wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8405 commits 20 branches 302 tags 153 MiB
Commit graph

4160 commits

Author SHA1 Message Date
Dr. Stephen Henson
6cb5746b65 Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(), 
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.

Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
 2010-10-03 18:55:57 +00:00
Dr. Stephen Henson
ae3b60ba99 fix bug in AES_unwrap() 2010-08-30 23:57:03 +00:00
Bodo Möller
d4ba6424a1 ECC library bugfixes. 
Submitted by: Emilia Kapser (Google)
 2010-08-26 12:10:25 +00:00
Dr. Stephen Henson
78dcaa0609 PR: 2297 
Submitted by: Antony, Benoy <bantony@ebay.com>
Approved by: steve@openssl.org

Fix bug in AES wrap code when t > 0xff.
 2010-07-09 17:24:29 +00:00
Dr. Stephen Henson
65b4c34d86 initialise pbe_tmp 2010-07-08 16:51:48 +00:00
Andy Polyakov
d8486c312c rand_nw.c: compensate for gcc bug (using %edx instead of %eax at -O3) 
[from HEAD].
PR: 2296
 2010-07-08 09:15:14 +00:00
Dr. Stephen Henson
63e3676e68 fix so it is safe to repeatedly add PBE algorithms 2010-06-26 12:55:01 +00:00
Dr. Stephen Henson
1dac2cae68 prepare for next release 2010-06-16 13:40:09 +00:00
Ben Laurie
d886975835 Fix gcc 4.6 warnings. Check TLS server hello extension length. 2010-06-12 13:18:58 +00:00
Dr. Stephen Henson
22872a5363 Prepare for release. 2010-06-01 14:47:12 +00:00
Dr. Stephen Henson
82b6b541b1 Fix CVE-2010-0742 2010-06-01 14:39:57 +00:00
Dr. Stephen Henson
60a989a76e fix PR#2261 in a different way 2010-05-31 13:17:52 +00:00
Andy Polyakov
18394ed50f 098 aes-x86_64.pl module was erroneously enabled in Win64 build without 
being adapted for Win64 ABI. Fix this.
 2010-05-30 22:02:03 +00:00
Dr. Stephen Henson
356f164f52 PR: 2258 
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Base64 BIO fixes:

Use OPENSSL_assert() instead of assert().
Use memmove() as buffers overlap.
Fix write retry logic.
 2010-05-27 12:41:33 +00:00
Dr. Stephen Henson
203ef9988c PR: 2266 
Submitted By: Jonathan Gray <jsg@goblin.cx>

Correct ioctl definitions.
 2010-05-26 23:23:53 +00:00
Dr. Stephen Henson
59c4f46f0f PR: 2251 
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org

Memleak, BIO chain leak and realloc checks in v3_pci.c
 2010-05-22 00:31:18 +00:00
Dr. Stephen Henson
a7949b8da3 PR: 2253 
Submitted By: Ger Hobbelt <ger@hobbelt.com>

Check callback return value when outputting errors.
 2010-05-15 00:36:40 +00:00
Andy Polyakov
b8febed96a Prevent ERR_print_errors_fp crash on Win32 [from HEAD]. 2010-04-20 20:28:30 +00:00
Andy Polyakov
c25e8ee9b3 md32_common.h: fix copy-n-paste typo. The typo was present in 098 only. 2010-03-29 11:23:11 +00:00
Dr. Stephen Henson
4525a048ec PR: 1696 
Check return value if d2i_PBEPARAM().
 2010-03-28 00:42:17 +00:00
Dr. Stephen Henson
17a79eec0c PR: 1763 
Remove useless num = 0 assignment.

Remove redundant cases on sock_ctrl(): default case handles them.
 2010-03-27 23:28:33 +00:00
Dr. Stephen Henson
1eda14b44f PR: 1813 
Submitted by: Torsten Hilbrich <torsten.hilbrich@secunet.com>

Fix memory leak when engine name cannot be loaded.
 2010-03-27 18:28:24 +00:00
Richard Levitte
ab9c0ec9fc Have an underscore before <ARCH> to make sure any future architecture 
name won't be mixed up with any crypto name.
 2010-03-25 14:45:22 +00:00
Dr. Stephen Henson
ea5b3f5e62 PR: 2202 (partial) 
Submitted by: Steven M. Schweda <sms@antinode.info>

