generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
10,829 Commits 16 Branches 258 Tags
Commit Graph

10829 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Adam Langley
45d010255f Add volatile qualifications to two blocks of inline asm to stop GCC from 
eliminating them as dead code.

Both volatile and "memory" are used because of some concern that the compiler
may still cache values across the asm block without it, and because this was
such a painful debugging session that I wanted to ensure that it's never
repeated.
(cherry picked from commit 7753a3a68431aa81b82beea4c3f5374b41454679)
 2014-02-01 22:01:46 +01:00
Andy Polyakov
7e569022c5 PPC assembly pack: ppc64-mont update from master. 2014-02-01 21:51:51 +01:00
Andy Polyakov
50f1b47c7f PPC assembly pack: jumbo update from master. 
Add Vector Permutation AES and little-endian support.
 2014-02-01 21:48:31 +01:00
Andy Polyakov
5572bc4e2f crypto/aes/asm/aesni-x86[_64].pl: jumbo update from master. 2014-02-01 21:27:46 +01:00
Andy Polyakov
729d334106 crypto/sha/asm/sha1-x86_64.pl: jumbo update from master. 2014-02-01 21:24:55 +01:00
Ben Laurie
cacdfcb247 Add more accessors. 2014-02-01 18:30:23 +00:00
Ben Laurie
519ad9b384 Add accessor for x509.cert_info. 2014-02-01 18:30:23 +00:00
Ben Laurie
7b2d785d20 Fix warning. 2014-01-29 17:57:32 +01:00
Dr. Stephen Henson
f2d678e6e8 Clarify docs. 
Remove reference to ERR_TXT_MALLOCED in the error library as that is
only used internally. Indicate that returned error data must not be
freed.
 2014-01-29 00:59:35 +00:00
Dr. Stephen Henson
448e9b7cf1 typo 
(cherry picked from commit cb2182676bdf652070bc272a3896d957763a4324)
 2014-01-28 15:36:15 +00:00
Dr. Stephen Henson
2c4c9867e7 Fix demo comment: 0.9.9 never released. 
(cherry picked from commit 717cc8589540b95122a652dee68e6a75b6262d93)
 2014-01-28 15:17:32 +00:00
Dr. Stephen Henson
a99540a6de Check i before r[i]. 
PR#3244
(cherry picked from commit 9614d2c676ffe74ce0c919d9e5c0d622a011cbed)
 2014-01-28 15:14:47 +00:00
Dr. Stephen Henson
9614ed695d Add loaded dynamic ENGINEs to list. 
Always add a dynamically loaded ENGINE to list. Otherwise it can cause
problems when multiply loaded, especially if it adds new public key methods.
For all current engines we only want a single implementation anyway.
(cherry picked from commit e933f91f50108a43c0198cdc63ecdfdbc77b4d0d)
 2014-01-28 13:57:14 +00:00
Dr. Stephen Henson
aabfee601e Certificate callback doc. 
(cherry picked from commit 46ab9bbd7fa610d775fe645dd0fe6d509c8dff3a)
 2014-01-28 13:38:55 +00:00
Dr. Stephen Henson
cee1d9e02f make update 2014-01-27 14:59:46 +00:00
Dr. Stephen Henson
285f7fb0f9 Add cert callback retry test. 
(cherry picked from commit 3323314fc1c6d18e650a2de97f7cf9892ac92a60)
 2014-01-27 14:41:38 +00:00
Dr. Stephen Henson
ede90b1121 Support retries in certificate callback 
(cherry picked from commit 0ebc965b9ca4352e407bb7cfa65ac235942117f6)

