Commits · 4fa3f08fee253020ea152e11ff1f6fdcab79424f · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Oct 13, 2016
- Remove automatic RPATH - Add a CHANGES entry · 38be1ea8
  Richard Levitte authored Oct 12, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  38be1ea8
Sep 26, 2016
- Updates CHANGES and NEWS for new release · 3133c2d3
  Matt Caswell authored Sep 26, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  3133c2d3
Sep 22, 2016
- Updates CHANGES and NEWS for new release · 39c136cc
  Matt Caswell authored Sep 21, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  39c136cc
Sep 14, 2016
- Document the new SHA256 and SHA512 password generation options · 2e04d6cc
  Richard Levitte authored Sep 14, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  2e04d6cc
Aug 25, 2016

Remove note from CHANGES about EC DRBG · bbf73f84

Matt Caswell authored Aug 25, 2016

EC DRBG support was added in 7fdcb457

 in 2011 and then later removed.
However the CHANGES entry for its original addition was left behind.
This just removes the spurious CHANGES entry.

Reviewed-by: Stephen Henson <steve@openssl.org>

bbf73f84

Update CHANGES, NEWS, README and opensslv.h on master · 156e34f2
Richard Levitte authored Aug 25, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
156e34f2
CHANGES: mention Windows UTF-8 opt-in option. · eedb9db9
Andy Polyakov authored Aug 25, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
eedb9db9

Aug 24, 2016
- Put DES into "not default" category. · ef28891b
  Rich Salz authored Aug 18, 2016
```
Add CVE to CHANGES

Reviewed-by: Emilia Käsper <emilia@openssl.org>
```
  ef28891b
- To avoid SWEET32 attack, move 3DES to weak · d33726b9
  Rich Salz authored Jul 30, 2016
```
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
```
  d33726b9
Aug 13, 2016
- update CHANGES · 3d9a51f7
  Dr. Stephen Henson authored Aug 13, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  3d9a51f7
Aug 05, 2016

fixing too optimistic typo-fix · 5e93e5fc

klemens authored Aug 05, 2016



Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1413)

5e93e5fc

spelling fixes, just comments and readme. · 60250017

klemens authored Aug 05, 2016



Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1413)

60250017

Aug 04, 2016

Fix date in CHANGES · c98740f8

Matt Caswell authored Aug 04, 2016

The release scripts expect to see the date "xx XXX xxxx" in CHANGES. At
some point the year got changed from xxxx to 2016. This changes it back.

Reviewed-by: Richard Levitte <levitte@openssl.org>

c98740f8

Jun 20, 2016

Change default directory for the .rnd file on Windows and VMS · b8f304f7

Richard Levitte authored Jun 20, 2016



The previous change for Windows wasn't quite right.  Corrected to use
%HOME%, %USERPROFILE% and %SYSTEMPROFILE%, in that order.

Also adding the default home for VMS, SYS$LOGIN:

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>

b8f304f7

Jun 17, 2016

Change default directory for storing the .rnd file on Windows · 13c03c8d

Matt Caswell authored Jun 15, 2016



Previously we would try %RANDFILE%, then %HOME% and finally "C:".
Unfortunately this often ends up being "C:" which the user may not
have write permission for.

Now we try %RANDFILE% first, and then the same set of environment vars
as GetTempFile() uses, i.e. %TMP%, then %TEMP%, %USERPROFILE% and
%SYSTEMROOT%. If all else fails we fall back to %HOME% and only then "C:".

Reviewed-by: Rich Salz <rsalz@openssl.org>

13c03c8d

Jun 16, 2016

Change the return type of EVP_EncodeUpdate · cf3404fc

Matt Caswell authored Apr 25, 2016

Previously EVP_EncodeUpdate returned a void. However there are a couple
of error conditions that can occur. Therefore the return type has been
changed to an int, with 0 indicating error and 1 indicating success.

Reviewed-by: Rich Salz <rsalz@openssl.org>

cf3404fc

Jun 06, 2016

Deprecate the flags that switch off constant time · 5584f65a

Matt Caswell authored May 26, 2016



The flags RSA_FLAG_NO_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME and
DH_FLAG_NO_EXP_CONSTTIME which previously provided the ability to switch
off the constant time implementation for RSA, DSA and DH have been made
no-ops and deprecated.

Reviewed-by: Richard Levitte <levitte@openssl.org>

5584f65a

Jun 01, 2016

Fix some RAND bugs · 0f91e1df

Rich Salz authored May 29, 2016



RT2630 -- segfault for int overlow
RT2877 -- check return values in apps/rand
Update CHANGES file for previous "windows rand" changes.

