Bodo Möller [Mon, 19 Feb 2007 18:38:11 +0000 (18:38 +0000)]
Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that a
ciphersuite string such as "DEFAULT:RSA" cannot enable
authentication-only ciphersuites.
Bodo Möller [Mon, 19 Feb 2007 17:55:07 +0000 (17:55 +0000)]
remove inconsistency between builds with and without Camellia enabled
Bodo Möller [Mon, 19 Feb 2007 14:47:21 +0000 (14:47 +0000)]
fix incorrect strength bit values for certain Kerberos ciphersuites
Submitted by: Victor Duchovni
Dr. Stephen Henson [Sun, 18 Feb 2007 18:18:31 +0000 (18:18 +0000)]
Avoid warning.
Dr. Stephen Henson [Sun, 18 Feb 2007 17:23:20 +0000 (17:23 +0000)]
Fix Win32 warnings.
Bodo Möller [Sat, 17 Feb 2007 06:52:42 +0000 (06:52 +0000)]
Some fixes for ciphersuite string processing:
- add a workaround provided by Victor Duchovni so that 128- and
256-bit variants of otherwise identical ciphersuites are treated
correctly;
- also, correctly skip invalid parts of ciphersuite description strings.
Submitted by: Victor Duchovni, Bodo Moeller
Nils Larsch [Fri, 16 Feb 2007 20:40:07 +0000 (20:40 +0000)]
ensure that the EVP_CIPHER_CTX object is initialized
PR: 1490
Richard Levitte [Fri, 16 Feb 2007 18:12:20 +0000 (18:12 +0000)]
Add STARTTLS support for IMAP and FTP.
Submitted by Kees Cook <kees@outflux.net>
Nils Larsch [Wed, 14 Feb 2007 21:50:26 +0000 (21:50 +0000)]
- use OPENSSL_malloc() etc. in zlib
- move zlib_stateful_ex_idx initialization to COMP_zlib()
PR: 1468
Nils Larsch [Sat, 10 Feb 2007 10:40:24 +0000 (10:40 +0000)]
use user-supplied malloc functions for persistent kssl objects
PR: 1467
Submitted by: Andrei Pelinescu-Onciul <andrei@iptel.org>
Nils Larsch [Sat, 10 Feb 2007 09:48:42 +0000 (09:48 +0000)]
remove unreachable code
Dr. Stephen Henson [Thu, 8 Feb 2007 19:08:21 +0000 (19:08 +0000)]
Add hmac option to dgst from 0.9.7-stable.
Nils Larsch [Wed, 7 Feb 2007 20:36:40 +0000 (20:36 +0000)]
ensure that a ec key is used
PR: 1476
Richard Levitte [Wed, 7 Feb 2007 01:42:51 +0000 (01:42 +0000)]
After objects have been freed, NULLify the pointers so there will be no double
free of those objects
Nils Larsch [Tue, 6 Feb 2007 19:48:36 +0000 (19:48 +0000)]
fix typo
Nils Larsch [Tue, 6 Feb 2007 19:40:45 +0000 (19:40 +0000)]
add note about 56 bit ciphers
PR: 1461
Dr. Stephen Henson [Sat, 3 Feb 2007 17:32:14 +0000 (17:32 +0000)]
Update from fips2 branch.
Dr. Stephen Henson [Sat, 3 Feb 2007 17:19:41 +0000 (17:19 +0000)]
file err_str.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 11:26:29 +0000
Dr. Stephen Henson [Sat, 3 Feb 2007 17:19:39 +0000 (17:19 +0000)]
file fips_err.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 22:48:18 +0000
Dr. Stephen Henson [Sat, 3 Feb 2007 17:19:37 +0000 (17:19 +0000)]
file fips_err.h was added on branch OpenSSL_0_9_8-stable on 2008-09-16 22:48:18 +0000
Nils Larsch [Sat, 3 Feb 2007 10:27:31 +0000 (10:27 +0000)]
fix documentation
PR: 1466
Nils Larsch [Sat, 3 Feb 2007 09:51:59 +0000 (09:51 +0000)]
fix potential memory leaks
PR: 1462
Submitted by: Charles Hardin <chardin@2wire.com>
Dr. Stephen Henson [Sat, 27 Jan 2007 13:19:43 +0000 (13:19 +0000)]
file mksdef.pl was added on branch OpenSSL_0_9_8-stable on 2008-09-18 11:20:08 +0000
Dr. Stephen Henson [Tue, 23 Jan 2007 17:54:22 +0000 (17:54 +0000)]
Update from 0.9.7-stable.
