Commits · f404943bcab4898d18f3ac1b36479d1d7bbbb9e6 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Jul 07, 2015

Add test for CVE-2015-1793 · f404943b

Matt Caswell authored Jul 02, 2015



This adds a test for CVE-2015-1793. This adds a new test file
verify_extra_test.c, which could form the basis for additional
verification tests.

Reviewed-by: Stephen Henson <steve@openssl.org>

f404943b

Fix alternate chains certificate forgery issue · 21376d8a

Matt Caswell authored Jun 24, 2015



During certificate verfification, OpenSSL will attempt to find an
alternative certificate chain if the first attempt to build such a chain
fails. An error in the implementation of this logic can mean that an
attacker could cause certain checks on untrusted certificates to be
bypassed, such as the CA flag, enabling them to use a valid leaf
certificate to act as a CA and "issue" an invalid certificate.

This occurs where at least one cert is added to the first chain from the
trust store, but that chain still ends up being untrusted. In that case
ctx->last_untrusted is decremented in error.

Patch provided by the BoringSSL project.

CVE-2015-1793

Reviewed-by: Stephen Henson <steve@openssl.org>

21376d8a

Jul 06, 2015

Relax CCM tag check. · c0b674b7

Dr. Stephen Henson authored Jun 09, 2015



In CCM mode don't require a tag before initialising decrypt: this allows
the tag length to be set without requiring the tag.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 9cca7be1)

c0b674b7

document -2 return value · a229c2b8

Dr. Stephen Henson authored Jul 06, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 5727582c)

a229c2b8

Jul 02, 2015

Fix PSK handling. · 3c66a669

Dr. Stephen Henson authored Jul 01, 2015



The PSK identity hint should be stored in the SSL_SESSION structure
and not in the parent context (which will overwrite values used
by other SSL structures with the same SSL_CTX).

Use BUF_strndup when copying identity as it may not be null terminated.

Reviewed-by: Tim Hudson <tjh@openssl.org>

3c66a669

Jun 29, 2015

Check for errors with SRP · f8f75a7e

Dr. Stephen Henson authored Jun 25, 2015



Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 5fced239)

f8f75a7e

Jun 25, 2015
- Don't output bogus errors in PKCS12_parse · 7c1dae55
  Dr. Stephen Henson authored Jun 24, 2015
```
PR#3923

Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit ffbf304d)
```
  7c1dae55
Jun 24, 2015
- Add docs for ssl verification parameter functions. · edbc9050
  Dr. Stephen Henson authored Jun 17, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 77672802)
```
  edbc9050
Jun 23, 2015

GH297: Fix NAME section of SSL_CTX_use_serverinfo.pod · c00206c3
Vitezslav Cizek authored Jun 16, 2015
```
Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
```
c00206c3

RT3682: Avoid double-free on OCSP parse error · 4ce5ed5f

Rich Salz authored Jun 23, 2015



Found by Kurt Cancemi

(Manual cherry-pick of f8e427154bbc0c33f29fa7aad001b1b655e5995b)
Reviewed-by: Matt Caswell <matt@openssl.org>

4ce5ed5f

RT3856: Fix memory leaks in test code · 295c629a

Russell Webb authored Jun 13, 2015



Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 2d540402)

295c629a

make update · c61bb1ab
Richard Levitte authored Jun 23, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
c61bb1ab

Rearrange rsaz · f59186e4

Richard Levitte authored Jun 23, 2015



A small rearrangement so the inclusion of rsaz_exp.h would be
unconditional, but what that header defines becomes conditional.

This solves the weirdness where rsaz_exp.h gets in and out of the
dependency list for bn_exp.c, depending on the present architecture.

Reviewed-by: Rich Salz <rsalz@openssl.org>

f59186e4

RT3907-fix · 0abf6104

Rich Salz authored Jun 22, 2015



Typo in local variable name; introduced by previous fix.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit cc3f3fc2)

0abf6104

Jun 22, 2015

RT3907: avoid "local" in testssl script · 57bd71b4

Rich Salz authored Jun 13, 2015



Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 75ba5c58)

57bd71b4

Jun 21, 2015

RT3917: add cleanup on an error path · 44754511

Rich Salz authored Jun 21, 2015



Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 7fba8407)

44754511

Cleanup mttest.c : because we no longer use stdio here, don't include it · 220b9519
Richard Levitte authored Jun 21, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 8ca96efd)
```
220b9519

Add -ldl to the build of mttest.c · 710e28ef

Richard Levitte authored Jun 21, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit d62c98c8)

