Andy Polyakov [Sat, 1 Feb 2014 20:51:51 +0000 (21:51 +0100)]
PPC assembly pack: ppc64-mont update from master.
Andy Polyakov [Sat, 1 Feb 2014 20:48:31 +0000 (21:48 +0100)]
PPC assembly pack: jumbo update from master.
Add Vector Permutation AES and little-endian support.
Andy Polyakov [Sat, 1 Feb 2014 20:27:46 +0000 (21:27 +0100)]
crypto/aes/asm/aesni-x86[_64].pl: jumbo update from
Andy Polyakov [Sat, 1 Feb 2014 20:24:55 +0000 (21:24 +0100)]
crypto/sha/asm/sha1-x86_64.pl: jumbo update from
Ben Laurie [Sat, 1 Feb 2014 18:29:26 +0000 (18:29 +0000)]
Add more accessors.
Ben Laurie [Sat, 1 Feb 2014 17:52:26 +0000 (17:52 +0000)]
Add accessor for x509.cert_info.
Ben Laurie [Wed, 29 Jan 2014 16:57:32 +0000 (17:57 +0100)]
Fix warning.
Dr. Stephen Henson [Wed, 29 Jan 2014 00:59:35 +0000 (00:59 +0000)]
Clarify docs.
Remove reference to ERR_TXT_MALLOCED in the error library as that is
only used internally. Indicate that returned error data must not be
freed.
Dr. Stephen Henson [Tue, 28 Jan 2014 15:35:16 +0000 (15:35 +0000)]
Dr. Stephen Henson [Tue, 28 Jan 2014 15:15:26 +0000 (15:15 +0000)]
Fix demo comment: 0.9.9 never released.
(cherry picked from commit
717cc8589540b95122a652dee68e6a75b6262d93)
Dr. Stephen Henson [Tue, 28 Jan 2014 15:10:27 +0000 (15:10 +0000)]
Check i before r[i].
PR#3244
(cherry picked from commit
9614d2c676ffe74ce0c919d9e5c0d622a011cbed)
Dr. Stephen Henson [Tue, 28 Jan 2014 13:51:58 +0000 (13:51 +0000)]
Add loaded dynamic ENGINEs to list.
Always add a dynamically loaded ENGINE to list. Otherwise it can cause
problems when multiply loaded, especially if it adds new public key methods.
For all current engines we only want a single implementation anyway.
(cherry picked from commit
e933f91f50108a43c0198cdc63ecdfdbc77b4d0d)
Dr. Stephen Henson [Sat, 25 Jan 2014 23:20:34 +0000 (23:20 +0000)]
Certificate callback doc.
(cherry picked from commit
46ab9bbd7fa610d775fe645dd0fe6d509c8dff3a)
Dr. Stephen Henson [Mon, 27 Jan 2014 14:59:46 +0000 (14:59 +0000)]
make update
Dr. Stephen Henson [Sun, 26 Jan 2014 00:51:09 +0000 (00:51 +0000)]
Add cert callback retry test.
(cherry picked from commit
3323314fc1c6d18e650a2de97f7cf9892ac92a60)
Dr. Stephen Henson [Sat, 25 Jan 2014 13:31:07 +0000 (13:31 +0000)]
Support retries in certificate callback
(cherry picked from commit
0ebc965b9ca4352e407bb7cfa65ac235942117f6)
Conflicts:
ssl/s3_srvr.c
ssl/ssl3.h
Dr. Stephen Henson [Sun, 26 Jan 2014 16:28:27 +0000 (16:28 +0000)]
Compare encodings in X509_cmp as well as hash.
(cherry picked from commit
ec492c8a5a1491949166c4b37df8666741180f4d)
Dr. Stephen Henson [Mon, 27 Jan 2014 14:30:29 +0000 (14:30 +0000)]
New function to set compression methods so they can be safely freed.
(cherry picked from commit
cbb67448277232c8403f96edad4931c4203e7746)
Dr. Stephen Henson [Fri, 5 Mar 2010 13:28:21 +0000 (13:28 +0000)]
Add -engine_impl option to dgst which will use an implementation of
an algorithm from the supplied engine instead of just the default one.
