Commit graph

7682 commits

Author SHA1 Message Date
Bodo Möller
1a8521ff24 Fix the BIT STRING encoding of EC points or parameter seeds
(need to prevent the removal of trailing zero bits).
2006-12-19 15:10:46 +00:00
Nils Larsch
9d5460d72d properly initialize SSL context, check return value 2006-12-13 22:08:20 +00:00
Dr. Stephen Henson
35e59297fc Update from 0.9.7-stable branch 2006-12-07 13:28:07 +00:00
Dr. Stephen Henson
9b945233b1 Update from HEAD. 2006-12-06 13:38:59 +00:00
Nils Larsch
b065dc2eee fix documentation
PR: 1343
2006-12-06 09:12:28 +00:00
Nils Larsch
66c4bb1a70 avoid duplicate entries in add_cert_dir()
PR: 1407
Submitted by: Tomas Mraz <tmraz@redhat.com>
2006-12-05 21:21:10 +00:00
Nils Larsch
36abe6fe61 return 0 if 'noout' is used and no has occurred
PR: 1435
Submitted by: "Haridharan" <haridharan@gmail.com>
2006-12-05 20:08:03 +00:00
Nils Larsch
3c786aa6c8 allocate a new attributes entry in X509_REQ_add_extensions()
if it's NULL (in case of a malformed pkcs10 request)

PR: 1347
Submitted by: Remo Inverardi <invi@your.toilet.ch>
2006-12-04 19:10:58 +00:00
Nils Larsch
e5cce6d356 add "Certificate Issuer", "Issuing Distribution Point" and
"Subject Directory Attributes" OIDs

PR: 1433
2006-12-04 18:48:16 +00:00
Andy Polyakov
723b7d81e4 Camellia fixes and improvements from HEAD. 2006-12-02 12:00:27 +00:00
Andy Polyakov
a3ddd7358b Camellia portability fixes.
Submitted by: Masashi Fujita, NTT
2006-12-02 11:57:40 +00:00
Dr. Stephen Henson
45c027f31f Update dependencies. 2006-11-30 14:03:58 +00:00
Dr. Stephen Henson
3b62e9eb0d Fix default depflags. 2006-11-30 14:01:38 +00:00
Dr. Stephen Henson
34a8c7ec87 Win32 fixes.
Use OPENSSL_NO_RFC3779 instead of OPENSSL_RFC3779: this makes the Win32 scripts
work and is consistent with other options.

Fix Win32 scripts and Configure to process OPENSSL_NO_RFC3779 properly.

Update ordinals.

Change some prototypes for LSB because VC++ 6 doesn't like the */ sequence and thinks it is an invalid end of comment.
2006-11-30 13:04:43 +00:00
Nils Larsch
d4a6240005 replace macros with functions
Submitted by: Tracy Camp <tracyx.e.camp@intel.com>
2006-11-29 20:47:15 +00:00
Bodo Möller
5c6f76da0a fix support for receiving fragmented handshake messages 2006-11-29 14:45:14 +00:00
Ben Laurie
4636341b05 Add RFC 3779 support, contributed by ARIN. 2006-11-27 13:36:55 +00:00
Nils Larsch
be3b770d8f register the engine as default engine in ENGINE_set_default()
PR: 1431
2006-11-24 18:44:26 +00:00
Ulf Möller
af32387b3f wording, as in head 2006-11-21 20:51:47 +00:00
Dr. Stephen Henson
115fc340cb Rebuild error file C source files. 2006-11-21 20:14:46 +00:00
Dr. Stephen Henson
900f7a8776 Update from 0.9.7-stable.
Improve mkerr.pl header file function name parsing.
2006-11-21 20:14:05 +00:00
Dr. Stephen Henson
4877e30504 Fix from HEAD. 2006-11-13 13:23:05 +00:00
Nils Larsch
4656ec3852 update md docs 2006-10-27 21:59:48 +00:00
Andy Polyakov
e336441197 Gcc over-optimizes PadLock AES CFB codepath, tell it not to [from HEAD]. 2006-10-19 20:56:31 +00:00
Dr. Stephen Henson
20d6182f33 Typo. 2006-10-05 21:59:09 +00:00
Nils Larsch
aa145866f9 return an error if the supplied precomputed values lead to an invalid signature 2006-10-04 19:55:03 +00:00
Mark J. Cox
fdff41e166 Initialise ctx to NULL to avoid uninitialized free, noticed by
Steve Kiernan
2006-09-29 08:21:07 +00:00
Richard Levitte
07b4bc3979 APP_FILES is no longer used, remove it everywhere. 2006-09-29 06:54:39 +00:00
Bodo Möller
0c66d3ae37 fix typo 2006-09-28 13:30:28 +00:00
Bodo Möller
bd869183d5 for completeness, include 0.9.7l information 2006-09-28 13:29:08 +00:00
Richard Levitte
7e2bf83100 Fixes for the following claims:
1) Certificate Message with no certs