710e28ef

Cleanup mttest.c : do not try to output reference counts when threads are done · 05d20833
Richard Levitte authored Jun 21, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 96462695)
```
05d20833
Cleanup mttest.c : better error reporting when certs are missing · 90ee3c16
Richard Levitte authored Jun 21, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 7a1789d2)
```
90ee3c16

Cleanup mttest.c : make ssl_method a pointer to const · 7ef46505

Richard Levitte authored Jun 21, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit f4c73bfe)

Conflicts:
	crypto/threads/mttest.c

7ef46505

Cleanup mttest.c : more output changes · 8ca21170

Richard Levitte authored Jun 21, 2015



More fprintf()s and printf()s to turn into BIO calls.

Reviewed-by: Rich Salz <rsalz@openssl.org>

8ca21170

Cleanup mttest.c : modernise output · 9007dfa2

Richard Levitte authored Jun 21, 2015



Construct bio_err and bio_stdout from file handles instead of FILE
pointers, since the latter might not be implemented (when OPENSSL_NO_STDIO
is defined).
Convert all output to use BIO_printf.
Change lh_foo to lh_SSL_SESSION_foo.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit bb8abd67)

Conflicts:
	crypto/threads/mttest.c

9007dfa2

Cleanup mttest.c : modernise the threads setup · 603bebc0

Richard Levitte authored Jun 21, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 5c78e183)

Conflicts:
	crypto/threads/mttest.c

603bebc0

Cleanup mttest.c : remove MS_CALLBACK · 56f07331
Richard Levitte authored Jun 21, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit a3f92865)
```
56f07331

RT1688: Add dependencies for parallel make · 8e6bb999

Rich Salz authored Jun 21, 2015



Backport to 1.0.1 and 1.0.2 to fix RT 3905

Reviewed-by: Richard Levitte <levitte@openssl.org>

8e6bb999

Jun 20, 2015

typo: should be OPENSSL_free · 8615d8b4

Dr. Stephen Henson authored Jun 20, 2015



Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit bc9567cd)

8615d8b4

Jun 16, 2015
- Make preprocessor error into real preprocessor error · 4f0812cc
  Richard Levitte authored Jun 15, 2015
```
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit b4f0d1a4)
```
  4f0812cc
- Remove one extraneous parenthesis · 3bf9adaa
  Richard Levitte authored Jun 13, 2015
```
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 30cf9178)
```
  3bf9adaa
Jun 12, 2015

Prepare for 1.0.2d-dev · 54ae378c
Matt Caswell authored Jun 12, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
54ae378c
Prepare for 1.0.2c release · 0ee5fcde
Matt Caswell authored Jun 12, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
OpenSSL_1_0_2c

0ee5fcde
Updated CHANGES and NEWS entries for new release · d4c17638
Matt Caswell authored Jun 12, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
d4c17638

Allow a zero length extension block · fe64245a

Adam Langley authored Jun 12, 2015



It is valid for an extension block to be present in a ClientHello, but to
be of zero length.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

fe64245a

Fix ABI break with HMAC · 1030f89f

Matt Caswell authored Jun 12, 2015



Recent HMAC changes broke ABI compatibility due to a new field in HMAC_CTX.
This backs that change out, and does it a different way.

Thanks to Timo Teras for the concept.

Conflicts:
	crypto/hmac/hmac.c

Reviewed-by: Richard Levitte <levitte@openssl.org>

1030f89f

Jun 11, 2015
- Prepare for 1.0.2c-dev · b6ed9917
  Matt Caswell authored Jun 11, 2015
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
  b6ed9917
- Prepare for 1.0.2b release · 7b560c17
  Matt Caswell authored Jun 11, 2015
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
  OpenSSL_1_0_2b
  
  7b560c17
- make update · c26bfada
  Matt Caswell authored Jun 11, 2015
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
  c26bfada
- bn/bn_gf2m.c: avoid infinite loop wich malformed ECParamters. · 40b8eb79
  Andy Polyakov authored Jun 11, 2015
```
CVE-2015-1788

Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 4924b37e)
```
  40b8eb79
- Update CHANGES and NEWS · ab17f6b7
  Matt Caswell authored Jun 10, 2015
```
Updates to CHANGES and NEWS to take account of the latest security fixes.

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  ab17f6b7
- PKCS#7: Fix NULL dereference with missing EncryptedContent. · 7bc2aee4
  Emilia Kasper authored May 12, 2015
```
CVE-2015-1790

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  7bc2aee4