generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
8,441 Commits 16 Branches 258 Tags
Commit Graph

8441 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Richard Levitte
90a63277e2 Oops, some changes forgotten... 2006-09-28 19:48:48 +00:00
Mark J. Cox
6b131d9c45 After tagging, open up 0.9.7m-dev 2006-09-28 12:00:30 +00:00
Mark J. Cox
c830c1a209 Prepare for 0.9.7l release OpenSSL_0_9_7l 2006-09-28 11:56:57 +00:00
Mark J. Cox
b213966415 Introduce limits to prevent malicious keys being able to 
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
 2006-09-28 11:53:51 +00:00
Dr. Stephen Henson
8db3f4ace9 Fix from HEAD. 2006-09-22 17:15:04 +00:00
Dr. Stephen Henson
4ebd255a5b Fix from head. 2006-09-22 17:06:51 +00:00
Bodo Möller
d9d294463e Ensure that the addition mods[i]+delta cannot overflow in probable_prime(). 
[Problem pointed out by Adam Young <adamy (at) acm.org>]
 2006-09-19 10:00:29 +00:00
Bodo Möller
ea43804bda Backport from HEAD: fix ciphersuite selection 2006-09-12 14:41:50 +00:00
Bodo Möller
c2293d2e9a make consistent with 0.9.8-branch version of this file 2006-09-06 06:41:32 +00:00
Mark J. Cox
e872398844 Don't forget to put back the -dev 2006-09-05 08:46:18 +00:00
Mark J. Cox
60bee5d44c Bump for 0.9.7l-dev 2006-09-05 08:38:12 +00:00
Mark J. Cox
975a7a483f Prepare 0.9.7k release OpenSSL_0_9_7k 2006-09-05 08:34:07 +00:00
Mark J. Cox
ffa0407233 Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher 
(CVE-2006-4339)  [Ben Laurie and Google Security Team]

Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
 2006-09-05 08:24:14 +00:00
Dr. Stephen Henson
6f414aef0e Update from HEAD. 2006-08-31 20:11:30 +00:00
Dr. Stephen Henson
45e33ebeab Fix from HEAD. Except we can't stream multipart/signed in 0.9.7 so that case 
still rewinds the stream.
 2006-07-13 20:36:51 +00:00
Dr. Stephen Henson
0f562e2a2c Fix from HEAD. 2006-07-09 12:05:10 +00:00
Bodo Möller
ae2684851f documentation for "HIGH" vs. "MEDIUM" was not up-to-date 2006-06-30 22:03:18 +00:00
Bodo Möller
feee55c65d use <poll.h> as by Single Unix Specification 2006-06-30 08:15:13 +00:00
Bodo Möller
81edd235b1 always read if we can't use select because of a too large FD 
(it's non-blocking mode anyway)
 2006-06-28 14:49:39 +00:00
Andy Polyakov
23c13189e9 Mitigate the hazard of cache-collision timing attack on last round 
[from HEAD].
 2006-06-28 08:57:22 +00:00
Richard Levitte
bdd00f8c8a Use poll() when possible to gather Unix randomness entropy 2006-06-27 06:31:48 +00:00
Bodo Möller
30c99d45b7 Be more explicit about requirements for multi-threading. 2006-06-23 14:59:43 +00:00
Richard Levitte
e4a901b0b3 Synchronise with the Unix build 2006-06-21 05:08:36 +00:00
Dr. Stephen Henson
e25a2423da Place hex_to_string and string_to_hex in separate source file to avoid 
dragging in extra dependencies when just these functions are used.
 2006-06-20 18:06:40 +00:00
Bodo Möller
094c6aa51d Thread-safety fixes 2006-06-16 01:01:34 +00:00
Bodo Möller
c098e8b6ca Disable invalid ciphersuites 2006-06-14 17:51:36 +00:00
Bodo Möller
019a63f9c9 Thread-safety fixes 2006-06-14 08:50:11 +00:00
Dr. Stephen Henson
6651ac386e Fix from head. 2006-05-17 18:25:38 +00:00
Dr. Stephen Henson
0be0592ec4 Fix from HEAD. 2006-05-17 18:20:53 +00:00
Dr. Stephen Henson
a6fb8a8203 Update for next dev version. 2006-05-04 13:08:01 +00:00
Dr. Stephen Henson
d26d236162 Prepare for release OpenSSL_0_9_7j 2006-05-04 12:52:59 +00:00
Dr. Stephen Henson
3dcd6cf004 make update 2006-05-04 12:32:36 +00:00
Dr. Stephen Henson
daaca57e55 Use new fips-1.0 directory in error library. 2006-05-04 12:09:04 +00:00
Dr. Stephen Henson
309d74c8f0 Update CHANGES. 2006-05-04 11:16:20 +00:00
Dr. Stephen Henson
234f2f67ac Add new --with-baseaddr command line option to allow the FIPS base address of 
libeay32.dll to be explicitly specified.
 2006-04-24 13:32:58 +00:00
Dr. Stephen Henson
d4e81773cc Check pbe2->keyfunc->parameter is not NULL before dereferencing. 
PR: 1316
 2006-04-15 17:42:46 +00:00
Dr. Stephen Henson
d366bf7948 Typos. 2006-04-07 00:15:44 +00:00
Dr. Stephen Henson
6c9cd652f7 Link _chkstk.o from FIPSLIB_D. 2006-04-07 00:04:37 +00:00
Richard Levitte
dd4263d906 Change chop to chomp when reading lines, so CRLF is properly processed on 
the operating systems where they are the normal line endings
 2006-04-03 09:15:27 +00:00
Dr. Stephen Henson
f4e43726a8 Check flag before calling FIPS_dsa_check(). 2006-03-31 22:44:20 +00:00
Dr. Stephen Henson
6fa6e3e2df Flag to allow use of DSA_METHOD in FIPS mode. 2006-03-31 17:09:46 +00:00
Dr. Stephen Henson
fcdf1d3fc7 Update build system to make use of validated module in FIPS mode. 2006-03-28 12:10:37 +00:00
Nils Larsch
e0fe7abeec apply fixes from the cvs head 2006-03-14 09:07:06 +00:00
Dr. Stephen Henson
e8518f847e Check EVP_DigestInit return value in EVP_BytesToKey() and use supported 
algorithm in PKCS12_create in FIPS mode.
 2006-03-01 21:15:24 +00:00
Nils Larsch
8299069b8e force C locale when using [a-z] in sed expressions 
PR: 1283
Submitted by: Mike Frysinger
 2006-03-01 19:52:39 +00:00
Nils Larsch
5dc96f40ce fix "#ifndef HZ" statement 
PR: 1287
 2006-02-28 20:15:56 +00:00
Richard Levitte
7775bf5564 I forgot to change fips to fips-1_0 in one place. That stopped the 
build completely.  Hopefully, things will work better now.
 2006-02-26 11:17:21 +00:00
Nils Larsch
a0a82def50 fix Intel Mac configuration; patch supplied by JP Szikora <szikora@icp.ucl.ac.be> 2006-02-25 12:01:25 +00:00
Richard Levitte
9a2c519d4b Oops, forgot to adapt the VMS build to the renamed directory. 2006-02-23 09:18:45 +00:00
Dr. Stephen Henson
f3fc016c08 Add entry for FIPSLIBDIR in Makefile.org 2006-02-08 00:58:01 +00:00