Bodo Möller [Mon, 24 Sep 2012 19:50:07 +0000 (19:50 +0000)]
Fix Valgrind warning.
Submitted by: Adam Langley
Richard Levitte [Mon, 24 Sep 2012 18:49:09 +0000 (18:49 +0000)]
* Configure: make the debug-levitte-linux{elf,noasm} less extreme.
Richard Levitte [Fri, 21 Sep 2012 13:08:32 +0000 (13:08 +0000)]
* ssl/t1_enc.c (tls1_change_cipher_state): Stupid bug. Fortunately in
debugging code that's seldom used.
Dr. Stephen Henson [Tue, 11 Sep 2012 13:45:42 +0000 (13:45 +0000)]
fix memory leak
Richard Levitte [Thu, 5 Jul 2012 09:06:20 +0000 (09:06 +0000)]
Remove duplicate symbol in crypto/symhacks.h
Have the new names start in column 48, that makes it easy to see when
the 31 character limit is reached (on a 80 column display, do the math)
Dr. Stephen Henson [Fri, 11 May 2012 13:49:15 +0000 (13:49 +0000)]
PR: 2813
Reported by: Constantine Sapuntzakis <csapuntz@gmail.com>
Fix possible deadlock when decoding public keys.
Dr. Stephen Henson [Thu, 10 May 2012 16:01:11 +0000 (16:01 +0000)]
prepare for next version
Dr. Stephen Henson [Thu, 10 May 2012 14:38:52 +0000 (14:38 +0000)]
update FAQ
Dr. Stephen Henson [Thu, 10 May 2012 14:36:07 +0000 (14:36 +0000)]
prepare for 0.9.8x release
Dr. Stephen Henson [Thu, 10 May 2012 14:35:13 +0000 (14:35 +0000)]
update NEWS
Dr. Stephen Henson [Thu, 10 May 2012 14:33:11 +0000 (14:33 +0000)]
Sanity check record length before skipping explicit IV in DTLS
to fix DoS attack.
Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
fuzzing as a service testing platform.
(CVE-2012-2333)
Dr. Stephen Henson [Thu, 10 May 2012 13:27:57 +0000 (13:27 +0000)]
Reported by: Solar Designer of Openwall
Make sure tkeylen is initialised properly when encrypting CMS messages.
Richard Levitte [Fri, 4 May 2012 10:43:17 +0000 (10:43 +0000)]
Correct environment variable is OPENSSL_ALLOW_PROXY_CERTS.
Dr. Stephen Henson [Mon, 23 Apr 2012 21:15:22 +0000 (21:15 +0000)]
prepare for next version
Dr. Stephen Henson [Mon, 23 Apr 2012 21:03:04 +0000 (21:03 +0000)]
update STATUS
Dr. Stephen Henson [Mon, 23 Apr 2012 20:51:18 +0000 (20:51 +0000)]
correct STATUS
Dr. Stephen Henson [Mon, 23 Apr 2012 20:49:21 +0000 (20:49 +0000)]
correct NEWS
Dr. Stephen Henson [Mon, 23 Apr 2012 20:45:29 +0000 (20:45 +0000)]
prepare form 0.9.8w release
Dr. Stephen Henson [Mon, 23 Apr 2012 20:43:35 +0000 (20:43 +0000)]
update NEWS
Dr. Stephen Henson [Mon, 23 Apr 2012 20:35:55 +0000 (20:35 +0000)]
The fix for CVE-2012-2110 did not take into account that the
'len' argument to BUF_MEM_grow and BUF_MEM_grow_clean is an
int in OpenSSL 0.9.8, making it still vulnerable. Fix by
rejecting negative len parameter.
Thanks to the many people who reported this bug and to Tomas Hoger
<thoger@redhat.com> for supplying the fix.
Dr. Stephen Henson [Sun, 22 Apr 2012 13:31:46 +0000 (13:31 +0000)]
correct error code
Dr. Stephen Henson [Sun, 22 Apr 2012 13:22:38 +0000 (13:22 +0000)]
correct old FAQ answers, sync with HEAD
Dr. Stephen Henson [Thu, 19 Apr 2012 17:03:28 +0000 (17:03 +0000)]
prepare for next version
Dr. Stephen Henson [Thu, 19 Apr 2012 12:05:18 +0000 (12:05 +0000)]
update FAQ
Dr. Stephen Henson [Thu, 19 Apr 2012 11:39:03 +0000 (11:39 +0000)]
prepare for 0.9.8v release
Dr. Stephen Henson [Thu, 19 Apr 2012 11:37:17 +0000 (11:37 +0000)]
update NEWS
Dr. Stephen Henson [Thu, 19 Apr 2012 11:36:09 +0000 (11:36 +0000)]
Check for potentially exploitable overflows in asn1_d2i_read_bio
BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
in CRYPTO_realloc_clean.
