Commit graph

9718 commits

Author SHA1 Message Date
Dr. Stephen Henson
2fffc29bd1 make timing attack protection unconditional 2011-09-01 14:23:31 +00:00
Dr. Stephen Henson
d2650c3a4a PR: 2573
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS buffering and decryption bug.
2011-09-01 14:02:02 +00:00
Dr. Stephen Henson
b5bd966ea4 PR: 2589
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Initialise p pointer.
2011-09-01 13:52:27 +00:00
Dr. Stephen Henson
e71f7786e3 PR: 2588
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Close file pointer.
2011-09-01 13:48:57 +00:00
Dr. Stephen Henson
e3b95e6b24 PR: 2586
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Zero structure fields properly.
2011-09-01 13:45:25 +00:00
Dr. Stephen Henson
658eeec7cd PR: 2586
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Fix brace mismatch.
2011-09-01 13:37:20 +00:00
Dr. Stephen Henson
e1c3d65f08 Remove hard coded ecdsaWithSHA1 hack in ssl routines and check for RSA
using OBJ xref utilities instead of string comparison with OID name.

This removes the arbitrary restriction on using SHA1 only with some ECC
ciphersuites.
2011-08-14 13:48:42 +00:00
Andy Polyakov
2e4abe2ce2 Alpha assembler fixes from HEAD.
PR: 2577
2011-08-12 12:32:10 +00:00
Dr. Stephen Henson
ea294bb50e PR: 2559
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS socket error bug
2011-07-20 15:21:52 +00:00
Dr. Stephen Henson
b58ea0b941 PR: 2555
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS sequence number bug
2011-07-20 15:17:33 +00:00
Dr. Stephen Henson
16067fe5fd PR: 2550
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS HelloVerifyRequest Timer bug
2011-07-20 15:13:16 +00:00
Andy Polyakov
f2e9070f26 config: detect if assembler supports --noexecstack and pass it down [from HEAD]. 2011-07-15 19:59:18 +00:00
Dr. Stephen Henson
fe8629e1a5 PR: 2556 (partial)
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve

Fix OID routines.

Check on encoding leading zero rejection should start at beginning of
encoding.

Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
2011-07-14 12:01:25 +00:00
Andy Polyakov
2a12eff4b2 ms/uplink.c: fix Visual Studio 2010 warning [from HEAD]. 2011-07-13 14:55:11 +00:00
Andy Polyakov
b680fef061 perlasm/cbc.pl: fix tail processing bug [from HEAD].
PR: 2557
2011-07-13 06:23:25 +00:00
Bodo Möller
7f7414e054 Fix typo.
Submitted by: Jim Morrison
2011-07-11 12:13:50 +00:00
Dr. Stephen Henson
8b9db484ed PR: 2470
Submitted by: Corinna Vinschen <vinschen@redhat.com>
Reviewed by: steve

Don't call ERR_remove_state from DllMain.
2011-06-22 15:39:00 +00:00
Dr. Stephen Henson
f59f2fcbff PR: 2543
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Correctly handle errors in DTLSv1_handle_timeout()
2011-06-22 15:29:55 +00:00
Dr. Stephen Henson
419a530194 PR: 2540
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Prevent infinite loop in BN_GF2m_mod_inv().
2011-06-22 15:23:32 +00:00
Dr. Stephen Henson
69a8901eb1 correctly encode OIDs near 2^32 2011-06-22 15:15:38 +00:00
Dr. Stephen Henson
2bcd08e691 make EVP_dss() work for DSA signing 2011-06-20 20:05:38 +00:00
Bodo Möller
167d692925 Complete the version history (include information on unreleased
version 0.9.8s to show full information).
2011-06-15 14:21:17 +00:00
Dr. Stephen Henson
025ee1dbde fix memory leak 2011-06-08 15:56:20 +00:00
Dr. Stephen Henson
dce7b92d0b PR: 2533
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Setting SSL_MODE_RELEASE_BUFFERS should be ignored for DTLS, but instead causes
the program to crash. This is due to missing version checks and is fixed with
this patch.
2011-05-25 15:21:12 +00:00
Dr. Stephen Henson
db886c2a2b PR: 2529
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve

Call ssl_new() to reallocate SSL BIO internals if we want to replace
the existing internal SSL structure.
2011-05-25 15:15:52 +00:00
Dr. Stephen Henson
4d43129446 PR: 2527
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve

Set cnf to NULL to avoid possible double free.
2011-05-25 15:06:05 +00:00
Dr. Stephen Henson
92107f8150 Fix the ECDSA timing attack mentioned in the paper at:
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
2011-05-25 14:52:44 +00:00
Dr. Stephen Henson
e82d6a2019 Fix the ECDSA timing attack mentioned in the paper at:
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
2011-05-25 14:43:05 +00:00
Dr. Stephen Henson
4e5755cd85 Oops use up to date patch for PR#2506 2011-05-25 14:29:55 +00:00
Dr. Stephen Henson
dda8dcd2c0 PR: 2512
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix BIO_accept so it can be bound to IPv4 or IPv6 sockets consistently.
2011-05-25 12:36:50 +00:00
Dr. Stephen Henson
16646b0018 PR: 2506
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fully implement SSL_clear for DTLS.
2011-05-25 12:28:31 +00:00
Dr. Stephen Henson
320881c25c PR: 2505
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS session resumption timer bug.
2011-05-25 12:24:26 +00:00
Dr. Stephen Henson
1d23fb382e update date 2011-05-19 17:56:47 +00:00
Dr. Stephen Henson
c4f1942a76 inherit HMAC flags from MD_CTX 2011-05-19 17:39:49 +00:00
Dr. Stephen Henson
38c42c6eea set encodedPoint to NULL after freeing it 2011-05-19 16:18:25 +00:00
Dr. Stephen Henson
51eb247d0f no need to include memory.h 2011-04-30 23:38:24 +00:00
Dr. Stephen Henson
8d22673a62 check buffer is larger enough before overwriting 2011-04-06 18:07:02 +00:00
Dr. Stephen Henson
3622d3743e PR: 2462
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS Retransmission Buffer Bug
2011-04-03 17:15:08 +00:00
Dr. Stephen Henson
fbbf28e7c2 PR: 2458
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Don't change state when answering DTLS ClientHello.
2011-04-03 16:26:14 +00:00
Dr. Stephen Henson
f5dac77c06 PR: 2457
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS fragment reassembly bug.
2011-04-03 15:49:03 +00:00
Richard Levitte
067d72a082 Corrections to the VMS build system.
Submitted by Steven M. Schweda <sms@antinode.info>
2011-03-25 16:21:39 +00:00
Dr. Stephen Henson
ac0f3f506a make some non-VMS builds work again 2011-03-25 15:06:50 +00:00
Richard Levitte
f819147028 For VMS, implement the possibility to choose 64-bit pointers with
different options:
"64"		The build system will choose /POINTER_SIZE=64=ARGV if
		the compiler supports it, otherwise /POINTER_SIZE=64.
"64="		The build system will force /POINTER_SIZE=64.
"64=ARGV"	The build system will force /POINTER_SIZE=64=ARGV.
2011-03-25 09:40:18 +00:00
Richard Levitte
a530963f05 make update (1.0.0-stable) 2011-03-22 23:56:18 +00:00
Richard Levitte
bc5a53f5e9 * util/mkdef.pl: Add crypto/o_str.h and crypto/o_time.h. Maybe some
more need to be added...
2011-03-22 23:54:13 +00:00
Richard Levitte
83382fb9d5 * apps/makeapps.com: Forgot to end the check for /POINTER_SIZE=64=ARGV
with turning trapping back on.
* test/maketests.com: Do the same check for /POINTER_SIZE=64=ARGV
  here.
* test/clean-test.com: A new script for cleaning up.
2011-03-20 14:01:20 +00:00
Richard Levitte
0674370017 * apps/openssl.c: For VMS, take care of copying argv if needed much earlier,
directly in main().  'if needed' also includes when argv is a 32 bit
  pointer in an otherwise 64 bit environment.
* apps/makeapps.com: When using /POINTER_SIZE=64, try to use the additional
  =ARGV, but only if it's supported.  Fortunately, DCL is very helpful
  telling us in this case.
2011-03-20 13:15:41 +00:00
Richard Levitte
2f91cb2c5e Keep file references in the VMS build files in the same order as they
are in the Unix Makefiles
2011-03-19 10:44:41 +00:00
Richard Levitte
acb25c2327 Change INSTALL.VMS to reflect the changes done on the build and
install scripts.  This could need some more work.
2011-03-19 09:45:45 +00:00
Richard Levitte
2d842a90f8 Apply all the changes submitted by Steven M. Schweda <sms@antinode.info> 2011-03-19 09:44:53 +00:00