wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9741 commits 20 branches 302 tags 153 MiB
Commit graph

9741 commits

This branch
This branch
All branches
Author SHA1 Message Date
Andy Polyakov
4887e07819 x86_64 assembly pack: make it possible to compile with Perl located 
on path with spaces [from HEAD].

PR: 2835
 2012-06-27 13:04:17 +00:00
Dr. Stephen Henson
652ac3e93a oops, add -debug_decrypt option which was accidenatally left out 2012-06-19 13:38:47 +00:00
Andy Polyakov
8d2f61ac70 bss_dgram.c: fix bugs [from HEAD]. 
PR: 2833
 2012-06-19 12:50:09 +00:00
Andy Polyakov
02a23fa309 s2_clnt.c: compensate for compiler bug [from HEAD]. 2012-05-16 18:22:39 +00:00
Dr. Stephen Henson
bef20d4a68 PR: 2813 
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>

Fix possible deadlock when decoding public keys.
 2012-05-11 13:50:09 +00:00
Dr. Stephen Henson
dddddb2e6c prepare for next version 2012-05-10 16:01:57 +00:00
Dr. Stephen Henson
8fcb93613a prepare for 1.0.0j release 2012-05-10 14:48:54 +00:00
Dr. Stephen Henson
ecb58c1628 update NEWS 2012-05-10 14:45:05 +00:00
Dr. Stephen Henson
a969ca5cc8 Sanity check record length before skipping explicit IV in DTLS 
to fix DoS attack.

Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
fuzzing as a service testing platform.
(CVE-2012-2333)
 2012-05-10 14:44:20 +00:00
Dr. Stephen Henson
1e4406a854 Reported by: Solar Designer of Openwall 
Make sure tkeylen is initialised properly when encrypting CMS messages.
 2012-05-10 13:28:28 +00:00
Richard Levitte
94fbee800b Correct environment variable is OPENSSL_ALLOW_PROXY_CERTS. 2012-05-04 10:43:19 +00:00
Andy Polyakov
c50847c28b ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performance 
of digest algorithms, mosty SHA, on Power7. Mystery of century, why SHA,
why slower algorithm are affected more... [from HEAD].
PR: 2794
Submitted by: Ashley Lai
 2012-04-27 20:21:26 +00:00
Dr. Stephen Henson
b1ce2d24dd correct error code 2012-04-22 13:31:37 +00:00
Dr. Stephen Henson
743fb51d2c correct old FAQ answers, sync with HEAD 2012-04-22 13:21:59 +00:00
Dr. Stephen Henson
0ed781740d prepare for next version 2012-04-19 17:02:49 +00:00
Dr. Stephen Henson
d0e542fdc9 prepare for 1.0.0i release 2012-04-19 11:47:20 +00:00
Dr. Stephen Henson
457863efdf update NEWS 2012-04-19 11:45:37 +00:00
Dr. Stephen Henson
5bd4fcc5c2 Check for potentially exploitable overflows in asn1_d2i_read_bio 
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.

Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
 2012-04-19 11:44:51 +00:00
Andy Polyakov
3dd2eebfbc Makefile.org: clear yet another environment variable [from HEAD]. 
PR: 2793
 2012-04-19 06:40:47 +00:00
Andy Polyakov
d079b387a3 OPENSSL_NO_SOCK fixes [from HEAD]. 
PR: 2791
Submitted by: Ben Noordhuis
 2012-04-16 17:43:28 +00:00
Andy Polyakov
8eeaeb4b04 Minor compatibility fixes [from HEAD]. 
PR: 2790
Submitted by: Alexei Khlebnikov
 2012-04-16 17:37:04 +00:00
Andy Polyakov
0041925844 s3_srvr.c: fix typo [from HEAD]. 
PR: 2538
 2012-04-15 17:23:23 +00:00
Dr. Stephen Henson
14fa016b2b update rather ancient EVP digest documentation 2012-04-10 22:28:34 +00:00
Dr. Stephen Henson
7fdccda37d PR: 2778(part) 
Submitted by: John Fitzgibbon <john_fitzgibbon@yahoo.com>

