Dr. Stephen Henson
ff1c55e983
Revert "version skew" patches that break FIPS compilation
2012-06-09 23:36:38 +00:00
Ben Laurie
835d104f46
Rearrange and test authz extension.
2012-06-07 13:20:20 +00:00
Ben Laurie
aeba1ef352
Fix memory leak.
2012-06-06 12:58:35 +00:00
Ben Laurie
49e9f751a4
Fix authz parsing.
2012-06-06 12:45:14 +00:00
Ben Laurie
ff46820da6
Version skew reduction.
2012-06-06 12:41:46 +00:00
Andy Polyakov
6fba65e20d
x86gas.pl: update from HEAD.
2012-06-04 22:14:25 +00:00
Ben Laurie
68d2cf51bc
Reduce version skew: trivia (I hope).
2012-06-03 22:03:37 +00:00
Ben Laurie
19eedffcaf
Don't insert in the middle.
2012-05-29 18:58:43 +00:00
Ben Laurie
4e14996e8a
Missing from previous commit.
2012-05-29 18:39:32 +00:00
Ben Laurie
8a02a46a5c
RFC 5878 support.
2012-05-29 17:27:48 +00:00
Ben Laurie
0de5a0feee
Work around macro issue with FreeBSD and gcc 4.6.
2012-05-18 12:40:28 +00:00
Andy Polyakov
4d321e0767
s2_clnt.c: compensate for compiler bug [from HEAD].
2012-05-16 18:22:15 +00:00
Andy Polyakov
67fda0c12e
ppccap.c: assume no features under 32-bit AIX kernel [from HEAD].
...
PR: 2810
2012-05-16 18:18:14 +00:00
Dr. Stephen Henson
1dded7f7e8
Experimental multi-implementation support for FIPS capable OpenSSL.
...
When in FIPS mode the approved implementations are used as normal,
when not in FIPS mode the internal unapproved versions are used instead.
This means that the FIPS capable OpenSSL isn't forced to use the
(often lower perfomance) FIPS implementations outside FIPS mode.
2012-05-13 18:40:12 +00:00
Dr. Stephen Henson
482f238069
PR: 2813
...
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>
Fix possible deadlock when decoding public keys.
2012-05-11 13:53:23 +00:00
Dr. Stephen Henson
5e145e54cc
PR: 2811
...
Reported by: Phil Pennock <openssl-dev@spodhuis.org>
Make renegotiation work for TLS 1.2, 1.1 by not using a lower record
version client hello workaround if renegotiating.
2012-05-11 13:33:34 +00:00
Dr. Stephen Henson
df73e68a43
PR: 2806
...
Submitted by: PK <runningdoglackey@yahoo.com>
Correct ciphersuite signature algorithm definitions.
2012-05-10 18:25:31 +00:00
Dr. Stephen Henson
e7c8483891
Sanity check record length before skipping explicit IV in TLS 1.2, 1.1 and
...
DTLS to fix DoS attack.
Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
fuzzing as a service testing platform.
(CVE-2012-2333)
2012-05-10 16:03:36 +00:00
Richard Levitte
712d523484
Don't forget to install srtp.h as well
2012-05-10 15:01:26 +00:00
Dr. Stephen Henson
24547c23ca
Reported by: Solar Designer of Openwall
...
Make sure tkeylen is initialised properly when encrypting CMS messages.
2012-05-10 13:44:24 +00:00
Richard Levitte
8baf604a39
Correct environment variable is OPENSSL_ALLOW_PROXY_CERTS.
2012-05-04 10:43:24 +00:00
Andy Polyakov
95416ce5b3
ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performance
...
of digest algorithms, mosty SHA, on Power7. Mystery of century, why SHA,
why slower algorithm are affected more... [from HEAD].
PR: 2794
Submitted by: Ashley Lai
2012-04-27 20:19:23 +00:00
Dr. Stephen Henson
a56f9a612b
Don't try to use unvalidated composite ciphers in FIPS mode
2012-04-26 18:51:26 +00:00
Andy Polyakov
0ae89cf32e
CHANGES: clarify.
2012-04-26 07:34:09 +00:00
Andy Polyakov
7e0c9630a3
CHANGES: fix typos and clarify.
2012-04-26 07:24:28 +00:00
Dr. Stephen Henson
a6df6702c6
Change value of SSL_OP_NO_TLSv1_1 to avoid clash with SSL_OP_ALL and
...
OpenSSL 1.0.0. Add CHANGES entry noting the consequences.
2012-04-25 23:06:31 +00:00
Andy Polyakov
f69abd5321
s23_clnt.c: ensure interoperability by maitaining client "version capability"
...
vector contiguous [from HEAD].
