Commits · 49270d0431809e3a633ee865d73f0d7af89f9302 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Jun 01, 2014
- Set default global mask to UTF8 only. · 49270d04
  Dr. Stephen Henson authored Jun 01, 2014
```
(cherry picked from commit 3009244d)
```
  49270d04
- Allocate extra space when NETSCAPE_HANG_BUG defined. · 673c42b2
  David Ramos authored Jun 01, 2014
```
Make sure there is an extra 4 bytes for server done message when
NETSCAPE_HANG_BUG is defined.

PR#3361
```
  673c42b2
- Initialise alg. · 5541b18b
  David Ramos authored Jun 01, 2014
```
PR#3313
(cherry picked from commit 7e2c6f7e)
```
  5541b18b
May 31, 2014
- Use correct digest when exporting keying material. · 28e117f4
  Dr. Stephen Henson authored May 30, 2014
```
PR#3319
(cherry picked from commit 84691390eae86befd33c83721dacedb539ae34e6)
```
  28e117f4
- Don't compile heartbeat test code on Windows (for now). · 46bfc054
  Dr. Stephen Henson authored May 30, 2014
```
(cherry picked from commit 2c575907d2c8601a18716f718ce309ed4e1f1783)
```
  46bfc054
May 30, 2014

add description of -attime to man page · 427a37ca

Hubert Kario authored Sep 12, 2013

the verify app man page didn't describe the usage of attime option
even though it was listed as a valid option in the -help message.

This patch fixes this omission.

427a37ca

add description of -no_ecdhe option to s_server man page · 39ae3b33

Hubert Kario authored Sep 10, 2013

While the -help message references this option, the man page
doesn't mention the -no_ecdhe option.
This patch fixes this omission.

39ae3b33

May 29, 2014
- Set version number correctly. · 48f5b3ef
  Dr. Stephen Henson authored May 29, 2014
```
PR#3249
(cherry picked from commit 8909bf20269035d295743fca559207ef2eb84eb3)
```
  48f5b3ef
- Fix memory leak. · f8dc0006
  František Bořánek authored May 29, 2014
```
PR#3278
(cherry picked from commit de56fe797081fc09ebd1add06d6e2df42a324fd5)
```
  f8dc0006
- remove duplicate 0x for default RSASSA-PSS salt len · bf8d6f9a
  Martin Kaiser authored May 28, 2014
```
(cherry picked from commit 3820fec3a09faecba7fe9912aa20ef7fcda8337b)
```
  bf8d6f9a
May 27, 2014
- Fix for test_bn regular expression to work on Windows using MSYS. PR#3346 · 17e844a4
  Peter Mosmans authored May 27, 2014
  
  17e844a4
May 26, 2014
- Fixed Windows compilation failure · 8ca7d124
  Matt Caswell authored May 27, 2014
  
  8ca7d124
May 25, 2014
- Fixed error in args for SSL_set_msg_callback and SSL_set_msg_callback_arg · 67b9c82e
  Matt Caswell authored May 25, 2014
  
  67b9c82e
May 24, 2014
- Fix for non compilation with TLS_DEBUG defined · a6f5b991
  Matt Caswell authored May 24, 2014
  
  a6f5b991
May 22, 2014
- Fix heartbeat_test for -DOPENSSL_NO_HEARTBEATS · 756587dc
  Mike Bland authored May 22, 2014
```
Replaces the entire test with a trivial implementation when
OPENSSL_NO_HEARTBEATS is defined.
```
  756587dc
May 21, 2014
- Fixed minor copy&paste error, and stray space causing rendering problem · 0a084f7b
  Matt Caswell authored May 22, 2014
  
  0a084f7b
- Fix for PKCS12_create if no-rc2 specified. · da0a95b2
  Dr. Stephen Henson authored May 21, 2014
```
Use triple DES for certificate encryption if no-rc2 is
specified.

PR#3357
(cherry picked from commit 4689c08453e95eeefcc88c9f32dc6e509f95caff)
```
  da0a95b2
- Change default cipher in smime app to des3. · 599fe418
  Dr. Stephen Henson authored May 21, 2014
```
PR#3357
(cherry picked from commit ca3ffd9670f2b589bf8cc04923f953e06d6fbc58)
```
  599fe418
May 20, 2014
- For portability use BUF_strndup instead of strndup. · 4519e7b8
  Dr. Stephen Henson authored May 20, 2014
```
(cherry picked from commit dcca7b13)
```
  4519e7b8
May 19, 2014
- Fix a wrong parameter count ERR_add_error_data · 4659b53e
  Janpopan authored May 04, 2014
  
