Commits · f2334630a773d2829730b3269901f2ebd32232bd · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

25 Nov, 2009 3 commits
- Add OID for PWRI KEK algorithm. · f2334630
  Dr. Stephen Henson authored Nov 25, 2009
  
  f2334630
- Add PBKFD2 prototype. · 007f7ec1
  Dr. Stephen Henson authored Nov 25, 2009
  
  007f7ec1
- Split PBES2 into cipher and PBKDF2 versions. This tidies the code somewhat · 3d63b396
  Dr. Stephen Henson authored Nov 25, 2009
```
and is a pre-requisite to adding password based CMS support.
```
  3d63b396
23 Nov, 2009 1 commit
- cms-test.pl: use EXE_EXT. · 451038b4
  Andy Polyakov authored Nov 23, 2009
```
PR: 2107
```
  451038b4
19 Nov, 2009 1 commit
- util/pl/VC-32.pl: bufferoverflowu.lib only when actually needed and · 7766bc1a
  Andy Polyakov authored Nov 19, 2009
```
eliminate duplicate code.
PR: 2086
```
  7766bc1a
18 Nov, 2009 3 commits
- Servers can't end up talking SSLv2 with legacy renegotiation disabled · 6cef3a7f
  Dr. Stephen Henson authored Nov 18, 2009
  
  6cef3a7f
- Don't use SSLv2 compatible client hello if we don't tolerate legacy renegotiation · 4d09323a
  Dr. Stephen Henson authored Nov 18, 2009
  
  4d09323a
- Include a more meaningful error message when rejecting legacy renegotiation · 64abf5e6
  Dr. Stephen Henson authored Nov 18, 2009
  
  64abf5e6
17 Nov, 2009 1 commit

PR: 2103 · 446a6a8a

Dr. Stephen Henson authored Nov 17, 2009

Submitted by: Rob Austein <sra@hactrn.net>
Approved by: steve@openssl.org

Initialise atm.flags to 0.

446a6a8a

15 Nov, 2009 10 commits
- PR: 2101 (additional) · 320d3fd6
  Dr. Stephen Henson authored Nov 15, 2009
```
Submitted by: Roumen Petrov <openssl@roumenpetrov.info>
Approved by: steve@openssl.org

Another mingw fix.
```
  320d3fd6
- OPENSSL_ia32cap.pod update. · cca3ea1e
  Andy Polyakov authored Nov 15, 2009
  
  cca3ea1e
- Add sha512-parisc.pl. · a83f83aa
  Andy Polyakov authored Nov 15, 2009
  
  a83f83aa
- SHA1 assembler show off: minor performance updates and new modules for · 5727f1f7
  Andy Polyakov authored Nov 15, 2009
```
forgotten CPUs.
```
  5727f1f7
- sha512.c: there apparently is ILP32 PowerPC platform, where it is safe to · 53f73afc
  Andy Polyakov authored Nov 15, 2009
```
inline 64-bit assembler instructions. Normally it's inappropriate, because
signalling doesn't preserve upper halves of general purpose registers.
Meaning that it's only safe if signals are blocked for the time "wide"
code executes.
PR: 1998
```
  53f73afc
- x86_64-xlate.pl: new gas requires sign extention in lea instruction. · 10232bdc
  Andy Polyakov authored Nov 15, 2009
```
This resolves md5-x86_64.pl and sha1-x86_64.pl bugs, but without modifying
the code.
PR: 2094,2095
```
  10232bdc
- x86masm.pl: eliminate linker "multiple sections found with different · 55ff3aff
  Andy Polyakov authored Nov 15, 2009
```
attributes" warning.
```
  55ff3aff
- bss_dgram.c: more elegant solution to PR#2069. Use socklen_t heuristic · b7cec490
  Andy Polyakov authored Nov 15, 2009
```
from b_sock.c, don't assume that caller always passes pointer to buffer
large enough to hold sockaddr_storage.
PR: 2069
```
  b7cec490
- b_sock.c: fix compiler warning. · 2335e8a9
  Andy Polyakov authored Nov 15, 2009
  
  2335e8a9
- aesni-x86.pl: eliminate development comments. · 6f766a41
  Andy Polyakov authored Nov 15, 2009
  
