Dr. Stephen Henson
4baee3031c
PR: 2813
...
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>
Fix possible deadlock when decoding public keys.
2012-05-11 13:49:15 +00:00
Dr. Stephen Henson
556e27b14f
Check for potentially exploitable overflows in asn1_d2i_read_bio
...
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.
Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
2012-04-19 11:36:09 +00:00
Dr. Stephen Henson
215276243d
corrected fix to PR#2711 and also cover mime_param_cmp
2012-03-12 15:25:53 +00:00
Dr. Stephen Henson
f0be325f88
Fix memory leak cause by race condition when creating public keys.
...
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-28 14:47:36 +00:00
Dr. Stephen Henson
b66af23aa9
free headers after use in error message
2012-02-27 16:26:32 +00:00
Dr. Stephen Henson
8a4e81a269
PR: 2711
...
Submitted by: Tomas Mraz <tmraz@redhat.com>
Tolerate bad MIME headers in parser.
2012-02-23 21:50:13 +00:00
Bodo Möller
1c7c69a8a5
Fix memory leak on bad inputs.
2011-09-05 09:56:48 +00:00
Dr. Stephen Henson
82a5049f6a
PR: 2556 (partial)
...
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve
Fix OID routines.
Check on encoding leading zero rejection should start at beginning of
encoding.
Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
2011-07-14 12:01:08 +00:00
Dr. Stephen Henson
102bcbce8d
correctly encode OIDs near 2^32
2011-06-22 15:15:20 +00:00
Dr. Stephen Henson
a3dc628d86
PR: 2433
...
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve
Constify ASN1_STRING_set_default_mask_asc().
2011-01-24 16:21:00 +00:00
Dr. Stephen Henson
9ad765173f
Fix escaping code for string printing. If *any* escaping is enabled we
...
must escape the escape character itself (backslash).
2011-01-03 01:26:33 +00:00
Dr. Stephen Henson
6cb5746b65
Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(),
...
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.
Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
2010-10-03 18:55:57 +00:00
Ben Laurie
d886975835
Fix gcc 4.6 warnings. Check TLS server hello extension length.
2010-06-12 13:18:58 +00:00
Dr. Stephen Henson
5e8e7054f7
The OID sanity check was incorrect. It should only disallow *leading* 0x80
...
values.
2010-03-07 16:40:31 +00:00
Dr. Stephen Henson
b61a87b26c
check new_der for NULL too
2009-11-10 00:46:57 +00:00
Dr. Stephen Henson
2c6b141931
PR: 2090
...
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org
Improve error checking in asn1_gen.c
2009-11-10 00:40:42 +00:00
Dr. Stephen Henson
381a9f04a0
Fix unitialized warnings
2009-10-04 16:53:18 +00:00
Dr. Stephen Henson
6d73e9d8e8
PR: 2056
...
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org
Correct BIO_wirte error handling in asn1_par.c
2009-10-01 00:12:49 +00:00
Dr. Stephen Henson
17b08b6a64
PR: 1644
...
Submitted by: steve@openssl.org
Fix to make DHparams_dup() et al work in C++.
For 0.9.8, we just change the macro to avoid making incompatible changes to
the API.
2009-09-06 15:46:46 +00:00
Dr. Stephen Henson
3af16cf694
Backport GeneralizedTime fractional seconds support from HEAD.
2009-08-10 15:15:27 +00:00
Dr. Stephen Henson
059230b320
Reject leading 0x80 in OID subidentifiers.
2009-08-06 16:22:57 +00:00
Dr. Stephen Henson
c60dca1f95
PR: 1868
...
Submitted by: Paolo Ganci <Paolo.Ganci@AdNovum.CH>
Approved by: steve@openssl.org
Don't set fields to NULL when freeing them up in ASN1 code. On some platforms
with sizeof(long) < sizeof(char *) this can cause a crash.
2009-03-25 10:42:34 +00:00
Dr. Stephen Henson
f021b7cca6
Reject BMPStrings and UniversalStrings of invalid length. This prevents
...
a crash in ASN1_STRING_print_ex() which assumes they are valid.
