Bodo Möller [Thu, 5 Jan 2012 10:22:41 +0000 (10:22 +0000)]
Fix for builds without DTLS support.
Submitted by: Brian Carlstrom
Dr. Stephen Henson [Thu, 5 Jan 2012 00:28:43 +0000 (00:28 +0000)]
PR: 2671
Submitted by: steve
Update maximum message size for certifiate verify messages to support
4096 bit RSA keys again as TLS v1.2 messages is two bytes longer.
Dr. Stephen Henson [Thu, 5 Jan 2012 00:23:17 +0000 (00:23 +0000)]
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Send fatal alert if heartbeat extension has an illegal value.
Dr. Stephen Henson [Thu, 5 Jan 2012 00:07:46 +0000 (00:07 +0000)]
disable heartbeats if tlsext disabled
Dr. Stephen Henson [Wed, 4 Jan 2012 23:54:17 +0000 (23:54 +0000)]
update CHANGES
Dr. Stephen Henson [Wed, 4 Jan 2012 23:52:26 +0000 (23:52 +0000)]
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen <tuexen@fh-muenster.de>
Reviewed by: steve
Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and
Kenny Paterson.
Dr. Stephen Henson [Wed, 4 Jan 2012 23:16:15 +0000 (23:16 +0000)]
Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576)
Dr. Stephen Henson [Wed, 4 Jan 2012 23:15:51 +0000 (23:15 +0000)]
Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)
Dr. Stephen Henson [Wed, 4 Jan 2012 23:10:44 +0000 (23:10 +0000)]
fix CHANGES
Dr. Stephen Henson [Wed, 4 Jan 2012 23:03:40 +0000 (23:03 +0000)]
Check GOST parameters are not NULL (CVE-2012-0027)
Dr. Stephen Henson [Wed, 4 Jan 2012 23:01:54 +0000 (23:01 +0000)]
Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577)
Dr. Stephen Henson [Wed, 4 Jan 2012 20:05:58 +0000 (20:05 +0000)]
update FAQ
Dr. Stephen Henson [Wed, 4 Jan 2012 14:45:47 +0000 (14:45 +0000)]
fix warnings
Dr. Stephen Henson [Wed, 4 Jan 2012 14:25:42 +0000 (14:25 +0000)]
Submitted by: Adam Langley <agl@chromium.org>
Reviewed by: steve
Fix memory leaks.
Dr. Stephen Henson [Tue, 3 Jan 2012 22:06:21 +0000 (22:06 +0000)]
oops, revert wrong patch
Dr. Stephen Henson [Tue, 3 Jan 2012 22:03:20 +0000 (22:03 +0000)]
only send heartbeat extension from server if client sent one
Dr. Stephen Henson [Mon, 2 Jan 2012 18:25:37 +0000 (18:25 +0000)]
incomplete provisional OAEP CMS decrypt support
Dr. Stephen Henson [Sat, 31 Dec 2011 23:50:01 +0000 (23:50 +0000)]
recognise HEARTBEATS in mkdef.pl script
Dr. Stephen Henson [Sat, 31 Dec 2011 23:08:15 +0000 (23:08 +0000)]
update CHANGES
Dr. Stephen Henson [Sat, 31 Dec 2011 22:59:57 +0000 (22:59 +0000)]
PR: 2658
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Support for TLS/DTLS heartbeats.
Dr. Stephen Henson [Tue, 27 Dec 2011 14:46:03 +0000 (14:46 +0000)]
make update
Dr. Stephen Henson [Tue, 27 Dec 2011 14:45:32 +0000 (14:45 +0000)]
update default depflags
Dr. Stephen Henson [Tue, 27 Dec 2011 14:40:21 +0000 (14:40 +0000)]
fix error code
Dr. Stephen Henson [Tue, 27 Dec 2011 14:39:13 +0000 (14:39 +0000)]
fix deprecated statement
Dr. Stephen Henson [Tue, 27 Dec 2011 14:21:45 +0000 (14:21 +0000)]
PR: 1794
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve
- remove some unncessary SSL_err and permit
an srp user callback to allow a worker to obtain
a user verifier.
- cleanup and comments in s_server and demonstration
for asynchronous srp user lookup
Dr. Stephen Henson [Mon, 26 Dec 2011 19:37:58 +0000 (19:37 +0000)]
PR: 2326
Submitted by: Tianjie Mao <tjmao@tjmao.net>
Reviewed by: steve
Fix incorrect comma expressions and goto f_err as alert has been set.
