Commit graph

10861 commits

Author SHA1 Message Date
Dr. Stephen Henson
597dab0fa8 correct old FAQ answers 2012-04-22 13:20:28 +00:00
Dr. Stephen Henson
b36bab7812 PR: 2239
Submitted by: Dominik Oepen <oepen@informatik.hu-berlin.de>

Add Brainpool curves from RFC5639.

Original patch by Annie Yousar <a.yousar@informatik.hu-berlin.de>
2012-04-22 13:06:51 +00:00
Andy Polyakov
8ea92ddd13 e_rc4_hmac_md5.c: last commit was inappropriate for non-x86[_64] platforms.
PR: 2792
2012-04-19 20:38:05 +00:00
Dr. Stephen Henson
d9a9d10f4f Check for potentially exploitable overflows in asn1_d2i_read_bio
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.

Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
2012-04-19 16:19:56 +00:00
Dr. Stephen Henson
0d2baadfb4 update FAQ 2012-04-19 12:33:23 +00:00
Andy Polyakov
dce1cc2a59 Makefile.org: clear yet another environment variable.
PR: 2793
2012-04-19 06:39:40 +00:00
Dr. Stephen Henson
b214184160 recognise X9.42 DH certificates on servers 2012-04-18 17:03:29 +00:00
Dr. Stephen Henson
aa09c2c631 correct error codes 2012-04-18 15:36:12 +00:00
Andy Polyakov
6dd9b0fc43 e_rc4_hmac_md5.c: harmonize zero-length fragment handling with
e_aes_cbc_hmac_sha1.c (mostly for aesthetic reasons).
2012-04-18 14:55:39 +00:00
Andy Polyakov
e36f6b9cfa e_rc4_hmac_md5.c: oops, can't use rc4_hmac_md5_cipher on legacy Intel CPUs.
PR: 2792
2012-04-18 14:50:28 +00:00
Andy Polyakov
3e181369dd C64x+ assembler pack. linux-c64xplus build is *not* tested nor can it be
tested, because kernel is not in shape to handle it *yet*. The code is
committed mostly to stimulate the kernel development.
2012-04-18 13:01:36 +00:00
Bodo Möller
d3ddf0228e Disable SHA-2 ciphersuites in < TLS 1.2 connections.
(TLS 1.2 clients could end up negotiating these with an OpenSSL server
with TLS 1.2 disabled, which is problematic.)

Submitted by: Adam Langley
2012-04-17 15:23:03 +00:00
Dr. Stephen Henson
800e1cd969 Additional workaround for PR#2771
If OPENSSL_MAX_TLS1_2_CIPHER_LENGTH is set then limit the size of client
ciphersuites to this value. A value of 50 should be sufficient.

Document workarounds in CHANGES.
2012-04-17 15:12:09 +00:00
Dr. Stephen Henson
293706e72c Partial workaround for PR#2771.
Some servers hang when presented with a client hello record length exceeding
255 bytes but will work with longer client hellos if the TLS record version
in client hello does not exceed TLS v1.0. Unfortunately this doesn't fix all
cases...
2012-04-17 13:21:19 +00:00
Andy Polyakov
4a1fbd13ee OPENSSL_NO_SOCK fixes.
PR: 2791
Submitted by: Ben Noordhuis
2012-04-16 17:42:36 +00:00
Andy Polyakov
9eba5614fe Minor compatibility fixes.
PR: 2790
Submitted by: Alexei Khlebnikov
2012-04-16 17:35:30 +00:00
Andy Polyakov
3b1fb1a022 s3_srvr.c: fix typo.
PR: 2538
2012-04-15 17:22:57 +00:00
Andy Polyakov
fc90e42c86 e_aes_cbc_hmac_sha1.c: handle zero-length payload and engage empty frag
countermeasure.

