Matt Caswell
79cc5417a4
Prepare for 0.9.8zg-dev
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-19 13:50:06 +00:00
Matt Caswell
db8334be06
Prepare for 0.9.8zf release
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-19 13:47:27 +00:00
Matt Caswell
fcc5e899aa
make update
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-19 13:47:27 +00:00
Matt Caswell
c380bff888
Fix a failure to NULL a pointer freed on error.
...
Reported by the LibreSSL project as a follow on to CVE-2015-0209
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-19 13:00:45 +00:00
Richard Levitte
6655ac4e45
VMS build fix
...
Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-03-19 13:00:45 +00:00
Emilia Kasper
544e3e3b69
PKCS#7: avoid NULL pointer dereferences with missing content
...
In PKCS#7, the ASN.1 content component is optional.
This typically applies to inner content (detached signatures),
however we must also handle unexpected missing outer content
correctly.
This patch only addresses functions reachable from parsing,
decryption and verification, and functions otherwise associated
with reading potentially untrusted data.
Correcting all low-level API calls requires further work.
CVE-2015-0289
Thanks to Michal Zalewski (Google) for reporting this issue.
Reviewed-by: Steve Henson <steve@openssl.org>
Conflicts:
crypto/pkcs7/pk7_doit.c
2015-03-19 13:00:45 +00:00
Dr. Stephen Henson
497d0b00dc
Fix ASN1_TYPE_cmp
...
Fix segmentation violation when ASN1_TYPE_cmp is passed a boolean type. This
can be triggered during certificate verification so could be a DoS attack
against a client or a server enabling client authentication.
CVE-2015-0286
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-03-19 13:00:44 +00:00
Dr. Stephen Henson
674341f1b0
Free up ADB and CHOICE if already initialised.
...
CVE-2015-0287
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2015-03-18 11:52:58 +00:00
Dr. Stephen Henson
c58f4f73bd
Tolerate test_sqr errors for FIPS builds.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-03-14 22:21:21 +00:00
Dr. Stephen Henson
01320ad3b9
Fix warnings.
...
Fix compiler warnings (similar to commit 25012d5e79
2015-03-08 17:23:40 +00:00
Dr. Stephen Henson
241cff623e
Check public key is not NULL.
...
CVE-2015-0288
PR#3708
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 28a00bcd8e
2015-03-02 15:26:57 +00:00
Dr. Stephen Henson
8a8ba07167
Fix format script.
...
The format script didn't correctly recognise some ASN.1 macros and
didn't reformat some files as a result. Fix script and reformat
affected files.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 437b14b533
2015-03-02 13:50:01 +00:00
Matt Caswell
1b4a8df38f
Fix a failure to NULL a pointer freed on error.
...
Inspired by BoringSSL commit 517073cd4b by Eric Roman <eroman@chromium.org>
CVE-2015-0209
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2015-02-25 20:40:38 +00:00
Andy Polyakov
6d4655c27e
Bring objects.pl output even closer to new format.
...
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 849037169d
2015-02-09 16:07:51 +01:00
Andy Polyakov
9eca2cbc16
Harmonize objects.pl output with new format.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 7ce3862319
2015-02-09 10:03:30 +01:00
Rich Salz
49fa6b6c2d
Fixed bad formatting in crypto/des/spr.h
...
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 7e35f06ea9
2015-02-05 09:46:24 -05:00
Dr. Stephen Henson
d64a227f1f
Check PKCS#8 pkey field is valid before cleansing.
...
PR:3683
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 52e028b9de
2015-02-03 14:02:51 +00:00
Matt Caswell
6844c12968
Fix for reformat problems with e_padlock.c
...
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit d3b7cac41b
2015-01-22 14:17:04 +00:00
Matt Caswell
ead95e760c
Fix formatting error in pem.h
...
Reviewed-by: Andy Polyakov <appro@openssl.org>
Conflicts:
crypto/pem/pem.h
Conflicts:
crypto/pem/pem.h
2015-01-22 14:17:02 +00:00
Matt Caswell
02f0c26cea
Re-align some comments after running the reformat script.
...
This should be a one off operation (subsequent invokation of the
script should not move them)
This commit is for the 0.9.8 changes
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:53:07 +00:00
Matt Caswell
6f1f3c6653
Rerun util/openssl-format-source -v -c .
