wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8346 commits 20 branches 302 tags 153 MiB
Commit graph

8346 commits

This branch
This branch
All branches
Author SHA1 Message Date
Dr. Stephen Henson
be70b3adce set encodedPoint to NULL after freeing it 2011-05-19 16:18:39 +00:00
Dr. Stephen Henson
6d12b1f82b check buffer is larger enough before overwriting 2011-04-06 18:07:12 +00:00
Dr. Stephen Henson
7116a41129 PR: 2462 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS Retransmission Buffer Bug
 2011-04-03 17:15:23 +00:00
Dr. Stephen Henson
7143acab25 PR: 2458 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Don't change state when answering DTLS ClientHello.
 2011-04-03 16:26:33 +00:00
Dr. Stephen Henson
11d4086d8e PR: 2457 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS fragment reassembly bug.
 2011-04-03 15:49:26 +00:00
Dr. Stephen Henson
32cd1da62e PR: 2469 
Submitted by: Jim Studt <jim@studt.net>
Reviewed by: steve

Check mac is present before trying to retrieve mac iteration count.
 2011-03-13 18:23:24 +00:00
Bodo Möller
d430f56de6 start 0.9.8s-dev 2011-02-08 17:58:34 +00:00
Bodo Möller
957ebe98fb OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d) 
Submitted by: Neel Mehta, Adam Langley, Bodo Moeller
 2011-02-08 17:10:47 +00:00
Bodo Möller
9d09fc8485 Assorted bugfixes: 
- RLE decompression boundary case
- SSL 2.0 key arg length check

Submitted by: Google (Neel Mehta, Bodo Moeller)
 2011-02-03 12:04:48 +00:00
Bodo Möller
8ea4531718 Update 0.9.7-branch section with information from 1.0.0-branch NEWS file 2011-02-03 11:44:00 +00:00
Bodo Möller
881611678e "make update" 2011-02-03 10:28:14 +00:00
Dr. Stephen Henson
a3dc628d86 PR: 2433 
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve

Constify ASN1_STRING_set_default_mask_asc().
 2011-01-24 16:21:00 +00:00
Dr. Stephen Henson
3c159fc1a5 check EC public key isn't point at infinity 2011-01-24 15:08:12 +00:00
Dr. Stephen Henson
6056afd223 PR: 1612 
Submitted by: Robert Jackson <robert@rjsweb.net>
Reviewed by: steve

Fix EC_POINT_cmp function for case where b but not a is the point at infinity.
 2011-01-24 14:42:11 +00:00
Richard Levitte
54db796991 PR: 2434 
Under Windows, there seems to be a problem relinking fips_premain_dso
because that file is locked.  Changing from backtick op to using
system() with redirection and reading the hash from the output file
seems to fix the problem.

In an ideal world, there should be no difference, as a command in a
backtick op should terminate before the backtick returns, same as it
does with system().  We suspect, though, that the loaded binary is
cached by Windows for a little while, and that reading the output from
a file provides enough delay for the lock to drop before we try to
relink.
 2011-01-20 22:12:50 +00:00
Dr. Stephen Henson
119e912a83 Since DTLS 1.0 is based on TLS 1.1 we should never return a decryption_failed 
alert.
 2011-01-04 19:33:01 +00:00
Dr. Stephen Henson
f4a4a0fdc7 PR: 2411 
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Fix corner cases in RFC3779 code.
 2011-01-03 01:40:22 +00:00
Dr. Stephen Henson
9ad765173f Fix escaping code for string printing. If *any* escaping is enabled we 
must escape the escape character itself (backslash).
 2011-01-03 01:26:33 +00:00
Dr. Stephen Henson
c8e3c1a9b5 PR: 2410 
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Use OPENSSL_assert() instead of assert().
 2011-01-03 01:20:03 +00:00
Dr. Stephen Henson
ae378b769a use fips-dev not dev-fips 2011-01-03 00:43:47 +00:00
Dr. Stephen Henson
4de4e35459 PR: 2416 
Submitted by: Mark Phalan <mark.phalan@oracle.com>
Reviewed by: steve

Use L suffix in version number.
 2011-01-03 00:25:47 +00:00
Bodo Möller
5537a83e56 Add missing explicit instruction size. 
[CVS head and later branches have this since revision 1.7 of this file.]

