Dr. Stephen Henson [Thu, 9 Oct 2014 19:37:27 +0000 (20:37 +0100)]
Process signature algorithms in ClientHello late.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Andy Polyakov [Thu, 23 Oct 2014 14:08:44 +0000 (16:08 +0200)]
ecp_nistz256 update.
Facilitate switch to custom scatter-gather routines. This modification
does not change algorithms, only makes it possible to implement
alternative. This is achieved by a) moving precompute table to assembly
(perlasm parses ecp_nistz256_table.c and is free to rearrange data to
match gathering algorithm); b) adhering to explicit scatter subroutine
(which for now is simply a memcpy). First implementations that will use
this option are 32-bit assembly implementations, ARMv4 and x86, where
equivalent of current read-whole-table-select-single-value algorithm
is too time-consuming. [On side note, switching to scatter-gather on
x86_64 would allow to improve server-side ECDSA performance by ~5%].
Reviewed-by: Bodo Moeller <bodo@openssl.org>
Andy Polyakov [Thu, 23 Oct 2014 14:04:01 +0000 (16:04 +0200)]
Configure: add ios64 target.
Reviewed-by: Steve Marquess <marquess@openssl.org>
Andy Polyakov [Wed, 22 Oct 2014 07:35:51 +0000 (09:35 +0200)]
Add missing credit.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Bodo Moeller [Tue, 21 Oct 2014 20:43:08 +0000 (22:43 +0200)]
Fix and improve SSL_MODE_SEND_FALLBACK_SCSV documentation.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Bodo Moeller [Tue, 21 Oct 2014 20:24:42 +0000 (22:24 +0200)]
When processing ClientHello.cipher_suites, don't ignore cipher suites
listed after TLS_FALLBACK_SCSV.
RT: 3575
Reviewed-by: Emilia Kasper <emilia@openssl.org>
Kurt Roeckx [Tue, 21 Oct 2014 18:45:15 +0000 (20:45 +0200)]
Keep old method in case of an unsupported protocol
When we're configured with no-ssl3 and we receive an SSL v3 Client Hello, we set
the method to NULL. We didn't used to do that, and it breaks things. This is a
regression introduced in
62f45cc27d07187b59551e4fad3db4e52ea73f2c. Keep the old
method since the code is not able to deal with a NULL method at this time.
CVE-2014-3569, PR#3571
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Tim Hudson [Mon, 20 Oct 2014 05:12:17 +0000 (15:12 +1000)]
no-ssl2 with no-ssl3 does not mean drop the ssl lib
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
Kurt Cancemi [Sun, 28 Sep 2014 19:28:49 +0000 (15:28 -0400)]
RT3547: Add missing static qualifier
Reviewed-by: Ben Laurie <ben@openssl.org>
Tim Hudson [Thu, 25 Sep 2014 06:04:35 +0000 (08:04 +0200)]
Add constant_time_locl.h to HEADERS,
so the Win32 compile picks it up correctly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Conflicts:
crypto/Makefile
Richard Levitte [Wed, 24 Sep 2014 20:59:37 +0000 (22:59 +0200)]
Include "constant_time_locl.h" rather than "../constant_time_locl.h".
The different -I compiler parameters will take care of the rest...
Reviewed-by: Tim Hudson <tjh@openssl.org>
Conflicts:
crypto/evp/evp_enc.c
crypto/rsa/rsa_oaep.c
crypto/rsa/rsa_pk1.c
Matt Caswell [Wed, 15 Oct 2014 11:22:20 +0000 (12:22 +0100)]
Updates to NEWS file
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
Matt Caswell [Wed, 15 Oct 2014 09:45:32 +0000 (10:45 +0100)]
Updates CHANGES file
Reviewed-by: Bodo Möller <bodo@openssl.org>
Geoff Thorpe [Wed, 15 Oct 2014 07:25:50 +0000 (03:25 -0400)]
Fix no-ssl3 configuration option
CVE-2014-3568
Reviewed-by: Emilia Kasper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Dr. Stephen Henson [Wed, 15 Oct 2014 00:53:55 +0000 (01:53 +0100)]
Fix for session tickets memory leak.
