Commit Graph

1092 Commits

Author SHA1 Message Date
Richard Levitte
43ecece595 Merge in relevant changes from the OpenSSL 0.9.6h release. 2002-12-05 21:50:13 +00:00
Dr. Stephen Henson
2053c43de2 In asn1_d2i_read_bio, don't assume BIO_read will
return the requested number of bytes when reading
content.
2002-12-03 23:50:59 +00:00
Richard Levitte
df29cc8f77 Add OPENSSL_cleanse() to help cleanse memory and avoid certain compiler
and linker optimizations.
PR: 343
2002-11-27 12:24:05 +00:00
Richard Levitte
17582ccf21 Heimdal isn't really supported right now. Say so, and offer a possibility
to force the use of Heimdal, and warn if that's used.
PR: 346
2002-11-26 10:11:58 +00:00
Lutz Jänicke
6a8afe2201 Fix bug introduced by the attempt to fix client side external session
caching (#288): now internal caching failed (#351):
Make sure, that cipher_id is set before comparing.
Submitted by:
Reviewed by:
PR: 288 (and 351)
2002-11-20 10:48:58 +00:00
Richard Levitte
20199ca809 Document the addition of certificate pairs. 2002-11-18 23:56:15 +00:00
Richard Levitte
0bf23d9b20 WinCE patches 2002-11-15 22:37:18 +00:00
Richard Levitte
6f17f16fd5 Changes to make shared library building and use work better with Cygwin 2002-11-15 16:48:38 +00:00
Richard Levitte
84034f7aec Document the change to remove the 'done' flag variable in the
OpenSSL_add_all_*() routines
2002-11-15 13:58:11 +00:00
Richard Levitte
0a5942093e We need to read one more byte of the REQUEST-CERTIFICATE message.
PR: 300
2002-11-15 09:15:55 +00:00
Bodo Möller
2b2ab52354 harmonize with 0.9.7 tree 2002-11-14 12:17:47 +00:00
Richard Levitte
83411793b6 Handle last lines that aren't properly terminated.
PR: 308
2002-11-14 06:51:18 +00:00
Ben Laurie
54a656ef08 Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
Richard Levitte
c81a15099a X509_NAME_cmp() now compares PrintableString and emailAddress with a value of type
ia5String correctly.
PR: 244
2002-11-09 21:52:20 +00:00
Bodo Möller
b53e44e572 implement and use new macros BN_get_sign(), BN_set_sign()
Submitted by: Nils Larsch
2002-11-04 13:17:22 +00:00
Geoff Thorpe
9c3db400dc The recent CHANGES note between 0.9.6g and 0.9.6h needs copying into the
other branches.
2002-10-29 18:01:08 +00:00
Bodo Möller
19b8d06a79 clean up new code for NIST primes
create new lock CRYPTO_LOCK_BN to avoid race condition
2002-10-28 14:02:19 +00:00
Bodo Möller
5c6bf03117 fast reduction for NIST curves
Submitted by: Nils Larsch
2002-10-28 13:23:24 +00:00
Richard Levitte
874fee478c Clarify where the engines are by default. 2002-10-12 16:07:31 +00:00
Richard Levitte
6f7c2cb31e Step 14 of move of engines: Final step, document the change. 2002-10-11 22:06:44 +00:00
Bodo Möller
3e06fb754e synchronize with 0.9.7-stable version of this file 2002-10-11 17:56:34 +00:00
Richard Levitte
30afcc072a Move the shared library construction stuff to Makefile.shared, a
helper makefile that generalises our way of building shared libraries
and is designed to take care of almost anything (I hope).
2002-10-11 00:37:11 +00:00
Richard Levitte
7ba3a4c3d2 RFC 2712 redefines the codes for use of Kerberos 5 in SSL/TLS.
PR: 189
2002-10-10 07:59:03 +00:00
Dr. Stephen Henson
fc6a6a1030 Add version info to Win32 DLLs.
We might want to edit the strings a bit...

