Matt Caswell [Thu, 26 Feb 2015 11:56:00 +0000 (11:56 +0000)]
Prevent handshake with unseeded PRNG
Fix security issue where under certain conditions a client can complete a
handshake with an unseeded PRNG. The conditions are:
- Client is on a platform where the PRNG has not been seeded, and the
user has not seeded manually
- A protocol specific client method version has been used (i.e. not
SSL_client_methodv23)
- A ciphersuite is used that does not require additional random data
from the PRNG beyond the initial ClientHello client random
(e.g. PSK-RC4-SHA)
If the handshake succeeds then the client random that has been used will
have been generated from a PRNG with insufficient entropy and therefore
the output may be predictable.
For example using the following command with an unseeded openssl will
succeed on an unpatched platform:
openssl s_client -psk
1a2b3c4d -tls1_2 -cipher PSK-RC4-SHA
CVE-2015-0285
Reviewed-by: Richard Levitte <levitte@openssl.org>
Dmitry-Me [Sun, 1 Jun 2014 17:30:52 +0000 (21:30 +0400)]
Fix wrong numbers being passed as string lengths
Signed-off-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Mon, 9 Mar 2015 16:55:18 +0000 (16:55 +0000)]
update ordinals
Reviewed-by: Matt Caswell <matt@openssl.org>
David Woodhouse [Mon, 2 Mar 2015 16:20:15 +0000 (16:20 +0000)]
Wrong SSL version in DTLS1_BAD_VER ClientHello
Since commit
741c9959 ("DTLS revision."), we put the wrong protocol
version into our ClientHello for DTLS1_BAD_VER. The old DTLS
code which used ssl->version was replaced by the more generic SSL3 code
which uses ssl->client_version. The Cisco ASA no longer likes our
ClientHello.
RT#3711
Reviewed-by: Rich Salz <rsalz@openssl.org>
Matt Caswell [Mon, 2 Mar 2015 14:34:19 +0000 (14:34 +0000)]
Fix DTLS1_BAD_VER regression
Commit
9cf0f187 in HEAD, and
68039af3 in 1.0.2, removed a version check
from dtls1_buffer_message() which was needed to distinguish between DTLS
1.x and Cisco's pre-standard version of DTLS (DTLS1_BAD_VER).
Based on an original patch by David Woodhouse <dwmw2@infradead.org>
RT#3703
Reviewed-by: Tim Hudson <tjh@openssl.org>
Dr. Stephen Henson [Tue, 3 Mar 2015 14:20:23 +0000 (14:20 +0000)]
Cleanse PKCS#8 private key components.
New function ASN1_STRING_clear_free which cleanses an ASN1_STRING
structure before freeing it.
Call ASN1_STRING_clear_free on PKCS#8 private key components.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Dr. Stephen Henson [Tue, 24 Feb 2015 16:35:37 +0000 (16:35 +0000)]
Additional CMS documentation.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Andy Polyakov [Tue, 3 Mar 2015 20:44:53 +0000 (21:44 +0100)]
ARMv4 assembly pack: add Cortex-A15 performance data.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Viktor Szakats [Sun, 8 Mar 2015 02:24:40 +0000 (21:24 -0500)]
GitHub 237: Use https for IETF links
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Matt Caswell [Fri, 6 Mar 2015 13:01:31 +0000 (13:01 +0000)]
make errors
Run make errors on master
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Fri, 6 Mar 2015 13:00:47 +0000 (13:00 +0000)]
Update mkerr.pl for new format
Make the output from mkerr.pl consistent with the newly reformatted code.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Richard Levitte [Fri, 6 Mar 2015 00:16:29 +0000 (01:16 +0100)]
update TABLE
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Fri, 6 Mar 2015 00:16:19 +0000 (01:16 +0100)]
Cleanup spaces
Reviewed-by: Rich Salz <rsalz@openssl.org>
Richard Levitte [Thu, 5 Mar 2015 17:19:06 +0000 (18:19 +0100)]
Catch up the VMS build.
crypto/crypto-lib.com - catch up with the OCSP changes
test/maketest.com and test/tests.com - catch up with the addition of test_evp_extra
Reviewed-by: Rich Salz <rsalz@openssl.org>
Dr. Stephen Henson [Thu, 5 Mar 2015 15:17:33 +0000 (15:17 +0000)]
Make STACK_OF opaque.
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Thu, 5 Mar 2015 15:44:41 +0000 (15:44 +0000)]
update ordinals
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Thu, 5 Mar 2015 13:41:11 +0000 (13:41 +0000)]
Make OCSP structures opaque.
