wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10131 commits 20 branches 302 tags 153 MiB
Commit graph

5280 commits

Author SHA1 Message Date
Ben Laurie
af454b5bb0 Reduce version skew. 2012-06-08 09:18:47 +00:00
Andy Polyakov
6321ac9e15 ppccap.c: assume no features under 32-bit AIX kernel [from HEAD]. 
PR: 2810
 2012-05-16 18:18:29 +00:00
Dr. Stephen Henson
eeca72f71e PR: 2813 
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>

Fix possible deadlock when decoding public keys.
 2012-05-11 13:52:46 +00:00
Dr. Stephen Henson
d9c34505e5 prepare for next version 2012-05-10 16:02:30 +00:00
Dr. Stephen Henson
f9885acc8c prepare for 1.0.1c release 2012-05-10 15:16:37 +00:00
Dr. Stephen Henson
5b9d0995a1 Reported by: Solar Designer of Openwall 
Make sure tkeylen is initialised properly when encrypting CMS messages.
 2012-05-10 13:34:22 +00:00
Andy Polyakov
c9b31189a9 ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performance 
of digest algorithms, mosty SHA, on Power7. Mystery of century, why SHA,
why slower algorithm are affected more... [from HEAD].
PR: 2794
Submitted by: Ashley Lai
 2012-04-27 20:20:15 +00:00
Dr. Stephen Henson
c940e07014 prepare for next version 2012-04-26 12:01:38 +00:00
Dr. Stephen Henson
88be4ebfbc make update 2012-04-26 10:42:20 +00:00
Dr. Stephen Henson
effa47b80a prepare for 1.0.1b release 2012-04-26 10:40:39 +00:00
Dr. Stephen Henson
2f2d33f470 correct error code 2012-04-22 13:31:26 +00:00
Andy Polyakov
0d829f6681 e_rc4_hmac_md5.c: reapply commit#21726, which was erroneously omitted. 
PR: 2797, 2792
 2012-04-20 21:45:17 +00:00
Dr. Stephen Henson
d9540579c5 call OPENSSL_init when calling FIPS_mode too 2012-04-20 14:42:54 +00:00
Dr. Stephen Henson
ecf963b80d make ciphers work again for FIPS builds 2012-04-20 00:07:48 +00:00
Andy Polyakov
7fc6d35be0 e_rc4_hmac_md5.c: last commit was inappropriate for non-x86[_64] platforms 
[from HEAD].
PR: 2792
 2012-04-19 20:43:02 +00:00
Dr. Stephen Henson
e7d2a37158 update for next version 2012-04-19 16:53:43 +00:00
Dr. Stephen Henson
531c6fc8f3 prepare for 1.0.1a release 2012-04-19 12:17:19 +00:00
Dr. Stephen Henson
8d5505d099 Check for potentially exploitable overflows in asn1_d2i_read_bio 
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.

Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
 2012-04-19 12:13:59 +00:00
Dr. Stephen Henson
143619ccf6 only call FIPS_cipherinit in FIPS mode 2012-04-18 22:41:50 +00:00
Andy Polyakov
9f339d75b5 e_rc4_hmac_md5.c: update from HEAD, fixes crash on legacy Intel CPUs. 
PR: 2792
 2012-04-18 17:51:33 +00:00
Andy Polyakov
32e12316e5 OPENSSL_NO_SOCK fixes [from HEAD]. 
PR: 2791
Submitted by: Ben Noordhuis
 2012-04-16 17:43:15 +00:00
Andy Polyakov
ad7b24f145 Minor compatibility fixes [from HEAD]. 
PR: 2790
Submitted by: Alexei Khlebnikov
 2012-04-16 17:36:12 +00:00
Andy Polyakov
371056f2b9 e_aes_cbc_hmac_sha1.c: handle zero-length payload and engage empty frag 
countermeasure [from HEAD].

