wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
7806 commits 20 branches 302 tags 153 MiB
Commit graph

809 commits

Author SHA1 Message Date
Andy Polyakov
4c860910df DTLS RFC4347 says HelloVerifyRequest resets Finished MAC. From HEAD with a 
twist: server allows for non-compliant Finished calculations in order to
enable interop with pre-0.9.8f.
 2007-09-30 19:36:32 +00:00
Andy Polyakov
0fc3d51b7d DTLS RFC4347 requires client to use rame random field in reply to 
HelloVerifyRequest [from HEAD].
 2007-09-30 19:15:46 +00:00
Andy Polyakov
c4b0d7879e Switch for RFC-compliant version encoding in DTLS. From HEAD with a twist: 
server accepts even non-compliant encoding in order to enable interop with
pre-0.9.8f clients.
 2007-09-30 18:55:59 +00:00
Dr. Stephen Henson
aab1ec3f36 Update from HEAD. 2007-09-28 16:29:24 +00:00
Dr. Stephen Henson
07d9808496 Fix from HEAD. 2007-09-23 15:55:54 +00:00
Bodo Möller
4ab0088bfe More changes from HEAD: 
- no need to disable SSL 2.0 for SSL_CTRL_SET_TLSEXT_HOSTNAME
  now that ssl23_client_hello takes care of that

- fix buffer overrun checks in ssl_add_serverhello_tlsext()
 2007-09-21 14:05:08 +00:00
Dr. Stephen Henson
3bd1690bfb Fixes from HEAD. 2007-09-21 13:40:51 +00:00
Ben Laurie
4f2b7d48b1 make depend 2007-09-19 12:17:11 +00:00
Ben Laurie
458c3900e1 Lingering "security" fix. 2007-09-19 12:16:21 +00:00
Dr. Stephen Henson
25b0e072dd PR: 1582 2007-09-17 17:30:01 +00:00
Dr. Stephen Henson
927a28ba3b gcc 4.2 fixes to avoid use or function pointer casts in OpenSSL. 
Fix various "computed value not used" warnings too.
 2007-09-06 12:43:54 +00:00
Dr. Stephen Henson
a938c4284e Update from HEAD. 2007-08-31 00:28:51 +00:00
Dr. Stephen Henson
c2079de880 Update from HEAD. 2007-08-28 01:12:44 +00:00
Dr. Stephen Henson
afdbadc704 Update from HEAD. 2007-08-20 12:44:22 +00:00
Dr. Stephen Henson
865a90eb4f Backport of TLS extension code to OpenSSL 0.9.8. 
Include server name and RFC4507bis support.

This is not compiled in by default and must be explicitly enabled with
the Configure option enable-tlsext
 2007-08-12 18:59:03 +00:00
Dr. Stephen Henson
761f3b403b Fix more unused value warnings. 2007-07-04 13:09:27 +00:00
Bodo Möller
2c12e7f6f5 Ensure that AES remains the preferred cipher at any given key length. 
(This does not really require a special case for Camellia.)
 2007-04-25 07:58:32 +00:00
Bodo Möller
c3cc4662af Add SEED encryption algorithm. 
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
 2007-04-23 23:50:26 +00:00
Bodo Möller
6fd3f3260d stricter session ID context matching 2007-03-21 14:33:01 +00:00
Bodo Möller
d9e262443c oops -- this should have been in 0.9.8e 2007-03-21 14:18:27 +00:00
Dr. Stephen Henson
295de18c8a Fix kerberos ciphersuite bugs introduced with PR:1336. 2007-03-09 14:06:34 +00:00
Ben Laurie
3370b694b9 Make local function static. 2007-03-08 15:52:04 +00:00
Bodo Möller
b2710ee19a remove inconsistency between builds with and without Camellia enabled 2007-02-19 17:55:07 +00:00
Bodo Möller
bbfcc4724d fix incorrect strength bit values for certain Kerberos ciphersuites 
Submitted by: Victor Duchovni
 2007-02-19 14:47:21 +00:00
Bodo Möller
5f4cc234fb Some fixes for ciphersuite string processing: 
- add a workaround provided by Victor Duchovni so that 128- and
  256-bit variants of otherwise identical ciphersuites are treated
  correctly;

- also, correctly skip invalid parts of ciphersuite description strings.

