Dr. Stephen Henson [Thu, 1 Sep 2011 14:23:31 +0000 (14:23 +0000)]
make timing attack protection unconditional
Dr. Stephen Henson [Thu, 1 Sep 2011 14:02:02 +0000 (14:02 +0000)]
PR: 2573
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS buffering and decryption bug.
Dr. Stephen Henson [Thu, 1 Sep 2011 13:52:27 +0000 (13:52 +0000)]
PR: 2589
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Initialise p pointer.
Dr. Stephen Henson [Thu, 1 Sep 2011 13:48:57 +0000 (13:48 +0000)]
PR: 2588
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Close file pointer.
Dr. Stephen Henson [Thu, 1 Sep 2011 13:45:25 +0000 (13:45 +0000)]
PR: 2586
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Zero structure fields properly.
Dr. Stephen Henson [Thu, 1 Sep 2011 13:37:20 +0000 (13:37 +0000)]
PR: 2586
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Fix brace mismatch.
Dr. Stephen Henson [Sun, 14 Aug 2011 13:48:42 +0000 (13:48 +0000)]
Remove hard coded ecdsaWithSHA1 hack in ssl routines and check for RSA
using OBJ xref utilities instead of string comparison with OID name.
This removes the arbitrary restriction on using SHA1 only with some ECC
ciphersuites.
Andy Polyakov [Fri, 12 Aug 2011 12:32:10 +0000 (12:32 +0000)]
Alpha assembler fixes from HEAD.
PR: 2577
Dr. Stephen Henson [Wed, 20 Jul 2011 15:21:52 +0000 (15:21 +0000)]
PR: 2559
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS socket error bug
Dr. Stephen Henson [Wed, 20 Jul 2011 15:17:33 +0000 (15:17 +0000)]
PR: 2555
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS sequence number bug
Dr. Stephen Henson [Wed, 20 Jul 2011 15:13:16 +0000 (15:13 +0000)]
PR: 2550
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS HelloVerifyRequest Timer bug
Andy Polyakov [Fri, 15 Jul 2011 19:59:18 +0000 (19:59 +0000)]
config: detect if assembler supports --noexecstack and pass it down [from HEAD].
Dr. Stephen Henson [Thu, 14 Jul 2011 12:01:25 +0000 (12:01 +0000)]
PR: 2556 (partial)
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve
Fix OID routines.
Check on encoding leading zero rejection should start at beginning of
encoding.
Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
Andy Polyakov [Wed, 13 Jul 2011 14:55:11 +0000 (14:55 +0000)]
ms/uplink.c: fix Visual Studio 2010 warning [from HEAD].
Andy Polyakov [Wed, 13 Jul 2011 06:23:25 +0000 (06:23 +0000)]
perlasm/cbc.pl: fix tail processing bug [from HEAD].
PR: 2557
Bodo Möller [Mon, 11 Jul 2011 12:13:50 +0000 (12:13 +0000)]
Fix typo.
Submitted by: Jim Morrison
Dr. Stephen Henson [Wed, 22 Jun 2011 15:39:00 +0000 (15:39 +0000)]
PR: 2470
Submitted by: Corinna Vinschen <vinschen@redhat.com>
Reviewed by: steve
Don't call ERR_remove_state from DllMain.
Dr. Stephen Henson [Wed, 22 Jun 2011 15:29:55 +0000 (15:29 +0000)]
PR: 2543
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Correctly handle errors in DTLSv1_handle_timeout()
Dr. Stephen Henson [Wed, 22 Jun 2011 15:23:32 +0000 (15:23 +0000)]
PR: 2540
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve
Prevent infinite loop in BN_GF2m_mod_inv().
Dr. Stephen Henson [Wed, 22 Jun 2011 15:15:38 +0000 (15:15 +0000)]
correctly encode OIDs near 2^32
Dr. Stephen Henson [Mon, 20 Jun 2011 20:05:38 +0000 (20:05 +0000)]
make EVP_dss() work for DSA signing
Bodo Möller [Wed, 15 Jun 2011 14:21:17 +0000 (14:21 +0000)]
Complete the version history (include information on unreleased
version 0.9.8s to show full information).
