wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto
History
Bodo Moeller c23746f339 Fix overly lenient comparisons: 
- EC_GROUP_cmp shouldn't consider curves equal just because
      the curve name is the same. (They really *should* be the same
      in this case, but there's an EC_GROUP_set_curve_name API,
      which could be misused.)

    - EC_POINT_cmp shouldn't return 0 for ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
      or EC_R_INCOMPATIBLE_OBJECTS errors because in a cmp API, 0 indicates
      equality (not an error).

    Reported by: king cope

(cherry picked from commit 312a46791ab465cfa3bf26764361faed0e5df014)
2013-09-16 13:13:32 +02:00
..
aes x86_64 assembly pack: make Windows build more robust [from master]. 2013-01-22 23:00:02 +01:00
asn1 Encode INTEGER correctly. 2013-03-18 14:21:03 +00:00
bf Revert the size_t modifications from HEAD that had led to more 2008-11-12 03:58:08 +00:00
bio Fix warning (hope this doesn't break other platforms, there's a twisty 2012-10-04 15:03:08 +00:00
bn bn_word.c: fix overflow bug in BN_add_word. 2013-02-05 16:46:19 +00:00
buffer correct error code 2012-04-22 13:31:37 +00:00
camellia x86_64 assembly pack: make Windows build more robust [from master]. 2013-01-22 23:00:02 +01:00
cast Constify crypto/cast. 2009-12-22 11:45:59 +00:00
cms Don't include comp.h in cmd_cd.c if OPENSSL_NO_COMP set 2013-01-23 01:14:13 +00:00
comp Assorted bugfixes: 2011-02-03 12:04:40 +00:00
conf PR: 2576 2011-09-02 11:20:41 +00:00
des PR: 2266 2010-05-26 23:23:44 +00:00
dh PR: 1644 2009-09-06 15:49:12 +00:00
dsa make EVP_dss() work for DSA signing 2011-06-20 20:05:38 +00:00
dso "make update" 2011-09-05 09:54:59 +00:00
ec Fix overly lenient comparisons: 2013-09-16 13:13:32 +02:00
ecdh Fix EC_KEY initialization race. 2012-10-05 20:51:31 +00:00
ecdsa Fix EC_KEY initialization race. 2012-10-05 20:51:31 +00:00
engine PR: 2735 2012-02-27 16:33:16 +00:00
err Don't include comp.h if no-comp set. 2013-01-20 01:12:15 +00:00
evp Fixups from previous commit. 2013-02-05 16:46:17 +00:00
hmac inherit HMAC flags from MD_CTX 2011-05-19 17:39:49 +00:00
idea
jpake J-PAKE was not correctly checking values, which could lead to attacks. 2010-11-24 13:48:12 +00:00
krb5
lhash Revert lhash patch for PR#2124 2009-12-09 15:00:20 +00:00
md2
md4
md5 x86_64 assembly pack: make Windows build more robust [from master]. 2013-01-22 23:00:02 +01:00
mdc2
modes [co]cf128.c: fix "n=0" bug [from HEAD]. 2010-04-14 07:47:53 +00:00
objects make update 2013-02-05 16:46:21 +00:00
ocsp Don't try and verify signatures if key is NULL (CVE-2013-0166) 2013-02-05 16:46:15 +00:00
pem Fix for PEM_X509_INFO_read_bio. 2013-08-06 16:05:52 +01:00
perlasm x86_64-xlate.pl: remove old kludge. 2012-03-13 19:19:57 +00:00
pkcs7 Submitted by: Markus Friedl <mfriedl@gmail.com> 2012-03-22 15:43:06 +00:00
pkcs12 PR: 2737 2012-02-27 16:46:54 +00:00
pqueue Fix warnings (From HEAD, original patch by Ben). 2010-06-15 17:25:15 +00:00
rand Fix OPNESSL vs. OPENSSL typos [from HEAD]. 2012-01-15 13:40:40 +00:00
rc2 Wire RC4 key_table to read-only segment. 2007-09-18 21:10:32 +00:00
rc4 x86_64 assembly pack: make Windows build more robust [from master]. 2013-01-22 23:00:02 +01:00
rc5 Make inline assembler clang-friendly [from HEAD]. 2010-08-02 21:54:23 +00:00
ripemd PR: 1835 2009-02-14 21:49:38 +00:00
rsa Typo. 2013-03-31 17:44:07 +01:00
seed Engage crypto/modes. 2008-12-23 11:33:01 +00:00
sha x86_64 assembly pack: make Windows build more robust [from master]. 2013-01-22 23:00:02 +01:00
