Commits · 1a489c9af1b0481ad9570968c5fecd56854580db · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

15 Sep, 2008 6 commits
- From branch OpenSSL_0_9_8-stable: Allow soft-loading engines. · 1a489c9a
  Bodo Möller authored Sep 15, 2008
```
Also, fix CHANGES (consistency with stable branch).
```
  1a489c9a
- Add missing CHANGES entry. · 8c864e54
  Dr. Stephen Henson authored Sep 15, 2008
  
  8c864e54
- from 0.9.8 branch · be5707c8
  Bodo Möller authored Sep 15, 2008
  
  be5707c8
- Update FAQ. · 4a4f3071
  Dr. Stephen Henson authored Sep 15, 2008
  
  4a4f3071
- Fix yesterday typos in bss_dgram.c. · d7235a9d
  Andy Polyakov authored Sep 15, 2008
  
  d7235a9d
- Fix build warnings. · fa0f834c
  Geoff Thorpe authored Sep 15, 2008
  
  fa0f834c
14 Sep, 2008 8 commits
- update comment · 96562f2f
  Bodo Möller authored Sep 14, 2008
  
  96562f2f
- Winsock handles SO_RCVTIMEO in unique manner... · b9790c1c
  Andy Polyakov authored Sep 14, 2008
```
PR: 1648
```
  b9790c1c
- oops · fcbdde0d
  Bodo Möller authored Sep 14, 2008
  
  fcbdde0d
- dtls1_write_bytes consumers expect amount of bytes written per call, not · 51ec776b
  Andy Polyakov authored Sep 14, 2008
```
overall.
PR: 1604
```
  51ec776b
- Fix SSL state transitions. · e65bcbce
  Bodo Möller authored Sep 14, 2008
```
Submitted by: Nagendra Modadugu
```
  e65bcbce
- Note about CVS branch inconsistency. · e710de12
  Bodo Möller authored Sep 14, 2008
  
  e710de12
- Really get rid of unsafe double-checked locking. · db99c525
  Bodo Möller authored Sep 14, 2008
```
Also, "CHANGES" clean-ups.
```
  db99c525
- Some precautions to avoid potential security-relevant problems. · f8d6be3f
  Bodo Möller authored Sep 14, 2008
  
  f8d6be3f
13 Sep, 2008 1 commit
- DTLS didn't handle alerts correctly. · d4938995
  Andy Polyakov authored Sep 13, 2008
```
PR: 1632
```
  d4938995
12 Sep, 2008 1 commit
- AIX build updates. · 492279f6
  Andy Polyakov authored Sep 12, 2008
  
  492279f6
10 Sep, 2008 1 commit
- Add SSL_FIPS flag for FIPS 140-2 approved ciphersuites and add a new · 3ad74edc
  Dr. Stephen Henson authored Sep 10, 2008
```
strength "FIPS" to represent all FIPS approved ciphersuites without NULL
encryption.
```
  3ad74edc
09 Sep, 2008 1 commit
- Ignoring errors in makedepend can hide problems. · 2b7b1cad
  Ben Laurie authored Sep 09, 2008
  
  2b7b1cad
07 Sep, 2008 1 commit
- Fix warning. · 43048d13
  Ben Laurie authored Sep 07, 2008
  
  43048d13
03 Sep, 2008 3 commits
- Fix from stable branch. · e8da6a1d
  Dr. Stephen Henson authored Sep 03, 2008
  
  e8da6a1d
- Do not discard cached handshake records during resumed sessions: · 30551400
  Dr. Stephen Henson authored Sep 03, 2008
```
they are used for mac computation.
```
  30551400
- Make no-tlsext compile. · 0702150f
  Dr. Stephen Henson authored Sep 03, 2008
  