Submitted by: Victor Duchovni, Bodo Moeller
 2007-02-17 06:52:42 +00:00
Nils Larsch
d31a13953c ensure that the EVP_CIPHER_CTX object is initialized 
PR: 1490
 2007-02-16 20:40:07 +00:00
Nils Larsch
6555dfa486 use user-supplied malloc functions for persistent kssl objects 
PR: 1467
Submitted by: Andrei Pelinescu-Onciul <andrei@iptel.org>
 2007-02-10 10:40:24 +00:00
Nils Larsch
f418265865 ensure that a ec key is used 
PR: 1476
 2007-02-07 20:36:40 +00:00
Dr. Stephen Henson
4479ce9c1c Update from HEAD. 2007-01-21 16:07:25 +00:00
Dr. Stephen Henson
34a8c7ec87 Win32 fixes. 
Use OPENSSL_NO_RFC3779 instead of OPENSSL_RFC3779: this makes the Win32 scripts
work and is consistent with other options.

Fix Win32 scripts and Configure to process OPENSSL_NO_RFC3779 properly.

Update ordinals.

Change some prototypes for LSB because VC++ 6 doesn't like the */ sequence and thinks it is an invalid end of comment.
 2006-11-30 13:04:43 +00:00
Nils Larsch
d4a6240005 replace macros with functions 
Submitted by: Tracy Camp <tracyx.e.camp@intel.com>
 2006-11-29 20:47:15 +00:00
Bodo Möller
5c6f76da0a fix support for receiving fragmented handshake messages 2006-11-29 14:45:14 +00:00
Dr. Stephen Henson
115fc340cb Rebuild error file C source files. 2006-11-21 20:14:46 +00:00
Richard Levitte
7e2bf83100 Fixes for the following claims: 
1) Certificate Message with no certs

  OpenSSL implementation sends the Certificate message during SSL
  handshake, however as per the specification, these have been omitted.

  -- RFC 2712 --
     CertificateRequest, and the ServerKeyExchange shown in Figure 1
     will be omitted since authentication and the establishment of a
     master secret will be done using the client's Kerberos credentials
     for the TLS server.  The client's certificate will be omitted for
     the same reason.
  -- RFC 2712 --

  3) Pre-master secret Protocol version

  The pre-master secret generated by OpenSSL does not have the correct
  client version.

  RFC 2712 says, if the Kerberos option is selected, the pre-master
  secret structure is the same as that used in the RSA case.

  TLS specification defines pre-master secret as:
         struct {
             ProtocolVersion client_version;
             opaque random[46];
         } PreMasterSecret;

  where client_version is the latest protocol version supported by the
  client

  The pre-master secret generated by OpenSSL does not have the correct
  client version. The implementation does not update the first 2 bytes
  of random secret for Kerberos Cipher suites. At the server-end, the
  client version from the pre-master secret is not validated.

