openssl

Author	SHA1	Message	Date
Bodo Möller	1c7c69a8a5	Fix memory leak on bad inputs.	2011-09-05 09:56:48 +00:00
Bodo Möller	24ad061037	Move OPENSSL_init declaration out of auto-generated code section (it is not auto-generated).	2011-09-05 09:52:58 +00:00
Dr. Stephen Henson	92f96fa721	PR: 2576 Submitted by: Doug Goldstein <cardoe@gentoo.org> Reviewed by: steve Include header file stdlib.h which is needed on some platforms to get getenv() declaration.	2011-09-02 11:20:49 +00:00
Dr. Stephen Henson	0d1e362363	PR: 2340 Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar> Reviewed by: steve Stop warnings if OPENSSL_NO_DGRAM is defined.	2011-09-01 15:03:10 +00:00
Dr. Stephen Henson	a0bf2c86ab	make timing attack protection unconditional	2011-09-01 14:23:41 +00:00
Dr. Stephen Henson	24d0524f31	PR: 2588 Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com> Reviewed by: steve Close file pointer.	2011-09-01 13:48:48 +00:00
Dr. Stephen Henson	46a1f2487e	PR: 2559 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fix DTLS socket error bug	2011-07-20 15:20:19 +00:00
Dr. Stephen Henson	82a5049f6a	PR: 2556 (partial) Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de> Reviewed by: steve Fix OID routines. Check on encoding leading zero rejection should start at beginning of encoding. Allow for initial digit when testing when to use BIGNUMs which can increase first value by 2 * 40.	2011-07-14 12:01:08 +00:00
Andy Polyakov	d027b75b73	perlasm/cbc.pl: fix tail processing bug [from HEAD]. PR: 2557	2011-07-13 06:25:15 +00:00
Dr. Stephen Henson	87d14a3625	PR: 2470 Submitted by: Corinna Vinschen <vinschen@redhat.com> Reviewed by: steve Don't call ERR_remove_state from DllMain.	2011-06-22 15:39:19 +00:00
Dr. Stephen Henson	22152d6885	PR: 2540 Submitted by: emmanuel.azencot@bull.net Reviewed by: steve Prevent infinite loop in BN_GF2m_mod_inv().	2011-06-22 15:23:20 +00:00
Dr. Stephen Henson	102bcbce8d	correctly encode OIDs near 2^32	2011-06-22 15:15:20 +00:00
Andy Polyakov	8655de423d	rc4_skey.c [0.9.8]: at some point rc4_skey and x86[_64]cpuid were modified to examine bit#20 on x86[_64], but it was erroneously reverted to bit#28 in 2008 in process of FIPS integration.	2011-06-06 19:58:21 +00:00
Dr. Stephen Henson	bc7ee385f5	Fix the ECDSA timing attack mentioned in the paper at: http://eprint.iacr.org/2011/232.pdf Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for bringing this to our attention.	2011-05-25 14:52:54 +00:00
Dr. Stephen Henson	1e368ab08f	Fix the ECDSA timing attack mentioned in the paper at: http://eprint.iacr.org/2011/232.pdf Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for bringing this to our attention.	2011-05-25 14:43:47 +00:00
Dr. Stephen Henson	6d12b1f82b	check buffer is larger enough before overwriting	2011-04-06 18:07:12 +00:00
Bodo Möller	d430f56de6	start 0.9.8s-dev	2011-02-08 17:58:34 +00:00
Bodo Möller	957ebe98fb	OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d) Submitted by: Neel Mehta, Adam Langley, Bodo Moeller	2011-02-08 17:10:47 +00:00
Bodo Möller	9d09fc8485	Assorted bugfixes: - RLE decompression boundary case - SSL 2.0 key arg length check Submitted by: Google (Neel Mehta, Bodo Moeller)	2011-02-03 12:04:48 +00:00
Dr. Stephen Henson	a3dc628d86	PR: 2433 Submitted by: Chris Wilson <chris@qwirx.com> Reviewed by: steve Constify ASN1_STRING_set_default_mask_asc().	2011-01-24 16:21:00 +00:00
Dr. Stephen Henson	3c159fc1a5	check EC public key isn't point at infinity	2011-01-24 15:08:12 +00:00
Dr. Stephen Henson	6056afd223	PR: 1612 Submitted by: Robert Jackson <robert@rjsweb.net> Reviewed by: steve Fix EC_POINT_cmp function for case where b but not a is the point at infinity.	2011-01-24 14:42:11 +00:00
