openssl

Author	SHA1	Message	Date
Dr. Stephen Henson	4f2fc3c2dd	Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and continue with symmetric decryption process to avoid leaking timing information to an attacker. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this issue. (CVE-2012-0884)	2012-03-12 14:51:45 +00:00
Dr. Stephen Henson	25d5d15fd5	check return value of BIO_write in PKCS7_decrypt	2012-03-08 14:01:44 +00:00
Dr. Stephen Henson	725713f74a	PR: 2755 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reduce MTU after failed transmissions. [0.9.8 version of patch]	2012-03-07 15:14:16 +00:00
Dr. Stephen Henson	73eb0972cf	return failure code if I/O error	2012-03-06 19:08:30 +00:00
Dr. Stephen Henson	6720779c7e	revert PR#2755: it breaks compilation	2012-03-06 18:25:33 +00:00
Dr. Stephen Henson	b2a2c6af2a	PR: 2755 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reduce MTU after failed transmissions.	2012-03-06 13:45:47 +00:00
Dr. Stephen Henson	272993bac4	PR: 2696 Submitted by: Rob Austein <sra@hactrn.net> Fix inverted range problem in RFC3779 code. Thanks to Andrew Chi for generating test cases for this bug. [from HEAD]	2012-03-06 13:37:52 +00:00
Dr. Stephen Henson	58532ae047	oops, revert unrelated patches	2012-03-06 13:22:32 +00:00
Dr. Stephen Henson	4e7f6d380d	PR: 2748 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Fix possible DTLS timer deadlock.	2012-03-06 13:20:20 +00:00
Dr. Stephen Henson	f0be325f88	Fix memory leak cause by race condition when creating public keys. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.	2012-02-28 14:47:36 +00:00
Dr. Stephen Henson	b66af23aa9	free headers after use in error message	2012-02-27 16:26:32 +00:00
Dr. Stephen Henson	29d0c13e97	Detect symmetric crypto errors in PKCS7_decrypt. Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.	2012-02-27 15:23:20 +00:00
Dr. Stephen Henson	8a4e81a269	PR: 2711 Submitted by: Tomas Mraz <tmraz@redhat.com> Tolerate bad MIME headers in parser.	2012-02-23 21:50:13 +00:00
Dr. Stephen Henson	a72ce94213	prepare for next version	2012-01-18 14:27:13 +00:00
Dr. Stephen Henson	3309f8313c	prepare for release	2012-01-18 13:14:49 +00:00
Dr. Stephen Henson	875ac0ec00	fix warning	2012-01-10 14:37:00 +00:00
Dr. Stephen Henson	244788464a	update for next version	2012-01-04 23:56:13 +00:00
Dr. Stephen Henson	b3cebd5acf	prepare for 0.9.8s release	2012-01-04 19:20:49 +00:00
Dr. Stephen Henson	1db0bbdc76	Fix double free in policy check code (CVE-2011-4109)	2012-01-04 19:00:28 +00:00
Dr. Stephen Henson	0e3a930fb4	Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577)	2012-01-04 18:44:20 +00:00
Andy Polyakov	2ee77d36a0	x86-mont.pl: fix bug in integer-only squaring path [from HEAD]. PR: 2648	2011-12-09 14:28:48 +00:00
Bodo Möller	72033fde7b	Fix ecdsatest.c. Submitted by: Emilia Kasper	2011-12-02 12:40:25 +00:00
Bodo Möller	9adf3fcf9a	Fix BIO_f_buffer(). Submitted by: Adam Langley Reviewed by: Bodo Moeller	2011-12-02 12:23:57 +00:00
Andy Polyakov	65f7456652	ppc.pl: fix bug in bn_mul_comba4 [from HEAD]. PR: 2636 Submitted by: Charles Bryant	2011-11-05 10:17:06 +00:00
Dr. Stephen Henson	f8731bc2fd	PR: 2632 Submitted by: emmanuel.azencot@bull.net Reviewed by: steve Return -1 immediately if not affine coordinates as BN_CTX has not been set up.	2011-10-26 16:42:48 +00:00
Bodo Möller	195d6bf760	BN_BLINDING multi-threading fix. Submitted by: Emilia Kasper (Google)	2011-10-19 14:57:59 +00:00
