Commit graph

5051 commits

Author SHA1 Message Date
Dr. Stephen Henson
e5bf2f5d4c Detect symmetric crypto errors in PKCS7_decrypt.
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
2012-02-27 15:23:04 +00:00
Dr. Stephen Henson
a7096946fa PR: 2711
Submitted by: Tomas Mraz <tmraz@redhat.com>

Tolerate bad MIME headers in parser.
2012-02-23 21:50:23 +00:00
Dr. Stephen Henson
4a8362a68b PR: 2696
Submitted by: Rob Austein <sra@hactrn.net>

Fix inverted range problem in RFC3779 code.

Thanks to Andrew Chi for generating test cases for this bug.
2012-02-23 21:31:10 +00:00
Dr. Stephen Henson
276eb93218 PR: 2717
Submitted by: Tim Rice <tim@multitalents.net>

Make compilation work on OpenServer 5.0.7
2012-02-12 18:25:11 +00:00
Andy Polyakov
6b1fb9179e x86_64-xlate.pl: proper solution for RT#2620 [from HEAD]. 2012-01-21 11:35:29 +00:00
Dr. Stephen Henson
702175817f prepare for next version 2012-01-18 14:27:57 +00:00
Dr. Stephen Henson
703ec840dc prepare for release 2012-01-18 13:38:34 +00:00
Andy Polyakov
7aa6d2fcf9 Fix OPNESSL vs. OPENSSL typos [from HEAD].
PR: 2613
Submitted by: Leena Heino
2012-01-15 13:40:40 +00:00
Andy Polyakov
27b1f137ff Sanitize usage of <ctype.h> functions. It's important that characters
are passed zero-extended, not sign-extended [from HEAD].
PR: 2682
2012-01-12 16:37:20 +00:00
Andy Polyakov
f63c927e8e asn1/t_x509.c: fix serial number print, harmonize with a_int.c [from HEAD].
PR: 2675
Submitted by: Annie Yousar
2012-01-12 16:36:30 +00:00
Andy Polyakov
9100840258 aes-sparcv9.pl: clean up regexp [from HEAD].
PR: 2685
2012-01-11 15:32:57 +00:00
Dr. Stephen Henson
0f32c83c91 fix warning 2012-01-10 14:37:09 +00:00
Dr. Stephen Henson
08e8d58785 update for next version 2012-01-04 23:55:26 +00:00
Dr. Stephen Henson
c90c41f09d prepare for release 2012-01-04 17:01:33 +00:00
Dr. Stephen Henson
356de7146e Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577) 2012-01-04 15:07:54 +00:00
Dr. Stephen Henson
9eab925395 fix warnings 2012-01-04 14:45:09 +00:00
Dr. Stephen Henson
ef7545a3e6 PR: 2563
Submitted by: Paul Green <Paul.Green@stratus.com>
Reviewed by: steve

Improved PRNG seeding for VOS.
2011-12-19 17:04:39 +00:00
Andy Polyakov
fecb4ff331 x86-mont.pl: fix bug in integer-only squaring path.
PR: 2648
2011-12-09 14:26:56 +00:00
Bodo Möller
47091035f1 Fix ecdsatest.c.
Submitted by: Emilia Kasper
2011-12-02 12:41:00 +00:00
Bodo Möller
f3d51d7740 Fix BIO_f_buffer().
Submitted by: Adam Langley
Reviewed by: Bodo Moeller
2011-12-02 12:24:29 +00:00
Andy Polyakov
2fb94e4861 ppc.pl: fix bug in bn_mul_comba4 [from HEAD].
PR: 2636
Submitted by: Charles Bryant
2011-11-05 10:16:46 +00:00
Dr. Stephen Henson
f53337b89c PR: 2632
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Return -1 immediately if not affine coordinates as BN_CTX has not been
set up.
2011-10-26 16:43:14 +00:00
Bodo Möller
f70a5895e3 BN_BLINDING multi-threading fix.
Submitted by: Emilia Kasper (Google)
2011-10-19 14:58:34 +00:00
Dr. Stephen Henson
42369021ed PR: 2482
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.
2011-10-09 00:56:32 +00:00
Dr. Stephen Henson
c11ada6c99 PR: 2606
Submitted by: Christoph Viethen <cv@kawo2.rwth-aachen.de>
Reviewed by: steve

