Adam Langley [Fri, 20 Jun 2014 19:00:00 +0000 (12:00 -0700)]
psk_client_callback, 128-byte id bug.
Fix a bug in handling of 128 byte long PSK identity in
psk_client_callback.
OpenSSL supports PSK identities of up to (and including) 128 bytes in
length. PSK identity is obtained via the psk_client_callback,
implementors of which are expected to provide a NULL-terminated
identity. However, the callback is invoked with only 128 bytes of
storage thus making it impossible to return a 128 byte long identity and
the required additional NULL byte.
This CL fixes the issue by passing in a 129 byte long buffer into the
psk_client_callback. As a safety precaution, this CL also zeroes out the
buffer before passing it into the callback, uses strnlen for obtaining
the length of the identity returned by the callback, and aborts the
handshake if the identity (without the NULL terminator) is longer than
128 bytes.
(Original patch amended to achieve strnlen in a different way.)
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Thu, 14 Aug 2014 23:24:34 +0000 (01:24 +0200)]
Followup on RT3334 fix: make sure that a directory that's the empty
string returns 0 with errno = ENOENT.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Phil Mesnier [Thu, 14 Aug 2014 17:35:07 +0000 (19:35 +0200)]
RT3334: Fix crypto/LPdir_win.c
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
Clang via Jeffrey Walton [Tue, 2 Sep 2014 21:04:53 +0000 (17:04 -0400)]
RT3140: Possibly-unit variable in pem_lib.c
Can't really happen, but the flow of control isn't obvious.
Add an initializer.
Reviewed-by: Matt Caswell <matt@openssl.org>
Emilia Kasper [Thu, 28 Aug 2014 17:45:55 +0000 (19:45 +0200)]
Make the inline const-time functions static.
"inline" without static is not correct as the compiler may choose to ignore it
and will then either emit an external definition, or expect one.
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
Kurt Cancemi [Sun, 31 Aug 2014 22:18:21 +0000 (18:18 -0400)]
RT3508: Remove unused variable introduced by
b09eb24
Reviewed-by: Tim Hudson <tjh@openssl.org>
Adam Williamson [Sun, 31 Aug 2014 22:22:09 +0000 (18:22 -0400)]
RT3511: doc fix; req default serial is random
RT842, closed back in 2004, changed the default serial number
to be a random number rather than zero. Finally time to update
the doc
Reviewed-by: Tim Hudson <tjh@openssl.org>
Rich Salz [Sun, 31 Aug 2014 19:27:17 +0000 (15:27 -0400)]
Add explanatory note to crypto/store/README
Reviewed-by: Richard Levitte <levitte@openssl.org>
TANABE Hiroyasu [Sat, 30 Aug 2014 21:56:31 +0000 (17:56 -0400)]
RT1325,2973: Add more extensions to c_rehash
Add .crt/.cer/.crl to the filenames parsed.
I also updated the podpage (since it didn't exist when
this ticket was first created, nor when it was re-created
seven years later).
Reviewed-by: Tim Hudson <tjh@openssl.org>
Andy Polyakov [Sat, 30 Aug 2014 17:22:51 +0000 (19:22 +0200)]
Configure: add configuration for crypto/ec/asm extensions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Andy Polyakov [Sat, 30 Aug 2014 17:17:09 +0000 (19:17 +0200)]
md5-x86_64.pl: work around warning.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Andy Polyakov [Sat, 30 Aug 2014 17:13:49 +0000 (19:13 +0200)]
x86[_64] assembly pack: add Silvermont performance data.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Rich Salz [Sat, 30 Aug 2014 14:29:35 +0000 (10:29 -0400)]
Remove some outdated README files, to avoid confusing people.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Rich Salz [Sat, 30 Aug 2014 14:18:51 +0000 (10:18 -0400)]
RT2820: case-insensitive filenames on Darwin
Andy pointed out there is also darwin64, so tweak the pattern.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Rich Salz [Thu, 28 Aug 2014 23:11:42 +0000 (19:11 -0400)]
RT2119,3407: Updated to dgst.pod
Re-order algorithm list.
Be consistent in command synopsis.
Add content about signing.
