Commit graph

3765 commits

Author SHA1 Message Date
Nils Larsch
d4a6240005 replace macros with functions
Submitted by: Tracy Camp <tracyx.e.camp@intel.com>
2006-11-29 20:47:15 +00:00
Ben Laurie
4636341b05 Add RFC 3779 support, contributed by ARIN. 2006-11-27 13:36:55 +00:00
Nils Larsch
be3b770d8f register the engine as default engine in ENGINE_set_default()
PR: 1431
2006-11-24 18:44:26 +00:00
Dr. Stephen Henson
115fc340cb Rebuild error file C source files. 2006-11-21 20:14:46 +00:00
Dr. Stephen Henson
4877e30504 Fix from HEAD. 2006-11-13 13:23:05 +00:00
Andy Polyakov
e336441197 Gcc over-optimizes PadLock AES CFB codepath, tell it not to [from HEAD]. 2006-10-19 20:56:31 +00:00
Dr. Stephen Henson
20d6182f33 Typo. 2006-10-05 21:59:09 +00:00
Nils Larsch
aa145866f9 return an error if the supplied precomputed values lead to an invalid signature 2006-10-04 19:55:03 +00:00
Mark J. Cox
fdff41e166 Initialise ctx to NULL to avoid uninitialized free, noticed by
Steve Kiernan
2006-09-29 08:21:07 +00:00
Mark J. Cox
25e52a78fb After tagging, bump ready for 0.9.8e development 2006-09-28 11:39:33 +00:00
Mark J. Cox
47c4bb2ddf Prepare for 0.9.8d release 2006-09-28 11:32:42 +00:00
Mark J. Cox
951dfbb13a Introduce limits to prevent malicious keys being able to
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
2006-09-28 11:29:03 +00:00
Dr. Stephen Henson
c987c3f999 Fix from HEAD. 2006-09-22 17:07:40 +00:00
Bodo Möller
7d5af5e0fa Ensure that the addition mods[i]+delta cannot overflow in probable_prime().
[Problem pointed out by Adam Young <adamy (at) acm.org>]
2006-09-18 14:01:39 +00:00
Bodo Möller
40ddcb717a Remove non-functional part of recent patch, after discussion with
Colin Percival (this would have caused more problems than solved,
and isn't really necessary anyway)
2006-09-06 06:43:26 +00:00
Mark J. Cox
da1841a075 After tagging, prep for next release 2006-09-05 08:51:30 +00:00
Mark J. Cox
0a0a10d127 Ready for 0.9.8c release 2006-09-05 08:45:37 +00:00
Mark J. Cox
df20b6e79b Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
(CVE-2006-4339)

Submitted by:  Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
2006-09-05 08:25:42 +00:00
Dr. Stephen Henson
f4f1dc39e0 Fix from HEAD. 2006-08-31 21:01:41 +00:00
Dr. Stephen Henson
340b4dd7df Fix from HEAD. 2006-08-31 20:11:09 +00:00
Ben Laurie
4b9dcd821f Add IGE and biIGE modes. 2006-08-28 11:00:32 +00:00
Andy Polyakov
669c5c9380 Engage assembler in solaris64-x86_64-cc [backport from HEAD]. 2006-08-01 16:13:47 +00:00
Bodo Möller
d9c06b56ca New Camellia implementation (replacing previous version)
Submitted by: NTT
2006-07-19 13:38:27 +00:00
Dr. Stephen Henson
eb499b2854 Oops... 2006-07-09 12:07:22 +00:00
Dr. Stephen Henson
65a82ef6d7 Fix from HEAD. 2006-07-09 12:03:02 +00:00
Bodo Möller
5d7f15daf8 use <poll.h> as by Single Unix Specification 2006-06-30 08:14:50 +00:00
Bodo Möller
ec67e3b7e4 always read in RAND_poll() if we can't use select because of a too
large FD: it's non-blocking mode anyway
2006-06-28 14:50:00 +00:00
Andy Polyakov
0d3ff3c073 aes-586.pl sync from HEAD. 2006-06-28 09:01:40 +00:00
Andy Polyakov
325e48867c Mitigate the hazard of cache-collision timing attack on last round
[from HEAD].
2006-06-28 08:58:15 +00:00
Richard Levitte
8de95bc05b Use poll() when possible to gather Unix randomness entropy 2006-06-27 06:31:57 +00:00
Bodo Möller
4a9cfd763e Another thread-safety fix 2006-06-16 01:01:14 +00:00
Bodo Möller
1921a1adb2 "make depend" for the default configuration, i.e. no-camellia here in
the 0.9.8 branch!
