Dr. Stephen Henson [Wed, 18 Jan 2012 13:36:04 +0000 (13:36 +0000)]
Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.
Thanks to Antonio Martin, Enterprise Secure Access Research and
Development, Cisco Systems, Inc. for discovering this bug and
preparing a fix. (CVE-2012-0050)
Dr. Stephen Henson [Tue, 17 Jan 2012 14:19:51 +0000 (14:19 +0000)]
fix CHANGES entry
Andy Polyakov [Sun, 15 Jan 2012 13:40:40 +0000 (13:40 +0000)]
Fix OPNESSL vs. OPENSSL typos [from HEAD].
PR: 2613
Submitted by: Leena Heino
Andy Polyakov [Thu, 12 Jan 2012 16:37:20 +0000 (16:37 +0000)]
Sanitize usage of <ctype.h> functions. It's important that characters
are passed zero-extended, not sign-extended [from HEAD].
PR: 2682
Andy Polyakov [Thu, 12 Jan 2012 16:36:30 +0000 (16:36 +0000)]
asn1/t_x509.c: fix serial number print, harmonize with a_int.c [from HEAD].
PR: 2675
Submitted by: Annie Yousar
Andy Polyakov [Wed, 11 Jan 2012 21:42:20 +0000 (21:42 +0000)]
ecdsa.pod: typo.
PR: 2678
Submitted by: Annie Yousar
Andy Polyakov [Wed, 11 Jan 2012 15:32:57 +0000 (15:32 +0000)]
aes-sparcv9.pl: clean up regexp [from HEAD].
PR: 2685
Dr. Stephen Henson [Tue, 10 Jan 2012 14:37:09 +0000 (14:37 +0000)]
fix warning
Bodo Möller [Thu, 5 Jan 2012 13:38:47 +0000 (13:38 +0000)]
Update for 0.9.8s.
Bodo Möller [Thu, 5 Jan 2012 13:15:50 +0000 (13:15 +0000)]
Fix usage indentation
Bodo Möller [Thu, 5 Jan 2012 10:22:23 +0000 (10:22 +0000)]
Fix for builds without DTLS support.
Submitted by: Brian Carlstrom
Dr. Stephen Henson [Wed, 4 Jan 2012 23:55:26 +0000 (23:55 +0000)]
update for next version
Dr. Stephen Henson [Wed, 4 Jan 2012 17:01:33 +0000 (17:01 +0000)]
prepare for release
Dr. Stephen Henson [Wed, 4 Jan 2012 16:57:14 +0000 (16:57 +0000)]
update NEWS
Dr. Stephen Henson [Wed, 4 Jan 2012 16:52:53 +0000 (16:52 +0000)]
make update
Dr. Stephen Henson [Wed, 4 Jan 2012 16:51:14 +0000 (16:51 +0000)]
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen <tuexen@fh-muenster.de>
Reviewed by: steve
Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and
Kenny Paterson.
Dr. Stephen Henson [Wed, 4 Jan 2012 16:46:10 +0000 (16:46 +0000)]
add missing part for SGC restart fix (CVE-2011-4619)
Dr. Stephen Henson [Wed, 4 Jan 2012 15:38:54 +0000 (15:38 +0000)]
Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576) [include source patch this time!]
Dr. Stephen Henson [Wed, 4 Jan 2012 15:33:15 +0000 (15:33 +0000)]
Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576)
Dr. Stephen Henson [Wed, 4 Jan 2012 15:27:54 +0000 (15:27 +0000)]
Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)
Dr. Stephen Henson [Wed, 4 Jan 2012 15:26:29 +0000 (15:26 +0000)]
stop warning
Dr. Stephen Henson [Wed, 4 Jan 2012 15:16:20 +0000 (15:16 +0000)]
Check GOST parameters are not NULL (CVE-2012-0027)
Dr. Stephen Henson [Wed, 4 Jan 2012 15:07:54 +0000 (15:07 +0000)]
Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577)
Dr. Stephen Henson [Wed, 4 Jan 2012 14:45:09 +0000 (14:45 +0000)]
fix warnings
Dr. Stephen Henson [Wed, 4 Jan 2012 14:24:48 +0000 (14:24 +0000)]
Submitted by: Adam Langley <agl@chromium.org>
Reviewed by: steve
Fix memory leaks.
Dr. Stephen Henson [Mon, 26 Dec 2011 19:38:19 +0000 (19:38 +0000)]
PR: 2326
Submitted by: Tianjie Mao <tjmao@tjmao.net>
Reviewed by: steve
Fix incorrect comma expressions and goto f_err as alert has been set.