Add EXAMPLE section
Add some missing options: -r, -fips-fingerprint -non-fips-allow
Various other fixes.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Rich Salz [Sat, 30 Aug 2014 13:54:49 +0000 (09:54 -0400)]
RT2379: Additional typo fix
Andy found an additional typo "can be can be".
Now I have that silly "Que sera sera" song stuck in my head.
Reviewed-by: Andy Polyakov <appro@openssl.org>
James Westby [Thu, 14 Aug 2014 14:14:35 +0000 (10:14 -0400)]
RT1941: c_rehash.pod is missing
Add the file written by James Westby, graciously contributed
under the terms of the OpenSSL license.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Andy Polyakov [Sat, 30 Aug 2014 08:25:32 +0000 (10:25 +0200)]
apps/speed.c: add -misalign command-line argument.
New option allows to perform benchmarks on misaligned data.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Rich Salz [Mon, 18 Aug 2014 17:00:51 +0000 (13:00 -0400)]
RT2379: Bug in BIO_set_accept_port.pod
The doc says that port can be "*" to mean any port.
That's wrong.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Matt Caswell [Fri, 29 Aug 2014 20:25:42 +0000 (21:25 +0100)]
Fixed double inclusion of string.h
PR2693
Reviewed-by: Tim Hudson <tjh@openssl.org>
Jim Reid [Fri, 29 Aug 2014 16:07:42 +0000 (12:07 -0400)]
RT2880: HFS is case-insensitive filenames
Add Darwin to list of case-insensitive filenames when
installing manapges. When doing this, I noticed that
we weren't setting "filecase" for the HTML doc install.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Rich Salz [Wed, 27 Aug 2014 02:31:11 +0000 (22:31 -0400)]
RT3246: req command prints version number wrong
Make X509_REQ_print_ex do the same thing that
X509_REQ_print does.
Reviewed-by: Matt Caswell <matt@openssl.org>
Rich Salz [Thu, 14 Aug 2014 14:50:26 +0000 (10:50 -0400)]
RT1665,2300: Crypto doc cleanups
RT1665: aes documentation.
Paul Green wrote a nice aes.pod file.
But we now encourage the EVP interface.
So I took his RT item and used it as impetus to add
the AES modes to EVP_EncryptInit.pod
I also noticed that rc4.pod has spurious references to some other
cipher pages, so I removed them.
RT2300: Clean up MD history (merged into RT1665)
Put HISTORY section only in EVP_DigestInit.pod. Also add words
to discourage use of older cipher-specific API, and remove SEE ALSO
links that point to them.
Make sure digest pages have a NOTE that says use EVP_DigestInit.
Review feedback:
More cleanup in EVP_EncryptInit.pod
Fixed SEE ALSO links in ripemd160.pod, sha.pod, mdc2.pod, blowfish.pod,
rc4.d, and des.pod. Re-order sections in des.pod for consistency
Reviewed-by: Matt Caswell <matt@openssl.org>
l.montecchiani@gmail.com [Wed, 27 Aug 2014 03:11:01 +0000 (23:11 -0400)]
RT2193: #ifdef errors in bss_dgram.c
Problem with #ifdef in the BIO_CTRL_DGRAM_MTU_DISCOVER case that
is different from the BIO_CTRL_DGRAM_QUERY_MTU one which seems
correct.
Reviewed-by: Matt Caswell <matt@openssl.org>
Rich Salz [Wed, 27 Aug 2014 18:23:39 +0000 (14:23 -0400)]
RT3102: Document -verify_error_return flag
Also moved some options around so all the "verify" options.
are clumped together.
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Tue, 26 Aug 2014 00:20:26 +0000 (01:20 +0100)]
Fix comments, add new test.
Fix comments in ssltest.c: return value of 0 now means extension is
omitted and add_cb is not called for servers if the corresponding
extension is absent in ClientHello.
Test add_cb is not called if extension is not received.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Dr. Stephen Henson [Mon, 18 Aug 2014 01:56:13 +0000 (02:56 +0100)]
Custom extension documentation.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Dr. Stephen Henson [Tue, 19 Aug 2014 13:02:50 +0000 (14:02 +0100)]
Rename some callbacks, fix alignment.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Dr. Stephen Henson [Tue, 19 Aug 2014 12:54:38 +0000 (13:54 +0100)]
Use consistent function naming.