(cherry picked from commit
bb845ee044587a91589357a772a02cffb0ba4454)
Dr. Stephen Henson [Thu, 23 Jan 2014 17:13:37 +0000 (17:13 +0000)]
make update
Dr. Stephen Henson [Thu, 16 Jan 2014 14:06:19 +0000 (14:06 +0000)]
Add new function SSL_CTX_get_ssl_method().
Partial fix for PR#3183.
(cherry picked from commit
ba168244a14bbd056e502d7daa04cae4aabe9d0d)
Kaspar Brand [Thu, 16 Jan 2014 13:46:31 +0000 (13:46 +0000)]
Omit initial status request callback check.
PR#3178
(cherry picked from commit
d0b039d4a3a19b106cc2cb938125b86aca4974aa)
Zoltan Arpadffy [Sat, 11 Jan 2014 22:44:04 +0000 (22:44 +0000)]
VMS fixes
Jeff Trawick [Fri, 10 Jan 2014 23:00:50 +0000 (23:00 +0000)]
Jeff Trawick [Fri, 10 Jan 2014 23:01:30 +0000 (23:01 +0000)]
Dr. Stephen Henson [Thu, 9 Jan 2014 22:47:22 +0000 (22:47 +0000)]
Fix bug in X509_V_FLAG_IGNORE_CRITICAL CRL handling.
(cherry picked from commit
8f4077ca69076cebaca51b7b666db1ed49e46b9e)
Dr. Stephen Henson [Tue, 7 Jan 2014 15:44:09 +0000 (15:44 +0000)]
update NEWS
Andy Polyakov [Thu, 9 Jan 2014 12:44:59 +0000 (13:44 +0100)]
bn/asm/x86_64-mont5.pl: fix compilation error on Solaris.
(cherry picked from commit
eedab5241e32f9f185cfee23a0c67264d3e3ecf2)
Dr. Stephen Henson [Tue, 7 Jan 2014 15:38:15 +0000 (15:38 +0000)]
Sync CHANGES
Dr. Stephen Henson [Tue, 7 Jan 2014 15:37:35 +0000 (15:37 +0000)]
Add fix for CVE-2013-4353
Dr. Stephen Henson [Tue, 7 Jan 2014 15:26:19 +0000 (15:26 +0000)]
Update NEWS.
Andy Polyakov [Sat, 4 Jan 2014 17:04:53 +0000 (18:04 +0100)]
sha/asm/sha256-armv4.pl: add NEON code path.
(and shave off cycle even from integer-only code)
(cherry picked from commit
ad0d2579cf3a293a35a5b606afc5a97c71cf6ca7)
Andy Polyakov [Sat, 4 Jan 2014 16:40:13 +0000 (17:40 +0100)]
aesni-sha1-x86_64.pl: harmonize [Atom-specific optimizations] with master branch.
Dr. Stephen Henson [Sat, 4 Jan 2014 13:50:52 +0000 (13:50 +0000)]
Restore SSL_OP_MSIE_SSLV2_RSA_PADDING
The flag SSL_OP_MSIE_SSLV2_RSA_PADDING hasn't done anything since OpenSSL
0.9.7h but deleting it will break source compatibility with any software
that references it. Restore it but #define to zero.
Dr. Stephen Henson [Fri, 3 Jan 2014 22:38:03 +0000 (22:38 +0000)]
Use algorithm specific chains for certificates.
Fix a limitation in SSL_CTX_use_certificate_chain_file(): use algorithm
specific chains instead of the shared chain.
Update docs.
(cherry picked from commit
a4339ea3ba045b7da038148f0d48ce25f2996971)
Conflicts:
CHANGES
Andy Polyakov [Fri, 3 Jan 2014 20:52:49 +0000 (21:52 +0100)]
ssl/t1_enc.c: optimize PRF (suggested by Intel).
