Commits · 2514fa79acba998c2a8d4e5a8288a5b3ae990377 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Mar 28, 2014

Add functions returning security bits. · 2514fa79

Dr. Stephen Henson authored Jan 18, 2014

Add functions to return the "bits of security" for various public key
algorithms. Based on SP800-57.

2514fa79

Mar 27, 2014

Fix memory leak with client auth. · 4563da1d
Dr. Stephen Henson authored Mar 27, 2014
```
(cherry picked from commit bc5ec653ba65fedb1619c8182088497de8a97a70)
```
4563da1d
Add -no_resumption_on_reneg to SSL_CONF. · f0ef019d
Dr. Stephen Henson authored Mar 27, 2014
```
(cherry picked from commit 1f44dac2)
```
f0ef019d

Update chain building function. · e970f63d

Dr. Stephen Henson authored Mar 27, 2014

Don't clear verification errors from the error queue unless
SSL_BUILD_CHAIN_FLAG_CLEAR_ERROR is set.

If errors occur during verification and SSL_BUILD_CHAIN_FLAG_IGNORE_ERROR
is set return 2 so applications can issue warnings.
(cherry picked from commit 2dd6976f6d02f98b30c376951ac38f780a86b3b5)

e970f63d

Mar 24, 2014
- Allow duplicate certs in ssl_build_cert_chain · 7c5718be
  Emilia Kasper authored Mar 24, 2014
  
  7c5718be
Mar 19, 2014

Workaround for some CMS signature formats. · 3a98f9cf

Dr. Stephen Henson authored Mar 19, 2014

Some CMS SignedData structure use a signature algorithm OID such
as SHA1WithRSA instead of the RSA algorithm OID. Workaround this
case by tolerating the signature if we recognise the OID.

3a98f9cf

Mar 18, 2014
- Retry callback only after ClientHello received. · f04665a6
  Piotr Sikora authored Mar 18, 2014
  
  f04665a6
Mar 12, 2014

Update ordinals. · 14c67a70

Dr. Stephen Henson authored Mar 12, 2014

Use a previously unused value as we will be updating multiple released
branches.
(cherry picked from commit 0737acd2a8cc688902b5151cab5dc6737b82fb96)

14c67a70

Fix for CVE-2014-0076 · f9b6c0ba

Dr. Stephen Henson authored Mar 12, 2014

Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
http://eprint.iacr.org/2014/140

Thanks to Yuval Yarom and Naomi Benger for discovering this
flaw and to Yuval Yarom for supplying a fix.
(cherry picked from commit 2198be34)

Conflicts:

	CHANGES

f9b6c0ba

Mar 10, 2014
- typo · a029788b
  Dr. Stephen Henson authored Mar 10, 2014
  
  a029788b
- Simplify ssl_add_cert_chain logic. · d628885e
  Dr. Stephen Henson authored Mar 09, 2014
  
  d628885e
Mar 07, 2014

Remove -WX option from debug-VC-WIN32 · ab0f8804
Dr. Stephen Henson authored Mar 07, 2014
```
(cherry picked from commit 7a3e67f029969620966b8a627b8485d83692cca5)
```
ab0f8804
engines/ccgost/gosthash.c: simplify and avoid SEGV. · ea38f020
Andy Polyakov authored Mar 07, 2014
```
PR: 3275
```
ea38f020

SPARC T4 assembly pack: treat zero input length in CBC. · 5e44c144

Andy Polyakov authored Mar 07, 2014

The problem is that OpenSSH calls EVP_Cipher, which is not as
protective as EVP_CipherUpdate. Formally speaking we ought to
do more checks in *_cipher methods, including rejecting
lengths not divisible by block size (unless ciphertext stealing
is in place). But for now I implement check for zero length in
low-level based on precedent.

PR: 3087, 2775

5e44c144

Mar 06, 2014
- dh_check.c: check BN_CTX_get's return value. · 53e51612
  Andy Polyakov authored Mar 06, 2014
  
  53e51612
- test/Makefile: allow emulated test (e.g. under wine). · 687403fb
  Andy Polyakov authored Mar 06, 2014
```
Submitted by: Roumen Petrov
```
  687403fb
- bss_dgram.c,d1_lib.c: make it compile with mingw. · 972b0dc3
  Andy Polyakov authored Mar 06, 2014
```
Submitted by: Roumen Petrov
```
  972b0dc3
Mar 03, 2014
- For self signed root only indicate one error. · 315cd871
  Dr. Stephen Henson authored Mar 03, 2014
```
(cherry picked from commit bdfc0e284c89dd5781259cc19aa264aded538492)
```
  315cd871
Mar 01, 2014

PKCS#8 support for alternative PRFs. · 5693a308

Dr. Stephen Henson authored Feb 28, 2014

Add option to set an alternative to the default hmacWithSHA1 PRF
for PKCS#8 private key encryptions. This is used automatically
by PKCS8_encrypt if the nid specified is a PRF.

