Commits · bc06baca76534abc2048a3ac4d109b144da4b706 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Apr 07, 2010

Add SHA2 algorithms to SSL_library_init(). Although these aren't used · bc06baca

Dr. Stephen Henson authored Apr 07, 2010

directly by SSL/TLS SHA2 certificates are becoming more common and
applications that only call SSL_library_init() and not
OpenSSL_add_all_alrgorithms() will fail when verifying certificates.

Update docs.

bc06baca

Apr 06, 2010
- Remove obsolete PRNG note. Add comment about use of SHA256 et al. · 9eeb779e
  Dr. Stephen Henson authored Apr 06, 2010
  
  9eeb779e
- PR: 2209 · fe171f9c
  Dr. Stephen Henson authored Apr 06, 2010
```
Submitted Daniel Mentz <danielml@sent.com>

Documentation typo.
```
  fe171f9c
- PR: 2218 · 5e613d54
  Dr. Stephen Henson authored Apr 06, 2010
```
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS replay bug.
```
  5e613d54
- PR: 2219 · 56e930eb
  Dr. Stephen Henson authored Apr 06, 2010
```
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS buffering bug.
```
  56e930eb
- PR: 2223 · 4a052f0b
  Dr. Stephen Henson authored Apr 06, 2010
```
Submitted By: Robin Seggelmann <seggelmann@fh-muenster.de>

Fixes for DTLS timeout bug
```
  4a052f0b
Mar 30, 2010
- make no-comp compile again · f34e79f2
  Dr. Stephen Henson authored Mar 30, 2010
  
  f34e79f2
- make FAQ, STATUS consistent with other branches · ef1fe909
  Dr. Stephen Henson authored Mar 30, 2010
  
  ef1fe909
Mar 29, 2010
- md32_common.h: fix copy-n-paste typo. The typo was present in 098 only. · c25e8ee9
  Andy Polyakov authored Mar 29, 2010
  
  c25e8ee9
Mar 28, 2010

PR: 1696 · 4525a048
Dr. Stephen Henson authored Mar 28, 2010
```
Check return value if d2i_PBEPARAM().
```
4525a048

PR: 2083 · f421a52f

Dr. Stephen Henson authored Mar 28, 2010

Submitted by: Mike Frysinger <vapier@gentoo.org>

Add includes in synopsis, fix some indents. For some reason this never got
applied to the 0.9.8-stable branch.

f421a52f

Mar 27, 2010

PR: 1763 · 17a79eec

Dr. Stephen Henson authored Mar 27, 2010

Remove useless num = 0 assignment.

Remove redundant cases on sock_ctrl(): default case handles them.

17a79eec

PR: 1813 · 1eda14b4

Dr. Stephen Henson authored Mar 27, 2010

Submitted by: Torsten Hilbrich <torsten.hilbrich@secunet.com>

Fix memory leak when engine name cannot be loaded.

1eda14b4

Mar 25, 2010
- We don't have a whirlpool test in this branch. · aa9b5026
  Richard Levitte authored Mar 25, 2010
  
  aa9b5026
- Have an underscore before <ARCH> to make sure any future architecture · aaf45e64
  Richard Levitte authored Mar 25, 2010
```
name won't be mixed up with any crypto name.
Missed the other spot.
```
  aaf45e64
- Have an underscore before <ARCH> to make sure any future architecture · be83c31c
  Richard Levitte authored Mar 25, 2010
```
name won't be mixed up with any crypto name.
Missed one spot.
```
  be83c31c
- Try to define the tests and their respective directories in a way that · 76a41eec
  Richard Levitte authored Mar 25, 2010
```
preserves the order of the tests (to make it as easy as possible to
synchronise with future Unix builds)
```
  76a41eec
- Have an underscore before <ARCH> to make sure any future architecture · ab9c0ec9
  Richard Levitte authored Mar 25, 2010
```
name won't be mixed up with any crypto name.
```
  ab9c0ec9
- PR: 2202 (partial) · cf6a1dea
  Dr. Stephen Henson authored Mar 25, 2010
```
Submitted by: Steven M. Schweda <sms@antinode.info>

VMS fixes:
	Reduce copying into .apps and .test in makevms.com
	Don't try to use blank CA certificate in CA.com
	Allow use of C files from original directories in maketests.com
```
  cf6a1dea
- PR: 2202 (partial) · ea5b3f5e
  Dr. Stephen Henson authored Mar 25, 2010
```
Submitted by: Steven M. Schweda <sms@antinode.info>

Make some declarations conditional on FIPS/ENGINE.
Make pqueue_print non-VAX.
```
  ea5b3f5e
- updates for next version · c3c658e1
  Dr. Stephen Henson authored Mar 25, 2010
  
  c3c658e1
Mar 24, 2010
- initialise buf if wrong_info not used · 5d013b6b
  Dr. Stephen Henson authored Mar 24, 2010
  
