wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8516 commits 20 branches 302 tags 153 MiB
Commit graph

1158 commits

Author SHA1 Message Date
Dr. Stephen Henson
430b637bd5 make update 2013-02-05 16:50:36 +00:00
Dr. Stephen Henson
bb152dae8f check mval for NULL too 2012-12-04 17:26:36 +00:00
Dr. Stephen Henson
c42ab44087 fix leak 2012-12-03 16:33:54 +00:00
Dr. Stephen Henson
c571a3e984 PR: 2908 
Submitted by: Dmitry Belyavsky <beldmit@gmail.com>

Fix DH double free if parameter generation fails.
 2012-11-21 14:01:38 +00:00
Dr. Stephen Henson
92e5882aca fix memory leak 2012-09-11 13:45:42 +00:00
Dr. Stephen Henson
a9101cdcaa Always use SSLv23_{client,server}_method in s_client.c and s_server.c, 
the old code came from SSLeay days before TLS was even supported.
 2012-03-18 18:18:30 +00:00
Dr. Stephen Henson
4f2fc3c2dd Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and 
continue with symmetric decryption process to avoid leaking timing
information to an attacker.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
 2012-03-12 14:51:45 +00:00
Bodo Möller
bf240f063a Fix usage indentation 2012-01-05 13:15:29 +00:00
Dr. Stephen Henson
7183aa6b9d make update 2012-01-04 19:12:39 +00:00
Dr. Stephen Henson
24f441e0bb The default CN prompt message can be confusing when often the CN needs to 
be the server FQDN: change it.
[Reported by PSW Group]
 2011-12-06 00:01:09 +00:00
Dr. Stephen Henson
91a1d08a4c use keyformat for -x509toreq, don't hard code PEM 2011-09-23 21:49:08 +00:00
Dr. Stephen Henson
6ec9ff83f3 PR: 2347 
Submitted by: Tomas Mraz <tmraz@redhat.com>
Reviewed by: steve

Fix usage message.
 2011-09-23 13:13:02 +00:00
Dr. Stephen Henson
03e3fbb702 PR: 2527 
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve

Set cnf to NULL to avoid possible double free.
 2011-05-25 15:06:32 +00:00
Dr. Stephen Henson
32cd1da62e PR: 2469 
Submitted by: Jim Studt <jim@studt.net>
Reviewed by: steve

Check mac is present before trying to retrieve mac iteration count.
 2011-03-13 18:23:24 +00:00
Dr. Stephen Henson
50fb940f05 make WIN32 compile work again 2010-07-08 01:23:25 +00:00
Ben Laurie
d886975835 Fix gcc 4.6 warnings. Check TLS server hello extension length. 2010-06-12 13:18:58 +00:00
Dr. Stephen Henson
c1f1a03d0c PR: 2262 
Submitted By: Victor Wagner <vitus@cryptocom.ru>

Fix error reporting in load_key function.
 2010-05-27 14:09:22 +00:00
Dr. Stephen Henson
cf6a1dea19 PR: 2202 (partial) 
Submitted by: Steven M. Schweda <sms@antinode.info>

VMS fixes:
	Reduce copying into .apps and .test in makevms.com
	Don't try to use blank CA certificate in CA.com
	Allow use of C files from original directories in maketests.com
 2010-03-25 12:29:56 +00:00
Dr. Stephen Henson
4610d8dc00 don't leave bogus errors in the queue 2010-03-10 13:48:35 +00:00
Dr. Stephen Henson
b7c114f044 PR: 2183 
PR#1999 broke fork detection by assuming HAVE_FORK was set for all platforms.
Include original HAVE_FORK detection logic while allowing it to be
overridden on specific platforms with -DHAVE_FORK=1 or -DHAVE_FORK=0
 2010-03-03 19:56:00 +00:00
Richard Levitte
53b5d04715 Apply changes from the 1.0.0 branch. 2010-02-23 07:51:39 +00:00
Dr. Stephen Henson
162f1e08f8 make no-rsa no-dsa compile again 2010-02-02 14:03:07 +00:00
Dr. Stephen Henson
714044cc03 oops revert test code from previous commit 2010-01-24 13:52:38 +00:00
Dr. Stephen Henson
5598b99fb3 The fix for PR#1949 unfortunately broke cases where the BIO_CTRL_WPENDING 
ctrl is incorrectly implemented (e.g. some versions of Apache). As a workaround
call both BIO_CTRL_INFO and BIO_CTRL_WPENDING if it returns zero. This should
both address the original bug and retain compatibility with the old behaviour.
 2010-01-24 13:50:57 +00:00
Dr. Stephen Henson
444ff35029 revert patch 2010-01-19 19:10:53 +00:00
Dr. Stephen Henson
ff2549be1d PR: 2144 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Better fix for PR#2144
 2010-01-19 19:10:03 +00:00
Dr. Stephen Henson
24fc4f656c PR: 1618 
Submitted by: steve@openssl.org