stack make update 2013-02-05 16:46:21 +00:00
store Make it possible to disable STORE. 2009-02-19 09:42:51 +00:00
threads Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda). 2009-05-15 16:37:08 +00:00
ts PR: 2410 2011-01-03 01:22:09 +00:00
txt_db Change STRING to OPENSSL_STRING etc as common words such 2009-07-27 21:08:53 +00:00
ui PR: 2717 2012-02-12 18:25:11 +00:00
whrlpool x86_64 assembly pack: make Windows build more robust [from master]. 2013-01-22 23:00:02 +01:00
x509 Fix verify loop with CRL checking. 2013-08-06 16:08:15 +01:00
x509v3 Fix two bugs which affect delta CRL handling: 2012-12-06 18:25:18 +00:00
.cvsignore Apply mingw patches as supplied by Roumen Petrov an Alon Bar-Lev 2008-04-17 10:19:16 +00:00
alphacpuid.pl Alpha assembler fixes from HEAD. 2011-08-12 12:32:10 +00:00
cpt_err.c
cryptlib.c Add and use a constant-time memcmp. 2013-02-05 16:46:15 +00:00
cryptlib.h export OPENSSL_isservice and make update 2010-01-26 13:55:33 +00:00
crypto-lib.com Cosmetic: Reorder so it's more similar to the Unixly build. 2012-07-04 17:27:43 +00:00
crypto.h Add and use a constant-time memcmp. 2013-02-05 16:46:15 +00:00
cversion.c
ebcdic.c
ebcdic.h
ex_data.c Avoid warnings with -pedantic, specifically: 2008-07-04 23:12:52 +00:00
ia64cpuid.S Make assembly language versions of OPENSSL_cleanse() accept zero length 2010-02-12 17:02:13 +00:00
install-crypto.com Apply all the changes submitted by Steven M. Schweda <sms@antinode.info> 2011-03-19 09:44:53 +00:00
LPdir_nyi.c
LPdir_unix.c
LPdir_vms.c Apply all the changes submitted by Steven M. Schweda <sms@antinode.info> 2011-03-19 09:44:53 +00:00
LPdir_win.c
LPdir_win32.c
LPdir_wince.c
Makefile Replace alphacpuid.s with alphacpuid.pl to ensure it makes to release tar-balls [from HEAD]. 2010-07-26 22:09:59 +00:00
md32_common.h Make inline assembler clang-friendly [from HEAD]. 2010-08-02 21:54:23 +00:00
mem.c Check for potentially exploitable overflows in asn1_d2i_read_bio 2012-04-19 11:44:51 +00:00
mem_clr.c
mem_dbg.c PR: 1894 2009-04-16 17:22:51 +00:00
o_dir.c
o_dir.h
o_dir_test.c
o_str.c Update from HEAD. 2009-06-01 12:14:15 +00:00
o_str.h
o_time.c Apply all the changes submitted by Steven M. Schweda <sms@antinode.info> 2011-03-19 09:44:53 +00:00
o_time.h Experimental new date handling routines. These fix issues with X509_time_adj() 2008-10-07 22:55:27 +00:00
opensslconf.h.in
opensslv.h prepare for next version 2013-02-06 02:27:23 +00:00
ossl_typ.h Update from stable branch. 2008-11-11 12:23:18 +00:00
ppccpuid.pl ppccpuid.pl: branch hints in OPENSSL_cleanse impact small block performance 2012-04-27 20:21:26 +00:00
s390xcap.c s390x assembler update: add support for run-time facility detection [from HEAD]. 2010-01-19 21:40:58 +00:00
s390xcpuid.S Make assembly language versions of OPENSSL_cleanse() accept zero length 2010-02-12 17:02:13 +00:00
sparccpuid.S sparccpuid.S: work around emulator bug on T1. 2013-02-11 10:42:32 +01:00
sparcv9cap.c sparcv9cap.c: disengange Solaris-specific CPU detection routine in favour 2010-09-05 19:48:01 +00:00
symhacks.h Cosmetics: remove duplicate symbol in crypto/symhacks.h 2012-07-05 08:49:02 +00:00
uid.c
vms_rms.h Apply all the changes submitted by Steven M. Schweda <sms@antinode.info> 2011-03-19 09:44:53 +00:00
x86_64cpuid.pl x86_64 assembly pack: make Windows build more robust [from master]. 2013-01-22 23:00:02 +01:00
x86cpuid.pl x86cpuid.pl: make it work with older CPUs. 2013-03-18 19:51:13 +01:00