wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
9997 commits 20 branches 302 tags 153 MiB
Commit graph

9997 commits

This branch
This branch
All branches
Author SHA1 Message Date
Dr. Stephen Henson
92aa50bc03 Fix memory leak cause by race condition when creating public keys. 
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
 2012-02-28 14:47:25 +00:00
Dr. Stephen Henson
2f31308b17 PR: 2736 
Reported by: Remi Gacogne <rgacogne-bugs@coredump.fr>

Preserve unused bits value in non-canonicalised ASN1_STRING structures
by using ASN1_STRING_copy which preseves flags.
 2012-02-27 18:45:06 +00:00
Dr. Stephen Henson
468d58e712 xn is never actually used, remove it 2012-02-27 17:07:46 +00:00
Dr. Stephen Henson
dd4b50ff6a PR: 2737 
Submitted by: Remi Gacogne <rgacogne-bugs@coredump.fr>

Fix double free in PKCS12_parse if we run out of memory.
 2012-02-27 16:46:54 +00:00
Dr. Stephen Henson
030d5b8c97 PR: 2735 
Make cryptodev digests work. Thanks to Nikos Mavrogiannopoulos for
this fix.
 2012-02-27 16:33:16 +00:00
Dr. Stephen Henson
9b73be38ab free headers after use in error message 2012-02-27 16:27:00 +00:00
Dr. Stephen Henson
e5bf2f5d4c Detect symmetric crypto errors in PKCS7_decrypt. 
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
 2012-02-27 15:23:04 +00:00
Dr. Stephen Henson
a7096946fa PR: 2711 
Submitted by: Tomas Mraz <tmraz@redhat.com>

Tolerate bad MIME headers in parser.
 2012-02-23 21:50:23 +00:00
Dr. Stephen Henson
4a8362a68b PR: 2696 
Submitted by: Rob Austein <sra@hactrn.net>

Fix inverted range problem in RFC3779 code.

Thanks to Andrew Chi for generating test cases for this bug.
 2012-02-23 21:31:10 +00:00
Dr. Stephen Henson
25128a11fb Fix bug in CVE-2011-4619: check we have really received a client hello 
before rejecting multiple SGC restarts.
 2012-02-16 15:21:46 +00:00
Dr. Stephen Henson
3deb968fec PR: 2713 
Submitted by: Tomas Mraz <tmraz@redhat.com>

Move libraries that are not needed for dynamic linking to Libs.private in
the .pc files
 2012-02-12 18:47:02 +00:00
Dr. Stephen Henson
276eb93218 PR: 2717 
Submitted by: Tim Rice <tim@multitalents.net>

Make compilation work on OpenServer 5.0.7
 2012-02-12 18:25:11 +00:00
Dr. Stephen Henson
29c33e16ac PR: 2703 
Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>

Fix some memory and resource leaks in CAPI ENGINE.
 2012-02-11 23:12:48 +00:00
Dr. Stephen Henson
bffb696f65 PR: 2705 
Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>

Only create ex_data indices once for CAPI engine.
 2012-02-11 23:07:48 +00:00
Dr. Stephen Henson
fd2d78e70b PR: 2710 
Submitted by: Tomas Mraz <tmraz@redhat.com>