Make some declarations conditional on FIPS/ENGINE.
Make pqueue_print non-VAX.
 2010-03-25 12:17:17 +00:00
Dr. Stephen Henson
c3c658e1c0 updates for next version 2010-03-25 12:07:04 +00:00
Dr. Stephen Henson
4fae868811 prepare for release 2010-03-24 13:16:55 +00:00
Andy Polyakov
c3484e0268 rand_win.c: fix logical bug in readscreen [from HEAD]. 2010-03-22 22:44:48 +00:00
Andy Polyakov
6b0be9c73d bss_file.c: fix MSC 6.0 warning [from HEAD]. 2010-03-22 22:40:18 +00:00
Andy Polyakov
02312a91ca ppc.pl: assembler Y chokes on apostrophes in comment. 2010-03-22 20:58:43 +00:00
Andy Polyakov
f1502a491e Fix UPLINK typo [from HEAD]. 2010-03-15 22:27:32 +00:00
Dr. Stephen Henson
cc53036744 missing goto meant signature was never printed out 2010-03-12 12:07:16 +00:00
Dr. Stephen Henson
5e8e7054f7 The OID sanity check was incorrect. It should only disallow *leading* 0x80 
values.
 2010-03-07 16:40:31 +00:00
Dr. Stephen Henson
9a542ea01d don't add digest alias if signature algorithm is undefined 2010-03-06 20:52:33 +00:00
Dr. Stephen Henson
1939f83709 Fix memory leak: free up ENGINE functional reference if digest is not 
found in an ENGINE.
 2010-03-05 13:35:06 +00:00
Dr. Stephen Henson
7786ed6a64 don't mix definitions and code 2010-03-03 15:30:05 +00:00
Andy Polyakov
bdd08277b8 Fix s390x-specific HOST_l2c|c2l [from HEAD]. 
Submitted by: Andreas Krebbel
 2010-03-02 16:26:13 +00:00
Dr. Stephen Henson
2bf4faa7e4 PR: 2178 
Submitted by: "Kennedy, Brendan" <brendan.kennedy@intel.com>

Handle error codes correctly: cryptodev returns 0 for success whereas OpenSSL
returns 1.
 2010-03-01 23:54:19 +00:00
Dr. Stephen Henson
2e5e604b0c load cryptodev if HAVE_CRYPTODEV is set too 2010-03-01 00:30:11 +00:00
Ben Laurie
ed4cd027f3 Fix warnings. 2010-02-28 13:37:15 +00:00
Dr. Stephen Henson
582eb96d15 Revert CFB block length change. Despite what SP800-38a says the input to 
CFB mode does *not* have to be a multiple of the block length and several
other specifications (e.g. PKCS#11) do not require this.
 2010-02-26 14:41:38 +00:00
Dr. Stephen Henson
2649ce1ebc Change versions for 0.9.8n-dev 2010-02-26 14:34:24 +00:00
Dr. Stephen Henson
7070cdba4e Prepare for 0.9.8m release 2010-02-25 17:18:23 +00:00
Richard Levitte
e885de28b1 Since crypto-lib.com is built to be executed in the crypto/ directory, 
there's no need to specify that directory in the include path.
 2010-02-24 01:20:04 +00:00
Bodo Möller
3e4da3f7cb Always check bn_wexpend() return values for failure (CVE-2009-3245). 
(The CHANGES entry covers the change from PR #2111 as well, submitted by
Martin Olsson.)

Submitted by: Neel Mehta
 2010-02-23 10:36:41 +00:00
Richard Levitte
defede6080 Include [.CRYPTO.<ARCH>] instead of just [.<ARCH>] 2010-02-23 07:50:54 +00:00
Richard Levitte
00d1ecb1da Add t1_reneg to the VMS build. 
Hack the symbols with long names.
 2010-02-22 07:05:24 +00:00
Bodo Möller
739e0e934a Fix X509_STORE locking 2010-02-19 18:25:39 +00:00
Dr. Stephen Henson
657b02d0cf PR: 2100 
Submitted by: James Baker <jbaker@tableausoftware.com> et al.

Workaround for slow Heap32Next on some versions of Windows.
 2010-02-17 14:32:01 +00:00
Dr. Stephen Henson
1b690c1a8b The "block length" for CFB mode was incorrectly coded as 1 all the time. It 
should be the number of feedback bits expressed in bytes. For CFB1 mode set
this to 1 by rounding up to the nearest multiple of 8.
 2010-02-15 19:40:45 +00:00
Dr. Stephen Henson
2873a53f5f Correct ECB mode EVP_CIPHER definition: IV length is 0 2010-02-15 19:25:37 +00:00
Dr. Stephen Henson
04a781e844 PR: 2164 
Submitted by: "Noszticzius, Istvan" <inoszticzius@rightnow.com>

