Loading CHANGES +14 −0 Original line number Diff line number Diff line Loading @@ -25,6 +25,20 @@ Changes between 0.9.7l and 0.9.7m [xx XXX xxxx] *) Cleanse PEM buffers before freeing them since they may contain sensitive data. [Benjamin Bennett <ben@psc.edu>] *) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that a ciphersuite string such as "DEFAULT:RSA" cannot enable authentication-only ciphersuites. [Bodo Moeller] *) Since AES128 and AES256 share a single mask bit in the logic of ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a kludge to work properly if AES128 is available and AES256 isn't. [Victor Duchovni] *) Expand security boundary to match 1.1.1 module. [Steve Henson] Loading LICENSE +1 −1 Original line number Diff line number Diff line Loading @@ -12,7 +12,7 @@ --------------- /* ==================================================================== * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions Loading README +1 −1 Original line number Diff line number Diff line OpenSSL 0.9.7m-dev xx XXX xxxx Copyright (c) 1998-2006 The OpenSSL Project Copyright (c) 1998-2007 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson All rights reserved. Loading crypto/pem/pem_lib.c +4 −1 Original line number Diff line number Diff line Loading @@ -577,6 +577,7 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data, } EVP_EncodeFinal(&ctx,buf,&outl); if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err; OPENSSL_cleanse(buf, PEM_BUFSIZE*8); OPENSSL_free(buf); buf = NULL; if ( (BIO_write(bp,"-----END ",9) != 9) || Loading @@ -585,8 +586,10 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data, goto err; return(i+outl); err: if (buf) if (buf) { OPENSSL_cleanse(buf, PEM_BUFSIZE*8); OPENSSL_free(buf); } PEMerr(PEM_F_PEM_WRITE_BIO,reason); return(0); } Loading crypto/pem/pem_pkey.c +1 −0 Original line number Diff line number Diff line Loading @@ -122,6 +122,7 @@ p8err: PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB); err: OPENSSL_free(nm); OPENSSL_cleanse(data, len); OPENSSL_free(data); return(ret); } Loading Loading
CHANGES +14 −0 Original line number Diff line number Diff line Loading @@ -25,6 +25,20 @@ Changes between 0.9.7l and 0.9.7m [xx XXX xxxx] *) Cleanse PEM buffers before freeing them since they may contain sensitive data. [Benjamin Bennett <ben@psc.edu>] *) Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that a ciphersuite string such as "DEFAULT:RSA" cannot enable authentication-only ciphersuites. [Bodo Moeller] *) Since AES128 and AES256 share a single mask bit in the logic of ssl/ssl_ciph.c, the code for masking out disabled ciphers needs a kludge to work properly if AES128 is available and AES256 isn't. [Victor Duchovni] *) Expand security boundary to match 1.1.1 module. [Steve Henson] Loading
LICENSE +1 −1 Original line number Diff line number Diff line Loading @@ -12,7 +12,7 @@ --------------- /* ==================================================================== * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions Loading
README +1 −1 Original line number Diff line number Diff line OpenSSL 0.9.7m-dev xx XXX xxxx Copyright (c) 1998-2006 The OpenSSL Project Copyright (c) 1998-2007 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson All rights reserved. Loading
crypto/pem/pem_lib.c +4 −1 Original line number Diff line number Diff line Loading @@ -577,6 +577,7 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data, } EVP_EncodeFinal(&ctx,buf,&outl); if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err; OPENSSL_cleanse(buf, PEM_BUFSIZE*8); OPENSSL_free(buf); buf = NULL; if ( (BIO_write(bp,"-----END ",9) != 9) || Loading @@ -585,8 +586,10 @@ int PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data, goto err; return(i+outl); err: if (buf) if (buf) { OPENSSL_cleanse(buf, PEM_BUFSIZE*8); OPENSSL_free(buf); } PEMerr(PEM_F_PEM_WRITE_BIO,reason); return(0); } Loading
crypto/pem/pem_pkey.c +1 −0 Original line number Diff line number Diff line Loading @@ -122,6 +122,7 @@ p8err: PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB); err: OPENSSL_free(nm); OPENSSL_cleanse(data, len); OPENSSL_free(data); return(ret); } Loading