Time is always encoded as 4 bytes, not sizeof(Time).
 2012-03-31 18:02:35 +00:00
Andy Polyakov
cdc575c46b ans1/tasn_prn.c: avoid bool in variable names [from HEAD]. 
PR: 2776
 2012-03-29 17:51:37 +00:00
Dr. Stephen Henson
2f0aaf76f3 Submitted by: Markus Friedl <mfriedl@gmail.com> 
Fix memory leaks in 'goto err' cases.
 2012-03-22 15:43:06 +00:00
Dr. Stephen Henson
6b7887b0ab Always use SSLv23_{client,server}_method in s_client.c and s_server.c, 
the old code came from SSLeay days before TLS was even supported.
 2012-03-18 18:14:46 +00:00
Richard Levitte
9ad1b440ae cipher should only be set to PSK if JPAKE is used. 2012-03-14 12:38:55 +00:00
Andy Polyakov
9275ad321f config: compensate for bug in Solaris cc drivers, which can remove /dev/null 
[from HEAD,1.0.1]
 2012-03-13 19:22:26 +00:00
Andy Polyakov
216a2a5fc6 x86_64-xlate.pl: remove old kludge. 
PR: 2435,2440
 2012-03-13 19:19:57 +00:00
Dr. Stephen Henson
c2c6044933 prepare for next version 2012-03-12 16:35:49 +00:00
Dr. Stephen Henson
dc95c53c6f corrected fix to PR#2711 and also cover mime_param_cmp 2012-03-12 15:26:48 +00:00
Dr. Stephen Henson
b24a53dd9a correct NEWS 2012-03-12 14:45:07 +00:00
Dr. Stephen Henson
ffbe7cd0c5 fix error code 2012-03-12 14:32:54 +00:00
Dr. Stephen Henson
97183a312e prepare for release 2012-03-12 14:24:50 +00:00
Dr. Stephen Henson
46ed8aff6d update NEWS 2012-03-12 14:23:35 +00:00
Dr. Stephen Henson
6a0a48433b Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and 
continue with symmetric decryption process to avoid leaking timing
information to an attacker.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
 2012-03-12 14:22:59 +00:00
Dr. Stephen Henson
ad3d95222d PR: 2756 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix DTLS timeout handling.
 2012-03-09 15:52:09 +00:00
Dr. Stephen Henson
18ea747ce4 check return value of BIO_write in PKCS7_decrypt 2012-03-08 14:02:00 +00:00
Dr. Stephen Henson
f4f512a853 PR: 2755 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Reduce MTU after failed transmissions.
 2012-03-06 13:46:52 +00:00
Dr. Stephen Henson
9c2bed0b65 PR: 2748 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Fix possible DTLS timer deadlock.
 2012-03-06 13:22:57 +00:00
Andy Polyakov
ad83334e73 Configure: make no-whirlpool work [from HEAD]. 2012-03-03 13:48:21 +00:00
Dr. Stephen Henson
2cf4bc9ecd PR: 2743 
Reported by: Dmitry Belyavsky <beldmit@gmail.com>

Fix memory leak if invalid GOST MAC key given.
 2012-02-29 14:12:37 +00:00
Dr. Stephen Henson
c8ac945d59 PR: 2742 
Reported by: Dmitry Belyavsky <beldmit@gmail.com>

If resigning with detached content in CMS just copy data across.
 2012-02-29 14:01:40 +00:00
Dr. Stephen Henson
92aa50bc03 Fix memory leak cause by race condition when creating public keys. 
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
 2012-02-28 14:47:25 +00:00
Dr. Stephen Henson
2f31308b17 PR: 2736 
Reported by: Remi Gacogne <rgacogne-bugs@coredump.fr>

Preserve unused bits value in non-canonicalised ASN1_STRING structures
by using ASN1_STRING_copy which preseves flags.
 2012-02-27 18:45:06 +00:00
Dr. Stephen Henson
468d58e712 xn is never actually used, remove it 2012-02-27 17:07:46 +00:00
Dr. Stephen Henson
dd4b50ff6a PR: 2737 
Submitted by: Remi Gacogne <rgacogne-bugs@coredump.fr>

Fix double free in PKCS12_parse if we run out of memory.
 2012-02-27 16:46:54 +00:00
Dr. Stephen Henson
030d5b8c97 PR: 2735 
Make cryptodev digests work. Thanks to Nikos Mavrogiannopoulos for
this fix.
 2012-02-27 16:33:16 +00:00
Dr. Stephen Henson
9b73be38ab free headers after use in error message 2012-02-27 16:27:00 +00:00