Fix bug in 0.9.8-stable time handling in ca.c . NB: this only handles cases
where times are not being checked or printed properly. Issues relating to
time_t becoming negative or wrapping around are *NOT* addressed. OpenSSL
1.0.0 and later does fix these issues by using its own time routines.
 2010-01-14 17:44:46 +00:00
Dr. Stephen Henson
ccc3df8c33 New option to enable/disable connection to unpatched servers 2009-12-16 20:34:20 +00:00
Dr. Stephen Henson
59f44e810b Add ctrl and macro so we can determine if peer support secure renegotiation. 
Fix SSL_CIPHER initialiser for mcsv
 2009-12-08 13:47:28 +00:00
Dr. Stephen Henson
6cf61614e4 Replace the broken SPKAC certification with the correct version. 2009-12-02 14:39:12 +00:00
Richard Levitte
e333a8d673 Updated from 1.0.0-stable. 2009-11-12 16:59:18 +00:00
Ben Laurie
c2b78c31d6 First cut of renegotiation extension. 2009-11-08 14:51:54 +00:00
Ben Laurie
6156be4da3 Fix compilation problem. 2009-11-05 10:18:11 +00:00
Dr. Stephen Henson
e6e11f4ec3 Don't attempt session resumption if no ticket is present and session 
ID length is zero.
 2009-10-28 19:53:10 +00:00
Dr. Stephen Henson
ef62799783 PR: 1847 
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Integrated patches to CA.sh to bring it into line with CA.pl functionality.
 2009-10-15 17:28:02 +00:00
Dr. Stephen Henson
8196257f00 Cross compilation updates. 2009-10-15 14:14:35 +00:00
Dr. Stephen Henson
d7050b4424 Fix warnings about ignoring fgets return value 2009-10-04 16:43:39 +00:00
Dr. Stephen Henson
822da9ccc3 Stop unused variable warning. 2009-09-20 13:26:46 +00:00
Dr. Stephen Henson
48b30bf0e2 make update 2009-09-06 16:14:20 +00:00
Dr. Stephen Henson
197ab47bdd PR: 2028 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

Fix DTLS cookie management bugs.
 2009-09-04 17:53:30 +00:00
Richard Levitte
f78bcb8945 Moving up the inclusion of e_os.h was a bad idea. 
Put it back where it was and place an inclusion of e_os2.h to get platform
macros defined...
 2009-08-26 11:21:57 +00:00
Richard Levitte
e75445f688 Add CMS to the list of applications. 
Define EXE_DIR earlier.
Make sure S_SOCKET also gets compiled with _POSIX_C_SOURCE defined.

Submitted by Zoltan Arpadffy <zoli@polarhome.com>
 2009-08-25 07:26:25 +00:00
Richard Levitte
df51d79ec4 Move up the inclusion of e_os.h so OPENSSL_SYS_VMS_DECC has a chance 
to be properly defined.
 2009-08-25 07:24:00 +00:00
Dr. Stephen Henson
fbc4a24633 PR: 1997 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Approved by: steve@openssl.org

DTLS timeout handling fix.
 2009-08-13 15:14:32 +00:00
Dr. Stephen Henson
3008a7d819 Typo 2009-08-10 15:52:33 +00:00
Dr. Stephen Henson
233f758523 PR: 1999 
Submitted by: "Bayram Kurumahmut" <kbayram@ubicom.com>
Approved by: steve@openssl.org

Don't use HAVE_FORK in apps/speed.c it can conflict with configured version.
 2009-08-10 15:30:17 +00:00
Dr. Stephen Henson
d36e9d160b Make genrsa work again. 2009-07-26 16:06:41 +00:00
Dr. Stephen Henson
0b26e53c59 PR: 1991 
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

Print DTLS message types out with -msg arg.
 2009-07-24 11:14:56 +00:00
Dr. Stephen Henson
9aecc3e5ff Update from 1.0.0-stable. 2009-06-26 11:34:22 +00:00
Dr. Stephen Henson
efaa569c3b PR: 1943 
Submitted by: Guenter <lists@gknw.net>
Approved by: steve@openssl.org

Rename uni2asc and asc2uni on Netware to avoid a name clash.
 2009-06-17 11:55:51 +00:00