Conflicts:

	ssl/s3_srvr.c
	ssl/ssl3.h
 2014-01-27 14:41:38 +00:00
Dr. Stephen Henson
5e7329d156 Compare encodings in X509_cmp as well as hash. 
(cherry picked from commit ec492c8a5a1491949166c4b37df8666741180f4d)
 2014-01-27 14:33:10 +00:00
Dr. Stephen Henson
9f1979b94a New function to set compression methods so they can be safely freed. 
(cherry picked from commit cbb67448277232c8403f96edad4931c4203e7746)
 2014-01-27 14:32:44 +00:00
Dr. Stephen Henson
3fcf327e26 Add -engine_impl option to dgst which will use an implementation of 
an algorithm from the supplied engine instead of just the default one.
(cherry picked from commit bb845ee044587a91589357a772a02cffb0ba4454)
 2014-01-23 18:35:42 +00:00
Dr. Stephen Henson
3f4742b48c make update 2014-01-23 17:13:37 +00:00
Dr. Stephen Henson
c4f01c533b Add new function SSL_CTX_get_ssl_method(). 
Partial fix for PR#3183.
(cherry picked from commit ba168244a14bbd056e502d7daa04cae4aabe9d0d)
 2014-01-16 14:08:42 +00:00
Kaspar Brand
b7a8550988 Omit initial status request callback check. 
PR#3178
(cherry picked from commit d0b039d4a3a19b106cc2cb938125b86aca4974aa)
 2014-01-16 13:48:23 +00:00
Zoltan Arpadffy
e775891708 VMS fixes 2014-01-11 22:44:04 +00:00
Jeff Trawick
ae6fbb5df0 typo 
(cherry picked from commit 5edce5685f26c1bb7854d4cdf291b9604fcc5dbf)
 2014-01-10 23:02:46 +00:00
Jeff Trawick
f9c1f03754 typo 
(cherry picked from commit 4b64e0cbdb563e13a6f7cd8631b31532c04f1234)
 2014-01-10 23:02:20 +00:00
Dr. Stephen Henson
50701af9d5 Fix bug in X509_V_FLAG_IGNORE_CRITICAL CRL handling. 
(cherry picked from commit 8f4077ca69076cebaca51b7b666db1ed49e46b9e)
 2014-01-09 22:53:50 +00:00
Dr. Stephen Henson
1d6af3d430 update NEWS 2014-01-09 22:50:07 +00:00
Andy Polyakov
392fd8f89c bn/asm/x86_64-mont5.pl: fix compilation error on Solaris. 
(cherry picked from commit eedab5241e32f9f185cfee23a0c67264d3e3ecf2)
 2014-01-09 13:47:53 +01:00
Dr. Stephen Henson
802db0fab2 Sync CHANGES 2014-01-07 15:41:11 +00:00
Dr. Stephen Henson
2f972419a3 Add fix for CVE-2013-4353 2014-01-07 15:41:11 +00:00
Dr. Stephen Henson
a05a2c67ef Update NEWS. 2014-01-07 15:41:04 +00:00
Andy Polyakov
e34140620e sha/asm/sha256-armv4.pl: add NEON code path. 
(and shave off cycle even from integer-only code)
(cherry picked from commit ad0d2579cf3a293a35a5b606afc5a97c71cf6ca7)
 2014-01-04 18:06:36 +01:00
Andy Polyakov
acd9121085 aesni-sha1-x86_64.pl: harmonize [Atom-specific optimizations] with master branch. 2014-01-04 17:42:13 +01:00
Dr. Stephen Henson
b17d6b8d1d Restore SSL_OP_MSIE_SSLV2_RSA_PADDING 
The flag SSL_OP_MSIE_SSLV2_RSA_PADDING hasn't done anything since OpenSSL
0.9.7h but deleting it will break source compatibility with any software
that references it. Restore it but #define to zero.
 2014-01-04 13:58:51 +00:00
Dr. Stephen Henson
b9fa413a08 Use algorithm specific chains for certificates. 
Fix a limitation in SSL_CTX_use_certificate_chain_file(): use algorithm
specific chains instead of the shared chain.

