generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
8,652 Commits 16 Branches 258 Tags
Commit Graph

1170 Commits

Author SHA1 Message Date
Dr. Stephen Henson
5021f6314e fix warn_unused_result warnings 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-06 21:59:15 +01:00
Dr. Stephen Henson
21d24dd38a Fix warnings about ignored return values. 
(cherry picked from commit 27131fe8f7418bf22b1e3000ea6a5d7b1ec8ebd4)
Reviewed-by: Matt Caswell <matt@openssl.org>
 2014-08-06 21:58:25 +01:00
Dr. Stephen Henson
a214feb26b Don't allow -www etc options with DTLS. 
The options which emulate a web server don't make sense when doing DTLS.
Exit with an error if an attempt is made to use them.

PR#3453
(cherry picked from commit 58a2aaeade8bdecd0f9f0df41927f7cff3012547)
 2014-07-15 12:27:29 +01:00
Dr. Stephen Henson
7a3a82dbbd Use case insensitive compare for servername. 
PR#3445
(cherry picked from commit 1c3e9a7c67ccdc5e770829fe951e5832e600d377)
 2014-07-15 00:00:39 +01:00
Dr. Stephen Henson
2daec41e25 Show errors on CSR verification failure. 
If CSR verify fails in ca utility print out error messages.
Otherwise some errors give misleading output: for example
if the key size exceeds the library limit.

PR#2875
(cherry picked from commit a30bdb55d1361b9926eef8127debfc2e1bb8c484)
 2014-06-29 13:35:18 +01:00
Dr. Stephen Henson
8519635923 Typo. 
PR#3107
(cherry picked from commit 7c206db9280865ae4af352dbc14e9019a6c4795d)
 2014-06-28 12:43:50 +01:00
Dr. Stephen Henson
9fb10cfe6b Memory leak and NULL dereference fixes. 
PR#3403
(cherry picked from commit d2aea038297e0c64ca66e6844cbb37377365885e)

Conflicts:

	apps/crl2p7.c
	crypto/asn1/a_utctm.c
	crypto/asn1/ameth_lib.c
	crypto/asn1/bio_asn1.c
 2014-06-27 15:33:18 +01:00
Dr. Stephen Henson
ee14e33c35 Change default cipher in smime app to des3. 
PR#3357
(cherry picked from commit ca3ffd9670f2b589bf8cc04923f953e06d6fbc58)

Conflicts:

	doc/apps/smime.pod
 2014-05-21 11:21:12 +01:00
Viktor Dukhovni
afa2ea204e Fix infinite loop. PR#3347 2014-05-11 21:20:00 +01:00
Dr. Stephen Henson
c61f0cbffb Fix free errors in ocsp utility. 
Keep copy of any host, path and port values allocated by
OCSP_parse_url and free as necessary.
(cherry picked from commit 5219d3dd350cc74498dd49daef5e6ee8c34d9857)
 2014-04-09 15:45:56 +01:00
Dr. Stephen Henson
e56334998c Use correct length when prompting for password. 
Use bufsiz - 1 not BUFSIZ - 1 when prompting for a password in
the openssl utility.

Thanks to Rob Mackinnon, Leviathan Security for reporting this issue.
(cherry picked from commit 7ba08a4d73c1bdfd3aced09a628b1d7d7747cdca)
 2014-04-04 13:09:05 +01:00
mancha
a375025e4d Fix alert handling. 
Fix OpenSSL 0.9.8 alert handling.

PR#3038
 2014-03-27 00:54:16 +00:00
Dr. Stephen Henson
430b637bd5 make update 2013-02-05 16:50:36 +00:00
Dr. Stephen Henson
bb152dae8f check mval for NULL too 2012-12-04 17:26:36 +00:00
Dr. Stephen Henson
c42ab44087 fix leak 2012-12-03 16:33:54 +00:00
Dr. Stephen Henson
c571a3e984 PR: 2908 
Submitted by: Dmitry Belyavsky <beldmit@gmail.com>

Fix DH double free if parameter generation fails.
 2012-11-21 14:01:38 +00:00
Dr. Stephen Henson
92e5882aca fix memory leak 2012-09-11 13:45:42 +00:00
Dr. Stephen Henson
a9101cdcaa Always use SSLv23_{client,server}_method in s_client.c and s_server.c, 
the old code came from SSLeay days before TLS was even supported.
 2012-03-18 18:18:30 +00:00
Dr. Stephen Henson
4f2fc3c2dd Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and 
continue with symmetric decryption process to avoid leaking timing
information to an attacker.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
 2012-03-12 14:51:45 +00:00
Bodo Möller
bf240f063a Fix usage indentation 2012-01-05 13:15:29 +00:00
Dr. Stephen Henson
7183aa6b9d make update 2012-01-04 19:12:39 +00:00
Dr. Stephen Henson
24f441e0bb The default CN prompt message can be confusing when often the CN needs to 
be the server FQDN: change it.
[Reported by PSW Group]
 2011-12-06 00:01:09 +00:00
Dr. Stephen Henson
91a1d08a4c use keyformat for -x509toreq, don't hard code PEM 2011-09-23 21:49:08 +00:00
Dr. Stephen Henson
6ec9ff83f3 PR: 2347 
Submitted by: Tomas Mraz <tmraz@redhat.com>
Reviewed by: steve

