generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
9,468 Commits 16 Branches 258 Tags 86 MiB
6ca1418587
Commit Graph

4938 Commits

Author SHA1 Message Date
Dr. Stephen Henson
07973d5db8 Fix memory leak: free up ENGINE functional reference if digest is not 
found in an ENGINE.
 2010-03-05 13:33:43 +00:00
Dr. Stephen Henson
d92138f703 don't mix definitions and code 2010-03-03 15:30:26 +00:00
Andy Polyakov
b2bf335327 Fix s390x-specific HOST_l2c|c2l [from HEAD]. 
Submitted by: Andreas Krebbel
 2010-03-02 16:25:10 +00:00
Dr. Stephen Henson
33bec62a20 PR: 2178 
Submitted by: "Kennedy, Brendan" <brendan.kennedy@intel.com>

Handle error codes correctly: cryptodev returns 0 for success whereas OpenSSL
returns 1.
 2010-03-01 23:54:34 +00:00
Dr. Stephen Henson
002d3fe863 use correct prototype as in HEAD 2010-03-01 03:01:56 +00:00
Dr. Stephen Henson
fb24311e7c 'typo' 2010-03-01 01:52:47 +00:00
Dr. Stephen Henson
90278430d9 make USE_CRYPTODEV_DIGESTS work 2010-03-01 01:19:36 +00:00
Ben Laurie
bcd9d12a8d Fix warning. 2010-02-28 13:38:16 +00:00
Dr. Stephen Henson
fc11f47229 Revert CFB block length change. Despite what SP800-38a says the input to 
CFB mode does *not* have to be a multiple of the block length and several
other specifications (e.g. PKCS#11) do not require this.
 2010-02-26 14:41:48 +00:00
Bodo Möller
7fe747d1eb Always check bn_wexpend() return values for failure (CVE-2009-3245). 
(The CHANGES entry covers the change from PR #2111 as well, submitted by
Martin Olsson.)

Submitted by: Neel Mehta
 2010-02-23 10:36:30 +00:00
Bodo Möller
32567c9f3b Fix X509_STORE locking 2010-02-19 18:26:23 +00:00
Dr. Stephen Henson
9051fc538f PR: 2100 
Submitted by: James Baker <jbaker@tableausoftware.com> et al.

Workaround for slow Heap32Next on some versions of Windows.
 2010-02-17 14:32:25 +00:00
Dr. Stephen Henson
6c6ca18664 The "block length" for CFB mode was incorrectly coded as 1 all the time. It 
should be the number of feedback bits expressed in bytes. For CFB1 mode set
this to 1 by rounding up to the nearest multiple of 8.
 2010-02-15 19:40:30 +00:00
Dr. Stephen Henson
97fe2b40c1 Correct ECB mode EVP_CIPHER definition: IV length is 0 2010-02-15 19:25:52 +00:00
Dr. Stephen Henson
f689ab5017 add EVP_CIPH_FLAG_LENGTH_BITS from 0.9.8-stable 2010-02-15 19:17:55 +00:00
Dr. Stephen Henson
edb7cac271 PR: 2164 
Submitted by: "Noszticzius, Istvan" <inoszticzius@rightnow.com>

Don't clear the output buffer: ciphers should correctly the same input
and output buffers.
 2010-02-15 19:01:56 +00:00
Dr. Stephen Henson
1d8fa09c80 Make assembly language versions of OPENSSL_cleanse() accept zero length 
parameter. Backport from HEAD, orginal by appro.
 2010-02-12 17:02:13 +00:00
Dr. Stephen Henson
e085e6c84c Fix memory leak in ENGINE autoconfig code. Improve error logging. 2010-02-09 14:17:57 +00:00
Dr. Stephen Henson
c8c49133d9 oops, use new value for new flag 2010-02-07 13:54:54 +00:00
Dr. Stephen Henson
961f1dea06 make update 2010-02-07 13:47:08 +00:00
Dr. Stephen Henson
1700426256 Add missing function EVP_CIPHER_CTX_copy(). Current code uses memcpy() to copy 
an EVP_CIPHER_CTX structure which may have problems with external ENGINEs
who need to duplicate internal handles etc.
 2010-02-07 13:41:23 +00:00
Dr. Stephen Henson
aa7f5baad2 don't assume 0x is at start of string 2010-02-03 18:19:05 +00:00
Dr. Stephen Henson
45acdd6f6d tolerate broken CMS/PKCS7 implementations using signature OID instead of digest 2010-02-02 14:26:32 +00:00
Dr. Stephen Henson
8b354e776b PR: 2161 
Submitted by: Doug Goldstein <cardoe@gentoo.org>, Steve.

