- 28 May, 2015 2 commits
-
-
Dr. Stephen Henson authored
Reviewed-by:
Rich Salz <rsalz@openssl.org> (cherry picked from commit 2849707f)
-
Dr. Stephen Henson authored
Reviewed-by:
-
- 22 May, 2015 2 commits
-
-
Matt Caswell authored
If BN_rand is called with |bits| set to 1 and |top| set to 1 then a 1 byte buffer overflow can occur. There are no such instances within the OpenSSL at the moment. Thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke, Filip Palian for discovering and reporting this issue. Reviewed-by:Kurt Roeckx <kurt@openssl.org>
-
Matt Caswell authored
The functions BN_rshift and BN_lshift shift their arguments to the right or left by a specified number of bits. Unpredicatable results (including crashes) can occur if a negative number is supplied for the shift value. Thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and Filip Palian for discovering and reporting this issue. Reviewed-by:
-
- 13 May, 2015 1 commit
-
-
Rich Salz authored
The big "don't check for NULL" cleanup requires backporting some of the lowest-level functions to actually do nothing if NULL is given. This will make it easier to backport fixes to release branches, where master assumes those lower-level functions are "safe" This commit addresses those tickets: 3798 3799 3801. Reviewed-by:
Matt Caswell <matt@openssl.org> (cherry picked from commit f34b095f) (cherry picked from commit 690d040b)
-
- 18 Apr, 2015 1 commit
-
-
Dr. Stephen Henson authored
Fix bug where i2c_ASN1_INTEGER mishandles zero if it is marked as negative. Thanks to Huzaifa Sidhpurwala <huzaifas@redhat.com> and Hanno Böck <hanno@hboeck.de> for reporting this issue. Reviewed-by:
-
- 16 Apr, 2015 1 commit
-
-
Viktor Dukhovni authored
Reviewed-by:Matt Caswell <gitlab@openssl.org>
-
- 14 Apr, 2015 2 commits
-
-
Matt Caswell authored
If OpenSSL is configured with no-tlsext then ssl_get_prev_session can read past the end of the ClientHello message if the session_id length in the ClientHello is invalid. This should not cause any security issues since the underlying buffer is 16k in size. It should never be possible to overrun by that many bytes. This is probably made redundant by the previous commit - but you can never be too careful. With thanks to Qinghao Tang for reporting this issue. Reviewed-by:
-
Matt Caswell authored
The ClientHello processing is insufficiently rigorous in its checks to make sure that we don't read past the end of the message. This does not have security implications due to the size of the underlying buffer - but still needs to be fixed. With thanks to Qinghao Tang for reporting this issue. Reviewed-by:
-
- 10 Apr, 2015 1 commit
-
-
Dr. Stephen Henson authored
While *pval is usually a pointer in rare circumstances it can be a long value. One some platforms (e.g. WIN64) where sizeof(long) < sizeof(ASN1_VALUE *) this will write past the field. *pval is initialised correctly in the rest of ASN1_item_ex_new so setting it to NULL is unecessary anyway. Thanks to Julien Kauffmann for reporting this issue. Reviewed-by:
Richard Levitte <levitte@openssl.org> (cherry picked from commit f617b496) Conflicts: crypto/asn1/tasn_new.c
-
- 08 Apr, 2015 1 commit
-
-
Richard Levitte authored
Since source reformat, we ended up with some error reason string definitions that spanned two lines. That in itself is fine, but we sometimes edited them to provide better strings than what could be automatically determined from the reason macro, for example: {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER), "Peer haven't sent GOST certificate, required for selected ciphersuite"}, However, mkerr.pl didn't treat those two-line definitions right, and they ended up being retranslated to whatever the macro name would indicate, for example: {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER), "No gost certificate sent by peer"}, Clearly not what we wanted. This change fixes this problem. Reviewed-by:
-
- 24 Mar, 2015 1 commit
-
