Commit graph

555 commits

Author SHA1 Message Date
Dr. Stephen Henson
9ad765173f Fix escaping code for string printing. If *any* escaping is enabled we
must escape the escape character itself (backslash).
2011-01-03 01:26:33 +00:00
Dr. Stephen Henson
6cb5746b65 Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(),
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.

Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
2010-10-03 18:55:57 +00:00
Ben Laurie
d886975835 Fix gcc 4.6 warnings. Check TLS server hello extension length. 2010-06-12 13:18:58 +00:00
Dr. Stephen Henson
5e8e7054f7 The OID sanity check was incorrect. It should only disallow *leading* 0x80
values.
2010-03-07 16:40:31 +00:00
Dr. Stephen Henson
b61a87b26c check new_der for NULL too 2009-11-10 00:46:57 +00:00
Dr. Stephen Henson
2c6b141931 PR: 2090
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org

Improve error checking in asn1_gen.c
2009-11-10 00:40:42 +00:00
Dr. Stephen Henson
381a9f04a0 Fix unitialized warnings 2009-10-04 16:53:18 +00:00
Dr. Stephen Henson
6d73e9d8e8 PR: 2056
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_wirte error handling in asn1_par.c
2009-10-01 00:12:49 +00:00
Dr. Stephen Henson
17b08b6a64 PR: 1644
Submitted by: steve@openssl.org

Fix to make DHparams_dup() et al work in C++.

For 0.9.8, we just change the macro to avoid making incompatible changes to
the API.
2009-09-06 15:46:46 +00:00
Dr. Stephen Henson
3af16cf694 Backport GeneralizedTime fractional seconds support from HEAD. 2009-08-10 15:15:27 +00:00
Dr. Stephen Henson
059230b320 Reject leading 0x80 in OID subidentifiers. 2009-08-06 16:22:57 +00:00
Dr. Stephen Henson
c60dca1f95 PR: 1868
Submitted by: Paolo Ganci <Paolo.Ganci@AdNovum.CH>
Approved by: steve@openssl.org

Don't set fields to NULL when freeing them up in ASN1 code. On some platforms
with sizeof(long) < sizeof(char *) this can cause a crash.
2009-03-25 10:42:34 +00:00
Dr. Stephen Henson
f021b7cca6 Reject BMPStrings and UniversalStrings of invalid length. This prevents
a crash in ASN1_STRING_print_ex() which assumes they are valid.
2009-03-25 10:35:57 +00:00
Dr. Stephen Henson
044855e146 Permit nested ASN1 string encoding but with a maximum depth to avoid
stack overflow.
2009-03-14 18:33:25 +00:00
Dr. Stephen Henson
ee4041b8bd PR: 1841
Submitted by: Martin Kaiser <lists@kaiser.cx>
Reviewed by: steve@openssl.org

Remove unused code.
2009-03-08 23:05:34 +00:00
Dr. Stephen Henson
72f6453c48 PR: 1835
Submitted by: Damien Miller <djm@mindrot.org>
Approved by: steve@openssl.org