CVE-2014-3567
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Matt Caswell [Wed, 15 Oct 2014 00:23:07 +0000 (01:23 +0100)]
Fix SRTP compile issues for windows
Related to CVE-2014-3513
This fix was developed by the OpenSSL Team
Reviewed-by: Tim Hudson <tjh@openssl.org>
Conflicts:
util/mkdef.pl
util/ssleay.num
Matt Caswell [Wed, 15 Oct 2014 00:03:32 +0000 (01:03 +0100)]
Fix for SRTP Memory Leak
CVE-2014-3513
This issue was reported to OpenSSL on 26th September 2014, based on an original
issue and patch developed by the LibreSSL project. Further analysis of the issue
was performed by the OpenSSL team.
The fix was developed by the OpenSSL team.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Bodo Moeller [Wed, 15 Oct 2014 12:48:14 +0000 (14:48 +0200)]
Fix SSL_R naming inconsistency.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Andy Polyakov [Wed, 15 Oct 2014 09:10:08 +0000 (11:10 +0200)]
aesni-x86_64.pl: make ECB subroutine Windows ABI compliant.
RT: 3553
Reviewed-by: Emilia Kasper <emilia@openssl.org>
Bodo Moeller [Wed, 15 Oct 2014 08:43:50 +0000 (10:43 +0200)]
Add TLS_FALLBACK_SCSV documentation, and move s_client -fallback_scsv
handling out of #ifndef OPENSSL_NO_DTLS1 section.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Bodo Moeller [Wed, 15 Oct 2014 02:03:28 +0000 (04:03 +0200)]
Support TLS_FALLBACK_SCSV.
Reviewed-by: Stephen Henson <steve@openssl.org>
Dr. Stephen Henson [Sat, 11 Oct 2014 12:36:44 +0000 (13:36 +0100)]
Remove reference to deleted md4.c
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Dr. Stephen Henson [Tue, 30 Sep 2014 21:10:29 +0000 (22:10 +0100)]
Disable encrypt them mac for SSL 3.0 and stream ciphers (RC4 only).
Reviewed-by: Tim Hudson <tjh@openssl.org>
Matt Caswell [Fri, 3 Oct 2014 22:48:49 +0000 (23:48 +0100)]
Removed duplicate definition of PKCS7_type_is_encrypted
Patch supplied by Matthieu Patou <mat@matws.net>, and modified to also
remove duplicate definition of PKCS7_type_is_digest.
PR#3551
Reviewed-by: Rich Salz <rsalz@openssl.org>
Ben Laurie [Sat, 4 Oct 2014 21:58:13 +0000 (22:58 +0100)]
Fix single makefile.
Reviewed-by: Geoffrey Thorpe <geoff@geoffthorpe.net>
Rich Salz [Mon, 8 Sep 2014 15:48:34 +0000 (11:48 -0400)]
RT3462: Document actions when data==NULL
If data is NULL, return the size needed to hold the
derived key. No other API to do this, so document
the behavior.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Bodo Moeller [Thu, 2 Oct 2014 15:56:40 +0000 (17:56 +0200)]
DTLS 1.2 support has been added to 1.0.2.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Andy Polyakov [Wed, 1 Oct 2014 21:55:54 +0000 (23:55 +0200)]
crypto/cast/asm/cast-586.pl: +5% on PIII and remove obsolete readme.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Rich Salz [Tue, 30 Sep 2014 21:30:19 +0000 (17:30 -0400)]
RT3549: Remove obsolete files in crypto
Reviewed-by: Andy Polyakov <appro@openssl.org>
Rich Salz [Tue, 30 Sep 2014 20:24:21 +0000 (16:24 -0400)]
RT2910: Remove des.c and its Makefile target
Reviewed-by: Andy Polyakov <appro@openssl.org>
Rich Salz [Tue, 30 Sep 2014 20:10:15 +0000 (16:10 -0400)]
RT2309: Fix podpage MMNNFFPPS->MNNFFPPS
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Mon, 29 Sep 2014 15:44:24 +0000 (16:44 +0100)]
Parse custom extensions after internal extensions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Andy Polyakov [Tue, 30 Sep 2014 19:05:33 +0000 (21:05 +0200)]
e_os.h: refine inline override logic (to address warnings in debug build).