-
Dr. Stephen Henson authored
If a set of certificates is supplied to OCSP_basic_verify use those in addition to any present in the OCSP response as untrusted CAs when verifying a certificate chain. PR#3668 Reviewed-by:
-
- 19 Mar, 2015 11 commits
-
-
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Fix some unsigned/signed warnings introduced as part of the fix for CVE-2015-0293 Reviewed-by:
Tim Hudson <tjh@openssl.org> Reviewed-by:
-
Matt Caswell authored
Reported by the LibreSSL project as a follow on to CVE-2015-0209 Reviewed-by: -
Richard Levitte authored
Reviewed-by:Andy Polyakov <appro@openssl.org>
-
Matt Caswell authored
Update the NEWS file with the latest entries from CHANGES ready for the release. Reviewed-by: -
Matt Caswell authored
Update CHANGES fiel with all the latest fixes ready for the release. Conflicts: CHANGES Conflicts: CHANGES Reviewed-by: -
Emilia Kasper authored
This assert is reachable for servers that support SSLv2 and export ciphers. Therefore, such servers can be DoSed by sending a specially crafted SSLv2 CLIENT-MASTER-KEY. Also fix s2_srvr.c to error out early if the key lengths are malformed. These lengths are sent unencrypted, so this does not introduce an oracle. CVE-2015-0293 This issue was discovered by Sean Burford (Google) and Emilia Käsper of the OpenSSL development team. Reviewed-by:
-
Emilia Kasper authored
In PKCS#7, the ASN.1 content component is optional. This typically applies to inner content (detached signatures), however we must also handle unexpected missing outer content correctly. This patch only addresses functions reachable from parsing, decryption and verification, and functions otherwise associated with reading potentially untrusted data. Correcting all low-level API calls requires further work. CVE-2015-0289 Thanks to Michal Zalewski (Google) for reporting this issue. Reviewed-by:Steve Henson <steve@openssl.org> Conflicts: crypto/pkcs7/pk7_doit.c
-
Dr. Stephen Henson authored
Fix segmentation violation when ASN1_TYPE_cmp is passed a boolean type. This can be triggered during certificate verification so could be a DoS attack against a client or a server enabling client authentication. CVE-2015-0286 Reviewed-by:
-
- 18 Mar, 2015 1 commit
-
-
Dr. Stephen Henson authored
CVE-2015-0287 Reviewed-by:
Emilia Käsper <emilia@openssl.org>
-
- 14 Mar, 2015 2 commits
-
-
Dr. Stephen Henson authored
Reviewed-by: -
Kurt Roeckx authored
They are moved to the COMPLEMENTOFDEFAULT instead. Reviewed-by:
-
- 11 Mar, 2015 1 commit
-
-
Matt Caswell authored
Cleanse various intermediate buffers used by the PRF (backported version from master). Conflicts: ssl/s3_enc.c Conflicts: ssl/t1_enc.c Conflicts: ssl/t1_enc.c Reviewed-by:
-
- 08 Mar, 2015 1 commit
-
-
Dr. Stephen Henson authored
Fix compiler warnings (similar to commit 25012d5e ) Reviewed-by:
-
- 06 Mar, 2015 1 commit
-
-
Matt Caswell authored
Make the output from mkerr.pl consistent with the newly reformatted code. Reviewed-by:
-
- 02 Mar, 2015 2 commits
-
-
Dr. Stephen Henson authored
CVE-2015-0288 PR#3708 Reviewed-by:
-
Dr. Stephen Henson authored
The format script didn't correctly recognise some ASN.1 macros and didn't reformat some files as a result. Fix script and reformat affected files. Reviewed-by:
-
- 25 Feb, 2015 1 commit
-
-
Matt Caswell authored
Inspired by BoringSSL commit 517073cd4b by Eric Roman <eroman@chromium.org> CVE-2015-0209 Reviewed-by:
-
- 09 Feb, 2015 2 commits
-
-
Andy Polyakov authored
Reviewed-by:
-
Andy Polyakov authored
Reviewed-by:
-
- 06 Feb, 2015 1 commit
-
-
Matt Caswell authored
Reviewed-by:
-
- 05 Feb, 2015 1 commit
-
-
Rich Salz authored
Reviewed-by:
-
- 03 Feb, 2015 1 commit
-
-
Dr. Stephen Henson authored
PR:3683 Reviewed-by:
-
- 22 Jan, 2015 3 commits
-
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
This should be a one off operation (subsequent invokation of the script should not move them) This commit is for the 0.9.8 changes Reviewed-by:
-