Dr. Stephen Henson [Wed, 8 Jun 2011 15:56:20 +0000 (15:56 +0000)]
fix memory leak
Dr. Stephen Henson [Wed, 25 May 2011 15:21:12 +0000 (15:21 +0000)]
PR: 2533
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Setting SSL_MODE_RELEASE_BUFFERS should be ignored for DTLS, but instead causes
the program to crash. This is due to missing version checks and is fixed with
this patch.
Dr. Stephen Henson [Wed, 25 May 2011 15:15:52 +0000 (15:15 +0000)]
PR: 2529
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve
Call ssl_new() to reallocate SSL BIO internals if we want to replace
the existing internal SSL structure.
Dr. Stephen Henson [Wed, 25 May 2011 15:06:05 +0000 (15:06 +0000)]
PR: 2527
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve
Set cnf to NULL to avoid possible double free.
Dr. Stephen Henson [Wed, 25 May 2011 14:52:44 +0000 (14:52 +0000)]
Fix the ECDSA timing attack mentioned in the paper at:
http://eprint.iacr.org/2011/232.pdf
Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
Dr. Stephen Henson [Wed, 25 May 2011 14:43:05 +0000 (14:43 +0000)]
Fix the ECDSA timing attack mentioned in the paper at:
http://eprint.iacr.org/2011/232.pdf
Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
Dr. Stephen Henson [Wed, 25 May 2011 14:29:55 +0000 (14:29 +0000)]
Oops use up to date patch for PR#2506
Dr. Stephen Henson [Wed, 25 May 2011 12:36:50 +0000 (12:36 +0000)]
PR: 2512
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix BIO_accept so it can be bound to IPv4 or IPv6 sockets consistently.
Dr. Stephen Henson [Wed, 25 May 2011 12:28:31 +0000 (12:28 +0000)]
PR: 2506
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fully implement SSL_clear for DTLS.
Dr. Stephen Henson [Wed, 25 May 2011 12:24:26 +0000 (12:24 +0000)]
PR: 2505
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS session resumption timer bug.
Dr. Stephen Henson [Thu, 19 May 2011 17:56:47 +0000 (17:56 +0000)]
update date
Dr. Stephen Henson [Thu, 19 May 2011 17:39:49 +0000 (17:39 +0000)]
inherit HMAC flags from MD_CTX
Dr. Stephen Henson [Thu, 19 May 2011 16:18:25 +0000 (16:18 +0000)]
set encodedPoint to NULL after freeing it
Dr. Stephen Henson [Sat, 30 Apr 2011 23:38:24 +0000 (23:38 +0000)]
no need to include memory.h
Dr. Stephen Henson [Wed, 6 Apr 2011 18:07:02 +0000 (18:07 +0000)]
check buffer is larger enough before overwriting
Dr. Stephen Henson [Sun, 3 Apr 2011 17:15:08 +0000 (17:15 +0000)]
PR: 2462
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS Retransmission Buffer Bug
Dr. Stephen Henson [Sun, 3 Apr 2011 16:26:14 +0000 (16:26 +0000)]
PR: 2458
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Don't change state when answering DTLS ClientHello.
Dr. Stephen Henson [Sun, 3 Apr 2011 15:49:03 +0000 (15:49 +0000)]
PR: 2457
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS fragment reassembly bug.
Richard Levitte [Fri, 25 Mar 2011 16:21:39 +0000 (16:21 +0000)]
Corrections to the VMS build system.
Submitted by Steven M. Schweda <sms@antinode.info>
Dr. Stephen Henson [Fri, 25 Mar 2011 15:06:50 +0000 (15:06 +0000)]
make some non-VMS builds work again
Richard Levitte [Fri, 25 Mar 2011 09:40:18 +0000 (09:40 +0000)]
For VMS, implement the possibility to choose 64-bit pointers with
different options:
"64" The build system will choose /POINTER_SIZE=64=ARGV if
the compiler supports it, otherwise /POINTER_SIZE=64.