Make no-dsa, no-ecdsa and no-rsa compile again.
 2010-02-02 13:36:05 +00:00
Richard Levitte
d023b4e2dd The previous take went wrong, try again. 2010-01-29 12:02:54 +00:00
Richard Levitte
fa79cc9c23 Architecture specific header files need special handling. 2010-01-29 11:44:40 +00:00
Dr. Stephen Henson
df21765a3e In engine_table_select() don't clear out entire error queue: just clear 
out any we added using ERR_set_mark() and ERR_pop_to_mark() otherwise
errors from other sources (e.g. SSL library) can be wiped.
 2010-01-28 17:50:23 +00:00
Dr. Stephen Henson
1cdb7854a5 PR: 2138 
Submitted by: Kevin Regan <k.regan@f5.com>

Clear stat structure if -DPURIFY is set to avoid problems on some
platforms which include unitialised fields.
 2010-01-26 18:07:41 +00:00
Dr. Stephen Henson
704d33b347 Add flags functions which were added to 0.9.8 for fips but not 1.0.0 and 
later.
 2010-01-26 14:33:52 +00:00
Dr. Stephen Henson
b2a7515ee8 OPENSSL_isservice is now defined on all platforms not just WIN32 2010-01-26 13:58:49 +00:00
Dr. Stephen Henson
c7d5edbf5e export OPENSSL_isservice and make update 2010-01-26 13:55:33 +00:00
Dr. Stephen Henson
78bfb45b07 PR: 2149 
Submitted by: Douglas Stebila <douglas@stebila.ca>

Fix wap OIDs.
 2010-01-25 16:07:51 +00:00
Richard Levitte
25d42c17e3 A few more macros for long symbols. 
Submitted by Steven M. Schweda <sms@antinode.info>
 2010-01-25 00:18:31 +00:00
Dr. Stephen Henson
1699389a46 Tolerate PKCS#8 DSA format with negative private key. 2010-01-22 20:17:30 +00:00
Dr. Stephen Henson
53e97e7433 update version for next beta if we have one... 2010-01-20 15:40:27 +00:00
Dr. Stephen Henson
bc0ecd202a make update 2010-01-20 15:05:52 +00:00
Dr. Stephen Henson
b307daa23f Prepare for beta5 release 2010-01-20 15:00:49 +00:00
Andy Polyakov
a238d7d1eb rand_win.c: handel GetTickCount wrap-around [from HEAD]. 2010-01-19 21:44:07 +00:00
Andy Polyakov
0e92313331 x86_64-xlate.pl: refine sign extension logic when handling lea [from HEAD]. 
PR: 2094,2095
 2010-01-19 21:43:05 +00:00
Andy Polyakov
3e719c99f5 s390x assembler update: add support for run-time facility detection [from HEAD]. 2010-01-19 21:40:58 +00:00
Dr. Stephen Henson
28dc54f6d9 Reverted patch for PR#2095. Addressed by Andy now in x86_64-xlate.pl 2010-01-17 16:58:56 +00:00
Ben Laurie
9e198c4bd0 Fix type-checking/casting issue. 2010-01-16 13:32:14 +00:00
Dr. Stephen Henson
2c627637c5 Modify compression code so it avoids using ex_data free functions. This 
stops applications that call CRYPTO_free_all_ex_data() prematurely leaking
memory.
 2010-01-13 18:46:01 +00:00
Dr. Stephen Henson
93fac08ec3 PR: 2136 
Submitted by: Willy Weisz <weisz@vcpc.univie.ac.at>

Add options to output hash using older algorithm compatible with OpenSSL
versions before 1.0.0
 2010-01-12 17:27:11 +00:00
Andy Polyakov
0d8ffc2007 b_sock.c: bind/connect are picky about socket address length [from HEAD]. 2010-01-07 13:15:39 +00:00
Andy Polyakov
a32f7fb832 sendto is reportedly picky about destination socket address length [from HEAD]. 
PR: 2114
Submitted by: Robin Seggelmann
 2010-01-07 10:44:21 +00:00
Andy Polyakov
496cf69e40 Fix compilation on older Linux [from HEAD]. 2010-01-06 21:25:22 +00:00
Dr. Stephen Henson
2708603bb4 ENGINE_load_capi() now exists on all platforms (but no op on non-WIN32) 2010-01-06 13:20:52 +00:00
Dr. Stephen Henson
e4f1cda7de PR: 2102 
Submitted by: John Fitzgibbon <john_fitzgibbon@yahoo.com>

