summaryrefslogtreecommitdiffstats
path: root/crypto
AgeCommit message (Collapse)Author
2015-01-15Prepare for 1.0.1m-devOpenSSL_1_0_1-pre-reformatMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-01-15Prepare for 1.0.1l releaseOpenSSL_1_0_1lMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-01-15make updateMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-01-13Make output from openssl version -f consistent with previous versionsMatt Caswell
Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit 2d2671790ee12dedd92c97f35b6feb755b8d4374)
2015-01-13Fix warning where BIO_FLAGS_UPLINK was being redefined.Matt Caswell
This warning breaks the build in 1.0.0 and 0.9.8 Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit b1ffc6ca1c387efad0772c16dfe426afef45dc4f)
2015-01-13Avoid deprecation problems in Visual Studio 13Matt Caswell
Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit 86d21d0b9577322ac5da0114c5fac16eb49b4cef)
2015-01-10RT3662: Allow leading . in nameConstraintsDr. Stephen Henson
Change by SteveH from original by John Denker (in the RT) Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 77ff1f3b8bfaa348956c5096a2b829f2e767b4f1)
2015-01-08Fix build failure on Windows due to undefined cflags identifierMatt Caswell
Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 5c5e7e1a7eb114cf136e1ae4b6a413bc48ba41eb)
2015-01-08Prepare for 1.0.1l-devMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-01-08Prepare for 1.0.1k releaseOpenSSL_1_0_1kMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-01-08make updateMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-01-08Fix for CVE-2014-3570.Andy Polyakov
Reviewed-by: Emilia Kasper <emilia@openssl.org> (cherry picked from commit e793809ba50c1e90ab592fb640a856168e50f3de) (with 1.0.1-specific addendum)
2015-01-07Fix irix-cc build.Andy Polyakov
Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit e464403d0bda2f1f74eb68582e4988e591c32433)
2015-01-06use correct function nameDr. Stephen Henson
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit cb62ab4b17818fe66d2fed0a7fe71969131c811b)
2015-01-06Fix memory leak.Martin Brejcha
Fix memory leak by freeing up saved_message.data if it is not NULL. PR#3489 Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 41cd41c4416f545a18ead37e09e437c75fa07c95)
2015-01-05Constify ASN1_TYPE_cmp add X509_ALGOR_cmp.Dr. Stephen Henson
Reviewed-by: Emilia Käsper <emilia@openssl.org> (cherry picked from commit 4c52816d35681c0533c25fdd3abb4b7c6962302d)
2015-01-05Fix various certificate fingerprint issues.Dr. Stephen Henson
By using non-DER or invalid encodings outside the signed portion of a certificate the fingerprint can be changed without breaking the signature. Although no details of the signed portion of the certificate can be changed this can cause problems with some applications: e.g. those using the certificate fingerprint for blacklists. 1. Reject signatures with non zero unused bits. If the BIT STRING containing the signature has non zero unused bits reject the signature. All current signature algorithms require zero unused bits. 2. Check certificate algorithm consistency. Check the AlgorithmIdentifier inside TBS matches the one in the certificate signature. NB: this will result in signature failure errors for some broken certificates. 3. Check DSA/ECDSA signatures use DER. Reencode DSA/ECDSA signatures and compare with the original received signature. Return an error if there is a mismatch. This will reject various cases including garbage after signature (thanks to Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS program for discovering this case) and use of BER or invalid ASN.1 INTEGERs (negative or with leading zeroes). CVE-2014-8275 Reviewed-by: Emilia Käsper <emilia@openssl.org> (cherry picked from commit 684400ce192dac51df3d3e92b61830a6ef90be3e)
2015-01-04RT2914: NULL check missing in X509_name_canonRich Salz
Check for NULL return from X509_NAME_ENTRY_new() Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 2c60925d1ccc0b96287bdc9acb90198e7180d642)
2014-12-30dlfcn: always define _GNU_SOURCEKurt Roeckx
We need this for the freebsd kernel with glibc as used in the Debian kfreebsd ports. There shouldn't be a problem defining this on systems not using glibc. Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-20Fix incorrect OPENSSL_assert() usage.Michael Tuexen
Return an error code for I/O errors instead of an assertion failure. PR#3470 Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 2521fcd8527008ceb3e4748f95b0ed4e2d70cfef)
2014-12-19Fix a problem if CFLAGS is too long cversion.c fails to compile when configMatt Caswell
is run with --strict-warnings. Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit 488f16e31b8f5ec2513410929325d0830d76762d)
2014-12-18Return error when a bit string indicates an invalid amount of bits leftKurt Roeckx
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-12-17Reject invalid constructed encodings.Dr. Stephen Henson
According to X6.90 null, object identifier, boolean, integer and enumerated types can only have primitive encodings: return an error if any of these are received with a constructed encoding. Reviewed-by: Emilia Käsper <emilia@openssl.org> (cherry picked from commit f5e4b6b5b566320a8d774f9475540f7d0e6a704d)
2014-12-17Add a comment noting the padding oracle.Emilia Kasper
Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit 03af843039af758fc9bbb4ae6c09ec2bc715f2c5)
2014-12-17Revert "RT3425: constant-time evp_enc"Emilia Kasper