"64=" The build system will force /POINTER_SIZE=64.
"64=ARGV" The build system will force /POINTER_SIZE=64=ARGV.
Richard Levitte [Tue, 22 Mar 2011 23:56:18 +0000 (23:56 +0000)]
make update (1.0.0-stable)
Richard Levitte [Tue, 22 Mar 2011 23:54:13 +0000 (23:54 +0000)]
* util/mkdef.pl: Add crypto/o_str.h and crypto/o_time.h. Maybe some
more need to be added...
Richard Levitte [Sun, 20 Mar 2011 14:01:20 +0000 (14:01 +0000)]
* apps/makeapps.com: Forgot to end the check for /POINTER_SIZE=64=ARGV
with turning trapping back on.
* test/maketests.com: Do the same check for /POINTER_SIZE=64=ARGV
here.
* test/clean-test.com: A new script for cleaning up.
Richard Levitte [Sun, 20 Mar 2011 13:15:41 +0000 (13:15 +0000)]
* apps/openssl.c: For VMS, take care of copying argv if needed much earlier,
directly in main(). 'if needed' also includes when argv is a 32 bit
pointer in an otherwise 64 bit environment.
* apps/makeapps.com: When using /POINTER_SIZE=64, try to use the additional
=ARGV, but only if it's supported. Fortunately, DCL is very helpful
telling us in this case.
Richard Levitte [Sat, 19 Mar 2011 10:44:41 +0000 (10:44 +0000)]
Keep file references in the VMS build files in the same order as they
are in the Unix Makefiles
Richard Levitte [Sat, 19 Mar 2011 09:45:45 +0000 (09:45 +0000)]
Change INSTALL.VMS to reflect the changes done on the build and
install scripts. This could need some more work.
Richard Levitte [Sat, 19 Mar 2011 09:44:53 +0000 (09:44 +0000)]
Apply all the changes submitted by Steven M. Schweda <sms@antinode.info>
Dr. Stephen Henson [Sun, 13 Mar 2011 18:20:14 +0000 (18:20 +0000)]
PR: 2469
Submitted by: Jim Studt <jim@studt.net>
Reviewed by: steve
Check mac is present before trying to retrieve mac iteration count.
Dr. Stephen Henson [Thu, 10 Mar 2011 18:27:56 +0000 (18:27 +0000)]
make no-dsa work again
Andy Polyakov [Fri, 4 Mar 2011 13:11:54 +0000 (13:11 +0000)]
s390x-mont.pl: optimize for z196.
Andy Polyakov [Sat, 12 Feb 2011 16:46:10 +0000 (16:46 +0000)]
dso_dlfcn.c: make it work on Tru64 4.0 [from HEAD].
PR: 2316
Bodo Möller [Tue, 8 Feb 2011 19:06:57 +0000 (19:06 +0000)]
Sync with 0.9.8 branch.
Bodo Möller [Tue, 8 Feb 2011 17:58:45 +0000 (17:58 +0000)]
start 1.0.0e-dev
Bodo Möller [Tue, 8 Feb 2011 17:10:53 +0000 (17:10 +0000)]
OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d)
Submitted by: Neel Mehta, Adam Langley, Bodo Moeller
Bodo Möller [Tue, 8 Feb 2011 08:42:15 +0000 (08:42 +0000)]
Add complete information on 0.9.8 branch.
