- 17 Sep, 2015 1 commit
-
-
Matt Caswell authored
In master we have the function OPENSSL_clear_free(x,y), which immediately returns if x == NULL. In <=1.0.2 this function does not exist so we have to do: OPENSSL_cleanse(x, y); OPENSSL_free(x); However, previously, OPENSSL_cleanse did not check that if x == NULL, so the real equivalent check would have to be: if (x != NULL) OPENSSL_cleanse(x, y); OPENSSL_free(x); It would be easy to get this wrong during cherry-picking to other branches and therefore, for safety, it is best to just ensure OPENSSL_cleanse also checks for NULL. Reviewed-by:Rich Salz <rsalz@openssl.org> (cherry picked from commit 020d8fc8)
-
- 16 Sep, 2015 1 commit
-
-
Ivo Raisr authored
PR#4035 Reviewed-by:
Emilia Käsper <emilia@openssl.org> Reviewed-by:
Stephen Henson <steve@openssl.org> (cherry picked from commit 929f6d6f)
-
- 11 Sep, 2015 1 commit
-
-
Dr. Stephen Henson authored
If the field separator isn't specified through -nameopt then use XN_FLAG_SEP_CPLUS_SPC instead of printing nothing and returing an error. PR#2397 Reviewed-by:
Tim Hudson <tjh@openssl.org> (cherry picked from commit 03706afa)
-
- 01 Sep, 2015 1 commit
-
-
Matt Caswell authored
Builds using no-tlsext in 1.0.0 and 0.9.8 are broken. This commit fixes the issue. The same commit is applied to 1.0.1 and 1.0.2 branches for code consistency. However this commit will not fix no-tlsext in those branches which have always been broken for other reasons. The commit is not applied to master at all, because no-tlsext has been completely removed from that branch. Based on a patch by Marc Branchaud <marcnarc@xiplink.com> Reviewed-by:
-
- 31 Aug, 2015 4 commits
-
-
Richard Levitte authored
Because we recently encourage people to have a .dir-locals.el, it's a good idea to ignore it on a git level. Reviewed-by:
-
Richard Levitte authored
Apparently, emacs sees changes to auto-fill-mode as insecure Reviewed-by:
-
Richard Levitte authored
This file, when copied to .dir-locals.el in the OpenSSL source top, will make sure that the CC mode style "OpenSSL-II" will be used for all C files. Additionally, I makes sure that tabs are never used as indentation character, regardless of the emacs mode, and that the fill column is 78. Reviewed-by:
-
Richard Levitte authored
This hopefully conforms closely enough to the current code style. Reviewed-by:
-
- 16 Aug, 2015 1 commit
-
-
Rich Salz authored
Best hope of keeping current. Reviewed-by:
-
- 01 Aug, 2015 1 commit
-
-
Dirk Wetter authored
Reviewed-by:
Richard Levitte <levitte@openssl.org> (cherry picked from commit e36ce2d9)
-
- 31 Jul, 2015 1 commit
-
-
Loganaden Velvindron authored
From a CloudFlare patch. Reviewed-by:
-
- 30 Jul, 2015 1 commit
-
-
Martin Vejnar authored
Reviewed-by:
Matt Caswell <matt@openssl.org> (cherry picked from commit fa4629b6)
-
- 29 Jul, 2015 1 commit
-
-
Rich Salz authored
Reviewed-by:
-
- 13 Jul, 2015 1 commit
-
-
Richard Levitte authored
Fixes GH#330 Reviewed-by:
-
- 10 Jul, 2015 2 commits
-
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Instead of piping through tardy, and possibly suffering from bugs in certain versions, use --transform, --owner and --group directly with GNU tar (we already expect that tar variant). Reviewed-by:
-
- 09 Jul, 2015 1 commit
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
- 06 Jul, 2015 1 commit
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
- 02 Jul, 2015 1 commit
-
-
Dr. Stephen Henson authored
The PSK identity hint should be stored in the SSL_SESSION structure and not in the parent context (which will overwrite values used by other SSL structures with the same SSL_CTX). Use BUF_strndup when copying identity as it may not be null terminated. Reviewed-by:
-
- 25 Jun, 2015 1 commit
-
-
Dr. Stephen Henson authored
PR#3923 Reviewed-by:
-
- 16 Jun, 2015 2 commits
-
-
Richard Levitte authored
Reviewed-by:
Kurt Roeckx <kurt@openssl.org> (cherry picked from commit b4f0d1a4)