(cherry picked from commit
e8b0dd57c0e9c53fd0708f0f458a7a2fd7a95c91)
Dr. Stephen Henson [Thu, 2 Jan 2014 19:12:47 +0000 (19:12 +0000)]
update NEWS
Dr. Stephen Henson [Tue, 24 Dec 2013 18:17:00 +0000 (18:17 +0000)]
Don't change version number if session established
When sending an invalid version number alert don't change the
version number to the client version if a session is already
established.
Thanks to Marek Majkowski for additional analysis of this issue.
PR#3191
(cherry picked from commit
b77b58a398c8b9b4113f3fb6b48e162a3b8d4527)
Dr. Stephen Henson [Tue, 24 Dec 2013 18:15:28 +0000 (18:15 +0000)]
Update curve list size.
Andy Polyakov [Sat, 28 Dec 2013 12:31:14 +0000 (13:31 +0100)]
sparcv9cap.c: omit random detection.
PR: 3202
(cherry picked from commit
926725b3d7c1528f2dc116a48623c42264188277)
Andy Polyakov [Sat, 28 Dec 2013 11:17:08 +0000 (12:17 +0100)]
ARM assembly pack: make it work with older toolchain.
(cherry picked from commit
2218c296b4981af6f2639bbd7eabfb89437fe776)
Dr. Stephen Henson [Fri, 20 Dec 2013 15:26:50 +0000 (15:26 +0000)]
Fix DTLS retransmission from previous session.
For DTLS we might need to retransmit messages from the previous session
so keep a copy of write context in DTLS retransmission buffers instead
of replacing it after sending CCS. CVE-2013-6450.
(cherry picked from commit
34628967f1e65dc8f34e000f0f5518e21afbfc7b)
Dr. Stephen Henson [Fri, 20 Dec 2013 15:12:26 +0000 (15:12 +0000)]
Ignore NULL parameter in EVP_MD_CTX_destroy.
(cherry picked from commit
a6c62f0c25a756c263a80ce52afbae888028e986)
Andy Polyakov [Wed, 18 Dec 2013 21:12:08 +0000 (22:12 +0100)]
sha1-x86_64.pl: harmonize Win64 SE handlers for SIMD code pathes.
(and ensure stack alignment in the process)
(cherry picked from commit
fc0503a25cd638b93f7af04640c20042e0329b3b)
Andy Polyakov [Wed, 18 Dec 2013 20:42:46 +0000 (21:42 +0100)]
evp/e_[aes|camellia].c: fix typo in CBC subroutine.
It worked because it was never called.
(cherry picked from commit
e9c80e04c1a3b5a0de8e666155ab4ecb2697a77d)
Andy Polyakov [Wed, 18 Dec 2013 20:27:35 +0000 (21:27 +0100)]
sha512.c: fullfull implicit API contract in SHA512_Transform.
SHA512_Transform was initially added rather as tribute to tradition
than for practucal reasons. But use was recently found in ssl/s3_cbc.c
and it turned to be problematic on platforms that don't tolerate
misasligned references to memory and lack assembly subroutine.
(cherry picked from commit
cdd1acd788020d2c525331da1712ada778f1373c)
Dr. Stephen Henson [Sat, 14 Dec 2013 13:55:48 +0000 (13:55 +0000)]
Check EVP errors for handshake digests.
Partial mitigation of PR#3200
(cherry picked from commit
0294b2be5f4c11e60620c0018674ff0e17b14238)
Dr. Stephen Henson [Thu, 25 Feb 2010 00:08:23 +0000 (00:08 +0000)]
verify parameter enumeration functions
(cherry picked from commit
9b3d75706ef0114362f04665a3c745bfef59d023)
Conflicts:
crypto/x509/x509_vpm.c
Dr. Stephen Henson [Wed, 11 Dec 2013 14:28:57 +0000 (14:28 +0000)]
Add opaque ID structure.
Move the IP, email and host checking fields from the public
X509_VERIFY_PARAM structure into an opaque X509_VERIFY_PARAM_ID
structure. By doing this the structure can be modified in future
without risk of breaking any applications.
Dr. Stephen Henson [Fri, 13 Dec 2013 14:41:32 +0000 (14:41 +0000)]
Backport TLS padding extension from master.
