Commits · 84d4f99d3117fa346a92072a8312d3c71466862d · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Oct 15, 2014

Updates to CHANGES file · 84d4f99d
Matt Caswell authored Oct 15, 2014
```
Reviewed-by: Bodo Möller <bodo@openssl.org>
```
84d4f99d

Fix no-ssl3 configuration option · 82180dcc

Geoff Thorpe authored Oct 15, 2014



CVE-2014-3568

Reviewed-by: Emilia Kasper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

82180dcc

Fix for session tickets memory leak. · c2b90b39

Dr. Stephen Henson authored Oct 15, 2014



CVE-2014-3567

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 5dc6070a03779cd524f0e67f76c945cb0ac38320)

c2b90b39

Fix SRTP compile issues for windows · c2a2ff3f

Matt Caswell authored Oct 15, 2014



Related to CVE-2014-3513

This fix was developed by the OpenSSL Team

Reviewed-by: Tim Hudson <tjh@openssl.org>

Conflicts:
	util/mkdef.pl
	util/ssleay.num

Conflicts:
	util/mkdef.pl

c2a2ff3f

Fix for SRTP Memory Leak · d64b6c98

Matt Caswell authored Oct 15, 2014



CVE-2014-3513

This issue was reported to OpenSSL on 26th September 2014, based on an original
issue and patch developed by the LibreSSL project. Further analysis of the issue
was performed by the OpenSSL team.

The fix was developed by the OpenSSL team.

Reviewed-by: Tim Hudson <tjh@openssl.org>

d64b6c98

Fix SSL_R naming inconsistency. · 05df9b9a
Bodo Moeller authored Oct 15, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
05df9b9a
aesni-x86_64.pl: make ECB subroutine Windows ABI compliant. · 3e3cc471
Andy Polyakov authored Oct 15, 2014
```
RT: 3553
Reviewed-by: Emilia Kasper <emilia@openssl.org>
(cherry picked from commit 69d5747f)
```
3e3cc471
Add TLS_FALLBACK_SCSV documentation, and move s_client -fallback_scsv · 80fb4820
Bodo Moeller authored Oct 15, 2014
```
handling out of #ifndef OPENSSL_NO_DTLS1 section.

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
80fb4820

Oop: revert unintentional change committed along with · 2229fe5b

Bodo Moeller authored Oct 15, 2014


TLS_FALLBACK_SCSV support, restoring a reviewed state instead.

Reviewed-by: Stephen Henson <(steve@openssl.org)>

2229fe5b

Support TLS_FALLBACK_SCSV. · a46c7052
Bodo Moeller authored Oct 15, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
a46c7052

Oct 06, 2014

Removed duplicate definition of PKCS7_type_is_encrypted · dc7bca8b

Matt Caswell authored Oct 03, 2014



Patch supplied by Matthieu Patou <mat@matws.net>, and modified to also
remove duplicate definition of PKCS7_type_is_digest.

PR#3551

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit e0fdea3e)

dc7bca8b

Fix single makefile. · f58cfe04
Ben Laurie authored Oct 04, 2014
```
Reviewed-by: Geoffrey Thorpe <geoff@geoffthorpe.net>
```
f58cfe04

Oct 03, 2014

RT3462: Document actions when data==NULL · 20d1c811

Rich Salz authored Sep 08, 2014



If data is NULL, return the size needed to hold the
derived key.  No other API to do this, so document
the behavior.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 5aed1693)

20d1c811

Oct 02, 2014
- DTLS 1.2 support has been added to 1.0.2. · c578fe37
  Bodo Moeller authored Oct 02, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  c578fe37
Sep 30, 2014
- RT2309: Fix podpage MMNNFFPPS->MNNFFPPS · a4ee5bbc
  Rich Salz authored Sep 30, 2014
```
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 9208640a)
```
  a4ee5bbc
- e_os.h: refine inline override logic (to address warnings in debug build). · 8ad90503
  Andy Polyakov authored Sep 30, 2014
```
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit 55c7a4cf)
```
  8ad90503
Sep 29, 2014

Add additional DigestInfo checks. · 5df07a72

Dr. Stephen Henson authored Sep 25, 2014



Reencode DigestInto in DER and check against the original: this
will reject any improperly encoded DigestInfo structures.

Note: this is a precautionary measure, there is no known attack
which can exploit this.

Thanks to Brian Smith for reporting this issue.
Reviewed-by: Tim Hudson <tjh@openssl.org>

5df07a72

Sep 25, 2014
- Prepare for 1.0.2-beta4-dev · 0853b2c5
  Matt Caswell authored Sep 25, 2014
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
  0853b2c5
- Prepare for 1.0.2-beta3 release · 2c5db8da
  Matt Caswell authored Sep 25, 2014
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
  OpenSSL_1_0_2-beta3
  
  2c5db8da
- make update · bffd5a7f
  Matt Caswell authored Sep 25, 2014
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
  bffd5a7f
- Added 1.0.1i CHANGES and NEWS updates · 5e60396f
  Matt Caswell authored Sep 25, 2014
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
  5e60396f
- Add missing tests · 0d6a11a9
  Emilia Kasper authored Sep 25, 2014
```
Accidentally omitted from commit 455b65df



Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit fdc35a9d)
```
  0d6a11a9
- Add constant_time_locl.h to HEADERS, · f9fac616
  Tim Hudson authored Sep 25, 2014
```
so the Win32 compile picks it up correctly.

Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  f9fac616
- Add the constant time test to the VMS build and tests · ef8055cb
  Richard Levitte authored Sep 25, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  ef8055cb
- Include "constant_time_locl.h" rather than "../constant_time_locl.h". · 3b7ab6f4
  Richard Levitte authored Sep 24, 2014
```
The different -I compiler parameters will take care of the rest...

Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  3b7ab6f4
Sep 24, 2014

Don't allow non-FIPS curves in FIPS mode. · 3b4a7618
Dr. Stephen Henson authored Sep 23, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
3b4a7618
Use correct function name: CMS_add1_signer() · 25540175
Dr. Stephen Henson authored Sep 20, 2014
```
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 5886354d)
```
25540175
crypto/bn/bn_nist.c: work around MSC ARM compiler bug. · ec65b83d
Andy Polyakov authored Sep 25, 2014
```
RT: 3541
Reviewed-by: Emilia Kasper <emilia@openssl.org>
(cherry picked from commit 8b07c005)
```
ec65b83d
e_os.h: allow inline functions to be compiled by legacy compilers. · d169bf9c
Andy Polyakov authored Sep 25, 2014
```
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 40155f40)
```
d169bf9c

RT3425: constant-time evp_enc · 738911cd

Emilia Kasper authored Sep 05, 2014



Do the final padding check in EVP_DecryptFinal_ex in constant time to
avoid a timing leak from padding failure.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 4aac102f)

Conflicts:
	crypto/evp/evp_enc.c

738911cd

RT3067: simplify patch · e1080ea3

Emilia Kasper authored Sep 04, 2014

(Original commit adb46dbc

)

Use the new constant-time methods consistently in s3_srvr.c

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 455b65df)

e1080ea3

This change alters the processing of invalid, RSA pre-master secrets so · 941af48f

Adam Langley authored Apr 24, 2013

that bad encryptions are treated like random session keys in constant
time.

(cherry picked from commit adb46dbc

)

Reviewed-by: Rich Salz <rsalz@openssl.org>

941af48f

RT3066: rewrite RSA padding checks to be slightly more constant time. · 9bed73ad

Emilia Kasper authored Aug 28, 2014



Also tweak s3_cbc.c to use new constant-time methods.
Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1

This patch is based on the original RT submission by Adam Langley <agl@chromium.org>,
as well as code from BoringSSL and OpenSSL.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Conflicts:
	crypto/rsa/rsa_oaep.c
	crypto/rsa/rsa_pk1.c
	ssl/s3_cbc.c

9bed73ad

Sep 23, 2014

Note i2d_re_X509_tbs and related changes in CHANGES · e9128d94
Emilia Kasper authored Sep 23, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
e9128d94

make update · 972868b2

Emilia Kasper authored Sep 23, 2014



Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>

972868b2

Add i2d_re_X509_tbs · e774a305

Emilia Kasper authored Sep 05, 2014



i2d_re_X509_tbs re-encodes the TBS portion of the certificate.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit 95b1752c)

e774a305

Revert "Add accessor for x509.cert_info." · d9f99d4e

Emilia Kasper authored Sep 23, 2014

This reverts commit 519ad9b3

.

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

d9f99d4e

Revert "Add more accessors." · 6ce2a641

Emilia Kasper authored Sep 23, 2014

This reverts commit cacdfcb2

.

Conflicts:
	crypto/x509/x509.h

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

6ce2a641

CHANGES: mention ECP_NISTZ256. · d2a1226b

Andy Polyakov authored Sep 23, 2014



Reviewed-by: Bodo Moeller <bodo@openssl.org>
(cherry picked from commit 507efe73)

d2a1226b

Sep 21, 2014
- crypto/ecp_nistz256.c: harmonize error codes. · 9fa9370b
  Andy Polyakov authored Sep 21, 2014
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit be07ae9b)
```
  9fa9370b