Instead of SSL_CTX_set_custom_cli_ext and SSL_CTX_set_custom_srv_ext
use SSL_CTX_add_client_custom_ext and SSL_CTX_add_server_custom_ext.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Dr. Stephen Henson [Tue, 19 Aug 2014 12:33:51 +0000 (13:33 +0100)]
New function SSL_extension_supported().
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Dr. Stephen Henson [Sat, 16 Aug 2014 17:16:26 +0000 (18:16 +0100)]
New extension callback features.
Support separate parse and add callback arguments.
Add new callback so an application can free extension data.
Change return value for send functions so < 0 is an error 0
omits extension and > 0 includes it. This is more consistent
with the behaviour of other functions in OpenSSL.
Modify parse_cb handling so <= 0 is an error.
Make SSL_CTX_set_custom_cli_ext and SSL_CTX_set_custom_cli_ext argument
order consistent.
NOTE: these changes WILL break existing code.
Remove (now inaccurate) in line documentation.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Dr. Stephen Henson [Thu, 14 Aug 2014 12:25:50 +0000 (13:25 +0100)]
Callback revision.
Use "parse" and "add" for function and callback names instead of
"first" and "second".
Change arguments to callback so the extension type is unsigned int
and the buffer length is size_t. Note: this *will* break existing code.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Dr. Stephen Henson [Tue, 12 Aug 2014 15:18:55 +0000 (16:18 +0100)]
Remove serverinfo checks.
Since sanity checks are performed for all custom extensions the
serverinfo checks are no longer needed.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Dr. Stephen Henson [Tue, 12 Aug 2014 13:25:49 +0000 (14:25 +0100)]
Add custom extension sanity checks.
Reject attempts to use extensions handled internally.
Add flags to each extension structure to indicate if an extension
has been sent or received. Enforce RFC5246 compliance by rejecting
duplicate extensions and unsolicited extensions and only send a
server extension if we have sent the corresponding client extension.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Dr. Stephen Henson [Sun, 10 Aug 2014 11:08:08 +0000 (12:08 +0100)]
Custom extension revision.
Use the same structure for client and server custom extensions.
Add utility functions in new file t1_ext.c.
Use new utility functions to handle custom server and client extensions
and remove a lot of code duplication.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Dr. Stephen Henson [Tue, 26 Aug 2014 00:07:57 +0000 (01:07 +0100)]
fix warning
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
Emilia Kasper [Thu, 28 Aug 2014 13:33:34 +0000 (15:33 +0200)]
Constant-time utilities
Pull constant-time methods out to a separate header, add tests.
Reviewed-by: Bodo Moeller <bodo@openssl.org>
Raphael Spreitzer [Thu, 28 Aug 2014 02:53:10 +0000 (22:53 -0400)]
RT2400: ASN1_STRING_to_UTF8 missing initializer
Reviewed-by: Tim Hudson <tjh@openssl.org>
Rich Salz [Thu, 28 Aug 2014 01:36:04 +0000 (21:36 -0400)]
Merge branch 'master' of git.openssl.org:openssl
Gah, I hate when I forget to pull before merging.
Reviewed-by: rsalz
Rich Salz [Wed, 27 Aug 2014 19:28:08 +0000 (15:28 -0400)]
RT2308: Add extern "C" { ... } wrapper
Add the wrapper to all public header files (Configure
generates one). Don't bother for those that are just
lists of #define's that do renaming.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Emilia Kasper [Mon, 25 Aug 2014 10:38:16 +0000 (12:38 +0200)]
Explicitly check for empty ASN.1 strings in d2i_ECPrivateKey
The old code implicitly relies on the ASN.1 code returning a \0-prefixed buffer
when the buffer length is 0. Change this to verify explicitly that the ASN.1 string
has positive length.
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
Matt Caswell [Fri, 22 Aug 2014 16:04:19 +0000 (18:04 +0200)]
RT3065: automatically generate a missing EC public key
When d2i_ECPrivateKey reads a private key with a missing (optional) public key,
generate one automatically from the group and private key.
