Commits · c25456633cdf9bc26780dc02e4ffc7102a3e75da · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Nov 25, 2014
- Corrected comments in ssl.h about SSLv23_method and friends · c2545663
  Matt Caswell authored Nov 25, 2014
```
PR#3574

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 3a076588)
```
  c2545663
Nov 13, 2014

Fix cross reference table generator. · aaf93359

Dr. Stephen Henson authored Nov 01, 2014



If the hash or public key algorithm is "undef" the signature type
will receive special handling and shouldn't be included in the
cross reference table.
Reviewed-by: Tim Hudson <tjh@openssl.org>

(cherry picked from commit 55f7fb88)

Conflicts:
	crypto/objects/obj_xref.h

aaf93359

Nov 12, 2014

Fixes a minor typo in the EVP docs. · cee17f96

Alok Menghrajani authored Nov 11, 2014



Out is the buffer which needs to contain at least inl + cipher_block_size - 1 bytes. Outl
is just an int*.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 5211e094)

cee17f96

Correct timestamp output when clock_precision_digits > 0 · bd366159
Michal Bozon authored Nov 12, 2014
```
PR#3535

Reviewed-by: Stephen Henson <steve@openssl.org>
```
bd366159

Fix free of garbage pointer. PR#3595 · db856119

Matt Caswell authored Nov 12, 2014



Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit e04d426b)

db856119

Nov 11, 2014
- Fix warning about negative unsigned intergers · 9e5267fc
  Kurt Roeckx authored Nov 10, 2014
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  9e5267fc
Oct 28, 2014
- Use only unsigned arithmetic in constant-time operations · 0d330ce5
  Samuel Neves authored Oct 04, 2014
```
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
```
  0d330ce5
Oct 21, 2014

Fix and improve SSL_MODE_SEND_FALLBACK_SCSV documentation. · 2a303a58
Bodo Moeller authored Oct 21, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
2a303a58
When processing ClientHello.cipher_suites, don't ignore cipher suites · 8d81dfd0
Bodo Moeller authored Oct 21, 2014
```
listed after TLS_FALLBACK_SCSV.

RT: 3575
Reviewed-by: Emilia Kasper <emilia@openssl.org>
```
8d81dfd0

Keep old method in case of an unsupported protocol · 69c163ac

Kurt Roeckx authored Oct 21, 2014

When we're configured with no-ssl3 and we receive an SSL v3 Client Hello, we set
the method to NULL.  We didn't used to do that, and it breaks things.  This is a
regression introduced in 62f45cc2

.  Keep the old
method since the code is not able to deal with a NULL method at this time.

CVE-2014-3569, PR#3571

Reviewed-by: Emilia Käsper <emilia@openssl.org>
(cherry picked from commit 392fa7a9)

69c163ac

Oct 20, 2014
- no-ssl2 with no-ssl3 does not mean drop the ssl lib · b7eaea73
  Tim Hudson authored Oct 20, 2014
```
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
(cherry picked from commit c882abd5)
```
  b7eaea73
Oct 17, 2014
- e_os.h: refine inline override logic (to address warnings in debug build). · 2d2965d2
  Andy Polyakov authored Sep 30, 2014
```
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
(cherry picked from commit 55c7a4cf)
```
  2d2965d2
- e_os.h: allow inline functions to be compiled by legacy compilers. · 56cee260
  Andy Polyakov authored Sep 25, 2014
```
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 40155f40)
```
  56cee260
- RT3547: Add missing static qualifier · e2e13b8f
  Kurt Cancemi authored Sep 28, 2014
```
Reviewed-by: Ben Laurie <ben@openssl.org>
(cherry picked from commit 87d388c9)
```
  e2e13b8f
Oct 15, 2014

Prepare for 1.0.0p-dev · 13b2a4d0
Matt Caswell authored Oct 15, 2014
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
13b2a4d0
Prepare for 1.0.0o release · 41da9188
Matt Caswell authored Oct 15, 2014
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
OpenSSL_1_0_0o

41da9188
Updates to NEWS · e9fe4b10
Matt Caswell authored Oct 15, 2014
```
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
```
e9fe4b10
Update to CHANGES file · 6469c947
Matt Caswell authored Oct 15, 2014
```
Reviewed-by: Bodo Möller <bodo@openssl.org>
```
6469c947

Fix no-ssl3 configuration option · 9bf3ff1c

Geoff Thorpe authored Oct 15, 2014



CVE-2014-3568

Reviewed-by: Emilia Kasper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

9bf3ff1c

Fix for session tickets memory leak. · 74f77d40

Dr. Stephen Henson authored Oct 15, 2014



CVE-2014-3567

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

74f77d40

Fix SSL_R naming inconsistency. · 55513f3e
Bodo Moeller authored Oct 15, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
55513f3e

Add constant_time_locl.h to HEADERS, · c8dd7190

Tim Hudson authored Sep 25, 2014


so the Win32 compile picks it up correctly.

