wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9639 commits 20 branches 302 tags 153 MiB
Commit graph

9639 commits

This branch
This branch
All branches
Author SHA1 Message Date
Bodo Möller
d41bbd0db5 use -no_ecdhe when using -no_dhe 2011-10-13 15:05:50 +00:00
Bodo Möller
49956294fc Clarify warning 2011-10-13 13:24:37 +00:00
Bodo Möller
48373e55d1 In ssl3_clear, preserve s3->init_extra along with s3->rbuf. 
Submitted by: Bob Buckholz <bbuckholz@google.com>
 2011-10-13 13:05:12 +00:00
Dr. Stephen Henson
42369021ed PR: 2482 
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.
 2011-10-09 00:56:32 +00:00
Dr. Stephen Henson
b00fe7ce18 fix signed/unsigned warning 2011-09-26 17:04:49 +00:00
Dr. Stephen Henson
872e3fd502 use keyformat for -x509toreq, don't hard code PEM 2011-09-23 21:48:59 +00:00
Dr. Stephen Henson
c11ada6c99 PR: 2606 
Submitted by: Christoph Viethen <cv@kawo2.rwth-aachen.de>
Reviewed by: steve

Handle timezones correctly in UTCTime.
 2011-09-23 13:39:45 +00:00
Dr. Stephen Henson
8f0968850b PR: 2602 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS bug which prevents manual MTU setting
 2011-09-23 13:35:19 +00:00
Dr. Stephen Henson
0b96f60a56 PR: 2347 
Submitted by: Tomas Mraz <tmraz@redhat.com>
Reviewed by: steve

Fix usage message.
 2011-09-23 13:12:52 +00:00
Dr. Stephen Henson
ab06ff6bee prepare for next version 2011-09-06 13:44:52 +00:00
Dr. Stephen Henson
bba8456e65 update versions and dates for release 2011-09-06 13:01:44 +00:00
Dr. Stephen Henson
b493a05720 update NEWS 2011-09-06 12:56:21 +00:00
Dr. Stephen Henson
c2a8133d1c Initialise X509_STORE_CTX properly so CRLs with nextUpdate date in the past 
produce an error (CVE-2011-3207)

Fix TLS ephemeral DH crash bug (CVE-2011-3210)
 2011-09-06 12:53:56 +00:00
Bodo Möller
e935440ad7 (EC)DH memory handling fixes. 
Submitted by: Adam Langley
 2011-09-05 10:25:21 +00:00
Bodo Möller
8eaf563c41 Fix memory leak on bad inputs. 2011-09-05 09:57:03 +00:00
Bodo Möller
80d7e6b039 "make update" 2011-09-05 09:54:59 +00:00
Dr. Stephen Henson
9c44e33230 Don't use *from++ in tolower as this is implemented as a macro on some 
platforms. Thanks to Shayne Murray <Shayne.Murray@Polycom.com> for
reporting this issue.
 2011-09-02 11:28:05 +00:00
Dr. Stephen Henson
b86f3197b7 PR: 2576 
Submitted by: Doug Goldstein <cardoe@gentoo.org>
Reviewed by: steve

Include header file stdlib.h which is needed on some platforms to get
getenv() declaration.
 2011-09-02 11:20:41 +00:00
Dr. Stephen Henson
0875c00584 update NEWS 2011-09-01 17:08:44 +00:00
Dr. Stephen Henson
dd3a770e07 Add error checking to PKCS1_MGF1. From HEAD. 2011-09-01 15:42:38 +00:00
Dr. Stephen Henson
64763ce09b PR: 2340 
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar>
Reviewed by: steve

Stop warnings if OPENSSL_NO_DGRAM is defined.
 2011-09-01 15:02:53 +00:00
Dr. Stephen Henson
2fffc29bd1 make timing attack protection unconditional 2011-09-01 14:23:31 +00:00
Dr. Stephen Henson
d2650c3a4a PR: 2573 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS buffering and decryption bug.
 2011-09-01 14:02:02 +00:00
Dr. Stephen Henson
b5bd966ea4 PR: 2589 
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Initialise p pointer.
 2011-09-01 13:52:27 +00:00
Dr. Stephen Henson
e71f7786e3 PR: 2588 
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Close file pointer.
 2011-09-01 13:48:57 +00:00
Dr. Stephen Henson
e3b95e6b24 PR: 2586 
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Zero structure fields properly.
 2011-09-01 13:45:25 +00:00
Dr. Stephen Henson
658eeec7cd PR: 2586 
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Fix brace mismatch.
 2011-09-01 13:37:20 +00:00
Dr. Stephen Henson
e1c3d65f08 Remove hard coded ecdsaWithSHA1 hack in ssl routines and check for RSA 
using OBJ xref utilities instead of string comparison with OID name.

