Skip to content
  1. Feb 14, 2014
    • Kurt Roeckx's avatar
      Use defaults bits in req when not given · e420060a
      Kurt Roeckx authored
      If you use "-newkey rsa" it's supposed to read the default number of bits from the
      config file.  However the value isn't used to generate the key, but it does
      print it's generating such a key.  The set_keygen_ctx() doesn't call
      EVP_PKEY_CTX_set_rsa_keygen_bits() and you end up with the default set in
      pkey_rsa_init() (1024).  Afterwards the number of bits gets read from the config
      file, but nothing is done with that anymore.
      
      We now read the config first and use the value from the config file when no size
      is given.
      
      PR: 2592
      (cherry picked from commit 33432203)
      e420060a
    • Kurt Roeckx's avatar
      Fix additional pod errors with numbered items. · d8ec8a4a
      Kurt Roeckx authored
      (cherry picked from commit e547c45f)
      d8ec8a4a
    • Scott Schaefer's avatar
      Fix various spelling errors · 040ed7b4
      Scott Schaefer authored
      (cherry picked from commit 2b4ffc65)
      040ed7b4
    • Scott Schaefer's avatar
      Document pkcs12 -password behavior · c76e5b08
      Scott Schaefer authored
      apps/pkcs12.c accepts -password as an argument.  The document author
      almost certainly meant to write "-password, -passin".
      
      However, that is not correct, either.  Actually the code treats
      -password as equivalent to -passin, EXCEPT when -export is also
      specified, in which case -password as equivalent to -passout.
      (cherry picked from commit 856c6dfb)
      c76e5b08
    • Dr. Stephen Henson's avatar
      Backport TLS padding extension from master. · 00712158
      Dr. Stephen Henson authored
      (cherry picked from commit 8c6d8c2a)
      
      Conflicts:
      
      	CHANGES
      	ssl/t1_lib.c
      00712158
  2. Feb 05, 2014
  3. Feb 03, 2014
  4. Jan 29, 2014
    • Dr. Stephen Henson's avatar
      Clarify docs. · f21e6b6e
      Dr. Stephen Henson authored
      Remove reference to ERR_TXT_MALLOCED in the error library as that is
      only used internally. Indicate that returned error data must not be
      freed.
      (cherry picked from commit f2d678e6)
      f21e6b6e
  5. Jan 28, 2014
  6. Jan 23, 2014
  7. Jan 16, 2014
  8. Jan 11, 2014
  9. Jan 09, 2014
  10. Jan 08, 2014
  11. Jan 06, 2014
  12. Jan 04, 2014
    • Dr. Stephen Henson's avatar
      Restore SSL_OP_MSIE_SSLV2_RSA_PADDING · 25c9fa60
      Dr. Stephen Henson authored
      The flag SSL_OP_MSIE_SSLV2_RSA_PADDING hasn't done anything since OpenSSL
      0.9.7h but deleting it will break source compatibility with any software
      that references it. Restore it but #define to zero.
      (cherry picked from commit b17d6b8d)
      25c9fa60
  13. Jan 02, 2014
  14. Dec 22, 2013
  15. Dec 20, 2013
  16. Dec 19, 2013
    • Dr. Stephen Henson's avatar
      Use version in SSL_METHOD not SSL structure. · ca989269
      Dr. Stephen Henson authored
      When deciding whether to use TLS 1.2 PRF and record hash algorithms
      use the version number in the corresponding SSL_METHOD structure
      instead of the SSL structure. The SSL structure version is sometimes
      inaccurate. Note: OpenSSL 1.0.2 and later effectively do this already.
      (CVE-2013-6449)
      ca989269
  17. Dec 18, 2013
  18. Dec 10, 2013
  19. Dec 09, 2013
  20. Dec 08, 2013
    • Dr. Stephen Henson's avatar
      make update · 60df657b
      Dr. Stephen Henson authored
      60df657b
    • Dr. Stephen Henson's avatar
      Avoid multiple locks in FIPS mode. · 17a2d080
      Dr. Stephen Henson authored
      PR: 3176.
      
      In FIPS mode ssleay_rand_bytes is only used for PRNG seeding and is
      performed in either a single threaded context (when the PRNG is first
      initialised) or under a lock (reseeding). To avoid multiple locks disable
      use of CRYPTO_LOCK_RAND in FIPS mode in ssleay_rand_bytes.
      (cherry picked from commit 53142f72c9b9c9bad2f39ca6200a4f04f5c8001c)
      17a2d080
  21. Dec 03, 2013
  22. Nov 27, 2013