- Nov 07, 2017
-
-
FdaSilvaYY authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4457)
-
FdaSilvaYY authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4457)
-
Richard Levitte authored
'rsa', 'sha' and 'tlsext' can't be disabled, not even as a consequence of other conditions, so having cascading disables that depend on them is futile. Clean up! Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4693)
-
Rich Salz authored
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4692)
-
Matt Caswell authored
If SSL_read() is called with a zero length buffer, and we read a zero length record then we should mark that record as read. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4685)
-
Matt Caswell authored
Normally TLSProxy waits for the s_server process to finish before continuing. However in cases where serverconnects > 1 we need to keep the s_server process around for a later test so we continue immediately. This means that TAP test output can end up being printed to stdout at the same time as s_server is printing stuff. This confuses the test runner and can cause spurious test failures. This commit introduces a small delay in cases where serverconnects > 1 in order to give s_server enough time to finish what it was doing before we continue to the next test. Fixes #4129 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4660)
-
Matt Caswell authored
There were 4 macros in ocsp.h that have not worked since 1.1.0 because they attempt to access the internals of an opaque structure. For OCSP_REQUEST_sign() applications should use OCSP_request_sign() instead. For OCSP_BASICRESP_sign() applications should use OCSP_basic_sign() instead. For OCSP_REQUEST_verify() applications should use OCSP_request_verify() instead. For OCSP_BASICRESP_verify() applications should use OCSP_basic_verify() instead. Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4635)
-
- Nov 06, 2017
-
-
Pauli authored
The Chinese cryptographic operations should appear in the disabled list if they are disabled. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4678)
-
- Nov 05, 2017
-
-
Ronald Tse authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4616)
-
Jack Lloyd authored
SM3 is a secure hash function which is part of the Chinese "Commercial Cryptography" suite of algorithms which use is required for certain commercial applications in China. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4616)
-
FdaSilvaYY authored
Based on patch from Tomasz Moń: https://groups.google.com/forum/#!topic/mailing.openssl.dev/fQxXvCg1uQY Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/1008)
-
Andy Polyakov authored
It's not clear if it's a feature or bug, but binutils-2.29[.1] interprets 'adr' instruction with Thumb2 code reference differently, in a way that affects calculation of addresses of constants' tables. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4669)
-
- Nov 03, 2017
-
-
Benjamin Kaduk authored
Do not try to fuzz-test structures/routines that are compiled out of the library due to library configuration. Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4664)
-
Pavel Kopyl authored
CLA: trivial Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4600)
-
Pavel Kopyl authored
CLA: trivial Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4600)
-
Pavel Kopyl authored
CLA: trivial Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4600)
-
Kurt Roeckx authored
Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #4653
-
Kurt Roeckx authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #4648
-
Kurt Roeckx authored
b2 being negative is ignored Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #4648
-
Kurt Roeckx authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #4648
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4652)
-
- Nov 02, 2017
-
-
Matt Caswell authored
Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Credit to OSS-Fuzz for finding this. CVE-2017-3736 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
In OpenSSL pre 1.1.0, 'openssl x509 -CAkeyformat engine' was possible and supported. In 1.1.0, a small typo ('F' instead of 'f') removed that possibility. This restores the pre 1.1.0 behavior. Fixes #4366 Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4643)
-
- Nov 01, 2017
-
-
Pauli authored
information about the length of the scalar used in ECDSA operations from a large number (2^32) of signatures. This doesn't rate as a CVE because: * For the non-constant time code, there are easier ways to extract more information. * For the constant time code, it requires a significant number of signatures to leak a small amount of information. Thanks to Neals Fournaise, Eliane Jaulmes and Jean-Rene Reinhard for reporting this issue. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4576)
-
Pauli authored
information about the length of a value used in DSA operations from a large number of signatures. This doesn't rate as a CVE because: * For the non-constant time code, there are easier ways to extract more information. * For the constant time code, it requires a significant number of signatures to leak a small amount of information. Thanks to Neals Fournaise, Eliane Jaulmes and Jean-Rene Reinhard for reporting this issue. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4576)
-
- Oct 31, 2017
-
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4637)
-
Richard Levitte authored
It turns out that (some?) fuzzers can read a dictionary of OIDs, so we generate one as part of the usual 'make update'. Fixes #4615 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4637)
-
Ronald Tse authored
* ARIA, SEED, Camellia * AES-XTS, OCB, CTR * Key wrap for 3DES, AES * RC4-MD5 AD * CFB modes with 1-bit and 8-bit shifts Split EVP_EncryptInit cipher list to individual man pages. Consolidate cipher bit-lengths in EVP_EncryptInit cipher list. Clarify Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4564)
-
Ronald Tse authored
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4628)
-
Richard Levitte authored
Missing names slipped through Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4629)
-
Dr. Matthias St. Pierre authored
A block of six TEST_int_xy() macro definitions was duplicated. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4624)
-
Baptiste Jonglez authored
The check should reject kernel versions < 4.1.0, not <= 4.1.0. The issue was spotted on OpenSUSE 42.1 Leap, since its linux/version.h header advertises 4.1.0. CLA: trivial Fixes: 7f458a48 ("ALG: Add AFALG engine") Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4617)
-
Baptiste Jonglez authored
The eventfd syscall is deprecated and is not available on aarch64, causing build to fail: engines/e_afalg.c: In function 'eventfd': engines/e_afalg.c:108:20: error: '__NR_eventfd' undeclared (first use in this function) return syscall(__NR_eventfd, n); ^ Instead, switch to the newer eventfd2 syscall, which is supposed to be supported by all architectures. This kind of issues would be avoided by simply using the eventfd(2) wrapper from the libc, but there must be subtle reasons not to... Tested on a aarch64 system running OpenSUSE Leap 42.1 (gcc118 from https://cfarm.tetaneutral.net/machines/list/ ) and also cross-compiling for aarch64 with LEDE (kernel 4.9). This properly fixes #1685. CLA: trivial Fixes: 7f458a48 ("ALG: Add AFALG engine") Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4617)
-
Ronald Tse authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4552)
-
- Oct 30, 2017
-
-
Kurt Roeckx authored
This restores the 1.0.2 behaviour Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Benjamin Kaduk <bkaduk@akamai.com> GH: #4613
-
Richard Levitte authored
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4596)
-
Richard Levitte authored
No two public key ASN.1 methods with the same pkey_id can be registered at the same time. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4596)
-
Richard Levitte authored
[skip ci] Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4596)
-