Commits · bfc973f46c54b403a3049986d352223929ba812b · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Nov 10, 2014
- Fix spelling of EECDH · bfc973f4
  Kurt Roeckx authored Nov 05, 2014
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
  bfc973f4
Oct 30, 2014
- armv4cpuid.S: fix compilation error in pre-ARMv7 build. · 66962039
  Andy Polyakov authored Oct 30, 2014
```
PR: 3474
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
```
  66962039
Oct 29, 2014
- Fix WIN32 build by disabling bn* calls. · ecb9966e
  Dr. Stephen Henson authored Oct 21, 2014
```
The trial division and probable prime with coprime tests are disabled
on WIN32 builds because they use internal functions not exported from
the WIN32 DLLs.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
```
  ecb9966e
- ec/asm/ecp_nistz256-x86_64.pl: fix inconsistency in path handling. · c381b637
  Andy Polyakov authored Oct 29, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  c381b637
- md32_common.h: address compiler warning in HOST_c2l. · d45282fc
  Andy Polyakov authored Oct 29, 2014
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
  d45282fc
Oct 28, 2014

Use only unsigned arithmetic in constant-time operations · d2fa1829
Samuel Neves authored Oct 04, 2014
```
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
```
d2fa1829

Tighten session ticket handling · d663df23

Emilia Kasper authored Oct 28, 2014



Tighten client-side session ticket handling during renegotiation:
ensure that the client only accepts a session ticket if the server sends
the extension anew in the ServerHello. Previously, a TLS client would
reuse the old extension state and thus accept a session ticket if one was
announced in the initial ServerHello.

Reviewed-by: Bodo Moeller <bodo@openssl.org>

d663df23

Oct 27, 2014
- Add missing CHANGES interval [1.0.1h, 1.0.1i] · 49b0dfc5
  Emilia Kasper authored Oct 27, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  49b0dfc5
- Sync CHANGES · 18a2d293
  Emilia Kasper authored Oct 27, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  18a2d293
- Fix ssltest logic when some protocols are compiled out. · fd28a41e
  Emilia Kasper authored Oct 27, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
```
  fd28a41e
Oct 24, 2014

Copy negotiated parameters in SSL_set_SSL_CTX. · 14e14bf6

Dr. Stephen Henson authored Oct 09, 2014



SSL_set_SSL_CTX is used to change the SSL_CTX for SNI, keep the
supported signature algorithms and raw cipherlist.
Reviewed-by: Tim Hudson <tjh@openssl.org>

14e14bf6

Process signature algorithms in ClientHello late. · c800c27a
Dr. Stephen Henson authored Oct 09, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
c800c27a

Oct 23, 2014

ecp_nistz256 update. · 3ff08e1d

Andy Polyakov authored Oct 23, 2014



Facilitate switch to custom scatter-gather routines. This modification
does not change algorithms, only makes it possible to implement
alternative. This is achieved by a) moving precompute table to assembly
(perlasm parses ecp_nistz256_table.c and is free to rearrange data to
match gathering algorithm); b) adhering to explicit scatter subroutine
(which for now is simply a memcpy). First implementations that will use
this option are 32-bit assembly implementations, ARMv4 and x86, where
equivalent of current read-whole-table-select-single-value algorithm
is too time-consuming. [On side note, switching to scatter-gather on
x86_64 would allow to improve server-side ECDSA performance by ~5%].

Reviewed-by: Bodo Moeller <bodo@openssl.org>

3ff08e1d

Configure: add ios64 target. · b06f7d9a
Andy Polyakov authored Oct 23, 2014
```
Reviewed-by: Steve Marquess <marquess@openssl.org>
```
b06f7d9a

Oct 22, 2014
- Add missing credit. · 9f4bd9d5
  Andy Polyakov authored Oct 22, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  9f4bd9d5
Oct 21, 2014

Fix and improve SSL_MODE_SEND_FALLBACK_SCSV documentation. · 98f1ac7d
Bodo Moeller authored Oct 21, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
98f1ac7d
When processing ClientHello.cipher_suites, don't ignore cipher suites · 8cb30232
Bodo Moeller authored Oct 21, 2014
```
listed after TLS_FALLBACK_SCSV.