Bodo Möller [Thu, 3 Feb 2011 12:04:40 +0000 (12:04 +0000)]
Assorted bugfixes:
- safestack macro changes for C++ were incomplete
- RLE decompression boundary case
- SSL 2.0 key arg length check
Submitted by: Google (Adam Langley, Neel Mehta, Bodo Moeller)
Bodo Möller [Thu, 3 Feb 2011 11:21:20 +0000 (11:21 +0000)]
fix omission
Dr. Stephen Henson [Tue, 1 Feb 2011 12:54:04 +0000 (12:54 +0000)]
Since FIPS 186-3 specifies we use the leftmost bits of the digest
we shouldn't reject digest lengths larger than SHA256: the FIPS
algorithm tests include SHA384 and SHA512 tests.
Dr. Stephen Henson [Sun, 30 Jan 2011 01:05:38 +0000 (01:05 +0000)]
stop warnings about no previous prototype when compiling shared engines
Dr. Stephen Henson [Mon, 24 Jan 2011 16:20:15 +0000 (16:20 +0000)]
PR: 2433
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve
Constify ASN1_STRING_set_default_mask_asc().
Dr. Stephen Henson [Mon, 24 Jan 2011 15:08:01 +0000 (15:08 +0000)]
check EC public key isn't point at infinity
Dr. Stephen Henson [Mon, 24 Jan 2011 14:41:58 +0000 (14:41 +0000)]
PR: 1612
Submitted by: Robert Jackson <robert@rjsweb.net>
Reviewed by: steve
Fix EC_POINT_cmp function for case where b but not a is the point at infinity.
Dr. Stephen Henson [Thu, 13 Jan 2011 15:42:59 +0000 (15:42 +0000)]
stop warning with no-engine
Richard Levitte [Mon, 10 Jan 2011 21:00:25 +0000 (21:00 +0000)]
The previous change was incorrect in this branch...
Richard Levitte [Mon, 10 Jan 2011 20:55:24 +0000 (20:55 +0000)]
PR: 2425
Synchronise VMS build with Unixly build.
Richard Levitte [Thu, 6 Jan 2011 20:56:07 +0000 (20:56 +0000)]
PR: 2407
Fix fault include.
Submitted by Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>
Dr. Stephen Henson [Tue, 4 Jan 2011 19:33:22 +0000 (19:33 +0000)]
Since DTLS 1.0 is based on TLS 1.1 we should never return a decryption_failed
alert.
Dr. Stephen Henson [Mon, 3 Jan 2011 12:53:33 +0000 (12:53 +0000)]
oops missed an assert
Dr. Stephen Henson [Mon, 3 Jan 2011 01:40:34 +0000 (01:40 +0000)]
PR: 2411
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve
Fix corner cases in RFC3779 code.
Dr. Stephen Henson [Mon, 3 Jan 2011 01:27:00 +0000 (01:27 +0000)]
Fix escaping code for string printing. If *any* escaping is enabled we
must escape the escape character itself (backslash).
Dr. Stephen Henson [Mon, 3 Jan 2011 01:22:09 +0000 (01:22 +0000)]
PR: 2410
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve
Use OPENSSL_assert() instead of assert().
Dr. Stephen Henson [Mon, 3 Jan 2011 01:07:03 +0000 (01:07 +0000)]
PR: 2413
Submitted by: Michael Bergandi <mbergandi@gmail.com>
Reviewed by: steve
Fix typo in crypto/bio/bss_dgram.c
Dr. Stephen Henson [Mon, 3 Jan 2011 00:44:14 +0000 (00:44 +0000)]
use fips-dev not dev-fips
Dr. Stephen Henson [Mon, 3 Jan 2011 00:26:05 +0000 (00:26 +0000)]
PR: 2416
Submitted by: Mark Phalan <mark.phalan@oracle.com>
Reviewed by: steve
Use L suffix in version number.
Richard Levitte [Tue, 14 Dec 2010 21:44:36 +0000 (21:44 +0000)]
Part of the IF structure didn't get pasted here...
PR: 2393
Richard Levitte [Tue, 14 Dec 2010 19:18:52 +0000 (19:18 +0000)]
First attempt at adding the possibility to set the pointer size for the builds on VMS.
PR: 2393
Andy Polyakov [Sat, 11 Dec 2010 14:53:58 +0000 (14:53 +0000)]
bss_file.c: refine UTF8 logic [from HEAD].