Don't clear the output buffer: ciphers should correctly the same input
and output buffers.
 2010-02-15 19:02:53 +00:00
Dr. Stephen Henson
0bbbadf3f5 Fix memory leak in ENGINE autoconfig code. Improve error logging. 2010-02-09 14:18:15 +00:00
Dr. Stephen Henson
4a9d335bb4 tolerate broken CMS/PKCS7 implementations using signature OID instead of digest 2010-02-02 14:19:54 +00:00
Dr. Stephen Henson
0369804ffa In engine_table_select() don't clear out entire error queue: just clear 
out any we added using ERR_set_mark() and ERR_pop_to_mark() otherwise
errors from other sources (e.g. SSL library) can be wiped.
 2010-01-28 17:53:11 +00:00
Dr. Stephen Henson
b3fb2492d5 eliminate some warnings in fips build 2010-01-27 13:21:34 +00:00
Dr. Stephen Henson
93b810637b Bypass algorithm blocking with TLS MD5+SHA1 signature in FIPS mode by 
calling underlying method directly.
 2010-01-27 00:51:24 +00:00
Dr. Stephen Henson
9413788571 PR: 2138 
Submitted by: Kevin Regan <k.regan@f5.com>

Clear stat structure if -DPURIFY is set to avoid problems on some
platforms which include unitialised fields.
 2010-01-26 18:08:42 +00:00
Dr. Stephen Henson
1b32943215 Update OID table too. 2010-01-25 16:08:52 +00:00
Dr. Stephen Henson
a231d99d4c PR: 2149 
Submitted by: Douglas Stebila <douglas@stebila.ca>

Fix wap OIDs.
 2010-01-25 16:08:01 +00:00
Dr. Stephen Henson
cf876a9893 change versions back to 0.9.8m-dev 2010-01-20 18:22:04 +00:00
Dr. Stephen Henson
8b8a2928af prepare for release 2010-01-20 17:26:02 +00:00
Andy Polyakov
b86ebb55ff rand_win.c: handel GetTickCount wrap-around [from HEAD]. 2010-01-19 21:45:45 +00:00
Andy Polyakov
66956eaba3 x86_64-xlate.pl: refine sign extension logic when handling lea [from HEAD]. 
PR: 2094,2095
 2010-01-19 21:45:16 +00:00
Andy Polyakov
2557c6a812 Valgrind fix to aes-x86_64.pl in 0.9.8. For reference, newer aes-x86_64.pl 
don't suffer from the problem after Win64 SEH support was added.
PR: 2075
Submitted by: Peter Klotz
 2010-01-17 19:43:49 +00:00
Dr. Stephen Henson
06e2670a57 Modify compression code so it avoids using ex_data free functions. This 
stops applications that call CRYPTO_free_all_ex_data() prematurely leaking
memory.
 2010-01-13 18:45:03 +00:00
Andy Polyakov
5b8246d6eb x86_64-xlate.pl: new gas requires sign extention in lea instruction 
[from HEAD].
PR: 2094,2095
 2010-01-07 11:22:25 +00:00
Dr. Stephen Henson
c22050be29 Traditional Yuletide commit ;-) 
Add Triple DES CFB1 and CFB8 to algorithm list and NID translation.
 2009-12-25 14:11:18 +00:00
Bodo Möller
54ca55fd81 Constify crypto/cast. 2009-12-22 11:45:57 +00:00
Bodo Möller
d0e79d7e2c Constify crypto/cast. 2009-12-22 10:59:03 +00:00
Dr. Stephen Henson
c1003dfd15 Ooops, engage ENGINE initialisation code correctly in FIPS builds. 2009-12-17 16:38:18 +00:00
Dr. Stephen Henson
9e5dea0ffd PR: 2124 
Submitted by: Jan Pechanec <Jan.Pechanec@Sun.COM>

Check for memory allocation failures.
 2009-12-09 13:41:50 +00:00
Dr. Stephen Henson
1ff44a99a4 PR: 2111 
Submitted by: Martin Olsson <molsson@opera.com>

Check for bn_wexpand errors in bn_mul.c
 2009-12-02 15:27:19 +00:00
Dr. Stephen Henson
b172352b52 PR: 1432 
Submitted by: "Andrzej Chmielowiec" <achmielowiec@enigma.com.pl>, steve@openssl.org
Approved by: steve@openssl.org

Truncate hash if it is too large: as required by FIPS 186-3.
 2009-12-01 17:32:16 +00:00
Dr. Stephen Henson
637e0ba420 PR: 2094 
Submitted by: Arkadiusz Miskiewicz <arekm@maven.pl>
Approved by: steve@openssl.org