Update docs.
(cherry picked from commit a4339ea3ba045b7da038148f0d48ce25f2996971)

Conflicts:

	CHANGES
 2014-01-03 22:45:20 +00:00
Andy Polyakov
4abe148444 ssl/t1_enc.c: optimize PRF (suggested by Intel). 
(cherry picked from commit e8b0dd57c0e9c53fd0708f0f458a7a2fd7a95c91)
 2014-01-03 21:56:03 +01:00
Dr. Stephen Henson
04d6940436 update NEWS 2014-01-02 19:12:47 +00:00
Dr. Stephen Henson
8511b5f594 Don't change version number if session established 
When sending an invalid version number alert don't change the
version number to the client version if a session is already
established.

Thanks to Marek Majkowski for additional analysis of this issue.

PR#3191
(cherry picked from commit b77b58a398c8b9b4113f3fb6b48e162a3b8d4527)
 2014-01-02 15:07:51 +00:00
Dr. Stephen Henson
546d6760b9 Update curve list size. 2013-12-29 16:30:34 +00:00
Andy Polyakov
ccbb8d5e95 sparcv9cap.c: omit random detection. 
PR: 3202
(cherry picked from commit 926725b3d7c1528f2dc116a48623c42264188277)
 2013-12-28 13:32:45 +01:00
Andy Polyakov
d7d7e7b038 ARM assembly pack: make it work with older toolchain. 
(cherry picked from commit 2218c296b4981af6f2639bbd7eabfb89437fe776)
 2013-12-28 12:18:11 +01:00
Dr. Stephen Henson
80b6d97585 Fix DTLS retransmission from previous session. 
For DTLS we might need to retransmit messages from the previous session
so keep a copy of write context in DTLS retransmission buffers instead
of replacing it after sending CCS. CVE-2013-6450.
(cherry picked from commit 34628967f1e65dc8f34e000f0f5518e21afbfc7b)
 2013-12-20 23:25:41 +00:00
Dr. Stephen Henson
ff64ab32ae Ignore NULL parameter in EVP_MD_CTX_destroy. 
(cherry picked from commit a6c62f0c25a756c263a80ce52afbae888028e986)
 2013-12-20 23:24:26 +00:00
Andy Polyakov
fc9c9e47f7 sha1-x86_64.pl: harmonize Win64 SE handlers for SIMD code pathes. 
(and ensure stack alignment in the process)
(cherry picked from commit fc0503a25cd638b93f7af04640c20042e0329b3b)
 2013-12-18 22:57:14 +01:00
Andy Polyakov
68e6ac4379 evp/e_[aes|camellia].c: fix typo in CBC subroutine. 
It worked because it was never called.
(cherry picked from commit e9c80e04c1a3b5a0de8e666155ab4ecb2697a77d)
 2013-12-18 22:56:24 +01:00
Andy Polyakov
e34b7e99fd sha512.c: fullfull implicit API contract in SHA512_Transform. 
SHA512_Transform was initially added rather as tribute to tradition
than for practucal reasons. But use was recently found in ssl/s3_cbc.c
and it turned to be problematic on platforms that don't tolerate
misasligned references to memory and lack assembly subroutine.
(cherry picked from commit cdd1acd788020d2c525331da1712ada778f1373c)
 2013-12-18 22:56:00 +01:00
Dr. Stephen Henson
a32ba49352 Check EVP errors for handshake digests. 
Partial mitigation of PR#3200
(cherry picked from commit 0294b2be5f4c11e60620c0018674ff0e17b14238)
 2013-12-18 13:27:15 +00:00
Dr. Stephen Henson
3a0c71541b verify parameter enumeration functions 
(cherry picked from commit 9b3d75706ef0114362f04665a3c745bfef59d023)

Conflicts:

	crypto/x509/x509_vpm.c
 2013-12-13 15:52:27 +00:00
Dr. Stephen Henson
adc6bd73e3 Add opaque ID structure. 
Move the IP, email and host checking fields from the public
X509_VERIFY_PARAM structure into an opaque X509_VERIFY_PARAM_ID
structure. By doing this the structure can be modified in future
without risk of breaking any applications.
 2013-12-13 15:36:31 +00:00