PR: 1336
 2006-09-28 12:23:15 +00:00
Mark J. Cox
951dfbb13a Introduce limits to prevent malicious keys being able to 
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
 2006-09-28 11:29:03 +00:00
Dr. Stephen Henson
81780a3b62 Update from HEAD. 2006-09-23 17:30:25 +00:00
Bodo Möller
879b30aaa3 ensure that ciphersuite strings such as "RC4-MD5" match the SSL 2.0 
ciphersuite as well
 2006-09-11 09:48:46 +00:00
Ben Laurie
616f581650 Fix warning. 2006-07-02 14:43:21 +00:00
Bodo Möller
e6e3f38bfa Fix for previous change: explicitly named ciphersuites are OK to add 2006-06-22 13:07:45 +00:00
Bodo Möller
aa17ab7e57 Put ECCdraft ciphersuites back into default build (but disabled 
unless specifically requested)
 2006-06-22 12:35:54 +00:00
Bodo Möller
35908bd040 Remove ECC ciphersuites from 0.9.8 branch (should use 0.9.9 branch) 2006-06-20 08:50:33 +00:00
Bodo Möller
0e73294e26 Disable invalid ciphersuites 2006-06-14 17:52:01 +00:00
Bodo Möller
b610f46bae Make sure that AES ciphersuites get priority over Camellia ciphersuites 
in the default cipher string.
 2006-06-14 13:52:49 +00:00
Bodo Möller
6d2cd23f40 Thread-safety fixes 2006-06-14 08:51:41 +00:00
Bodo Möller
e18eef3d7a Camellia cipher, contributed by NTT 
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
 2006-06-09 15:42:21 +00:00
Dr. Stephen Henson
b723a7b11b Don't check for padding bug if compression is negotiated. 
PR: 1204
 2006-05-07 12:27:48 +00:00
Dr. Stephen Henson
cbb0b734c7 If cipher list contains a match for an explicit ciphersuite only match that 
one suite.
 2006-04-15 00:22:34 +00:00
Nils Larsch
41d4d6721c fix no-dh configure option; patch supplied by Peter Meerwald 2006-02-24 17:58:35 +00:00
Nils Larsch
22d1087e16 backport recent changes from the cvs head 2006-02-08 19:16:33 +00:00
Dr. Stephen Henson
9f85fcefdc Update filenames in makefiles 2006-02-04 01:49:36 +00:00
Nils Larsch
45803988ce make "./configure no-ssl2" work again 
PR: 1217
 2006-01-15 16:57:01 +00:00
Nils Larsch
82a2cb6f51 fix cipher list order 2006-01-15 07:14:38 +00:00
Bodo Möller
c55d882fab Avoid contradictive error code assignments. 
"make error".
 2006-01-08 21:52:46 +00:00
Bodo Möller
2e885232c2 Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts) 2006-01-08 19:41:25 +00:00
Bodo Möller
a14afd0804 Rewrite timeout computation in a way that is less prone to overflow. 
(Problem reported by Peter Sylvester.)
 2005-12-30 23:51:57 +00:00
Bodo Möller
bc9320452c update TLS-ECC code 
Submitted by: Douglas Stebila
 2005-12-13 07:41:47 +00:00
Dr. Stephen Henson
974d52fdb8 Fix from HEAD. 2005-12-05 17:32:22 +00:00
Mark J. Cox
64932f9e4a Add fixes for CAN-2005-2969 
Bump release ready for OpenSSL_0_9_8a tag
 2005-10-11 10:16:21 +00:00
Dr. Stephen Henson
416b6fd115 Make OPENSSL_NO_COMP work on Win32. 2005-10-02 12:26:06 +00:00
Dr. Stephen Henson
f685cf920b As HEAD. 2005-10-01 00:41:24 +00:00
Dr. Stephen Henson
54f51116b2 Update from HEAD. 2005-09-30 23:38:20 +00:00
Dr. Stephen Henson
daa657fb78 Fix from HEAD. 2005-09-21 00:57:28 +00:00
Nils Larsch
7f622f6c04 fix warnings when building openssl with (gcc 3.3.1): 
-Wmissing-prototypes -Wcomment -Wformat -Wimplicit -Wmain -Wmultichar
-Wswitch -Wshadow -Wtrigraphs -Werror -Wchar-subscripts
-Wstrict-prototypes -Wreturn-type -Wpointer-arith  -W -Wunused
-Wno-unused-parameter -Wuninitialized
 2005-08-28 23:20:52 +00:00
Ben Laurie
801136bcc2 Fix warnings. 2005-08-27 12:05:23 +00:00
Nils Larsch
3c0e39c539 Keep cipher lists sorted in the source instead of sorting them at 
runtime, thus removing the need for a lock. Add a test to ssltest
to verify that the cipher lists are sorted.
 2005-08-25 07:43:04 +00:00
Nils Larsch
cd9911fdf8 initialize cipher/digest methods table in SSL_library_init() and hence remove the need for a lock 2005-08-21 23:06:51 +00:00
Nils Larsch
cf1546a60e a ssl object needs it's own instance of a ecdh key; remove obsolete comment 2005-08-08 19:39:29 +00:00
Nils Larsch
e7eec05af0 fix typo 2005-08-08 19:26:35 +00:00
Dr. Stephen Henson
222f224664 Initialize SSL_METHOD structures at compile time. This removes the need 
for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.
 2005-08-05 23:52:08 +00:00
Andy Polyakov
2d54cc69c9 WCE update, mostly typos [from HEAD]. 2005-08-03 20:04:05 +00:00
Nils Larsch
3de6d65ea3 improved error checking and some fixes 
PR: 1170
Submitted by: Yair Elharrar
Reviewed and edited by: Nils Larsch
 2005-07-26 20:55:17 +00:00
Nils Larsch
4913b88f70 make 
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
	make all test
work again (+ make update)

PR: 1159
 2005-07-16 11:13:10 +00:00
Ben Laurie
910d193029 Did you know it was wrong to use a char as an array index? 2005-06-28 13:27:53 +00:00
Andy Polyakov
beae6324e5 Eliminate dependency on UNICODE macro. 2005-06-27 21:21:12 +00:00
Richard Levitte
a50a2126cf DCC doesn't like argument names in returned function pointers. 
PR: 1122
 2005-06-23 21:35:20 +00:00
Richard Levitte
c58a1f76f8 Do not undefine _XOPEN_SOURCE. This is currently experimental, and 
will be firmed up as soon as it's been verified not to break anything.
 2005-06-16 22:19:14 +00:00
Nils Larsch
cac0d4ee6f - let SSL_CTX_set_cipher_list and SSL_set_cipher_list return an 
error if the cipher list is empty
- fix last commit in ssl_create_cipher_list
- clean up ssl_create_cipher_list
 2005-06-10 19:51:16 +00:00
Nils Larsch
898d3ecce0 use "=" instead of "|=", fix typo 2005-06-08 22:20:24 +00:00
Nils Larsch
4e2a0e58f2 ssl_create_cipher_list should return an error if no cipher could be 
collected (see SSL_CTX_set_cipher_list manpage). Fix handling of
"cipher1+cipher2" expressions in ssl_cipher_process_rulestr

