generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
10,327 Commits 16 Branches 258 Tags
Commit Graph

5319 Commits

Author SHA1 Message Date
Rich Salz
189de54506 Fixed bad formatting in crypto/des/spr.h 
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 7e35f06ea908e47f87b723b5e951ffc55463eb8b)
 2015-02-05 09:46:06 -05:00
Dr. Stephen Henson
beac071b13 Make objxref.pl output in correct format 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 6922ddee1b7b1bddbe0d59a5bbdcf8ff39343434)
 2015-02-04 13:36:00 +00:00
Dr. Stephen Henson
99ff40515d Check PKCS#8 pkey field is valid before cleansing. 
PR:3683
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 52e028b9de371da62c1e51b46592517b1068d770)
 2015-02-03 14:02:34 +00:00
Matt Caswell
1804f78298 Fix formatting error in pem.h 
Reviewed-by: Andy Polyakov <appro@openssl.org>

Conflicts:
	crypto/pem/pem.h
 2015-01-22 14:15:45 +00:00
Matt Caswell
3d7a9aca8c Re-align some comments after running the reformat script. 
This should be a one off operation (subsequent invokation of the
script should not move them)

This commit is for the 1.0.0 changes

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:46:52 +00:00
Matt Caswell
4bc9913844 Rerun util/openssl-format-source -v -c . 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:46:26 +00:00
Matt Caswell
a8b966f48f Run util/openssl-format-source -v -c . 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:46:18 +00:00
Matt Caswell
e3db68b766 Yet more changes to comments 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:46:13 +00:00
Matt Caswell
31082f2127 Fix modes.h so that indent doesn't complain 
Conflicts:
	crypto/modes/modes.h

Conflicts:
	crypto/modes/modes.h

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:46:01 +00:00
Matt Caswell
5011589a0b Move more comments that confuse indent 
Conflicts:
	crypto/dsa/dsa.h
	demos/engines/ibmca/hw_ibmca.c
	ssl/ssl_locl.h

Conflicts:
	crypto/bn/rsaz_exp.c
	crypto/evp/e_aes_cbc_hmac_sha1.c
	crypto/evp/e_aes_cbc_hmac_sha256.c
	ssl/ssl_locl.h

Conflicts:
	crypto/ec/ec2_oct.c
	crypto/ec/ecp_nistp256.c
	crypto/ec/ecp_nistp521.c
	crypto/ec/ecp_nistputil.c
	crypto/ec/ecp_oct.c
	crypto/modes/gcm128.c
	ssl/ssl_locl.h

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:45:45 +00:00
Matt Caswell
b10a8451e3 Manually reformat aes_x86core.c and add it to the list of files skipped by 
openssl-format-source

Conflicts:
	crypto/aes/aes_x86core.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:45:19 +00:00
Andy Polyakov
679fee0e18 crypto/ofb128.c: make it indent-friendly. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:45:15 +00:00
Andy Polyakov
74c1dc909d modes/ctr128.c: make it indent-friendly. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:45:10 +00:00
Andy Polyakov
638f75b686 modes/cfb128.c: make it indent-friendly. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:45:05 +00:00
Matt Caswell
510edea8db Fix indent comment corruption issue 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:45:01 +00:00
Andy Polyakov
2d8e9d0c55 bn/bn_const.c: make it indent-friendly. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:44:48 +00:00
Andy Polyakov
15a9c36755 bn/asm/x86_64-gcc.cL make it indent-friendly. 
Conflicts:
	crypto/bn/asm/x86_64-gcc.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:44:42 +00:00
Andy Polyakov
a988c1edfc bn/bn_asm.c: make it indent-friendly. 
Conflicts:
	crypto/bn/bn_asm.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:44:35 +00:00
Andy Polyakov
23a79aac28 bn/bn_exp.c: make it indent-friendly. 
Conflicts:
	crypto/bn/bn_exp.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:44:29 +00:00
Matt Caswell
d8305efeb4 Manually reformat aes_core.c 
Add aes_core.c to the list of files not processed by openssl-format-source

Conflicts:
	crypto/aes/aes_core.c

Conflicts:
	crypto/aes/aes_core.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:44:22 +00:00
Matt Caswell
3ad5ae5d44 Fix strange formatting by indent 
Conflicts:
	crypto/hmac/hmac.h

Conflicts:
	crypto/evp/e_aes_cbc_hmac_sha256.c

Conflicts:
	crypto/ec/ecp_nistp224.c
	crypto/ec/ecp_nistp256.c
	crypto/ec/ecp_nistp521.c
	crypto/ec/ectest.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:44:08 +00:00
Matt Caswell
e16db4b3d7 indent has problems with comments that are on the right hand side of a line. 
Sometimes it fails to format them very well, and sometimes it corrupts them!
This commit moves some particularly problematic ones.