  6f766a41
13 Nov, 2009 1 commit

PR: 2101 · f741382b

Dr. Stephen Henson authored Nov 13, 2009

Submitted by: Doug Kaufman <dkaufman@rahul.net>
Approved by: steve@openssl.org

Fixes for tests in cms-test.pl

f741382b

12 Nov, 2009 3 commits
- PR: 2088 · c18e51ba
  Dr. Stephen Henson authored Nov 12, 2009
```
Submitted by: Aleksey Samsonov <s4ms0n0v@gmail.com>
Approved by: steve@openssl.org

Fix memory leak in d2i_PublicKey().
```
  c18e51ba
- set engine to NULL after releasing it · 773b63d6
  Dr. Stephen Henson authored Nov 12, 2009
  
  773b63d6
- Update from 1.0.0-stable · 0a02d1db
  Richard Levitte authored Nov 12, 2009
  
  0a02d1db
11 Nov, 2009 3 commits
- PR: 2098 · ff094bc2
  Dr. Stephen Henson authored Nov 11, 2009
```
Submitted by: Corinna Vinschen <vinschen@redhat.com>
Approved by: steve@openssl.org

For Cygwin enable zlib and mdc2 by default.
```
  ff094bc2
- add missing parts of reneg port, fix apps patch · 860c3dd1
  Dr. Stephen Henson authored Nov 11, 2009
  
  860c3dd1
- commit missing apps code for reneg fix · 2942dde5
  Dr. Stephen Henson authored Nov 11, 2009
  
  2942dde5
10 Nov, 2009 3 commits

PR: 1686 · 0f6e2138

Dr. Stephen Henson authored Nov 10, 2009

Submitted by: Hanno BÃÂ¶ck <hanno@hboeck.de>
Approved by: steve@openssl.org

Create engines dir if it doesn't already exist.

0f6e2138

PR: 2091 · 709a395d

Dr. Stephen Henson authored Nov 10, 2009

Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org

If an OID has no short name or long name return the numerical representation.

709a395d

PR: 2090 · b5990067

Dr. Stephen Henson authored Nov 10, 2009

Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org

Improve error checking in asn1_gen.c

b5990067

09 Nov, 2009 4 commits
- First cut of renegotiation extension. (port to HEAD) · e0e79972
  Dr. Stephen Henson authored Nov 09, 2009
  
  e0e79972
- update CHANGES · befbd061
  Dr. Stephen Henson authored Nov 09, 2009
  
  befbd061
- make udpate · f423c63b
  Dr. Stephen Henson authored Nov 09, 2009
  
  f423c63b
- Remove BF_PTR2 from configuration: it doesn't improve performance any more and... · 9acc6500
  Dr. Stephen Henson authored Nov 09, 2009
```
Remove BF_PTR2 from configuration: it doesn't improve performance any more and causes gcc warnings about arrays out of range
```
  9acc6500
08 Nov, 2009 1 commit
- If it is a new session don't send the old TLS ticket: send a zero length · 7ba3838a
  Dr. Stephen Henson authored Nov 08, 2009
```
ticket to request a new session.
```
  7ba3838a
07 Nov, 2009 1 commit
- Ooops, revert committed conflict. · 43982224
  Dr. Stephen Henson authored Nov 07, 2009
  
  43982224
02 Nov, 2009 1 commit

PR: 2089 · 71af26b5

Dr. Stephen Henson authored Nov 02, 2009

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS Fragment size bug fix.

71af26b5

31 Oct, 2009 2 commits
- Add missing functions to allow access to newer X509_STORE_CTX status · 2008e714
  Dr. Stephen Henson authored Oct 31, 2009
```
information. Add more informative message to verify callback to indicate
when CRL path validation is taking place.
```
  2008e714
- Add option to allow in-band CRL loading in verify utility. Add function · 245d2ee3
  Dr. Stephen Henson authored Oct 31, 2009
```
load_crls and tidy up load_certs. Remove useless purpose variable from
verify utility: now done with args_verify.
```
  245d2ee3
30 Oct, 2009 2 commits
- Generate stateless session ID just after the ticket is received instead · 4b4ba6a8
  Dr. Stephen Henson authored Oct 30, 2009
```
of when a session is loaded. This will mean that applications that
just hold onto SSL_SESSION structures and never call d2i_SSL_SESSION()
will still work.
```
  4b4ba6a8
- Move CHANGES entry to 0.9.8l section · bb4060c5
  Dr. Stephen Henson authored Oct 30, 2009
  
  bb4060c5