- 02 May, 2018 4 commits
-
-
Matt Caswell authored
Reviewed-by:
Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6115)
-
Matt Caswell authored
The ciphers field in a session contains the stack of ciphers offered by the client. Reviewed-by:
-
Matt Caswell authored
The function SSL_get_shared_ciphers() is supposed to return ciphers shared by the client and the server. However it only ever returned the client ciphers. Fixes #5317 Reviewed-by:
-
Dr. Matthias St. Pierre authored
which is used for ASN1_STRING_print_ex*() and X509_NAME_print_ex*(). Reviewed-by:
-
- 01 May, 2018 2 commits
-
-
Matt Caswell authored
Specifically this is not supported with an even modulus and BN_FLG_CONSTTIME. Fixes #5082 Reviewed-by:
Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6138) (cherry picked from commit 966b3df1)
-
Matt Caswell authored
Fixes #5063 Reviewed-by:
-
- 27 Apr, 2018 6 commits
-
-
Matt Caswell authored
Make it clear that you should not attempt to get the version before the first handshake is complete. Fixes #2893 Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6108)
-
Billy Brumley authored
Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6102)
-
Cristian Stoica authored
This patch fixes the following two warnings when OpenSSL is built with no-dh option: s_server.c: In function 's_server_main': s_server.c:1105:25: warning: variable 'no_dhe' set but not used [-Wunused-but-set-variable] int no_tmp_rsa = 0, no_dhe = 0, no_ecdhe = 0, nocert = 0; ^ s_server.c:1101:11: warning: variable 'dhfile' set but not used [-Wunused-but-set-variable] char *dhfile = NULL; ^ CLA: trivial Signed-off-by:Cristian Stoica <cristian.stoica@nxp.com> Reviewed-by:
-
Cristian Stoica authored
This patch fixes the following warning when OpenSSL is configured with no-dh and no-ec: ./Configure no-ec no-dh linux-x86_64 ... s3_lib.c: In function 'ssl3_get_req_cert_type': s3_lib.c:4234:19: warning: variable 'alg_k' set but not used [-Wunused-but-set-variable] unsigned long alg_k; CLA: trivial Signed-off-by: -
Cristian Stoica authored
This patch fixes the following warning when OpenSSL is configured with no-dh and no-ec: ./Configure no-ec no-dh linux-x86_64 ... s3_lib.c:4231:9: warning: variable 'nostrict' set but not used [-Wunused-but-set-variable] int nostrict = 1; ^ CLA: trivial Signed-off-by:
-
- 26 Apr, 2018 3 commits
-
-
Matt Caswell authored
Note that calling the *use_certificate* functions will replace any existing certificate of the same type. The same thing applies for private keys. Fixes #2147 Reviewed-by:
-
Richard Levitte authored
Add a bit more commentary to explain what's going on. Reviewed-by:
-
Richard Levitte authored
That error is already caught by EVP_read_pw_string_min, and causes this function to return -1, so the code detecting too short passwords in this function is practically dead. Fixes #5465 Reviewed-by:
-
- 25 Apr, 2018 1 commit
-
-
Matt Caswell authored
This option shows the certificates as sent by the server. It is not the full verified chain. Fixes #4933 Reviewed-by:
-
- 24 Apr, 2018 1 commit
-
-
Matt Caswell authored
Document the fact that if a session is not closed down cleanly then the session gets removed from the cache and marked as non-resumable. Fixes #4720 Reviewed-by:
-
- 20 Apr, 2018 1 commit
-
-
Matt Caswell authored
We were sending illegal parameter. This isn't correct. The parameters are legal, we just don't have an overlap. A more appropriate alert is handshake failure. Fixes #2919 Reviewed-by:
-
- 19 Apr, 2018 5 commits
-
-
Richard Levitte authored
do_accept() checked that the peer IP address had a PTR record, and would fail if not. The retrieved named was then never used, even though passed around. All this is unnecessary, so we remove it. Fixes #3407 Reviewed-by:
-
Matt Caswell authored