Dr. Stephen Henson [Sun, 25 Dec 2011 14:59:52 +0000 (14:59 +0000)]
recognise no-sctp
Dr. Stephen Henson [Sun, 25 Dec 2011 14:46:15 +0000 (14:46 +0000)]
recognise SCTP in mkdef.pl script
Dr. Stephen Henson [Sun, 25 Dec 2011 14:45:15 +0000 (14:45 +0000)]
PR: 2535
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Add SCTP support for DTLS (RFC 6083).
Dr. Stephen Henson [Fri, 23 Dec 2011 15:03:03 +0000 (15:03 +0000)]
typo
Dr. Stephen Henson [Fri, 23 Dec 2011 14:58:30 +0000 (14:58 +0000)]
recognise DECLARE_PEM_write_const, update ordinals
Dr. Stephen Henson [Fri, 23 Dec 2011 14:09:30 +0000 (14:09 +0000)]
delete unimplemented function from header file, update ordinals
Dr. Stephen Henson [Thu, 22 Dec 2011 16:11:47 +0000 (16:11 +0000)]
sync and update ordinals
Dr. Stephen Henson [Thu, 22 Dec 2011 16:05:02 +0000 (16:05 +0000)]
remove prototype for deleted SRP function
Dr. Stephen Henson [Thu, 22 Dec 2011 15:14:32 +0000 (15:14 +0000)]
New ctrl values to clear or retrieve extra chain certs from an SSL_CTX.
New function to retrieve compression method from SSL_SESSION structure.
Delete SSL_SESSION_get_id_len and SSL_SESSION_get0_id functions
as they duplicate functionality of SSL_SESSION_get_id. Note: these functions
have never appeared in any release version of OpenSSL.
Dr. Stephen Henson [Mon, 19 Dec 2011 17:01:37 +0000 (17:01 +0000)]
PR: 2563
Submitted by: Paul Green <Paul.Green@stratus.com>
Reviewed by: steve
Improved PRNG seeding for VOS.
Andy Polyakov [Mon, 19 Dec 2011 14:48:49 +0000 (14:48 +0000)]
update CHANGES.
Dr. Stephen Henson [Mon, 19 Dec 2011 14:41:03 +0000 (14:41 +0000)]
update CHANGES
Andy Polyakov [Mon, 19 Dec 2011 14:33:09 +0000 (14:33 +0000)]
apps/speed.c: fix typo in last commit.
Andy Polyakov [Thu, 15 Dec 2011 22:30:03 +0000 (22:30 +0000)]
apps/speed.c: Cygwin alarm() fails sometimes.
PR: 2655
Andy Polyakov [Thu, 15 Dec 2011 22:20:05 +0000 (22:20 +0000)]
vpaes-x86.pl: revert previous commit and solve the problem through x86masm.pl.
PR: 2657
Dr. Stephen Henson [Wed, 14 Dec 2011 22:17:06 +0000 (22:17 +0000)]
PR: 1794
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve
Remove unnecessary code for srp and to add some comments to
s_client.
- the callback to provide a user during client connect is
no longer necessary since rfc 5054 a connection attempt
with an srp cipher and no user is terminated when the
cipher is acceptable
- comments to indicate in s_client the (non-)usefulness of
th primalaty tests for non known group parameters.
Dr. Stephen Henson [Wed, 14 Dec 2011 22:14:47 +0000 (22:14 +0000)]
Add private keys and generation scripts for test certificates in apps
directory.
Andy Polyakov [Wed, 14 Dec 2011 21:29:32 +0000 (21:29 +0000)]
vpaes-x86.pl: portability fix.
PR: 2657
Ben Laurie [Tue, 13 Dec 2011 15:57:39 +0000 (15:57 +0000)]
Remove redundant TLS exporter.
Ben Laurie [Tue, 13 Dec 2011 15:56:40 +0000 (15:56 +0000)]
Padlock engine doesn't build (the asm parts are not built for some reason),
so remove for now.
Ben Laurie [Tue, 13 Dec 2011 15:55:35 +0000 (15:55 +0000)]
Fix warning.
Ben Laurie [Tue, 13 Dec 2011 15:00:43 +0000 (15:00 +0000)]
Back out redundant verification time change.
Ben Laurie [Tue, 13 Dec 2011 14:38:12 +0000 (14:38 +0000)]
Make it possible to set a time for verification.
Andy Polyakov [Mon, 12 Dec 2011 15:10:14 +0000 (15:10 +0000)]
modexp512-x86_64.pl: Solaris protability fix.