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
Andy Polyakov [Tue, 30 Sep 2014 19:00:44 +0000 (21:00 +0200)]
crypto/bn/bn_nist.c: bring original failing code back for reference.
RT: 3541
Reviewed-by: Emilia Kasper <emilia@openssl.org>
Dr. Stephen Henson [Mon, 29 Sep 2014 11:06:27 +0000 (12:06 +0100)]
Add additional explanation to CHANGES entry.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Dr. Stephen Henson [Thu, 25 Sep 2014 22:28:48 +0000 (23:28 +0100)]
Add additional DigestInfo checks.
Reencode DigestInto in DER and check against the original: this
will reject any improperly encoded DigestInfo structures.
Note: this is a precautionary measure, there is no known attack
which can exploit this.
Thanks to Brian Smith for reporting this issue.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Rich Salz [Thu, 25 Sep 2014 18:43:24 +0000 (14:43 -0400)]
Remove #ifdef's for IRIX_CC_BUG
Reviewed-by: Andy Polyakov <appro@openssl.org>
Rich Salz [Thu, 25 Sep 2014 17:18:22 +0000 (13:18 -0400)]
RT3544: Must update TABLE after Configure change
Also add comment to Configure reminding people to do that.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Emilia Kasper [Thu, 25 Sep 2014 11:39:21 +0000 (13:39 +0200)]
Add missing tests
Accidentally omitted from commit
455b65dfab0de51c9f67b3c909311770f2b3f801
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Dr. Stephen Henson [Sat, 20 Sep 2014 00:00:55 +0000 (01:00 +0100)]
Use correct function name: CMS_add1_signer()
Reviewed-by: Matt Caswell <matt@openssl.org>
Andy Polyakov [Wed, 24 Sep 2014 22:42:26 +0000 (00:42 +0200)]
crypto/bn/bn_nist.c: work around MSC ARM compiler bug.
RT: 3541
Reviewed-by: Emilia Kasper <emilia@openssl.org>
Andy Polyakov [Wed, 24 Sep 2014 22:32:56 +0000 (00:32 +0200)]
e_os.h: allow inline functions to be compiled by legacy compilers.
Reviewed-by: Matt Caswell <matt@openssl.org>
Rich Salz [Wed, 24 Sep 2014 16:18:19 +0000 (12:18 -0400)]
RT3544: Remove MWERKS support
The following #ifdef tests were all removed:
__MWERKS__
MAC_OS_pre_X
MAC_OS_GUSI_SOURCE
MAC_OS_pre_X
OPENSSL_SYS_MACINTOSH_CLASSIC
OPENSSL_SYS_MACOSX_RHAPSODY
Reviewed-by: Andy Polyakov <appro@openssl.org>
Emilia Kasper [Fri, 5 Sep 2014 12:47:33 +0000 (14:47 +0200)]
RT3425: constant-time evp_enc
Do the final padding check in EVP_DecryptFinal_ex in constant time to
avoid a timing leak from padding failure.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Emilia Kasper [Thu, 4 Sep 2014 11:04:42 +0000 (13:04 +0200)]
RT3067: simplify patch
(Original commit
adb46dbc6dd7347750df2468c93e8c34bcb93a4b)
Use the new constant-time methods consistently in s3_srvr.c
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Emilia Kasper [Thu, 28 Aug 2014 17:43:49 +0000 (19:43 +0200)]
RT3066: rewrite RSA padding checks to be slightly more constant time.
Also tweak s3_cbc.c to use new constant-time methods.
Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1
This patch is based on the original RT submission by Adam Langley <agl@chromium.org>,
as well as code from BoringSSL and OpenSSL.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Emilia Kasper [Tue, 23 Sep 2014 16:37:23 +0000 (18:37 +0200)]
make update
Sync libeay.num from 1.0.2
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
Emilia Kasper [Tue, 23 Sep 2014 16:26:42 +0000 (18:26 +0200)]
Note i2d_re_X509_tbs and related changes in CHANGES
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit
e9128d9401ad617e17c5eb3772512c24b038b967)
Andy Polyakov [Tue, 23 Sep 2014 12:54:04 +0000 (14:54 +0200)]
CHANGES: mention ECP_NISTZ256.