Dr. Stephen Henson	6d50bce79f	PR: 2482 Submitted by: Rob Austein <sra@hactrn.net> Reviewed by: steve Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.	2011-10-09 00:56:18 +00:00
Dr. Stephen Henson	85e776885b	PR: 2606 Submitted by: Christoph Viethen <cv@kawo2.rwth-aachen.de> Reviewed by: steve Handle timezones correctly in UTCTime.	2011-09-23 13:40:06 +00:00
Bodo Möller	1c7c69a8a5	Fix memory leak on bad inputs.	2011-09-05 09:56:48 +00:00
Bodo Möller	24ad061037	Move OPENSSL_init declaration out of auto-generated code section (it is not auto-generated).	2011-09-05 09:52:58 +00:00
Dr. Stephen Henson	92f96fa721	PR: 2576 Submitted by: Doug Goldstein <cardoe@gentoo.org> Reviewed by: steve Include header file stdlib.h which is needed on some platforms to get getenv() declaration.	2011-09-02 11:20:49 +00:00
Dr. Stephen Henson	0d1e362363	PR: 2340 Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar> Reviewed by: steve Stop warnings if OPENSSL_NO_DGRAM is defined.	2011-09-01 15:03:10 +00:00
Dr. Stephen Henson	a0bf2c86ab	make timing attack protection unconditional	2011-09-01 14:23:41 +00:00
Dr. Stephen Henson	24d0524f31	PR: 2588 Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com> Reviewed by: steve Close file pointer.	2011-09-01 13:48:48 +00:00
Dr. Stephen Henson	46a1f2487e	PR: 2559 Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fix DTLS socket error bug	2011-07-20 15:20:19 +00:00
Dr. Stephen Henson	82a5049f6a	PR: 2556 (partial) Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de> Reviewed by: steve Fix OID routines. Check on encoding leading zero rejection should start at beginning of encoding. Allow for initial digit when testing when to use BIGNUMs which can increase first value by 2 * 40.	2011-07-14 12:01:08 +00:00
Andy Polyakov	d027b75b73	perlasm/cbc.pl: fix tail processing bug [from HEAD]. PR: 2557	2011-07-13 06:25:15 +00:00
Dr. Stephen Henson	87d14a3625	PR: 2470 Submitted by: Corinna Vinschen <vinschen@redhat.com> Reviewed by: steve Don't call ERR_remove_state from DllMain.	2011-06-22 15:39:19 +00:00
Dr. Stephen Henson	22152d6885	PR: 2540 Submitted by: emmanuel.azencot@bull.net Reviewed by: steve Prevent infinite loop in BN_GF2m_mod_inv().	2011-06-22 15:23:20 +00:00
Dr. Stephen Henson	102bcbce8d	correctly encode OIDs near 2^32	2011-06-22 15:15:20 +00:00
Andy Polyakov	8655de423d	rc4_skey.c [0.9.8]: at some point rc4_skey and x86[_64]cpuid were modified to examine bit#20 on x86[_64], but it was erroneously reverted to bit#28 in 2008 in process of FIPS integration.	2011-06-06 19:58:21 +00:00
Dr. Stephen Henson	bc7ee385f5	Fix the ECDSA timing attack mentioned in the paper at: http://eprint.iacr.org/2011/232.pdf Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for bringing this to our attention.	2011-05-25 14:52:54 +00:00
Dr. Stephen Henson	1e368ab08f	Fix the ECDSA timing attack mentioned in the paper at: http://eprint.iacr.org/2011/232.pdf Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for bringing this to our attention.	2011-05-25 14:43:47 +00:00
Dr. Stephen Henson	6d12b1f82b	check buffer is larger enough before overwriting	2011-04-06 18:07:12 +00:00
Bodo Möller	d430f56de6	start 0.9.8s-dev	2011-02-08 17:58:34 +00:00
Bodo Möller	957ebe98fb	OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d) Submitted by: Neel Mehta, Adam Langley, Bodo Moeller	2011-02-08 17:10:47 +00:00
Bodo Möller	9d09fc8485	Assorted bugfixes: - RLE decompression boundary case - SSL 2.0 key arg length check Submitted by: Google (Neel Mehta, Bodo Moeller)	2011-02-03 12:04:48 +00:00
