wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
12302 commits 20 branches 302 tags 153 MiB
Commit graph

12302 commits

This branch
This branch
All branches
Author SHA1 Message Date
Martin Olsson
1afd7fa97c RT2513: Fix typo's paramter-->parameter 
I also found a couple of others (padlock and signinit)
and fixed them.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-19 11:09:33 -04:00
Rich Salz
0df043f608 Merge branch 'master' of git.openssl.org:openssl 2014-08-19 10:02:05 -04:00
Jeffrey Walton
76b10e13c2 PR2401: Typos in FAQ 
Also rewrite section on compiler bugs; Matt pointed out that
it has some grammatical issues.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-19 10:01:40 -04:00
Jeffrey Walton
bcd3e36c46 PR2401: Typos in FAQ 
Also rewrite section on compiler bugs; Matt pointed out that
it has some grammatical issues.
 2014-08-19 10:01:06 -04:00
John Fitzgibbon
3609b02305 RT2724: Remove extra declaration 
Extra SSL_get_selected_srtp_profile() declaration in ssl/srtp.h
causes -Werror builds to fail.

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-19 09:38:43 -04:00
Laszlo Papp
8b6e517e33 RT2492: Remove extra NULL check. 2014-08-18 17:41:24 -04:00
Laszlo Papp
ddc29125a1 RT2489: Remove extra "sig" local variable. 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-18 17:36:49 -04:00
John Gardiner Myers
fc979b93ee RT2942: CRYPTO_set_dynlock_create_callback doc fix 
The file param is "const char*" not "char*"

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-18 16:04:33 -04:00
Doug Goldstein
448155e9bb RT2163: Remove some unneeded #include's 
Several files #include stdio.h and don't need it.
Also, per tjh, remove BN_COUNT

Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-18 12:50:00 -04:00
Justin Blanchard
f756fb430e RT1815: More const'ness improvements 
Add a dozen more const declarations where appropriate.
These are from Justin; while adding his patch, I noticed
ASN1_BIT_STRING_check could be fixed, too.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-18 11:49:16 -04:00
Jonas Maebe
defe438d47 pub_decode_gost94, pub_decode_gost01: check for NULL after allocating databuf pub_encode_gost94, pub_encode_gost01: check for NULL after allocating databuf and octet 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:56:52 +02:00
Jonas Maebe
94c0a987c7 engine_md_copy: check for NULL after allocating to_md->HashBuffer 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:56:44 +02:00
Jonas Maebe
9f01a8acb3 process_pci_value: free (*policy)->data before setting to NULL after failed realloc 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:56:35 +02:00
Jonas Maebe
259ac68aeb do_ext_i2d: free ext_der or ext_oct on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:56:24 +02:00
Jonas Maebe
54298141d3 do_othername: check for NULL after allocating objtmp 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:56:05 +02:00
Jonas Maebe
f6983d0d76 NETSCAPE_SPKI_b64_encode: free der_spki and b64_str on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-17 18:55:12 +02:00
Jonas Maebe
254f1c8019 get_cert_by_subject: check for NULL when allocating hent 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-17 18:55:01 +02:00
Jonas Maebe
fb7fbf28b3 UI_construct_prompt: check for NULL when allocating prompt 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-17 18:54:49 +02:00
Jonas Maebe
ba494ee593 hashbn: check for NULL result when allocating bin and return an error if it fails all (in)direct callers of hashbn: propagate potential error in hashbn 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-17 18:54:39 +02:00
Jonas Maebe
462319c3e9 JPAKE_CTX_new: check for NULL result when allocating ctx 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-17 18:54:11 +02:00
Jonas Maebe
34374c2d2c old_hmac_encode: check for NULL result when allocating *pder 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:52:44 +02:00
Jonas Maebe
6f77f82bfc dev_crypto_md5_copy: return error if allocating to_md->data fails 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:52:30 +02:00
Jonas Maebe
771e0c6c7a dev_crypto_md5_update: check result of realloc(md_data->data) and don't leak memory if it fails 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:52:14 +02:00
Jonas Maebe
d8513b4abd dev_crypto_cipher: return immediately if allocating cin/cout failed 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:51:35 +02:00
Jonas Maebe
c84029dbdc dev_crypto_init_key: return error if allocating CDATA(ctx)->key failed 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:51:16 +02:00
Hubert Kario
750487899a Add support for Camellia HMAC-Based cipher suites from RFC6367 
While RFC6367 focuses on Camellia-GCM cipher suites, it also adds a few
cipher suites that use SHA-2 based HMAC that can be very easily
added.