Reviewed-by: Richard Levitte <levitte@openssl.org>

0f91e1df

May 20, 2016

Rename lh_xxx,sk_xxx tp OPENSSL_{LH,SK}_xxx · 739a1eb1

Rich Salz authored May 20, 2016



Rename sk_xxx to OPENSSL_sk_xxx and _STACK to OPENSSL_STACK
Rename lh_xxx API to OPENSSL_LH_xxx and LHASH_NODE to OPENSSL_LH_NODE
Make lhash stuff opaque.
Use typedefs for function pointers; makes the code simpler.
Remove CHECKED_xxx macros.
Add documentation; remove old X509-oriented doc.
Add API-compat names for entire old API

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

739a1eb1

May 16, 2016

Unify <TYPE>_up_ref methods signature and behaviour. · c5ebfcab

FdaSilvaYY authored Mar 07, 2016



Add a status return value instead of void.
Add some sanity checks on reference counter value.
Update the docs.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

c5ebfcab

May 12, 2016

Windows: When installing libraries and executables, install .pdb files as well · 3ec8a1cf
Richard Levitte authored May 12, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
3ec8a1cf

Remove openssl.spec · d535e565

Richard Levitte authored May 11, 2016



While it seemed like a good idea to have this file once upon a time,
this kind of file belongs with the package maintainer rather than in
our source.

Reviewed-by: Rich Salz <rsalz@openssl.org>

d535e565

Add a case for 64-bit OS X in config · 3dfcb6a0

Richard Levitte authored May 10, 2016



This makes it possible to just run ./config on a x86_64 machine with
no extra fuss.

RT#4356

Reviewed-by: Tim Hudson <tjh@openssl.org>

3dfcb6a0

May 11, 2016

Update pkcs8 defaults. · 8fc06e88

Dr. Stephen Henson authored May 11, 2016



Update pkcs8 utility to use 256 bit AES using SHA256 by default.

Update documentation.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

8fc06e88

May 10, 2016
- IRIX fixes. · c21c7830
  Andy Polyakov authored May 04, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  c21c7830
May 09, 2016
- Missing credit in CHANGES · 191c0e2e
  Rich Salz authored May 09, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  191c0e2e
May 05, 2016

Move 3DES from HIGH to MEDIUM · 4a8e9c22
Rich Salz authored May 05, 2016
```
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
```
4a8e9c22

Fix spelling · d5e86796

FdaSilvaYY authored May 03, 2016



Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>

GH: #1021

d5e86796

May 03, 2016
- Update CHANGES and NEWS for the new release · 6ac83779
  Matt Caswell authored May 03, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  6ac83779
May 02, 2016
- Document the addition of OPENSSL_LOCAL_CONFIG_DIR · afce395c
  Richard Levitte authored May 02, 2016
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
  afce395c
Apr 15, 2016

Make many X509_xxx types opaque. · f0e0fd51

Rich Salz authored Apr 14, 2016



Make X509_OBJECT, X509_STORE_CTX, X509_STORE, X509_LOOKUP,
and X509_LOOKUP_METHOD opaque.
Remove unused X509_CERT_FILE_CTX

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

f0e0fd51

Apr 14, 2016

Make "shared" builds the default · ce942199

Matt Caswell authored Apr 14, 2016



In most cases we expect that people will be using shared libraries not
static ones, therefore we make that the default.

Reviewed-by: Richard Levitte <levitte@openssl.org>

ce942199

Apr 13, 2016

Add a CHANGES entry for removal of Configure options · 4f4d13b1

Matt Caswell authored Apr 13, 2016



Document removal of no-aes, no-hmac, no-rsa, no-sha and no-md5.

Reviewed-by: Richard Levitte <levitte@openssl.org>

4f4d13b1

Add a CHANGES entry for the deprecated cleanup functions · 5eb8f712
Matt Caswell authored Apr 04, 2016
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
5eb8f712

Apr 09, 2016

Adjust --strict-warnings builds in Travis · b5914707

Emilia Kasper authored Apr 05, 2016



In Travis, do --strict-warnings on BUILDONLY configurations. This
ensures that the tests run even if --strict-warnings fail, and avoids
hiding unrelated test failures.

Reviewed-by: Richard Levitte <levitte@openssl.org>

b5914707

Add CHANGES entry for DH and DH_METHOD opacity · 6a47c391
Matt Caswell authored Apr 07, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
6a47c391

Apr 06, 2016
- Update CHANGES with the new about RSA and RSA_METHOD · 36297463
  Richard Levitte authored Apr 02, 2016
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
  36297463
Apr 02, 2016

Added DSA opacity to CHANGES · 3fe85096

Matt Caswell authored Apr 01, 2016



Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>

3fe85096

Mar 29, 2016
- Add a CHANGES entry for opaque BIOs · eb47aae5
  Matt Caswell authored Mar 29, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  eb47aae5
Mar 21, 2016

Remove the no-rijndael option · dc110177

Matt Caswell authored Mar 21, 2016



Rijndael is an old name for AES.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

dc110177