- Aug 15, 2014
-
-
Jonas Maebe authored
Signed-off-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Jonas Maebe authored
mime_hdr_addparam: free tmpname, tmpval and mparam on error path, and check whether sk_MIME_PARAM_push succeeds Signed-off-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Jonas Maebe authored
Signed-off-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Jonas Maebe authored
Signed-off-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Jonas Maebe authored
Signed-off-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Istvan Noszticzius authored
Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Frdric Giudicelli authored
Remove local variable and avoid extra assignment. Reviewed-by: Emilia Kasper <emilia@silkandcyanide.net>
-
Rob Austein authored
"Another machine, another version of gcc, another batch of compiler warnings." Add "=NULL" to some local variable declarations that are set by passing thier address into a utility function; confuses GCC it might not be set. Reviewed-by: Emilia Käsper <emilia@silkandcyanide.net>
-
Hans Wennborg authored
Remove some redundant logical expressions Reviewed-by: Emilia Kasper <emilia@silkandcyanide.net>
-
Rich Salz authored
-
Claus Assmann authored
Fix a bunch of typo's and speling (sic) errors in the CHANGES file. Reviewed-by: Tim Hudson <tjh@cryptsoft.com>
-
Dr. Stephen Henson authored
Move custom extension structures from SSL_CTX to CERT structure. This change means the form can be revised in future without binary compatibility issues. Also since CERT is part of SSL structures so per-SSL custom extensions could be supported in future as well as per SSL_CTX. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
- Aug 14, 2014
-
-
Emilia Kasper authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
- Aug 13, 2014
-
-
Bodo Moeller authored
group_order_tests (ectest.c). Also fix the EC_POINTs_mul documentation (ec.h). Reviewed-by: <emilia@openssl.org>
-
Matt Caswell authored
In Makefile, when build manpages, put the current directory at the start of the podpath so that cross-refs find the local directory first. Reviewed-by: Tim Hudson <tjh@cryptosoft.com>
-
- Aug 12, 2014
-
-
Ingo Schwarze authored
In two OpenSSL manual pages, in the NAME section, the last word of the name list is followed by a stray trailing comma. While this may seem minor, it is worth fixing because it may confuse some makewhatis(8) implementations. While here, also add the missing word "size" to the one line description in SSL_CTX_set_max_cert_list(3). Reviewed by: Dr Stephen Henson <shenson@drh-consultancy.co.uk>
-
Rich Salz authored
-
nnposter@users.sourceforge.net authored
If subcommand fails, just die. Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
-
nnposter@users.sourceforge.net authored
If subcommand fails, just die. Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
-
Nick Lewis authored
Update the dgst.pod page to include SHA224...512 algorithms. Update apps/progs.pl to add them to the digest command table. Reviewed-by: Tim Hudson <tjh@cryptosoft.com>
-
Nick Urbanik authored
The x509_extensions should be req_extensions in the config example in req.pod Reviewed-by: <tjh@cryptsoft.com>
-
- Aug 11, 2014
-
-
Dr Stephen Henson authored
Fully remove old error, per drH Reviewed-by: rsalz
-
Jim Reid authored
Add darwin-*-cc as one of the systems for case-insensitive filenames. Fixes the manpage install so it doesn't create looping symlinks.
-
Rich Salz authored
-
Rich Salz authored
Not approved; mistakenly pushed commit that added README.md
-
Scott Schaefer authored
Reviewed-by: Emilia Kasper Many of these were already fixed, this catches the last few that were missed.
-
Scott Schaefer authored
Many of these were already fixed, this catches the last few that were missed.
-
Rich Salz authored
A small markdown README for GitHub users; points them to the right README and the website and RT tracker.
-
- Aug 09, 2014
-
-
Dr. Stephen Henson authored
The addition of SRP authentication needs to be checked in various places to work properly. Specifically: A certificate is not sent. A certificate request must not be sent. Server key exchange message must not contain a signature. If appropriate SRP authentication ciphersuites should be chosen. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Rich Salz authored
Undo unapproved commit that removed DJGPP and WATT32
-
Viktor Szakats authored
The "unsigned char *d" should be const. Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
-
Matthieu Crapet authored
Use SSL3_AL_FATAL instead of the literal constant "2" Every bit of cleanup helps. Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Aug 08, 2014
-
-
Rich Salz authored
DJGPP is no longer a supported platform. Remove all #ifdef, etc., cases that refer to it. DJGPP also #define'd WATT32, so that is now removed as well.
-
- Aug 06, 2014
-
-
Dr. Stephen Henson authored
Check SRP parameters when they are received so we can send back an appropriate alert. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Dr. Stephen Henson authored
Invalid parameters passed to the SRP code can be overrun an internal buffer. Add sanity check that g, A, B < N to SRP code. Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC Group for reporting this issue.
-
Dr. Stephen Henson authored
If a client attempted to use an SRP ciphersuite and it had not been set up correctly it would crash with a null pointer read. A malicious server could exploit this in a DoS attack. Thanks to Joonas Kuorilehto and Riku Hietamäki from Codenomicon for reporting this issue. CVE-2014-2970 Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Gabor Tyukasz authored
CVE-2014-3509 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-