Dr. Stephen Henson [Mon, 19 Dec 2011 17:04:39 +0000 (17:04 +0000)]
PR: 2563
Submitted by: Paul Green <Paul.Green@stratus.com>
Reviewed by: steve
Improved PRNG seeding for VOS.
Andy Polyakov [Fri, 9 Dec 2011 14:26:56 +0000 (14:26 +0000)]
x86-mont.pl: fix bug in integer-only squaring path.
PR: 2648
Dr. Stephen Henson [Tue, 6 Dec 2011 00:01:00 +0000 (00:01 +0000)]
The default CN prompt message can be confusing when often the CN needs to
be the server FQDN: change it.
[Reported by PSW Group]
Bodo Möller [Fri, 2 Dec 2011 12:51:05 +0000 (12:51 +0000)]
Resolve a stack set-up race condition (if the list of compression
methods isn't presorted, it will be sorted on first read).
Submitted by: Adam Langley
Bodo Möller [Fri, 2 Dec 2011 12:41:00 +0000 (12:41 +0000)]
Fix ecdsatest.c.
Submitted by: Emilia Kasper
Bodo Möller [Fri, 2 Dec 2011 12:24:29 +0000 (12:24 +0000)]
Fix BIO_f_buffer().
Submitted by: Adam Langley
Reviewed by: Bodo Moeller
Andy Polyakov [Mon, 14 Nov 2011 21:21:58 +0000 (21:21 +0000)]
Configure: fix corruption in RC4 implementation in darwin64-x86_64-cc.
Andy Polyakov [Sat, 5 Nov 2011 10:16:46 +0000 (10:16 +0000)]
ppc.pl: fix bug in bn_mul_comba4 [from HEAD].
PR: 2636
Submitted by: Charles Bryant
Richard Levitte [Sun, 30 Oct 2011 11:40:59 +0000 (11:40 +0000)]
Teach mkshared.com to have a look for disabled algorithms in opensslconf.h
Dr. Stephen Henson [Thu, 27 Oct 2011 13:06:34 +0000 (13:06 +0000)]
PR: 2628
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Send alert instead of assertion failure for incorrectly formatted DTLS
fragments.
Dr. Stephen Henson [Thu, 27 Oct 2011 13:01:08 +0000 (13:01 +0000)]
PR: 2628
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix for ECC keys and DTLS.
Dr. Stephen Henson [Wed, 26 Oct 2011 16:43:14 +0000 (16:43 +0000)]
PR: 2632
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve
Return -1 immediately if not affine coordinates as BN_CTX has not been
set up.
Bodo Möller [Wed, 19 Oct 2011 14:58:34 +0000 (14:58 +0000)]
BN_BLINDING multi-threading fix.
Submitted by: Emilia Kasper (Google)
Bodo Möller [Thu, 13 Oct 2011 15:05:50 +0000 (15:05 +0000)]
use -no_ecdhe when using -no_dhe
Bodo Möller [Thu, 13 Oct 2011 13:24:37 +0000 (13:24 +0000)]
Clarify warning
Bodo Möller [Thu, 13 Oct 2011 13:05:12 +0000 (13:05 +0000)]
In ssl3_clear, preserve s3->init_extra along with s3->rbuf.
Submitted by: Bob Buckholz <bbuckholz@google.com>
Dr. Stephen Henson [Sun, 9 Oct 2011 00:56:32 +0000 (00:56 +0000)]
PR: 2482
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve
Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.
Dr. Stephen Henson [Mon, 26 Sep 2011 17:04:49 +0000 (17:04 +0000)]
fix signed/unsigned warning
Dr. Stephen Henson [Fri, 23 Sep 2011 21:48:59 +0000 (21:48 +0000)]
use keyformat for -x509toreq, don't hard code PEM
Dr. Stephen Henson [Fri, 23 Sep 2011 13:39:45 +0000 (13:39 +0000)]
PR: 2606
Submitted by: Christoph Viethen <cv@kawo2.rwth-aachen.de>
Reviewed by: steve
Handle timezones correctly in UTCTime.
Dr. Stephen Henson [Fri, 23 Sep 2011 13:35:19 +0000 (13:35 +0000)]
PR: 2602
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS bug which prevents manual MTU setting
Dr. Stephen Henson [Fri, 23 Sep 2011 13:12:52 +0000 (13:12 +0000)]
PR: 2347
Submitted by: Tomas Mraz <tmraz@redhat.com>
Reviewed by: steve
Fix usage message.