PR: 836 + 1005
 2005-06-08 21:13:52 +00:00
Richard Levitte
0fb4d54068 Further change pq_compat.h to generate the flag macros PQ_64BIT_IS_INTEGER 
and PQ_64BIT_IS_BIGNUM with the values 0 (for false) and 1 (for true),
depending on which is true.  Use those flags everywhere else to provide
the correct implementation for handling certain operations in q PQ_64BIT.
 2005-06-06 00:32:30 +00:00
Richard Levitte
d28b7799dd handshake_write_seq is an unsigned short, so treat it like one 2005-06-02 17:26:17 +00:00
Nils Larsch
7ea61df414 clear error queue on success and return NULL if cert could be read 
PR: 1088
 2005-06-01 08:31:22 +00:00
Richard Levitte
335ed97263 Synchronise more with the Unix build 2005-05-31 20:28:55 +00:00
Richard Levitte
3d37d5e24a Forgottent make update. These files will be retagged. 2005-05-30 23:20:32 +00:00
Richard Levitte
e2ac4732cd pqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't 
have a uniform representation for those over all architectures, so a
little bit of hackery is needed.

Contributed by nagendra modadugu <nagendra@cs.stanford.edu>
 2005-05-30 22:34:28 +00:00
Richard Levitte
e96025755d We have some source with \r\n as line ends. DEC C informs about that, 
and I really can't be bothered...
 2005-05-29 12:13:20 +00:00
Richard Levitte
dd890f0776 make update 2005-05-24 03:39:37 +00:00
Dr. Stephen Henson
69762c75fa Fix WIN32+KRB5 issues. 2005-05-23 00:32:55 +00:00
Richard Levitte
b9927cfa2d When _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in 
http://www.opengroup.org/onlinepubs/007908799/xsh/compilation.html.

Notified by David Wolfe <dwolfe5272@yahoo.com>
 2005-05-21 17:39:53 +00:00
Andy Polyakov
ce92b6eb9c Further BUILDENV refinement, further fool-proofing of Makefiles and 
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
 2005-05-16 16:55:47 +00:00
Nils Larsch
9dd8405341 ecc api cleanup; summary: 
- hide the EC_KEY structure definition in ec_lcl.c + add
  some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
  attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
  additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
 2005-05-16 10:11:04 +00:00
Andy Polyakov
81a86fcf17 Fool-proofing Makefiles 2005-05-15 22:23:26 +00:00
Dr. Stephen Henson
f795123c4a Fix from stable branch. 2005-05-12 22:39:42 +00:00
Bodo Möller
3f19bbf4e3 fix msg_callback() arguments for SSL 2.0 compatible client hello 
(previous revision got this wrong)
 2005-05-12 06:24:25 +00:00
Bodo Möller
c6c2e3135d Don't use the SSL 2.0 Client Hello format if SSL 2.0 is disabled 
with the SSL_OP_NO_SSLv2 option.
 2005-05-11 18:25:49 +00:00
Nils Larsch
35e8510e60 use 'p' as conversion specifier for printf to avoid truncation of 
pointers on 64 bit platforms. Patch supplied by Daniel Gryniewicz
via Mike Frysinger <vapier@gentoo.org>.

PR: 1064
 2005-05-10 11:55:28 +00:00
Nils Larsch
8b15c74018 give EC_GROUP_new_by_nid a more meanigful name: 
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
 2005-05-10 11:37:47 +00:00
Bodo Möller
fbeaa3c47d Update util/ck_errf.pl script, and have it run automatically 
during "make errors" and thus during "make update".

Fix lots of bugs that util/ck_errf.pl can detect automatically.
Various others of these are still left to fix; that's why
"make update" will complain loudly when run now.
 2005-05-09 00:27:37 +00:00
Nils Larsch
7dc17a6cf0 give EC_GROUP_*_nid functions a more meaningful name 
EC_GROUP_get_nid -> EC_GROUP_get_curve_name
	EC_GROUP_set_nid -> EC_GROUP_set_curve_name
 2005-05-08 22:09:12 +00:00
Nils Larsch
9e5790ce21 backport fix from the stable branch 2005-05-03 10:00:16 +00:00