Handle timezones correctly in UTCTime.
2011-09-23 13:39:45 +00:00
Dr. Stephen Henson
ab06ff6bee prepare for next version 2011-09-06 13:44:52 +00:00
Dr. Stephen Henson
bba8456e65 update versions and dates for release 2011-09-06 13:01:44 +00:00
Dr. Stephen Henson
c2a8133d1c Initialise X509_STORE_CTX properly so CRLs with nextUpdate date in the past
produce an error (CVE-2011-3207)

Fix TLS ephemeral DH crash bug (CVE-2011-3210)
2011-09-06 12:53:56 +00:00
Bodo Möller
8eaf563c41 Fix memory leak on bad inputs. 2011-09-05 09:57:03 +00:00
Bodo Möller
80d7e6b039 "make update" 2011-09-05 09:54:59 +00:00
Dr. Stephen Henson
9c44e33230 Don't use *from++ in tolower as this is implemented as a macro on some
platforms. Thanks to Shayne Murray <Shayne.Murray@Polycom.com> for
reporting this issue.
2011-09-02 11:28:05 +00:00
Dr. Stephen Henson
b86f3197b7 PR: 2576
Submitted by: Doug Goldstein <cardoe@gentoo.org>
Reviewed by: steve

Include header file stdlib.h which is needed on some platforms to get
getenv() declaration.
2011-09-02 11:20:41 +00:00
Dr. Stephen Henson
dd3a770e07 Add error checking to PKCS1_MGF1. From HEAD. 2011-09-01 15:42:38 +00:00
Dr. Stephen Henson
64763ce09b PR: 2340
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar>
Reviewed by: steve

Stop warnings if OPENSSL_NO_DGRAM is defined.
2011-09-01 15:02:53 +00:00
Dr. Stephen Henson
2fffc29bd1 make timing attack protection unconditional 2011-09-01 14:23:31 +00:00
Dr. Stephen Henson
b5bd966ea4 PR: 2589
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Initialise p pointer.
2011-09-01 13:52:27 +00:00
Dr. Stephen Henson
e71f7786e3 PR: 2588
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Close file pointer.
2011-09-01 13:48:57 +00:00
Andy Polyakov
2e4abe2ce2 Alpha assembler fixes from HEAD.
PR: 2577
2011-08-12 12:32:10 +00:00
Dr. Stephen Henson
ea294bb50e PR: 2559
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS socket error bug
2011-07-20 15:21:52 +00:00
Dr. Stephen Henson
fe8629e1a5 PR: 2556 (partial)
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve

Fix OID routines.

Check on encoding leading zero rejection should start at beginning of
encoding.

Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
2011-07-14 12:01:25 +00:00
Andy Polyakov
b680fef061 perlasm/cbc.pl: fix tail processing bug [from HEAD].
PR: 2557
2011-07-13 06:23:25 +00:00
Dr. Stephen Henson
8b9db484ed PR: 2470
Submitted by: Corinna Vinschen <vinschen@redhat.com>
Reviewed by: steve

Don't call ERR_remove_state from DllMain.
2011-06-22 15:39:00 +00:00
Dr. Stephen Henson
419a530194 PR: 2540
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Prevent infinite loop in BN_GF2m_mod_inv().
2011-06-22 15:23:32 +00:00
Dr. Stephen Henson
69a8901eb1 correctly encode OIDs near 2^32 2011-06-22 15:15:38 +00:00
Dr. Stephen Henson
2bcd08e691 make EVP_dss() work for DSA signing 2011-06-20 20:05:38 +00:00
Dr. Stephen Henson
92107f8150 Fix the ECDSA timing attack mentioned in the paper at:
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
2011-05-25 14:52:44 +00:00
Dr. Stephen Henson
e82d6a2019 Fix the ECDSA timing attack mentioned in the paper at:
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
2011-05-25 14:43:05 +00:00
Dr. Stephen Henson
dda8dcd2c0 PR: 2512
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix BIO_accept so it can be bound to IPv4 or IPv6 sockets consistently.
2011-05-25 12:36:50 +00:00
Dr. Stephen Henson
c4f1942a76 inherit HMAC flags from MD_CTX 2011-05-19 17:39:49 +00:00
Dr. Stephen Henson
51eb247d0f no need to include memory.h 2011-04-30 23:38:24 +00:00