PR: 2656
Dr. Stephen Henson [Sun, 11 Dec 2011 16:39:25 +0000 (16:39 +0000)]
detect and use older PKITS data
Dr. Stephen Henson [Sat, 10 Dec 2011 13:38:34 +0000 (13:38 +0000)]
Updates from fips2 branch: close streams in test utilities, use cofactor ECDH
add new key and signature generation tests to fips_test_suite.
Dr. Stephen Henson [Sat, 10 Dec 2011 13:35:11 +0000 (13:35 +0000)]
add cofactor ECDH support from fips branch
Dr. Stephen Henson [Sat, 10 Dec 2011 13:29:38 +0000 (13:29 +0000)]
use different names for asm temp files to avoid problems on some platforms
Dr. Stephen Henson [Sat, 10 Dec 2011 00:49:55 +0000 (00:49 +0000)]
add commented out option to allow use of older PKITS data
Dr. Stephen Henson [Sat, 10 Dec 2011 00:49:05 +0000 (00:49 +0000)]
update CHANGES
Dr. Stephen Henson [Sat, 10 Dec 2011 00:37:22 +0000 (00:37 +0000)]
implement -attime option as a verify parameter then it works with all relevant applications
Andy Polyakov [Fri, 9 Dec 2011 19:16:20 +0000 (19:16 +0000)]
perlasm/x86gas.pl: give a hand old assemblers assembling loop instruction.
Andy Polyakov [Fri, 9 Dec 2011 14:21:25 +0000 (14:21 +0000)]
x86-mont.pl: fix bug in integer-only squaring path.
PR: 2648
Dr. Stephen Henson [Thu, 8 Dec 2011 14:44:05 +0000 (14:44 +0000)]
Replace expired test server and client certificates with new ones.
Dr. Stephen Henson [Wed, 7 Dec 2011 12:44:03 +0000 (12:44 +0000)]
transparently handle X9.42 DH parameters
Dr. Stephen Henson [Wed, 7 Dec 2011 12:28:40 +0000 (12:28 +0000)]
fix error discrepancy
Dr. Stephen Henson [Wed, 7 Dec 2011 00:42:22 +0000 (00:42 +0000)]
Document RFC5114 "generation" options.
Dr. Stephen Henson [Wed, 7 Dec 2011 00:32:34 +0000 (00:32 +0000)]
Initial experimental support for X9.42 DH parameter format to handle
RFC5114 parameters and X9.42 DH public and private keys.
Dr. Stephen Henson [Tue, 6 Dec 2011 00:00:30 +0000 (00:00 +0000)]
The default CN prompt message can be confusing when often the CN needs to
be the server FQDN: change it.
[Reported by PSW Group]
Bodo Möller [Fri, 2 Dec 2011 12:52:00 +0000 (12:52 +0000)]
Resolve a stack set-up race condition (if the list of compression
methods isn't presorted, it will be sorted on first read).
Submitted by: Adam Langley
Bodo Möller [Fri, 2 Dec 2011 12:41:17 +0000 (12:41 +0000)]
Fix ecdsatest.c.
Submitted by: Emilia Kasper
Bodo Möller [Fri, 2 Dec 2011 12:28:20 +0000 (12:28 +0000)]
Update HEAD CHANGES file.
Bodo Möller [Fri, 2 Dec 2011 12:25:03 +0000 (12:25 +0000)]
Fix BIO_f_buffer().
Submitted by: Adam Langley
Reviewed by: Bodo Moeller
Dr. Stephen Henson [Thu, 1 Dec 2011 17:27:36 +0000 (17:27 +0000)]
Update DH_check() to peform sensible checks when q parameter is present.
Dr. Stephen Henson [Thu, 1 Dec 2011 17:26:58 +0000 (17:26 +0000)]
Correct some parameter values.
Andy Polyakov [Thu, 1 Dec 2011 12:16:09 +0000 (12:16 +0000)]
bn/asm/mips.pl: fix typos.
Dr. Stephen Henson [Fri, 25 Nov 2011 16:03:42 +0000 (16:03 +0000)]
return error if counter exceeds limit and seed value supplied
Dr. Stephen Henson [Fri, 25 Nov 2011 15:01:23 +0000 (15:01 +0000)]
check counter value against 4 * L, not 4096
Dr. Stephen Henson [Fri, 25 Nov 2011 00:17:44 +0000 (00:17 +0000)]
PR: 1794
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve
Make SRP conformant to rfc 5054.
Changes are:
- removal of the addition state after client hello
- removal of all pre-rfc srp alert ids
- sending a fatal alert when there is no srp extension but when the
server wants SRP
- removal of unnecessary code in the client.