PR: 2778
 2012-04-15 14:23:03 +00:00
Andy Polyakov
2d613908e8 s390x asm pack: fix typos. 2012-04-12 06:47:01 +00:00
Dr. Stephen Henson
18fb1fae08 oops, macro not present in OpenSSL 1.0.2 2012-04-11 15:11:16 +00:00
Dr. Stephen Henson
39ef161c72 fix reset fix 2012-04-11 15:05:45 +00:00
Dr. Stephen Henson
a7612c5066 make reinitialisation work for CMAC 2012-04-11 12:26:13 +00:00
Andy Polyakov
ebe81134c0 aes-s390x.pl: fix crash in AES_set_decrypt_key in linux32-s390x build [from HEAD]. 2012-04-09 15:12:45 +00:00
Andy Polyakov
a1d573e282 aes-armv4.pl: make it more foolproof [inspired by aes-s390x.pl in 1.0.1]. 2012-04-05 08:31:37 +00:00
Andy Polyakov
e959e24b47 aes-s390x.pl: fix endless loop in linux32-s390x build. 2012-04-05 08:17:21 +00:00
Andy Polyakov
9bf5fd894f modes_lcl.h: make it work on i386 [from HEAD]. 
PR: 2780
 2012-03-31 17:03:54 +00:00
Andy Polyakov
6296729fae vpaes-x86[_64].pl: handle zero length in vpaes_cbc_encrypt [from HEAD]. 
PR: 2775
 2012-03-31 16:55:18 +00:00
Andy Polyakov
0a5575f3f6 bn/bn_gf2m.c: make new BN_GF2m_mod_inv work with BN_DEBUG_RAND [from HEAD]. 2012-03-30 17:40:52 +00:00
Andy Polyakov
8c67b13407 perlasm/x86masm.pl: fix last fix [from HEAD]. 2012-03-29 18:11:21 +00:00
Andy Polyakov
2a477ccf0b ans1/tasn_prn.c: avoid bool in variable names [from HEAD]. 
PR: 2776
 2012-03-29 17:48:43 +00:00
Dr. Stephen Henson
c34137bef9 fix leak 2012-03-22 16:28:51 +00:00
Dr. Stephen Henson
914d91c5b3 Submitted by: Markus Friedl <mfriedl@gmail.com> 
Fix memory leaks in 'goto err' cases.
 2012-03-22 15:43:19 +00:00
Dr. Stephen Henson
e733dea3ce update version to 1.0.1a-dev 2012-03-22 15:18:19 +00:00
Andy Polyakov
d68d160cb7 bsaes-x86_64.pl: optimize key conversion [from HEAD]. 2012-03-16 21:45:51 +00:00
Dr. Stephen Henson
f3dcae15ac prepare for 1.0.1 release 2012-03-14 12:04:40 +00:00
Andy Polyakov
bcf9cf89e7 x86_64-xlate.pl: remove old kludge. 
PR: 2435,2440
 2012-03-13 19:19:31 +00:00
Dr. Stephen Henson
f0729fc3e0 corrected fix to PR#2711 and also cover mime_param_cmp 2012-03-12 16:29:47 +00:00
Dr. Stephen Henson
8186c00ef3 Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and 
continue with symmetric decryption process to avoid leaking timing
information to an attacker.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
 2012-03-12 16:27:50 +00:00
Dr. Stephen Henson
66fdb1c0d4 check return value of BIO_write in PKCS7_decrypt 2012-03-08 14:02:51 +00:00
Dr. Stephen Henson
25bfdca16a PR: 2755 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Reduce MTU after failed transmissions.
 2012-03-06 13:47:27 +00:00
Richard Levitte
70505bc334 For OpenVMS, use inttypes.h instead of stdint.h 2012-03-01 21:29:16 +00:00
Dr. Stephen Henson
a8595879ec PR: 2742 
Reported by: Dmitry Belyavsky <beldmit@gmail.com>

If resigning with detached content in CMS just copy data across.
 2012-02-29 14:01:53 +00:00
Dr. Stephen Henson
33a688e806 Fix memory leak cause by race condition when creating public keys. 
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
 2012-02-28 14:47:16 +00:00
Andy Polyakov
5c2bfad9b4 x86cpuid.pl: fix processor capability detection on pre-586 [from HEAD]. 2012-02-28 14:20:34 +00:00
Dr. Stephen Henson
250f979237 PR: 2736 
Reported by: Remi Gacogne <rgacogne-bugs@coredump.fr>

Preserve unused bits value in non-canonicalised ASN1_STRING structures
by using ASN1_STRING_copy which preseves flags.
 2012-02-27 18:45:18 +00:00