- Aug 31, 2015
-
-
Richard Levitte authored
Because we recently encourage people to have a .dir-locals.el, it's a good idea to ignore it on a git level. Reviewed-by:
Rich Salz <rsalz@openssl.org> (cherry picked from commit d7c02691)
-
Richard Levitte authored
Apparently, emacs sees changes to auto-fill-mode as insecure Reviewed-by:
-
Richard Levitte authored
This file, when copied to .dir-locals.el in the OpenSSL source top, will make sure that the CC mode style "OpenSSL-II" will be used for all C files. Additionally, I makes sure that tabs are never used as indentation character, regardless of the emacs mode, and that the fill column is 78. Reviewed-by:
-
Richard Levitte authored
This hopefully conforms closely enough to the current code style. Reviewed-by:
-
- Aug 16, 2015
-
-
Rich Salz authored
Best hope of keeping current. Reviewed-by:
Tim Hudson <tjh@openssl.org> (cherry picked from commit 4f46473a)
-
- Aug 01, 2015
-
-
Dirk Wetter authored
Reviewed-by:
Richard Levitte <levitte@openssl.org> (cherry picked from commit e36ce2d9)
-
- Jul 31, 2015
-
-
Loganaden Velvindron authored
From a CloudFlare patch. Reviewed-by:
Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 1a586b39)
-
- Jul 30, 2015
-
-
Martin Vejnar authored
Reviewed-by:
Matt Caswell <matt@openssl.org> (cherry picked from commit fa4629b6)
-
- Jul 29, 2015
-
-
Rich Salz authored
Reviewed-by:
-
- Jul 13, 2015
-
-
Richard Levitte authored
Fixes GH#330 Reviewed-by:
-
- Jul 10, 2015
-
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Instead of piping through tardy, and possibly suffering from bugs in certain versions, use --transform, --owner and --group directly with GNU tar (we already expect that tar variant). Reviewed-by:
-
- Jul 09, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
- Jul 06, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
- Jul 02, 2015
-
-
Dr. Stephen Henson authored
The PSK identity hint should be stored in the SSL_SESSION structure and not in the parent context (which will overwrite values used by other SSL structures with the same SSL_CTX). Use BUF_strndup when copying identity as it may not be null terminated. Reviewed-by:
-
- Jun 25, 2015
-
-
Dr. Stephen Henson authored
PR#3923 Reviewed-by:
-
- Jun 16, 2015
-
-
Richard Levitte authored
Reviewed-by:
Kurt Roeckx <kurt@openssl.org> (cherry picked from commit b4f0d1a4)
-
Richard Levitte authored
Reviewed-by:
-
- Jun 11, 2015
-
-
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Updates to CHANGES and NEWS to take account of the latest security fixes. Reviewed-by: -
Emilia Kasper authored
CVE-2015-1790 Reviewed-by: -
Emilia Kasper authored
Also tighten X509_cmp_time to reject more than three fractional seconds in the time; and to reject trailing garbage after the offset. CVE-2015-1789 Reviewed-by:
Viktor Dukhovni <viktor@openssl.org> Reviewed-by:
-
Dr. Stephen Henson authored
Fix loop in do_free_upto if cmsbio is NULL: this will happen when attempting to verify and a digest is not recognised. Reported by Johannes Bauer. CVE-2015-1792 Reviewed-by: -
Richard Levitte authored
$(PROGS) was mistakenly removed, adding it back. Reviewed-by:
-
Matt Caswell authored
Fix error handling in ssl_session_dup, as well as incorrect setting up of the session ticket. Follow on from CVE-2015-1791. Thanks to LibreSSL project for reporting these issues. Conflicts: ssl/ssl_sess.c Reviewed-by:
-
- Jun 10, 2015
-
-
Matt Caswell authored
The function EC_POINT_is_on_curve does not return a boolean value. It returns 1 if the point is on the curve, 0 if it is not, and -1 on error. Many usages within OpenSSL were incorrectly using this function and therefore not correctly handling error conditions. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by:
-
Matt Caswell authored
The fix for CVE-2015-1791 introduced an error in ssl_session_dup for Kerberos. Reviewed-by:
-
- Jun 08, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
- Jun 04, 2015
-
-
Matt Caswell authored
Remove a comment that suggested further clean up was required. DH_free() performs the necessary cleanup. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by:
-
Matt Caswell authored
Ensure OPENSSL_cleanse() is called on the premaster secret value calculated for GOST. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by:
-
Matt Caswell authored
Ensure the Kerberos pre-master secret has OPENSSL_cleanse called on it. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by:
-
Matt Caswell authored
A BIGNUM can have the value of -0. The function BN_bn2hex fails to account for this and can allocate a buffer one byte too short in the event of -0 being used, leading to a one byte buffer overrun. All usage within the OpenSSL library is considered safe. Any security risk is considered negligible. With thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and Filip Palian for discovering and reporting this issue. Reviewed-by:
-
- Jun 02, 2015
-
-
Richard Levitte authored
This is for consistency. Additionally, have its presence define OPENSSL_SYS_WINDOWS as well. Reviewed-by:
-
Matt Caswell authored
If a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket then a race condition can occur potentially leading to a double free of the ticket data. CVE-2015-1791 This also fixes RT#3808 where a session ID is changed for a session already in the client session cache. Since the session ID is the key to the cache this breaks the cache access. Parts of this patch were inspired by this Akamai change: https://github.com/akamai/openssl/commit/c0bf69a791239ceec64509f9f19fcafb2461b0d3 Reviewed-by:
-
Matt Caswell authored
This is a backport of commit e83ee04b from the master branch (and this has also been applied to 1.0.2). In 1.0.2 this was CVE-2015-0207. For other branches there is no known security issue, but this is being backported as a precautionary measure. The DTLSv1_listen function is intended to be stateless and processes the initial ClientHello from many peers. It is common for user code to loop over the call to DTLSv1_listen until a valid ClientHello is received with an associated cookie. A defect in the implementation of DTLSv1_listen means that state is preserved in the SSL object from one invokation to the next. Reviewed-by:
-
- May 28, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
- May 23, 2015
-
-
Richard Levitte authored
Since source reformat, we ended up with some error reason string definitions that spanned two lines. That in itself is fine, but we sometimes edited them to provide better strings than what could be automatically determined from the reason macro, for example: {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER), "Peer haven't sent GOST certificate, required for selected ciphersuite"}, However, mkerr.pl didn't treat those two-line definitions right, and they ended up being retranslated to whatever the macro name would indicate, for example: {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER), "No gost certificate sent by peer"}, Clearly not what we wanted. This change fixes this problem. Reviewed-by: -
Richard Levitte authored
The update: target in engines/ didn't recurse into engines/ccgost. The update: and depend: targets in engines/ccgost needed a fixup. Reviewed-by:
-
