Commits · f98d2e5cc13a42c39b2adb6771878ab8157e1fe4 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

May 19, 2011
- Implement FIPS_mode and FIPS_mode_set · f98d2e5c
  Dr. Stephen Henson authored May 19, 2011
  
  f98d2e5c
- update date · 1a553825
  Dr. Stephen Henson authored May 19, 2011
  
  1a553825
- inherit HMAC flags from MD_CTX · f4ddbb5a
  Dr. Stephen Henson authored May 19, 2011
  
  f4ddbb5a
- set encodedPoint to NULL after freeing it · 74bf705e
  Dr. Stephen Henson authored May 19, 2011
  
  74bf705e
May 15, 2011
- new flag to stop ENGINE methods being registered · 676cd3a2
  Dr. Stephen Henson authored May 15, 2011
  
  676cd3a2
May 13, 2011
- Recognise and ignore no-ec-nistp224-64-gcc-128 (from HEAD). · c6ead3cd
  Dr. Stephen Henson authored May 13, 2011
  
  c6ead3cd
- typo · 2d53648c
  Dr. Stephen Henson authored May 13, 2011
  
  2d53648c
- Recognise NO_NISTP224-64-GCC-128 · 64ca6ac2
  Dr. Stephen Henson authored May 13, 2011
  
  64ca6ac2
May 12, 2011
- Provisional support for TLS v1.2 client authentication: client side only. · 4fe4c00e
  Dr. Stephen Henson authored May 12, 2011
```
Parse certificate request message and set digests appropriately.

Generate new TLS v1.2 format certificate verify message.

Keep handshake caches around for longer as they are needed for client auth.
```
  4fe4c00e
- Process signature algorithms during TLS v1.2 client authentication. · 376838a6
  Dr. Stephen Henson authored May 12, 2011
```
Make sure message is long enough for signature algorithms.

(backport from HEAD).
```
  376838a6
- Ooops fix typo. · d768a816
  Dr. Stephen Henson authored May 12, 2011
  
  d768a816
- SRP fixes from HEAD which weren't in 1.0.1-stable. · 766e0cb7
  Dr. Stephen Henson authored May 12, 2011
  
  766e0cb7
- Add SSL_INTERN definition. · 6a6b0c8b
  Dr. Stephen Henson authored May 12, 2011
  
  6a6b0c8b
- Have EC_NISTP224_64_GCC_128 treated like any algorithm, and have disabled by · e24b01cc
  Dr. Stephen Henson authored May 12, 2011
```
default. If we don't do it this way, it screws up libeay.num.
(update from HEAD, original from levitte).
```
  e24b01cc
- Oops, add missing declaration. · 7f9ef562
  Dr. Stephen Henson authored May 12, 2011
  
  7f9ef562
May 11, 2011
- Update ordinals. · d7fc9ffc
  Dr. Stephen Henson authored May 11, 2011
  
  d7fc9ffc
- make kerberos work with OPENSSL_NO_SSL_INTERN · 39348038
  Dr. Stephen Henson authored May 11, 2011
  
  39348038
- Backport TLS v1.2 support from HEAD. · 9472baae
  Dr. Stephen Henson authored May 11, 2011
```
This includes TLS v1.2 server and client support but at present
client certificate support is not implemented.
```
  9472baae
- Typo. · ae17b9ec
  Dr. Stephen Henson authored May 11, 2011
  
  ae17b9ec
- Initial "opaque SSL" framework. If an application defines OPENSSL_NO_SSL_INTERN · 74096890
  Dr. Stephen Henson authored May 11, 2011
```
all ssl related structures are opaque and internals cannot be directly
accessed. Many applications will need some modification to support this and
most likely some additional functions added to OpenSSL.

The advantage of this option is that any application supporting it will still
be binary compatible if SSL structures change.

(backport from HEAD).
```
  74096890
May 08, 2011
- allow SHA384, SHA512 with DSA · 889c2282
  Dr. Stephen Henson authored May 08, 2011
  