2009-03-25 10:35:57 +00:00
Dr. Stephen Henson
044855e146
Permit nested ASN1 string encoding but with a maximum depth to avoid
...
stack overflow.
2009-03-14 18:33:25 +00:00
Dr. Stephen Henson
ee4041b8bd
PR: 1841
...
Submitted by: Martin Kaiser <lists@kaiser.cx>
Reviewed by: steve@openssl.org
Remove unused code.
2009-03-08 23:05:34 +00:00
Dr. Stephen Henson
72f6453c48
PR: 1835
...
Submitted by: Damien Miller <djm@mindrot.org>
Approved by: steve@openssl.org
Fix various typos.
2009-02-14 21:50:14 +00:00
Dr. Stephen Henson
73cb37295d
Update from HEAD.
2009-01-28 12:55:36 +00:00
Dr. Stephen Henson
1f35508ae6
Support NumericString for name components.
2009-01-28 12:35:10 +00:00
Dr. Stephen Henson
3795297af8
Change old obsolete email address...
2008-11-05 18:36:57 +00:00
Dr. Stephen Henson
33fd33d423
Fix from HEAD.
2008-11-05 18:29:49 +00:00
Dr. Stephen Henson
c0e9f540e0
Check for errors in ASN1 sign and verify routines.
2008-09-25 16:38:07 +00:00
Dr. Stephen Henson
e852835da6
Make update: delete duplicate error code.
2008-09-17 17:11:09 +00:00
Dr. Stephen Henson
d83dde6180
Merge changes to build system from fips branch.
2008-09-16 21:44:57 +00:00
Dr. Stephen Henson
405f382144
Fix from HEAD.
2008-08-05 15:56:11 +00:00
Bodo Möller
0ff3766b0e
Make sure not to read beyond end of buffer
2008-07-16 18:10:28 +00:00
Dr. Stephen Henson
aa9c7e4b8c
Oops... PEM_write_bio_ASN1_stream() shouldn't be in 0.9.8 CMS backport.
2008-05-20 12:10:28 +00:00
Ben Laurie
56bef2df4f
Fix warning.
2008-05-20 03:05:50 +00:00
Dr. Stephen Henson
8e42429c9d
Update default CFLAGS and dependencies.
2008-04-03 23:18:27 +00:00
Dr. Stephen Henson
94b2c29f9d
Backport of CMS code to 0.9.8-stable branch. Disabled by default.
2008-04-03 23:03:56 +00:00
Dr. Stephen Henson
090f931a35
Add -DOPENSSL_NO_DEPRECATED to debug-steve* targets. Add headers to make
...
build work.
2008-04-02 14:51:09 +00:00
Dr. Stephen Henson
9e7459fc5d
Backport some useful ASN1 utility functions from HEAD.
2008-04-02 11:11:51 +00:00
Dr. Stephen Henson
30aa23fea2
Update from HEAD.
2008-03-31 14:59:13 +00:00
Andy Polyakov
7c52b7706f
Source readability fix, which incidentally works around XLC compiler bug
...
[from HEAD].
PR: 1272
2008-02-11 13:18:40 +00:00
Dr. Stephen Henson
5f297c4504
Updates from HEAD.
2007-12-16 16:38:22 +00:00
Dr. Stephen Henson
a523276786
Backport certificate status request TLS extension support to 0.9.8.
2007-10-12 00:00:36 +00:00
Dr. Stephen Henson
927a28ba3b
gcc 4.2 fixes to avoid use or function pointer casts in OpenSSL.
...
Fix various "computed value not used" warnings too.
2007-09-06 12:43:54 +00:00
Andy Polyakov
1040deb0c5
Respect ISO aliasing rules [from HEAD].
...
PR: 1296
2007-07-27 20:34:56 +00:00
Dr. Stephen Henson
d9a9aa027d
Update from HEAD.
2007-05-22 23:33:08 +00:00
Dr. Stephen Henson
1cb7e5be5b
Fix OID config module.
2007-04-08 17:45:03 +00:00
Lutz Jänicke
d69f85bf15
Fix incorrect handling of special characters
...
PR: 1459
Submitted by: tnitschke@innominate.com
Reviewed by: steve@openssl.org
2007-02-21 17:44:51 +00:00