openssl

mirror of https://github.com/openssl/openssl.git synced 2024-12-03 05:41:46 +08:00

Author	SHA1	Message	Date
Ben Laurie	54a656ef08	Security fixes brought forward from 0.9.7.	2002-11-13 15:43:43 +00:00
Bodo Möller	896e4fef30	avoid Purify warnings Submitted by: Nils Larsch	2002-11-05 13:54:41 +00:00
Bodo Möller	5e3247d8bc	fix typo	2002-11-05 10:54:40 +00:00
Richard Levitte	b6d0defb98	Remove all referenses to RSAref, since that's been gone for more than a year.	2002-10-31 16:46:52 +00:00
Bodo Möller	259cdf2af9	Sun has agreed to removing the covenant language from most files. Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>	2002-10-29 10:59:32 +00:00
Geoff Thorpe	e0db2eed8d	Correct and enhance the behaviour of "internal" session caching as it relates to SSL_CTX flags and the use of "external" session caching. The existing flag, "SSL_SESS_CACHE_NO_INTERNAL_LOOKUP" remains but is supplemented with a complimentary flag, "SSL_SESS_CACHE_NO_INTERNAL_STORE". The bitwise OR of the two flags is also defined as "SSL_SESS_CACHE_NO_INTERNAL" and is the flag that should be used by most applications wanting to implement session caching entirely by its own provided callbacks. As the documented behaviour contradicted actual behaviour up until recently, and since that point behaviour has itself been inconsistent anyway, this change should not introduce any compatibility problems. I've adjusted the relevant documentation to elaborate about how this works. Kudos to "Nadav Har'El" <nyh@math.technion.ac.il> for diagnosing these anomalies and testing this patch for correctness. PR: 311	2002-10-29 00:33:04 +00:00
Bodo Möller	00a357ab20	increase permissible message length so that we can handle CertificateVerify for 4096 bit RSA signatures	2002-10-28 15:45:51 +00:00
Richard Levitte	28c8a911bd	Typos. PR: 189	2002-10-15 20:30:56 +00:00
Richard Levitte	437d1ed49f	Typos. PR: 189	2002-10-15 20:29:09 +00:00
Richard Levitte	677532629d	makedepend complains when a header file is included more than once in the same source file.	2002-10-14 10:02:36 +00:00
Richard Levitte	ef0baf60aa	Typo	2002-10-10 08:32:39 +00:00
Richard Levitte	7ba3a4c3d2	RFC 2712 redefines the codes for use of Kerberos 5 in SSL/TLS. PR: 189	2002-10-10 07:59:03 +00:00
Richard Levitte	001ab3abad	Use double dashes so makedepend doesn't misunderstand the flags we give it. For 0.9.7 and up, that means util/domd needs to remove those double dashes from the argument list when gcc is used to find the dependencies.	2002-10-09 13:25:12 +00:00
Bodo Möller	929f116733	fix more race conditions Submitted by: "Patrick McCormick" <patrick@tellme.com> PR: 262	2002-09-26 15:52:34 +00:00
Lutz Jänicke	ba5ba5490d	Add missing brackets. Submitted by: "Chris Brook" <cbrook@v-one.com>	2002-09-25 20:19:04 +00:00
Bodo Möller	b8565a9af9	really fix race conditions Submitted by: "Patrick McCormick" <patrick@tellme.com> PR: 262 PR: 291	2002-09-25 15:38:57 +00:00
Bodo Möller	e78f137899	really fix race condition PR: 262	2002-09-23 14:25:07 +00:00
Bodo Möller	a4f53a1c73	there is no minimum length for session IDs PR: 274	2002-09-19 11:44:07 +00:00
Bodo Möller	a90ae02454	fix race condition PR: 262	2002-09-19 11:26:45 +00:00
Lutz Jänicke	82a20fb0f0	Reorder cleanup sequence in SSL_CTX_free() to leave ex_data for remove_cb(). Submitted by: Reviewed by: PR: 212	2002-08-16 17:04:04 +00:00
Bodo Möller	52c29b7b99	use correct function code in error message	2002-08-15 16:17:20 +00:00
Richard Levitte	265e892fed	Sometimes, the value of the variable containing the compiler call can become rather large. This becomes a problem when the default 1024 character large buffer that WRITE uses isn't enough. WRITE/SYMBOL uses a 2048 byte large buffer instead.	2002-08-15 08:28:38 +00:00
Richard Levitte	90f5a2b6fe	Instead of returning errors when certain flags are unusable, just ignore them. That will make the test go through even if DH (or in some cases ECDH) aren't built into OpenSSL. PR: 216, part 2	2002-08-14 12:16:27 +00:00
Bodo Möller	aa1e56b0b9	remove comment Submitted by: Douglas Stebila	2002-08-12 08:54:40 +00:00