Causes more problems than it fixes: even though error codes are not part of the stable API, several users rely on the specific error code, and the change breaks them. Conversely, we don't have any concrete use-cases for constant-time behaviour here. This reverts commit f2df488a1c7402e48c21c83e937955dfe9f40bee. Reviewed-by: Andy Polyakov <appro@openssl.org>
2014-12-17Build fixesEmilia Kasper
Various build fixes, mostly uncovered by clang's unused-const-variable and unused-function errors. Reviewed-by: Kurt Roeckx <kurt@openssl.org> (cherry picked from commit 0e1c318ece3c82e96ae95a34a1badf58198d6b28)
2014-12-17Clear warnings/errors within KSSL_DEBUG code sectionsRichard Levitte
Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit 53332a75d16a5bb3b9d90c15fcf38d2e87160a52)
2014-12-17Clear warnings/errors within BN_CTX_DEBUG code sectionsRichard Levitte
Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit 553affbef7bb5dd313514e06dab5cd9b1de1835f)
2014-12-17Backport regression testBodo Möller
master branch has a specific regression test for a bug in x86_64-mont5 code, see commit cdfe0fdde6a966bdb0447de66aa04a85d99a0551. This code is now in 1.0.2/1.0.1, so also backport the test. Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit bb565cd29e34caeeaf12ecfdbe6273c2c794f5a2)
2014-12-17Check for invalid divisors in BN_div.Emilia Kasper
Invalid zero-padding in the divisor could cause a division by 0. Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit a43bcd9e96c5180e5c6c82164ece643c0097485e)
2014-12-16Add OPENSSL_NO_ECDH guardsMatt Caswell
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2014-12-15Fix unused variable warningEmilia Kasper
The temporary variable causes unused variable warnings in opt mode with clang, because the subsequent assert is compiled out. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 6af16ec5eed85390bcbd004806a842d6153d6a31)
2014-12-12Fix use of NULL memory pointer in X509_VERIFY_PARAM_new in the event of aMatt Caswell
malloc failure. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-12-03There are a number of instances throughout the code where the constant 28 isMatt Caswell
used with no explanation. Some of this was introduced as part of RT#1929. The value 28 is the length of the IP header (20 bytes) plus the UDP header (8 bytes). However use of this constant is incorrect because there may be instances where a different value is needed, e.g. an IPv4 header is 20 bytes but an IPv6 header is 40. Similarly you may not be using UDP (e.g. SCTP). This commit introduces a new BIO_CTRL that provides the value to be used for this mtu "overhead". It will be used by subsequent commits. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 0d3ae34df573f477b6b1aaf614d52dcdfcff5fce) Conflicts: crypto/bio/bss_dgram.c
2014-11-28Check for FindNextFile when defining it rather than FindFirstFileRichard Levitte
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-11-17Don't use msg on error.Jan Hykel
Don't attempt to access msg structure if recvmsg returns an error. PR#3483 Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 012aa9ec76b158179b4de44bb5de8b8472045eac)
2014-11-13Fix cross reference table generator.Dr. Stephen Henson
If the hash or public key algorithm is "undef" the signature type will receive special handling and shouldn't be included in the cross reference table. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 55f7fb8848b6e4bec291724a479e1580d6f407d6)
2014-11-12Correct timestamp output when clock_precision_digits > 0Michal Bozon
PR#3535 Reviewed-by: Stephen Henson <steve@openssl.org>
2014-11-12Fix free of garbage pointer. PR#3595Matt Caswell
Reviewed-by: Emilia Käsper <emilia@openssl.org> (cherry picked from commit e04d426bf98ebb22abf0f15b6f09d333a6e8b2ad)
2014-11-11Fix warning about negative unsigned intergersKurt Roeckx
Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-11-10Fix datarace reported by valgrind/helgrindRussell Coker
This doesn't really fix the datarace but changes it so it can only happens once. This isn't really a problem since we always just set it to the same value. We now just stop writing it after the first time. PR3584, https://bugs.debian.org/534534 Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-10-29md32_common.h: address compiler warning in HOST_c2l.Andy Polyakov
Reviewed-by: Stephen Henson <steve@openssl.org> (cherry picked from commit d45282fc7cd9b97ed1479f8b8af713337fce57f5)
2014-10-28Use only unsigned arithmetic in constant-time operationsSamuel Neves
Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Emilia Käsper <emilia@openssl.org>
2014-10-17RT3547: Add missing static qualifierKurt Cancemi
Reviewed-by: Ben Laurie <ben@openssl.org> (cherry picked from commit 87d388c955c14a7c1371f9c7555fb429a406a3d3)
2014-10-15Prepare for 1.0.1k-devMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-10-15Prepare for 1.0.1j releaseOpenSSL_1_0_1jMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-10-15Fix SSL_R naming inconsistency.Bodo Moeller
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-10-15aesni-x86_64.pl: make ECB subroutine Windows ABI compliant.Andy Polyakov
RT: 3553 Reviewed-by: Emilia Kasper <emilia@openssl.org> (cherry picked from commit 69d5747f90136aa026a96204f26ab39549dfc69b)
2014-10-15Add constant_time_locl.h to HEADERS,Tim Hudson
so the Win32 compile picks it up correctly. Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-10-15Include "constant_time_locl.h" rather than "../constant_time_locl.h".Richard Levitte
The different -I compiler parameters will take care of the rest... Reviewed-by: Tim Hudson <tjh@openssl.org>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-16 23:59:31 +0000