Remove duplicate definitions.
 2010-01-05 17:58:15 +00:00
Andy Polyakov
5448e6739c b_sock.c: correct indirect calls on WinSock platforms [from HEAD]. 
PR: 2130
Submitted by: Eugeny Gostyukhin
 2009-12-30 12:56:16 +00:00
Andy Polyakov
a5313cf360 sha512.c update for esoteric PPC platfrom(s) [from HEAD]. 
PR: 1998
 2009-12-30 11:53:33 +00:00
Dr. Stephen Henson
aed461b431 Traditional Yuletide commit ;-) 
Add Triple DES CFB1 and CFB8 to algorithm list and NID translation.
 2009-12-25 14:12:24 +00:00
Bodo Möller
40c45f86d4 Constify crypto/cast. 2009-12-22 11:45:59 +00:00
Bodo Möller
a0b7277724 Constify crypto/cast. 2009-12-22 10:58:01 +00:00
Dr. Stephen Henson
2d3855fc6e PR: 2127 
Submitted by: Tomas Mraz <tmraz@redhat.com>

Check for lookup failures in EVP_PBE_CipherInit().
 2009-12-17 15:28:45 +00:00
Dr. Stephen Henson
1cd47f5f6e Ooops revert stuff which shouldn't have been part of previous commit. 2009-12-16 20:33:11 +00:00
Dr. Stephen Henson
675564835c New option to enable/disable connection to unpatched servers 2009-12-16 20:28:30 +00:00
Dr. Stephen Henson
a6d204e241 Add patch to crypto/evp which didn't apply from PR#2124 2009-12-09 15:02:14 +00:00
Dr. Stephen Henson
941baf6641 Revert lhash patch for PR#2124 2009-12-09 15:00:20 +00:00
Dr. Stephen Henson
aac751832a PR: 2124 
Submitted by: Jan Pechanec <Jan.Pechanec@Sun.COM>

Check for memory allocation failures.
 2009-12-09 13:38:20 +00:00
Dr. Stephen Henson
7b1856e5a1 PR: 2111 
Submitted by: Martin Olsson <molsson@opera.com>

Check for bn_wexpand errors in bn_mul.c
 2009-12-02 15:28:05 +00:00
Dr. Stephen Henson
50f06b46f4 Check it actually compiles this time ;-) 2009-12-02 14:25:55 +00:00
Dr. Stephen Henson
be6076c0ad PR: 2120 
Submitted by: steve@openssl.org

Initialize fields correctly if pem_str or info are NULL in  EVP_PKEY_asn1_new().
 2009-12-02 13:57:03 +00:00
Dr. Stephen Henson
6125e07d79 check DSA_sign() return value properly 2009-12-01 18:41:50 +00:00
Dr. Stephen Henson
7805e23588 PR: 1432 
Submitted by: "Andrzej Chmielowiec" <achmielowiec@enigma.com.pl>, steve@openssl.org
Approved by: steve@openssl.org

Truncate hash if it is too large: as required by FIPS 186-3.
 2009-12-01 17:32:33 +00:00
Dr. Stephen Henson
9117b9d17a PR: 2118 
Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net>
Approved by: steve@openssl.org

Check return value of ECDSA_sign() properly.
 2009-11-30 13:53:42 +00:00
Andy Polyakov
8b9b23603f bss_dgram.c: re-fix BIO_CTRL_DGRAM_GET_PEER (from HEAD). 2009-11-26 20:56:05 +00:00
Andy Polyakov
a8c1b19a31 x86_64-xlate.pl: fix typo introduced in last commit. 
PR: 2109
 2009-11-23 19:51:24 +00:00
Andy Polyakov
29c8d2a54a x86_64-xlate.pl: new gas requires sign extension. 
x86masm.pl: fix linker warning.
PR: 2094,2095
 2009-11-22 12:52:18 +00:00
Andy Polyakov
e4572e5210 bio_sock.c and bss_dgram.c: update from HEAD. 
PR: 2069
 2009-11-22 12:24:43 +00:00
Dr. Stephen Henson
5e8d95f590 PR: 2103 
Submitted by: Rob Austein <sra@hactrn.net>
Approved by: steve@openssl.org

Initialise atm.flags to 0.
 2009-11-17 13:25:35 +00:00
Dr. Stephen Henson
4e49aa0ca3 PR: 2095 
Submitted by: Arkadiusz Miskiewicz <arekm@maven.pl>
Approved by: steve@openssl.org

Fix for out range of signed 32bit displacement error on newer binutils
in file sha1-x86_64.pl
 2009-11-13 14:23:44 +00:00
Dr. Stephen Henson
4434328b0a PR: 2088 
Submitted by: Aleksey Samsonov <s4ms0n0v@gmail.com>
Approved by: steve@openssl.org