2006-06-14 09:56:08 +00:00
Bodo Möller
6d2cd23f40 Thread-safety fixes 2006-06-14 08:51:41 +00:00
Bodo Möller
14fb67f28a make update 2006-06-14 08:47:00 +00:00
Richard Levitte
c552680473 Keep synchronised with Unix 2006-06-12 06:46:27 +00:00
Bodo Möller
edbf9f878d Camellia cipher, contributed by NTT
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-11 01:08:15 +00:00
Richard Levitte
2745ddfc33 Keep synchronised with the Unix build 2006-06-10 05:38:29 +00:00
Bodo Möller
808606034a Camellia cipher, contributed by NTT
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-09 22:31:05 +00:00
Bodo Möller
e18eef3d7a Camellia cipher, contributed by NTT
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
2006-06-09 15:42:21 +00:00
Dr. Stephen Henson
986ad56124 Fix from HEAD. 2006-05-17 18:20:27 +00:00
Dr. Stephen Henson
1c5dc844e7 Update for next dev version. 2006-05-04 13:08:35 +00:00
Dr. Stephen Henson
f871949efd Prepare for new release. 2006-05-04 12:46:42 +00:00
Dr. Stephen Henson
eb2ec6bee9 make update 2006-05-04 12:15:59 +00:00
Dr. Stephen Henson
db0edc3273 Inherit check time if appropriate. 2006-05-03 13:16:02 +00:00
Dr. Stephen Henson
d4426e79a7 Fix warning. 2006-04-15 17:53:52 +00:00
Dr. Stephen Henson
b095418d20 Fix from 0.9.7-stable. 2006-04-15 17:43:18 +00:00
Dr. Stephen Henson
d6fd880481 Fix on the right branch this time :-) 2006-04-15 13:17:53 +00:00
Dr. Stephen Henson
cbb0b734c7 If cipher list contains a match for an explicit ciphersuite only match that
one suite.
2006-04-15 00:22:34 +00:00
Nils Larsch
d5cc2f19cd fix error found by coverity: check if ctx is != NULL before calling BN_CTX_end() 2006-03-14 22:48:31 +00:00
Nils Larsch
b7a80146f4 fix error found by coverity: check if ctx is != NULL before calling BN_CTX_end() 2006-03-13 23:12:08 +00:00
Dr. Stephen Henson
81418b7c77 Update from HEAD. 2006-03-01 21:17:50 +00:00
Nils Larsch
e2217e7ed5 fix "#ifndef HZ" statement
PR: 1287
2006-02-28 20:08:46 +00:00
Dr. Stephen Henson
9d01d50459 Update from head. 2006-02-21 01:00:47 +00:00
Dr. Stephen Henson
e27c67c5c5 Fix from HEAD. 2006-02-19 13:45:22 +00:00
Dr. Stephen Henson
38a3178185 Fix OBJ_obj2txt() for large OIDs. 2006-02-15 15:03:47 +00:00
Nils Larsch
58828ae573 fix typo: pass pre-computed parameters to the underlying signature function; thanks to Lucas Newman 2006-02-13 08:22:39 +00:00
Nils Larsch
22d1087e16 backport recent changes from the cvs head 2006-02-08 19:16:33 +00:00
Dr. Stephen Henson
9f85fcefdc Update filenames in makefiles 2006-02-04 01:49:36 +00:00
Dr. Stephen Henson
269d2575cd Fix from HEAD. 2006-02-04 01:26:49 +00:00
Nils Larsch
0b8ed5de2d fix if statement: call conn_state() if the BIO is not in the BIO_CONN_S_OK state 2006-02-02 22:16:45 +00:00
Ben Laurie
c22684eac9 Constification. 2006-02-02 15:27:22 +00:00
Dr. Stephen Henson
c42cd4b831 Fix from HEAD. 2006-01-31 18:37:41 +00:00
Dr. Stephen Henson
02df47d349 Fixes for BOOL handling: produce errors for invalid string for mini-compiler,
correctly encode FALSE for BOOL in ASN1_TYPE.
