Commit graph

12491 commits

Author SHA1 Message Date
Bodo Moeller
fb0e87fb67 Add TLS_FALLBACK_SCSV documentation, and move s_client -fallback_scsv
handling out of #ifndef OPENSSL_NO_DTLS1 section.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-10-15 10:43:50 +02:00
Bodo Moeller
cf6da05304 Support TLS_FALLBACK_SCSV.
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-10-15 04:03:28 +02:00
Dr. Stephen Henson
ffa08b3242 Remove reference to deleted md4.c
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-10-11 13:37:44 +01:00
Dr. Stephen Henson
f3014206a2 Disable encrypt them mac for SSL 3.0 and stream ciphers (RC4 only).
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-10-10 13:23:29 +01:00
Matt Caswell
e0fdea3e49 Removed duplicate definition of PKCS7_type_is_encrypted
Patch supplied by Matthieu Patou <mat@matws.net>, and modified to also
remove duplicate definition of PKCS7_type_is_digest.

PR#3551

Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-10-06 23:42:13 +01:00
Ben Laurie
71614df485 Fix single makefile.
Reviewed-by: Geoffrey Thorpe <geoff@geoffthorpe.net>
2014-10-06 18:07:55 +01:00
Rich Salz
5aed169305 RT3462: Document actions when data==NULL
If data is NULL, return the size needed to hold the
derived key.  No other API to do this, so document
the behavior.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-10-03 10:39:00 -04:00
Bodo Moeller
429a25b97d DTLS 1.2 support has been added to 1.0.2.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-10-02 17:56:40 +02:00
Andy Polyakov
ae4af7a067 crypto/cast/asm/cast-586.pl: +5% on PIII and remove obsolete readme.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-10-01 23:59:14 +02:00
Rich Salz
df8c39d522 RT3549: Remove obsolete files in crypto
Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-10-01 16:05:47 -04:00
Rich Salz
d5f34443ad RT2910: Remove des.c and its Makefile target
Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-09-30 16:44:10 -04:00
Rich Salz
9208640a36 RT2309: Fix podpage MMNNFFPPS->MNNFFPPS
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-09-30 16:31:11 -04:00
Dr. Stephen Henson
4b6dee2b14 Parse custom extensions after internal extensions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-30 20:10:50 +01:00
Andy Polyakov
55c7a4cf11 e_os.h: refine inline override logic (to address warnings in debug build).
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
2014-09-30 21:05:33 +02:00
Andy Polyakov
323154be33 crypto/bn/bn_nist.c: bring original failing code back for reference.
RT: 3541
Reviewed-by: Emilia Kasper <emilia@openssl.org>
2014-09-30 21:00:44 +02:00
Dr. Stephen Henson
7c4776251e Add additional explanation to CHANGES entry.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-09-29 12:25:10 +01:00
Dr. Stephen Henson
1cfd255c91 Add additional DigestInfo checks.
Reencode DigestInto in DER and check against the original: this
will reject any improperly encoded DigestInfo structures.

Note: this is a precautionary measure, there is no known attack
which can exploit this.

Thanks to Brian Smith for reporting this issue.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-09-29 12:01:05 +01:00
Rich Salz
3d81ec5b92 Remove #ifdef's for IRIX_CC_BUG
Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-09-25 14:43:24 -04:00
Rich Salz
008bef521c RT3544: Must update TABLE after Configure change
Also add comment to Configure reminding people to do that.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-09-25 13:18:22 -04:00
Emilia Kasper
fdc35a9d3e Add missing tests
Accidentally omitted from commit 455b65dfab

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-09-25 13:46:08 +02:00
Dr. Stephen Henson
5886354dcc Use correct function name: CMS_add1_signer()
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-09-25 00:03:27 +01:00
Andy Polyakov
8b07c005fe crypto/bn/bn_nist.c: work around MSC ARM compiler bug.
RT: 3541
Reviewed-by: Emilia Kasper <emilia@openssl.org>
2014-09-25 00:42:26 +02:00
Andy Polyakov
40155f4089 e_os.h: allow inline functions to be compiled by legacy compilers.
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-09-25 00:32:56 +02:00
Rich Salz
92c7846372 RT3544: Remove MWERKS support
The following #ifdef tests were all removed:
	__MWERKS__
	MAC_OS_pre_X
	MAC_OS_GUSI_SOURCE
	MAC_OS_pre_X
	OPENSSL_SYS_MACINTOSH_CLASSIC
	OPENSSL_SYS_MACOSX_RHAPSODY

Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-09-24 18:07:29 -04:00
Emilia Kasper
4aac102f75 RT3425: constant-time evp_enc
Do the final padding check in EVP_DecryptFinal_ex in constant time to
avoid a timing leak from padding failure.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-24 16:19:18 +02:00
Emilia Kasper
455b65dfab RT3067: simplify patch
(Original commit adb46dbc6d)