Dr. Stephen Henson [Tue, 6 Sep 2011 13:44:52 +0000 (13:44 +0000)]
prepare for next version
Dr. Stephen Henson [Tue, 6 Sep 2011 13:01:44 +0000 (13:01 +0000)]
update versions and dates for release
Dr. Stephen Henson [Tue, 6 Sep 2011 12:56:21 +0000 (12:56 +0000)]
update NEWS
Dr. Stephen Henson [Tue, 6 Sep 2011 12:53:56 +0000 (12:53 +0000)]
Initialise X509_STORE_CTX properly so CRLs with nextUpdate date in the past
produce an error (CVE-2011-3207)
Fix TLS ephemeral DH crash bug (CVE-2011-3210)
Bodo Möller [Mon, 5 Sep 2011 10:25:21 +0000 (10:25 +0000)]
(EC)DH memory handling fixes.
Submitted by: Adam Langley
Bodo Möller [Mon, 5 Sep 2011 09:57:03 +0000 (09:57 +0000)]
Fix memory leak on bad inputs.
Bodo Möller [Mon, 5 Sep 2011 09:54:59 +0000 (09:54 +0000)]
"make update"
Dr. Stephen Henson [Fri, 2 Sep 2011 11:28:05 +0000 (11:28 +0000)]
Don't use *from++ in tolower as this is implemented as a macro on some
platforms. Thanks to Shayne Murray <Shayne.Murray@Polycom.com> for
reporting this issue.
Dr. Stephen Henson [Fri, 2 Sep 2011 11:20:41 +0000 (11:20 +0000)]
PR: 2576
Submitted by: Doug Goldstein <cardoe@gentoo.org>
Reviewed by: steve
Include header file stdlib.h which is needed on some platforms to get
getenv() declaration.
Dr. Stephen Henson [Thu, 1 Sep 2011 17:08:44 +0000 (17:08 +0000)]
update NEWS
Dr. Stephen Henson [Thu, 1 Sep 2011 15:42:38 +0000 (15:42 +0000)]
Add error checking to PKCS1_MGF1. From HEAD.
Dr. Stephen Henson [Thu, 1 Sep 2011 15:02:53 +0000 (15:02 +0000)]
PR: 2340
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar>
Reviewed by: steve
Stop warnings if OPENSSL_NO_DGRAM is defined.
Dr. Stephen Henson [Thu, 1 Sep 2011 14:23:31 +0000 (14:23 +0000)]
make timing attack protection unconditional
Dr. Stephen Henson [Thu, 1 Sep 2011 14:02:02 +0000 (14:02 +0000)]
PR: 2573
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS buffering and decryption bug.
Dr. Stephen Henson [Thu, 1 Sep 2011 13:52:27 +0000 (13:52 +0000)]
PR: 2589
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Initialise p pointer.
Dr. Stephen Henson [Thu, 1 Sep 2011 13:48:57 +0000 (13:48 +0000)]
PR: 2588
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Close file pointer.
Dr. Stephen Henson [Thu, 1 Sep 2011 13:45:25 +0000 (13:45 +0000)]
PR: 2586
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Zero structure fields properly.
Dr. Stephen Henson [Thu, 1 Sep 2011 13:37:20 +0000 (13:37 +0000)]
PR: 2586
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Fix brace mismatch.
Dr. Stephen Henson [Sun, 14 Aug 2011 13:48:42 +0000 (13:48 +0000)]
Remove hard coded ecdsaWithSHA1 hack in ssl routines and check for RSA
using OBJ xref utilities instead of string comparison with OID name.
This removes the arbitrary restriction on using SHA1 only with some ECC
ciphersuites.
Andy Polyakov [Fri, 12 Aug 2011 12:32:10 +0000 (12:32 +0000)]
Alpha assembler fixes from HEAD.
PR: 2577
Dr. Stephen Henson [Wed, 20 Jul 2011 15:21:52 +0000 (15:21 +0000)]
PR: 2559
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS socket error bug
Dr. Stephen Henson [Wed, 20 Jul 2011 15:17:33 +0000 (15:17 +0000)]
PR: 2555
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS sequence number bug
Dr. Stephen Henson [Wed, 20 Jul 2011 15:13:16 +0000 (15:13 +0000)]
PR: 2550
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS HelloVerifyRequest Timer bug
Andy Polyakov [Fri, 15 Jul 2011 19:59:18 +0000 (19:59 +0000)]
config: detect if assembler supports --noexecstack and pass it down [from HEAD].
Dr. Stephen Henson [Thu, 14 Jul 2011 12:01:25 +0000 (12:01 +0000)]
PR: 2556 (partial)
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve
Fix OID routines.
Check on encoding leading zero rejection should start at beginning of
encoding.
Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
Andy Polyakov [Wed, 13 Jul 2011 14:55:11 +0000 (14:55 +0000)]
ms/uplink.c: fix Visual Studio 2010 warning [from HEAD].
Andy Polyakov [Wed, 13 Jul 2011 06:23:25 +0000 (06:23 +0000)]
perlasm/cbc.pl: fix tail processing bug [from HEAD].
