generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
9,685 Commits 16 Branches 258 Tags
Commit Graph

9685 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dr. Stephen Henson
29c33e16ac PR: 2703 
Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>

Fix some memory and resource leaks in CAPI ENGINE.
 2012-02-11 23:12:48 +00:00
Dr. Stephen Henson
bffb696f65 PR: 2705 
Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>

Only create ex_data indices once for CAPI engine.
 2012-02-11 23:07:48 +00:00
Dr. Stephen Henson
fd2d78e70b PR: 2710 
Submitted by: Tomas Mraz <tmraz@redhat.com>

Check return codes for load_certs_crls.
 2012-02-10 19:54:37 +00:00
Andy Polyakov
6b1fb9179e x86_64-xlate.pl: proper solution for RT#2620 [from HEAD]. 2012-01-21 11:35:29 +00:00
Dr. Stephen Henson
702175817f prepare for next version 2012-01-18 14:27:57 +00:00
Dr. Stephen Henson
703ec840dc prepare for release OpenSSL_1_0_0g 2012-01-18 13:38:34 +00:00
Dr. Stephen Henson
04d706d42a update NEWS 2012-01-18 13:36:59 +00:00
Dr. Stephen Henson
b996cecc32 Fix for DTLS DoS issue introduced by fix for CVE-2011-4109. 
Thanks to Antonio Martin, Enterprise Secure Access Research and
Development, Cisco Systems, Inc. for discovering this bug and
preparing a fix. (CVE-2012-0050)
 2012-01-18 13:36:04 +00:00
Dr. Stephen Henson
7e927da2a5 fix CHANGES entry 2012-01-17 14:19:51 +00:00
Andy Polyakov
7aa6d2fcf9 Fix OPNESSL vs. OPENSSL typos [from HEAD]. 
PR: 2613
Submitted by: Leena Heino
 2012-01-15 13:40:40 +00:00
Andy Polyakov
27b1f137ff Sanitize usage of <ctype.h> functions. It's important that characters 
are passed zero-extended, not sign-extended [from HEAD].
PR: 2682
 2012-01-12 16:37:20 +00:00
Andy Polyakov
f63c927e8e asn1/t_x509.c: fix serial number print, harmonize with a_int.c [from HEAD]. 
PR: 2675
Submitted by: Annie Yousar
 2012-01-12 16:36:30 +00:00
Andy Polyakov
d572544a2c ecdsa.pod: typo. 
PR: 2678
Submitted by: Annie Yousar
 2012-01-11 21:42:20 +00:00
Andy Polyakov
9100840258 aes-sparcv9.pl: clean up regexp [from HEAD]. 
PR: 2685
 2012-01-11 15:32:57 +00:00
Dr. Stephen Henson
0f32c83c91 fix warning 2012-01-10 14:37:09 +00:00
Bodo Möller
80b570142d Update for 0.9.8s. 2012-01-05 13:38:47 +00:00
Bodo Möller
a99b6fcb7c Fix usage indentation 2012-01-05 13:15:50 +00:00
Bodo Möller
02d1a6b3aa Fix for builds without DTLS support. 
Submitted by: Brian Carlstrom
 2012-01-05 10:22:23 +00:00
Dr. Stephen Henson
08e8d58785 update for next version 2012-01-04 23:55:26 +00:00
Dr. Stephen Henson
c90c41f09d prepare for release OpenSSL_1_0_0f 2012-01-04 17:01:33 +00:00
Dr. Stephen Henson
c47b636a2c update NEWS 2012-01-04 16:57:14 +00:00
Dr. Stephen Henson
7200b39ecd make update 2012-01-04 16:52:53 +00:00
Dr. Stephen Henson
84c95826de Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen <tuexen@fh-muenster.de> 
Reviewed by: steve

Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and
Kenny Paterson.
 2012-01-04 16:51:14 +00:00
Dr. Stephen Henson
63819e6f00 add missing part for SGC restart fix (CVE-2011-4619) 2012-01-04 16:46:10 +00:00
Dr. Stephen Henson
8206dba75c Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576) [include source patch this time!] 2012-01-04 15:38:54 +00:00
Dr. Stephen Henson
528ef87850 Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576) 2012-01-04 15:33:15 +00:00
Dr. Stephen Henson
9004c53107 Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619) 2012-01-04 15:27:54 +00:00
Dr. Stephen Henson
f47f99f295 stop warning 2012-01-04 15:26:29 +00:00
Dr. Stephen Henson
00f473b3cc Check GOST parameters are not NULL (CVE-2012-0027) 2012-01-04 15:16:20 +00:00
Dr. Stephen Henson
356de7146e Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577) 2012-01-04 15:07:54 +00:00
Dr. Stephen Henson
9eab925395 fix warnings 2012-01-04 14:45:09 +00:00
Dr. Stephen Henson
22d89c501e Submitted by: Adam Langley <agl@chromium.org> 
Reviewed by: steve

Fix memory leaks.
 2012-01-04 14:24:48 +00:00
Dr. Stephen Henson
c06916db9f PR: 2326 
Submitted by: Tianjie Mao <tjmao@tjmao.net>
Reviewed by: steve

Fix incorrect comma expressions and goto f_err as alert has been set.
 2011-12-26 19:38:19 +00:00
Dr. Stephen Henson
ef7545a3e6 PR: 2563 
Submitted by: Paul Green <Paul.Green@stratus.com>
Reviewed by: steve

Improved PRNG seeding for VOS.
 2011-12-19 17:04:39 +00:00
Andy Polyakov
fecb4ff331 x86-mont.pl: fix bug in integer-only squaring path. 
PR: 2648
 2011-12-09 14:26:56 +00:00
Dr. Stephen Henson
2a4adf19c8 The default CN prompt message can be confusing when often the CN needs to 
be the server FQDN: change it.
[Reported by PSW Group]
 2011-12-06 00:01:00 +00:00
Bodo Möller
44c854ddb9 Resolve a stack set-up race condition (if the list of compression 
methods isn't presorted, it will be sorted on first read).

Submitted by: Adam Langley
 2011-12-02 12:51:05 +00:00
Bodo Möller
47091035f1 Fix ecdsatest.c. 
Submitted by: Emilia Kasper
 2011-12-02 12:41:00 +00:00
Bodo Möller
f3d51d7740 Fix BIO_f_buffer(). 
Submitted by: Adam Langley
Reviewed by: Bodo Moeller
 2011-12-02 12:24:29 +00:00
Andy Polyakov
70d3b4b653 Configure: fix corruption in RC4 implementation in darwin64-x86_64-cc. 2011-11-14 21:21:58 +00:00
Andy Polyakov
2fb94e4861 ppc.pl: fix bug in bn_mul_comba4 [from HEAD]. 
PR: 2636
Submitted by: Charles Bryant
 2011-11-05 10:16:46 +00:00
Richard Levitte
1b84893905 Teach mkshared.com to have a look for disabled algorithms in opensslconf.h 2011-10-30 11:40:59 +00:00
Dr. Stephen Henson
68b5330040 PR: 2628 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Send alert instead of assertion failure for incorrectly formatted DTLS
fragments.
 2011-10-27 13:06:34 +00:00
Dr. Stephen Henson
da7ae62abd PR: 2628 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix for ECC keys and DTLS.
 2011-10-27 13:01:08 +00:00
Dr. Stephen Henson
f53337b89c PR: 2632 
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Return -1 immediately if not affine coordinates as BN_CTX has not been
set up.
 2011-10-26 16:43:14 +00:00
Bodo Möller
f70a5895e3 BN_BLINDING multi-threading fix. 
Submitted by: Emilia Kasper (Google)
 2011-10-19 14:58:34 +00:00
Bodo Möller
d41bbd0db5 use -no_ecdhe when using -no_dhe 2011-10-13 15:05:50 +00:00
Bodo Möller
49956294fc Clarify warning 2011-10-13 13:24:37 +00:00
Bodo Möller
48373e55d1 In ssl3_clear, preserve s3->init_extra along with s3->rbuf. 
Submitted by: Bob Buckholz <bbuckholz@google.com>
 2011-10-13 13:05:12 +00:00
Dr. Stephen Henson
42369021ed PR: 2482 
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.
 2011-10-09 00:56:32 +00:00