RT: 3575
Reviewed-by: Emilia Kasper <emilia@openssl.org>
```
8cb30232

Keep old method in case of an unsupported protocol · 392fa7a9

Kurt Roeckx authored Oct 21, 2014

When we're configured with no-ssl3 and we receive an SSL v3 Client Hello, we set
the method to NULL.  We didn't used to do that, and it breaks things.  This is a
regression introduced in 62f45cc2

.  Keep the old
method since the code is not able to deal with a NULL method at this time.

CVE-2014-3569, PR#3571

Reviewed-by: Emilia Käsper <emilia@openssl.org>

392fa7a9

Oct 20, 2014
- no-ssl2 with no-ssl3 does not mean drop the ssl lib · c882abd5
  Tim Hudson authored Oct 20, 2014
```
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
```
  c882abd5
Oct 17, 2014
- RT3547: Add missing static qualifier · 87d388c9
  Kurt Cancemi authored Sep 28, 2014
```
Reviewed-by: Ben Laurie <ben@openssl.org>
```
  87d388c9
Oct 15, 2014

Add constant_time_locl.h to HEADERS, · c6e9b39c

Tim Hudson authored Sep 25, 2014


so the Win32 compile picks it up correctly.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Conflicts:
	crypto/Makefile

c6e9b39c

Include "constant_time_locl.h" rather than "../constant_time_locl.h". · 7f09a877

Richard Levitte authored Sep 24, 2014


The different -I compiler parameters will take care of the rest...

Reviewed-by: Tim Hudson <tjh@openssl.org>

Conflicts:
	crypto/evp/evp_enc.c
	crypto/rsa/rsa_oaep.c
	crypto/rsa/rsa_pk1.c

7f09a877

Updates to NEWS file · ed13270d
Matt Caswell authored Oct 15, 2014
```
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
```
ed13270d
Updates CHANGES file · 53afbe12
Matt Caswell authored Oct 15, 2014
```
Reviewed-by: Bodo Möller <bodo@openssl.org>
```
53afbe12

Fix no-ssl3 configuration option · 62f45cc2

Geoff Thorpe authored Oct 15, 2014



CVE-2014-3568

Reviewed-by: Emilia Kasper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

62f45cc2

Fix for session tickets memory leak. · 74827055

Dr. Stephen Henson authored Oct 15, 2014



CVE-2014-3567

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

74827055

Fix SRTP compile issues for windows · 3dd814ac

Matt Caswell authored Oct 15, 2014



Related to CVE-2014-3513

This fix was developed by the OpenSSL Team

Reviewed-by: Tim Hudson <tjh@openssl.org>

Conflicts:
	util/mkdef.pl
	util/ssleay.num

3dd814ac

Fix for SRTP Memory Leak · e659eff2

Matt Caswell authored Oct 15, 2014



CVE-2014-3513

This issue was reported to OpenSSL on 26th September 2014, based on an original
issue and patch developed by the LibreSSL project. Further analysis of the issue
was performed by the OpenSSL team.

The fix was developed by the OpenSSL team.

Reviewed-by: Tim Hudson <tjh@openssl.org>

e659eff2

Fix SSL_R naming inconsistency. · 0b382a8e
Bodo Moeller authored Oct 15, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
0b382a8e
aesni-x86_64.pl: make ECB subroutine Windows ABI compliant. · 69d5747f
Andy Polyakov authored Oct 15, 2014
```
RT: 3553
Reviewed-by: Emilia Kasper <emilia@openssl.org>
```
69d5747f
Add TLS_FALLBACK_SCSV documentation, and move s_client -fallback_scsv · fb0e87fb
Bodo Moeller authored Oct 15, 2014
```
handling out of #ifndef OPENSSL_NO_DTLS1 section.

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
fb0e87fb
Support TLS_FALLBACK_SCSV. · cf6da053
Bodo Moeller authored Oct 15, 2014
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
cf6da053

Oct 11, 2014
- Remove reference to deleted md4.c · ffa08b32
  Dr. Stephen Henson authored Oct 11, 2014
```
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
```
  ffa08b32
Oct 10, 2014
- Disable encrypt them mac for SSL 3.0 and stream ciphers (RC4 only). · f3014206
  Dr. Stephen Henson authored Sep 30, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  f3014206
Oct 06, 2014

Removed duplicate definition of PKCS7_type_is_encrypted · e0fdea3e

Matt Caswell authored Oct 03, 2014



Patch supplied by Matthieu Patou <mat@matws.net>, and modified to also
remove duplicate definition of PKCS7_type_is_digest.

PR#3551

Reviewed-by: Rich Salz <rsalz@openssl.org>

e0fdea3e

Fix single makefile. · 71614df4
Ben Laurie authored Oct 04, 2014
```
Reviewed-by: Geoffrey Thorpe <geoff@geoffthorpe.net>
```
71614df4

Oct 03, 2014

RT3462: Document actions when data==NULL · 5aed1693

Rich Salz authored Sep 08, 2014



If data is NULL, return the size needed to hold the
derived key.  No other API to do this, so document
the behavior.

Reviewed-by: Richard Levitte <levitte@openssl.org>

5aed1693

Oct 02, 2014
- DTLS 1.2 support has been added to 1.0.2. · 429a25b9
  Bodo Moeller authored Oct 02, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  429a25b9
Oct 01, 2014
- crypto/cast/asm/cast-586.pl: +5% on PIII and remove obsolete readme. · ae4af7a0
  Andy Polyakov authored Oct 01, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  ae4af7a0
- RT3549: Remove obsolete files in crypto · df8c39d5
  Rich Salz authored Sep 30, 2014
```
Reviewed-by: Andy Polyakov <appro@openssl.org>
```
  df8c39d5