PR: 2802
2012-04-25 22:07:03 +00:00
Dr. Stephen Henson
fe9ce2b7d6
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
...
Reviewed by: steve
Improved localisation of TLS extension handling and code tidy.
2012-04-24 12:15:17 +00:00
Andy Polyakov
8e7ccf6ff7
objxref.pl: improve portability [from HEAD].
2012-04-22 21:19:41 +00:00
Dr. Stephen Henson
51b77c0337
correct error code
2012-04-22 13:31:19 +00:00
Dr. Stephen Henson
85d179d4eb
check correctness of errors before updating them so we don't get bogus errors added
2012-04-22 13:25:41 +00:00
Dr. Stephen Henson
890f5ada82
correct old FAQ answers, sync with HEAD
2012-04-22 13:21:15 +00:00
Dr. Stephen Henson
1cc8410e36
PR: 2239
...
Submitted by: Dominik Oepen <oepen@informatik.hu-berlin.de>
Add Brainpool curves from RFC5639.
Original patch by Annie Yousar <a.yousar@informatik.hu-berlin.de>
2012-04-22 13:11:48 +00:00
Andy Polyakov
6ca7af9ec0
e_rc4_hmac_md5.c: reapply commit#21726, which was erroneously omitted [from 1.0.1].
...
PR: 2797, 2792
2012-04-20 21:45:21 +00:00
Dr. Stephen Henson
bc2c8efc80
call OPENSSL_init when calling FIPS_mode too
2012-04-20 14:43:14 +00:00
Dr. Stephen Henson
00bb875240
make ciphers work again for FIPS builds
2012-04-20 00:08:32 +00:00
Andy Polyakov
c3cb563d87
e_rc4_hmac_md5.c: last commit was inappropriate for non-x86[_64] platforms
...
[from HEAD].
PR: 2792
2012-04-19 20:42:24 +00:00
Dr. Stephen Henson
d6ef8165bb
update date
2012-04-19 16:21:49 +00:00
Dr. Stephen Henson
564a503b1b
Check for potentially exploitable overflows in asn1_d2i_read_bio
...
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.
Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
2012-04-19 16:19:07 +00:00
Andy Polyakov
56eeb1b28c
Makefile.org: clear yet another environment variable [from HEAD].
...
PR: 2793
2012-04-19 06:40:21 +00:00
Dr. Stephen Henson
068fc255ac
only call FIPS_cipherinit in FIPS mode
2012-04-18 22:42:06 +00:00
Andy Polyakov
cc8f2fb917
e_rc4_hmac_md5.c: update from HEAD, fixes crash on legacy Intel CPUs.
...
PR: 2792
2012-04-18 17:51:26 +00:00
Dr. Stephen Henson
b583ebb7dd
recognise X9.42 DH certificates on servers
2012-04-18 17:03:45 +00:00
Dr. Stephen Henson
f897fe4146
correct error code
2012-04-18 15:17:39 +00:00
Bodo Möller
bb3add20f3
Disable SHA-2 ciphersuites in < TLS 1.2 connections.
...
(TLS 1.2 clients could end up negotiating these with an OpenSSL server
with TLS 1.2 disabled, which is problematic.)
Submitted by: Adam Langley
2012-04-17 15:21:29 +00:00
Dr. Stephen Henson
48e0f6667b
Additional workaround for PR#2771
...
If OPENSSL_MAX_TLS1_2_CIPHER_LENGTH is set then limit the size of client
ciphersuites to this value. A value of 50 should be sufficient.
Document workarounds in CHANGES.
2012-04-17 14:47:14 +00:00
Dr. Stephen Henson
32213fb25a
Partial workaround for PR#2771.
...
Some servers hang when presented with a client hello record length exceeding
255 bytes but will work with longer client hellos if the TLS record version
in client hello does not exceed TLS v1.0. Unfortunately this doesn't fix all
cases...
2012-04-17 13:20:37 +00:00
Andy Polyakov
f6a1939f0f
OPENSSL_NO_SOCK fixes [from HEAD].
...
PR: 2791
Submitted by: Ben Noordhuis
2012-04-16 17:43:02 +00:00
Andy Polyakov
94c666479d
Minor compatibility fixes [from HEAD].
...
PR: 2790
Submitted by: Alexei Khlebnikov
2012-04-16 17:35:48 +00:00
Andy Polyakov
09f17419a6
s3_srvr.c: fix typo [from HEAD].
...
PR: 2538
2012-04-15 17:23:54 +00:00