Fix usage message.
 2011-09-23 13:13:02 +00:00
Dr. Stephen Henson
03e3fbb702 PR: 2527 
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve

Set cnf to NULL to avoid possible double free.
 2011-05-25 15:06:32 +00:00
Dr. Stephen Henson
32cd1da62e PR: 2469 
Submitted by: Jim Studt <jim@studt.net>
Reviewed by: steve

Check mac is present before trying to retrieve mac iteration count.
 2011-03-13 18:23:24 +00:00
Dr. Stephen Henson
50fb940f05 make WIN32 compile work again 2010-07-08 01:23:25 +00:00
Ben Laurie
d886975835 Fix gcc 4.6 warnings. Check TLS server hello extension length. 2010-06-12 13:18:58 +00:00
Dr. Stephen Henson
c1f1a03d0c PR: 2262 
Submitted By: Victor Wagner <vitus@cryptocom.ru>

Fix error reporting in load_key function.
 2010-05-27 14:09:22 +00:00
Dr. Stephen Henson
cf6a1dea19 PR: 2202 (partial) 
Submitted by: Steven M. Schweda <sms@antinode.info>

VMS fixes:
	Reduce copying into .apps and .test in makevms.com
	Don't try to use blank CA certificate in CA.com
	Allow use of C files from original directories in maketests.com
 2010-03-25 12:29:56 +00:00
Dr. Stephen Henson
4610d8dc00 don't leave bogus errors in the queue 2010-03-10 13:48:35 +00:00
Dr. Stephen Henson
b7c114f044 PR: 2183 
PR#1999 broke fork detection by assuming HAVE_FORK was set for all platforms.
Include original HAVE_FORK detection logic while allowing it to be
overridden on specific platforms with -DHAVE_FORK=1 or -DHAVE_FORK=0
 2010-03-03 19:56:00 +00:00
Richard Levitte
53b5d04715 Apply changes from the 1.0.0 branch. 2010-02-23 07:51:39 +00:00
Dr. Stephen Henson
162f1e08f8 make no-rsa no-dsa compile again 2010-02-02 14:03:07 +00:00
Dr. Stephen Henson
714044cc03 oops revert test code from previous commit 2010-01-24 13:52:38 +00:00
Dr. Stephen Henson
5598b99fb3 The fix for PR#1949 unfortunately broke cases where the BIO_CTRL_WPENDING 
ctrl is incorrectly implemented (e.g. some versions of Apache). As a workaround
call both BIO_CTRL_INFO and BIO_CTRL_WPENDING if it returns zero. This should
both address the original bug and retain compatibility with the old behaviour.
 2010-01-24 13:50:57 +00:00
Dr. Stephen Henson
444ff35029 revert patch 2010-01-19 19:10:53 +00:00
Dr. Stephen Henson
ff2549be1d PR: 2144 
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>

Better fix for PR#2144
 2010-01-19 19:10:03 +00:00
Dr. Stephen Henson
24fc4f656c PR: 1618 
Submitted by: steve@openssl.org

Fix bug in 0.9.8-stable time handling in ca.c . NB: this only handles cases
where times are not being checked or printed properly. Issues relating to
time_t becoming negative or wrapping around are *NOT* addressed. OpenSSL
1.0.0 and later does fix these issues by using its own time routines.
 2010-01-14 17:44:46 +00:00
Dr. Stephen Henson
ccc3df8c33 New option to enable/disable connection to unpatched servers 2009-12-16 20:34:20 +00:00
Dr. Stephen Henson
59f44e810b Add ctrl and macro so we can determine if peer support secure renegotiation. 
Fix SSL_CIPHER initialiser for mcsv
 2009-12-08 13:47:28 +00:00
Dr. Stephen Henson
6cf61614e4 Replace the broken SPKAC certification with the correct version. 2009-12-02 14:39:12 +00:00
Richard Levitte
e333a8d673 Updated from 1.0.0-stable. 2009-11-12 16:59:18 +00:00
Ben Laurie
c2b78c31d6 First cut of renegotiation extension. 2009-11-08 14:51:54 +00:00
Ben Laurie
6156be4da3 Fix compilation problem. 2009-11-05 10:18:11 +00:00
Dr. Stephen Henson
e6e11f4ec3 Don't attempt session resumption if no ticket is present and session 
ID length is zero.
 2009-10-28 19:53:10 +00:00
Dr. Stephen Henson
ef62799783 PR: 1847 
Submitted by: Tomas Mraz <tmraz@redhat.com>
Approved by: steve@openssl.org

Integrated patches to CA.sh to bring it into line with CA.pl functionality.
 2009-10-15 17:28:02 +00:00
Dr. Stephen Henson
8196257f00 Cross compilation updates. 2009-10-15 14:14:35 +00:00
Dr. Stephen Henson
d7050b4424 Fix warnings about ignoring fgets return value 2009-10-04 16:43:39 +00:00
Dr. Stephen Henson
822da9ccc3 Stop unused variable warning. 2009-09-20 13:26:46 +00:00