Dr. Stephen Henson [Fri, 13 Dec 2013 14:05:32 +0000 (14:05 +0000)]
Fix for partial chain notification.
For consistency with other cases if we are performing
partial chain verification with just one certificate
notify the callback with ok==1.
Dr. Stephen Henson [Fri, 13 Dec 2013 13:59:53 +0000 (13:59 +0000)]
Verify parameter retrieval functions.
New functions to retrieve internal pointers to X509_VERIFY_PARAM
for SSL_CTX and SSL structures.
Dr. Stephen Henson [Wed, 11 Dec 2013 14:45:12 +0000 (14:45 +0000)]
Don't use rdrand engine as default unless explicitly requested.
Dr. Stephen Henson [Tue, 10 Dec 2013 12:52:27 +0000 (12:52 +0000)]
Get FIPS checking logic right.
We need to lock when *not* in FIPS mode.
Dr. Stephen Henson [Tue, 10 Dec 2013 00:10:41 +0000 (00:10 +0000)]
remove obsolete STATUS file
Dr. Stephen Henson [Tue, 10 Dec 2013 00:01:42 +0000 (00:01 +0000)]
Add release dates to NEWS
Andy Polyakov [Mon, 9 Dec 2013 22:53:42 +0000 (23:53 +0100)]
ARM assembly pack: SHA update from master.
Andy Polyakov [Mon, 9 Dec 2013 22:44:45 +0000 (23:44 +0100)]
ARM assembly pack: AES update from master (including bit-sliced module).
Andy Polyakov [Wed, 4 Dec 2013 21:37:49 +0000 (22:37 +0100)]
bn/asm/armv4-mont.pl: add NEON code path.
(cherry picked from commit
d1671f4f1a39d938499c67efe5d4a14c34c09b31)
Andy Polyakov [Mon, 9 Dec 2013 21:40:53 +0000 (22:40 +0100)]
crypto/bn/asm/x86_64-mont*.pl: update from master.
Add MULX/AD*X code paths and optimize even original code path.
Andy Polyakov [Wed, 2 Oct 2013 22:26:09 +0000 (00:26 +0200)]
x86_64-xlate.pl: fix jrcxz in nasm case.
(cherry picked from commit
667053a2f3ad0788586f629f618d07b783bdde31)
Andy Polyakov [Mon, 9 Dec 2013 20:23:19 +0000 (21:23 +0100)]
x86_64-xlate.pl: minor update.
(cherry picked from commit
41965a84c4bc0f6694fd17203920a6672e3fac7b)
Dr. Stephen Henson [Sun, 8 Dec 2013 13:19:17 +0000 (13:19 +0000)]
update $default_depflags
Dr. Stephen Henson [Wed, 4 Dec 2013 13:39:04 +0000 (13:39 +0000)]
Avoid multiple locks in FIPS mode.
PR: 3176.
In FIPS mode ssleay_rand_bytes is only used for PRNG seeding and is
performed in either a single threaded context (when the PRNG is first
initialised) or under a lock (reseeding). To avoid multiple locks disable
use of CRYPTO_LOCK_RAND in FIPS mode in ssleay_rand_bytes.
Andy Polyakov [Tue, 3 Dec 2013 22:59:55 +0000 (23:59 +0100)]
bn/asm/x86_64-mont5.pl: comply with Win64 ABI.
PR: 3189
Submitted by: Oscar Ciurana
(cherry picked from commit
c5d5f5bd0fe8b2313bec844c0f80f3d49562bfa8)
Andy Polyakov [Tue, 3 Dec 2013 21:28:48 +0000 (22:28 +0100)]
crypto/bn/asm/rsaz-x86_64.pl: make it work on Win64.
(cherry picked from commit
8bd7ca99961f341ce2070373e86f22505aed2b2a)
Andy Polyakov [Tue, 3 Dec 2013 21:05:17 +0000 (22:05 +0100)]
crypto/bn/rsaz*: fix licensing note.
rsaz_exp.c: harmonize line terminating;
asm/rsaz-*.pl: minor optimizations.
asm/rsaz-x86_64.pl: sync from master.
