wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9950 commits 20 branches 302 tags 153 MiB
Commit graph

9950 commits

This branch
This branch
All branches
Author SHA1 Message Date
Dr. Stephen Henson
419a530194 PR: 2540 
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Prevent infinite loop in BN_GF2m_mod_inv().
 2011-06-22 15:23:32 +00:00
Dr. Stephen Henson
69a8901eb1 correctly encode OIDs near 2^32 2011-06-22 15:15:38 +00:00
Dr. Stephen Henson
2bcd08e691 make EVP_dss() work for DSA signing 2011-06-20 20:05:38 +00:00
Bodo Möller
167d692925 Complete the version history (include information on unreleased 
version 0.9.8s to show full information).
 2011-06-15 14:21:17 +00:00
Dr. Stephen Henson
025ee1dbde fix memory leak 2011-06-08 15:56:20 +00:00
Dr. Stephen Henson
dce7b92d0b PR: 2533 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Setting SSL_MODE_RELEASE_BUFFERS should be ignored for DTLS, but instead causes
the program to crash. This is due to missing version checks and is fixed with
this patch.
 2011-05-25 15:21:12 +00:00
Dr. Stephen Henson
db886c2a2b PR: 2529 
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve

Call ssl_new() to reallocate SSL BIO internals if we want to replace
the existing internal SSL structure.
 2011-05-25 15:15:52 +00:00
Dr. Stephen Henson
4d43129446 PR: 2527 
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve

Set cnf to NULL to avoid possible double free.
 2011-05-25 15:06:05 +00:00
Dr. Stephen Henson
92107f8150 Fix the ECDSA timing attack mentioned in the paper at: 
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
 2011-05-25 14:52:44 +00:00
Dr. Stephen Henson
e82d6a2019 Fix the ECDSA timing attack mentioned in the paper at: 
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
 2011-05-25 14:43:05 +00:00
Dr. Stephen Henson
4e5755cd85 Oops use up to date patch for PR#2506 2011-05-25 14:29:55 +00:00
Dr. Stephen Henson
dda8dcd2c0 PR: 2512 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix BIO_accept so it can be bound to IPv4 or IPv6 sockets consistently.
 2011-05-25 12:36:50 +00:00
Dr. Stephen Henson
16646b0018 PR: 2506 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fully implement SSL_clear for DTLS.
 2011-05-25 12:28:31 +00:00
Dr. Stephen Henson
320881c25c PR: 2505 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS session resumption timer bug.
 2011-05-25 12:24:26 +00:00
Dr. Stephen Henson
1d23fb382e update date 2011-05-19 17:56:47 +00:00
Dr. Stephen Henson
c4f1942a76 inherit HMAC flags from MD_CTX 2011-05-19 17:39:49 +00:00
Dr. Stephen Henson
38c42c6eea set encodedPoint to NULL after freeing it 2011-05-19 16:18:25 +00:00
Dr. Stephen Henson
51eb247d0f no need to include memory.h 2011-04-30 23:38:24 +00:00
Dr. Stephen Henson
8d22673a62 check buffer is larger enough before overwriting 2011-04-06 18:07:02 +00:00
Dr. Stephen Henson
3622d3743e PR: 2462 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS Retransmission Buffer Bug
 2011-04-03 17:15:08 +00:00
Dr. Stephen Henson
fbbf28e7c2 PR: 2458 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Don't change state when answering DTLS ClientHello.
 2011-04-03 16:26:14 +00:00
Dr. Stephen Henson
f5dac77c06 PR: 2457 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS fragment reassembly bug.
 2011-04-03 15:49:03 +00:00
Richard Levitte
067d72a082 Corrections to the VMS build system. 
Submitted by Steven M. Schweda <sms@antinode.info>
 2011-03-25 16:21:39 +00:00
Dr. Stephen Henson
ac0f3f506a make some non-VMS builds work again 2011-03-25 15:06:50 +00:00
Richard Levitte
f819147028 For VMS, implement the possibility to choose 64-bit pointers with 
different options:
"64"		The build system will choose /POINTER_SIZE=64=ARGV if
		the compiler supports it, otherwise /POINTER_SIZE=64.
"64="		The build system will force /POINTER_SIZE=64.
"64=ARGV"	The build system will force /POINTER_SIZE=64=ARGV.
 2011-03-25 09:40:18 +00:00
Richard Levitte
a530963f05 make update (1.0.0-stable) 2011-03-22 23:56:18 +00:00
Richard Levitte
bc5a53f5e9 * util/mkdef.pl: Add crypto/o_str.h and crypto/o_time.h. Maybe some 
more need to be added...
 2011-03-22 23:54:13 +00:00
Richard Levitte
83382fb9d5 * apps/makeapps.com: Forgot to end the check for /POINTER_SIZE=64=ARGV 
with turning trapping back on.
* test/maketests.com: Do the same check for /POINTER_SIZE=64=ARGV
  here.
* test/clean-test.com: A new script for cleaning up.
 2011-03-20 14:01:20 +00:00
Richard Levitte
0674370017 * apps/openssl.c: For VMS, take care of copying argv if needed much earlier, 
directly in main().  'if needed' also includes when argv is a 32 bit
  pointer in an otherwise 64 bit environment.
* apps/makeapps.com: When using /POINTER_SIZE=64, try to use the additional
  =ARGV, but only if it's supported.  Fortunately, DCL is very helpful
  telling us in this case.
 2011-03-20 13:15:41 +00:00
Richard Levitte
2f91cb2c5e Keep file references in the VMS build files in the same order as they 
are in the Unix Makefiles
 2011-03-19 10:44:41 +00:00
Richard Levitte
acb25c2327 Change INSTALL.VMS to reflect the changes done on the build and 
install scripts.  This could need some more work.
 2011-03-19 09:45:45 +00:00
Richard Levitte
2d842a90f8 Apply all the changes submitted by Steven M. Schweda <sms@antinode.info> 2011-03-19 09:44:53 +00:00
Dr. Stephen Henson
80705bfc50 PR: 2469 
Submitted by: Jim Studt <jim@studt.net>
Reviewed by: steve