Thanks to Tavis Ormandy, Google Security Team, for discovering this
issue and to Adam Langley <agl@chromium.org> for fixing it. (CVE-2012-2110)
Dr. Stephen Henson [Sun, 15 Apr 2012 16:48:34 +0000 (16:48 +0000)]
use /fixed argument when linking FIPS targets to disable address space layout randomization
Dr. Stephen Henson [Sat, 31 Mar 2012 18:02:23 +0000 (18:02 +0000)]
PR: 2778(part)
Submitted by: John Fitzgibbon <john_fitzgibbon@yahoo.com>
Time is always encoded as 4 bytes, not sizeof(Time).
Dr. Stephen Henson [Sun, 18 Mar 2012 18:18:30 +0000 (18:18 +0000)]
Always use SSLv23_{client,server}_method in s_client.c and s_server.c,
the old code came from SSLeay days before TLS was even supported.
Dr. Stephen Henson [Mon, 12 Mar 2012 16:35:13 +0000 (16:35 +0000)]
prepare for next version
Dr. Stephen Henson [Mon, 12 Mar 2012 15:25:53 +0000 (15:25 +0000)]
corrected fix to PR#2711 and also cover mime_param_cmp
Dr. Stephen Henson [Mon, 12 Mar 2012 15:01:44 +0000 (15:01 +0000)]
correct FAQ
Dr. Stephen Henson [Mon, 12 Mar 2012 14:53:14 +0000 (14:53 +0000)]
prepare for release
Dr. Stephen Henson [Mon, 12 Mar 2012 14:52:14 +0000 (14:52 +0000)]
update NEWS
Dr. Stephen Henson [Mon, 12 Mar 2012 14:51:45 +0000 (14:51 +0000)]
Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and
continue with symmetric decryption process to avoid leaking timing
information to an attacker.
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
Dr. Stephen Henson [Mon, 12 Mar 2012 14:50:55 +0000 (14:50 +0000)]
fix error code
Dr. Stephen Henson [Mon, 12 Mar 2012 12:46:52 +0000 (12:46 +0000)]
manually patch missing part of PR#2756
Dr. Stephen Henson [Fri, 9 Mar 2012 15:51:56 +0000 (15:51 +0000)]
PR: 2756
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix DTLS timeout handling.
Dr. Stephen Henson [Thu, 8 Mar 2012 14:01:44 +0000 (14:01 +0000)]
check return value of BIO_write in PKCS7_decrypt
Dr. Stephen Henson [Wed, 7 Mar 2012 15:14:16 +0000 (15:14 +0000)]
PR: 2755
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reduce MTU after failed transmissions. [0.9.8 version of patch]
Dr. Stephen Henson [Tue, 6 Mar 2012 19:08:30 +0000 (19:08 +0000)]
return failure code if I/O error
Dr. Stephen Henson [Tue, 6 Mar 2012 18:25:33 +0000 (18:25 +0000)]
revert PR#2755: it breaks compilation
Dr. Stephen Henson [Tue, 6 Mar 2012 13:45:47 +0000 (13:45 +0000)]
PR: 2755
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reduce MTU after failed transmissions.
Dr. Stephen Henson [Tue, 6 Mar 2012 13:37:52 +0000 (13:37 +0000)]
PR: 2696 Submitted by: Rob Austein <sra@hactrn.net>
Fix inverted range problem in RFC3779 code.
Thanks to Andrew Chi for generating test cases for this bug.
[from HEAD]
Dr. Stephen Henson [Tue, 6 Mar 2012 13:22:32 +0000 (13:22 +0000)]
oops, revert unrelated patches
Dr. Stephen Henson [Tue, 6 Mar 2012 13:20:20 +0000 (13:20 +0000)]
PR: 2748
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Fix possible DTLS timer deadlock.
Dr. Stephen Henson [Tue, 28 Feb 2012 14:47:36 +0000 (14:47 +0000)]
Fix memory leak cause by race condition when creating public keys.
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
Dr. Stephen Henson [Mon, 27 Feb 2012 16:26:32 +0000 (16:26 +0000)]
free headers after use in error message
Dr. Stephen Henson [Mon, 27 Feb 2012 15:23:20 +0000 (15:23 +0000)]
Detect symmetric crypto errors in PKCS7_decrypt.
Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for reporting this bug.
Dr. Stephen Henson [Thu, 23 Feb 2012 21:50:13 +0000 (21:50 +0000)]
PR: 2711
Submitted by: Tomas Mraz <tmraz@redhat.com>
Tolerate bad MIME headers in parser.
