generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
8,438 Commits 16 Branches 258 Tags
Commit Graph

4126 Commits

Author SHA1 Message Date
Mark J. Cox
b213966415 Introduce limits to prevent malicious keys being able to 
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
 2006-09-28 11:53:51 +00:00
Dr. Stephen Henson
4ebd255a5b Fix from head. 2006-09-22 17:06:51 +00:00
Bodo Möller
d9d294463e Ensure that the addition mods[i]+delta cannot overflow in probable_prime(). 
[Problem pointed out by Adam Young <adamy (at) acm.org>]
 2006-09-19 10:00:29 +00:00
Bodo Möller
c2293d2e9a make consistent with 0.9.8-branch version of this file 2006-09-06 06:41:32 +00:00
Mark J. Cox
60bee5d44c Bump for 0.9.7l-dev 2006-09-05 08:38:12 +00:00
Mark J. Cox
975a7a483f Prepare 0.9.7k release 2006-09-05 08:34:07 +00:00
Mark J. Cox
ffa0407233 Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher 
(CVE-2006-4339)  [Ben Laurie and Google Security Team]

Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
 2006-09-05 08:24:14 +00:00
Dr. Stephen Henson
6f414aef0e Update from HEAD. 2006-08-31 20:11:30 +00:00
Dr. Stephen Henson
0f562e2a2c Fix from HEAD. 2006-07-09 12:05:10 +00:00
Bodo Möller
feee55c65d use <poll.h> as by Single Unix Specification 2006-06-30 08:15:13 +00:00
Bodo Möller
81edd235b1 always read if we can't use select because of a too large FD 
(it's non-blocking mode anyway)
 2006-06-28 14:49:39 +00:00
Andy Polyakov
23c13189e9 Mitigate the hazard of cache-collision timing attack on last round 
[from HEAD].
 2006-06-28 08:57:22 +00:00
Richard Levitte
bdd00f8c8a Use poll() when possible to gather Unix randomness entropy 2006-06-27 06:31:48 +00:00
Richard Levitte
e4a901b0b3 Synchronise with the Unix build 2006-06-21 05:08:36 +00:00
Dr. Stephen Henson
e25a2423da Place hex_to_string and string_to_hex in separate source file to avoid 
dragging in extra dependencies when just these functions are used.
 2006-06-20 18:06:40 +00:00
Bodo Möller
094c6aa51d Thread-safety fixes 2006-06-16 01:01:34 +00:00
Bodo Möller
019a63f9c9 Thread-safety fixes 2006-06-14 08:50:11 +00:00
Dr. Stephen Henson
0be0592ec4 Fix from HEAD. 2006-05-17 18:20:53 +00:00
Dr. Stephen Henson
a6fb8a8203 Update for next dev version. 2006-05-04 13:08:01 +00:00
Dr. Stephen Henson
d26d236162 Prepare for release 2006-05-04 12:52:59 +00:00
Dr. Stephen Henson
daaca57e55 Use new fips-1.0 directory in error library. 2006-05-04 12:09:04 +00:00
Dr. Stephen Henson
d4e81773cc Check pbe2->keyfunc->parameter is not NULL before dereferencing. 
PR: 1316
 2006-04-15 17:42:46 +00:00
Dr. Stephen Henson
f4e43726a8 Check flag before calling FIPS_dsa_check(). 2006-03-31 22:44:20 +00:00
Dr. Stephen Henson
6fa6e3e2df Flag to allow use of DSA_METHOD in FIPS mode. 2006-03-31 17:09:46 +00:00
Nils Larsch
e0fe7abeec apply fixes from the cvs head 2006-03-14 09:07:06 +00:00
Dr. Stephen Henson
e8518f847e Check EVP_DigestInit return value in EVP_BytesToKey() and use supported 
algorithm in PKCS12_create in FIPS mode.
 2006-03-01 21:15:24 +00:00
Nils Larsch
5dc96f40ce fix "#ifndef HZ" statement 
PR: 1287
 2006-02-28 20:15:56 +00:00
Dr. Stephen Henson
3c1ee6c147 Fix from HEAD. 2006-02-04 01:50:41 +00:00
Dr. Stephen Henson
a13e6553ad Fix from HEAD. 2006-02-04 01:27:52 +00:00
Nils Larsch
0b51beff26 fix if statement: call conn_state() if the BIO is not in the BIO_CONN_S_OK state 2006-02-02 22:29:55 +00:00
Dr. Stephen Henson
0a2466a08d Fix from head. 2006-01-31 18:38:06 +00:00
Andy Polyakov
ed457c6e1c Replace detached signature with in-core fingerprinting. 2006-01-21 14:01:30 +00:00
Dr. Stephen Henson
c1e67d9856 Correctly encode FALSE for BOOL in ASN1_TYPE. 2006-01-19 17:19:43 +00:00
Richard Levitte
e886317f9b Forgot to initialize CC6DISABLEWARNINGS properly... 2006-01-11 18:55:19 +00:00
Richard Levitte
015d162d41 Typo... 2006-01-11 13:31:12 +00:00
Richard Levitte
211ce24020 Disable the Mixed Linkage warning for some selected modules. This is 
because the Compaq C compiler will not accept that a variable be
declared extern then defined static without a warning.
 2006-01-09 19:22:51 +00:00
Bodo Möller
8750e911f1 Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts) 2006-01-08 19:33:31 +00:00
Dr. Stephen Henson
2d96867e30 Backport of zlib fixes to 0.9.7. 2005-12-10 13:36:13 +00:00
Andy Polyakov
4c80a153cb bn/asm/sparcv8plus.S update from HEAD. 2005-11-15 08:04:42 +00:00
Richard Levitte
2f4d5c6542 After release. 2005-10-14 22:43:18 +00:00
Richard Levitte
deab8d9392 Time for release of 0.9.7i. 
The tag will be OpenSSL_0_9_7i
 2005-10-14 22:15:53 +00:00
Andy Polyakov
c12ba74f1d Fix typo in evp.h. 2005-10-12 20:39:22 +00:00
Andy Polyakov
c892524146 Retain binary compatibility between 0.9.7h and 0.9.7g. 2005-10-11 19:12:24 +00:00
Mark J. Cox
49a305e7ef Bump after tagging for 0.9.7h release 2005-10-11 10:14:27 +00:00
Mark J. Cox
a40916cbba Add fixes for CAN-2005-2969 
Bump release ready for OpenSSL_0_9_7h tag
 2005-10-11 10:10:05 +00:00
Richard Levitte
5905787c6d Change a comment so it corresponds to reality. Put back a character that 
was previously replaced with a NUL for parsing purposes.  This seems to
fix a very weird parsing bug involving two variable references in the same
value.
 2005-09-28 18:02:52 +00:00
Andy Polyakov
cd029eb6f0 Proper solution to nasm compilation problems in Borland context. 2005-09-20 06:21:39 +00:00
Nils Larsch
a21ce67a63 bugfix: register engine as default engine in ENGINE_set_default_DSA 
Submitted by: Jonathon Green
 2005-09-09 07:53:39 +00:00
Nils Larsch
e2f0d879b1 fix typo in sbgp names 
PR: 1194
 2005-09-02 21:22:08 +00:00
Nils Larsch
017f35edba fix potential memory leak + improved error checking 
PR: 1182
 2005-08-05 14:39:11 +00:00