2006-01-19 17:17:33 +00:00
Dr. Stephen Henson
41c39e3366 Fix for Win32 dynamic engine loading. 2006-01-15 17:28:35 +00:00
Nils Larsch
611ed5f312 fix comment
PR: 1270
2006-01-13 23:52:17 +00:00
Nils Larsch
27fbb5dbf4 2 is a prime number ...
PR: 1266
2006-01-13 23:29:31 +00:00
Richard Levitte
db8d9b7cf1 Forgot to initialize CC6DISABLEWARNINGS properly... 2006-01-11 18:55:49 +00:00
Richard Levitte
60ec950517 Typo... 2006-01-11 13:31:19 +00:00
Richard Levitte
2cd4ebc01f Disable the Mixed Linkage warning for some selected modules. This is
because the Compaq C compiler will not accept that a variable be
declared extern then defined static without a warning.
2006-01-09 19:22:53 +00:00
Richard Levitte
5f4dcaf781 /usr/bin/perl util/mkerr.pl -recurse -write -rebuild 2006-01-09 16:05:22 +00:00
Bodo Möller
c55d882fab Avoid contradictive error code assignments.
"make error".
2006-01-08 21:52:46 +00:00
Bodo Möller
2e885232c2 Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts) 2006-01-08 19:41:25 +00:00
Dr. Stephen Henson
970d9b3795 Update from HEAD. 2006-01-03 14:20:47 +00:00
Richard Levitte
0ae50f19da Missing files in the VMS installation 2006-01-02 23:33:06 +00:00
Andy Polyakov
25d5d1a60d eng_padlock.c update from HEAD. 2005-12-28 16:26:07 +00:00
Andy Polyakov
6ff58b9240 Minor eng_padlock.c update from HEAD. 2005-12-27 21:24:22 +00:00
Andy Polyakov
99237262d4 Missing CFLAG in couple of depend: targets [from HEAD].
PR: 1247
Submitted by: Doug Kaufman
2005-12-18 19:02:22 +00:00
Andy Polyakov
6c4da94687 bio.h update from HEAD.
PR: 1252
2005-12-16 21:24:59 +00:00
Bodo Möller
de71735e7c comment 2005-12-13 05:46:30 +00:00
Andy Polyakov
05decf3638 Perlasm update from HEAD addressing build problems on non-ELF platforms
after http://cvs.openssl.org/chngview?cn=14661.
2005-12-06 18:47:18 +00:00
Dr. Stephen Henson
7614f0e55e Various zlib related fixes and enhancements. 2005-12-05 13:34:56 +00:00
Dr. Stephen Henson
0632284f79 Fix warning. 2005-12-04 21:34:51 +00:00
Dr. Stephen Henson
ad4a89f070 Fix from HEAD. 2005-12-03 17:47:20 +00:00
Andy Polyakov
6104c49f31 x86cpuid.pl update [from HEAD]. 2005-12-03 11:57:36 +00:00
Dr. Stephen Henson
cf6bc84148 Update from HEAD. 2005-12-02 13:47:02 +00:00
Dr. Stephen Henson
36d51bea93 Update from HEAD. 2005-12-02 13:29:28 +00:00
Ben Laurie
ec7033745e Fix memory leak. 2005-11-25 14:26:12 +00:00
Dr. Stephen Henson
feef17fd88 Update from HEAD. 2005-11-20 13:26:57 +00:00
Andy Polyakov
98c045cf3a crypto/bn/asm/sparcv8plus.S update from HEAD. 2005-11-15 08:05:19 +00:00
Dr. Stephen Henson
8860f3a82a Fix possible race condition. 2005-11-11 12:59:39 +00:00
Andy Polyakov
43e9f4ca2f crypto/Makefile update from HEAD.