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
Adam Langley [Tue, 23 Apr 2013 19:12:36 +0000 (15:12 -0400)]
RT3065: ec_private_key_dont_crash
This change saves several EC routines from crashing when an EC_KEY is
missing a public key. The public key is optional in the EC private key
format and, without this patch, running the following through `openssl
ec` causes a crash:
-----BEGIN EC PRIVATE KEY-----
MBkCAQEECAECAwQFBgcIoAoGCCqGSM49AwEH
-----END EC PRIVATE KEY-----
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
Mihai Militaru [Tue, 26 Aug 2014 16:35:54 +0000 (12:35 -0400)]
RT2210: Add missing EVP_cleanup to example
I also removed some trailing whitespace and cleaned
up the "see also" list.
Reviewed-by: Emilia Kasper <emilia@openssl.org>
Rich Salz [Wed, 27 Aug 2014 00:51:52 +0000 (20:51 -0400)]
Add tags/TAGS target; rm tags/TAGS in clean
Reviewed-by: Tim Hudson <tjh@openssl.org>
Rich Salz [Tue, 26 Aug 2014 17:54:21 +0000 (13:54 -0400)]
Merge branch 'master' of git.openssl.org:openssl
Stupid git tricks :(
Reviewed-by: rsalz
David Gatwood [Tue, 26 Aug 2014 17:02:03 +0000 (13:02 -0400)]
RT1744: SSL_CTX_set_dump_dh() doc feedback
The description of when the server creates a DH key is
confusing. This cleans it up.
(rsalz: also removed trailing whitespace.)
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
David Gatwood [Tue, 26 Aug 2014 17:02:03 +0000 (13:02 -0400)]
RT1744: SSL_CTX_set_dump_dh() doc feedback
The description of when the server creates a DH key is
confusing. This cleans it up.
(rsalz: also removed trailing whitespace.)
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Jan Schaumann [Fri, 15 Aug 2014 03:00:44 +0000 (23:00 -0400)]
RT1804: fix EXAMPLE in EVP_EncryptInit.pod
The EXAMPLE that used FILE and RC2 doesn't compile due to a
few minor errors. Tweak to use IDEA and AES-128. Remove
examples about RC2 and RC5.
Reviewed-by: Emilia Kasper <emilia@openssl.org>
Matt Caswell [Thu, 24 Jul 2014 05:00:11 +0000 (01:00 -0400)]
Typo fixes to evp documentation.
This patch was submitted by user "Kox" via the wiki
Reviewed-by: Tim Hudson <tjh@openssl.org>
Emilia Kasper [Thu, 21 Aug 2014 15:34:05 +0000 (17:34 +0200)]
RT 3060: amend patch
Use existing error code SSL_R_RECORD_TOO_SMALL for too many empty records.
For ease of backporting the patch to release branches.
Reviewed-by: Bodo Moeller <bodo@openssl.org>
Emilia Kasper [Fri, 22 Aug 2014 13:16:00 +0000 (15:16 +0200)]
RT3061: slightly amend patch
Add an extra NULL dereference check
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Emilia Kasper [Fri, 22 Aug 2014 11:16:55 +0000 (13:16 +0200)]
Improve EVP_PKEY_sign documentation
Clarify the intended use of EVP_PKEY_sign. Make the code example compile.
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
Jeffrey Walton [Tue, 19 Aug 2014 16:59:41 +0000 (12:59 -0400)]
RT3142: Extra initialization in state_machine
Remove extra initialization calls in the sample program.
Reviewed-by: Emilia Kasper <emilia@openssl.org>
Emilia Kasper [Tue, 19 Aug 2014 11:18:07 +0000 (13:18 +0200)]
define inline for Visual Studio
In Visual Studio, inline is available in C++ only, however __inline is available for C, see
http://msdn.microsoft.com/en-us/library/z8y1yy88.aspx
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
Emilia Kasper [Tue, 19 Aug 2014 14:28:07 +0000 (16:28 +0200)]
Fix build when BSAES_ASM is defined but VPAES_ASM is not
Reviewed-by: Andy Polyakov <appro@openssl.org>
Andy Polyakov [Wed, 20 Aug 2014 22:17:45 +0000 (00:17 +0200)]
bn/asm/rsaz-*.pl: allow spaces in Perl path name.