Dr. Stephen Henson [Sun, 21 Jan 2007 16:07:25 +0000 (16:07 +0000)]
Update from HEAD.
Dr. Stephen Henson [Sun, 21 Jan 2007 13:16:49 +0000 (13:16 +0000)]
Update from HEAD.
Dr. Stephen Henson [Thu, 18 Jan 2007 21:25:24 +0000 (21:25 +0000)]
Update from HEAD.
Lutz Jänicke [Fri, 12 Jan 2007 18:47:28 +0000 (18:47 +0000)]
Update do new home page
Andy Polyakov [Thu, 4 Jan 2007 22:55:25 +0000 (22:55 +0000)]
Initialize padlock in shared build.
Andy Polyakov [Fri, 29 Dec 2006 14:55:43 +0000 (14:55 +0000)]
#include <stddef.h> in digest headers [from HEAD].
Nils Larsch [Wed, 27 Dec 2006 09:39:51 +0000 (09:39 +0000)]
fix return value of get_cert_chain()
PR: 1441
Richard Levitte [Tue, 26 Dec 2006 21:23:38 +0000 (21:23 +0000)]
From HEAD
Richard Levitte [Mon, 25 Dec 2006 10:57:20 +0000 (10:57 +0000)]
Synchronise with Unixly build
Andy Polyakov [Fri, 22 Dec 2006 16:04:56 +0000 (16:04 +0000)]
Make sha.h more "portable" [from HEAD].
Nils Larsch [Thu, 21 Dec 2006 21:11:44 +0000 (21:11 +0000)]
fix typos
PR: 1354, 1355, 1398
Nils Larsch [Tue, 19 Dec 2006 19:47:39 +0000 (19:47 +0000)]
remove trailing '\'
PR: 1438
Bodo Möller [Tue, 19 Dec 2006 15:10:46 +0000 (15:10 +0000)]
Fix the BIT STRING encoding of EC points or parameter seeds
(need to prevent the removal of trailing zero bits).
Nils Larsch [Wed, 13 Dec 2006 22:08:20 +0000 (22:08 +0000)]
properly initialize SSL context, check return value
Dr. Stephen Henson [Thu, 7 Dec 2006 13:28:07 +0000 (13:28 +0000)]
Update from 0.9.7-stable branch
Dr. Stephen Henson [Wed, 6 Dec 2006 13:38:59 +0000 (13:38 +0000)]
Update from HEAD.
Nils Larsch [Wed, 6 Dec 2006 09:12:28 +0000 (09:12 +0000)]
fix documentation
PR: 1343
Nils Larsch [Tue, 5 Dec 2006 21:21:10 +0000 (21:21 +0000)]
avoid duplicate entries in add_cert_dir()
PR: 1407
Submitted by: Tomas Mraz <tmraz@redhat.com>
Nils Larsch [Tue, 5 Dec 2006 20:08:03 +0000 (20:08 +0000)]
return 0 if 'noout' is used and no has occurred
PR: 1435
Submitted by: "Haridharan" <haridharan@gmail.com>
Nils Larsch [Mon, 4 Dec 2006 19:10:58 +0000 (19:10 +0000)]
allocate a new attributes entry in X509_REQ_add_extensions()
if it's NULL (in case of a malformed pkcs10 request)
PR: 1347
Submitted by: Remo Inverardi <invi@your.toilet.ch>
Nils Larsch [Mon, 4 Dec 2006 18:48:16 +0000 (18:48 +0000)]
add "Certificate Issuer", "Issuing Distribution Point" and
"Subject Directory Attributes" OIDs
PR: 1433
Andy Polyakov [Sat, 2 Dec 2006 12:00:27 +0000 (12:00 +0000)]
Camellia fixes and improvements from HEAD.
Andy Polyakov [Sat, 2 Dec 2006 11:57:40 +0000 (11:57 +0000)]
Camellia portability fixes.
Submitted by: Masashi Fujita, NTT
Dr. Stephen Henson [Thu, 30 Nov 2006 14:03:58 +0000 (14:03 +0000)]
Update dependencies.
Dr. Stephen Henson [Thu, 30 Nov 2006 14:01:38 +0000 (14:01 +0000)]
Fix default depflags.
Dr. Stephen Henson [Thu, 30 Nov 2006 13:04:43 +0000 (13:04 +0000)]
Win32 fixes.
Use OPENSSL_NO_RFC3779 instead of OPENSSL_RFC3779: this makes the Win32 scripts
work and is consistent with other options.
Fix Win32 scripts and Configure to process OPENSSL_NO_RFC3779 properly.
Update ordinals.
Change some prototypes for LSB because VC++ 6 doesn't like the */ sequence and thinks it is an invalid end of comment.
