wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
12268 commits 20 branches 302 tags 153 MiB
Commit graph

6264 commits

Author SHA1 Message Date
Jonas Maebe
8957278869 mime_hdr_addparam: free tmpname, tmpval and mparam on error path, and check whether sk_MIME_PARAM_push succeeds 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:37:14 +02:00
Jonas Maebe
15297d962c mime_hdr_new: free mhdr, tmpname, tmpval on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:36:54 +02:00
Jonas Maebe
c9c63b0180 ASN1_verify, ASN1_item_verify: cleanse and free buf_in on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:36:34 +02:00
Jonas Maebe
b9b9f853b5 SetBlob: free rgSetBlob on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-15 22:35:11 +02:00
Istvan Noszticzius
865886553d Fix use after free bug. 
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2014-08-15 16:50:16 +01:00
Frdric Giudicelli
c753e71e0a RT783: Minor optimization to ASN1_INTEGER_set 
Remove local variable and avoid extra assignment.

Reviewed-by: Emilia Kasper <emilia@silkandcyanide.net>
 2014-08-15 10:54:43 -04:00
Rob Austein
cf8bac4456 RT2465: Silence some gcc warnings 
"Another machine, another version of gcc, another batch
of compiler warnings."  Add "=NULL" to some local variable
declarations that are set by passing thier address into a
utility function; confuses GCC it might not be set.

Reviewed-by: Emilia Ksper <emilia@silkandcyanide.net>
 2014-08-15 10:52:06 -04:00
Hans Wennborg
01e438f288 RT3023: Redundant logical expressions 
Remove some redundant logical expressions

Reviewed-by: Emilia Kasper <emilia@silkandcyanide.net>
 2014-08-15 10:45:00 -04:00
Emilia Kasper
f0ca9ccaef make depend 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-14 15:24:58 +02:00
Bodo Moeller
16602b5cd5 Further improve/fix ec_GFp_simple_points_make_affine (ecp_smpl.c) and 
group_order_tests (ectest.c).  Also fix the EC_POINTs_mul documentation (ec.h).

Reviewed-by: emilia@openssl.org
 2014-08-13 17:37:19 +02:00
Dr Stephen Henson
b00f586a81 Fix d4a4370050 
Fully remove old error, per drH
Reviewed-by: rsalz
 2014-08-11 17:32:57 -04:00
Scott Schaefer
d4a4370050 RT 2517: Various typo's. 
Reviewed-by: Emilia Kasper

Many of these were already fixed, this catches the last
few that were missed.
 2014-08-11 13:43:31 -04:00
Rich Salz
f642ebc1e2 Undo a90081576c 
Undo unapproved commit that removed DJGPP and WATT32
 2014-08-09 08:02:20 -04:00
Rich Salz
a90081576c Remove DJGPP (and therefore WATT32) #ifdef's. 
DJGPP is no longer a supported platform.  Remove all #ifdef, etc.,
cases that refer to it.  DJGPP also #define'd WATT32, so that
is now removed as well.
 2014-08-08 16:54:14 -04:00
Dr. Stephen Henson
4a23b12a03 Fix SRP buffer overrun vulnerability. 
Invalid parameters passed to the SRP code can be overrun an internal
buffer. Add sanity check that g, A, B < N to SRP code.

Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC
Group for reporting this issue.
 2014-08-06 20:36:41 +01:00
Emilia Kasper
0042fb5fd1 Fix OID handling: 
- Upon parsing, reject OIDs with invalid base-128 encoding.
- Always NUL-terminate the destination buffer in OBJ_obj2txt printing function.

CVE-2014-3508

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-06 20:36:41 +01:00
Bodo Moeller
0fe73d6c36 Simplify and fix ec_GFp_simple_points_make_affine 
(which didn't always handle value 0 correctly).

Reviewed-by: emilia@openssl.org
 2014-08-01 17:18:14 +02:00
Billy Brumley
cba11f57ce "EC_POINT_invert" was checking "dbl" function pointer instead of "invert". 
PR#2569

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-07-21 22:18:40 +01:00
Andy Polyakov
5c3598307e sha1-ppc.pl: shave off one cycle from BODY_20_39 
and improve performance by 10% on POWER[78].

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2014-07-21 15:29:09 +02:00
Andy Polyakov
0e716d9207 Engage GHASH for PowerISA 2.0.7. 
[and split ppccap.c to ppccap.c and ppc_arch.h]

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-20 14:16:31 +02:00
Andy Polyakov
f5b798f50c Add GHASH for PowerISA 2.0.7. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-20 14:14:26 +02:00
Dr. Stephen Henson
03c075e572 Windows build fixes. 
Add cmac.h to mkdef.pl
Remove ENGINE_load_rsax from engine.h: no longer built.
Update ordinals
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-19 22:57:37 +01:00
Dr. Stephen Henson
d31fed73e2 RFC 5649 support. 
Add support for RFC5649 key wrapping with padding.