(cherry picked from commit
31ed9a21315c571db443c68e4f618ecb51c631f9)
Andy Polyakov [Tue, 3 Dec 2013 08:43:06 +0000 (09:43 +0100)]
bn/asm/rsaz-x86_64.pl: fix prototype.
(cherry picked from commit
6efef384c6f649399dcc837825a9ca5a37069733)
Dr. Stephen Henson [Sun, 1 Dec 2013 23:30:21 +0000 (23:30 +0000)]
Fix warning.
Dr. Stephen Henson [Sun, 1 Dec 2013 23:29:40 +0000 (23:29 +0000)]
Change header order to pick up OPENSSL_SYS_WIN32
Dr. Stephen Henson [Sun, 1 Dec 2013 23:12:27 +0000 (23:12 +0000)]
Recongnise no-dane and no-libunbound
Dr. Stephen Henson [Sun, 1 Dec 2013 23:09:44 +0000 (23:09 +0000)]
make update
Dr. Stephen Henson [Sun, 1 Dec 2013 23:08:13 +0000 (23:08 +0000)]
Fix warnings.
Dr. Stephen Henson [Sun, 1 Dec 2013 23:07:18 +0000 (23:07 +0000)]
WIN32 fixes.
Dr. Stephen Henson [Sun, 1 Dec 2013 23:06:33 +0000 (23:06 +0000)]
RSAX no longer compiled.
Dr. Stephen Henson [Wed, 27 Nov 2013 15:35:02 +0000 (15:35 +0000)]
Simplify and update openssl.spec
Dr. Stephen Henson [Mon, 18 Nov 2013 18:49:46 +0000 (18:49 +0000)]
New functions to retrieve certificate from SSL_CTX
New functions to retrieve current certificate or private key
from an SSL_CTX.
Constify SSL_get_private_key().
(cherry picked from commit
a25f9adc778e17568fe2a325e5c3606adb8329f1)
Dr. Stephen Henson [Mon, 18 Nov 2013 16:52:10 +0000 (16:52 +0000)]
Don't define SSL_select_next_proto if OPENSSL_NO_TLSEXT set
(cherry picked from commit
60aeb18750382362ec1c4e1cf05a7222c99ec886)
Dr. Stephen Henson [Sun, 17 Nov 2013 17:48:18 +0000 (17:48 +0000)]
Use correct header length in ssl3_send_certifcate_request
(cherry picked from commit
fdeaf55bf95e1e2a1e70cca8b68c7d8bbef7c8f0)
Dr. Stephen Henson [Thu, 14 Nov 2013 21:00:40 +0000 (21:00 +0000)]
Constify.
Piotr Sikora [Wed, 13 Nov 2013 23:40:01 +0000 (15:40 -0800)]
Fix compilation with no-nextprotoneg.
PR#3106
Dr. Stephen Henson [Wed, 13 Nov 2013 22:57:11 +0000 (22:57 +0000)]
Allow match selecting of current certificate.
If pointer comparison for current certificate fails check
to see if a match using X509_cmp succeeds for the current
certificate: this is useful for cases where the certificate
pointer is not available.
(cherry picked from commit
6856b288a6e66edd23907b7fa264f42e05ac9fc7)
Rob Stradling [Mon, 11 Nov 2013 17:04:24 +0000 (18:04 +0100)]
Additional "chain_cert" functions.
PR#3169
This patch, which currently applies successfully against master and
1_0_2, adds the following functions:
SSL_[CTX_]select_current_cert() - set the current certificate without
disturbing the existing structure.
SSL_[CTX_]get0_chain_certs() - get the current certificate's chain.
SSL_[CTX_]clear_chain_certs() - clear the current certificate's chain.
The patch also adds these functions to, and fixes some existing errors
in, SSL_CTX_add1_chain_cert.pod.
(cherry picked from commit
2f56c9c015dbca45379c9a725915b3b8e765a119)
Krzysztof Kwiatkowski [Wed, 13 Nov 2013 22:45:16 +0000 (22:45 +0000)]
Delete duplicate entry.