PR: 2382
Dr. Stephen Henson [Fri, 3 Dec 2010 19:31:06 +0000 (19:31 +0000)]
ignore leading null fields
Dr. Stephen Henson [Thu, 2 Dec 2010 19:37:46 +0000 (19:37 +0000)]
update for next release
Dr. Stephen Henson [Thu, 2 Dec 2010 18:29:04 +0000 (18:29 +0000)]
prepare for release
Dr. Stephen Henson [Thu, 2 Dec 2010 18:26:12 +0000 (18:26 +0000)]
make update
Dr. Stephen Henson [Thu, 2 Dec 2010 18:24:55 +0000 (18:24 +0000)]
fix for CVE-2010-4180
Dr. Stephen Henson [Thu, 2 Dec 2010 17:59:36 +0000 (17:59 +0000)]
PR: 2386
Submitted by: Stefan Birrer <stefan.birrer@adnovum.ch>
Reviewed by: steve
Correct SKM_ASN1_SET_OF_d2i macro.
Dr. Stephen Henson [Thu, 2 Dec 2010 13:45:15 +0000 (13:45 +0000)]
fix doc typos
Dr. Stephen Henson [Thu, 2 Dec 2010 00:10:27 +0000 (00:10 +0000)]
use consistent FAQ between version
Andy Polyakov [Tue, 30 Nov 2010 22:19:26 +0000 (22:19 +0000)]
Configure: make -mno-cygwin optional on mingw platforms [from HEAD].
PR: 2381
Dr. Stephen Henson [Tue, 30 Nov 2010 19:37:33 +0000 (19:37 +0000)]
PR: 2385
Submitted by: Stefan Birrer <stefan.birrer@adnovum.ch>
Reviewed by: steve
Zero key->pkey.ptr after it is freed so the structure can be reused.
Dr. Stephen Henson [Tue, 30 Nov 2010 13:42:15 +0000 (13:42 +0000)]
update NEWS
Richard Levitte [Mon, 29 Nov 2010 22:27:21 +0000 (22:27 +0000)]
Better method for creating SSLROOT:.
Make sure to include the path to evptest.txt.
Dr. Stephen Henson [Mon, 29 Nov 2010 18:21:43 +0000 (18:21 +0000)]
add CVE to J-PAKE issue
Dr. Stephen Henson [Mon, 29 Nov 2010 16:53:54 +0000 (16:53 +0000)]
update NEWS
Dr. Stephen Henson [Sat, 27 Nov 2010 17:34:57 +0000 (17:34 +0000)]
Some of the MS_STATIC use in crypto/evp is a legacy from the days when
EVP_MD_CTX was much larger: it isn't needed anymore.
Dr. Stephen Henson [Thu, 25 Nov 2010 12:28:28 +0000 (12:28 +0000)]
PR: 2240
Submitted by: Jack Lloyd <lloyd@randombit.net>, "Mounir IDRASSI" <mounir.idrassi@idrix.net>, steve
Reviewed by: steve
As required by RFC4492 an absent supported points format by a server is
not an error: it should be treated as equivalent to an extension only
containing uncompressed.
Ben Laurie [Wed, 24 Nov 2010 15:07:56 +0000 (15:07 +0000)]
Document change.
Ben Laurie [Wed, 24 Nov 2010 13:48:12 +0000 (13:48 +0000)]
J-PAKE was not correctly checking values, which could lead to attacks.
Andy Polyakov [Tue, 23 Nov 2010 23:01:01 +0000 (23:01 +0000)]
INSTALL.W32: document trouble with symlinks under MSYS [from HEAD].
PR: 2377
Richard Levitte [Tue, 23 Nov 2010 02:12:11 +0000 (02:12 +0000)]
Implement bc test strategy as submitted by Steven M. Schweda <sms@antinode.info>.
Make sure we move to '__here' before trying to use it to build local sslroot: