- Mar 03, 2010
-
-
Dr. Stephen Henson authored
PR#1999 broke fork detection by assuming HAVE_FORK was set for all platforms. Include original HAVE_FORK detection logic while allowing it to be overridden on specific platforms with -DHAVE_FORK=1 or -DHAVE_FORK=0
-
Dr. Stephen Henson authored
Fix for CVE-2010-0433 where some kerberos enabled versions of OpenSSL could be crashed if the relevant tables were not present (e.g. chrooted).
-
Dr. Stephen Henson authored
-
- Mar 02, 2010
-
-
Andy Polyakov authored
subject to change...
-
Andy Polyakov authored
-
Andy Polyakov authored
Submitted by: Andreas Krebbel
-
- Mar 01, 2010
-
-
Dr. Stephen Henson authored
Submitted by: "Kennedy, Brendan" <brendan.kennedy@intel.com> Handle error codes correctly: cryptodev returns 0 for success whereas OpenSSL returns 1.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Feb 28, 2010
-
-
Ben Laurie authored
warnings hard to fix without major surgery).
-
Dr. Stephen Henson authored
-
- Feb 27, 2010
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
1.0.0. Original fix was on 2007-Mar-09 and had the log message: "Fix kerberos ciphersuite bugs introduced with PR:1336."
-
- Feb 26, 2010
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
CFB mode does *not* have to be a multiple of the block length and several other specifications (e.g. PKCS#11) do not require this.
-
Dr. Stephen Henson authored
-
- Feb 25, 2010
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
certificate is explicitly trusted (using -addtrust option to x509 utility for example) the verification is sucessful even if the chain is not complete.
-
Dr. Stephen Henson authored
allow setting of verify names in command line utilities and print out verify names in verify utility
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
as issuer and subject names. Although this is an incompatible change it should have little impact in pratice because self-issued certificates that are not self-signed are rarely encountered.
-
- Feb 24, 2010
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Feb 23, 2010
-
-
Andy Polyakov authored
-
Andy Polyakov authored
-
Andy Polyakov authored
-
Dr. Stephen Henson authored
X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT error codes were reversed in the verify application documentation.
-
Bodo Möller authored
(The CHANGES entry covers the change from PR #2111 as well, submitted by Martin Olsson.) Submitted by: Neel Mehta
-
- Feb 19, 2010
-
-
Bodo Möller authored
-
- Feb 18, 2010
-
-
Dr. Stephen Henson authored
-
- Feb 17, 2010
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
initial connection to unpatched servers. There are no additional security concerns in doing this as clients don't see renegotiation during an attack anyway.
-
Dr. Stephen Henson authored
Submitted by: James Baker <jbaker@tableausoftware.com> et al. Workaround for slow Heap32Next on some versions of Windows.
-