  889c2282
Apr 30, 2011
- no need to include memory.h · dca30c44
  Dr. Stephen Henson authored Apr 30, 2011
  
  dca30c44
Apr 06, 2011
- check buffer is larger enough before overwriting · f2c358c6
  Dr. Stephen Henson authored Apr 06, 2011
  
  f2c358c6
Apr 03, 2011

PR: 2462 · 2ab42de1

Dr. Stephen Henson authored Apr 03, 2011

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS Retransmission Buffer Bug

2ab42de1

PR: 2458 · ac2024cc

Dr. Stephen Henson authored Apr 03, 2011

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Don't change state when answering DTLS ClientHello.

ac2024cc

PR: 2457 · 93164a7d

Dr. Stephen Henson authored Apr 03, 2011

Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS fragment reassembly bug.

93164a7d

Mar 25, 2011
- Corrections to the VMS build system. · ecff2e5c
  Richard Levitte authored Mar 25, 2011
```
Submitted by Steven M. Schweda <sms@antinode.info>
```
  ecff2e5c
- make some non-VMS builds work again · c9d630da
  Dr. Stephen Henson authored Mar 25, 2011
  
  c9d630da
- For VMS, implement the possibility to choose 64-bit pointers with · d135906d
  Richard Levitte authored Mar 25, 2011
```
different options:
"64"		The build system will choose /POINTER_SIZE=64=ARGV if
		the compiler supports it, otherwise /POINTER_SIZE=64.
"64="		The build system will force /POINTER_SIZE=64.
"64=ARGV"	The build system will force /POINTER_SIZE=64=ARGV.
```
  d135906d
Mar 23, 2011

make update (1.0.1-stable) · 9f427a52

Richard Levitte authored Mar 23, 2011

This meant a slight renumbering in util/libeay.num due to symbols
appearing in 1.0.0-stable.  However, since there's been no release on
this branch yet, it should be harmless.

9f427a52

Mar 22, 2011
- * util/mkdef.pl: Add crypto/o_str.h and crypto/o_time.h. Maybe some · 5a39d3a8
  Richard Levitte authored Mar 22, 2011
```
  more need to be added...
```
  5a39d3a8
Mar 20, 2011
- * apps/makeapps.com: Add srp. · 013f3d99
  Richard Levitte authored Mar 20, 2011
  
  013f3d99
- * apps/makeapps.com: Forgot to end the check for /POINTER_SIZE=64=ARGV · 64d30d7a
  Richard Levitte authored Mar 20, 2011
```
  with turning trapping back on.
* test/maketests.com: Do the same check for /POINTER_SIZE=64=ARGV
  here.
* test/clean-test.com: A new script for cleaning up.
```
  64d30d7a
- file clean_test.com was added on branch OpenSSL_1_0_1-stable on 2011-03-20 14:01:48 +0000 · 7062cb56
  Richard Levitte authored Mar 20, 2011
  
  7062cb56
- * apps/openssl.c: For VMS, take care of copying argv if needed much earlier, · 9d57828d
  Richard Levitte authored Mar 20, 2011
```
  directly in main().  'if needed' also includes when argv is a 32 bit
  pointer in an otherwise 64 bit environment.
* apps/makeapps.com: When using /POINTER_SIZE=64, try to use the additional
  =ARGV, but only if it's supported.  Fortunately, DCL is very helpful
  telling us in this case.
```
  9d57828d
Mar 19, 2011
- A few more long symbols needing shortening. · 9ed8dee7
  Richard Levitte authored Mar 19, 2011
  
  9ed8dee7
- Keep file references in the VMS build files in the same order as they · 4692b334
  Richard Levitte authored Mar 19, 2011
```
are in the Unix Makefiles, and add SRP tests.
```
  4692b334
- SRP was introduced, add it for OpenVMS. · e59fb007
  Richard Levitte authored Mar 19, 2011
  
  e59fb007
- A few more symbols that need shorter versions on OpenVMS. · 92758530
  Richard Levitte authored Mar 19, 2011
  
  92758530
- Change INSTALL.VMS to reflect the changes done on the build and · 0c81aa29
  Richard Levitte authored Mar 19, 2011
```
install scripts.  This could need some more work.
```
  0c81aa29