Submitted by: Chandler Carruth (Google)
 2010-12-13 20:47:26 +00:00
Dr. Stephen Henson
c850d322a6 add Android changes from FIPS 1.2.2 module 2010-12-11 00:30:43 +00:00
Dr. Stephen Henson
b8be571868 update for next release 2010-12-02 19:42:28 +00:00
Dr. Stephen Henson
acd43bf38c prepare for release 2010-12-02 18:53:52 +00:00
Dr. Stephen Henson
5eaf173647 update FAQ 2010-12-02 18:53:34 +00:00
Dr. Stephen Henson
7890b562bc fix for CVE-2010-4180 2010-12-02 18:49:28 +00:00
Dr. Stephen Henson
7258d33794 PR: 2386 
Submitted by: Stefan Birrer <stefan.birrer@adnovum.ch>
Reviewed by: steve

Correct SKM_ASN1_SET_OF_d2i macro.
 2010-12-02 18:02:02 +00:00
Dr. Stephen Henson
263979a2a3 use consistent FAQ between version 2010-12-02 00:11:32 +00:00
Dr. Stephen Henson
2c6d83354d update README 2010-12-01 17:50:41 +00:00
Dr. Stephen Henson
a188fc01fe oops, no corrected fix needed for 0.9.8 branch 2010-12-01 17:48:59 +00:00
Dr. Stephen Henson
1948f9e042 update NEWS 2010-12-01 17:16:36 +00:00
Dr. Stephen Henson
f7ffc3a6c9 add CVE to JPAKE fix 2010-11-29 18:47:51 +00:00
Dr. Stephen Henson
4d6af5c5d2 ../comm.txt 2010-11-27 17:33:34 +00:00
Ben Laurie
efed63d783 Backport J-PAKE fix. 2010-11-26 16:03:23 +00:00
Dr. Stephen Henson
7e351bb560 add acknowledgements file to 0.9.8 branch too 2010-11-22 16:35:15 +00:00
Dr. Stephen Henson
0067580321 update for next version 2010-11-16 16:35:37 +00:00
Dr. Stephen Henson
82e0073624 oops, correct version number 2010-11-16 14:56:17 +00:00
Dr. Stephen Henson
7e541b1a7f prepare for release 2010-11-16 14:37:28 +00:00
Dr. Stephen Henson
2ae47ddbc2 fix CVE-2010-3864 2010-11-16 14:26:18 +00:00
Dr. Stephen Henson
3e8b8b8990 Submitted by: Jonathan Dixon <joth@chromium.org> 
Reviewed by: steve

If store is NULL set flags correctly.
 2010-11-02 15:57:00 +00:00
Dr. Stephen Henson
05bbbe9204 PR: 2295 
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve

OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.
 2010-10-11 23:28:54 +00:00
Dr. Stephen Henson
a073129293 PR: 2314 
Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net>
Reviewed by: steve

Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
 2010-10-10 12:21:23 +00:00
Dr. Stephen Henson
93fc0e0e40 We can't always read 6 bytes in an OCSP response: fix so error statuses 
are read correctly for non-blocking I/O.
 2010-10-06 18:01:35 +00:00
Dr. Stephen Henson
84f1c14396 Minor documentation fixes, PR#2345 2010-10-04 13:28:15 +00:00
Dr. Stephen Henson
f10986bab4 Minor documentation fixes, PR#2344 2010-10-04 13:25:29 +00:00
Dr. Stephen Henson
6cb5746b65 Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(), 
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.

Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
 2010-10-03 18:55:57 +00:00
Dr. Stephen Henson
0061aa9f32 Don't announce tests run in empty directories 2010-09-20 23:25:07 +00:00
Dr. Stephen Henson
3926bbcf6d support customisable rm and mkdir commands 2010-09-19 15:34:23 +00:00
Dr. Stephen Henson
b5cee977c2 update FIPS script generator to make output easier to hand edit 2010-09-19 11:30:14 +00:00