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:53:02 +00:00
Matt Caswell
40720ce3ca
Run util/openssl-format-source -v -c .
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:52:55 +00:00
Matt Caswell
9d03aabea3
More comment changes required for indent
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:52:49 +00:00
Matt Caswell
117e79dd88
Yet more changes to comments
...
Conflicts:
ssl/t1_enc.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:52:44 +00:00
Matt Caswell
d26667b28f
Tweaks for comments due to indent's inability to handle them
...
Conflicts:
ssl/s3_srvr.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:52:28 +00:00
Matt Caswell
13270477f4
Move more comments that confuse indent
...
Conflicts:
crypto/dsa/dsa.h
demos/engines/ibmca/hw_ibmca.c
ssl/ssl_locl.h
Conflicts:
crypto/bn/rsaz_exp.c
crypto/evp/e_aes_cbc_hmac_sha1.c
crypto/evp/e_aes_cbc_hmac_sha256.c
ssl/ssl_locl.h
Conflicts:
crypto/ec/ec2_oct.c
crypto/ec/ecp_nistp256.c
crypto/ec/ecp_nistp521.c
crypto/ec/ecp_nistputil.c
crypto/ec/ecp_oct.c
crypto/modes/gcm128.c
ssl/ssl_locl.h
Conflicts:
apps/apps.c
crypto/crypto.h
crypto/rand/md_rand.c
ssl/d1_pkt.c
ssl/ssl.h
ssl/ssl_locl.h
ssl/ssltest.c
ssl/t1_enc.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:52:21 +00:00
Matt Caswell
175af9de89
Fix indent comment corruption issue
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:51:49 +00:00
Andy Polyakov
4191a11f36
bn/bn_const.c: make it indent-friendly.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:51:38 +00:00
Andy Polyakov
f6e4701f2a
bn/asm/x86_64-gcc.cL make it indent-friendly.
...
Conflicts:
crypto/bn/asm/x86_64-gcc.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:51:32 +00:00
Andy Polyakov
86183798f3
bn/bn_asm.c: make it indent-friendly.
...
Conflicts:
crypto/bn/bn_asm.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:51:26 +00:00
Andy Polyakov
b527959318
bn/bn_exp.c: make it indent-friendly.
...
Conflicts:
crypto/bn/bn_exp.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:51:21 +00:00
Matt Caswell
25ca15e9a3
Manually reformat aes_core.c
...
Add aes_core.c to the list of files not processed by openssl-format-source
Conflicts:
crypto/aes/aes_core.c
Conflicts:
crypto/aes/aes_core.c
Conflicts:
crypto/aes/aes_core.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:51:15 +00:00
Matt Caswell
2a3e745a17
Fix strange formatting by indent
...
Conflicts:
crypto/hmac/hmac.h
Conflicts:
crypto/evp/e_aes_cbc_hmac_sha256.c
Conflicts:
crypto/ec/ecp_nistp224.c
crypto/ec/ecp_nistp256.c
crypto/ec/ecp_nistp521.c
crypto/ec/ectest.c
Conflicts:
crypto/asn1/asn1_par.c
crypto/evp/e_des3.c
crypto/hmac/hmac.h
crypto/sparcv9cap.c
engines/ccgost/gost94_keyx.c
ssl/t1_enc.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:51:04 +00:00
Matt Caswell
c7c7a432df
indent has problems with comments that are on the right hand side of a line.
...
Sometimes it fails to format them very well, and sometimes it corrupts them!
This commit moves some particularly problematic ones.
Conflicts:
crypto/bn/bn.h
crypto/ec/ec_lcl.h
crypto/rsa/rsa.h
demos/engines/ibmca/hw_ibmca.c
ssl/ssl.h
ssl/ssl3.h
Conflicts:
crypto/ec/ec_lcl.h
ssl/tls1.h
Conflicts:
crypto/ec/ecp_nistp224.c
crypto/evp/evp.h
ssl/d1_both.c
ssl/ssl.h
ssl/ssl_lib.c
Conflicts:
crypto/bio/bss_file.c
crypto/ec/ec_lcl.h
crypto/evp/evp.h
crypto/store/str_mem.c
crypto/whrlpool/wp_block.c
crypto/x509/x509_vfy.h
ssl/ssl.h
ssl/ssl3.h
ssl/ssltest.c
ssl/t1_lib.c
ssl/tls1.h
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:50:57 +00:00
Andy Polyakov
5ba9d5bb3b
crypto/mem_dbg.c: make it indent-friendly.