Fix various typos.
2009-02-14 21:50:14 +00:00
Dr. Stephen Henson
73cb37295d Update from HEAD. 2009-01-28 12:55:36 +00:00
Dr. Stephen Henson
1f35508ae6 Support NumericString for name components. 2009-01-28 12:35:10 +00:00
Dr. Stephen Henson
3795297af8 Change old obsolete email address... 2008-11-05 18:36:57 +00:00
Dr. Stephen Henson
33fd33d423 Fix from HEAD. 2008-11-05 18:29:49 +00:00
Dr. Stephen Henson
c0e9f540e0 Check for errors in ASN1 sign and verify routines. 2008-09-25 16:38:07 +00:00
Dr. Stephen Henson
e852835da6 Make update: delete duplicate error code. 2008-09-17 17:11:09 +00:00
Dr. Stephen Henson
d83dde6180 Merge changes to build system from fips branch. 2008-09-16 21:44:57 +00:00
Dr. Stephen Henson
405f382144 Fix from HEAD. 2008-08-05 15:56:11 +00:00
Bodo Möller
0ff3766b0e Make sure not to read beyond end of buffer 2008-07-16 18:10:28 +00:00
Dr. Stephen Henson
aa9c7e4b8c Oops... PEM_write_bio_ASN1_stream() shouldn't be in 0.9.8 CMS backport. 2008-05-20 12:10:28 +00:00
Ben Laurie
56bef2df4f Fix warning. 2008-05-20 03:05:50 +00:00
Dr. Stephen Henson
8e42429c9d Update default CFLAGS and dependencies. 2008-04-03 23:18:27 +00:00
Dr. Stephen Henson
94b2c29f9d Backport of CMS code to 0.9.8-stable branch. Disabled by default. 2008-04-03 23:03:56 +00:00
Dr. Stephen Henson
090f931a35 Add -DOPENSSL_NO_DEPRECATED to debug-steve* targets. Add headers to make
build work.
2008-04-02 14:51:09 +00:00
Dr. Stephen Henson
9e7459fc5d Backport some useful ASN1 utility functions from HEAD. 2008-04-02 11:11:51 +00:00
Dr. Stephen Henson
30aa23fea2 Update from HEAD. 2008-03-31 14:59:13 +00:00
Andy Polyakov
7c52b7706f Source readability fix, which incidentally works around XLC compiler bug
[from HEAD].
PR: 1272
2008-02-11 13:18:40 +00:00
Dr. Stephen Henson
5f297c4504 Updates from HEAD. 2007-12-16 16:38:22 +00:00
Dr. Stephen Henson
a523276786 Backport certificate status request TLS extension support to 0.9.8. 2007-10-12 00:00:36 +00:00
Dr. Stephen Henson
927a28ba3b gcc 4.2 fixes to avoid use or function pointer casts in OpenSSL.
Fix various "computed value not used" warnings too.
2007-09-06 12:43:54 +00:00
Andy Polyakov
1040deb0c5 Respect ISO aliasing rules [from HEAD].
PR: 1296
2007-07-27 20:34:56 +00:00
Dr. Stephen Henson
d9a9aa027d Update from HEAD. 2007-05-22 23:33:08 +00:00
Dr. Stephen Henson
1cb7e5be5b Fix OID config module. 2007-04-08 17:45:03 +00:00
Lutz Jänicke
d69f85bf15 Fix incorrect handling of special characters
PR: 1459
Submitted by: tnitschke@innominate.com
Reviewed by: steve@openssl.org
2007-02-21 17:44:51 +00:00
Nils Larsch
5eee0253e5 remove unreachable code 2007-02-10 09:48:42 +00:00
Dr. Stephen Henson
dc3b721fa0 Update from 0.9.7-stable. 2007-01-23 17:54:22 +00:00
Dr. Stephen Henson
4a0d3530e0 Update from HEAD. 2007-01-21 13:16:49 +00:00
Nils Larsch
8e6905d238 remove trailing '\'
PR: 1438
2006-12-19 19:47:39 +00:00
Dr. Stephen Henson
9b945233b1 Update from HEAD. 2006-12-06 13:38:59 +00:00
Ben Laurie
4636341b05 Add RFC 3779 support, contributed by ARIN. 2006-11-27 13:36:55 +00:00
Dr. Stephen Henson
115fc340cb Rebuild error file C source files. 2006-11-21 20:14:46 +00:00
Mark J. Cox
951dfbb13a Introduce limits to prevent malicious keys being able to
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
2006-09-28 11:29:03 +00:00
Dr. Stephen Henson
c987c3f999 Fix from HEAD. 2006-09-22 17:07:40 +00:00
Dr. Stephen Henson
340b4dd7df Fix from HEAD. 2006-08-31 20:11:09 +00:00