- Mar 11, 2015
-
-
Matt Caswell authored
Cleanse various intermediate buffers used by the PRF (backported version from master). Reviewed-by:
Richard Levitte <levitte@openssl.org> (cherry picked from commit 35fafc4d) Conflicts: ssl/s3_enc.c
-
- Mar 10, 2015
-
-
Emilia Kasper authored
Ensure all malloc failures return -1. Reported by Adam Langley (Google). Reviewed-by:
Matt Caswell <matt@openssl.org> (cherry picked from commit 06c6a2b4)
-
Richard Godbee authored
BIO_debug_callback() no longer assumes the hexadecimal representation of a pointer fits in 8 characters. Signed-off-by:
-
- Mar 09, 2015
-
-
Dmitry-Me authored
Signed-off-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
- Mar 08, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
New function ASN1_STRING_clear_free which cleanses an ASN1_STRING structure before freeing it. Call ASN1_STRING_clear_free on PKCS#8 private key components. Reviewed-by:
Rich Salz <rsalz@openssl.org> (cherry picked from commit a8ae0891)
-
Dr. Stephen Henson authored
Reviewed-by:
-
- Mar 07, 2015
-
-
Kurt Roeckx authored
They are moved to the COMPLEMENTOFDEFAULT instead. This also fixes SSLv2 to be part of COMPLEMENTOFDEFAULT. Reviewed-by:
-
- Mar 06, 2015
-
-
Matt Caswell authored
Make the output from mkerr.pl consistent with the newly reformatted code. Reviewed-by:
-
- Mar 05, 2015
-
-
Kurt Cancemi authored
This patch uses warning/fatal constants instead of numbers with comments for warning/alerts in d1_pkt.c and s3_pkt.c RT#3725 Reviewed-by:
-
Matt Caswell authored
Miscellaneous unchecked malloc fixes. Also fixed some mem leaks on error paths as I spotted them along the way. Reviewed-by:
Tim Hudson <tjh@openssl.org> (cherry picked from commit 918bb865) Conflicts: crypto/bio/bss_dgram.c Conflicts: apps/cms.c apps/s_cb.c apps/s_server.c apps/speed.c crypto/dh/dh_pmeth.c ssl/s3_pkt.c
-
- Mar 02, 2015
-
-
Dr. Stephen Henson authored
CVE-2015-0288 PR#3708 Reviewed-by:
-
Dr. Stephen Henson authored
The format script didn't correctly recognise some ASN.1 macros and didn't reformat some files as a result. Fix script and reformat affected files. Reviewed-by:
-
- Feb 27, 2015
-
-
Matt Caswell authored
Some Cisco appliances use a pre-standard version number for DTLS. We support this as DTLS1_BAD_VER within the code. This change fixes d2i_SSL_SESSION for that DTLS version. Based on an original patch by David Woodhouse <dwmw2@infradead.org> RT#3704 Reviewed-by: -
Matt Caswell authored
Added various missing return value checks in tls1_change_cipher_state. Reviewed-by: -
Matt Caswell authored
Fixed various missing return value checks in ssl3_send_newsession_ticket. Also a mem leak on error. Reviewed-by: -
Matt Caswell authored
This fixes another warning when config'd with no-ec Reviewed-by:Dr. Stephen Henson <steve@openssl.org>
-
Matt Caswell authored
This is a partial back port of commit 5b430cfc to remove a warning when compiling with no-ec. Reviewed-by:
-
- Feb 26, 2015
-
-
Matt Caswell authored
When OpenSSL is configured with no-ec, then the new evp_extra_test fails to pass. This change adds appropriate OPENSSL_NO_EC guards around the code. Reviewed-by:
-
- Feb 25, 2015
-
-
Matt Caswell authored
Reviewed-by:Emilia Käsper <emilia@openssl.org>
-
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Inspired by BoringSSL commit 517073cd4b by Eric Roman <eroman@chromium.org> CVE-2015-0209 Reviewed-by: -
Matt Caswell authored
called evp_test.c, so I have called this one evp_extra_test.c Reviewed-by:
-
- Feb 24, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
- Feb 22, 2015
-
-
Edgar Pek authored
Signed-off-by:
Kurt Roeckx <kurt@roeckx.be> Reviewed-by:
-
Kurt Roeckx authored
Reviewed-by:
-
Doug Hogan authored
Signed-off-by:
-
Richard Levitte authored
The previous defaulting to TERMIOS took away -DTERMIOS / -DTERMIO a bit too enthusiastically. Windows/DOSish platforms of all sorts get identified as OPENSSL_SYS_MSDOS, and they get a different treatment altogether UNLESS -DTERMIO or -DTERMIOS is explicitely given with the configuration. The answer is to restore those macro definitions for the affected configuration targets. Reviewed-by:
-
Richard Levitte authored
The rationale for this move is that TERMIOS is default, supported by POSIX-1.2001, and most definitely on Linux. For a few other systems, TERMIO may still be the termnial interface of preference, so we keep -DTERMIO on those in Configure. crypto/ui/ui_openssl.c is simplified in this regard, and will define TERMIOS for all systems except a select few exceptions. Reviewed-by:
-
- Feb 12, 2015
-
-
Rich Salz authored
Reviewed-by:
Andy Polyakov <appro@openssl.org> (cherry picked from commit 872f91c4)
-
Graeme Perrow authored
Reviewed-by:
-
Eric Dequin authored
Reviewed-by:
-
- Feb 09, 2015
-
-
Andy Polyakov authored
Reviewed-by:
-
Dr. Stephen Henson authored
Free up bio_err after memory leak data has been printed to it. In int_free_ex_data if ex_data is NULL there is nothing to free up so return immediately and don't reallocate it. Reviewed-by:
-
Andy Polyakov authored
Reviewed-by:
-
- Feb 06, 2015
-
-
Matt Caswell authored
Reviewed-by:
-
- Feb 05, 2015
-
-
Rich Salz authored
Reviewed-by:
-
