- Aug 17, 2016
-
-
Richard Levitte authored
Correct small error from last config.com change Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Aug 16, 2016
-
-
Matt Caswell authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org>
-
Matt Caswell authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org>
-
Matt Caswell authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org>
-
FdaSilvaYY authored
Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1461)
-
Gergely Nagy authored
The generated asm code from x86cpuid.pl contains CMOVE instructions which are only available on i686 and later CPUs. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1459)
-
Matt Caswell authored
These functions are no longer relevant to 1.1.0 (we always have auto ecdh on) - but no reason to break old code that tries to call it. The macros will only return a dummy "success" result if the app was trying to enable ecdh. Disabling can't be done in quite this way any more. Fixes Github Issue #1437 Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Matt Caswell authored
The read pipelining code broke constant time unpadding. See GitHub issue #1438 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
If -badsig is selected corrupt the signature before printing out any details so the output reflects the modified signature. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Deprecate the function ASN1_STRING_data() and replace with a new function ASN1_STRING_get0_data() which returns a constant pointer. Update library to use new function. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
David Woodhouse authored
Now we support (u)int64_t this can be very much simpler. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Emilia Kasper authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Modify VMS config.com to match Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Richard Levitte authored
Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
- Aug 15, 2016
-
-
Dr. Stephen Henson authored
Apply a limit to the maximum blob length which can be read in do_d2i_bio() to avoid excessive allocation. Thanks to Shi Lei for reporting this. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Check for error return in BN_div_word(). Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Dr. Stephen Henson authored
If an oversize BIGNUM is presented to BN_bn2dec() it can cause BN_div_word() to fail and not reduce the value of 't' resulting in OOB writes to the bn_data buffer and eventually crashing. Fix by checking return value of BN_div_word() and checking writes don't overflow buffer. Thanks to Shi Lei for reporting this bug. CVE-2016-2182 Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Tomas Mraz authored
The 64 bit pointer must not be cast to 32bit unsigned long on x32 platform. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Tomas Mraz authored
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Tomas Mraz authored
Add extra cast to unsigned long to avoid sign extension when converting pointer to 64 bit data. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Matt Caswell authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Matt Caswell authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Matt Caswell authored
Test that we handle a TLS ClientHello in an SSLv2 record correctly. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Matt Caswell authored
If we receive a non-initial record but the version number isn't right then we should send an alert. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Matt Caswell authored
Feedback on the previous SSLv2 ClientHello processing fix was that it breaks layering by reading init_num in the record layer. It also does not detect if there was a previous non-fatal warning. This is an alternative approach that directly tracks in the record layer whether this is the first record. GitHub Issue #1298 Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Rob Percival authored
Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1408)
-
Rob Percival authored
They may fail if they cannot increment the reference count of the certificate they are storing a pointer for. They should return 0 if this occurs. Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1408)
-
Rob Percival authored
Changes them to have clearer ownership semantics, as suggested in https://github.com/openssl/openssl/pull/1372#discussion_r73232196 . Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1408)
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Fix no-ec builds by having separate functions to create keys based on an existing EVP_PKEY and a curve id. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Aug 14, 2016
-
-
Jakub Zelenka authored
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1455)
-
- Aug 13, 2016
-
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-