-
Richard Levitte authored
Reviewed-by:
-
- 11 Jun, 2015 8 commits
-
-
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Updates to CHANGES and NEWS to take account of the latest security fixes. Reviewed-by: -
Emilia Kasper authored
CVE-2015-1790 Reviewed-by: -
Emilia Kasper authored
Also tighten X509_cmp_time to reject more than three fractional seconds in the time; and to reject trailing garbage after the offset. CVE-2015-1789 Reviewed-by:
Viktor Dukhovni <viktor@openssl.org> Reviewed-by:
-
Dr. Stephen Henson authored
Fix loop in do_free_upto if cmsbio is NULL: this will happen when attempting to verify and a digest is not recognised. Reported by Johannes Bauer. CVE-2015-1792 Reviewed-by: -
Richard Levitte authored
$(PROGS) was mistakenly removed, adding it back. Reviewed-by:
-
Matt Caswell authored
Fix error handling in ssl_session_dup, as well as incorrect setting up of the session ticket. Follow on from CVE-2015-1791. Thanks to LibreSSL project for reporting these issues. Conflicts: ssl/ssl_sess.c Reviewed-by:
-
- 10 Jun, 2015 2 commits
-
-
Matt Caswell authored
The function EC_POINT_is_on_curve does not return a boolean value. It returns 1 if the point is on the curve, 0 if it is not, and -1 on error. Many usages within OpenSSL were incorrectly using this function and therefore not correctly handling error conditions. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by:
-
Matt Caswell authored
The fix for CVE-2015-1791 introduced an error in ssl_session_dup for Kerberos. Reviewed-by:
-
- 08 Jun, 2015 1 commit
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
- 04 Jun, 2015 4 commits
-
-
Matt Caswell authored
Remove a comment that suggested further clean up was required. DH_free() performs the necessary cleanup. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by:
-
Matt Caswell authored
Ensure OPENSSL_cleanse() is called on the premaster secret value calculated for GOST. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by:
-
Matt Caswell authored
Ensure the Kerberos pre-master secret has OPENSSL_cleanse called on it. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by:
-
Matt Caswell authored
A BIGNUM can have the value of -0. The function BN_bn2hex fails to account for this and can allocate a buffer one byte too short in the event of -0 being used, leading to a one byte buffer overrun. All usage within the OpenSSL library is considered safe. Any security risk is considered negligible. With thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and Filip Palian for discovering and reporting this issue. Reviewed-by:
-
- 02 Jun, 2015 3 commits
-
-
Richard Levitte authored
This is for consistency. Additionally, have its presence define OPENSSL_SYS_WINDOWS as well. Reviewed-by:
-
Matt Caswell authored
If a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket then a race condition can occur potentially leading to a double free of the ticket data. CVE-2015-1791 This also fixes RT#3808 where a session ID is changed for a session already in the client session cache. Since the session ID is the key to the cache this breaks the cache access. Parts of this patch were inspired by this Akamai change: https://github.com/akamai/openssl/commit/c0bf69a791239ceec64509f9f19fcafb2461b0d3 Reviewed-by:
-
Matt Caswell authored
This is a backport of commit e83ee04b from the master branch (and this has also been applied to 1.0.2). In 1.0.2 this was CVE-2015-0207. For other branches there is no known security issue, but this is being backported as a precautionary measure. The DTLSv1_listen function is intended to be stateless and processes the initial ClientHello from many peers. It is common for user code to loop over the call to DTLSv1_listen until a valid ClientHello is received with an associated cookie. A defect in the implementation of DTLSv1_listen means that state is preserved in the SSL object from one invokation to the next. Reviewed-by:
-
