- Jun 10, 2015
-
-
Matt Caswell authored
This fixes a memory leak that can occur whilst duplicating a BIO chain if the call to CRYPTO_dup_ex_data() fails. It also fixes a second memory leak where if a failure occurs after successfully creating the first BIO in the chain, then the beginning of the new chain was not freed. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by:Stephen Henson <steve@openssl.org>
-
Matt Caswell authored
BUF_MEM_free() attempts to cleanse memory using memset immediately prior to a free. This is at risk of being optimised away by the compiler, so replace with a call to OPENSSL_clear_free() instead. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by: -
Richard Levitte authored
test/gost2814789test.c needs to include openssl/e_os2.h or it wouldn't see the defined OPENSSL_NO_* macros. Reviewed-by:Tim Hudson <tjh@openssl.org>
-
Richard Levitte authored
For librypto to be complete, the stuff in both crypto/ and engines/ have to be built. Doing 'make test' or 'make apps' from a clean source tree failed to do so. Corrected by using the new 'build_libcrypto' in the top Makefile. Reviewed-by: -
Richard Levitte authored
There's a need for a target that will build all of libcrypto, so let's add 'build_libcrypto' that does this. For ortogonality, let's also add 'build_libssl'. Have both also depend on 'libcrypto.pc' and 'libssl.pc' so those get built together with the libraries. This makes 'all' depend on fewer things directly. Reviewed-by:
-
- Jun 09, 2015
-
-
Rich Salz authored
Reviewed-by:Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Except for VMS startup code. Reviewed-by: -
Rich Salz authored
Also removed a source file that isn't built, and moved another one to test for eventual fixing. Reviewed-by: -
Jeffrey Walton authored
Signed-off-by:
Rich Salz <rsalz@openssl.org> Reviewed-by:
Matt Caswell <matt@openssl.org>
-
- Jun 08, 2015
-
-
Kurt Roeckx authored
Reviewed-by: -
Kurt Roeckx authored
Reviewed-by: -
Dr. Stephen Henson authored
Reviewed-by: -
Emilia Kasper authored
Reviewed-by: -
Emilia Kasper authored
Pointed out by Victor Vasiliev (vasilvv@mit.edu) via Adam Langley (Google). Reviewed-by:
-
- Jun 07, 2015
-
-
Rodger Combs authored
Reviewed-by:
-
- Jun 06, 2015
-
-
Dr. Stephen Henson authored
Add extension and ciphersuites to trace code. Reviewed-by: -
Dr. Stephen Henson authored
Check return value when calling ASN1_INTEGER_get to retrieve a certificate serial number. If an error occurs (which will be caused by the value being out of range) revert to hex dump of serial number. Reviewed-by:
-
- Jun 04, 2015
-
-
Rich Salz authored
Reviewed-by: -
Github User authored
Reviewed-by: -
Kurt Roeckx authored
At least in the case of SSLv3 we can't send an extention. Reviewed-by: -
Rich Salz authored
Reviewed-by: -
Matt Caswell authored
Remove a comment that suggested further clean up was required. DH_free() performs the necessary cleanup. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by: -
Matt Caswell authored
Ensure OPENSSL_cleanse() is called on the premaster secret value calculated for GOST. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by: -
Matt Caswell authored
A BIGNUM can have the value of -0. The function BN_bn2hex fails to account for this and can allocate a buffer one byte too short in the event of -0 being used, leading to a one byte buffer overrun. All usage within the OpenSSL library is considered safe. Any security risk is considered negligible. With thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and Filip Palian for discovering and reporting this issue. Reviewed-by: -
Matt Caswell authored
The session object on the client side is initially created during construction of the ClientHello. If the client is DTLS1.2 capable then it will store 1.2 as the version for the session. However if the server is only DTLS1.0 capable then when the ServerHello comes back the client switches to using DTLS1.0 from then on. However the session version does not get updated. Therefore when the client attempts to resume that session the server throws an alert because of an incorrect protocol version. Reviewed-by:
-
- Jun 03, 2015
-
-
Dr. Stephen Henson authored
Make update with manual edit so EVP_PKEY_asn1_set_item uses the same ordinal as 1.0.2. Reviewed-by: -
Sergey Agievich authored
PR#3872 Reviewed-by:
-
- Jun 02, 2015
-
-
Matt Caswell authored
Some tool chains (e.g. android) do not define IP_PMTUDISC_PROBE, and so this build breaks. Reviewed-by: -
Annie Yousar authored
objects.pl only looked for a space to see if the name could be used as a C identifier. Improve the test to match the real C rules. Signed-off-by:
Rich Salz <rsalz@akamai.com> Reviewed-by:
-
Rich Salz authored
Here are the "rules" for handling flags that depend on #ifdef: - Do not ifdef the enum. Only ifdef the OPTIONS table. All ifdef'd entries appear at the end; by convention "engine" is last. This ensures that at run-time, the flag will never be recognized/allowed. The next two bullets entries are for silencing compiler warnings: - In the while/switch parsing statement, use #ifdef for the body to disable it; leave the "case OPT_xxx:" and "break" statements outside the ifdef/ifndef. See ciphers.c for example. - If there are multiple options controlled by a single guard, OPT_FOO, OPT_BAR, etc., put a an #ifdef around the set, and then do "#else" and a series of case labels and a break. See OPENSSL_NO_AES in cms.c for example. Reviewed-by: -
Rich Salz authored
I also re-ordered some of #ifdef's. Reviewed-by: -
Jeffrey Walton authored
Reviewed-by: -
Richard Levitte authored
This is for consistency. Additionally, have its presence define OPENSSL_SYS_WINDOWS as well. Reviewed-by: -
Gunnar Kudrjavets authored
Signed-off-by:
-
Olaf Johansson authored
Signed-off-by:
-
Per Allansson authored
The code in bss_dgram.c checks if IP_MTUDISCOVER is defined, where it should test for IP_MTU_DISCOVER RT#3888 Reviewed-by:
-
Matt Caswell authored
If a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket then a race condition can occur potentially leading to a double free of the ticket data. CVE-2015-1791 This also fixes RT#3808 where a session ID is changed for a session already in the client session cache. Since the session ID is the key to the cache this breaks the cache access. Parts of this patch were inspired by this Akamai change: https://github.com/akamai/openssl/commit/c0bf69a791239ceec64509f9f19fcafb2461b0d3 Reviewed-by:
-
- May 31, 2015
-
-
Matt Caswell authored
dtls1_get_message has an |mt| variable which is the type of the message that is being requested. If it is negative then any message type is allowed. However the value of |mt| is not checked in one of the main code paths, so a peer can send a message of a completely different type and it will be processed as if it was the message type that we were expecting. This has very little practical consequences because the current behaviour will still fail when the format of the message isn't as expected. Reviewed-by:Andy Polyakov <appro@openssl.org>
-
Rich Salz authored
Reviewed-by:
-
- May 30, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