Reviewed-by: Bodo Moeller <bodo@openssl.org>
Andy Polyakov [Sun, 21 Sep 2014 21:05:13 +0000 (23:05 +0200)]
crypto/rsa/rsa_chk.c: harmonize error codes.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Andy Polyakov [Sun, 21 Sep 2014 13:56:02 +0000 (15:56 +0200)]
crypto/ecp_nistz256.c: harmonize error codes.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Tim Hudson [Sun, 21 Sep 2014 11:54:31 +0000 (21:54 +1000)]
Fixed error introduced in commit
f2be92b94dad3c6cbdf79d99a324804094cf1617
that fixed PR#3450 where an existing cast masked an issue when i was changed
from int to long in that commit
Picked up on z/linux (s390) where sizeof(int)!=sizeof(long)
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Andy Polyakov [Sat, 20 Sep 2014 08:18:19 +0000 (10:18 +0200)]
Harmonize Tru64 and Linux make rules.
RT: 3333,3165
Reviewed-by: Rich Salz <rsalz@openssl.org>
Dr. Stephen Henson [Fri, 19 Sep 2014 17:53:39 +0000 (18:53 +0100)]
Fix warning.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Rich Salz [Fri, 19 Sep 2014 01:45:41 +0000 (21:45 -0400)]
RT3291: Add -crl and -revoke options to CA.pl
Document the new features
Reviewed-by: Tim Hudson <tjh@openssl.org>
Jake Goulding [Fri, 5 Sep 2014 15:13:23 +0000 (11:13 -0400)]
RT2301: GetDIBits, not GetBitmapBits in rand_win
GetDIBits has been around since Windows2000 and
BitBitmapBits is an old Win16 compatibility function
that is much slower.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Andy Polyakov [Thu, 11 Sep 2014 22:43:59 +0000 (00:43 +0200)]
crypto/bn/asm/x86_64-mont*.pl: add missing clang detection.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Andy Polyakov [Thu, 11 Sep 2014 22:38:57 +0000 (00:38 +0200)]
Configure: engage ECP_NISTZ256.
RT: 3149
Reviewed-by: Rich Salz <rsalz@openssl.org>
Andy Polyakov [Thu, 11 Sep 2014 22:37:41 +0000 (00:37 +0200)]
Add ECP_NISTZ256 by Shay Gueron, Intel Corp.
RT: 3149
Reviewed-by: Rich Salz <rsalz@openssl.org>
Andy Polyakov [Thu, 11 Sep 2014 22:13:20 +0000 (00:13 +0200)]
Reserve option to use BN_mod_exp_mont_consttime in ECDSA.
Submitted by Shay Gueron, Intel Corp.
RT: 3149
Reviewed-by: Rich Salz <rsalz@openssl.org>
Andy Polyakov [Thu, 11 Sep 2014 22:06:00 +0000 (00:06 +0200)]
perlasm/x86_64-xlate.pl: handle inter-bank movd.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Rich Salz [Thu, 11 Sep 2014 17:08:30 +0000 (13:08 -0400)]
RT2772 update: c_rehash was broken
Move the readdir() lines out of the if statement, so
that flist is available globally.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Rich Salz [Wed, 10 Sep 2014 19:05:38 +0000 (15:05 -0400)]
RT3271 update; extra; semi-colon; confuses; some;
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Rich Salz [Wed, 10 Sep 2014 15:43:45 +0000 (11:43 -0400)]
RT2560: missing NULL check in ocsp_req_find_signer
If we don't find a signer in the internal list, then fall
through and look at the internal list; don't just return NULL.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Rich Salz [Tue, 9 Sep 2014 21:41:46 +0000 (17:41 -0400)]
RT2196: Clear up some README wording
Say where to email bug reports.