Conflicts:
	crypto/bn/bn.h
	crypto/ec/ec_lcl.h
	crypto/rsa/rsa.h
	demos/engines/ibmca/hw_ibmca.c
	ssl/ssl.h
	ssl/ssl3.h

Conflicts:
	crypto/ec/ec_lcl.h
	ssl/tls1.h

Conflicts:
	crypto/ec/ecp_nistp224.c
	crypto/evp/evp.h
	ssl/d1_both.c
	ssl/ssl.h
	ssl/ssl_lib.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:44:02 +00:00
Andy Polyakov
134d38bcde modes/cts128.c: make it indent-friendly. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:43:57 +00:00
Andy Polyakov
74d3242514 crypto/mem_dbg.c: make it indent-friendly. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:43:52 +00:00
Matt Caswell
6020ffc766 More indent fixes for STACK_OF 
Conflicts:
	ssl/s3_lib.c

Conflicts:
	apps/cms.c
	crypto/x509/x509_lu.c
	crypto/x509/x509_vfy.h
	ssl/s3_lib.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:43:43 +00:00
Matt Caswell
7cba857c9a Fix indent issue with functions using STACK_OF 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:43:37 +00:00
Matt Caswell
08220fec49 Fix indent issue with engine.h 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:43:32 +00:00
Andy Polyakov
7a9f1f174c crypto/cryptlib.c: make it indent-friendly. 
Conflicts:
	crypto/cryptlib.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:43:21 +00:00
Andy Polyakov
033a5fcfe8 bn/bntest.c: make it indent-friendly. 
Conflicts:
	crypto/bn/bntest.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:43:16 +00:00
Andy Polyakov
4f6930f5d3 bn/bn_recp.c: make it indent-friendly. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:43:10 +00:00
Matt Caswell
65f1d188c5 Fix source where indent will not be able to cope 
Conflicts:
	apps/ciphers.c
	ssl/s3_pkt.c

Conflicts:
	crypto/ec/ec_curve.c

Conflicts:
	crypto/ec/ec_curve.c
	ssl/s3_clnt.c
	ssl/s3_srvr.c
	ssl/ssl_sess.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:41:47 +00:00
Matt Caswell
a25d0527b7 Additional comment changes for reformat of 1.0.0 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:41:42 +00:00
Matt Caswell
89f6c5b492 Further comment amendments to preserve formatting prior to source reformat 
(cherry picked from commit 4a7fa26ffd65bf36beb8d1cb8f29fc0ae203f5c5)

Conflicts:
	crypto/x509v3/pcy_tree.c

Conflicts:
	apps/apps.c
	ssl/ssltest.c

Conflicts:
	apps/apps.c
	crypto/ec/ec2_oct.c
	crypto/ec/ecp_nistp224.c
	crypto/ec/ecp_nistp256.c
	crypto/ec/ecp_nistp521.c
	ssl/s3_cbc.c
	ssl/ssl_sess.c
	ssl/t1_lib.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:41:33 +00:00
Tim Hudson
f326f6544d mark all block comments that need format preserving so that 
indent will not alter them when reformatting comments

(cherry picked from commit 1d97c8435171a7af575f73c526d79e1ef0ee5960)

Conflicts:
	crypto/bn/bn_lcl.h
	crypto/bn/bn_prime.c
	crypto/engine/eng_all.c
	crypto/rc4/rc4_utl.c
	crypto/sha/sha.h
	ssl/kssl.c
	ssl/t1_lib.c

Conflicts:
	crypto/rc4/rc4_enc.c
	crypto/x509v3/v3_scts.c
	crypto/x509v3/v3nametest.c
	ssl/d1_both.c
	ssl/s3_srvr.c
	ssl/ssl.h
	ssl/ssl_locl.h
	ssl/ssltest.c
	ssl/t1_lib.c

Conflicts:
	crypto/asn1/a_sign.c
	crypto/bn/bn_div.c
	crypto/dsa/dsa_asn1.c
	crypto/ec/ecp_nistp224.c
	crypto/ec/ecp_nistp256.c
	crypto/ec/ecp_nistp521.c
	crypto/ec/ecp_nistputil.c
	crypto/modes/gcm128.c
	crypto/opensslv.h
	ssl/d1_both.c
	ssl/heartbeat_test.c
	ssl/s3_clnt.c
	ssl/s3_srvr.c
	ssl/ssl_sess.c
	ssl/t1_lib.c
	test/testutil.h