Dr. Stephen Henson [Thu, 16 Feb 2012 15:21:17 +0000 (15:21 +0000)]
Fix bug in CVE-2011-4619: check we have really received a client hello
before rejecting multiple SGC restarts.
Dr. Stephen Henson [Sat, 11 Feb 2012 23:12:34 +0000 (23:12 +0000)]
PR: 2703
Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>
Fix some memory and resource leaks in CAPI ENGINE.
Dr. Stephen Henson [Sat, 11 Feb 2012 23:07:32 +0000 (23:07 +0000)]
PR: 2705
Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>
Only create ex_data indices once for CAPI engine.
Dr. Stephen Henson [Fri, 20 Jan 2012 23:24:17 +0000 (23:24 +0000)]
fix Visual Studio 2010 warning [from HEAD] (original by appro)
Dr. Stephen Henson [Wed, 18 Jan 2012 14:27:13 +0000 (14:27 +0000)]
prepare for next version
Dr. Stephen Henson [Wed, 18 Jan 2012 13:15:37 +0000 (13:15 +0000)]
update FAQ
Dr. Stephen Henson [Wed, 18 Jan 2012 13:14:49 +0000 (13:14 +0000)]
prepare for release
Dr. Stephen Henson [Wed, 18 Jan 2012 13:13:31 +0000 (13:13 +0000)]
update NEWS
Dr. Stephen Henson [Wed, 18 Jan 2012 13:12:08 +0000 (13:12 +0000)]
Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.
Thanks to Antonio Martin, Enterprise Secure Access Research and
Development, Cisco Systems, Inc. for discovering this bug and
preparing a fix. (CVE-2012-0050)
Dr. Stephen Henson [Tue, 17 Jan 2012 14:18:26 +0000 (14:18 +0000)]
fix CHANGES entry
Dr. Stephen Henson [Tue, 10 Jan 2012 14:37:00 +0000 (14:37 +0000)]
fix warning
Bodo Möller [Thu, 5 Jan 2012 13:15:29 +0000 (13:15 +0000)]
Fix usage indentation
Bodo Möller [Thu, 5 Jan 2012 10:21:49 +0000 (10:21 +0000)]
Fix for builds without DTLS support.
Submitted by: Brian Carlstrom
Dr. Stephen Henson [Wed, 4 Jan 2012 23:56:13 +0000 (23:56 +0000)]
update for next version
Dr. Stephen Henson [Wed, 4 Jan 2012 19:23:07 +0000 (19:23 +0000)]
update FAQ
Dr. Stephen Henson [Wed, 4 Jan 2012 19:20:49 +0000 (19:20 +0000)]
prepare for 0.9.8s release
Dr. Stephen Henson [Wed, 4 Jan 2012 19:16:11 +0000 (19:16 +0000)]
update NEWS
Dr. Stephen Henson [Wed, 4 Jan 2012 19:12:39 +0000 (19:12 +0000)]
make update
Dr. Stephen Henson [Wed, 4 Jan 2012 19:10:16 +0000 (19:10 +0000)]
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen <tuexen@fh-muenster.de>
Reviewed by: steve
Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and
Kenny Paterson.
Dr. Stephen Henson [Wed, 4 Jan 2012 19:00:28 +0000 (19:00 +0000)]
Fix double free in policy check code (CVE-2011-4109)
Dr. Stephen Henson [Wed, 4 Jan 2012 18:54:17 +0000 (18:54 +0000)]
Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576)
Dr. Stephen Henson [Wed, 4 Jan 2012 18:52:18 +0000 (18:52 +0000)]
Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)
Dr. Stephen Henson [Wed, 4 Jan 2012 18:45:18 +0000 (18:45 +0000)]
stop warning
Dr. Stephen Henson [Wed, 4 Jan 2012 18:44:20 +0000 (18:44 +0000)]
Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577)
Dr. Stephen Henson [Wed, 4 Jan 2012 14:25:10 +0000 (14:25 +0000)]
Submitted by: Adam Langley <agl@chromium.org>
Reviewed by: steve
Fix memory leaks.
Dr. Stephen Henson [Mon, 26 Dec 2011 19:38:28 +0000 (19:38 +0000)]
PR: 2326
Submitted by: Tianjie Mao <tjmao@tjmao.net>
Reviewed by: steve
Fix incorrect comma expressions and goto f_err as alert has been set.
Andy Polyakov [Fri, 9 Dec 2011 14:28:48 +0000 (14:28 +0000)]
x86-mont.pl: fix bug in integer-only squaring path [from HEAD].
PR: 2648
Dr. Stephen Henson [Tue, 6 Dec 2011 00:01:09 +0000 (00:01 +0000)]
The default CN prompt message can be confusing when often the CN needs to
be the server FQDN: change it.
[Reported by PSW Group]
Bodo Möller [Fri, 2 Dec 2011 12:50:44 +0000 (12:50 +0000)]
Resolve a stack set-up race condition (if the list of compression
methods isn't presorted, it will be sorted on first read).
Submitted by: Adam Langley
Bodo Möller [Fri, 2 Dec 2011 12:40:25 +0000 (12:40 +0000)]
Fix ecdsatest.c.
Submitted by: Emilia Kasper
Bodo Möller [Fri, 2 Dec 2011 12:23:57 +0000 (12:23 +0000)]
Fix BIO_f_buffer().
Submitted by: Adam Langley
Reviewed by: Bodo Moeller
Andy Polyakov [Sat, 5 Nov 2011 10:17:06 +0000 (10:17 +0000)]
ppc.pl: fix bug in bn_mul_comba4 [from HEAD].
PR: 2636
Submitted by: Charles Bryant
Dr. Stephen Henson [Thu, 27 Oct 2011 13:06:26 +0000 (13:06 +0000)]
PR: 2628
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Send alert instead of assertion failure for incorrectly formatted DTLS
fragments.
Dr. Stephen Henson [Wed, 26 Oct 2011 16:42:48 +0000 (16:42 +0000)]
PR: 2632
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve
Return -1 immediately if not affine coordinates as BN_CTX has not been
set up.
Bodo Möller [Wed, 19 Oct 2011 14:57:59 +0000 (14:57 +0000)]
BN_BLINDING multi-threading fix.
Submitted by: Emilia Kasper (Google)
Bodo Möller [Wed, 19 Oct 2011 13:53:41 +0000 (13:53 +0000)]
Oops: this change (cvs.openssl.org/chngview?cn=21503)
wasn't right for 0.9.8-stable (it's actually a fix for
http://cvs.openssl.org/chngview?cn=14494, which introduced
SSL_CTRL_SET_MAX_SEND_FRAGMENT).
Bodo Möller [Thu, 13 Oct 2011 13:24:13 +0000 (13:24 +0000)]
Clarify warning
Bodo Möller [Thu, 13 Oct 2011 13:04:40 +0000 (13:04 +0000)]
In ssl3_clear, preserve s3->init_extra along with s3->rbuf.
Submitted by: Bob Buckholz <bbuckholz@google.com>
Dr. Stephen Henson [Sun, 9 Oct 2011 00:56:18 +0000 (00:56 +0000)]
PR: 2482
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve
Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.
Dr. Stephen Henson [Mon, 26 Sep 2011 17:05:00 +0000 (17:05 +0000)]
fix signed/unsigned warning
Dr. Stephen Henson [Fri, 23 Sep 2011 21:49:08 +0000 (21:49 +0000)]
use keyformat for -x509toreq, don't hard code PEM
Dr. Stephen Henson [Fri, 23 Sep 2011 13:40:06 +0000 (13:40 +0000)]
PR: 2606
Submitted by: Christoph Viethen <cv@kawo2.rwth-aachen.de>
Reviewed by: steve
Handle timezones correctly in UTCTime.
Dr. Stephen Henson [Fri, 23 Sep 2011 13:35:32 +0000 (13:35 +0000)]
PR: 2602
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS bug which prevents manual MTU setting
Dr. Stephen Henson [Fri, 23 Sep 2011 13:13:02 +0000 (13:13 +0000)]
PR: 2347
Submitted by: Tomas Mraz <tmraz@redhat.com>
Reviewed by: steve
Fix usage message.
Bodo Möller [Mon, 5 Sep 2011 10:25:15 +0000 (10:25 +0000)]
(EC)DH memory handling fixes.
Submitted by: Adam Langley
Bodo Möller [Mon, 5 Sep 2011 09:56:48 +0000 (09:56 +0000)]
Fix memory leak on bad inputs.
Bodo Möller [Mon, 5 Sep 2011 09:52:58 +0000 (09:52 +0000)]
Move OPENSSL_init declaration out of auto-generated code section
(it is not auto-generated).
Dr. Stephen Henson [Fri, 2 Sep 2011 11:20:49 +0000 (11:20 +0000)]
PR: 2576
Submitted by: Doug Goldstein <cardoe@gentoo.org>
Reviewed by: steve
Include header file stdlib.h which is needed on some platforms to get
getenv() declaration.
Dr. Stephen Henson [Thu, 1 Sep 2011 15:03:10 +0000 (15:03 +0000)]
PR: 2340
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar>
Reviewed by: steve
Stop warnings if OPENSSL_NO_DGRAM is defined.