Check mac is present before trying to retrieve mac iteration count.
 2011-03-13 18:20:14 +00:00
Dr. Stephen Henson
2a8692311d make no-dsa work again 2011-03-10 18:27:56 +00:00
Andy Polyakov
7d0ed89d57 s390x-mont.pl: optimize for z196. 2011-03-04 13:11:54 +00:00
Andy Polyakov
0912fae6ce dso_dlfcn.c: make it work on Tru64 4.0 [from HEAD]. 
PR: 2316
 2011-02-12 16:46:10 +00:00
Bodo Möller
0bb2154ee9 Sync with 0.9.8 branch. 2011-02-08 19:06:57 +00:00
Bodo Möller
c9355e20c3 start 1.0.0e-dev 2011-02-08 17:58:45 +00:00
Bodo Möller
6545372c24 OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d) 
Submitted by: Neel Mehta, Adam Langley, Bodo Moeller
 2011-02-08 17:10:53 +00:00
Bodo Möller
17f8412983 Add complete information on 0.9.8 branch. 2011-02-08 08:42:15 +00:00
Bodo Möller
d48df9a91b Assorted bugfixes: 
- safestack macro changes for C++ were incomplete
- RLE decompression boundary case
- SSL 2.0 key arg length check

Submitted by: Google (Adam Langley, Neel Mehta, Bodo Moeller)
 2011-02-03 12:04:40 +00:00
Bodo Möller
65448fd0d3 fix omission 2011-02-03 11:21:20 +00:00
Dr. Stephen Henson
a677c87b7b Since FIPS 186-3 specifies we use the leftmost bits of the digest 
we shouldn't reject digest lengths larger than SHA256: the FIPS
algorithm tests include SHA384 and SHA512 tests.
 2011-02-01 12:54:04 +00:00
Dr. Stephen Henson
f8a123b4a2 stop warnings about no previous prototype when compiling shared engines 2011-01-30 01:05:38 +00:00
Dr. Stephen Henson
c64beae686 PR: 2433 
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve

Constify ASN1_STRING_set_default_mask_asc().
 2011-01-24 16:20:15 +00:00
Dr. Stephen Henson
99ef8323e4 check EC public key isn't point at infinity 2011-01-24 15:08:01 +00:00
Dr. Stephen Henson
2668c58969 PR: 1612 
Submitted by: Robert Jackson <robert@rjsweb.net>
Reviewed by: steve

Fix EC_POINT_cmp function for case where b but not a is the point at infinity.
 2011-01-24 14:41:58 +00:00
Dr. Stephen Henson
5ae3168a77 stop warning with no-engine 2011-01-13 15:42:59 +00:00
Richard Levitte
559579659c The previous change was incorrect in this branch... 2011-01-10 21:00:25 +00:00
Richard Levitte
2dd74160cc PR: 2425 
Synchronise VMS build with Unixly build.
 2011-01-10 20:55:24 +00:00