  OpenSSL implementation sends the Certificate message during SSL
  handshake, however as per the specification, these have been omitted.

  -- RFC 2712 --
     CertificateRequest, and the ServerKeyExchange shown in Figure 1
     will be omitted since authentication and the establishment of a
     master secret will be done using the client's Kerberos credentials
     for the TLS server.  The client's certificate will be omitted for
     the same reason.
  -- RFC 2712 --

  3) Pre-master secret Protocol version

  The pre-master secret generated by OpenSSL does not have the correct
  client version.

  RFC 2712 says, if the Kerberos option is selected, the pre-master
  secret structure is the same as that used in the RSA case.

  TLS specification defines pre-master secret as:
         struct {
             ProtocolVersion client_version;
             opaque random[46];
         } PreMasterSecret;

  where client_version is the latest protocol version supported by the
  client

  The pre-master secret generated by OpenSSL does not have the correct
  client version. The implementation does not update the first 2 bytes
  of random secret for Kerberos Cipher suites. At the server-end, the
  client version from the pre-master secret is not validated.

PR: 1336
2006-09-28 12:23:15 +00:00
Mark J. Cox
25e52a78fb After tagging, bump ready for 0.9.8e development 2006-09-28 11:39:33 +00:00
Mark J. Cox
47c4bb2ddf Prepare for 0.9.8d release 2006-09-28 11:32:42 +00:00
Mark J. Cox
951dfbb13a Introduce limits to prevent malicious keys being able to
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
2006-09-28 11:29:03 +00:00
Dr. Stephen Henson
81780a3b62 Update from HEAD. 2006-09-23 17:30:25 +00:00
Dr. Stephen Henson
c574d0cdf2 Fix from HEAD. 2006-09-22 17:14:44 +00:00
Dr. Stephen Henson
c987c3f999 Fix from HEAD. 2006-09-22 17:07:40 +00:00
Dr. Stephen Henson
1a5e414863 Fix but in apps/pkcs12.c
PR: 1377
2006-09-22 00:28:37 +00:00
Andy Polyakov
ec3639385e Build error on non-unix [from HEAD].
PR: 1390
2006-09-18 19:51:45 +00:00
Andy Polyakov
f01cfca6a4 Race condition in ms/uplink.c [from HEAD].
PR: 1382
2006-09-18 19:44:23 +00:00
Bodo Möller
7d5af5e0fa Ensure that the addition mods[i]+delta cannot overflow in probable_prime().
[Problem pointed out by Adam Young <adamy (at) acm.org>]
2006-09-18 14:01:39 +00:00
Bodo Möller
8fdb296cbd Update 2006-09-12 14:42:09 +00:00
Bodo Möller
879b30aaa3 ensure that ciphersuite strings such as "RC4-MD5" match the SSL 2.0
ciphersuite as well
2006-09-11 09:48:46 +00:00
Bodo Möller
40ddcb717a Remove non-functional part of recent patch, after discussion with
Colin Percival (this would have caused more problems than solved,
and isn't really necessary anyway)
2006-09-06 06:43:26 +00:00
Mark J. Cox
da1841a075 After tagging, prep for next release 2006-09-05 08:51:30 +00:00
Mark J. Cox
0a0a10d127 Ready for 0.9.8c release 2006-09-05 08:45:37 +00:00
Mark J. Cox
df20b6e79b Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
(CVE-2006-4339)

Submitted by:  Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
2006-09-05 08:25:42 +00:00
Dr. Stephen Henson
f4f1dc39e0 Fix from HEAD. 2006-08-31 21:01:41 +00:00
Dr. Stephen Henson
340b4dd7df Fix from HEAD. 2006-08-31 20:11:09 +00:00
Ben Laurie
4b9dcd821f Add IGE and biIGE modes. 2006-08-28 11:00:32 +00:00