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:41:18 +00:00
Matt Caswell
569c68744a Prepare for 1.0.0r-dev 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2015-01-15 15:01:09 +00:00
Matt Caswell
cdac2e8928 Prepare for 1.0.0q release 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2015-01-15 14:56:27 +00:00
Matt Caswell
01fb34ad43 make update 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2015-01-15 14:56:27 +00:00
Richard Levitte
0c8dc6ebe5 Fixup installation script for VMS 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-01-14 19:17:17 +01:00
Matt Caswell
36f309c50a Make output from openssl version -f consistent with previous versions 
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 2d2671790ee12dedd92c97f35b6feb755b8d4374)
 2015-01-13 11:29:21 +00:00
Matt Caswell
94e5cf36bd Fix warning where BIO_FLAGS_UPLINK was being redefined. 
This warning breaks the build in 1.0.0 and 0.9.8

Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit b1ffc6ca1c387efad0772c16dfe426afef45dc4f)
 2015-01-13 11:25:55 +00:00
Matt Caswell
23df532ec4 Avoid deprecation problems in Visual Studio 13 
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 86d21d0b9577322ac5da0114c5fac16eb49b4cef)
 2015-01-13 09:48:38 +00:00
Matt Caswell
181ae2badb Fix build failure on Windows due to undefined cflags identifier 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 5c5e7e1a7eb114cf136e1ae4b6a413bc48ba41eb)
 2015-01-08 19:28:43 +00:00
Matt Caswell
a98051fb47 Prepare for 1.0.0q-dev 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2015-01-08 14:23:38 +00:00
Matt Caswell
225628f280 Prepare for 1.0.0p release 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2015-01-08 14:21:42 +00:00
Matt Caswell
ca39b261bf make update 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2015-01-08 14:21:42 +00:00
Andy Polyakov
eb37b6aa41 Fix for CVE-2014-3570. 
Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2015-01-08 11:25:45 +00:00
Dr. Stephen Henson
9f028e4a78 use correct function name 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit cb62ab4b17818fe66d2fed0a7fe71969131c811b)
 2015-01-06 21:05:07 +00:00
Dr. Stephen Henson
208a6012be Fix various certificate fingerprint issues. 
By using non-DER or invalid encodings outside the signed portion of a
certificate the fingerprint can be changed without breaking the signature.
Although no details of the signed portion of the certificate can be changed
this can cause problems with some applications: e.g. those using the
certificate fingerprint for blacklists.

1. Reject signatures with non zero unused bits.

If the BIT STRING containing the signature has non zero unused bits reject
the signature. All current signature algorithms require zero unused bits.

2. Check certificate algorithm consistency.

Check the AlgorithmIdentifier inside TBS matches the one in the
certificate signature. NB: this will result in signature failure
errors for some broken certificates.

3. Check DSA/ECDSA signatures use DER.

Reencode DSA/ECDSA signatures and compare with the original received
signature. Return an error if there is a mismatch.

This will reject various cases including garbage after signature
(thanks to Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS
program for discovering this case) and use of BER or invalid ASN.1 INTEGERs
(negative or with leading zeroes).

CVE-2014-8275
Reviewed-by: Emilia Käsper <emilia@openssl.org>

(cherry picked from commit 684400ce192dac51df3d3e92b61830a6ef90be3e)

Conflicts:
	CHANGES
	crypto/dsa/dsa_asn1.c
 2015-01-05 15:06:15 +00:00
Dr. Stephen Henson
d7f8a7cafd Constify ASN1_TYPE_cmp add X509_ALGOR_cmp. 
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 4c52816d35681c0533c25fdd3abb4b7c6962302d)

Conflicts:
	crypto/asn1/x_algor.c
	crypto/x509/x509.h
 2015-01-05 14:57:39 +00:00
Dr. Stephen Henson
0f1c30b00d Reject invalid constructed encodings. 
According to X6.90 null, object identifier, boolean, integer and enumerated
types can only have primitive encodings: return an error if any of
these are received with a constructed encoding.
Reviewed-by: Emilia Käsper <emilia@openssl.org>

(cherry picked from commit f5e4b6b5b566320a8d774f9475540f7d0e6a704d)

Conflicts:
	crypto/asn1/asn1_err.c
 2015-01-05 14:39:07 +00:00