PR: 2557
Bodo Möller [Mon, 11 Jul 2011 12:13:50 +0000 (12:13 +0000)]
Fix typo.
Submitted by: Jim Morrison
Dr. Stephen Henson [Wed, 22 Jun 2011 15:39:00 +0000 (15:39 +0000)]
PR: 2470
Submitted by: Corinna Vinschen <vinschen@redhat.com>
Reviewed by: steve
Don't call ERR_remove_state from DllMain.
Dr. Stephen Henson [Wed, 22 Jun 2011 15:29:55 +0000 (15:29 +0000)]
PR: 2543
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Correctly handle errors in DTLSv1_handle_timeout()
Dr. Stephen Henson [Wed, 22 Jun 2011 15:23:32 +0000 (15:23 +0000)]
PR: 2540
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve
Prevent infinite loop in BN_GF2m_mod_inv().
Dr. Stephen Henson [Wed, 22 Jun 2011 15:15:38 +0000 (15:15 +0000)]
correctly encode OIDs near 2^32
Dr. Stephen Henson [Mon, 20 Jun 2011 20:05:38 +0000 (20:05 +0000)]
make EVP_dss() work for DSA signing
Bodo Möller [Wed, 15 Jun 2011 14:21:17 +0000 (14:21 +0000)]
Complete the version history (include information on unreleased
version 0.9.8s to show full information).
Dr. Stephen Henson [Wed, 8 Jun 2011 15:56:20 +0000 (15:56 +0000)]
fix memory leak
Dr. Stephen Henson [Wed, 25 May 2011 15:21:12 +0000 (15:21 +0000)]
PR: 2533
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Setting SSL_MODE_RELEASE_BUFFERS should be ignored for DTLS, but instead causes
the program to crash. This is due to missing version checks and is fixed with
this patch.
Dr. Stephen Henson [Wed, 25 May 2011 15:15:52 +0000 (15:15 +0000)]
PR: 2529
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve
Call ssl_new() to reallocate SSL BIO internals if we want to replace
the existing internal SSL structure.
Dr. Stephen Henson [Wed, 25 May 2011 15:06:05 +0000 (15:06 +0000)]
PR: 2527
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve
Set cnf to NULL to avoid possible double free.
Dr. Stephen Henson [Wed, 25 May 2011 14:52:44 +0000 (14:52 +0000)]
Fix the ECDSA timing attack mentioned in the paper at:
http://eprint.iacr.org/2011/232.pdf
Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
Dr. Stephen Henson [Wed, 25 May 2011 14:43:05 +0000 (14:43 +0000)]
Fix the ECDSA timing attack mentioned in the paper at:
http://eprint.iacr.org/2011/232.pdf
Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
Dr. Stephen Henson [Wed, 25 May 2011 14:29:55 +0000 (14:29 +0000)]
Oops use up to date patch for PR#2506
Dr. Stephen Henson [Wed, 25 May 2011 12:36:50 +0000 (12:36 +0000)]
PR: 2512
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix BIO_accept so it can be bound to IPv4 or IPv6 sockets consistently.
Dr. Stephen Henson [Wed, 25 May 2011 12:28:31 +0000 (12:28 +0000)]
PR: 2506
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fully implement SSL_clear for DTLS.
Dr. Stephen Henson [Wed, 25 May 2011 12:24:26 +0000 (12:24 +0000)]
PR: 2505
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS session resumption timer bug.
Dr. Stephen Henson [Thu, 19 May 2011 17:56:47 +0000 (17:56 +0000)]
update date
Dr. Stephen Henson [Thu, 19 May 2011 17:39:49 +0000 (17:39 +0000)]
inherit HMAC flags from MD_CTX
Dr. Stephen Henson [Thu, 19 May 2011 16:18:25 +0000 (16:18 +0000)]
set encodedPoint to NULL after freeing it
Dr. Stephen Henson [Sat, 30 Apr 2011 23:38:24 +0000 (23:38 +0000)]
no need to include memory.h
Dr. Stephen Henson [Wed, 6 Apr 2011 18:07:02 +0000 (18:07 +0000)]
check buffer is larger enough before overwriting
Dr. Stephen Henson [Sun, 3 Apr 2011 17:15:08 +0000 (17:15 +0000)]
PR: 2462
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS Retransmission Buffer Bug
Dr. Stephen Henson [Sun, 3 Apr 2011 16:26:14 +0000 (16:26 +0000)]
PR: 2458
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Don't change state when answering DTLS ClientHello.
Dr. Stephen Henson [Sun, 3 Apr 2011 15:49:03 +0000 (15:49 +0000)]
PR: 2457
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS fragment reassembly bug.