Mention general RT tracker info in a separate paragraph.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Matt Caswell [Tue, 9 Sep 2014 20:50:06 +0000 (16:50 -0400)]
RT3192: spurious error in DSA verify
This is funny; Ben commented in the source, Matt opend a ticket,
and Rich is doing the submit. Need more code-review? :)
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Rich Salz [Tue, 9 Sep 2014 21:06:40 +0000 (17:06 -0400)]
Merge branch 'master' of git.openssl.org:openssl
Previous commit was reviewed by Geoff, not Stephen:
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
Rich Salz [Tue, 9 Sep 2014 17:53:16 +0000 (13:53 -0400)]
RT3271: Don't use "if !" in shell lines
For portability don't use "if ! expr"
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
Rich Salz [Tue, 9 Sep 2014 17:53:16 +0000 (13:53 -0400)]
RT3271: Don't use "if !" in shell lines
For portability don't use "if ! expr"
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Geoff Keating [Tue, 9 Sep 2014 18:28:54 +0000 (14:28 -0400)]
RT1909: Omit version for v1 certificates
When calling X509_set_version to set v1 certificate, that
should mean that the version number field is omitted.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Kurt Cancemi [Tue, 9 Sep 2014 17:48:00 +0000 (13:48 -0400)]
RT3506: typo's in ssltest
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Paul Suhler [Mon, 8 Sep 2014 22:34:48 +0000 (18:34 -0400)]
RT2841: Extra return in check_issued
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Kurt Roeckx [Mon, 8 Sep 2014 21:14:36 +0000 (17:14 -0400)]
RT2626: Change default_bits from 1K to 2K
This is a more comprehensive fix. It changes all
keygen apps to use 2K keys. It also changes the
default to use SHA256 not SHA1. This is from
Kurt's upstream Debian changes.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Rich Salz [Mon, 8 Sep 2014 20:27:29 +0000 (16:27 -0400)]
RT2600: Change Win line-endings to Unix.
For consistency.
Reviewed-by: Bodo Moeller <bodo@openssl.org>
Matthias Andree [Sun, 7 Sep 2014 22:45:02 +0000 (18:45 -0400)]
RT2272: Add old-style hash to c_rehash
In addition to Matthias's change, I also added -n to
not remove links. And updated the manpage.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Bjoern Zeeb [Fri, 15 Aug 2014 02:11:08 +0000 (22:11 -0400)]
RT671: export(i2s|s2i|i2v|v2i)_ASN1_(IA5|BIT)STRING
The EXT_BITSTRING and EXT_IA5STRING are defined in x509v3.h, but
the low-level functions are not public. They are useful, no need
to make them static. Note that BITSTRING already was exposed since
this RT was created, so now we just export IA5STRING functions.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Rich Salz [Wed, 3 Sep 2014 16:02:13 +0000 (12:02 -0400)]
RT468: SSL_CTX_sess_set_cache_size wrong
The documentation is wrong about what happens when the
session cache fills up.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Erik Auerswald [Wed, 27 Aug 2014 02:50:34 +0000 (22:50 -0400)]
RT3301: Discard too-long heartbeat requests
Reviewed-by: Tim Hudson <tjh@openssl.org>
Dario B [Thu, 4 Sep 2014 20:59:44 +0000 (16:59 -0400)]
RT3291: Add -crl and -revoke options to CA.pl
I added some error-checking while integrating this patch.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Scott Schaefer [Wed, 13 Aug 2014 18:42:23 +0000 (14:42 -0400)]
RT2518: fix pod2man errors
pod2man now complains when item tags are not sequential.
Also complains about missing =back and other tags.
Silence the warnings; most were already done.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Rich Salz [Thu, 14 Aug 2014 20:47:13 +0000 (16:47 -0400)]
RT992: RSA_check_key should have a callback arg
The original RT request included a patch. By the time
we got around to doing it, however, the callback scheme
had changed. So I wrote a new function RSA_check_key_ex()
that uses the BN_GENCB callback. But thanks very much
to Vinet Sharma <vineet.sharma@gmail.com> for the
initial implementation.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Rich Salz [Thu, 4 Sep 2014 21:15:42 +0000 (17:15 -0400)]
RT3108: OPENSSL_NO_SOCK should imply OPENSSL_NO_DGRAM
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Robin Lee [Thu, 4 Sep 2014 16:36:41 +0000 (12:36 -0400)]
RT3031: Need to #undef some names for win32
Copy the ifdef/undef stanza from x509.h to x509v3.h
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Rich Salz [Thu, 4 Sep 2014 16:55:31 +0000 (12:55 -0400)]
RT2849: Redundant check of "dsa" variable.
