- May 11, 2014
-
-
Viktor Dukhovni authored
-
Tim Hudson authored
-
- May 09, 2014
-
-
Dr. Stephen Henson authored
If the key type does not match any CMS recipient type return an error instead of using a random key (MMA mitigation). This does not leak any useful information to an attacker. PR#3348 (cherry picked from commit 83a3182e0560f76548f4378325393461f6275493)
-
- May 08, 2014
-
-
Tim Hudson authored
-
Tim Hudson authored
-
- May 07, 2014
-
-
Tim Hudson authored
-
Matt Caswell authored
-
- May 06, 2014
-
-
Geoff Thorpe authored
This patch resolves RT ticket #2608. Thanks to Robert Dugal for originally spotting this, and to David Ramos for noticing that the ball had been dropped. Signed-off-by: Geoff Thorpe <geoff@openssl.org>
-
Geoff Thorpe authored
The lazy-initialisation of BN_MONT_CTX was serialising all threads, as noted by Daniel Sands and co at Sandia. This was to handle the case that 2 or more threads race to lazy-init the same context, but stunted all scalability in the case where 2 or more threads are doing unrelated things! We favour the latter case by punishing the former. The init work gets done by each thread that finds the context to be uninitialised, and we then lock the "set" logic after that work is done - the winning thread's work gets used, the losing threads throw away what they've done. Signed-off-by: Geoff Thorpe <geoff@openssl.org>
-
Geoff Thorpe authored
Even though the meat of dso_vms.c is compiled out on non-VMS builds, the (pre-)compiler still traverses some of the macro handling. This trips up at least one non-VMS build configuration, so this commit makes the skip-VMS case more robust. Signed-off-by: Geoff Thorpe <geoff@openssl.org>
-
Dr. Stephen Henson authored
PR#3289 PR#3345 (cherry picked from commit 3ba1e406)
-
Dr. Stephen Henson authored
(cherry picked from commit 9c5d953a)
-
- May 03, 2014
-
-
David Ramos authored
PR: 3338
-
- May 01, 2014
-
-
Jeff Trawick authored
RT: 3304
-
- Apr 30, 2014
-
-
Matt Caswell authored
-
Lubomir Rintel authored
Newer pod2man considers =item [1-9] part of a numbered list, while =item 0 starts an unnumbered list. Add a zero effect formatting mark to override this. doc/apps/smime.pod around line 315: Expected text after =item, not a number ... PR#3146
-
- Apr 26, 2014
-
-
mancha authored
Specify -f is for compilation flags. Add -d to synopsis section. (cherry picked from commit 006397ea62bbcae22c8664d53c2222b808c4bdd1) Closes #80.
-
- Apr 24, 2014
-
-
mancha authored
Fix eckey_priv_encode to return an error on failure of i2d_ECPrivateKey.
-
Steve Marquess authored
(cherry picked from commit 351f0a124bffaa94d2a8abdec2e7dde5ae9c457d)
-
- Apr 23, 2014
-
-
Ben Laurie authored
-
- Apr 22, 2014
-
-
mancha authored
Conflicts: CHANGES
-
- Apr 16, 2014
-
-
Dr. Stephen Henson authored
(cherry picked from commit 0dd5b94a)
-
- Apr 15, 2014
-
-
Dr. Stephen Henson authored
When looking for an extension we need to set the last found position to -1 to properly search all extensions. PR#3309. (cherry picked from commit 300b9f0b)
-
Dr. Stephen Henson authored
(cherry picked from commit 5f8e9a47)
-
- Apr 11, 2014
-
-
Dr. Stephen Henson authored
(cherry picked from commit 3143a332)
-
- Apr 09, 2014
-
-
Dr. Stephen Henson authored
Keep copy of any host, path and port values allocated by OCSP_parse_url and free as necessary. (cherry picked from commit 5219d3dd)
-
- Apr 07, 2014
-
-
Dr. Stephen Henson authored
(cherry picked from commit 4e6c12f3)
-
- Apr 06, 2014
-
-
Andy Polyakov authored
-
- Apr 04, 2014
-
-
Dr. Stephen Henson authored
Use bufsiz - 1 not BUFSIZ - 1 when prompting for a password in the openssl utility. Thanks to Rob Mackinnon, Leviathan Security for reporting this issue. (cherry picked from commit 7ba08a4d)
-
Dr. Stephen Henson authored
(cherry picked from commit 6cc00684)
-
- Apr 03, 2014
-
-
Dr. Stephen Henson authored
(cherry picked from commit dbb7654d)
-
Tim Hudson authored
New -hash_old to generate CRL hashes using old (before OpenSSL 1.0.0) algorithm. (cherry picked from commit de2d97cd)
-
- Apr 02, 2014
-
-
Eric Young authored
A short PEM encoded sequence if passed to the BIO, and the file had 2 \n following would fail. PR#3289 (cherry picked from commit 10378fb5)
-
- Mar 12, 2014
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Use a previously unused value as we will be updating multiple released branches.
-
Dr. Stephen Henson authored
Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" by Yuval Yarom and Naomi Benger. Details can be obtained from: http://eprint.iacr.org/2014/140 Thanks to Yuval Yarom and Naomi Benger for discovering this flaw and to Yuval Yarom for supplying a fix.
-
- Mar 10, 2014
-
-
Dr. Stephen Henson authored
(cherry picked from commit a029788b)
-
- Mar 07, 2014
-
-
Andy Polyakov authored
PR: 3275 (cherry picked from commit ea38f020)
-
- Feb 26, 2014
-
-
Dr. Stephen Henson authored
(cherry picked from commit 3eddd1706a30cdf3dc9278692d8ee9038eac8a0d)
-
- Feb 25, 2014
-
-
Andy Polyakov authored
PR: 3201 (cherry picked from commit 03da57fe)
-