PR: 2778
2012-04-15 14:14:22 +00:00
Andy Polyakov
26e6bac143 ghash-s390x.pl: fix typo [that can induce SEGV in 31-bit build]. 2012-04-12 06:44:34 +00:00
Dr. Stephen Henson
fc6fc7ff38 Add options to set additional type specific certificate chains to
s_server.
2012-04-11 16:53:11 +00:00
Dr. Stephen Henson
adfd95c2ac use different variable for chain iteration 2012-04-11 16:01:08 +00:00
Dr. Stephen Henson
80eb43519e fix reset fix 2012-04-11 15:05:07 +00:00
Dr. Stephen Henson
bbe0c8c5be make reinitialisation work for CMAC 2012-04-11 12:26:41 +00:00
Dr. Stephen Henson
5a34fcd76e update rather ancient EVP digest documentation 2012-04-10 22:28:01 +00:00
Andy Polyakov
b1fd0ccb38 aes-s390x.pl: fix crash in AES_set_decrypt_key in linux32-s390x build. 2012-04-09 15:12:13 +00:00
Dr. Stephen Henson
b2284ed34a Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Localize client hello extension parsing in t1_lib.c
2012-04-06 11:18:40 +00:00
Dr. Stephen Henson
a43526302f Add support for automatic ECDH temporary key parameter selection. When
enabled instead of requiring an application to hard code a (possibly
inappropriate) parameter set and delve into EC internals we just
automatically use the preferred curve.
2012-04-05 13:38:27 +00:00
Dr. Stephen Henson
2131ce570a add FAQ about version numbers 2012-04-05 13:16:37 +00:00
Andy Polyakov
45cd45bbbc aes-armv4.pl: make it more foolproof [inspired by aes-s390x.pl in 1.0.1]. 2012-04-05 08:30:22 +00:00
Andy Polyakov
bc9583efa2 aes-s390x.pl: make it more foolproof [inspired by 1.0.1]. 2012-04-05 08:22:09 +00:00
Andy Polyakov
a20152bdaf ssl/ssl_ciph.c: interim solution for assertion in d1_pkt.c(444).
PR: 2778
2012-04-04 20:45:51 +00:00
Dr. Stephen Henson
fd2b65ce53 Tidy up EC parameter check code: instead of accessing internal structures
add utility functions to t1_lib.c to check if EC certificates and parameters
are consistent with peer.
2012-04-04 14:41:01 +00:00
Dr. Stephen Henson
263c62467d Update ordinals. 2012-04-03 23:13:23 +00:00
Andy Polyakov
82c5ac4599 CHANGES: harmonize with 1.0.0 and 1.0.1. 2012-03-31 18:56:27 +00:00
Dr. Stephen Henson
94e9215fbc PR: 2778(part)
Submitted by: John Fitzgibbon <john_fitzgibbon@yahoo.com>

Time is always encoded as 4 bytes, not sizeof(Time).
2012-03-31 18:03:02 +00:00
Andy Polyakov
f62f792057 modes_lcl.h: make it work on i386.
PR: 2780
2012-03-31 17:02:46 +00:00
Andy Polyakov
5db9645f1b vpaes-x86[_64].pl: handle zero length in vpaes_cbc_encrypt.
PR: 2775
2012-03-31 16:53:34 +00:00
Andy Polyakov
86963f40f8 util/cygwin.sh update.
PR: 2761
Submitted by: Corinna Vinschen
2012-03-31 11:06:46 +00:00
Dr. Stephen Henson
d3379de5a9 don't shadow 2012-03-30 15:43:32 +00:00
Andy Polyakov
4736eab947 bn/bn_gf2m.c: make new BN_GF2m_mod_inv work with BN_DEBUG_RAND. 2012-03-29 21:35:28 +00:00
Andy Polyakov
23a05fa0c1 modes/gcm128.c: fix self-test. 2012-03-29 18:25:38 +00:00
Andy Polyakov
482a7d80cf sha512-armv4.pl: optimize NEON code path by utilizing vbsl, bitwise select. 2012-03-29 18:20:11 +00:00
Andy Polyakov
ee743dca53 perlasm/x86masm.pl: fix last fix. 2012-03-29 18:09:36 +00:00
Andy Polyakov
6da165c631 ans1/tasn_prn.c: avoid bool in variable names.
PR: 2776
2012-03-29 17:48:19 +00:00
Dr. Stephen Henson
d0595f170c Initial revision of ECC extension handling.
Tidy some code up.

Don't allocate a structure to handle ECC extensions when it is used for
default values.

Make supported curves configurable.

Add ctrls to retrieve shared curves: not fully integrated with rest of
ECC code yet.
2012-03-28 15:05:04 +00:00
Dr. Stephen Henson
751e26cb9b fix leak 2012-03-22 16:28:07 +00:00
Dr. Stephen Henson
f404acfa2c Submitted by: Markus Friedl <mfriedl@gmail.com>
Fix memory leaks in 'goto err' cases.
2012-03-22 15:44:51 +00:00
Dr. Stephen Henson
7744ef1ada use client version when deciding whether to send supported signature algorithms extension 2012-03-21 21:33:23 +00:00
Andy Polyakov
ed998634cd e_padlock-x86[_64].pl: better understanding of prefetch errata and proper
workaround.
2012-03-19 20:23:32 +00:00
Andy Polyakov
884c580e05 eng_all.c: revert previous "disable Padlock" commit, which was unjustified. 2012-03-19 20:20:41 +00:00