Commits · f04665a653665cd6432b9adfeb7c7f12a7447d26 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Mar 18, 2014
- Retry callback only after ClientHello received. · f04665a6
  Piotr Sikora authored Mar 18, 2014
  
  f04665a6
Mar 12, 2014

Dr. Stephen Henson authored Mar 12, 2014

Use a previously unused value as we will be updating multiple released
branches.
(cherry picked from commit 0737acd2a8cc688902b5151cab5dc6737b82fb96)

14c67a70

Fix for CVE-2014-0076 · f9b6c0ba

Dr. Stephen Henson authored Mar 12, 2014

Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
http://eprint.iacr.org/2014/140

Thanks to Yuval Yarom and Naomi Benger for discovering this
flaw and to Yuval Yarom for supplying a fix.
(cherry picked from commit 2198be34)

Conflicts:

	CHANGES

f9b6c0ba

Mar 10, 2014
- typo · a029788b
  Dr. Stephen Henson authored Mar 10, 2014
  
  a029788b
- Simplify ssl_add_cert_chain logic. · d628885e
  Dr. Stephen Henson authored Mar 09, 2014
  
  d628885e
Mar 07, 2014

Remove -WX option from debug-VC-WIN32 · ab0f8804
Dr. Stephen Henson authored Mar 07, 2014
```
(cherry picked from commit 7a3e67f029969620966b8a627b8485d83692cca5)
```
ab0f8804
engines/ccgost/gosthash.c: simplify and avoid SEGV. · ea38f020
Andy Polyakov authored Mar 07, 2014
```
PR: 3275
```
ea38f020

SPARC T4 assembly pack: treat zero input length in CBC. · 5e44c144

Andy Polyakov authored Mar 07, 2014

The problem is that OpenSSH calls EVP_Cipher, which is not as
protective as EVP_CipherUpdate. Formally speaking we ought to
do more checks in *_cipher methods, including rejecting
lengths not divisible by block size (unless ciphertext stealing
is in place). But for now I implement check for zero length in
low-level based on precedent.

PR: 3087, 2775

5e44c144

Mar 06, 2014
- dh_check.c: check BN_CTX_get's return value. · 53e51612
  Andy Polyakov authored Mar 06, 2014
  
  53e51612
- test/Makefile: allow emulated test (e.g. under wine). · 687403fb
  Andy Polyakov authored Mar 06, 2014
```
Submitted by: Roumen Petrov
```
  687403fb
- bss_dgram.c,d1_lib.c: make it compile with mingw. · 972b0dc3
  Andy Polyakov authored Mar 06, 2014
```
Submitted by: Roumen Petrov
```
  972b0dc3
Mar 03, 2014
- For self signed root only indicate one error. · 315cd871
  Dr. Stephen Henson authored Mar 03, 2014
```
(cherry picked from commit bdfc0e284c89dd5781259cc19aa264aded538492)
```
  315cd871
Mar 01, 2014

PKCS#8 support for alternative PRFs. · 5693a308

Dr. Stephen Henson authored Feb 28, 2014

Add option to set an alternative to the default hmacWithSHA1 PRF
for PKCS#8 private key encryptions. This is used automatically
by PKCS8_encrypt if the nid specified is a PRF.

Add option to pkcs8 utility.

Update docs.
(cherry picked from commit b60272b0)

5693a308

Fix memory leak. · 01757858
Dr. Stephen Henson authored Feb 28, 2014
```
(cherry picked from commit 124d218889dfca33d277404612f1319afe04107e)
```
01757858

Add function to free compression methods. · db7b5e0d

Dr. Stephen Henson authored Feb 28, 2014

Although the memory allocated by compression methods is fixed and
cannot grow over time it can cause warnings in some leak checking
tools. The function SSL_COMP_free_compression_methods() will free
and zero the list of supported compression methods. This should
*only* be called in a single threaded context when an application
is shutting down to avoid interfering with existing contexts
attempting to look up compression methods.
(cherry picked from commit 976c5830)

db7b5e0d

Feb 28, 2014
- Makefile.org: fix syntax error on Solaris. · 65370f9b
  Andy Polyakov authored Feb 28, 2014
```
PR: 3271
```
  65370f9b
Feb 27, 2014
- Configure: mark unixware target as elf-1. · 4ca02656
  Andy Polyakov authored Feb 27, 2014
  