This removes the arbitrary restriction on using SHA1 only with some ECC
ciphersuites.
 2011-08-14 13:48:42 +00:00
Andy Polyakov
2e4abe2ce2 Alpha assembler fixes from HEAD. 
PR: 2577
 2011-08-12 12:32:10 +00:00
Dr. Stephen Henson
ea294bb50e PR: 2559 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS socket error bug
 2011-07-20 15:21:52 +00:00
Dr. Stephen Henson
b58ea0b941 PR: 2555 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS sequence number bug
 2011-07-20 15:17:33 +00:00
Dr. Stephen Henson
16067fe5fd PR: 2550 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS HelloVerifyRequest Timer bug
 2011-07-20 15:13:16 +00:00
Andy Polyakov
f2e9070f26 config: detect if assembler supports --noexecstack and pass it down [from HEAD]. 2011-07-15 19:59:18 +00:00
Dr. Stephen Henson
fe8629e1a5 PR: 2556 (partial) 
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve

Fix OID routines.

Check on encoding leading zero rejection should start at beginning of
encoding.

Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
 2011-07-14 12:01:25 +00:00
Andy Polyakov
2a12eff4b2 ms/uplink.c: fix Visual Studio 2010 warning [from HEAD]. 2011-07-13 14:55:11 +00:00
Andy Polyakov
b680fef061 perlasm/cbc.pl: fix tail processing bug [from HEAD]. 
PR: 2557
 2011-07-13 06:23:25 +00:00
Bodo Möller
7f7414e054 Fix typo. 
Submitted by: Jim Morrison
 2011-07-11 12:13:50 +00:00
Dr. Stephen Henson
8b9db484ed PR: 2470 
Submitted by: Corinna Vinschen <vinschen@redhat.com>
Reviewed by: steve

Don't call ERR_remove_state from DllMain.
 2011-06-22 15:39:00 +00:00
Dr. Stephen Henson
f59f2fcbff PR: 2543 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Correctly handle errors in DTLSv1_handle_timeout()
 2011-06-22 15:29:55 +00:00
Dr. Stephen Henson
419a530194 PR: 2540 
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Prevent infinite loop in BN_GF2m_mod_inv().
 2011-06-22 15:23:32 +00:00
Dr. Stephen Henson
69a8901eb1 correctly encode OIDs near 2^32 2011-06-22 15:15:38 +00:00
Dr. Stephen Henson
2bcd08e691 make EVP_dss() work for DSA signing 2011-06-20 20:05:38 +00:00
Bodo Möller
167d692925 Complete the version history (include information on unreleased 
version 0.9.8s to show full information).
 2011-06-15 14:21:17 +00:00
Dr. Stephen Henson
025ee1dbde fix memory leak 2011-06-08 15:56:20 +00:00
Dr. Stephen Henson
dce7b92d0b PR: 2533 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Setting SSL_MODE_RELEASE_BUFFERS should be ignored for DTLS, but instead causes
the program to crash. This is due to missing version checks and is fixed with
this patch.
 2011-05-25 15:21:12 +00:00
Dr. Stephen Henson
db886c2a2b PR: 2529 
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve

Call ssl_new() to reallocate SSL BIO internals if we want to replace
the existing internal SSL structure.
 2011-05-25 15:15:52 +00:00
Dr. Stephen Henson
4d43129446 PR: 2527 
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve

Set cnf to NULL to avoid possible double free.
 2011-05-25 15:06:05 +00:00
Dr. Stephen Henson
92107f8150 Fix the ECDSA timing attack mentioned in the paper at: 
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
 2011-05-25 14:52:44 +00:00
Dr. Stephen Henson
e82d6a2019 Fix the ECDSA timing attack mentioned in the paper at: 
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
 2011-05-25 14:43:05 +00:00
Dr. Stephen Henson
4e5755cd85 Oops use up to date patch for PR#2506 2011-05-25 14:29:55 +00:00