- Jul 21, 2014
-
-
Tim Hudson authored
statement of opinion rather than a fact. Reviewed-by: Dr. Stephen Henson <steve@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit c8d133e4)
-
- Jul 19, 2014
-
-
Dr. Stephen Henson authored
PR#1675 Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 197400c3f0d617d71ad8167b52fb73046d334320)
-
- Jul 17, 2014
-
-
Jeffrey Walton authored
PR#3456 Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit d48e78f0)
-
- Jul 15, 2014
-
-
Matt Caswell authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 3bd54819)
-
Dr. Stephen Henson authored
PR#3452 (cherry picked from commit ca2015a6)
-
Dr. Stephen Henson authored
Use same logic when determining when to expect a client certificate for both TLS and DTLS. PR#3452 (cherry picked from commit c8d710dc)
-
Dr. Stephen Henson authored
The options which emulate a web server don't make sense when doing DTLS. Exit with an error if an attempt is made to use them. PR#3453 (cherry picked from commit 58a2aaeade8bdecd0f9f0df41927f7cff3012547)
-
- Jul 14, 2014
-
-
Dr. Stephen Henson authored
PR#3445 (cherry picked from commit 1c3e9a7c)
-
- Jul 13, 2014
-
-
Matt Caswell authored
This is actually ok for this function, but initialised to zero anyway if PURIFY defined. This does have the impact of masking any *real* unitialised data reads in bn though. Patch based on approach suggested by Rich Salz. PR#3415 (cherry picked from commit 77747e2d9a5573b1dbc15e247ce18c03374c760c)
-
Richard Levitte authored
Detected by dcruette@qualitesys.com (cherry picked from commit 8b5dd340)
-
- Jul 09, 2014
-
-
Matt Caswell authored
Based on an original patch by Neitrino Photonov <neitrinoph@gmail.com> PR#3439 (cherry picked from commit 66816c53)
-
- Jul 07, 2014
-
-
David Lloyd authored
PR#2985 (cherry picked from commit 9d23f422)
-
Dr. Stephen Henson authored
-
- Jul 06, 2014
-
-
Dr. Stephen Henson authored
(cherry picked from commit a23a6e85)
-
- Jul 05, 2014
-
-
Matt Caswell authored
-
Matt Caswell authored
(cherry picked from commit 07255f0a76d9d349d915e14f969b9ff2ee0d1953)
-
Alan Hryngle authored
PR#3418. (cherry picked from commit fdea4fff)
-
Dr. Stephen Henson authored
PR#319 (reoponed version). (cherry picked from commit 7f6e9578) Conflicts: ssl/s3_srvr.c
-
- Jul 03, 2014
-
-
Dr. Stephen Henson authored
-
Rich Salz authored
-
Rich Salz authored
-verify_return_error aren't in this release.
-
Rich Salz authored
(cherry picked from commit b5071dc2) Conflicts: doc/apps/s_client.pod doc/apps/verify.pod doc/apps/x509v3_config.pod doc/crypto/ASN1_generate_nconf.pod doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod doc/ssl/SSL_CONF_cmd.pod doc/ssl/SSL_CONF_cmd_argv.pod doc/ssl/SSL_CTX_set_cert_cb.pod doc/ssl/SSL_CTX_set_security_level.pod
-
- Jul 02, 2014
-
-
Matt Smart authored
ERR_get_error(3) references the non-existent ERR_get_last_error_line_data instead of the one that does exist, ERR_peek_last_error_line_data. PR#3283 (cherry picked from commit 5cc99c6c)
-
Geoff Thorpe authored
Gets rid of this; defined(@array) is deprecated at ../util/mkerr.pl line 792. (Maybe you should just omit the defined()?) defined(@array) is deprecated at ../util/mkerr.pl line 800. (Maybe you should just omit the defined()?) Signed-off-by: Geoff Thorpe <geoff@openssl.org> (cherry picked from commit 647f360e)
-
Dr. Stephen Henson authored
Primitive encodings shouldn't use indefinite length constructed form. PR#2438 (partial). (cherry picked from commit 398e99fe)
-
- Jun 29, 2014
-
-
Dr. Stephen Henson authored
PR#2531. (cherry picked from commit 59899c4d)
-
Ken Ballou authored
PR#3173 (cherry picked from commit 76ed5a42)
-
Dr. Stephen Henson authored
If CSR verify fails in ca utility print out error messages. Otherwise some errors give misleading output: for example if the key size exceeds the library limit. PR#2875 (cherry picked from commit a30bdb55)
-
- Jun 28, 2014
-
-
Dr. Stephen Henson authored
PR#3107 (cherry picked from commit 7c206db9)
-
- Jun 27, 2014
-
-
Dr. Stephen Henson authored
Some state strings were erronously not compiled when no-ssl2 was set. PR#3295 (cherry picked from commit 0518a3e1)
-
Andreas Westfeld authored
(cherry picked from commit d1d4382d)
-
Ken Ballou authored
PR#3174 (cherry picked from commit fd331c0bb9b557903dd2ce88398570a3327b5ef0)
-
Tom Greenslade authored
PR#2783 (cherry picked from commit b36f35cd)
-
Tomas Mraz authored
PR#3374 (cherry picked from commit 0436369f)
-
Jeffrey Walton authored
Document that the certificate passed to SSL_CTX_add_extra_chain_cert() should not be freed by the application. PR#3409 Add restrictions section present in other branches. (cherry picked from commit 86cac6d3)
-
Dr. Stephen Henson authored
PR#3403 (cherry picked from commit d2aea038) Conflicts: apps/crl2p7.c crypto/asn1/a_utctm.c crypto/asn1/ameth_lib.c crypto/asn1/bio_asn1.c
-
Dr. Stephen Henson authored
(cherry picked from commit 7be6b27a)
-
- Jun 26, 2014
-
-
Huzaifa Sidhpurwala authored
PR#3410 (cherry picked from commit e14e764c0d5d469da63d0819c6ffc0e1e9e7f0bb)
-
- Jun 22, 2014
-
-
Miod Vallat authored
In the ssl_cipher_get_evp() function, fix off-by-one errors in index validation before accessing arrays. Bug discovered and fixed by Miod Vallat from the OpenBSD team. PR#3375
-