...
Conflicts:
crypto/mem_dbg.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:50:52 +00:00
Matt Caswell
883a4d55c2
More indent fixes for STACK_OF
...
Conflicts:
ssl/s3_lib.c
Conflicts:
apps/cms.c
crypto/x509/x509_lu.c
crypto/x509/x509_vfy.h
ssl/s3_lib.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:50:46 +00:00
Matt Caswell
b4f1dbdc4b
Fix indent issue with engine.h
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:50:41 +00:00
Andy Polyakov
dd7ad2c53d
crypto/cryptlib.c: make it indent-friendly.
...
Conflicts:
crypto/cryptlib.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:50:31 +00:00
Andy Polyakov
366b193f89
bn/bntest.c: make it indent-friendly.
...
Conflicts:
crypto/bn/bntest.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:50:26 +00:00
Andy Polyakov
402eec1ae5
bn/bn_recp.c: make it indent-friendly.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:50:22 +00:00
Matt Caswell
00ea17f9d7
Fix source where indent will not be able to cope
...
Conflicts:
apps/ciphers.c
ssl/s3_pkt.c
Conflicts:
crypto/ec/ec_curve.c
Conflicts:
crypto/ec/ec_curve.c
ssl/s3_clnt.c
ssl/s3_srvr.c
ssl/ssl_sess.c
Conflicts:
apps/ciphers.c
crypto/bn/bn.h
crypto/ec/ec_curve.c
ssl/t1_enc.c
ssl/t1_lib.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:49:13 +00:00
Matt Caswell
3e8042c38f
Additional comment changes for reformat of 0.9.8
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:49:06 +00:00
Matt Caswell
564ccc55d6
Further comment amendments to preserve formatting prior to source reformat
...
(cherry picked from commit 4a7fa26ffd65bf36beb8d1cb8f29fc0ae203f5c5)
Conflicts:
crypto/x509v3/pcy_tree.c
Conflicts:
apps/apps.c
ssl/ssltest.c
Conflicts:
apps/apps.c
crypto/ec/ec2_oct.c
crypto/ec/ecp_nistp224.c
crypto/ec/ecp_nistp256.c
crypto/ec/ecp_nistp521.c
ssl/s3_cbc.c
ssl/ssl_sess.c
ssl/t1_lib.c
Conflicts:
crypto/bio/b_sock.c
crypto/pem/pem.h
crypto/x509/x509_vfy.c
crypto/x509v3/pcy_tree.c
ssl/s3_both.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:48:59 +00:00
Tim Hudson
b558c8d597
mark all block comments that need format preserving so that
...
indent will not alter them when reformatting comments
(cherry picked from commit 1d97c84351
2015-01-22 09:48:44 +00:00
Matt Caswell
ba442a7e1b
Prepare for 0.9.8zf-dev
...
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-01-15 15:08:48 +00:00
Matt Caswell
e8ccaee31c
Prepare for 0.9.8ze release
...
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-01-15 15:05:59 +00:00
Matt Caswell
60431d0db3
make update
...
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-01-15 15:05:59 +00:00
Matt Caswell
56abaa14e0
Fix warning where BIO_FLAGS_UPLINK was being redefined.
...
This warning breaks the build in 1.0.0 and 0.9.8
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit b1ffc6ca1c
2015-01-13 11:26:07 +00:00
Matt Caswell
8b8a48d099
Avoid deprecation problems in Visual Studio 13
...
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 86d21d0b95
2015-01-13 09:50:04 +00:00
Dr. Stephen Henson
09caf4ffcd
Avoid Windows 8 Getversion deprecated errors.
...
Windows 8 SDKs complain that GetVersion() is deprecated.
We only use GetVersion like this:
(GetVersion() < 0x80000000)
which checks if the Windows version is NT based. Use a macro check_winnt()
which uses GetVersion() on older SDK versions and true otherwise.
(cherry picked from commit a4cc3c8041
2015-01-13 09:30:24 +00:00