Dr. Stephen Henson	a3dc628d86	PR: 2433 Submitted by: Chris Wilson <chris@qwirx.com> Reviewed by: steve Constify ASN1_STRING_set_default_mask_asc().	2011-01-24 16:21:00 +00:00
Dr. Stephen Henson	3c159fc1a5	check EC public key isn't point at infinity	2011-01-24 15:08:12 +00:00
Dr. Stephen Henson	6056afd223	PR: 1612 Submitted by: Robert Jackson <robert@rjsweb.net> Reviewed by: steve Fix EC_POINT_cmp function for case where b but not a is the point at infinity.	2011-01-24 14:42:11 +00:00
Dr. Stephen Henson	f4a4a0fdc7	PR: 2411 Submitted by: Rob Austein <sra@hactrn.net> Reviewed by: steve Fix corner cases in RFC3779 code.	2011-01-03 01:40:22 +00:00
Dr. Stephen Henson	9ad765173f	Fix escaping code for string printing. If any escaping is enabled we must escape the escape character itself (backslash).	2011-01-03 01:26:33 +00:00
Dr. Stephen Henson	c8e3c1a9b5	PR: 2410 Submitted by: Rob Austein <sra@hactrn.net> Reviewed by: steve Use OPENSSL_assert() instead of assert().	2011-01-03 01:20:03 +00:00
Dr. Stephen Henson	ae378b769a	use fips-dev not dev-fips	2011-01-03 00:43:47 +00:00
Dr. Stephen Henson	4de4e35459	PR: 2416 Submitted by: Mark Phalan <mark.phalan@oracle.com> Reviewed by: steve Use L suffix in version number.	2011-01-03 00:25:47 +00:00
Bodo Möller	5537a83e56	Add missing explicit instruction size. [CVS head and later branches have this since revision 1.7 of this file.] Submitted by: Chandler Carruth (Google)	2010-12-13 20:47:26 +00:00
Dr. Stephen Henson	b8be571868	update for next release	2010-12-02 19:42:28 +00:00
Dr. Stephen Henson	acd43bf38c	prepare for release	2010-12-02 18:53:52 +00:00
Dr. Stephen Henson	7258d33794	PR: 2386 Submitted by: Stefan Birrer <stefan.birrer@adnovum.ch> Reviewed by: steve Correct SKM_ASN1_SET_OF_d2i macro.	2010-12-02 18:02:02 +00:00
Dr. Stephen Henson	4d6af5c5d2	../comm.txt	2010-11-27 17:33:34 +00:00
Ben Laurie	efed63d783	Backport J-PAKE fix.	2010-11-26 16:03:23 +00:00
Dr. Stephen Henson	0067580321	update for next version	2010-11-16 16:35:37 +00:00
Dr. Stephen Henson	82e0073624	oops, correct version number	2010-11-16 14:56:17 +00:00
Dr. Stephen Henson	7e541b1a7f	prepare for release	2010-11-16 14:37:28 +00:00
Dr. Stephen Henson	3e8b8b8990	Submitted by: Jonathan Dixon <joth@chromium.org> Reviewed by: steve If store is NULL set flags correctly.	2010-11-02 15:57:00 +00:00
Dr. Stephen Henson	05bbbe9204	PR: 2295 Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com> Reviewed by: steve OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code elimination.	2010-10-11 23:28:54 +00:00
Dr. Stephen Henson	93fc0e0e40	We can't always read 6 bytes in an OCSP response: fix so error statuses are read correctly for non-blocking I/O.	2010-10-06 18:01:35 +00:00
Dr. Stephen Henson	6cb5746b65	Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(), this means that some implementations will be used automatically, e.g. aesni, we do this for cryptodev anyway. Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.	2010-10-03 18:55:57 +00:00
Dr. Stephen Henson	ae3b60ba99	fix bug in AES_unwrap()	2010-08-30 23:57:03 +00:00
Bodo Möller	d4ba6424a1	ECC library bugfixes. Submitted by: Emilia Kapser (Google)	2010-08-26 12:10:25 +00:00
Dr. Stephen Henson	78dcaa0609	PR: 2297 Submitted by: Antony, Benoy <bantony@ebay.com> Approved by: steve@openssl.org Fix bug in AES wrap code when t > 0xff.	2010-07-09 17:24:29 +00:00
Dr. Stephen Henson	65b4c34d86	initialise pbe_tmp	2010-07-08 16:51:48 +00:00
Andy Polyakov	d8486c312c	rand_nw.c: compensate for gcc bug (using %edx instead of %eax at -O3) [from HEAD]. PR: 2296	2010-07-08 09:15:14 +00:00
