Commit graph

4155 commits

Author SHA1 Message Date
Bodo Möller
9adf3fcf9a Fix BIO_f_buffer().
Submitted by: Adam Langley
Reviewed by: Bodo Moeller
2011-12-02 12:23:57 +00:00
Andy Polyakov
65f7456652 ppc.pl: fix bug in bn_mul_comba4 [from HEAD].
PR: 2636
Submitted by: Charles Bryant
2011-11-05 10:17:06 +00:00
Dr. Stephen Henson
f8731bc2fd PR: 2632
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Return -1 immediately if not affine coordinates as BN_CTX has not been
set up.
2011-10-26 16:42:48 +00:00
Bodo Möller
195d6bf760 BN_BLINDING multi-threading fix.
Submitted by: Emilia Kasper (Google)
2011-10-19 14:57:59 +00:00
Dr. Stephen Henson
6d50bce79f PR: 2482
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.
2011-10-09 00:56:18 +00:00
Dr. Stephen Henson
85e776885b PR: 2606
Submitted by: Christoph Viethen <cv@kawo2.rwth-aachen.de>
Reviewed by: steve

Handle timezones correctly in UTCTime.
2011-09-23 13:40:06 +00:00
Bodo Möller
1c7c69a8a5 Fix memory leak on bad inputs. 2011-09-05 09:56:48 +00:00
Bodo Möller
24ad061037 Move OPENSSL_init declaration out of auto-generated code section
(it is not auto-generated).
2011-09-05 09:52:58 +00:00
Dr. Stephen Henson
92f96fa721 PR: 2576
Submitted by: Doug Goldstein <cardoe@gentoo.org>
Reviewed by: steve

Include header file stdlib.h which is needed on some platforms to get
getenv() declaration.
2011-09-02 11:20:49 +00:00
Dr. Stephen Henson
0d1e362363 PR: 2340
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar>
Reviewed by: steve

Stop warnings if OPENSSL_NO_DGRAM is defined.
2011-09-01 15:03:10 +00:00
Dr. Stephen Henson
a0bf2c86ab make timing attack protection unconditional 2011-09-01 14:23:41 +00:00
Dr. Stephen Henson
24d0524f31 PR: 2588
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Close file pointer.
2011-09-01 13:48:48 +00:00
Dr. Stephen Henson
46a1f2487e PR: 2559
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS socket error bug
2011-07-20 15:20:19 +00:00
Dr. Stephen Henson
82a5049f6a PR: 2556 (partial)
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve

Fix OID routines.

Check on encoding leading zero rejection should start at beginning of
encoding.

Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
2011-07-14 12:01:08 +00:00
Andy Polyakov
d027b75b73 perlasm/cbc.pl: fix tail processing bug [from HEAD].
PR: 2557
2011-07-13 06:25:15 +00:00
Dr. Stephen Henson
87d14a3625 PR: 2470
Submitted by: Corinna Vinschen <vinschen@redhat.com>
Reviewed by: steve

Don't call ERR_remove_state from DllMain.
2011-06-22 15:39:19 +00:00
Dr. Stephen Henson
22152d6885 PR: 2540
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Prevent infinite loop in BN_GF2m_mod_inv().
2011-06-22 15:23:20 +00:00
Dr. Stephen Henson
102bcbce8d correctly encode OIDs near 2^32 2011-06-22 15:15:20 +00:00
Andy Polyakov
8655de423d rc4_skey.c [0.9.8]: at some point rc4_skey and x86[_64]cpuid were modified
to examine bit#20 on x86[_64], but it was erroneously reverted to bit#28
in 2008 in process of FIPS integration.
2011-06-06 19:58:21 +00:00
Dr. Stephen Henson
bc7ee385f5 Fix the ECDSA timing attack mentioned in the paper at:
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
2011-05-25 14:52:54 +00:00
Dr. Stephen Henson
1e368ab08f Fix the ECDSA timing attack mentioned in the paper at:
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
2011-05-25 14:43:47 +00:00
Dr. Stephen Henson
6d12b1f82b check buffer is larger enough before overwriting 2011-04-06 18:07:12 +00:00
Bodo Möller
d430f56de6 start 0.9.8s-dev 2011-02-08 17:58:34 +00:00
Bodo Möller
957ebe98fb OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d)
Submitted by: Neel Mehta, Adam Langley, Bodo Moeller
2011-02-08 17:10:47 +00:00
Bodo Möller
9d09fc8485 Assorted bugfixes:
- RLE decompression boundary case
- SSL 2.0 key arg length check

