Commits · 259ac68aeb9261a96071677e9c164980f654d8de · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Aug 17, 2014
- do_ext_i2d: free ext_der or ext_oct on error path · 259ac68a
  Jonas Maebe authored Dec 08, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  259ac68a
- do_othername: check for NULL after allocating objtmp · 54298141
  Jonas Maebe authored Dec 08, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  54298141
- NETSCAPE_SPKI_b64_encode: free der_spki and b64_str on error path · f6983d0d
  Jonas Maebe authored Dec 08, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
  f6983d0d
- get_cert_by_subject: check for NULL when allocating hent · 254f1c80
  Jonas Maebe authored Dec 08, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
  254f1c80
- UI_construct_prompt: check for NULL when allocating prompt · fb7fbf28
  Jonas Maebe authored Dec 08, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
  fb7fbf28
- hashbn: check for NULL result when allocating bin and return an error if it... · ba494ee5
  Jonas Maebe authored Dec 08, 2013
```
hashbn: check for NULL result when allocating bin and return an error if it fails all (in)direct callers of hashbn: propagate potential error in hashbn

Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
  ba494ee5
- JPAKE_CTX_new: check for NULL result when allocating ctx · 462319c3
  Jonas Maebe authored Dec 08, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
  462319c3
- old_hmac_encode: check for NULL result when allocating *pder · 34374c2d
  Jonas Maebe authored Dec 08, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  34374c2d
- dev_crypto_md5_copy: return error if allocating to_md->data fails · 6f77f82b
  Jonas Maebe authored Dec 08, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  6f77f82b
- dev_crypto_md5_update: check result of realloc(md_data->data) and don't leak memory if it fails · 771e0c6c
  Jonas Maebe authored Dec 08, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  771e0c6c
- dev_crypto_cipher: return immediately if allocating cin/cout failed · d8513b4a
  Jonas Maebe authored Dec 08, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  d8513b4a
- dev_crypto_init_key: return error if allocating CDATA(ctx)->key failed · c84029db
  Jonas Maebe authored Dec 08, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  c84029db
Aug 15, 2014

Add support for Camellia HMAC-Based cipher suites from RFC6367 · 75048789

Hubert Kario authored Jul 23, 2014



While RFC6367 focuses on Camellia-GCM cipher suites, it also adds a few
cipher suites that use SHA-2 based HMAC that can be very easily
added.

Tested against gnutls 3.3.5

PR#3443

Reviewed-by: Tim Hudson <tjh@openssl.org>

75048789

Fixed out-of-bounds read errors in ssl3_get_key_exchange. · f2be92b9
Matt Caswell authored Jul 26, 2014
```
PR#3450

Reviewed-by: Emilia Käsper <emilia@openssl.org>
```
f2be92b9

RT2751: Declare get_issuer_sk() earlier. · c9a81b30

Rich Salz authored Aug 15, 2014



Add a declaration for get_issuer_sk() so that other
functions in x509_vf.c could use it.  (Planned work
around cross-certification chains.)
Reviewed-by: Kurt Roeckx <kurt@openssl.org>

c9a81b30

cryptodev_digest_copy: return error if allocating dstate->mac_data fails · d6f69ae5
Jonas Maebe authored Dec 08, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
d6f69ae5
cryptodev_digest_update: don't leak original state->mac_data if realloc fails · 349e6b2b
Jonas Maebe authored Dec 08, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
349e6b2b
cms_SignerInfo_content_sign: free sig on failure path · 36f7ed50
Jonas Maebe authored Dec 08, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
36f7ed50
rtcp_new: return failure if allocation of bi->ptr failed · 4e64f671
Jonas Maebe authored Dec 08, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
4e64f671
multi_split: check for NULL when allocating parts and bpart, and for failure of sk_BIO_push() · 1c4b688c
Jonas Maebe authored Dec 09, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
1c4b688c
BIO_new_dgram_sctp, dgram_sctp_read: zero entire authchunks · bd4acbc7
Jonas Maebe authored Dec 05, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
bd4acbc7

mime_hdr_addparam: free tmpname, tmpval and mparam on error path, and check... · 89572788

Jonas Maebe authored Dec 03, 2013

mime_hdr_addparam: free tmpname, tmpval and mparam on error path, and check whether sk_MIME_PARAM_push succeeds

Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

89572788

mime_hdr_new: free mhdr, tmpname, tmpval on error path · 15297d96
Jonas Maebe authored Dec 03, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
15297d96
ASN1_verify, ASN1_item_verify: cleanse and free buf_in on error path · c9c63b01
Jonas Maebe authored Dec 02, 2013
```
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
c9c63b01

