Skip to content
  1. Nov 09, 2015
  2. Nov 04, 2015
  3. Nov 02, 2015
  4. Nov 01, 2015
  5. Oct 29, 2015
  6. Oct 23, 2015
  7. Oct 10, 2015
  8. Oct 09, 2015
  9. Oct 08, 2015
    • Matt Caswell's avatar
      Don't treat a bare OCTETSTRING as DigestInfo in int_rsa_verify · ec1f1255
      Matt Caswell authored
      
      
      The function int_rsa_verify is an internal function used for verifying an
      RSA signature. It takes an argument |dtype| which indicates the digest type
      that was used. Dependant on that digest type the processing of the
      signature data will vary. In particular if |dtype == NID_mdc2| and the
      signature data is a bare OCTETSTRING then it is treated differently to the
      default case where the signature data is treated as a DigestInfo (X509_SIG).
      
      Due to a missing "else" keyword the logic actually correctly processes the
      OCTETSTRING format signature first, and then attempts to continue and
      process it as DigestInfo. This will invariably fail because we already know
      that it is a bare OCTETSTRING.
      
      This failure doesn't actualy make a real difference because it ends up at
      the |err| label regardless and still returns a "success" result. This patch
      just cleans things up to make it look a bit more sane.
      
      RT#4076
      
      Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
      (cherry picked from commit dffe5109)
      ec1f1255
    • Richard Levitte's avatar
      When ENGINE_add finds that id or name is missing, actually return · 363c8fd5
      Richard Levitte authored
      
      
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      (cherry picked from commit 5850cc75)
      363c8fd5
  10. Oct 07, 2015
  11. Oct 06, 2015
  12. Oct 05, 2015
  13. Oct 03, 2015
  14. Sep 29, 2015
  15. Sep 28, 2015
  16. Sep 25, 2015
  17. Sep 22, 2015
  18. Sep 21, 2015
    • David Woodhouse's avatar
      RT3479: Add UTF8 support to BIO_read_filename() · 21d8f244
      David Woodhouse authored
      
      
      If we use BIO_new_file(), on Windows it'll jump through hoops to work
      around their unusual charset/Unicode handling. it'll convert a UTF-8
      filename to UCS-16LE and attempt to use _wfopen().
      
      If you use BIO_read_filename(), it doesn't do this. Shouldn't it be
      consistent?
      
      It would certainly be nice if SSL_use_certificate_chain_file() worked.
      
      Also made BIO_C_SET_FILENAME work (rsalz)
      
      Signed-off-by: default avatarRich Salz <rsalz@akamai.com>
      Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
      (cherry picked from commit ff03599a)
      21d8f244
    • Gunnar Kudrjavets's avatar
      RT3823: Improve the robustness of event logging · f9394bd7
      Gunnar Kudrjavets authored
      
      
      There are a couple of minor fixes here:
      
      1) Handle the case when RegisterEventSource() fails (which it may for
      various reasons) and do the work of logging the event only if it succeeds.
      
      2) Handle the case when ReportEvent() fails and do our best in debug builds
      to at least attempt somehow indicate that something has gone wrong. The
      typical situation would be someone running tools like DbMon, DBWin32,
      DebugView or just having the debugger attached. The intent is to make sure
      that at least some data will be captured so that we can save hours and days
      of debugging time.
      
      3) Minor fix to change the MessageBox() flag to MB_ICONERROR. Though the
      value of MB_ICONERROR is the same value as MB_ICONSTOP, the intent is
      better conveyed by using MB_ICONERROR.
      
      Testing performed:
      
      1) Clean compilation for debug-VC-WIN32 and VC-WIN32.
      
      2) Good test results (nmake -f ms\ntdll.mak test) for debug-VC-WIN32 and
      VC-WIN32.
      
      3) Stepped through relevant changes using WinDBG and exercised the impacted
      code paths.
      
      Signed-off-by: default avatarRich Salz <rsalz@akamai.com>
      Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
      (cherry picked from commit 4cd94416)
      f9394bd7
    • Matt Caswell's avatar
      Fix SRP memory leaks · b2a67188
      Matt Caswell authored
      
      
      There were some memory leaks in the creation of an SRP verifier (both on
      successful completion and also on some error paths).
      
      Reviewed-by: default avatarEmilia Käsper <emilia@openssl.org>
      (cherry picked from commit bf95cde2)
      b2a67188