Fix for out range of signed 32bit displacement error on newer binutils.
 2009-11-13 14:14:46 +00:00
Richard Levitte
e333a8d673 Updated from 1.0.0-stable. 2009-11-12 16:59:18 +00:00
Dr. Stephen Henson
7e42945918 PR: 2091 
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org

If an OID has no short name or long name return the numerical representation.
 2009-11-10 01:00:37 +00:00
Dr. Stephen Henson
b61a87b26c check new_der for NULL too 2009-11-10 00:46:57 +00:00
Dr. Stephen Henson
2c6b141931 PR: 2090 
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org

Improve error checking in asn1_gen.c
 2009-11-10 00:40:42 +00:00
Dr. Stephen Henson
381a9f04a0 Fix unitialized warnings 2009-10-04 16:53:18 +00:00
Dr. Stephen Henson
d7050b4424 Fix warnings about ignoring fgets return value 2009-10-04 16:43:39 +00:00
Dr. Stephen Henson
91ca332058 Prevent ignored return value warning 2009-10-04 14:04:36 +00:00
Dr. Stephen Henson
ff095a8ac8 Prevent aliasing warning 2009-10-04 14:02:35 +00:00
Dr. Stephen Henson
ae37f9f3a2 PR: 2062 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BN_rand error handling in bntest.c
 2009-10-01 00:22:23 +00:00
Dr. Stephen Henson
95d66bd867 PR: 2059 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct EVP_SealInit error handling in pem_seal.c
 2009-10-01 00:18:09 +00:00
Dr. Stephen Henson
6d73e9d8e8 PR: 2056 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_wirte error handling in asn1_par.c
 2009-10-01 00:12:49 +00:00
Dr. Stephen Henson
36a38a7a27 PR: 2063 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_write error handling in ocsp_prn.c
 2009-09-30 23:59:42 +00:00
Dr. Stephen Henson
2a4dc7e505 PR: 2057 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_write, BIO_printf, i2a_ASN1_INTEGER and i2a_ASN1_OBJECT
error handling in OCSP print routines.
 2009-09-30 23:56:29 +00:00
Ben Laurie
4e92353d23 Make it build, plus make depend. 2009-09-27 14:04:33 +00:00
Dr. Stephen Henson
0badc909ae PR: 2050 
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

Fix handling of ENOTCONN and EMSGSIZE for dgram BIOs.
 2009-09-22 11:33:58 +00:00
Dr. Stephen Henson
3cc52ee97a Don't set non fips allow flags when calling RSA_new() and DSA_new(). 2009-09-22 11:28:05 +00:00
Dr. Stephen Henson
9e6c97703c Don't use __try+__except unless on VC++ 2009-09-20 12:38:46 +00:00
Dr. Stephen Henson
e1246e1ad7 Submitted by: Julia Lawall <julia@diku.dk> 
The functions ENGINE_ctrl(), OPENSSL_isservice(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.
 2009-09-13 11:20:38 +00:00
Dr. Stephen Henson
cf51a0dccb Seed PRNG with DSA and ECDSA digests for additional protection against 
possible PRNG state duplication.
 2009-09-09 12:07:41 +00:00
Dr. Stephen Henson
48b30bf0e2 make update 2009-09-06 16:14:20 +00:00
Dr. Stephen Henson
17b08b6a64 PR: 1644 
Submitted by: steve@openssl.org

Fix to make DHparams_dup() et al work in C++.

For 0.9.8, we just change the macro to avoid making incompatible changes to
the API.
 2009-09-06 15:46:46 +00:00
Dr. Stephen Henson
197ab47bdd PR: 2028 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS cookie management bugs.
 2009-09-04 17:53:30 +00:00
Richard Levitte
2c83b24cad Remove tmdiff.h from EXHEADERS as it doesn't exist. 
Don't have separate installation directory variables for VAX and AXP.

Submitted by Zoltan Arpadffy <zoli@polarhome.com>
 2009-08-25 07:28:18 +00:00
Richard Levitte
c21a427a14 Make it possible to compile non-assembler routines on AXP as well. 
Submitted by Zoltan Arpadffy <arpadffy@polarhome.com>
 2009-08-25 07:22:07 +00:00
Dr. Stephen Henson
3af16cf694 Backport GeneralizedTime fractional seconds support from HEAD. 2009-08-10 15:15:27 +00:00
Dr. Stephen Henson
759b287f15 Add COMP error strings. 2009-08-09 14:51:56 +00:00