Tested against gnutls 3.3.5

PR#3443

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-15 23:41:20 +01:00
Matt Caswell
f2be92b94d Fixed out-of-bounds read errors in ssl3_get_key_exchange. 
PR#3450

Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2014-08-15 23:27:34 +01:00
Rich Salz
c9a81b3026 RT2751: Declare get_issuer_sk() earlier. 
Add a declaration for get_issuer_sk() so that other
functions in x509_vf.c could use it.  (Planned work
around cross-certification chains.)
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2014-08-15 17:49:03 -04:00
Jonas Maebe
d6f69ae547 cryptodev_digest_copy: return error if allocating dstate->mac_data fails 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:38:51 +02:00
Jonas Maebe
349e6b2b0a cryptodev_digest_update: don't leak original state->mac_data if realloc fails 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:38:36 +02:00
Jonas Maebe
36f7ed5040 cms_SignerInfo_content_sign: free sig on failure path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:38:19 +02:00
Jonas Maebe
4e64f671c9 rtcp_new: return failure if allocation of bi->ptr failed 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:38:05 +02:00
Jonas Maebe
1c4b688cb4 multi_split: check for NULL when allocating parts and bpart, and for failure of sk_BIO_push() 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:37:48 +02:00
Jonas Maebe
bd4acbc70e BIO_new_dgram_sctp, dgram_sctp_read: zero entire authchunks 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:37:28 +02:00
Jonas Maebe
8957278869 mime_hdr_addparam: free tmpname, tmpval and mparam on error path, and check whether sk_MIME_PARAM_push succeeds 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:37:14 +02:00
Jonas Maebe
15297d962c mime_hdr_new: free mhdr, tmpname, tmpval on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:36:54 +02:00
Jonas Maebe
c9c63b0180 ASN1_verify, ASN1_item_verify: cleanse and free buf_in on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:36:34 +02:00
Jonas Maebe
b9b9f853b5 SetBlob: free rgSetBlob on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:35:11 +02:00
Istvan Noszticzius
865886553d Fix use after free bug. 
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2014-08-15 16:50:16 +01:00
Frdric Giudicelli
c753e71e0a RT783: Minor optimization to ASN1_INTEGER_set 
Remove local variable and avoid extra assignment.

Reviewed-by: Emilia Kasper <emilia@silkandcyanide.net>
 2014-08-15 10:54:43 -04:00
Rob Austein
cf8bac4456 RT2465: Silence some gcc warnings 
"Another machine, another version of gcc, another batch
of compiler warnings."  Add "=NULL" to some local variable
declarations that are set by passing thier address into a
utility function; confuses GCC it might not be set.

Reviewed-by: Emilia Ksper <emilia@silkandcyanide.net>
 2014-08-15 10:52:06 -04:00
Hans Wennborg
01e438f288 RT3023: Redundant logical expressions 
Remove some redundant logical expressions

Reviewed-by: Emilia Kasper <emilia@silkandcyanide.net>
 2014-08-15 10:45:00 -04:00
Rich Salz
5effa35610 Merge branch 'master' of git.openssl.org:openssl 2014-08-15 10:41:50 -04:00
Claus Assmann
14e961921a RT3268: Fix spelling errors in CHANGES file. 
Fix a bunch of typo's and speling (sic) errors in the CHANGES file.

Reviewed-by: Tim Hudson <tjh@cryptsoft.com>
 2014-08-15 10:41:13 -04:00
Dr. Stephen Henson
b83294fe30 Revision of custom extension code. 
Move custom extension structures from SSL_CTX to CERT structure.

This change means the form can be revised in future without binary
compatibility issues. Also since CERT is part of SSL structures
so per-SSL custom extensions could be supported in future as well as
per SSL_CTX.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2014-08-15 12:20:04 +01:00
Dr. Stephen Henson
06f5d12f51 Include error messages on extension check failure. 
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2014-08-15 12:16:16 +01:00
Emilia Kasper
f0ca9ccaef make depend 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-14 15:24:58 +02:00
Bodo Moeller
16602b5cd5 Further improve/fix ec_GFp_simple_points_make_affine (ecp_smpl.c) and 
group_order_tests (ectest.c).  Also fix the EC_POINTs_mul documentation (ec.h).

Reviewed-by: emilia@openssl.org
 2014-08-13 17:37:19 +02:00
Matt Caswell
690a2b1fa2 RT1665: Fix podpath to get xref's right 
In Makefile, when build manpages, put the current directory
at the start of the podpath so that cross-refs find the
local directory first.

Reviewed-by: Tim Hudson <tjh@cryptosoft.com>
 2014-08-13 00:31:02 -04:00
Ingo Schwarze
bebbb11d13 RT3239: Extra comma in NAME lines of two manpages 
In two OpenSSL manual pages, in the NAME section, the last word of the
name list is followed by a stray trailing comma. While this may seem
minor, it is worth fixing because it may confuse some makewhatis(8)
implementations.

While here, also add the missing word "size" to the one line
description in SSL_CTX_set_max_cert_list(3).

Reviewed by: Dr Stephen Henson <shenson@drh-consultancy.co.uk>
 2014-08-12 15:59:18 -04:00