  4ca02656
- perlasm/x86asm.pl: recognize elf-1 denoting old ELF platforms. · b62a4a1c
  Andy Polyakov authored Feb 27, 2014
  
  b62a4a1c
- perlasm/x86gas.pl: limit special OPENSSL_ia32cap_P treatment to ELF. · ce876d83
  Andy Polyakov authored Feb 27, 2014
  
  ce876d83
- rc4/asm/rc4-586.pl: allow for 386-only build. · f861b1d4
  Andy Polyakov authored Feb 27, 2014
  
  f861b1d4
- des/asm/des-586.pl: shortcut reference to DES_SPtrans. · fd361a67
  Andy Polyakov authored Feb 27, 2014
  
  fd361a67
Feb 26, 2014
- CABForum EV OIDs for Subject Jurisdiction of Incorporation or Registration. · 52f71f81
  Rob Stradling authored Feb 25, 2014
  
  52f71f81
- Fix for WIN32 builds with KRB5 · 031ea2d1
  Dr. Stephen Henson authored Feb 26, 2014
```
(cherry picked from commit 3eddd1706a30cdf3dc9278692d8ee9038eac8a0d)
```
  031ea2d1
- sha/asm/sha256-586.pl: don't try to compile SIMD with no-sse2. · d49135e7
  Andy Polyakov authored Feb 26, 2014
  
  d49135e7
- sha/asm/sha512-x86_64.pl: fix compilation error on Solaris. · 147cca8f
  Andy Polyakov authored Feb 26, 2014
  
  147cca8f
- Configure: blended processor target in solaris-x86-cc. · 7bb9d84e
  Andy Polyakov authored Feb 26, 2014
  
  7bb9d84e
Feb 25, 2014
- ssl/t1_enc.c: check EVP_MD_CTX_copy return value. · 03da57fe
  Andy Polyakov authored Feb 25, 2014
```
PR: 3201
```
  03da57fe
- aes/asm/vpaes-ppc.pl: fix traceback info. · e704741b
  Andy Polyakov authored Feb 25, 2014
  
  e704741b
- Don't use BN_ULLONG in n2l8 use SCTS_TIMESTAMP. · e0520c65
  Dr. Stephen Henson authored Feb 25, 2014
```
(cherry picked from commit 3678161d)
```
  e0520c65
- Fix for v3_scts.c · 3a325c60
  Dr. Stephen Henson authored Feb 25, 2014
```
Not all platforms define BN_ULLONG. Define SCTS_TIMESTAMP as a type
which should work on all platforms.
(cherry picked from commit 66344167)
```
  3a325c60
- Add -show_chain option to print out verified chain. · 86a2f966
  Dr. Stephen Henson authored Feb 25, 2014
  
  86a2f966
- Avoid Windows 8 Getversion deprecated errors. · a4cc3c80
  Dr. Stephen Henson authored Feb 25, 2014
```
Windows 8 SDKs complain that GetVersion() is deprecated.

We only use GetVersion like this:

	(GetVersion() < 0x80000000)

which checks if the Windows version is NT based. Use a macro check_winnt()
which uses GetVersion() on older SDK versions and true otherwise.
```
  a4cc3c80
- Parse non-v1 SCTs less awkwardly. · 19f65ddb
  Rob Stradling authored Feb 25, 2014
  
  19f65ddb
Feb 24, 2014
- ms/do_win64a.bat: forward to NUL, not NUL:. · 63aff300
  Andy Polyakov authored Feb 24, 2014
```
Allegedly formwarding to NUL: sometimes creates NUL file in file
system.

PR: 3250
```
  63aff300
- BC-32.pl: refresh Borland C support. · 779c51c6
  Andy Polyakov authored Feb 24, 2014
```
PR: 3251
Suggested by: Thorsten Schning
```
  779c51c6
- x509/by_dir.c: fix run-away pointer (and potential SEGV) · 758954e0
  Andy Polyakov authored Feb 24, 2014
```
when adding duplicates in add_cert_dir.

PR: 3261
Reported by: Marian Done
```
  758954e0
- config: recognize ARMv8/AArch64 target. · d099f0ed
  Andy Polyakov authored Feb 24, 2014
  
  d099f0ed
Feb 23, 2014

Only set current certificate to valid values. · 358d352a
Dr. Stephen Henson authored Feb 23, 2014
```
When setting the current certificate check that it has a corresponding
private key.
```
358d352a

New chain building flags. · 13dc3ce9

Dr. Stephen Henson authored Feb 23, 2014

New flags to build certificate chains. The can be used to rearrange
the chain so all an application needs to do is add all certificates
in arbitrary order and then build the chain to check and correct them.

Add verify error code when building chain.

Update docs.

13dc3ce9

Feb 21, 2014
- Option to set current cert to server certificate. · daddd9a9
  Dr. Stephen Henson authored Feb 21, 2014
  
  daddd9a9