wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8418 commits 20 branches 302 tags 153 MiB
Commit graph

8418 commits

This branch
This branch
All branches
Author SHA1 Message Date
Dr. Stephen Henson
6dcb6bf1c1 PR: 2703 
Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>

Fix some memory and resource leaks in CAPI ENGINE.
 2012-02-11 23:12:34 +00:00
Dr. Stephen Henson
1061c3cb3c PR: 2705 
Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>

Only create ex_data indices once for CAPI engine.
 2012-02-11 23:07:32 +00:00
Dr. Stephen Henson
0d0f15d8d1 fix Visual Studio 2010 warning [from HEAD] (original by appro) 2012-01-20 23:24:17 +00:00
Dr. Stephen Henson
a72ce94213 prepare for next version 2012-01-18 14:27:13 +00:00
Dr. Stephen Henson
f71d59c70e update FAQ 2012-01-18 13:15:37 +00:00
Dr. Stephen Henson
3309f8313c prepare for release 2012-01-18 13:14:49 +00:00
Dr. Stephen Henson
6cc5f194a7 update NEWS 2012-01-18 13:13:31 +00:00
Dr. Stephen Henson
096327a99a Fix for DTLS DoS issue introduced by fix for CVE-2011-4109. 
Thanks to Antonio Martin, Enterprise Secure Access Research and
Development, Cisco Systems, Inc. for discovering this bug and
preparing a fix. (CVE-2012-0050)
 2012-01-18 13:12:08 +00:00
Dr. Stephen Henson
cc10bcf25e fix CHANGES entry 2012-01-17 14:18:26 +00:00
Dr. Stephen Henson
875ac0ec00 fix warning 2012-01-10 14:37:00 +00:00
Bodo Möller
bf240f063a Fix usage indentation 2012-01-05 13:15:29 +00:00
Bodo Möller
dd016b0570 Fix for builds without DTLS support. 
Submitted by: Brian Carlstrom
 2012-01-05 10:21:49 +00:00
Dr. Stephen Henson
244788464a update for next version 2012-01-04 23:56:13 +00:00
Dr. Stephen Henson
a95808334e update FAQ 2012-01-04 19:23:07 +00:00
Dr. Stephen Henson
b3cebd5acf prepare for 0.9.8s release 2012-01-04 19:20:49 +00:00
Dr. Stephen Henson
7b775145e4 update NEWS 2012-01-04 19:16:11 +00:00
Dr. Stephen Henson
7183aa6b9d make update 2012-01-04 19:12:39 +00:00
Dr. Stephen Henson
eebefe35e7 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen <tuexen@fh-muenster.de> 
Reviewed by: steve

Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and
Kenny Paterson.
 2012-01-04 19:10:16 +00:00
Dr. Stephen Henson
1db0bbdc76 Fix double free in policy check code (CVE-2011-4109) 2012-01-04 19:00:28 +00:00
Dr. Stephen Henson
e643112dd8 Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576) 2012-01-04 18:54:17 +00:00
Dr. Stephen Henson
21c4b25959 Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619) 2012-01-04 18:52:18 +00:00
Dr. Stephen Henson
41cf2c3aef stop warning 2012-01-04 18:45:18 +00:00
Dr. Stephen Henson
0e3a930fb4 Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577) 2012-01-04 18:44:20 +00:00
Dr. Stephen Henson
0c214e0153 Submitted by: Adam Langley <agl@chromium.org> 
Reviewed by: steve

Fix memory leaks.
 2012-01-04 14:25:10 +00:00
Dr. Stephen Henson
6c61cfbe03 PR: 2326 
Submitted by: Tianjie Mao <tjmao@tjmao.net>
Reviewed by: steve

Fix incorrect comma expressions and goto f_err as alert has been set.
 2011-12-26 19:38:28 +00:00
Andy Polyakov
2ee77d36a0 x86-mont.pl: fix bug in integer-only squaring path [from HEAD]. 
PR: 2648
 2011-12-09 14:28:48 +00:00
Dr. Stephen Henson
24f441e0bb The default CN prompt message can be confusing when often the CN needs to 
be the server FQDN: change it.
[Reported by PSW Group]
 2011-12-06 00:01:09 +00:00
Bodo Möller
740da44f20 Resolve a stack set-up race condition (if the list of compression 
methods isn't presorted, it will be sorted on first read).

