- Oct 28, 2014
-
-
Samuel Neves authored
Signed-off-by:
Kurt Roeckx <kurt@roeckx.be> Reviewed-by:
Emilia Käsper <emilia@openssl.org>
-
- Oct 21, 2014
-
-
Bodo Moeller authored
Reviewed-by:Rich Salz <rsalz@openssl.org>
-
Bodo Moeller authored
listed after TLS_FALLBACK_SCSV. RT: 3575 Reviewed-by: -
Kurt Roeckx authored
When we're configured with no-ssl3 and we receive an SSL v3 Client Hello, we set the method to NULL. We didn't used to do that, and it breaks things. This is a regression introduced in 62f45cc2 . Keep the old method since the code is not able to deal with a NULL method at this time. CVE-2014-3569, PR#3571 Reviewed-by:
-
- Oct 20, 2014
-
-
Tim Hudson authored
Reviewed-by:
Geoff Thorpe <geoff@openssl.org> (cherry picked from commit c882abd5)
-
- Oct 17, 2014
-
-
Andy Polyakov authored
Reviewed-by:
Dr Stephen Henson <steve@openssl.org> (cherry picked from commit 55c7a4cf)
-
Andy Polyakov authored
Reviewed-by:
Matt Caswell <matt@openssl.org> (cherry picked from commit 40155f40)
-
Kurt Cancemi authored
Reviewed-by:
Ben Laurie <ben@openssl.org> (cherry picked from commit 87d388c9)
-
- Oct 15, 2014
-
-
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by:Bodo Möller <bodo@openssl.org>
-
Geoff Thorpe authored
CVE-2014-3568 Reviewed-by:
-
Dr. Stephen Henson authored
CVE-2014-3567 Reviewed-by:
-
Bodo Moeller authored
Reviewed-by:Tim Hudson <tjh@openssl.org>
-
Tim Hudson authored
so the Win32 compile picks it up correctly. Reviewed-by:Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
Reviewed-by: -
Richard Levitte authored
The different -I compiler parameters will take care of the rest... Reviewed-by: -
Richard Levitte authored
Spaces were added in some strings for better readability. However, those spaces do not belong in file names, so when picking out the individual parts, remove the spaces Reviewed-by: -
Richard Levitte authored
algorithms MD2 and RC5 don't get built. Also, disable building the test apps in crypto/des and crypto/pkcs7, as they have no support at all. Reviewed-by: -
Richard Levitte authored
Reviewed-by: -
Richard Levitte authored
Make sure that disabling the MAYLOSEDATA3 warning is only done when the compiler supports it. Otherwise, there are warnings about it lacking everywhere, which is quite tedious to read through while trying to check for other warnings. Reviewed-by: -
Bodo Moeller authored
handling out of #ifndef OPENSSL_NO_DTLS1 section. Reviewed-by: -
Bodo Moeller authored
Reviewed-by:Steve Henson <steve@openss.org>
-
Bodo Moeller authored
Reviewed-by:
-
- Oct 06, 2014
-
-
Matt Caswell authored
Patch supplied by Matthieu Patou <mat@matws.net>, and modified to also remove duplicate definition of PKCS7_type_is_digest. PR#3551 Reviewed-by:
-
- Sep 29, 2014
-
-
Dr. Stephen Henson authored
Reencode DigestInto in DER and check against the original: this will reject any improperly encoded DigestInfo structures. Note: this is a precautionary measure, there is no known attack which can exploit this. Thanks to Brian Smith for reporting this issue. Reviewed-by:
-
- Sep 25, 2014
-
-
Emilia Kasper authored
Accidentally omitted from commit 455b65df Reviewed-by:
Kurt Roeckx <kurt@openssl.org> (cherry picked from commit fdc35a9d)
-
- Sep 24, 2014
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
Andy Polyakov authored
RT: 3541 Reviewed-by:
-
Emilia Kasper authored
Do the final padding check in EVP_DecryptFinal_ex in constant time to avoid a timing leak from padding failure. Reviewed-by:
-
Emilia Kasper authored
(Original commit adb46dbc ) Use the new constant-time methods consistently in s3_srvr.c Reviewed-by:
-
Adam Langley authored
that bad encryptions are treated like random session keys in constant time. (cherry picked from commit adb46dbc ) Reviewed-by:
-
Emilia Kasper authored
Also tweak s3_cbc.c to use new constant-time methods. Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1 This patch is based on the original RT submission by Adam Langley <agl@chromium.org>, as well as code from BoringSSL and OpenSSL. Reviewed-by:
-
- Sep 21, 2014
-
-
Tim Hudson authored
that fixed PR#3450 where an existing cast masked an issue when i was changed from int to long in that commit Picked up on z/linux (s390) where sizeof(int)!=sizeof(long) Reviewed-by:
-
- Sep 05, 2014
-
-
Adam Langley authored
Fix a bug in handling of 128 byte long PSK identity in psk_client_callback. OpenSSL supports PSK identities of up to (and including) 128 bytes in length. PSK identity is obtained via the psk_client_callback, implementors of which are expected to provide a NULL-terminated identity. However, the callback is invoked with only 128 bytes of storage thus making it impossible to return a 128 byte long identity and the required additional NULL byte. This CL fixes the issue by passing in a 129 byte long buffer into the psk_client_callback. As a safety precaution, this CL also zeroes out the buffer before passing it into the callback, uses strnlen for obtaining the length of the identity returned by the callback, and aborts the handshake if the identity (without the NULL terminator) is longer than 128 bytes. (Original patch amended to achieve strnlen in a different way.) Reviewed-by:
-
- Sep 04, 2014
-
-
Adam Langley authored
(cherry picked from commit 2b0180c3 ) Reviewed-by:
-
- Sep 03, 2014
-
-
Richard Levitte authored
string returns 0 with errno = ENOENT. Reviewed-by:
Andy Polyakov <appro@openssl.org> (cherry picked from commit 360928b7)
-
Phil Mesnier authored
Reviewed-by:
-
- Sep 02, 2014
-
-
Emilia Kasper authored
"inline" without static is not correct as the compiler may choose to ignore it and will then either emit an external definition, or expect one. Reviewed-by:
-