Use the new constant-time methods consistently in s3_srvr.c

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-09-24 15:35:02 +02:00
Emilia Kasper
294d1e36c2 RT3066: rewrite RSA padding checks to be slightly more constant time.
Also tweak s3_cbc.c to use new constant-time methods.
Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1

This patch is based on the original RT submission by Adam Langley <agl@chromium.org>,
as well as code from BoringSSL and OpenSSL.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-09-24 12:45:42 +02:00
Emilia Kasper
51b7be8d5f make update
Sync libeay.num from 1.0.2

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
2014-09-23 18:37:23 +02:00
Emilia Kasper
5f85f64f7e Note i2d_re_X509_tbs and related changes in CHANGES
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit e9128d9401)
2014-09-23 18:28:10 +02:00
Andy Polyakov
507efe7372 CHANGES: mention ECP_NISTZ256.
Reviewed-by: Bodo Moeller <bodo@openssl.org>
2014-09-23 14:54:34 +02:00
Andy Polyakov
4513b1b641 crypto/rsa/rsa_chk.c: harmonize error codes.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-09-21 23:05:13 +02:00
Andy Polyakov
be07ae9b10 crypto/ecp_nistz256.c: harmonize error codes.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-09-21 15:56:02 +02:00
Tim Hudson
b5ff559ff9 Fixed error introduced in commit f2be92b94d
that fixed PR#3450 where an existing cast masked an issue when i was changed
from int to long in that commit

Picked up on z/linux (s390) where sizeof(int)!=sizeof(long)

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-09-21 21:54:31 +10:00
Andy Polyakov
d475b2a3bf Harmonize Tru64 and Linux make rules.
RT: 3333,3165
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-20 10:20:38 +02:00
Dr. Stephen Henson
16e5b45f72 Fix warning.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-09-20 00:08:56 +01:00
Rich Salz
e8185aea87 RT3291: Add -crl and -revoke options to CA.pl
Document the new features

Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-09-18 21:45:41 -04:00
Jake Goulding
99b00fd993 RT2301: GetDIBits, not GetBitmapBits in rand_win
GetDIBits has been around since Windows2000 and
BitBitmapBits is an old Win16 compatibility function
that is much slower.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-09-18 16:41:31 -04:00
Andy Polyakov
569e2d1257 crypto/bn/asm/x86_64-mont*.pl: add missing clang detection.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-12 00:44:51 +02:00
Andy Polyakov
847147908b Configure: engage ECP_NISTZ256.
RT: 3149

Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-12 00:38:57 +02:00
Andy Polyakov
4d3fa06fce Add ECP_NISTZ256 by Shay Gueron, Intel Corp.
RT: 3149

Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-12 00:37:41 +02:00
Andy Polyakov
f54be179aa Reserve option to use BN_mod_exp_mont_consttime in ECDSA.
Submitted by Shay Gueron, Intel Corp.
RT: 3149

Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-12 00:13:20 +02:00
Andy Polyakov
902b30df19 perlasm/x86_64-xlate.pl: handle inter-bank movd.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-09-12 00:06:00 +02:00
Rich Salz
6f46c3c3b0 RT2772 update: c_rehash was broken
Move the readdir() lines out of the if statement, so
that flist is available globally.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-09-11 13:08:30 -04:00
Rich Salz
cb4bb56bae RT3271 update; extra; semi-colon; confuses; some;
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-09-10 15:08:40 -04:00
Rich Salz
b2aa38a980 RT2560: missing NULL check in ocsp_req_find_signer
If we don't find a signer in the internal list, then fall
through and look at the internal list; don't just return NULL.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-09-10 12:18:50 -04:00
Rich Salz
468ab1c20d RT2196: Clear up some README wording
Say where to email bug reports.
Mention general RT tracker info in a separate paragraph.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-09-09 17:48:27 -04:00
Matt Caswell
eb63bce040 RT3192: spurious error in DSA verify
This is funny; Ben commented in the source, Matt opend a ticket,
and Rich is doing the submit.  Need more code-review? :)

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-09-09 17:10:15 -04:00
Rich Salz
c939cca1a3 Merge branch 'master' of git.openssl.org:openssl
Previous commit was reviewed by Geoff, not Stephen:
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
2014-09-09 17:06:50 -04:00
Rich Salz
843921f298 RT3271: Don't use "if !" in shell lines
For portability don't use "if ! expr"

Reviewed-by: Geoff Thorpe <geoff@openssl.org>
2014-09-09 17:06:14 -04:00
Rich Salz
b999f66e34 RT3271: Don't use "if !" in shell lines
For portability don't use "if ! expr"

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-09-09 17:05:28 -04:00