Submitted by: Adam Langley
 2011-12-02 12:50:44 +00:00
Bodo Möller
72033fde7b Fix ecdsatest.c. 
Submitted by: Emilia Kasper
 2011-12-02 12:40:25 +00:00
Bodo Möller
9adf3fcf9a Fix BIO_f_buffer(). 
Submitted by: Adam Langley
Reviewed by: Bodo Moeller
 2011-12-02 12:23:57 +00:00
Andy Polyakov
65f7456652 ppc.pl: fix bug in bn_mul_comba4 [from HEAD]. 
PR: 2636
Submitted by: Charles Bryant
 2011-11-05 10:17:06 +00:00
Dr. Stephen Henson
8794569a08 PR: 2628 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Send alert instead of assertion failure for incorrectly formatted DTLS
fragments.
 2011-10-27 13:06:26 +00:00
Dr. Stephen Henson
f8731bc2fd PR: 2632 
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Return -1 immediately if not affine coordinates as BN_CTX has not been
set up.
 2011-10-26 16:42:48 +00:00
Bodo Möller
195d6bf760 BN_BLINDING multi-threading fix. 
Submitted by: Emilia Kasper (Google)
 2011-10-19 14:57:59 +00:00
Bodo Möller
dacd94b9c8 Oops: this change (http://cvs.openssl.org/chngview?cn=21503) 
wasn't right for 0.9.8-stable (it's actually a fix for
http://cvs.openssl.org/chngview?cn=14494, which introduced
SSL_CTRL_SET_MAX_SEND_FRAGMENT).
 2011-10-19 13:53:41 +00:00
Bodo Möller
8070cb5f87 Clarify warning 2011-10-13 13:24:13 +00:00
Bodo Möller
f7d514f449 In ssl3_clear, preserve s3->init_extra along with s3->rbuf. 
Submitted by: Bob Buckholz <bbuckholz@google.com>
 2011-10-13 13:04:40 +00:00
Dr. Stephen Henson
6d50bce79f PR: 2482 
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.
 2011-10-09 00:56:18 +00:00
Dr. Stephen Henson
3cf0a38b3e fix signed/unsigned warning 2011-09-26 17:05:00 +00:00
Dr. Stephen Henson
91a1d08a4c use keyformat for -x509toreq, don't hard code PEM 2011-09-23 21:49:08 +00:00
Dr. Stephen Henson
85e776885b PR: 2606 
Submitted by: Christoph Viethen <cv@kawo2.rwth-aachen.de>
Reviewed by: steve

Handle timezones correctly in UTCTime.
 2011-09-23 13:40:06 +00:00
Dr. Stephen Henson
fc4015329f PR: 2602 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS bug which prevents manual MTU setting
 2011-09-23 13:35:32 +00:00
Dr. Stephen Henson
6ec9ff83f3 PR: 2347 
Submitted by: Tomas Mraz <tmraz@redhat.com>
Reviewed by: steve

Fix usage message.
 2011-09-23 13:13:02 +00:00
Bodo Möller
db45308477 (EC)DH memory handling fixes. 
Submitted by: Adam Langley
 2011-09-05 10:25:15 +00:00
Bodo Möller
1c7c69a8a5 Fix memory leak on bad inputs. 2011-09-05 09:56:48 +00:00
Bodo Möller
24ad061037 Move OPENSSL_init declaration out of auto-generated code section 
(it is not auto-generated).
 2011-09-05 09:52:58 +00:00
Dr. Stephen Henson
92f96fa721 PR: 2576 
Submitted by: Doug Goldstein <cardoe@gentoo.org>
Reviewed by: steve

Include header file stdlib.h which is needed on some platforms to get
getenv() declaration.
 2011-09-02 11:20:49 +00:00
Dr. Stephen Henson
0d1e362363 PR: 2340 
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar>
Reviewed by: steve

Stop warnings if OPENSSL_NO_DGRAM is defined.
 2011-09-01 15:03:10 +00:00
Dr. Stephen Henson
a0bf2c86ab make timing attack protection unconditional 2011-09-01 14:23:41 +00:00
Dr. Stephen Henson
6a662a45f3 PR: 2573 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS buffering and decryption bug.
 2011-09-01 14:01:36 +00:00