Bodo Möller [Thu, 24 Nov 2011 21:07:01 +0000 (21:07 +0000)]
Fix NPN implementation for renegotiation.
(Problem pointed out by Ben Murphy.)
Submitted by: Adam Langley
Dr. Stephen Henson [Tue, 22 Nov 2011 14:46:09 +0000 (14:46 +0000)]
sync and update ordinals
Dr. Stephen Henson [Tue, 22 Nov 2011 14:44:58 +0000 (14:44 +0000)]
add cryptlib.h to mkdef.pl
Dr. Stephen Henson [Mon, 21 Nov 2011 22:57:41 +0000 (22:57 +0000)]
sync and update ordinals
Dr. Stephen Henson [Mon, 21 Nov 2011 22:55:23 +0000 (22:55 +0000)]
add strp.h to mkdef.pl headers
Dr. Stephen Henson [Mon, 21 Nov 2011 22:52:13 +0000 (22:52 +0000)]
move internal functions to ssl_locl.h
Dr. Stephen Henson [Mon, 21 Nov 2011 22:28:29 +0000 (22:28 +0000)]
bcmp doesn't exist on all platforms, replace with memcmp
Andy Polyakov [Wed, 16 Nov 2011 23:34:01 +0000 (23:34 +0000)]
bsaes-x86_64.pl: fix buffer overrun in tail processing.
Dr. Stephen Henson [Wed, 16 Nov 2011 13:28:35 +0000 (13:28 +0000)]
In EC_KEY_set_public_key_affine_coordinates include explicit check to see passed components do not exceed field order
Ben Laurie [Tue, 15 Nov 2011 23:50:52 +0000 (23:50 +0000)]
Add TLS exporter.
Ben Laurie [Tue, 15 Nov 2011 22:59:20 +0000 (22:59 +0000)]
Add DTLS-SRTP.
Andy Polyakov [Tue, 15 Nov 2011 12:32:18 +0000 (12:32 +0000)]
Configure: reimplement commit#21695.
Andy Polyakov [Tue, 15 Nov 2011 12:18:40 +0000 (12:18 +0000)]
Configure, e_aes.c: allow for XTS assembler implementation.
Ben Laurie [Mon, 14 Nov 2011 00:36:10 +0000 (00:36 +0000)]
Fix some warnings caused by __owur. Temporarily (I hope) remove the more
aspirational __owur annotations.
Andy Polyakov [Sun, 13 Nov 2011 20:33:41 +0000 (20:33 +0000)]
bsaes-x86_64.pl: add Win64 SEH and "hadrware" calls to aes-x86_64.pl.
Andy Polyakov [Sun, 13 Nov 2011 17:31:03 +0000 (17:31 +0000)]
bn_nist.c: fix strict-aliasing compiler warning.
Dr. Stephen Henson [Sun, 13 Nov 2011 14:07:36 +0000 (14:07 +0000)]
Add RFC5114 DH parameters to OpenSSL. Add test data to dhtest.
Dr. Stephen Henson [Sun, 13 Nov 2011 13:13:01 +0000 (13:13 +0000)]
PR: 1794
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve
Document unknown_psk_identify alert, remove pre-RFC 5054 string from
ssl_stat.c
Andy Polyakov [Sat, 12 Nov 2011 13:37:20 +0000 (13:37 +0000)]
rc4test.c: commit#21684 broke x86_64 shared Linux build. This is temporary
solution so that one can build rc4test...
Andy Polyakov [Sat, 12 Nov 2011 13:26:36 +0000 (13:26 +0000)]
e_aes.c: additional sanity check in aes_xts_cipher.
Andy Polyakov [Sat, 12 Nov 2011 13:10:00 +0000 (13:10 +0000)]
cryptlib.c, etc.: fix linker warnings in 64-bit Darwin build.
Andy Polyakov [Sat, 12 Nov 2011 12:16:11 +0000 (12:16 +0000)]
Configure, x86gas.pl: fix linker warnings in 32-bit Darwin build.
Andy Polyakov [Sat, 12 Nov 2011 12:13:13 +0000 (12:13 +0000)]
engines/: get rid of cvs warnings on MacOS X, proper clean in ccgost.
Andy Polyakov [Sat, 12 Nov 2011 11:57:54 +0000 (11:57 +0000)]
Makefile.org: proper libclean on MacOS X.
Dr. Stephen Henson [Fri, 11 Nov 2011 19:01:25 +0000 (19:01 +0000)]
portability fix for some perl versions