Add RFC5649 tests to evptests.txt

Based on PR#3434 contribution by Petr Spacek <pspacek@redhat.com>.

EVP support and minor changes added by Stephen Henson.

Doxygen comment block updates by Tim Hudson.

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-18 21:37:13 +01:00
Dr. Stephen Henson
58f4698f67 Make *Final work for key wrap again. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-17 23:29:14 +01:00
Dr. Stephen Henson
d12eef1501 Sanity check lengths for AES wrap algorithm. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-17 12:57:40 +01:00
Andy Polyakov
e91718e80d Revert "Add GHASH for PowerISA 2.07." 
This reverts commit 927f2e5dea.
 2014-07-16 13:38:15 +02:00
Andy Polyakov
6cd13f70bb Revert "Engage GHASH for PowerISA 2.07." 
This reverts commit 14aaf883d9.
 2014-07-16 13:37:37 +02:00
Andy Polyakov
14aaf883d9 Engage GHASH for PowerISA 2.07. 2014-07-16 08:03:34 +02:00
Andy Polyakov
927f2e5dea Add GHASH for PowerISA 2.07. 2014-07-16 08:01:41 +02:00
Matt Caswell
f8571ce822 Fixed valgrind complaint due to BN_consttime_swap reading uninitialised data. 
This is actually ok for this function, but initialised to zero anyway if
PURIFY defined.

This does have the impact of masking any *real* unitialised data reads in bn though.

Patch based on approach suggested by Rich Salz.

PR#3415
 2014-07-13 22:17:39 +01:00
Richard Levitte
8b5dd34091 * crypto/ui/ui_lib.c: misplaced brace in switch statement. 
Detected by dcruette@qualitesys.com
 2014-07-13 19:11:46 +02:00
Ben Laurie
c1d1b0114e Don't clean up uninitialised EVP_CIPHER_CTX on error (CID 483259). 2014-07-10 17:49:02 +01:00
Matt Caswell
66816c53be Fix memory leak in BIO_free if there is no destroy function. 
Based on an original patch by Neitrino Photonov <neitrinoph@gmail.com>

PR#3439
 2014-07-09 23:29:17 +01:00
Andy Polyakov
1b0fe79f3e x86_64 assembly pack: improve masm support. 2014-07-09 20:08:01 +02:00
Andy Polyakov
d11c70b2c2 Please Clang's sanitizer, addendum. 2014-07-08 23:06:59 +02:00
Andy Polyakov
021e5043e5 Please Clang's sanitizer. 
PR: #3424,#3423,#3422
 2014-07-08 22:24:44 +02:00
Andy Polyakov
07b635cceb sha[1|512]-x86_64.pl: fix logical errors with $shaext=0. 2014-07-07 17:01:07 +02:00
David Lloyd
9d23f422a3 Prevent infinite loop loading config files. 
PR#2985
 2014-07-07 13:19:57 +01:00
Viktor Dukhovni
297c67fcd8 Update API to use (char *) for email addresses and hostnames 
Reduces number of silly casts in OpenSSL code and likely most
applications.  Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().
 2014-07-07 19:11:38 +10:00
Dr. Stephen Henson
5ecf1141a5 Sanity check keylength in PVK files. 
PR#2277
 2014-07-06 00:36:16 +01:00
Andy Polyakov
7eb9680ae1 sha512-x86_64.pl: fix typo. 
PR: #3431
 2014-07-05 23:59:57 +02:00
Alan Hryngle
fdea4fff8f Return smaller of ret and f. 
PR#3418.
 2014-07-05 22:37:41 +01:00
Viktor Dukhovni
ced3d9158a Set optional peername when X509_check_host() succeeds. 
Pass address of X509_VERIFY_PARAM_ID peername to X509_check_host().
Document modified interface.
 2014-07-06 01:50:50 +10:00
Viktor Dukhovni
6e661d458f New peername element in X509_VERIFY_PARAM_ID 
Declaration, memory management, accessor and documentation.
 2014-07-06 01:50:50 +10:00
Ben Laurie
6835f572a9 Reduce casting nastiness. 2014-07-05 15:00:53 +01:00
Dr. Stephen Henson
55707a36cc Add license info. 2014-07-04 18:41:45 +01:00
Dr. Stephen Henson
b948ee27b0 Remove all RFC5878 code. 
Remove RFC5878 code. It is no longer needed for CT and has numerous bugs
 2014-07-04 13:26:35 +01:00
Andy Polyakov
eca441b2b4 bn_exp.c: fix x86_64-specific crash with one-word modulus. 
PR: #3397
 2014-07-02 19:35:50 +02:00
Dr. Stephen Henson
398e99fe5e ASN1 sanity check. 
Primitive encodings shouldn't use indefinite length constructed
form.

PR#2438 (partial).
 2014-07-02 00:59:26 +01:00
Andy Polyakov
c7ada16d39 perlasm/ppc-xlate.pl update. 2014-07-01 19:11:11 +02:00