  5d013b6b
- PR: 1731 and maybe 2197 · ee91323f
  Dr. Stephen Henson authored Mar 24, 2010
```
Clear error queue in a few places in SSL code where errors are expected
so they don't stay in the queue.
```
  ee91323f
- prepare for release · 4fae8688
  Dr. Stephen Henson authored Mar 24, 2010
  
  OpenSSL_0_9_8n
  
  4fae8688
- Submitted by: Bodo Moeller and Adam Langley (Google). · 354f92d6
  Dr. Stephen Henson authored Mar 24, 2010
```
Fix for "Record of death" vulnerability CVE-2010-0740.
```
  354f92d6
Mar 22, 2010
- rand_win.c: fix logical bug in readscreen [from HEAD]. · c3484e02
  Andy Polyakov authored Mar 22, 2010
  
  c3484e02
- bss_file.c: fix MSC 6.0 warning [from HEAD]. · 6b0be9c7
  Andy Polyakov authored Mar 22, 2010
  
  6b0be9c7
- ppc.pl: assembler Y chokes on apostrophes in comment. · 02312a91
  Andy Polyakov authored Mar 22, 2010
  
  02312a91
Mar 15, 2010
- e_capi.c: fix typo [from HEAD]. · 744f6b64
  Andy Polyakov authored Mar 15, 2010
  
  744f6b64
- Fix UPLINK typo [from HEAD]. · f1502a49
  Andy Polyakov authored Mar 15, 2010
  
  f1502a49
- workaround for missing definition in some headers · b70871b6
  Dr. Stephen Henson authored Mar 15, 2010
  
  b70871b6
Mar 12, 2010

PR: 2192 · 9de450b5

Dr. Stephen Henson authored Mar 12, 2010

Submitted By: Jaroslav Imrich <jaroslav.imrich@disig.sk>

The prompt_info and wrong_info parameters can be empty strings which
can produce confusing prompts. Treat empty string same as NULL.

9de450b5

missing goto meant signature was never printed out · cc530367
Dr. Stephen Henson authored Mar 12, 2010

cc530367

Mar 10, 2010
- don't leave bogus errors in the queue · 4610d8dc
  Dr. Stephen Henson authored Mar 10, 2010
  
  4610d8dc
Mar 09, 2010

PR: 2186 · 5d7dfefe

Dr. Stephen Henson authored Mar 09, 2010

Submitted By: "Joel Rabinovitch" <Joel.Rabinovitch@tecsys.com>

Detect aix64-gcc

5d7dfefe

Mar 07, 2010
- The OID sanity check was incorrect. It should only disallow *leading* 0x80 · 5e8e7054
  Dr. Stephen Henson authored Mar 07, 2010
```
values.
```
  5e8e7054
Mar 06, 2010
- don't add digest alias if signature algorithm is undefined · 9a542ea0
  Dr. Stephen Henson authored Mar 06, 2010
  
  9a542ea0
Mar 05, 2010
- Fix memory leak: free up ENGINE functional reference if digest is not · 1939f837
  Dr. Stephen Henson authored Mar 05, 2010
```
found in an ENGINE.
```
  1939f837
Mar 03, 2010

PR: 2183 · b7c114f0

Dr. Stephen Henson authored Mar 03, 2010

PR#1999 broke fork detection by assuming HAVE_FORK was set for all platforms.
Include original HAVE_FORK detection logic while allowing it to be
overridden on specific platforms with -DHAVE_FORK=1 or -DHAVE_FORK=0

b7c114f0

Submitted by: Tomas Hoger <thoger@redhat.com> · ede13519

Dr. Stephen Henson authored Mar 03, 2010

Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).

ede13519