Commits · cf6a1dea19b6d4d810613515f024d6d475ed5487 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Mar 25, 2010

Dr. Stephen Henson authored Mar 25, 2010

Submitted by: Steven M. Schweda <sms@antinode.info>

VMS fixes:
	Reduce copying into .apps and .test in makevms.com
	Don't try to use blank CA certificate in CA.com
	Allow use of C files from original directories in maketests.com

cf6a1dea

PR: 2202 (partial) · ea5b3f5e

Dr. Stephen Henson authored Mar 25, 2010

Submitted by: Steven M. Schweda <sms@antinode.info>

Make some declarations conditional on FIPS/ENGINE.
Make pqueue_print non-VAX.

ea5b3f5e

updates for next version · c3c658e1
Dr. Stephen Henson authored Mar 25, 2010

c3c658e1

Mar 24, 2010
- initialise buf if wrong_info not used · 5d013b6b
  Dr. Stephen Henson authored Mar 24, 2010
  
  5d013b6b
- PR: 1731 and maybe 2197 · ee91323f
  Dr. Stephen Henson authored Mar 24, 2010
```
Clear error queue in a few places in SSL code where errors are expected
so they don't stay in the queue.
```
  ee91323f
- prepare for release · 4fae8688
  Dr. Stephen Henson authored Mar 24, 2010
  
  OpenSSL_0_9_8n
  
  4fae8688
- Submitted by: Bodo Moeller and Adam Langley (Google). · 354f92d6
  Dr. Stephen Henson authored Mar 24, 2010
```
Fix for "Record of death" vulnerability CVE-2010-0740.
```
  354f92d6
Mar 22, 2010
- rand_win.c: fix logical bug in readscreen [from HEAD]. · c3484e02
  Andy Polyakov authored Mar 22, 2010
  
  c3484e02
- bss_file.c: fix MSC 6.0 warning [from HEAD]. · 6b0be9c7
  Andy Polyakov authored Mar 22, 2010
  
  6b0be9c7
- ppc.pl: assembler Y chokes on apostrophes in comment. · 02312a91
  Andy Polyakov authored Mar 22, 2010
  
  02312a91
Mar 15, 2010
- e_capi.c: fix typo [from HEAD]. · 744f6b64
  Andy Polyakov authored Mar 15, 2010
  
  744f6b64
- Fix UPLINK typo [from HEAD]. · f1502a49
  Andy Polyakov authored Mar 15, 2010
  
  f1502a49
- workaround for missing definition in some headers · b70871b6
  Dr. Stephen Henson authored Mar 15, 2010
  
  b70871b6
Mar 12, 2010

PR: 2192 · 9de450b5

Dr. Stephen Henson authored Mar 12, 2010

Submitted By: Jaroslav Imrich <jaroslav.imrich@disig.sk>

The prompt_info and wrong_info parameters can be empty strings which
can produce confusing prompts. Treat empty string same as NULL.

9de450b5

missing goto meant signature was never printed out · cc530367
Dr. Stephen Henson authored Mar 12, 2010

cc530367

Mar 10, 2010
- don't leave bogus errors in the queue · 4610d8dc
  Dr. Stephen Henson authored Mar 10, 2010
  
  4610d8dc
Mar 09, 2010

PR: 2186 · 5d7dfefe

Dr. Stephen Henson authored Mar 09, 2010

Submitted By: "Joel Rabinovitch" <Joel.Rabinovitch@tecsys.com>

Detect aix64-gcc

5d7dfefe

Mar 07, 2010
- The OID sanity check was incorrect. It should only disallow *leading* 0x80 · 5e8e7054
  Dr. Stephen Henson authored Mar 07, 2010
```
values.
```
  5e8e7054
Mar 06, 2010
- don't add digest alias if signature algorithm is undefined · 9a542ea0
  Dr. Stephen Henson authored Mar 06, 2010
  
  9a542ea0
Mar 05, 2010
- Fix memory leak: free up ENGINE functional reference if digest is not · 1939f837
  Dr. Stephen Henson authored Mar 05, 2010
```
found in an ENGINE.
```
  1939f837
Mar 03, 2010