Reviewed-by: Richard Levitte <levitte@openssl.org>

c8dd7190

Add the constant time test to the VMS build and tests · 0bfd0bff
Richard Levitte authored Sep 25, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>

Conflicts:
	test/maketests.com
	test/tests.com
```
0bfd0bff

Include "constant_time_locl.h" rather than "../constant_time_locl.h". · eb269523

Richard Levitte authored Sep 24, 2014


The different -I compiler parameters will take care of the rest...

Reviewed-by: Tim Hudson <tjh@openssl.org>

Conflicts:
	crypto/evp/evp_enc.c

eb269523

Spaces were added in some strings for better readability. However, those... · 802feda7

Richard Levitte authored Jun 16, 2014


Spaces were added in some strings for better readability. However, those spaces do not belong in file names, so when picking out the individual parts, remove the spaces

Reviewed-by: Tim Hudson <tjh@openssl.org>

802feda7

Adjust VMS build to Unix build. Most of all, make it so the disabled · cdad6ad0

Richard Levitte authored Aug 06, 2014


algorithms MD2 and RC5 don't get built.
Also, disable building the test apps in crypto/des and crypto/pkcs7, as
they have no support at all.

Reviewed-by: Tim Hudson <tjh@openssl.org>

Conflicts:
	crypto/crypto-lib.com
	makevms.com
	ssl/ssl-lib.com

cdad6ad0

Make sure test/tests.com exit gracefully, even when openssl.exe wasn't properly built. · 4eca4cfb
Richard Levitte authored Jun 18, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
4eca4cfb

Make sure that disabling the MAYLOSEDATA3 warning is only done when the... · 7e29be22

Richard Levitte authored Jun 14, 2014

Make sure that disabling the MAYLOSEDATA3 warning is only done when the compiler supports it. Otherwise, there are warnings about it lacking everywhere, which is quite tedious to read through while trying to check for other warnings.

Reviewed-by: Tim Hudson <tjh@openssl.org>

Conflicts:
ssl/ssl-lib.com

7e29be22

Add TLS_FALLBACK_SCSV documentation, and move s_client -fallback_scsv · 8745c081
Bodo Moeller authored Oct 15, 2014
```
handling out of #ifndef OPENSSL_NO_DTLS1 section.

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
8745c081
Oops -- fix typo in coment added with TLS_FALLBACK_SCSV support. · 68828f16
Bodo Moeller authored Oct 15, 2014
```
Reviewed-by: Steve Henson <steve@openss.org>
```
68828f16
Support TLS_FALLBACK_SCSV. · 59dcfa21
Bodo Moeller authored Oct 15, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
59dcfa21

Oct 06, 2014

Removed duplicate definition of PKCS7_type_is_encrypted · 13f8ddac

Matt Caswell authored Oct 03, 2014



Patch supplied by Matthieu Patou <mat@matws.net>, and modified to also
remove duplicate definition of PKCS7_type_is_digest.

PR#3551

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit e0fdea3e)

13f8ddac

Sep 29, 2014

Add additional DigestInfo checks. · ad8b2043

Dr. Stephen Henson authored Sep 25, 2014



Reencode DigestInto in DER and check against the original: this
will reject any improperly encoded DigestInfo structures.

Note: this is a precautionary measure, there is no known attack
which can exploit this.

Thanks to Brian Smith for reporting this issue.
Reviewed-by: Tim Hudson <tjh@openssl.org>

ad8b2043

Sep 25, 2014

Add missing tests · 7b7aef9b

Emilia Kasper authored Sep 25, 2014

Accidentally omitted from commit 455b65df



Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit fdc35a9d)

7b7aef9b

Sep 24, 2014

Use correct function name: CMS_add1_signer() · 93540299
Dr. Stephen Henson authored Sep 20, 2014
```
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 5886354d)
```
93540299
crypto/bn/bn_nist.c: work around MSC ARM compiler bug. · 1db72876
Andy Polyakov authored Sep 25, 2014
```
RT: 3541
Reviewed-by: Emilia Kasper <emilia@openssl.org>
(cherry picked from commit 8b07c005)
```
1db72876

RT3425: constant-time evp_enc · b55ff319

Emilia Kasper authored Sep 05, 2014



Do the final padding check in EVP_DecryptFinal_ex in constant time to
avoid a timing leak from padding failure.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 4aac102f)

Conflicts:
	crypto/evp/evp_enc.c

(cherry picked from commit 738911cd)

Conflicts:
	crypto/evp/evp_enc.c

b55ff319

RT3067: simplify patch · 9a6940a3

Emilia Kasper authored Sep 04, 2014

(Original commit adb46dbc

)

Use the new constant-time methods consistently in s3_srvr.c

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 455b65df)

Conflicts:
	ssl/Makefile

9a6940a3

This change alters the processing of invalid, RSA pre-master secrets so · c36ceb0b

Adam Langley authored Apr 24, 2013

that bad encryptions are treated like random session keys in constant
time.

(cherry picked from commit adb46dbc

)

Reviewed-by: Rich Salz <rsalz@openssl.org>

c36ceb0b

RT3066: rewrite RSA padding checks to be slightly more constant time. · 904fcce0

Emilia Kasper authored Aug 28, 2014



Also tweak s3_cbc.c to use new constant-time methods.
Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1

This patch is based on the original RT submission by Adam Langley <agl@chromium.org>,
as well as code from BoringSSL and OpenSSL.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Conflicts:
	crypto/rsa/rsa_oaep.c

904fcce0