Dr. Stephen Henson	f4a4a0fdc7	PR: 2411 Submitted by: Rob Austein <sra@hactrn.net> Reviewed by: steve Fix corner cases in RFC3779 code.	2011-01-03 01:40:22 +00:00
Dr. Stephen Henson	9ad765173f	Fix escaping code for string printing. If any escaping is enabled we must escape the escape character itself (backslash).	2011-01-03 01:26:33 +00:00
Dr. Stephen Henson	c8e3c1a9b5	PR: 2410 Submitted by: Rob Austein <sra@hactrn.net> Reviewed by: steve Use OPENSSL_assert() instead of assert().	2011-01-03 01:20:03 +00:00
Dr. Stephen Henson	ae378b769a	use fips-dev not dev-fips	2011-01-03 00:43:47 +00:00
Dr. Stephen Henson	4de4e35459	PR: 2416 Submitted by: Mark Phalan <mark.phalan@oracle.com> Reviewed by: steve Use L suffix in version number.	2011-01-03 00:25:47 +00:00
Bodo Möller	5537a83e56	Add missing explicit instruction size. [CVS head and later branches have this since revision 1.7 of this file.] Submitted by: Chandler Carruth (Google)	2010-12-13 20:47:26 +00:00
Dr. Stephen Henson	b8be571868	update for next release	2010-12-02 19:42:28 +00:00
Dr. Stephen Henson	acd43bf38c	prepare for release	2010-12-02 18:53:52 +00:00
Dr. Stephen Henson	7258d33794	PR: 2386 Submitted by: Stefan Birrer <stefan.birrer@adnovum.ch> Reviewed by: steve Correct SKM_ASN1_SET_OF_d2i macro.	2010-12-02 18:02:02 +00:00
Dr. Stephen Henson	4d6af5c5d2	../comm.txt	2010-11-27 17:33:34 +00:00
Ben Laurie	efed63d783	Backport J-PAKE fix.	2010-11-26 16:03:23 +00:00
Dr. Stephen Henson	0067580321	update for next version	2010-11-16 16:35:37 +00:00
Dr. Stephen Henson	82e0073624	oops, correct version number	2010-11-16 14:56:17 +00:00
Dr. Stephen Henson	7e541b1a7f	prepare for release	2010-11-16 14:37:28 +00:00
Dr. Stephen Henson	3e8b8b8990	Submitted by: Jonathan Dixon <joth@chromium.org> Reviewed by: steve If store is NULL set flags correctly.	2010-11-02 15:57:00 +00:00
Dr. Stephen Henson	05bbbe9204	PR: 2295 Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com> Reviewed by: steve OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code elimination.	2010-10-11 23:28:54 +00:00
Dr. Stephen Henson	93fc0e0e40	We can't always read 6 bytes in an OCSP response: fix so error statuses are read correctly for non-blocking I/O.	2010-10-06 18:01:35 +00:00
Dr. Stephen Henson	6cb5746b65	Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(), this means that some implementations will be used automatically, e.g. aesni, we do this for cryptodev anyway. Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.	2010-10-03 18:55:57 +00:00
Dr. Stephen Henson	ae3b60ba99	fix bug in AES_unwrap()	2010-08-30 23:57:03 +00:00
Bodo Möller	d4ba6424a1	ECC library bugfixes. Submitted by: Emilia Kapser (Google)	2010-08-26 12:10:25 +00:00
Dr. Stephen Henson	78dcaa0609	PR: 2297 Submitted by: Antony, Benoy <bantony@ebay.com> Approved by: steve@openssl.org Fix bug in AES wrap code when t > 0xff.	2010-07-09 17:24:29 +00:00
Dr. Stephen Henson	65b4c34d86	initialise pbe_tmp	2010-07-08 16:51:48 +00:00
Andy Polyakov	d8486c312c	rand_nw.c: compensate for gcc bug (using %edx instead of %eax at -O3) [from HEAD]. PR: 2296	2010-07-08 09:15:14 +00:00
Dr. Stephen Henson	63e3676e68	fix so it is safe to repeatedly add PBE algorithms	2010-06-26 12:55:01 +00:00
Dr. Stephen Henson	1dac2cae68	prepare for next release	2010-06-16 13:40:09 +00:00
Ben Laurie	d886975835	Fix gcc 4.6 warnings. Check TLS server hello extension length.	2010-06-12 13:18:58 +00:00
Dr. Stephen Henson	22872a5363	Prepare for release.	2010-06-01 14:47:12 +00:00
Dr. Stephen Henson	82b6b541b1	Fix CVE-2010-0742	2010-06-01 14:39:57 +00:00

1 2 3 4 5 ...

4149 commits