In the current code, the check isn't redundant.
And in fact the REAL check was missing.
This avoids a NULL-deref crash.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Martin Olsson [Thu, 4 Sep 2014 16:45:05 +0000 (12:45 -0400)]
RT2843: Remove another spurious close-comment token
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Martin Olsson [Thu, 4 Sep 2014 16:42:34 +0000 (12:42 -0400)]
RT2842: Remove spurious close-comment marker.
Also, I (rsalz) changed "#ifdef undef" to "#if 0"
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Rich Salz [Mon, 8 Sep 2014 14:44:07 +0000 (10:44 -0400)]
Merge branch 'master' of git.openssl.org:openssl
empty merge; script hiccup.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Rich Salz [Fri, 5 Sep 2014 22:01:31 +0000 (18:01 -0400)]
RT1834: Fix PKCS7_verify return value
The function returns 0 or 1, only.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Rich Salz [Fri, 5 Sep 2014 22:01:31 +0000 (18:01 -0400)]
RT1832: Fix PKCS7_verify return value
The function returns 0 or 1, only.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Alon Bar-Lev [Fri, 5 Sep 2014 14:53:51 +0000 (10:53 -0400)]
RT1771: Add string.h include.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Viktor Dkhovni [Sun, 7 Sep 2014 22:22:33 +0000 (18:22 -0400)]
RT1325,2973: Add more extensions to c_rehash
Regexp was bracketed wrong.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Emilia Kasper [Fri, 5 Sep 2014 15:19:36 +0000 (17:19 +0200)]
make update
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
Emilia Kasper [Fri, 5 Sep 2014 13:25:57 +0000 (15:25 +0200)]
Add i2d_re_X509_tbs
i2d_re_X509_tbs re-encodes the TBS portion of the certificate.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
Dr. Stephen Henson [Fri, 5 Sep 2014 12:39:39 +0000 (13:39 +0100)]
Add CHANGES entry for SCT viewer code.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Dr. Stephen Henson [Thu, 28 Aug 2014 17:39:03 +0000 (18:39 +0100)]
sync ordinals with 1.0.2
Reviewed-by: Tim Hudson <tjh@openssl.org>
Adam Langley [Fri, 20 Jun 2014 19:00:00 +0000 (12:00 -0700)]
psk_client_callback, 128-byte id bug.
Fix a bug in handling of 128 byte long PSK identity in
psk_client_callback.
OpenSSL supports PSK identities of up to (and including) 128 bytes in
length. PSK identity is obtained via the psk_client_callback,
implementors of which are expected to provide a NULL-terminated
identity. However, the callback is invoked with only 128 bytes of
storage thus making it impossible to return a 128 byte long identity and
the required additional NULL byte.
This CL fixes the issue by passing in a 129 byte long buffer into the
psk_client_callback. As a safety precaution, this CL also zeroes out the
buffer before passing it into the callback, uses strnlen for obtaining
the length of the identity returned by the callback, and aborts the
handshake if the identity (without the NULL terminator) is longer than
128 bytes.
(Original patch amended to achieve strnlen in a different way.)
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Thu, 14 Aug 2014 23:24:34 +0000 (01:24 +0200)]
Followup on RT3334 fix: make sure that a directory that's the empty
string returns 0 with errno = ENOENT.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Phil Mesnier [Thu, 14 Aug 2014 17:35:07 +0000 (19:35 +0200)]
RT3334: Fix crypto/LPdir_win.c
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
Clang via Jeffrey Walton [Tue, 2 Sep 2014 21:04:53 +0000 (17:04 -0400)]
RT3140: Possibly-unit variable in pem_lib.c
Can't really happen, but the flow of control isn't obvious.
Add an initializer.
Reviewed-by: Matt Caswell <matt@openssl.org>
Emilia Kasper [Thu, 28 Aug 2014 17:45:55 +0000 (19:45 +0200)]
Make the inline const-time functions static.
"inline" without static is not correct as the compiler may choose to ignore it
and will then either emit an external definition, or expect one.
Reviewed-by: Geoff Thorpe <geoff@openssl.org>