RT: 2835
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Andy Polyakov [Wed, 20 Aug 2014 22:13:55 +0000 (00:13 +0200)]
sha1-mb-x86_64.pl: add commentary.
Reviewed-by: Emilia Kasper <emilia@openssl.org>
Laszlo Papp [Mon, 18 Aug 2014 21:23:30 +0000 (17:23 -0400)]
PR2490: Remove unused local variable bn ecp_nist.c
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Andy Polyakov [Wed, 20 Aug 2014 20:18:14 +0000 (22:18 +0200)]
crypto/evp/e_aes_cbc_hmac_sha[1|256].c: fix compiler warnings.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Andy Polyakov [Wed, 20 Aug 2014 20:10:20 +0000 (22:10 +0200)]
sha1-mb-x86_64.pl: fix typo.
Reviewed-by: Emilia Kasper <emilia@openssl.org>
Martin Olsson [Tue, 19 Aug 2014 15:38:54 +0000 (11:38 -0400)]
RT2847: Don't "check" uninitialized memory
Don't check err variable until after it's been set.
Reviewed-by: Emilia Kasper <emilia@openssl.org>
Martin Olsson [Tue, 19 Aug 2014 15:46:52 +0000 (11:46 -0400)]
RT2848: Remove extra NULL check
Don't need to check auth for NULL since we did when we
assigned to it.
Reviewed-by: Emilia Kasper <emilia@openssl.org>
Martin Olsson [Tue, 19 Aug 2014 14:42:52 +0000 (10:42 -0400)]
RT2513: Fix typo's paramter-->parameter
I also found a couple of others (padlock and signinit)
and fixed them.
Reviewed-by: Emilia Kasper <emilia@openssl.org>
Rich Salz [Tue, 19 Aug 2014 14:02:05 +0000 (10:02 -0400)]
Merge branch 'master' of git.openssl.org:openssl
Jeffrey Walton [Mon, 18 Aug 2014 18:16:24 +0000 (14:16 -0400)]
PR2401: Typos in FAQ
Also rewrite section on compiler bugs; Matt pointed out that
it has some grammatical issues.
Reviewed-by: Emilia Kasper <emilia@openssl.org>
Jeffrey Walton [Mon, 18 Aug 2014 18:16:24 +0000 (14:16 -0400)]
PR2401: Typos in FAQ
Also rewrite section on compiler bugs; Matt pointed out that
it has some grammatical issues.
John Fitzgibbon [Mon, 18 Aug 2014 21:55:19 +0000 (17:55 -0400)]
RT2724: Remove extra declaration
Extra SSL_get_selected_srtp_profile() declaration in ssl/srtp.h
causes -Werror builds to fail.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Laszlo Papp [Mon, 18 Aug 2014 21:40:43 +0000 (17:40 -0400)]
RT2492: Remove extra NULL check.
Laszlo Papp [Mon, 18 Aug 2014 21:21:32 +0000 (17:21 -0400)]
RT2489: Remove extra "sig" local variable.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
John Gardiner Myers [Mon, 18 Aug 2014 18:53:29 +0000 (14:53 -0400)]
RT2942: CRYPTO_set_dynlock_create_callback doc fix
The file param is "const char*" not "char*"
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Doug Goldstein [Fri, 15 Aug 2014 03:22:41 +0000 (23:22 -0400)]
RT2163: Remove some unneeded #include's
Several files #include stdio.h and don't need it.
Also, per tjh, remove BN_COUNT
Reviewed-by: Emilia Kasper <emilia@openssl.org>
Justin Blanchard [Mon, 18 Aug 2014 15:01:15 +0000 (11:01 -0400)]
RT1815: More const'ness improvements
Add a dozen more const declarations where appropriate.