Dr. Stephen Henson	63e3676e68	fix so it is safe to repeatedly add PBE algorithms	2010-06-26 12:55:01 +00:00
Dr. Stephen Henson	1dac2cae68	prepare for next release	2010-06-16 13:40:09 +00:00
Ben Laurie	d886975835	Fix gcc 4.6 warnings. Check TLS server hello extension length.	2010-06-12 13:18:58 +00:00
Dr. Stephen Henson	22872a5363	Prepare for release.	2010-06-01 14:47:12 +00:00
Dr. Stephen Henson	82b6b541b1	Fix CVE-2010-0742	2010-06-01 14:39:57 +00:00
Dr. Stephen Henson	60a989a76e	fix PR#2261 in a different way	2010-05-31 13:17:52 +00:00
Andy Polyakov	18394ed50f	098 aes-x86_64.pl module was erroneously enabled in Win64 build without being adapted for Win64 ABI. Fix this.	2010-05-30 22:02:03 +00:00
Dr. Stephen Henson	356f164f52	PR: 2258 Submitted By: Ger Hobbelt <ger@hobbelt.com> Base64 BIO fixes: Use OPENSSL_assert() instead of assert(). Use memmove() as buffers overlap. Fix write retry logic.	2010-05-27 12:41:33 +00:00
Dr. Stephen Henson	203ef9988c	PR: 2266 Submitted By: Jonathan Gray <jsg@goblin.cx> Correct ioctl definitions.	2010-05-26 23:23:53 +00:00
Dr. Stephen Henson	59c4f46f0f	PR: 2251 Submitted by: Ger Hobbelt <ger@hobbelt.com> Approved by: steve@openssl.org Memleak, BIO chain leak and realloc checks in v3_pci.c	2010-05-22 00:31:18 +00:00
Dr. Stephen Henson	a7949b8da3	PR: 2253 Submitted By: Ger Hobbelt <ger@hobbelt.com> Check callback return value when outputting errors.	2010-05-15 00:36:40 +00:00
Andy Polyakov	b8febed96a	Prevent ERR_print_errors_fp crash on Win32 [from HEAD].	2010-04-20 20:28:30 +00:00
Andy Polyakov	c25e8ee9b3	md32_common.h: fix copy-n-paste typo. The typo was present in 098 only.	2010-03-29 11:23:11 +00:00
Dr. Stephen Henson	4525a048ec	PR: 1696 Check return value if d2i_PBEPARAM().	2010-03-28 00:42:17 +00:00
Dr. Stephen Henson	17a79eec0c	PR: 1763 Remove useless num = 0 assignment. Remove redundant cases on sock_ctrl(): default case handles them.	2010-03-27 23:28:33 +00:00
Dr. Stephen Henson	1eda14b44f	PR: 1813 Submitted by: Torsten Hilbrich <torsten.hilbrich@secunet.com> Fix memory leak when engine name cannot be loaded.	2010-03-27 18:28:24 +00:00
Richard Levitte	ab9c0ec9fc	Have an underscore before <ARCH> to make sure any future architecture name won't be mixed up with any crypto name.	2010-03-25 14:45:22 +00:00
Dr. Stephen Henson	ea5b3f5e62	PR: 2202 (partial) Submitted by: Steven M. Schweda <sms@antinode.info> Make some declarations conditional on FIPS/ENGINE. Make pqueue_print non-VAX.	2010-03-25 12:17:17 +00:00
Dr. Stephen Henson	c3c658e1c0	updates for next version	2010-03-25 12:07:04 +00:00
Dr. Stephen Henson	4fae868811	prepare for release	2010-03-24 13:16:55 +00:00
Andy Polyakov	c3484e0268	rand_win.c: fix logical bug in readscreen [from HEAD].	2010-03-22 22:44:48 +00:00
Andy Polyakov	6b0be9c73d	bss_file.c: fix MSC 6.0 warning [from HEAD].	2010-03-22 22:40:18 +00:00
Andy Polyakov	02312a91ca	ppc.pl: assembler Y chokes on apostrophes in comment.	2010-03-22 20:58:43 +00:00
Andy Polyakov	f1502a491e	Fix UPLINK typo [from HEAD].	2010-03-15 22:27:32 +00:00
Dr. Stephen Henson	cc53036744	missing goto meant signature was never printed out	2010-03-12 12:07:16 +00:00
Dr. Stephen Henson	5e8e7054f7	The OID sanity check was incorrect. It should only disallow leading 0x80 values.	2010-03-07 16:40:31 +00:00
Dr. Stephen Henson	9a542ea01d	don't add digest alias if signature algorithm is undefined	2010-03-06 20:52:33 +00:00

1 2 3 4 5 ...

4227 commits