PR: 1236
2005-11-09 20:47:40 +00:00
Dr. Stephen Henson
abb0c2bba4 Update VC++ build engine to include supported engine DLL builds. 2005-11-06 17:49:00 +00:00
Richard Levitte
35a97b4b7b Fix numerous bugs in the Win32 path splitter 2005-11-01 07:49:47 +00:00
Richard Levitte
f59463aad3 A slight change in documentation that makes it so much more comprehensible 2005-11-01 04:56:29 +00:00
Andy Polyakov
2a87c31237 Broaden compatibility amount Win32 headers even further [from HEAD]. 2005-10-13 19:07:28 +00:00
Richard Levitte
da5f7fdcee The version text wasn't bumoed after tagging... 2005-10-11 19:26:41 +00:00
Mark J. Cox
d8b408b1de Bump after tag 2005-10-11 10:21:22 +00:00
Mark J. Cox
64932f9e4a Add fixes for CAN-2005-2969
Bump release ready for OpenSSL_0_9_8a tag
2005-10-11 10:16:21 +00:00
Richard Levitte
5a20efcf17 Synchronise with Unixly make. 2005-10-11 10:15:56 +00:00
Dr. Stephen Henson
1bef284ab1 Update from HEAD. 2005-10-05 17:53:40 +00:00
Andy Polyakov
049ced2c2f Fix typo [from HEAD]. 2005-09-29 20:18:05 +00:00
Andy Polyakov
844b0e603b Fix missing applink call [from HEAD]. 2005-09-29 16:59:19 +00:00
Richard Levitte
75ef751e23 Change a comment so it corresponds to reality. Put back a character that
was previously replaced with a NUL for parsing purposes.  This seems to
fix a very weird parsing bug involving two variable references in the same
value.
2005-09-28 18:03:06 +00:00
Dr. Stephen Henson
c4f6e56fca Avoid unused variable warnings. 2005-09-26 02:40:18 +00:00
Nils Larsch
ff86d3d894 protect BN_BLINDING_invert with a write lock and BN_BLINDING_convert
with a read lock

Submitted by: Leandro Santi <lesanti@fiuba7504.com.ar>
2005-09-22 23:32:49 +00:00
Andy Polyakov
efaf159af6 Broaden compatibility among Windows SDK versions [from HEAD]. 2005-09-22 20:29:35 +00:00
Andy Polyakov
4685663d73 Latest MSVCR80 doesn't tolerate unsupported signal numbers [from HEAD].
PR: 1205
2005-09-20 20:32:36 +00:00
Andy Polyakov
ed1f716022 "Overload" SunOS 4.x memcmp, which ruins ASN1_OBJECT table lookups [from HEAD].
PR: 1196
Submitted by: Russel Ruby
2005-09-20 20:25:17 +00:00
Andy Polyakov
cb59297438 Proper solution to nasm compilation problems in Borland context. 2005-09-20 06:15:18 +00:00
Andy Polyakov
7306ab29bc bswapl usage should be masked by I386_ONLY.
PR: 1195
2005-09-19 13:17:07 +00:00
Nils Larsch
e734dcc2c7 bugfix: register engine as default engine in ENGINE_set_default_DSA
Submitted by: Jonathon Green
2005-09-09 07:52:18 +00:00
Dr. Stephen Henson
0fce007b8e Add two extra verify flags functions. 2005-09-02 22:48:21 +00:00
Nils Larsch
5a053a3a07 fix typo in sbgp names
PR: 1194
2005-09-02 21:22:50 +00:00
Nils Larsch
7f622f6c04 fix warnings when building openssl with (gcc 3.3.1):
-Wmissing-prototypes -Wcomment -Wformat -Wimplicit -Wmain -Wmultichar
-Wswitch -Wshadow -Wtrigraphs -Werror -Wchar-subscripts
-Wstrict-prototypes -Wreturn-type -Wpointer-arith  -W -Wunused
-Wno-unused-parameter -Wuninitialized
2005-08-28 23:20:52 +00:00
Bodo Möller
9eaf7e14c7 avoid potential spurious BN_free()
Submitted by: David Heine <dlheine@suif.Stanford.EDU>
2005-08-23 04:14:55 +00:00
Ben Laurie
0e441bc103 Missing arguments. 2005-08-22 04:59:27 +00:00
Ben Laurie
9ddb11f11c Avoid weak subgroups in Diffie Hellman. 2005-08-20 18:35:53 +00:00
Andy Polyakov
9dc4ca4507 Pedantic polish to ectest.c [from HEAD]. 2005-08-11 08:44:34 +00:00
Andy Polyakov
98e986141b Windows CE update from HEAD. 2005-08-07 22:29:58 +00:00
Nils Larsch
d7e35e0371 avoid infinite recursion if dynamic engine isn't loaded
Submitted by: Jonathon Green <jonathon_au@yahoo.com>
2005-08-06 10:34:35 +00:00
Nils Larsch
62b6cd007f fix potential memory leak + improved error checking
PR: 1182
2005-08-05 09:41:24 +00:00
Dr. Stephen Henson
1682e8fb12 Allow PKCS7_decrypt() to work if no cert supplied. 2005-08-04 22:10:05 +00:00
Andy Polyakov
984aefe0e8 3-4 times better RSA/DSA performance on WIN64A target [from HEAD]. 2005-08-04 17:42:58 +00:00
Andy Polyakov
2d54cc69c9 WCE update, mostly typos [from HEAD]. 2005-08-03 20:04:05 +00:00
Andy Polyakov
2dd8278de8 PIC-ify SPARC assembler in alternative manner to eliminate dependency on
OPENSSL_PIC macro [from HEAD].