PR#3172
(cherry picked from commit
4f055e34c3598cad00fca097d812fa3e6436d967)
Andy Polyakov [Tue, 12 Nov 2013 21:09:55 +0000 (22:09 +0100)]
srp/srp_grps.h: make it Compaq C-friendly.
PR: 3165
Submitted by: Daniel Richard G.
(cherry picked from commit
2df9ec01d563f9cc2deab07e8c3391059d476592)
Andy Polyakov [Tue, 12 Nov 2013 20:59:01 +0000 (21:59 +0100)]
modes/asm/ghash-alpha.pl: update from HEAD.
PR: 3165
Andy Polyakov [Tue, 12 Nov 2013 20:49:15 +0000 (21:49 +0100)]
Make Makefiles OSF-make-friendly.
PR: 3165
(cherry picked from commit
d1cf23ac86c05b22b8780e2c03b67230564d2d34)
Dr. Stephen Henson [Mon, 11 Nov 2013 22:39:40 +0000 (22:39 +0000)]
Fix memory leak.
(cherry picked from commit
16bc45ba956fdf07c7cda7feda88de597569df63)
Dr. Stephen Henson [Mon, 11 Nov 2013 22:24:08 +0000 (22:24 +0000)]
Typo.
Dr. Stephen Henson [Fri, 8 Nov 2013 18:59:26 +0000 (18:59 +0000)]
Fix for some platforms where "char" is unsigned.
(cherry picked from commit
08b433540416c5bc9a874ba0343e35ba490c65f1)
Andy Polyakov [Sun, 10 Nov 2013 22:06:41 +0000 (23:06 +0100)]
Makefile.org: make FIPS build work with BSD make.
Dr. Stephen Henson [Thu, 7 Nov 2013 15:15:20 +0000 (15:15 +0000)]
Check for missing components in RSA_check.
(cherry picked from commit
01be36ef70525e81fc358d2e559bdd0a0d9427a5)
Dr. Stephen Henson [Thu, 7 Nov 2013 17:27:07 +0000 (17:27 +0000)]
Document RSAPublicKey_{in,out} options.
(cherry picked from commit
7040d73d22987532faa503630d6616cf2788c975)
Dr. Stephen Henson [Thu, 7 Nov 2013 03:55:49 +0000 (03:55 +0000)]
Add CMS_SignerInfo_get0_signature function.
Add function to retrieve the signature from a CMS_SignerInfo structure:
applications can then read or modify it.
(cherry picked from commit
e8df6cec4c09b9a94c4c07abcf0402d31ec82cc1)
Andy Polyakov [Fri, 8 Nov 2013 22:00:35 +0000 (23:00 +0100)]
engines/ccgost/gost89.h: make word32 defintion unconditional.
Original definition depended on __LONG_MAX__ that is not guaranteed to
be present. As we don't support platforms with int narrower that 32 bits
it's appropriate to make defition inconditional.
PR: 3165
(cherry picked from commit
96180cac04591abfe50fc86096365553484bde65)
Andy Polyakov [Fri, 8 Nov 2013 21:56:44 +0000 (22:56 +0100)]
modes/asm/ghash-alpha.pl: make it work with older assembler.
PR: 3165
(cherry picked from commit
d24d1d7daf515aa19fbf18f6371e3e617028a07c)
Dr. Stephen Henson [Wed, 6 Nov 2013 14:38:28 +0000 (14:38 +0000)]
Enable PSK in FIPS mode.
Enable PSK ciphersuites with AES or DES3 in FIPS mode.
(cherry picked from commit
e0ffd129c16af90eb5e2ce54e57832c0046d1aaf)
Dr. Stephen Henson [Wed, 6 Nov 2013 13:16:50 +0000 (13:16 +0000)]
Initialise context before using it.
Ben Laurie [Sun, 3 Nov 2013 17:23:50 +0000 (17:23 +0000)]
PBKDF2 should be efficient. Contributed by Christian Heimes
<christian@python.org>.
Dr. Stephen Henson [Sat, 2 Nov 2013 14:07:21 +0000 (14:07 +0000)]
Add brainpool curves to trace output.