Submitted by: Google (Neel Mehta, Bodo Moeller)
2011-02-03 12:04:48 +00:00
Dr. Stephen Henson
a3dc628d86 PR: 2433
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve

Constify ASN1_STRING_set_default_mask_asc().
2011-01-24 16:21:00 +00:00
Dr. Stephen Henson
3c159fc1a5 check EC public key isn't point at infinity 2011-01-24 15:08:12 +00:00
Dr. Stephen Henson
6056afd223 PR: 1612
Submitted by: Robert Jackson <robert@rjsweb.net>
Reviewed by: steve

Fix EC_POINT_cmp function for case where b but not a is the point at infinity.
2011-01-24 14:42:11 +00:00
Dr. Stephen Henson
f4a4a0fdc7 PR: 2411
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Fix corner cases in RFC3779 code.
2011-01-03 01:40:22 +00:00
Dr. Stephen Henson
9ad765173f Fix escaping code for string printing. If *any* escaping is enabled we
must escape the escape character itself (backslash).
2011-01-03 01:26:33 +00:00
Dr. Stephen Henson
c8e3c1a9b5 PR: 2410
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Use OPENSSL_assert() instead of assert().
2011-01-03 01:20:03 +00:00
Dr. Stephen Henson
ae378b769a use fips-dev not dev-fips 2011-01-03 00:43:47 +00:00
Dr. Stephen Henson
4de4e35459 PR: 2416
Submitted by: Mark Phalan <mark.phalan@oracle.com>
Reviewed by: steve

Use L suffix in version number.
2011-01-03 00:25:47 +00:00
Bodo Möller
5537a83e56 Add missing explicit instruction size.
[CVS head and later branches have this since revision 1.7 of this file.]

Submitted by: Chandler Carruth (Google)
2010-12-13 20:47:26 +00:00
Dr. Stephen Henson
b8be571868 update for next release 2010-12-02 19:42:28 +00:00
Dr. Stephen Henson
acd43bf38c prepare for release 2010-12-02 18:53:52 +00:00
Dr. Stephen Henson
7258d33794 PR: 2386
Submitted by: Stefan Birrer <stefan.birrer@adnovum.ch>
Reviewed by: steve

Correct SKM_ASN1_SET_OF_d2i macro.
2010-12-02 18:02:02 +00:00
Dr. Stephen Henson
4d6af5c5d2 ../comm.txt 2010-11-27 17:33:34 +00:00
Ben Laurie
efed63d783 Backport J-PAKE fix. 2010-11-26 16:03:23 +00:00
Dr. Stephen Henson
0067580321 update for next version 2010-11-16 16:35:37 +00:00
Dr. Stephen Henson
82e0073624 oops, correct version number 2010-11-16 14:56:17 +00:00
Dr. Stephen Henson
7e541b1a7f prepare for release 2010-11-16 14:37:28 +00:00
Dr. Stephen Henson
3e8b8b8990 Submitted by: Jonathan Dixon <joth@chromium.org>
Reviewed by: steve

If store is NULL set flags correctly.
2010-11-02 15:57:00 +00:00
Dr. Stephen Henson
05bbbe9204 PR: 2295
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve

OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.
2010-10-11 23:28:54 +00:00
Dr. Stephen Henson
93fc0e0e40 We can't always read 6 bytes in an OCSP response: fix so error statuses
are read correctly for non-blocking I/O.
2010-10-06 18:01:35 +00:00
Dr. Stephen Henson
6cb5746b65 Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(),
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.

Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
2010-10-03 18:55:57 +00:00
Dr. Stephen Henson
ae3b60ba99 fix bug in AES_unwrap() 2010-08-30 23:57:03 +00:00
Bodo Möller
d4ba6424a1 ECC library bugfixes.
Submitted by: Emilia Kapser (Google)
2010-08-26 12:10:25 +00:00
Dr. Stephen Henson
78dcaa0609 PR: 2297
Submitted by: Antony, Benoy <bantony@ebay.com>
Approved by: steve@openssl.org

Fix bug in AES wrap code when t > 0xff.
2010-07-09 17:24:29 +00:00
Dr. Stephen Henson
65b4c34d86 initialise pbe_tmp 2010-07-08 16:51:48 +00:00