaa8
compress_meth should be unsigned
2010-01-06 14:01:45 +00:00
Dr. Stephen Henson
f8e1ab79f5
ENGINE_load_capi() now exists on all platforms (but no op on non-WIN32)
2010-01-06 13:21:08 +00:00