Bodo Möller	7ef524ea1c	remove debug messages Submitted by: Douglas Stebila	2002-08-12 08:52:23 +00:00
Bodo Möller	0c7141a343	fix comment Submitted by: Douglas Stebila	2002-08-12 08:51:30 +00:00
Bodo Möller	5488bb6197	get rid of EVP_PKEY_ECDSA (now we have EVP_PKEY_EC instead) Submitted by: Nils Larsch	2002-08-12 08:47:41 +00:00
Bodo Möller	74cc4903ef	make update	2002-08-09 12:16:15 +00:00
Bodo Möller	41fdcfa71e	fix warnings	2002-08-09 11:58:28 +00:00
Bodo Möller	ea26226046	ECC ciphersuite support Submitted by: Douglas Stebila <douglas.stebila@sun.com> (Authors: Vipul Gupta and Sumit Gupta, Sun Microsystems Laboratories)	2002-08-09 08:56:08 +00:00
Bodo Möller	db4f691f9f	oops -- must use EVP_MD_size, not EVP_MD_block_size	2002-08-03 18:49:39 +00:00
Bodo Möller	5574e0ed41	get rid of OpenSSLDie	2002-08-02 11:48:15 +00:00
Richard Levitte	e70a39830c	Make sure to use $(MAKE) everywhere instead of make. Part of PR 181	2002-07-31 13:49:06 +00:00
Lutz Jänicke	dd7ab82e75	Typo. Submitted by: Jeffrey Altman <jaltman@columbia.edu> Reviewed by: PR: 169	2002-07-30 13:36:31 +00:00
Lutz Jänicke	c046fffa16	OpenSSL Security Advisory [30 July 2002] Changes marked "(CHATS)" were sponsored by the Defense Advanced Research Projects Agency (DARPA) and Air Force Research Laboratory, Air Force Materiel Command, USAF, under agreement number F30602-01-2-0537.	2002-07-30 13:04:04 +00:00
Lutz Jänicke	3aecef7697	"make update"	2002-07-30 12:44:33 +00:00
Lutz Jänicke	c6ccf055ba	New cipher selection options COMPLEMENTOFALL and COMPLEMENTOFDEFAULT. Submitted by: Reviewed by: PR: 127	2002-07-19 19:55:34 +00:00
Bodo Möller	5dbd3efce7	Replace 'ecdsaparam' commandline utility by 'ecparam' (the same keys can be used for ECC schemes other than ECDSA) and add some new options. Similarly, use string "EC PARAMETERS" instead of "ECDSA PARAMETERS" in 'PEM' format. Fix ec_asn1.c (take into account the desired conversion form). 'make update'. Submitted by: Nils Larsch	2002-07-14 16:54:31 +00:00
Lutz Jänicke	7b63c0fa8c	Reorder inclusion of header files: des_old.h redefines crypt: #define crypt(b,s)\ DES_crypt((b),(s)) This scheme leads to failure, if header files with the OS's true definition of crypt() are processed _after_ des_old.h was processed. This is e.g. the case on HP-UX with unistd.h. As evp.h now again includes des.h (which includes des_old.h), this problem only came up after this modification. Solution: move header files (indirectly) including e_os.h before the header files (indirectly) including evp.h. Submitted by: Reviewed by: PR:	2002-07-10 07:01:54 +00:00
Lutz Jänicke	063a8905bf	Ciphers with NULL encryption were not properly handled because they were not covered by the strength bit mask. Submitted by: Reviewed by: PR: 130	2002-07-10 06:41:55 +00:00
Bodo Möller	d1d0be3cd2	emtpy fragments are not necessary for SSL_eNULL (but noone uses it anyway) fix t1_enc.c: use OPENSSL_NO_RC4, not NO_RC4	2002-07-09 08:49:09 +00:00
Bodo Möller	ea4f109c99	AES cipher suites are now official (RFC3268)	2002-07-04 08:51:09 +00:00
Richard Levitte	17085b022c	Pass CFLAG to dependency makers, so non-standard system include paths are handled properly. Part of PR 75	2002-06-27 16:39:25 +00:00
Bodo Möller	c21506ba02	New option SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS for disabling CBC vulnerability workaround (included in SSL_OP_ALL). PR: #90	2002-06-14 12:21:11 +00:00
Richard Levitte	b2c04539a1	Merge from 0.9.7-stable.	2002-06-06 07:22:33 +00:00
Richard Levitte	a9a025d08c	Recover from errors	2002-05-23 23:31:22 +00:00
Richard Levitte	b935754cb0	Allow the use of the TCP/IP stack keyword TCPIP and NONE	2002-05-22 11:37:20 +00:00
Bodo Möller	98a9092af1	Fix ciphersuite list to enforce low priority for RC4.	2002-05-07 08:36:26 +00:00
Bodo Möller	87108f5af9	ensure that, for each strength, RC4 ciphers have least preference in the default ciphersuite list	2002-05-07 07:59:35 +00:00
Bodo Möller	f257d984b7	refer to latest draft for AES ciphersuites	2002-05-07 07:55:36 +00:00

1 2 3 4 5 ...

549 Commits