These are from Justin; while adding his patch, I noticed
ASN1_BIT_STRING_check could be fixed, too.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 21:53:29 +0000 (22:53 +0100)]
pub_decode_gost94, pub_decode_gost01: check for NULL after allocating databuf pub_encode_gost94, pub_encode_gost01: check for NULL after allocating databuf and octet
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 21:49:19 +0000 (22:49 +0100)]
engine_md_copy: check for NULL after allocating to_md->HashBuffer
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 21:48:28 +0000 (22:48 +0100)]
process_pci_value: free (*policy)->data before setting to NULL after failed realloc
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 21:47:45 +0000 (22:47 +0100)]
do_ext_i2d: free ext_der or ext_oct on error path
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 21:47:10 +0000 (22:47 +0100)]
do_othername: check for NULL after allocating objtmp
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 21:46:44 +0000 (22:46 +0100)]
NETSCAPE_SPKI_b64_encode: free der_spki and b64_str on error path
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 21:45:58 +0000 (22:45 +0100)]
get_cert_by_subject: check for NULL when allocating hent
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 21:45:15 +0000 (22:45 +0100)]
UI_construct_prompt: check for NULL when allocating prompt
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 17:14:59 +0000 (18:14 +0100)]
hashbn: check for NULL result when allocating bin and return an error if it fails all (in)direct callers of hashbn: propagate potential error in hashbn
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 17:14:10 +0000 (18:14 +0100)]
JPAKE_CTX_new: check for NULL result when allocating ctx
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 17:12:13 +0000 (18:12 +0100)]
old_hmac_encode: check for NULL result when allocating *pder
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 17:11:34 +0000 (18:11 +0100)]
dev_crypto_md5_copy: return error if allocating to_md->data fails
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 17:10:50 +0000 (18:10 +0100)]
dev_crypto_md5_update: check result of realloc(md_data->data) and don't leak memory if it fails
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 17:09:58 +0000 (18:09 +0100)]
dev_crypto_cipher: return immediately if allocating cin/cout failed
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 17:09:20 +0000 (18:09 +0100)]
dev_crypto_init_key: return error if allocating CDATA(ctx)->key failed
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Hubert Kario [Wed, 23 Jul 2014 13:03:59 +0000 (15:03 +0200)]
Add support for Camellia HMAC-Based cipher suites from RFC6367
While RFC6367 focuses on Camellia-GCM cipher suites, it also adds a few
cipher suites that use SHA-2 based HMAC that can be very easily
added.
Tested against gnutls 3.3.5
PR#3443
Reviewed-by: Tim Hudson <tjh@openssl.org>
Matt Caswell [Sat, 26 Jul 2014 22:47:40 +0000 (23:47 +0100)]
Fixed out-of-bounds read errors in ssl3_get_key_exchange.
PR#3450
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Rich Salz [Fri, 15 Aug 2014 21:20:26 +0000 (17:20 -0400)]
RT2751: Declare get_issuer_sk() earlier.
Add a declaration for get_issuer_sk() so that other
functions in x509_vf.c could use it. (Planned work
around cross-certification chains.)
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 16:20:30 +0000 (17:20 +0100)]
cryptodev_digest_copy: return error if allocating dstate->mac_data fails
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 16:18:17 +0000 (17:18 +0100)]
cryptodev_digest_update: don't leak original state->mac_data if realloc fails
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 16:16:57 +0000 (17:16 +0100)]
cms_SignerInfo_content_sign: free sig on failure path
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Jonas Maebe [Sun, 8 Dec 2013 16:16:12 +0000 (17:16 +0100)]
rtcp_new: return failure if allocation of bi->ptr failed
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Jonas Maebe [Mon, 9 Dec 2013 21:02:06 +0000 (22:02 +0100)]
multi_split: check for NULL when allocating parts and bpart, and for failure of sk_BIO_push()
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Jonas Maebe [Thu, 5 Dec 2013 22:19:15 +0000 (23:19 +0100)]
BIO_new_dgram_sctp, dgram_sctp_read: zero entire authchunks
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Jonas Maebe [Tue, 3 Dec 2013 16:11:48 +0000 (17:11 +0100)]
mime_hdr_addparam: free tmpname, tmpval and mparam on error path, and check whether sk_MIME_PARAM_push succeeds
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Jonas Maebe [Tue, 3 Dec 2013 16:10:12 +0000 (17:10 +0100)]
mime_hdr_new: free mhdr, tmpname, tmpval on error path
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Jonas Maebe [Mon, 2 Dec 2013 21:44:31 +0000 (22:44 +0100)]
ASN1_verify, ASN1_item_verify: cleanse and free buf_in on error path
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>