Fix memory leak in d2i_PublicKey().
 2009-11-12 19:57:39 +00:00
Dr. Stephen Henson
9b2cfb890c set engine to NULL after releasing it 2009-11-12 19:24:34 +00:00
Richard Levitte
b2f364ec62 Compiling vms.mar doesn't work on other than VAX. 2009-11-12 14:05:04 +00:00
Richard Levitte
b7aeb4c9b5 Another symbol longer than 31 characters. 2009-11-12 14:04:26 +00:00
Dr. Stephen Henson
e0031b1c78 Prepare for beta4 release 2009-11-10 13:15:09 +00:00
Dr. Stephen Henson
6757ef89b3 PR: 2091 
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org

If an OID has no short name or long name return the numerical representation.
 2009-11-10 01:00:23 +00:00
Dr. Stephen Henson
bf6eea6536 PR: 2090 
Submitted by: Martin Kaiser <lists@kaiser.cx>, Stephen Henson
Approved by: steve@openssl.org

Improve error checking in asn1_gen.c
 2009-11-10 00:47:37 +00:00
Dr. Stephen Henson
f62d1ea3d5 Combat gcc 4.4.1 aliasing rules. (from HEAD) 2009-11-09 14:09:53 +00:00
Dr. Stephen Henson
4a7f7171f5 Add missing functions to allow access to newer X509_STORE_CTX status 
information. Add more informative message to verify callback to indicate
when CRL path validation is taking place.
 2009-10-31 19:21:47 +00:00
Dr. Stephen Henson
0c2c2e71a6 If not checking all certificates don't attempt to find a CRL 
for the leaf certificate of a CRL path.
 2009-10-23 12:05:54 +00:00
Dr. Stephen Henson
d1d746afb4 Need to check <= 0 here. 2009-10-22 23:14:12 +00:00
Dr. Stephen Henson
c90a1ae0c9 make update 2009-10-18 14:44:51 +00:00
Dr. Stephen Henson
c679fb298e Add new function X509_STORE_set_verify_cb and use it in apps 2009-10-18 14:42:27 +00:00
Dr. Stephen Henson
28418076b2 PR: 2069 
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

IPv6 support for DTLS.
 2009-10-15 17:41:44 +00:00
Dr. Stephen Henson
ad187f8905 Fix unitialized warnings 2009-10-04 16:52:35 +00:00
Dr. Stephen Henson
2280f82fc6 Fix warnings about ignoring fgets return value 2009-10-04 16:43:21 +00:00
Dr. Stephen Henson
e6714faffb Prevent ignored return value warning 2009-10-04 14:04:14 +00:00
Dr. Stephen Henson
af8f2bb174 Prevent aliasing warning 2009-10-04 14:02:03 +00:00
Dr. Stephen Henson
d7501c16bf Yes it is a typo ;-) 2009-10-01 12:17:18 +00:00
Dr. Stephen Henson
50d70c01d6 PR: 2062 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BN_rand error handling in bntest.c
 2009-10-01 00:21:55 +00:00
Dr. Stephen Henson
9fc601cfbb PR: 2059 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct EVP_SealInit error handling in pem_seal.c
 2009-10-01 00:17:35 +00:00
Dr. Stephen Henson
fed5333248 PR: 2056 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_wirte error handling in asn1_par.c
 2009-10-01 00:11:49 +00:00
Dr. Stephen Henson
a3d5cdb07c PR: 2063 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_write error handling in ocsp_prn.c
 2009-09-30 23:59:16 +00:00
Dr. Stephen Henson
d99c0f6b4a PR: 2057 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct BIO_write, BIO_printf, i2a_ASN1_INTEGER and i2a_ASN1_OBJECT
error handling in OCSP print routines.
 2009-09-30 23:55:29 +00:00
Dr. Stephen Henson
43f21e62aa PR: 2058 
Submitted by: Julia Lawall <julia@diku.dk>
Approved by: steve@openssl.org

Correct EVP_DigestVerifyFinal error handling.
 2009-09-30 23:50:10 +00:00
Dr. Stephen Henson
0c690586e0 PR: 2064, 728 
Submitted by: steve@openssl.org

Add support for custom headers in OCSP requests.
 2009-09-30 21:41:53 +00:00
Dr. Stephen Henson
0cc0db32e3 PR: 2050 
Submitted by: Michael Tuexen <tuexen@fh-muenster.de>
Approved by: steve@openssl.org

Fix handling of ENOTCONN and EMSGSIZE for dgram BIOs.
 2009-09-22 11:34:25 +00:00
Dr. Stephen Henson
d68f7641a3 PR: 2047 
Submitted by: David Lee <live4thee@gmail.com>, steve@openssl.org
Approved by: steve@openssl.org

Fix for IPv6 handling in BIO_get_accept_socket().
 2009-09-20 16:40:59 +00:00