Commits · c97ec5631bb08a2171a125008d2f0d2a75687aaa · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Dec 01, 2013
- Fix warning. · c97ec563
  Dr. Stephen Henson authored Dec 01, 2013
  
  c97ec563
- Change header order to pick up OPENSSL_SYS_WIN32 · fdb0d5dd
  Dr. Stephen Henson authored Dec 01, 2013
  
  fdb0d5dd
- Recongnise no-dane and no-libunbound · 81b6dfe4
  Dr. Stephen Henson authored Dec 01, 2013
  
  81b6dfe4
- make update · bc35b8e4
  Dr. Stephen Henson authored Dec 01, 2013
  
  bc35b8e4
- Fix warnings. · 6859f3fc
  Dr. Stephen Henson authored Dec 01, 2013
  
  6859f3fc
- WIN32 fixes. · 8b2d5cc4
  Dr. Stephen Henson authored Dec 01, 2013
  
  8b2d5cc4
- RSAX no longer compiled. · 74184b6f
  Dr. Stephen Henson authored Dec 01, 2013
  
  74184b6f
Nov 27, 2013
- Simplify and update openssl.spec · 6416aed5
  Dr. Stephen Henson authored Nov 27, 2013
  
  6416aed5
Nov 18, 2013
- New functions to retrieve certificate from SSL_CTX · 2a1b7bd3
  Dr. Stephen Henson authored Nov 18, 2013
```
New functions to retrieve current certificate or private key
from an SSL_CTX.

Constify SSL_get_private_key().
(cherry picked from commit a25f9adc)
```
  2a1b7bd3
- Don't define SSL_select_next_proto if OPENSSL_NO_TLSEXT set · 4bba0bda
  Dr. Stephen Henson authored Nov 18, 2013
```
(cherry picked from commit 60aeb187)
```
  4bba0bda
Nov 17, 2013
- Use correct header length in ssl3_send_certifcate_request · 27baa831
  Dr. Stephen Henson authored Nov 17, 2013
```
(cherry picked from commit fdeaf55b)
```
  27baa831
Nov 14, 2013
- Constify. · 1abfa78a
  Dr. Stephen Henson authored Nov 14, 2013
  
  1abfa78a
- Fix compilation with no-nextprotoneg. · edc687ba
  Piotr Sikora authored Nov 13, 2013
```
PR#3106
```
  edc687ba
Nov 13, 2013

Allow match selecting of current certificate. · ff0bdbed

Dr. Stephen Henson authored Nov 13, 2013

If pointer comparison for current certificate fails check
to see if a match using X509_cmp succeeds for the current
certificate: this is useful for cases where the certificate
pointer is not available.
(cherry picked from commit 6856b288a6e66edd23907b7fa264f42e05ac9fc7)

ff0bdbed

Additional "chain_cert" functions. · dc4bdf59

Rob Stradling authored Nov 11, 2013

PR#3169

This patch, which currently applies successfully against master and
1_0_2, adds the following functions:

SSL_[CTX_]select_current_cert() - set the current certificate without
disturbing the existing structure.

SSL_[CTX_]get0_chain_certs() - get the current certificate's chain.

SSL_[CTX_]clear_chain_certs() - clear the current certificate's chain.

The patch also adds these functions to, and fixes some existing errors
in, SSL_CTX_add1_chain_cert.pod.
(cherry picked from commit 2f56c9c015dbca45379c9a725915b3b8e765a119)

dc4bdf59

Delete duplicate entry. · b03d0513
Krzysztof Kwiatkowski authored Nov 13, 2013
```
PR#3172
(cherry picked from commit 4f055e34c3598cad00fca097d812fa3e6436d967)
```
b03d0513

Nov 12, 2013
- srp/srp_grps.h: make it Compaq C-friendly. · 0de70011
  Andy Polyakov authored Nov 12, 2013
```
PR: 3165
Submitted by: Daniel Richard G.
(cherry picked from commit 2df9ec01)
```
  0de70011
- modes/asm/ghash-alpha.pl: update from HEAD. · 220d1e53
  Andy Polyakov authored Nov 12, 2013
```
PR: 3165
```
  220d1e53
- Make Makefiles OSF-make-friendly. · ca44f729
  Andy Polyakov authored Nov 12, 2013
```
PR: 3165
(cherry picked from commit d1cf23ac)
```
  ca44f729
Nov 11, 2013
- Fix memory leak. · 18f49508
  Dr. Stephen Henson authored Nov 11, 2013
```
(cherry picked from commit 16bc45ba)
```
  18f49508
- Typo. · 5c50462e
  Dr. Stephen Henson authored Nov 11, 2013
  