SetBlob: free rgSetBlob on error path · b9b9f853

Jonas Maebe authored Dec 02, 2013



Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

b9b9f853

Fix use after free bug. · 86588655

Istvan Noszticzius authored Aug 15, 2014



Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>

86588655

RT783: Minor optimization to ASN1_INTEGER_set · c753e71e

Frdric Giudicelli authored Aug 14, 2014



Remove local variable and avoid extra assignment.

Reviewed-by: Emilia Kasper <emilia@silkandcyanide.net>

c753e71e

RT2465: Silence some gcc warnings · cf8bac44

Rob Austein authored Aug 15, 2014



"Another machine, another version of gcc, another batch
of compiler warnings."  Add "=NULL" to some local variable
declarations that are set by passing thier address into a
utility function; confuses GCC it might not be set.

Reviewed-by: Emilia Käsper <emilia@silkandcyanide.net>

cf8bac44

RT3023: Redundant logical expressions · 01e438f2

Hans Wennborg authored Aug 15, 2014



Remove some redundant logical expressions

Reviewed-by: Emilia Kasper <emilia@silkandcyanide.net>

01e438f2

Merge branch 'master' of git.openssl.org:openssl · 5effa356
Rich Salz authored Aug 15, 2014

5effa356

RT3268: Fix spelling errors in CHANGES file. · 14e96192

Claus Assmann authored Aug 15, 2014



Fix a bunch of typo's and speling (sic) errors in the CHANGES file.

Reviewed-by: Tim Hudson <tjh@cryptsoft.com>

14e96192

Revision of custom extension code. · b83294fe

Dr. Stephen Henson authored Aug 05, 2014



Move custom extension structures from SSL_CTX to CERT structure.

This change means the form can be revised in future without binary
compatibility issues. Also since CERT is part of SSL structures
so per-SSL custom extensions could be supported in future as well as
per SSL_CTX.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>

b83294fe

Include error messages on extension check failure. · 06f5d12f
Dr. Stephen Henson authored Aug 11, 2014
```
Reviewed-by: Emilia Käsper <emilia@openssl.org>
```
06f5d12f

Aug 14, 2014
- make depend · f0ca9cca
  Emilia Kasper authored Aug 14, 2014
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
  f0ca9cca
Aug 13, 2014

Further improve/fix ec_GFp_simple_points_make_affine (ecp_smpl.c) and · 16602b5c
Bodo Moeller authored Aug 13, 2014
```
group_order_tests (ectest.c).  Also fix the EC_POINTs_mul documentation (ec.h).

Reviewed-by:  <emilia@openssl.org>
```
16602b5c

RT1665: Fix podpath to get xref's right · 690a2b1f

Matt Caswell authored Aug 13, 2014



In Makefile, when build manpages, put the current directory
at the start of the podpath so that cross-refs find the
local directory first.

Reviewed-by: Tim Hudson <tjh@cryptosoft.com>

690a2b1f

Aug 12, 2014

RT3239: Extra comma in NAME lines of two manpages · bebbb11d

Ingo Schwarze authored Aug 12, 2014

In two OpenSSL manual pages, in the NAME section, the last word of the
name list is followed by a stray trailing comma. While this may seem
minor, it is worth fixing because it may confuse some makewhatis(8)
implementations.

While here, also add the missing word "size" to the one line
description in SSL_CTX_set_max_cert_list(3).

Reviewed by: Dr Stephen Henson <shenson@drh-consultancy.co.uk>

bebbb11d

Merge branch 'master' of git.openssl.org:openssl · 1c5be3d7
Rich Salz authored Aug 12, 2014

1c5be3d7
PR 719: Configure not exiting with child status · cde8ad1a
nnposter@users.sourceforge.net authored Aug 11, 2014
```
If subcommand fails, just die.
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
```
cde8ad1a
PR 718: Configure not exiting with child status · 16caa9a4
nnposter@users.sourceforge.net authored Aug 11, 2014
```
If subcommand fails, just die.
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
```
16caa9a4