Maybe add to 0.9.7 too?
2002-10-04 21:22:47 +00:00
Dr. Stephen Henson
9a48b07ee4 Various enhancements to PKCS#12 code, new
medium level API, improved PKCS12_create
and additional functionality in pkcs12
utility.
2002-10-03 23:53:52 +00:00
Dr. Stephen Henson
230fd6b7b6 Preliminary streaming ASN1 encode support. 2002-10-03 12:38:52 +00:00
Bodo Möller
929f116733 fix more race conditions
Submitted by: "Patrick McCormick" <patrick@tellme.com>
PR: 262
2002-09-26 15:52:34 +00:00
Bodo Möller
b8565a9af9 really fix race conditions
Submitted by: "Patrick McCormick" <patrick@tellme.com>

PR: 262
PR: 291
2002-09-25 15:38:57 +00:00
Bodo Möller
e78f137899 really fix race condition
PR: 262
2002-09-23 14:25:07 +00:00
Bodo Möller
a4f53a1c73 there is no minimum length for session IDs
PR: 274
2002-09-19 11:44:07 +00:00
Bodo Möller
a90ae02454 fix race condition
PR: 262
2002-09-19 11:26:45 +00:00
Bodo Möller
9226e2187c Let 'openssl req' fail if an argument to '-newkey' is not
recognized instead of using RSA as a default.
2002-09-10 07:34:45 +00:00
Bodo Möller
ba11121731 -nameopt fix has been moved to 0.9.7 2002-09-02 14:22:51 +00:00
Bodo Möller
ed5e37c309 mention EC_get_builtin_curves() 2002-09-02 07:12:08 +00:00
Dr. Stephen Henson
fc85ac20c7 Make -nameopt work in req and add support for -reqopt 2002-08-22 23:43:48 +00:00
Lutz Jänicke
82a20fb0f0 Reorder cleanup sequence in SSL_CTX_free() to leave ex_data for remove_cb().
Submitted by:
Reviewed by:
PR: 212
2002-08-16 17:04:04 +00:00
Dr. Stephen Henson
3f6db7f518 Fix block_size field for CFB and OFB modes: it should be 1. 2002-08-16 01:53:24 +00:00
Bodo Möller
7eb18f1237 Simplify handling of named curves: get rid of EC_GROUP_new_by_name(),
EC_GROUP_new_by_nid() should be enough.  This avoids a lot of
redundancy.

Submitted by: Nils Larsch
2002-08-15 09:21:31 +00:00
Bodo Möller
749d055eba move a TODO from CHANGES to STATUS 2002-08-14 11:07:29 +00:00
Bodo Möller
49a0f77867 add 'TODO' items 2002-08-14 10:49:29 +00:00
Dr. Stephen Henson
2af52de7b5 Fix typo in OBJ_txt2obj which incorrectly passed the content
length, instead of the encoding length to d2i_ASN1_OBJECT.

This wasn't visible before becuse ASN1_get_object() used
to read past the length of the supplied buffer.
2002-08-14 00:48:02 +00:00
Bodo Möller
8e28c67155 add 0.9.6g information 2002-08-12 08:45:00 +00:00
Bodo Möller
ea26226046 ECC ciphersuite support
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
(Authors: Vipul Gupta and Sumit Gupta, Sun Microsystems Laboratories)
2002-08-09 08:56:08 +00:00
Bodo Möller
e172d60ddb Add ECDH support.
Additional changes:
 - use EC_GROUP_get_degree() in apps/req.c
 - add ECDSA and ECDH to apps/speed.c
 - adds support for EC curves over binary fields to ECDSA
 - new function EC_KEY_up_ref() in crypto/ec/ec_key.c
 - reorganize crypto/ecdsa/ecdsatest.c
 - add engine support for ECDH
 - fix a few bugs in ECDSA engine support

Submitted by: Douglas Stebila <douglas.stebila@sun.com>
2002-08-09 08:43:04 +00:00
Richard Levitte
fbe792f0ac 0.9.6f is released 2002-08-08 22:55:28 +00:00
Dr. Stephen Henson
f908226898 Fix the ASN1 sanity check: correct header length
calculation and check overflow against LONG_MAX.
2002-08-02 18:48:55 +00:00
Bodo Möller
909abce800 disable Sun divison algorithm by default 2002-08-02 18:26:02 +00:00
Bodo Möller
95ecacf8a2 Let BN_rand_range() abort with an error after 100 iterations
without success.
2002-08-02 15:02:03 +00:00
Bodo Möller
6fb60a84dd Change BN_mod_sqrt() so that it verifies that the input value is
really the square of the return value.
2002-08-02 14:57:53 +00:00
Bodo Möller
35b73a1f20 Rename implementations of method functions so that they match
the new method names where _GF... suffixes have been removed.

Revert changes to ..._{get/set}_Jprojective_coordinates_...:
The current implementation for ECC over binary fields does not use
projective coordinates, and if it did, it would not use Jacobian
projective coordinates; so it's OK to use the ..._GFp prefix for all
this.

Add author attributions to some files so that it doesn't look
as if Sun wrote all of this :-)
2002-08-02 14:28:37 +00:00