Add option to pkcs8 utility.

Update docs.
(cherry picked from commit b60272b0)

5693a308

Fix memory leak. · 01757858
Dr. Stephen Henson authored Feb 28, 2014
```
(cherry picked from commit 124d218889dfca33d277404612f1319afe04107e)
```
01757858

Add function to free compression methods. · db7b5e0d

Dr. Stephen Henson authored Feb 28, 2014

Although the memory allocated by compression methods is fixed and
cannot grow over time it can cause warnings in some leak checking
tools. The function SSL_COMP_free_compression_methods() will free
and zero the list of supported compression methods. This should
*only* be called in a single threaded context when an application
is shutting down to avoid interfering with existing contexts
attempting to look up compression methods.
(cherry picked from commit 976c5830)

db7b5e0d

Feb 28, 2014
- Makefile.org: fix syntax error on Solaris. · 65370f9b
  Andy Polyakov authored Feb 28, 2014
```
PR: 3271
```
  65370f9b
Feb 27, 2014
- Configure: mark unixware target as elf-1. · 4ca02656
  Andy Polyakov authored Feb 27, 2014
  
  4ca02656
- perlasm/x86asm.pl: recognize elf-1 denoting old ELF platforms. · b62a4a1c
  Andy Polyakov authored Feb 27, 2014
  
  b62a4a1c
- perlasm/x86gas.pl: limit special OPENSSL_ia32cap_P treatment to ELF. · ce876d83
  Andy Polyakov authored Feb 27, 2014
  
  ce876d83
- rc4/asm/rc4-586.pl: allow for 386-only build. · f861b1d4
  Andy Polyakov authored Feb 27, 2014
  
  f861b1d4
- des/asm/des-586.pl: shortcut reference to DES_SPtrans. · fd361a67
  Andy Polyakov authored Feb 27, 2014
  
  fd361a67
Feb 26, 2014
- CABForum EV OIDs for Subject Jurisdiction of Incorporation or Registration. · 52f71f81
  Rob Stradling authored Feb 25, 2014
  
  52f71f81
- Fix for WIN32 builds with KRB5 · 031ea2d1
  Dr. Stephen Henson authored Feb 26, 2014
```
(cherry picked from commit 3eddd1706a30cdf3dc9278692d8ee9038eac8a0d)
```
  031ea2d1
- sha/asm/sha256-586.pl: don't try to compile SIMD with no-sse2. · d49135e7
  Andy Polyakov authored Feb 26, 2014
  
  d49135e7
- sha/asm/sha512-x86_64.pl: fix compilation error on Solaris. · 147cca8f
  Andy Polyakov authored Feb 26, 2014
  
  147cca8f
- Configure: blended processor target in solaris-x86-cc. · 7bb9d84e
  Andy Polyakov authored Feb 26, 2014
  
  7bb9d84e
Feb 25, 2014
- ssl/t1_enc.c: check EVP_MD_CTX_copy return value. · 03da57fe
  Andy Polyakov authored Feb 25, 2014
```
PR: 3201
```
  03da57fe
- aes/asm/vpaes-ppc.pl: fix traceback info. · e704741b
  Andy Polyakov authored Feb 25, 2014
  
  e704741b
- Don't use BN_ULLONG in n2l8 use SCTS_TIMESTAMP. · e0520c65
  Dr. Stephen Henson authored Feb 25, 2014
```
(cherry picked from commit 3678161d)
```
  e0520c65
- Fix for v3_scts.c · 3a325c60
  Dr. Stephen Henson authored Feb 25, 2014
```
Not all platforms define BN_ULLONG. Define SCTS_TIMESTAMP as a type
which should work on all platforms.
(cherry picked from commit 66344167)
```
  3a325c60
- Add -show_chain option to print out verified chain. · 86a2f966
  Dr. Stephen Henson authored Feb 25, 2014
  
  86a2f966
- Avoid Windows 8 Getversion deprecated errors. · a4cc3c80
  Dr. Stephen Henson authored Feb 25, 2014
```
Windows 8 SDKs complain that GetVersion() is deprecated.

We only use GetVersion like this:

	(GetVersion() < 0x80000000)

which checks if the Windows version is NT based. Use a macro check_winnt()
which uses GetVersion() on older SDK versions and true otherwise.
```
  a4cc3c80
- Parse non-v1 SCTs less awkwardly. · 19f65ddb
  Rob Stradling authored Feb 25, 2014
  
  19f65ddb
Feb 24, 2014
- ms/do_win64a.bat: forward to NUL, not NUL:. · 63aff300
  Andy Polyakov authored Feb 24, 2014
```
Allegedly formwarding to NUL: sometimes creates NUL file in file
system.

PR: 3250
```
  63aff300