- 05 Jan, 2015 2 commits
-
-
Kurt Roeckx authored
Reviewed-by:
Matt Caswell <matt@openssl.org> (cherry picked from commit 86edf13b)
-
Dr. Stephen Henson authored
According to X6.90 null, object identifier, boolean, integer and enumerated types can only have primitive encodings: return an error if any of these are received with a constructed encoding. Reviewed-by:
Emilia Käsper <emilia@openssl.org> (cherry picked from commit f5e4b6b5) Conflicts: crypto/asn1/asn1_err.c
-
- 17 Dec, 2014 1 commit
-
-
Emilia Kasper authored
Causes more problems than it fixes: even though error codes are not part of the stable API, several users rely on the specific error code, and the change breaks them. Conversely, we don't have any concrete use-cases for constant-time behaviour here. This reverts commit 1bb01b1b . Reviewed-by:
Andy Polyakov <appro@openssl.org>
-
- 11 Nov, 2014 1 commit
-
-
Kurt Roeckx authored
Reviewed-by:Richard Levitte <levitte@openssl.org>
-
- 29 Oct, 2014 1 commit
-
-
Andy Polyakov authored
Reviewed-by:
Stephen Henson <steve@openssl.org> (cherry picked from commit d45282fc)
-
- 28 Oct, 2014 1 commit
-
-
Samuel Neves authored
Signed-off-by:
Kurt Roeckx <kurt@roeckx.be> Reviewed-by:
-
- 21 Oct, 2014 4 commits
-
-
Bodo Moeller authored
Reviewed-by:Rich Salz <rsalz@openssl.org>
-
Bodo Moeller authored
listed after TLS_FALLBACK_SCSV. RT: 3575 Reviewed-by: -
Kurt Roeckx authored
Reviewed-by: -
Kurt Roeckx authored
When we're configured with no-ssl3 and we receive an SSL v3 Client Hello, we set the method to NULL. We didn't used to do that, and it breaks things. This is a regression introduced in 62f45cc2 . Keep the old method since the code is not able to deal with a NULL method at this time. CVE-2014-3569, PR#3571 Reviewed-by:
-
- 20 Oct, 2014 1 commit
-
-
Tim Hudson authored
Reviewed-by:Geoff Thorpe <geoff@openssl.org>
-
- 17 Oct, 2014 5 commits
-
-
Tim Hudson authored
so the Win32 compile picks it up correctly. Reviewed-by:
-
Richard Levitte authored
The different -I compiler parameters will take care of the rest... Reviewed-by:
Tim Hudson <tjh@openssl.org> (cherry picked from commit 8202802f) Conflicts: crypto/evp/evp_enc.c
-
Andy Polyakov authored
Reviewed-by:
-
Andy Polyakov authored
Reviewed-by:
-
Kurt Cancemi authored
Reviewed-by:
Ben Laurie <ben@openssl.org> (cherry picked from commit 87d388c9)
-
- 16 Oct, 2014 1 commit
-
-
Dr. Stephen Henson authored
The 1**0 test will fail for FIPS capable builds because it uses the old BIGNUM code in the 1.2 FIPS module which can't be fixed. Reviewed-by:
-
- 15 Oct, 2014 11 commits
-
-
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by:Bodo Möller <bodo@openssl.org>
-
Geoff Thorpe authored
CVE-2014-3568 Reviewed-by:
-
Dr. Stephen Henson authored
CVE-2014-3567 Reviewed-by:
-
Bodo Moeller authored
Reviewed-by: -
Bodo Moeller authored
handling out of #ifndef OPENSSL_NO_DTLS1 section. Reviewed-by: -
Bodo Moeller authored
Reviewed-by:Steve Henson <steve@openss.org>
-
Bodo Moeller authored
Reviewed-by:
-
- 29 Sep, 2014 1 commit
-
-
Dr. Stephen Henson authored
Reencode DigestInto in DER and check against the original: this will reject any improperly encoded DigestInfo structures. Note: this is a precautionary measure, there is no known attack which can exploit this. Thanks to Brian Smith for reporting this issue. Reviewed-by:
-
- 25 Sep, 2014 1 commit
-
-
Emilia Kasper authored
Accidentally omitted from commit 455b65df Reviewed-by:
Kurt Roeckx <kurt@openssl.org> (cherry picked from commit fdc35a9d)
-
- 24 Sep, 2014 4 commits
-
-
Emilia Kasper authored
Do the final padding check in EVP_DecryptFinal_ex in constant time to avoid a timing leak from padding failure. Reviewed-by:
-
Emilia Kasper authored
(Original commit adb46dbc ) Use the new constant-time methods consistently in s3_srvr.c Reviewed-by:
-
Adam Langley authored
that bad encryptions are treated like random session keys in constant time. (cherry picked from commit adb46dbc ) Reviewed-by:
-
Emilia Kasper authored
Also tweak s3_cbc.c to use new constant-time methods. Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1 This patch is based on the original RT submission by Adam Langley <agl@chromium.org>, as well as code from BoringSSL and OpenSSL. Reviewed-by:
-
- 21 Sep, 2014 1 commit
-
-
Tim Hudson authored
that fixed PR#3450 where an existing cast masked an issue when i was changed from int to long in that commit Picked up on z/linux (s390) where sizeof(int)!=sizeof(long) Reviewed-by:
-
- 04 Sep, 2014 1 commit
-
-
Adam Langley authored
(cherry picked from commit 2b0180c3 ) Reviewed-by:
-
- 03 Sep, 2014 2 commits
-
-
Richard Levitte authored
string returns 0 with errno = ENOENT. Reviewed-by:
-
Phil Mesnier authored
Reviewed-by:
-
- 02 Sep, 2014 1 commit
-
-
Emilia Kasper authored
"inline" without static is not correct as the compiler may choose to ignore it and will then either emit an external definition, or expect one. Reviewed-by:
-
- 29 Aug, 2014 1 commit
-
-
Matt Caswell authored
PR2693 Reviewed-by:
-