The X509_STORE_CTX_init() docs explicitly allow a NULL parameter for the X509_STORE. Therefore we shouldn't crash if we subsequently call X509_verify_cert() and no X509_STORE has been set. Fixes #2462 Reviewed-by:
-
Matt Caswell authored
If we have a non-matching kdf_type then pkey_dh_derive silently succeeds. It should fail. This is a "should not happen" condition anyway so the impact is negligible. Fixes #2440 Reviewed-by:
-
Matt Caswell authored
If we run the ocsp command line app and the responder returns a non-successful status code then the app should exit with a failure code. Based on an original patch by Tatsuhiro Tsujikawa. Fixes #2387 Reviewed-by:
-
Emilia Kasper authored
The behaviour of X509_cmp_time used to be undocumented. The new behaviour, documented in master, is to return only 0, 1, or -1. Make the code in the other branches to adhere to this behaviour too, to reduce confusion. There is nothing to be gained from returning other values. Fixes GH#4954 Reviewed-by:
Tim Hudson <tjh@openssl.org> Reviewed-by:
-
- 17 Apr, 2018 3 commits
-
-
John Eichenberger authored
The wrong flags were being tested. It is the rsa->meth flags not the rsa flags that should be tested. wpa_supplicant has a bit of code that 1. Allocates and defines a RSA_METHOD structure. 2. calls RSA_new(); 3. calls RSA_set_method(). In current versions of that code the rsa_sign and rsa_verify members of the RSA_METHOD structure are not defined, thus making it compatible with the really old versions of OpenSSL. But should one change it use the rsa_sign method one must set the RSA_FLAG_SIGN_VER bit of the RSA_METHOD structure to indicate that one or both of those new methods are required. In doing so, OpenSSL will not call the new methods, not without this change. CLA: trivial Change-Id: I6e65a80f21399f25e966466ff676e3b21f85f360 Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
We cannot provide a certificate status on a resumption so we should ignore this extension in that case. Fixes #1662 Reviewed-by:
-
- 16 Apr, 2018 1 commit
-
-
Billy Brumley authored
RSA key generation: ensure BN_mod_inverse and BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set. CVE-2018-0737 Reviewed-by:
-
- 12 Apr, 2018 1 commit
-
-
Daniel Bevenius authored
This is a minor update which hopefully makes these particular lines read a little easier. Reviewed-by:
Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by:
-
- 07 Apr, 2018 1 commit
-
-
Rich Salz authored
Reviewed-by:
-
- 05 Apr, 2018 3 commits
-
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
There are two undocumented DSA parameter generation options available in the genpkey command line app: dsa_paramgen_md and dsa_paramgen_q_bits. These can also be accessed via the EVP API but only by using EVP_PKEY_CTX_ctrl() or EVP_PKEY_CTX_ctrl_str() directly. There are no helper macros for these options. dsa_paramgen_q_bits sets the length of q in bits (default 160 bits). dsa_paramgen_md sets the digest that is used during the parameter generation (default SHA1). In particular the output length of the digest used must be equal to or greater than the number of bits in q because of this code: if (!EVP_Digest(seed, qsize, md, NULL, evpmd, NULL)) goto err; if (!EVP_Digest(buf, qsize, buf2, NULL, evpmd, NULL)) goto err; for (i = 0; i < qsize; i++) md[i] ^= buf2[i]; /* step 3 */ md[0] |= 0x80; md[qsize - 1] |= 0x01; ... -
Matt Caswell authored
Reviewed-by:
-
- 03 Apr, 2018 3 commits
-
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Thanks to Sem Voigtländer for reporting this issue. Reviewed-by:
-
- 28 Mar, 2018 1 commit
-
-
Miroslav Suk authored
Reviewed-by:
-
- 27 Mar, 2018 4 commits
-
-
Philippe Antoine authored
Reviewed-by:
Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5687)
-
Matt Caswell authored
If we don't have OID data for an object then we should fail if we are asked to encode the ASN.1 for that OID. Fixes #5723 Reviewed-by:
-
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by:
-