  4659b53e
- Merge branch 'mbland-heartbeat-test-1.0.1' into OpenSSL_1_0_1-stable · dc22495d
  Ben Laurie authored May 19, 2014
  
  dc22495d
- Unit/regression test for TLS heartbeats. · ab0d9642
  Mike Bland authored Apr 16, 2014
```
Regression test against CVE-2014-0160 (Heartbleed).

More info: http://mike-bland.com/tags/heartbleed.html

(based on commit 35cb55988b75573105eefd00d27d0138eebe40b1)
```
  ab0d9642
- Allow the maximum value. · dac3654e
  Ben Laurie authored May 19, 2014
  
  dac3654e
- Fix signed/unsigned warning. · 989d87cb
  Ben Laurie authored May 19, 2014
  
  989d87cb
May 15, 2014
- Moved note about lack of support for AEAD modes out of BUGS section to... · d6934a02
  Matt Caswell authored May 15, 2014
```
Moved note about lack of support for AEAD modes out of BUGS section to SUPPORTED CIPHERS section (bug has been fixed, but still no support for AEAD)
```
  d6934a02
- Enc doesn't support AEAD ciphers. · f9986e9a
  Dr. Stephen Henson authored May 15, 2014
  
  f9986e9a
May 14, 2014
- Fix grammar error in verify pod. PR#3355 · 1f5e321e
  Jeffrey Walton authored May 14, 2014
  
  1f5e321e
- Add information to BUGS section of enc documentation. PR#3354 · b6adb6ef
  Jeffrey Walton authored May 14, 2014
  
  b6adb6ef
- Corrected POD syntax errors. PR#3353 · bfdaf451
  Michal Bozon authored May 14, 2014
  
  bfdaf451
May 12, 2014
- Check sk_SSL_CIPHER_num() after assigning sk. · 69526a35
  Kurt Roeckx authored May 12, 2014
  
  69526a35
- Correct the return type on the signature for X509_STORE_CTX_get_ex_data given in the pod file. · 778f2b64
  Jean-Paul Calderone authored Apr 02, 2014
  
  778f2b64
- Replace manual ASN1 decoder with ASN1_get_object · 2223317b
  Serguei E. Leontiev authored May 11, 2014
```
Replace manual ASN.1 decoder with ASN1_get object. This
will decode the tag and length properly and check against
it does not exceed the supplied buffer length.

PR#3335
(cherry picked from commit b0308dddd1cc6a8e1de803ef29ba6da25ee072c2)
```
  2223317b
May 11, 2014
- Fixed NULL pointer dereference. See PR#3321 · b107586c
  Matt Caswell authored May 12, 2014
  
  b107586c
- Set authkey to NULL and check malloc return value. · d5447553
  Kurt Roeckx authored May 01, 2014
  
  d5447553
- dgram_sctp_ctrl: authkey memory leak · 88398e9b
  Martin Brejcha authored May 01, 2014
```
PR: 3327
```
  88398e9b
- Avoid out-of-bounds write in SSL_get_shared_ciphers · 15c1ac03
  Günther Noack authored May 01, 2014
```
PR: 3317
```
  15c1ac03
- Fix infinite loop. PR#3347 · c3c6fc78
  Viktor Dukhovni authored May 11, 2014
  
  c3c6fc78
- safety check to ensure we dont send out beyond the users buffer · 4d8cca8a
  Tim Hudson authored May 11, 2014
  
  4d8cca8a
May 09, 2014

Return an error if no recipient type matches. · d61be855

Dr. Stephen Henson authored May 08, 2014

If the key type does not match any CMS recipient type return
an error instead of using a random key (MMA mitigation). This
does not leak any useful information to an attacker.

PR#3348

d61be855

May 08, 2014
- coverity 966576 - close socket in error path · 9e456a85
  Tim Hudson authored May 05, 2014
  
  9e456a85