2005-08-03 10:44:29 +00:00
Andy Polyakov
e0d8ac972e Abstain from GUI calls in rand_win.c in NT service context [from HEAD]. 2005-08-02 22:22:17 +00:00
Andy Polyakov
93cf2b17bf WCE-specific fix for cryptlib.c [from HEAD]. 2005-08-02 22:21:07 +00:00
Andy Polyakov
b3c7162fd0 WCE update from HEAD. 2005-08-02 12:03:09 +00:00
Andy Polyakov
67865069eb Implement complementary LoadLibraryA shim under WCE. [from HEAD] 2005-08-02 11:03:42 +00:00
Andy Polyakov
1957924d51 Fix #if _MSC_VER clause in aes_locl.h [from HEAD]. 2005-07-30 19:49:24 +00:00
Nils Larsch
104a66f256 remove unused variable 2005-07-27 20:19:51 +00:00
Nils Larsch
3de6d65ea3 improved error checking and some fixes
PR: 1170
Submitted by: Yair Elharrar
Reviewed and edited by: Nils Larsch
2005-07-26 20:55:17 +00:00
Dr. Stephen Henson
fdb0a6e004 Update from head. 2005-07-26 12:46:53 +00:00
Nils Larsch
87b857b6bf fix BN_mod_word and give a more reasonable return value if an error occurred 2005-07-25 22:55:48 +00:00
Dr. Stephen Henson
b18165301d Update from head. 2005-07-25 18:40:09 +00:00
Nils Larsch
0cdd29ea78 Remove BN_CTX_DEBUG from the normal debug build flags (it's too noisy
to be really useful for 'normal' debugging).
Disable EC_GROUP_precompute_mult for the nist curves in ectest.c as
it causes problems when libefence is used.
2005-07-23 08:46:41 +00:00
Nils Larsch
7dec24688f set correct bn->top value 2005-07-21 22:38:16 +00:00
Nils Larsch
e62fa54811 the final byte of pkcs7 padded plaintext can never be 0
Submitted by: K S Sreeram <sreeram@tachyontech.net>
2005-07-20 22:02:25 +00:00
Andy Polyakov
1614174e79 Bug-fix from HEAD.
PR: 1130
2005-07-19 23:10:04 +00:00
Nils Larsch
f95d097359 fix typo 2005-07-17 21:05:11 +00:00
Nils Larsch
3c6ab9aad9 bugfix: 0 - w (w != 0) is actually negative 2005-07-17 16:08:21 +00:00
Nils Larsch
4913b88f70 make
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
	make all test
work again (+ make update)

PR: 1159
2005-07-16 11:13:10 +00:00
Andy Polyakov
2a824402f3 DES CFB bug-fix from HEAD. 2005-07-08 16:48:34 +00:00
Richard Levitte
86a249fe4f On case insensitive systems, 'install' gets mixed up with the existing file
'INSTALL', so we need to put some force into installing
2005-07-08 10:13:25 +00:00
Richard Levitte
750cb3d248 Now that 0.9.8 has been tagged, it's time to move on. 2005-07-05 19:11:56 +00:00
Richard Levitte
f254b540b8 Time to release OpenSSL 0.9.8.
The tag will be OpenSSL_0_9_8.
2005-07-05 18:49:43 +00:00
Andy Polyakov
b914049c53 Get rid of "unary minus applied to unsigned type" warning. 2005-07-04 23:30:31 +00:00
Andy Polyakov
dabaea8048 To secure Win64 API I'm throwing in this minimalistic Win64 support. 2005-07-04 23:24:12 +00:00
Andy Polyakov
2e39604021 Fix bugs in bug-fix to x509/by_dir.c [from HEAD].
PR: 1131
2005-07-03 13:15:53 +00:00
Andy Polyakov
fbfb947b21 Bugfix for bn_div_words PPC assembler implementation [from HEAD]. 2005-07-03 09:23:57 +00:00