  0702150f
01 Sep, 2008 2 commits
- Perl script to run and verify OpenSSL against PKITS RFC3280 compliance · a0ee0815
  Dr. Stephen Henson authored Sep 01, 2008
```
test suite.
```
  a0ee0815
- Initial support for delta CRLs. If "use deltas" flag is set attempt to find · d43c4497
  Dr. Stephen Henson authored Sep 01, 2008
```
a delta CRL in addition to a full CRL. Check and search delta in addition to
the base.
```
  d43c4497
29 Aug, 2008 1 commit
- Add support for CRLs partitioned by reason code. · 4b96839f
  Dr. Stephen Henson authored Aug 29, 2008
```
Tidy CRL scoring system.

Add new CRL path validation error.
```
  4b96839f
27 Aug, 2008 1 commit
- Add support for freshest CRL extension. · 249a77f5
  Dr. Stephen Henson authored Aug 27, 2008
  
  249a77f5
20 Aug, 2008 1 commit
- Initial indirect CRL support. · d0fff69d
  Dr. Stephen Henson authored Aug 20, 2008
  
  d0fff69d
18 Aug, 2008 1 commit
- Support for certificateIssuer CRL entry extension. · 8c9bd893
  Dr. Stephen Henson authored Aug 18, 2008
  
  8c9bd893
14 Aug, 2008 1 commit
- Don't use assertions to check application-provided arguments; · 2e415778
  Bodo Möller authored Aug 14, 2008
```
and don't unnecessarily fail on input size 0.
```
  2e415778
13 Aug, 2008 4 commits
- sanity check · 1cbf663a
  Bodo Möller authored Aug 13, 2008
```
PR: 1679
```
  1cbf663a
- fix error function codes · 9be8035b
  Bodo Möller authored Aug 13, 2008
  
  9be8035b
- Mention ERR_remove_state() deprecation, and ERR_remove_thread_state(NULL). · 2ecd2ede
  Bodo Möller authored Aug 13, 2008
  
  2ecd2ede
- Initial support for CRL path validation. This supports distinct certificate · 9d84d4ed
  Dr. Stephen Henson authored Aug 13, 2008
```
and CRL signing keys.
```
  9d84d4ed
12 Aug, 2008 2 commits

Initial code to support distinct certificate and CRL signing keys where the · 2e0c7db9
Dr. Stephen Henson authored Aug 12, 2008
```
CRL issuer is not part of the main path.

Not complete yet and not compiled in because the CRL issuer certificate is
not validated.
```
2e0c7db9

Support for policy mappings extension. · 002e66c0

Dr. Stephen Henson authored Aug 12, 2008

Delete X509_POLICY_REF code.

Fix handling of invalid policy extensions to return the correct error.

Add command line option to inhibit policy mappings.

002e66c0

08 Aug, 2008 1 commit
- Initial support for name constraints certificate extension. · e9746e03
  Dr. Stephen Henson authored Aug 08, 2008
```
TODO: robustness checking on name forms.
```
  e9746e03
06 Aug, 2008 4 commits
- Correct the FAQ and the threads man page re: CRYPTO_THREADID changes. · ab9c689a
  Geoff Thorpe authored Aug 06, 2008
  
  ab9c689a
- Remove the dual-callback scheme for numeric and pointer thread IDs, · 4c329696
  Geoff Thorpe authored Aug 06, 2008
```
deprecate the original (numeric-only) scheme, and replace with the
CRYPTO_THREADID object. This hides the platform-specifics and should reduce
the possibility for programming errors (where failing to explicitly check
both thread ID forms could create subtle, platform-specific bugs).

Thanks to Bodo, for invaluable review and feedback.
```
  4c329696
- sha1-armv4-large cosmetics. · 96826bfc
  Andy Polyakov authored Aug 06, 2008
  
  96826bfc
- sha1-armv4-large.pl performance improvement. On PXA255 it gives +10% on · eb1aa135
  Andy Polyakov authored Aug 06, 2008
```
8KB block, +60% on 1KB, +160% on 256B...
```
  eb1aa135