Check return codes for load_certs_crls.
 2012-02-10 19:54:37 +00:00
Andy Polyakov
6b1fb9179e x86_64-xlate.pl: proper solution for RT#2620 [from HEAD]. 2012-01-21 11:35:29 +00:00
Dr. Stephen Henson
702175817f prepare for next version 2012-01-18 14:27:57 +00:00
Dr. Stephen Henson
703ec840dc prepare for release 2012-01-18 13:38:34 +00:00
Dr. Stephen Henson
04d706d42a update NEWS 2012-01-18 13:36:59 +00:00
Dr. Stephen Henson
b996cecc32 Fix for DTLS DoS issue introduced by fix for CVE-2011-4109. 
Thanks to Antonio Martin, Enterprise Secure Access Research and
Development, Cisco Systems, Inc. for discovering this bug and
preparing a fix. (CVE-2012-0050)
 2012-01-18 13:36:04 +00:00
Dr. Stephen Henson
7e927da2a5 fix CHANGES entry 2012-01-17 14:19:51 +00:00
Andy Polyakov
7aa6d2fcf9 Fix OPNESSL vs. OPENSSL typos [from HEAD]. 
PR: 2613
Submitted by: Leena Heino
 2012-01-15 13:40:40 +00:00
Andy Polyakov
27b1f137ff Sanitize usage of <ctype.h> functions. It's important that characters 
are passed zero-extended, not sign-extended [from HEAD].
PR: 2682
 2012-01-12 16:37:20 +00:00
Andy Polyakov
f63c927e8e asn1/t_x509.c: fix serial number print, harmonize with a_int.c [from HEAD]. 
PR: 2675
Submitted by: Annie Yousar
 2012-01-12 16:36:30 +00:00
Andy Polyakov
d572544a2c ecdsa.pod: typo. 
PR: 2678
Submitted by: Annie Yousar
 2012-01-11 21:42:20 +00:00
Andy Polyakov
9100840258 aes-sparcv9.pl: clean up regexp [from HEAD]. 
PR: 2685
 2012-01-11 15:32:57 +00:00
Dr. Stephen Henson
0f32c83c91 fix warning 2012-01-10 14:37:09 +00:00
Bodo Möller
80b570142d Update for 0.9.8s. 2012-01-05 13:38:47 +00:00
Bodo Möller
a99b6fcb7c Fix usage indentation 2012-01-05 13:15:50 +00:00
Bodo Möller
02d1a6b3aa Fix for builds without DTLS support. 
Submitted by: Brian Carlstrom
 2012-01-05 10:22:23 +00:00
Dr. Stephen Henson
08e8d58785 update for next version 2012-01-04 23:55:26 +00:00
Dr. Stephen Henson
c90c41f09d prepare for release 2012-01-04 17:01:33 +00:00
Dr. Stephen Henson
c47b636a2c update NEWS 2012-01-04 16:57:14 +00:00
Dr. Stephen Henson
7200b39ecd make update 2012-01-04 16:52:53 +00:00
Dr. Stephen Henson
84c95826de Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen <tuexen@fh-muenster.de> 
Reviewed by: steve

Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and
Kenny Paterson.
 2012-01-04 16:51:14 +00:00
Dr. Stephen Henson
63819e6f00 add missing part for SGC restart fix (CVE-2011-4619) 2012-01-04 16:46:10 +00:00
Dr. Stephen Henson
8206dba75c Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576) [include source patch this time!] 2012-01-04 15:38:54 +00:00
Dr. Stephen Henson
528ef87850 Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576) 2012-01-04 15:33:15 +00:00
Dr. Stephen Henson
9004c53107 Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619) 2012-01-04 15:27:54 +00:00
Dr. Stephen Henson
f47f99f295 stop warning 2012-01-04 15:26:29 +00:00
Dr. Stephen Henson
00f473b3cc Check GOST parameters are not NULL (CVE-2012-0027) 2012-01-04 15:16:20 +00:00
Dr. Stephen Henson
356de7146e Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577) 2012-01-04 15:07:54 +00:00
Dr. Stephen Henson
9eab925395 fix warnings 2012-01-04 14:45:09 +00:00
Dr. Stephen Henson
22d89c501e Submitted by: Adam Langley <agl@chromium.org> 
Reviewed by: steve

Fix memory leaks.
 2012-01-04 14:24:48 +00:00
Dr. Stephen Henson
c06916db9f PR: 2326 
Submitted by: Tianjie Mao <tjmao@tjmao.net>
Reviewed by: steve

Fix incorrect comma expressions and goto f_err as alert has been set.
 2011-12-26 19:38:19 +00:00
Dr. Stephen Henson
ef7545a3e6 PR: 2563 
Submitted by: Paul Green <Paul.Green@stratus.com>
Reviewed by: steve

Improved PRNG seeding for VOS.
 2011-12-19 17:04:39 +00:00
Andy Polyakov
fecb4ff331 x86-mont.pl: fix bug in integer-only squaring path. 
PR: 2648
 2011-12-09 14:26:56 +00:00
Dr. Stephen Henson
2a4adf19c8 The default CN prompt message can be confusing when often the CN needs to 
be the server FQDN: change it.
[Reported by PSW Group]
 2011-12-06 00:01:00 +00:00
Bodo Möller
44c854ddb9 Resolve a stack set-up race condition (if the list of compression 
methods isn't presorted, it will be sorted on first read).

Submitted by: Adam Langley
 2011-12-02 12:51:05 +00:00
Bodo Möller
47091035f1 Fix ecdsatest.c. 
Submitted by: Emilia Kasper
 2011-12-02 12:41:00 +00:00