Nils Larsch [Wed, 29 Nov 2006 20:47:15 +0000 (20:47 +0000)]
replace macros with functions
Submitted by: Tracy Camp <tracyx.e.camp@intel.com>
Bodo Möller [Wed, 29 Nov 2006 14:45:14 +0000 (14:45 +0000)]
fix support for receiving fragmented handshake messages
Ben Laurie [Mon, 27 Nov 2006 13:36:55 +0000 (13:36 +0000)]
Add RFC 3779 support, contributed by ARIN.
Nils Larsch [Fri, 24 Nov 2006 18:44:26 +0000 (18:44 +0000)]
register the engine as default engine in ENGINE_set_default()
PR: 1431
Ulf Möller [Tue, 21 Nov 2006 20:51:47 +0000 (20:51 +0000)]
wording, as in head
Dr. Stephen Henson [Tue, 21 Nov 2006 20:14:46 +0000 (20:14 +0000)]
Rebuild error file C source files.
Dr. Stephen Henson [Tue, 21 Nov 2006 20:14:05 +0000 (20:14 +0000)]
Update from 0.9.7-stable.
Improve mkerr.pl header file function name parsing.
Dr. Stephen Henson [Mon, 13 Nov 2006 13:23:05 +0000 (13:23 +0000)]
Fix from HEAD.
Nils Larsch [Fri, 27 Oct 2006 21:59:48 +0000 (21:59 +0000)]
update md docs
Andy Polyakov [Thu, 19 Oct 2006 20:56:31 +0000 (20:56 +0000)]
Gcc over-optimizes PadLock AES CFB codepath, tell it not to [from HEAD].
Dr. Stephen Henson [Thu, 5 Oct 2006 21:59:09 +0000 (21:59 +0000)]
Typo.
Nils Larsch [Wed, 4 Oct 2006 19:55:03 +0000 (19:55 +0000)]
return an error if the supplied precomputed values lead to an invalid signature
Mark J. Cox [Fri, 29 Sep 2006 08:21:07 +0000 (08:21 +0000)]
Initialise ctx to NULL to avoid uninitialized free, noticed by
Steve Kiernan
Richard Levitte [Fri, 29 Sep 2006 06:54:39 +0000 (06:54 +0000)]
APP_FILES is no longer used, remove it everywhere.
Bodo Möller [Thu, 28 Sep 2006 13:30:28 +0000 (13:30 +0000)]
fix typo
Bodo Möller [Thu, 28 Sep 2006 13:29:08 +0000 (13:29 +0000)]
for completeness, include 0.9.7l information
Richard Levitte [Thu, 28 Sep 2006 12:23:15 +0000 (12:23 +0000)]
Fixes for the following claims:
1) Certificate Message with no certs
OpenSSL implementation sends the Certificate message during SSL
handshake, however as per the specification, these have been omitted.
-- RFC 2712 --
CertificateRequest, and the ServerKeyExchange shown in Figure 1
will be omitted since authentication and the establishment of a
master secret will be done using the client's Kerberos credentials
for the TLS server. The client's certificate will be omitted for
the same reason.
-- RFC 2712 --
3) Pre-master secret Protocol version
The pre-master secret generated by OpenSSL does not have the correct
client version.
RFC 2712 says, if the Kerberos option is selected, the pre-master
secret structure is the same as that used in the RSA case.
TLS specification defines pre-master secret as:
struct {
ProtocolVersion client_version;
opaque random[46];
} PreMasterSecret;
where client_version is the latest protocol version supported by the
client
The pre-master secret generated by OpenSSL does not have the correct
client version. The implementation does not update the first 2 bytes
of random secret for Kerberos Cipher suites. At the server-end, the
client version from the pre-master secret is not validated.
PR: 1336
Mark J. Cox [Thu, 28 Sep 2006 11:39:33 +0000 (11:39 +0000)]
After tagging, bump ready for 0.9.8e development
Mark J. Cox [Thu, 28 Sep 2006 11:32:42 +0000 (11:32 +0000)]
Prepare for 0.9.8d release
Mark J. Cox [Thu, 28 Sep 2006 11:29:03 +0000 (11:29 +0000)]
Introduce limits to prevent malicious keys being able to
cause a denial of service. (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service. (CVE-2006-2937) [Steve Henson]
Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
Fix SSL client code which could crash if connecting to a
malicious SSLv2 server. (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
Dr. Stephen Henson [Sat, 23 Sep 2006 17:30:25 +0000 (17:30 +0000)]
Update from HEAD.
Dr. Stephen Henson [Fri, 22 Sep 2006 17:14:44 +0000 (17:14 +0000)]
Fix from HEAD.