PR: 2183 · b7c114f0

Dr. Stephen Henson authored Mar 03, 2010

PR#1999 broke fork detection by assuming HAVE_FORK was set for all platforms.
Include original HAVE_FORK detection logic while allowing it to be
overridden on specific platforms with -DHAVE_FORK=1 or -DHAVE_FORK=0

b7c114f0

Submitted by: Tomas Hoger <thoger@redhat.com> · ede13519

Dr. Stephen Henson authored Mar 03, 2010

Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL
could be crashed if the relevant tables were not present (e.g. chrooted).

ede13519

don't mix definitions and code · 7786ed6a
Dr. Stephen Henson authored Mar 03, 2010

7786ed6a

Mar 02, 2010
- Fix s390x-specific HOST_l2c|c2l [from HEAD]. · bdd08277
  Andy Polyakov authored Mar 02, 2010
```
Submitted by: Andreas Krebbel
```
  bdd08277
Mar 01, 2010
- PR: 2178 · 2bf4faa7
  Dr. Stephen Henson authored Mar 01, 2010
```
Submitted by: "Kennedy, Brendan" <brendan.kennedy@intel.com>

Handle error codes correctly: cryptodev returns 0 for success whereas OpenSSL
returns 1.
```
  2bf4faa7
- load cryptodev if HAVE_CRYPTODEV is set too · 2e5e604b
  Dr. Stephen Henson authored Mar 01, 2010
  
  2e5e604b
Feb 28, 2010
- Fix warnings. · ed4cd027
  Ben Laurie authored Feb 28, 2010
  
  ed4cd027
Feb 26, 2010
- quote HOSTCC in case it isn't defined · bab19a2a
  Dr. Stephen Henson authored Feb 26, 2010
  
  bab19a2a
- Revert CFB block length change. Despite what SP800-38a says the input to · 582eb96d
  Dr. Stephen Henson authored Feb 26, 2010
```
CFB mode does *not* have to be a multiple of the block length and several
other specifications (e.g. PKCS#11) do not require this.
```
  582eb96d
- Change versions for 0.9.8n-dev · 2649ce1e
  Dr. Stephen Henson authored Feb 26, 2010
  
  2649ce1e
Feb 25, 2010
- Prepare for 0.9.8m release · 7070cdba
  Dr. Stephen Henson authored Feb 25, 2010
  
  OpenSSL_0_9_8m
  
  7070cdba
Feb 24, 2010
- Since crypto-lib.com is built to be executed in the crypto/ directory, · e885de28
  Richard Levitte authored Feb 24, 2010
```
there's no need to specify that directory in the include path.
```
  e885de28
Feb 23, 2010
- The meaning of the X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY and · 3038649a
  Dr. Stephen Henson authored Feb 23, 2010
```
X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT error codes were reversed in
the verify application documentation.
```
  3038649a
- Always check bn_wexpend() return values for failure (CVE-2009-3245). · 3e4da3f7
  Bodo Möller authored Feb 23, 2010
```
(The CHANGES entry covers the change from PR #2111 as well, submitted by
Martin Olsson.)

Submitted by: Neel Mehta
```
  3e4da3f7
- Apply changes from the 1.0.0 branch. · 53b5d047
  Richard Levitte authored Feb 23, 2010
  
  53b5d047
- Include [.CRYPTO.<ARCH>] instead of just [.<ARCH>] · defede60
  Richard Levitte authored Feb 23, 2010
  
  defede60
Feb 22, 2010
- In some environments, we need to defined sslroot locally. · 1472f142
  Richard Levitte authored Feb 22, 2010
  
  1472f142
- Add t1_reneg to the VMS build. · 00d1ecb1
  Richard Levitte authored Feb 22, 2010
```
Hack the symbols with long names.
```
  00d1ecb1
Feb 19, 2010
- Fix X509_STORE locking · 739e0e93
  Bodo Möller authored Feb 19, 2010
  
  739e0e93
Feb 18, 2010
- clarify documentation · 6ae9770d
  Dr. Stephen Henson authored Feb 18, 2010
  
  6ae9770d