| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
- safestack macro changes for C++ were incomplete
- RLE decompression boundary case
- SSL 2.0 key arg length check
Submitted by: Google (Adam Langley, Neel Mehta, Bodo Moeller)
|
| |
|
|
|
|
|
| |
stops applications that call CRYPTO_free_all_ex_data() prematurely leaking
memory.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Initial support for CMS.
Add zlib compression BIO.
Add AES key wrap implementation.
Generalize S/MIME MIME code to support CMS and/or PKCS7.
|
|
|
|
|
|
| |
- move zlib_stateful_ex_idx initialization to COMP_zlib()
PR: 1468
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
line, for example).
PR: 1112
|
|
|
|
|
| |
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Enforce that there should be no policy settings when the language
is one of id-ppl-independent or id-ppl-inheritAll.
- Add functionality to ssltest.c so that it can process proxy rights
and check that they are set correctly. Rights consist of ASCII
letters, and the condition is a boolean expression that includes
letters, parenthesis, &, | and ^.
- Change the proxy certificate configurations so they get proxy
rights that are understood by ssltest.c.
- Add a script that tests proxy certificates with SSL operations.
Other changes:
- Change the copyright end year in mkerr.pl.
- make update.
|
| |
|
|
|
|
|
|
| |
if $(EXHEADER) is empty.
Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
|
|
|
|
|
|
|
| |
guys had to change the name to differentiate with older versions when
a backward incompatibility came up. Of course, we need to adapt.
This change simply tries to load the library through the newer name
(ZLIB1) first, and if that fails, it tries the good old ZLIB.
|
|
|
|
|
| |
the Makefiles. NB: this commit is probably going to generate a huge posting
and it is highly uninteresting to read.
|
| |
|
|
|
|
| |
This is part of a large change submitted by Markus Friedl <markus@openbsd.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
compression identity is already present among the registered
compression methods, and if so, reject the addition request.
Declare SSL_COMP_get_compression_method() so it can be used properly.
Change ssltest.c so it checks what compression methods are available
and enumerates them. As a side-effect, built-in compression methods
will be automagically loaded that way. Additionally, change the
identities for ZLIB and RLE to be conformant to
draft-ietf-tls-compression-05.txt.
Finally, make update.
Next on my list: have the built-in compression methods added
"automatically" instead of requiring that the author call
SSL_COMP_add_compression_method() or
SSL_COMP_get_compression_methods().
|
|
|
|
| |
let's wrap it with a lock.
|
|
|
|
| |
and provide missing prototypes.
|
| |
|
| |
|
| |
|
|
|
|
| |
stateless variant is kept, but isn't used anywhere.
|
|
|
|
|
|
|
| |
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
|
|
|
|
|
| |
only the first call would provide the correct result.
PR: 277
|
|
|
|
|
| |
handled properly.
Part of PR 75
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
errors can be tolerated, hide the error from 'make'.
This gives shorter output both if ranlib fails and if
it works.
|
|
|
|
|
| |
Note that all *_it variables are suddenly non-existant according to
libeay.num. This is a bug that will be corrected. Please be patient.
|
|
|
|
|
|
|
|
| |
and make all files the depend on it include it without prefixing it
with openssl/.
This means that all Makefiles will have $(TOP) as one of the include
directories.
|
|
|
|
|
|
|
| |
missed any.
This compiles and runs on Linux, and external applications have no
problems with it. The definite test will be to build this on VMS.
|
|
|
|
|
|
|
|
|
|
|
|
| |
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.
I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
|
| |
|
|
|
|
| |
Don't dump core in ssltest.
|
| |
|