Reviewed-by: Matt Caswell <matt@openssl.org>
Kurt Cancemi [Wed, 4 Mar 2015 10:57:45 +0000 (10:57 +0000)]
Use constants not numbers
This patch uses warning/fatal constants instead of numbers with comments for
warning/alerts in d1_pkt.c and s3_pkt.c
RT#3725
Reviewed-by: Rich Salz <rsalz@openssl.org>
Matt Caswell [Wed, 4 Mar 2015 17:49:51 +0000 (17:49 +0000)]
Unchecked malloc fixes
Miscellaneous unchecked malloc fixes. Also fixed some mem leaks on error
paths as I spotted them along the way.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Dr. Stephen Henson [Sun, 1 Mar 2015 15:38:56 +0000 (15:38 +0000)]
add RIPEMD160 whirlpool tests
Add RIPEMD160 and whirlpool test data.
Add Count keyword to repeatedly call EVP_DigestUpate.
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Wed, 18 Feb 2015 00:34:59 +0000 (00:34 +0000)]
Check public key is not NULL.
CVE-2015-0288
PR#3708
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Mon, 2 Mar 2015 13:26:29 +0000 (13:26 +0000)]
Fix format script.
The format script didn't correctly recognise some ASN.1 macros and
didn't reformat some files as a result. Fix script and reformat
affected files.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Rich Salz [Mon, 2 Mar 2015 01:46:38 +0000 (20:46 -0500)]
Cleanup some doc files
ACKNOWLEDGEMENTS is now spelled correctly :)
README.ASN1 talked about 0.9.6, so it's deleted.
I turned doc/standards.txt into a set of one-line summaries of RFCs, and
also updated the pointers to original sources (to be web links)
Reviewed-by: Richard Levitte <levitte@openssl.org>
Rich Salz [Fri, 27 Feb 2015 20:06:41 +0000 (15:06 -0500)]
Remove experimental 56bit export ciphers
These ciphers are removed:
TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5
TLS1_CK_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5
TLS1_CK_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS1_CK_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS1_CK_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA
TLS1_CK_DHE_DSS_WITH_RC4_128_SHA
They were defined in a long-expired IETF internet-draft:
draft-ietf-tls-56-bit-ciphersuites-01.txt
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Fri, 27 Feb 2015 16:52:07 +0000 (16:52 +0000)]
Fix d2i_SSL_SESSION for DTLS1_BAD_VER
Some Cisco appliances use a pre-standard version number for DTLS. We support
this as DTLS1_BAD_VER within the code.
This change fixes d2i_SSL_SESSION for that DTLS version.
Based on an original patch by David Woodhouse <dwmw2@infradead.org>
RT#3704
Reviewed-by: Tim Hudson <tjh@openssl.org>
Matt Caswell [Thu, 26 Feb 2015 11:54:58 +0000 (11:54 +0000)]
Fixed missing return value checks.
Added various missing return value checks in tls1_change_cipher_state.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Thu, 26 Feb 2015 11:53:55 +0000 (11:53 +0000)]
Fix missing return value checks.
Fixed various missing return value checks in ssl3_send_newsession_ticket.
Also a mem leak on error.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Dr. Stephen Henson [Fri, 27 Feb 2015 02:50:41 +0000 (02:50 +0000)]
reformat evp_test.c
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Fri, 27 Feb 2015 00:49:47 +0000 (00:49 +0000)]
Add OCB support and test vectors for evp_test.
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Thu, 26 Feb 2015 19:58:20 +0000 (19:58 +0000)]
Skip unsupported digests in evp_test
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Thu, 26 Feb 2015 19:46:03 +0000 (19:46 +0000)]
add MD4 test data
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Thu, 26 Feb 2015 19:26:53 +0000 (19:26 +0000)]
Skip unsupported ciphers in evp_test.
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Thu, 26 Feb 2015 19:23:38 +0000 (19:23 +0000)]
Make OpenSSL compile with no-rc4
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Thu, 26 Feb 2015 18:54:12 +0000 (18:54 +0000)]
Add algorithm skip support.
Add support for skipping disabled algorithms: if an attempt to load a
public or private key results in an unknown algorithm error then any
test using that key is automatically skipped.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Matt Caswell [Thu, 26 Feb 2015 10:35:50 +0000 (10:35 +0000)]
Fix evp_extra_test.c with no-ec
When OpenSSL is configured with no-ec, then the new evp_extra_test fails to
pass. This change adds appropriate OPENSSL_NO_EC guards around the code.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Matt Caswell [Wed, 25 Feb 2015 23:28:24 +0000 (23:28 +0000)]
Remove NETSCAPE_HANG_BUG
NETSCAPE_HANG_BUG is a workaround for a browser bug from many years ago
(2000).
It predates DTLS, so certainly has no place in d1_srvr.c.
In s3_srvr.c it forces the ServerDone to appear in the same record as the
CertificateRequest when doing client auth.