  5c50462e
- Fix for some platforms where "char" is unsigned. · a2578653
  Dr. Stephen Henson authored Nov 08, 2013
```
(cherry picked from commit 08b433540416c5bc9a874ba0343e35ba490c65f1)
```
  a2578653
Nov 10, 2013
- Makefile.org: make FIPS build work with BSD make. · 60adefa6
  Andy Polyakov authored Nov 10, 2013
  
  60adefa6
Nov 09, 2013

Check for missing components in RSA_check. · b5dde6bc
Dr. Stephen Henson authored Nov 07, 2013
```
(cherry picked from commit 01be36ef70525e81fc358d2e559bdd0a0d9427a5)
```
b5dde6bc
Document RSAPublicKey_{in,out} options. · 024dbfd4
Dr. Stephen Henson authored Nov 07, 2013
```
(cherry picked from commit 7040d73d22987532faa503630d6616cf2788c975)
```
024dbfd4

Add CMS_SignerInfo_get0_signature function. · 233069f8

Dr. Stephen Henson authored Nov 07, 2013

Add function to retrieve the signature from a CMS_SignerInfo structure:
applications can then read or modify it.
(cherry picked from commit e8df6cec4c09b9a94c4c07abcf0402d31ec82cc1)

233069f8

Nov 08, 2013

engines/ccgost/gost89.h: make word32 defintion unconditional. · c76d6922

Andy Polyakov authored Nov 08, 2013

Original definition depended on __LONG_MAX__ that is not guaranteed to
be present. As we don't support platforms with int narrower that 32 bits
it's appropriate to make defition inconditional.

PR: 3165
(cherry picked from commit 96180cac)

c76d6922

modes/asm/ghash-alpha.pl: make it work with older assembler. · 32414961
Andy Polyakov authored Nov 08, 2013
```
PR: 3165
(cherry picked from commit d24d1d7d)
```
32414961

Nov 06, 2013
- Enable PSK in FIPS mode. · 63fe69c1
  Dr. Stephen Henson authored Nov 06, 2013
```
Enable PSK ciphersuites with AES or DES3 in FIPS mode.
(cherry picked from commit e0ffd129)
```
  63fe69c1
- Initialise context before using it. · a4947e4e
  Dr. Stephen Henson authored Nov 06, 2013
  
  a4947e4e
Nov 03, 2013
- PBKDF2 should be efficient. Contributed by Christian Heimes · 262f1c52
  Ben Laurie authored Nov 03, 2013
```
<christian@python.org>.
```
  262f1c52
Nov 02, 2013
- Add brainpool curves to trace output. · bd80d022
  Dr. Stephen Henson authored Nov 02, 2013
  
  bd80d022
- Fix warning. · 163d7948
  Dr. Stephen Henson authored Nov 01, 2013
```
(cherry picked from commit 96e16bdd)
```
  163d7948
- Add SSL_CONF command to set DH Parameters. · 0b33466b
  Dr. Stephen Henson authored Oct 22, 2013
```
(cherry picked from commit c557f921)
```
  0b33466b
- Fix argument processing. · bed27f4d
  Dr. Stephen Henson authored Oct 22, 2013
```
(cherry picked from commit abf840e4)
```
  bed27f4d
- Constification. · 738a224b
  Dr. Stephen Henson authored Oct 21, 2013
```
(cherry picked from commit 27f3b65f)
```
  738a224b
- Extend SSL_CONF · 044f8ca8
  Dr. Stephen Henson authored Oct 18, 2013
```
Extend SSL_CONF to return command value types.

Add certificate and key options.

Update documentation.
(cherry picked from commit ec2f7e56)
```
  044f8ca8
- Typo. · 45ee08d9
  Dr. Stephen Henson authored Oct 17, 2013
```
(cherry picked from commit 13af1451)
```
  45ee08d9
Nov 01, 2013

Fix SSL_OP_SINGLE_ECDH_USE · 5ff68e8f

Piotr Sikora authored Nov 01, 2013

Don't require a public key in tls1_set_ec_id if compression status is
not needed. This fixes a bug where SSL_OP_SINGLE_ECDH_USE wouldn't work.

5ff68e8f

Add -ecdh_single option. · f14a4a86
Dr. Stephen Henson authored Nov 01, 2013
```
Add -ecdh_single option to set SSL_OP_SINGLE_ECDH_USE on the command line.
```
f14a4a86