Loading CHANGES +4 −0 Original line number Original line Diff line number Diff line Loading @@ -4,6 +4,10 @@ Changes between 0.9.4 and 0.9.5 [xx XXX 2000] Changes between 0.9.4 and 0.9.5 [xx XXX 2000] *) Allow for the possibility of temp RSA key generation failure: the code used to assume it always worked and crashed on failure. [Steve Henson] *) Fix potential buffer overrun problem in BIO_printf(). *) Fix potential buffer overrun problem in BIO_printf(). [Ulf Möller, using public domain code by Patrick Powell; problem [Ulf Möller, using public domain code by Patrick Powell; problem pointed out by David Sacerdote <das33@cornell.edu>] pointed out by David Sacerdote <das33@cornell.edu>] Loading FAQ +3 −0 Original line number Original line Diff line number Diff line Loading @@ -44,6 +44,9 @@ might want to read Ariel Glenn's documentation on SSLeay 0.9, OpenSSL's predecessor, at <URL: http://www.columbia.edu/~ariel/ssleay/>. Much predecessor, at <URL: http://www.columbia.edu/~ariel/ssleay/>. Much of this still applies to OpenSSL. of this still applies to OpenSSL. There is some documentation about certificate extensions and PKCS#12 in doc/openssl.txt The original SSLeay documentation is included in OpenSSL as The original SSLeay documentation is included in OpenSSL as doc/ssleay.txt. It may be useful when none of the other ressources doc/ssleay.txt. It may be useful when none of the other ressources help, but please note that it reflects the obsolete version SSLeay help, but please note that it reflects the obsolete version SSLeay Loading crypto/err/openssl.ec +2 −2 Original line number Original line Diff line number Diff line Loading @@ -48,11 +48,11 @@ R SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048 R SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 R SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 R SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 R SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 R SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051 R SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051 R SSL_R_TLSV1_ALERT_EXPORT_RESTRICION 1060 R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060 R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 R SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 R SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 R SSL_R_TLSV1_ALERT_USER_CANCLED 1090 R SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 R RSAREF_R_CONTENT_ENCODING 0x0400 R RSAREF_R_CONTENT_ENCODING 0x0400 Loading ssl/s3_srvr.c +6 −0 Original line number Original line Diff line number Diff line Loading @@ -955,6 +955,12 @@ static int ssl3_send_server_key_exchange(SSL *s) rsa=s->cert->rsa_tmp_cb(s, rsa=s->cert->rsa_tmp_cb(s, SSL_C_IS_EXPORT(s->s3->tmp.new_cipher), SSL_C_IS_EXPORT(s->s3->tmp.new_cipher), SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)); SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)); if(rsa == NULL) { al=SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_ERROR_GENERATING_TMP_RSA_KEY); goto f_err; } CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA); CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA); cert->rsa_tmp=rsa; cert->rsa_tmp=rsa; } } Loading ssl/ssl.h +1 −0 Original line number Original line Diff line number Diff line Loading @@ -1372,6 +1372,7 @@ int SSL_COMP_add_compression_method(int id,char *cm); #define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148 #define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148 #define SSL_R_DIGEST_CHECK_FAILED 149 #define SSL_R_DIGEST_CHECK_FAILED 149 #define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150 #define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150 #define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 1092 #define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151 #define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151 #define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 #define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 #define SSL_R_EXTRA_DATA_IN_MESSAGE 153 #define SSL_R_EXTRA_DATA_IN_MESSAGE 153 Loading Loading
CHANGES +4 −0 Original line number Original line Diff line number Diff line Loading @@ -4,6 +4,10 @@ Changes between 0.9.4 and 0.9.5 [xx XXX 2000] Changes between 0.9.4 and 0.9.5 [xx XXX 2000] *) Allow for the possibility of temp RSA key generation failure: the code used to assume it always worked and crashed on failure. [Steve Henson] *) Fix potential buffer overrun problem in BIO_printf(). *) Fix potential buffer overrun problem in BIO_printf(). [Ulf Möller, using public domain code by Patrick Powell; problem [Ulf Möller, using public domain code by Patrick Powell; problem pointed out by David Sacerdote <das33@cornell.edu>] pointed out by David Sacerdote <das33@cornell.edu>] Loading
FAQ +3 −0 Original line number Original line Diff line number Diff line Loading @@ -44,6 +44,9 @@ might want to read Ariel Glenn's documentation on SSLeay 0.9, OpenSSL's predecessor, at <URL: http://www.columbia.edu/~ariel/ssleay/>. Much predecessor, at <URL: http://www.columbia.edu/~ariel/ssleay/>. Much of this still applies to OpenSSL. of this still applies to OpenSSL. There is some documentation about certificate extensions and PKCS#12 in doc/openssl.txt The original SSLeay documentation is included in OpenSSL as The original SSLeay documentation is included in OpenSSL as doc/ssleay.txt. It may be useful when none of the other ressources doc/ssleay.txt. It may be useful when none of the other ressources help, but please note that it reflects the obsolete version SSLeay help, but please note that it reflects the obsolete version SSLeay Loading
crypto/err/openssl.ec +2 −2 Original line number Original line Diff line number Diff line Loading @@ -48,11 +48,11 @@ R SSL_R_TLSV1_ALERT_UNKNOWN_CA 1048 R SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 R SSL_R_TLSV1_ALERT_ACCESS_DENIED 1049 R SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 R SSL_R_TLSV1_ALERT_DECODE_ERROR 1050 R SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051 R SSL_R_TLSV1_ALERT_DECRYPT_ERROR 1051 R SSL_R_TLSV1_ALERT_EXPORT_RESTRICION 1060 R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION 1060 R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 R SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 R SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 R SSL_R_TLSV1_ALERT_USER_CANCLED 1090 R SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 R RSAREF_R_CONTENT_ENCODING 0x0400 R RSAREF_R_CONTENT_ENCODING 0x0400 Loading
ssl/s3_srvr.c +6 −0 Original line number Original line Diff line number Diff line Loading @@ -955,6 +955,12 @@ static int ssl3_send_server_key_exchange(SSL *s) rsa=s->cert->rsa_tmp_cb(s, rsa=s->cert->rsa_tmp_cb(s, SSL_C_IS_EXPORT(s->s3->tmp.new_cipher), SSL_C_IS_EXPORT(s->s3->tmp.new_cipher), SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)); SSL_C_EXPORT_PKEYLENGTH(s->s3->tmp.new_cipher)); if(rsa == NULL) { al=SSL_AD_HANDSHAKE_FAILURE; SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_ERROR_GENERATING_TMP_RSA_KEY); goto f_err; } CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA); CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA); cert->rsa_tmp=rsa; cert->rsa_tmp=rsa; } } Loading
ssl/ssl.h +1 −0 Original line number Original line Diff line number Diff line Loading @@ -1372,6 +1372,7 @@ int SSL_COMP_add_compression_method(int id,char *cm); #define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148 #define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 148 #define SSL_R_DIGEST_CHECK_FAILED 149 #define SSL_R_DIGEST_CHECK_FAILED 149 #define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150 #define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150 #define SSL_R_ERROR_GENERATING_TMP_RSA_KEY 1092 #define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151 #define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151 #define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 #define SSL_R_EXCESSIVE_MESSAGE_SIZE 152 #define SSL_R_EXTRA_DATA_IN_MESSAGE 153 #define SSL_R_EXTRA_DATA_IN_MESSAGE 153 Loading