BoringSSL have already made the same commit:
79ae85e4f777f94d91b7be19e8a62016cb55b3c5
Reviewed-by: Tim Hudson <tjh@openssl.org>
Matt Caswell [Thu, 5 Feb 2015 17:13:46 +0000 (17:13 +0000)]
Removed support for SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG. Also removed
the "-hack" option from s_server that set this option.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Matt Caswell [Wed, 25 Feb 2015 15:25:27 +0000 (15:25 +0000)]
Update the SHA* documentation
Updates to include SHA224, SHA256, SHA384 and SHA512. In particular note
the restriction on setting md to NULL with regards to thread safety.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Rainer Jung [Tue, 24 Feb 2015 19:12:17 +0000 (19:12 +0000)]
Fix NAME section of d2i_ECPKParameters to prevent broken symlinks when using
the extract-names.pl script.
RT#3718
Reviewed-by: Rich Salz <rsalz@openssl.org>
Matt Caswell [Fri, 20 Feb 2015 09:18:29 +0000 (09:18 +0000)]
Fix some minor documentation issues
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Matt Caswell [Tue, 10 Feb 2015 16:21:30 +0000 (16:21 +0000)]
Remove pointless free, and use preferred way of calling d2i_* functions
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Matt Caswell [Tue, 10 Feb 2015 16:08:33 +0000 (16:08 +0000)]
Add dire warnings about the "reuse" capability of the d2i_* functions.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Matt Caswell [Tue, 10 Feb 2015 15:45:56 +0000 (15:45 +0000)]
Provide documentation for i2d_ECPrivateKey and d2i_ECPrivateKey
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Matt Caswell [Mon, 9 Feb 2015 11:38:41 +0000 (11:38 +0000)]
Fix a failure to NULL a pointer freed on error.
Inspired by BoringSSL commit
517073cd4b by Eric Roman <eroman@chromium.org>
CVE-2015-0209
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Matt Caswell [Mon, 9 Feb 2015 09:45:35 +0000 (09:45 +0000)]
Import evp_test.c from BoringSSL. Unfortunately we already have a file
called evp_test.c, so I have called this one evp_extra_test.c
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Matt Caswell [Tue, 27 Jan 2015 11:15:15 +0000 (11:15 +0000)]
Add documentation for the -no_alt_chains option for various apps, as well as
the X509_V_FLAG_NO_ALT_CHAINS flag.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Matt Caswell [Tue, 27 Jan 2015 10:50:38 +0000 (10:50 +0000)]
Add -no_alt_chains option to apps to implement the new
X509_V_FLAG_NO_ALT_CHAINS flag. Using this option means that when building
certificate chains, the first chain found will be the one used. Without this
flag, if the first chain found is not trusted then we will keep looking to
see if we can build an alternative chain instead.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Matt Caswell [Tue, 27 Jan 2015 10:35:27 +0000 (10:35 +0000)]
Add flag to inhibit checking for alternate certificate chains. Setting this
behaviour will force behaviour as per previous versions of OpenSSL
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Matt Caswell [Tue, 27 Jan 2015 10:03:29 +0000 (10:03 +0000)]
In certain situations the server provided certificate chain may no longer be
valid. However the issuer of the leaf, or some intermediate cert is in fact
in the trust store.
When building a trust chain if the first attempt fails, then try to see if
alternate chains could be constructed that are trusted.
RT3637
RT3621
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Rich Salz [Tue, 24 Feb 2015 22:45:08 +0000 (17:45 -0500)]
Remove CVS filtering from find targets
Reviewed-by: Richard Levitte <levitte@openssl.org>
Rich Salz [Tue, 24 Feb 2015 22:40:22 +0000 (17:40 -0500)]
Move build config table to separate files.
Move the build configuration table into separate files. The Configurations
file is standard configs, and Configurations.team is for openssl-team
members. Any other file, Configurations*, found in the same directory
as the Configure script, is loaded.
To add another file, use --config=FILE flags (which should probably be
an absolute path).
Written by Stefen Eissing <stefan.eissing@greenbytes.de> and Rich Salz
<rsalz@openssl.org>, contributed by Akamai Technologies.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Dr. Stephen Henson [Tue, 24 Feb 2015 13:52:21 +0000 (13:52 +0000)]
Document -no_explicit
Reviewed-by: Rich Salz <rsalz@openssl.org>
Andy Polyakov [Sun, 22 Feb 2015 16:43:11 +0000 (17:43 +0100)]
Fix crash in SPARC T4 XTS.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Andy Polyakov [Tue, 24 Feb 2015 09:07:22 +0000 (10:07 +0100)]
aes/asm/bsaes-armv7: fix kernel-side XTS and harmonize with Linux.