Dr. Stephen Henson [Fri, 22 Sep 2006 17:07:40 +0000 (17:07 +0000)]
Fix from HEAD.
Dr. Stephen Henson [Fri, 22 Sep 2006 00:28:37 +0000 (00:28 +0000)]
Fix but in apps/pkcs12.c
PR: 1377
Andy Polyakov [Mon, 18 Sep 2006 19:51:45 +0000 (19:51 +0000)]
Build error on non-unix [from HEAD].
PR: 1390
Andy Polyakov [Mon, 18 Sep 2006 19:44:23 +0000 (19:44 +0000)]
Race condition in ms/uplink.c [from HEAD].
PR: 1382
Bodo Möller [Mon, 18 Sep 2006 14:01:39 +0000 (14:01 +0000)]
Ensure that the addition mods[i]+delta cannot overflow in probable_prime().
[Problem pointed out by Adam Young <adamy (at) acm.org>]
Bodo Möller [Tue, 12 Sep 2006 14:42:09 +0000 (14:42 +0000)]
Update
Bodo Möller [Mon, 11 Sep 2006 09:48:46 +0000 (09:48 +0000)]
ensure that ciphersuite strings such as "RC4-MD5" match the SSL 2.0
ciphersuite as well
Bodo Möller [Wed, 6 Sep 2006 06:43:26 +0000 (06:43 +0000)]
Remove non-functional part of recent patch, after discussion with
Colin Percival (this would have caused more problems than solved,
and isn't really necessary anyway)
Mark J. Cox [Tue, 5 Sep 2006 08:51:30 +0000 (08:51 +0000)]
After tagging, prep for next release
Mark J. Cox [Tue, 5 Sep 2006 08:45:37 +0000 (08:45 +0000)]
Ready for 0.9.8c release
Mark J. Cox [Tue, 5 Sep 2006 08:25:42 +0000 (08:25 +0000)]
Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
(CVE-2006-4339)
Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
Dr. Stephen Henson [Thu, 31 Aug 2006 21:01:41 +0000 (21:01 +0000)]
Fix from HEAD.
Dr. Stephen Henson [Thu, 31 Aug 2006 20:11:09 +0000 (20:11 +0000)]
Fix from HEAD.
Ben Laurie [Mon, 28 Aug 2006 11:00:32 +0000 (11:00 +0000)]
Add IGE and biIGE modes.
Andy Polyakov [Tue, 1 Aug 2006 16:13:47 +0000 (16:13 +0000)]
Engage assembler in solaris64-x86_64-cc [backport from HEAD].
Bodo Möller [Mon, 31 Jul 2006 11:50:02 +0000 (11:50 +0000)]
Camellia IPR information
Bodo Möller [Wed, 19 Jul 2006 13:38:27 +0000 (13:38 +0000)]
New Camellia implementation (replacing previous version)
Submitted by: NTT
Bodo Möller [Wed, 19 Jul 2006 13:37:10 +0000 (13:37 +0000)]
Camellia information
Dr. Stephen Henson [Thu, 13 Jul 2006 20:35:33 +0000 (20:35 +0000)]
Fix from HEAD.
Dr. Stephen Henson [Sun, 9 Jul 2006 12:07:22 +0000 (12:07 +0000)]
Oops...
Dr. Stephen Henson [Sun, 9 Jul 2006 12:03:02 +0000 (12:03 +0000)]
Fix from HEAD.
Ben Laurie [Sun, 2 Jul 2006 14:43:21 +0000 (14:43 +0000)]
Fix warning.
Bodo Möller [Fri, 30 Jun 2006 22:03:48 +0000 (22:03 +0000)]
documentation for "HIGH" vs. "MEDIUM" was not up-to-date
Bodo Möller [Fri, 30 Jun 2006 08:14:50 +0000 (08:14 +0000)]
use <poll.h> as by Single Unix Specification
Bodo Möller [Wed, 28 Jun 2006 14:50:00 +0000 (14:50 +0000)]
always read in RAND_poll() if we can't use select because of a too
large FD: it's non-blocking mode anyway
Andy Polyakov [Wed, 28 Jun 2006 09:01:40 +0000 (09:01 +0000)]
aes-586.pl sync from HEAD.
Andy Polyakov [Wed, 28 Jun 2006 08:58:15 +0000 (08:58 +0000)]
Mitigate the hazard of cache-collision timing attack on last round
[from HEAD].
Richard Levitte [Tue, 27 Jun 2006 06:31:57 +0000 (06:31 +0000)]
Use poll() when possible to gather Unix randomness entropy