XTS bug spotted and fix suggested by Adrian Kotelba.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Dr. Stephen Henson [Tue, 24 Feb 2015 02:27:51 +0000 (02:27 +0000)]
Don't set no_protocol if -tls1 selected.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Andy Polyakov [Sun, 22 Feb 2015 18:23:25 +0000 (19:23 +0100)]
perlasm/x86masm.pl: make it work.
Though this doesn't mean that masm becomes supported, the script is
still provided on don't-ask-in-case-of-doubt-use-nasm basis.
See RT#3650 for background.
Reviewed-by: Matt Caswell <matt@openssl.org>
Andy Polyakov [Sun, 22 Feb 2015 18:19:26 +0000 (19:19 +0100)]
sha/asm/sha1-586.pl: fix typo.
The typo doesn't affect supported configuration, only unsupported masm.
Reviewed-by: Matt Caswell <matt@openssl.org>
Andy Polyakov [Sun, 22 Feb 2015 18:13:35 +0000 (19:13 +0100)]
evp/evp_test.c: avoid crashes when referencing uninitialized pointers.
For some reason failure surfaced on ARM platforms.
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Sun, 22 Feb 2015 13:13:12 +0000 (13:13 +0000)]
typo
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Edgar Pek [Sat, 21 Feb 2015 13:56:41 +0000 (14:56 +0100)]
Fix null-pointer dereference
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Kurt Roeckx [Sat, 21 Feb 2015 13:51:50 +0000 (14:51 +0100)]
Fix memory leak
Reviewed-by: Matt Caswell <matt@openssl.org>
Doug Hogan [Thu, 8 Jan 2015 02:21:01 +0000 (18:21 -0800)]
Avoid a double-free in an error path.
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
Richard Levitte [Sun, 22 Feb 2015 07:27:36 +0000 (08:27 +0100)]
Restore -DTERMIO/-DTERMIOS on Windows platforms.
The previous defaulting to TERMIOS took away -DTERMIOS / -DTERMIO a
bit too enthusiastically. Windows/DOSish platforms of all sorts get
identified as OPENSSL_SYS_MSDOS, and they get a different treatment
altogether UNLESS -DTERMIO or -DTERMIOS is explicitely given with the
configuration. The answer is to restore those macro definitions for
the affected configuration targets.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Richard Levitte [Thu, 12 Feb 2015 10:41:48 +0000 (11:41 +0100)]
Assume TERMIOS is default, remove TERMIO on all Linux.
The rationale for this move is that TERMIOS is default, supported by
POSIX-1.2001, and most definitely on Linux. For a few other systems,
TERMIO may still be the termnial interface of preference, so we keep
-DTERMIO on those in Configure.
crypto/ui/ui_openssl.c is simplified in this regard, and will define
TERMIOS for all systems except a select few exceptions.
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Thu, 19 Feb 2015 14:35:43 +0000 (14:35 +0000)]
Add additional EC documentation.
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Thu, 19 Feb 2015 14:32:44 +0000 (14:32 +0000)]
Use named curve parameter encoding by default.
Many applications require named curve parameter encoding instead of explicit
parameter encoding (including the TLS library in OpenSSL itself). Set this
encoding by default instead of requiring an explicit call to set it.
Add OPENSSL_EC_EXPLICT_CURVE define.
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Sat, 14 Feb 2015 18:43:21 +0000 (18:43 +0000)]
More RSA tests.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Dr. Stephen Henson [Fri, 13 Feb 2015 13:33:36 +0000 (13:33 +0000)]
remove unused method declaration
Reviewed-by: Richard Levitte <levitte@openssl.org>
Dr. Stephen Henson [Fri, 13 Feb 2015 13:02:24 +0000 (13:02 +0000)]
size_t for buffer functions.
Change BUF_MEM_grow and BUF_MEM_grow_clean to return size_t.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Dr. Stephen Henson [Thu, 12 Feb 2015 16:34:10 +0000 (16:34 +0000)]
Add leak detection, fix leaks.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Dr. Stephen Henson [Thu, 12 Feb 2015 15:30:48 +0000 (15:30 +0000)]
Add EVP_PKEY test data.
Add some EVP_PKEY test data for sign and verify tests including
failure cases.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Dr. Stephen Henson [Wed, 11 Feb 2015 17:15:51 +0000 (17:15 +0000)]
EVP_PKEY support for evp_test
Add two new keywords "PublicKey" and "PrivateKey". These will load a key
in PEM format from the lines immediately following the keyword and assign
it a name according to the value. These will be used later for public and
private key testing operations.
Add tests for Sign, Verify, VerifyRecover and Decrypt.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Dr. Stephen Henson [Tue, 10 Feb 2015 18:33:05 +0000 (18:33 +0000)]
Add CMAC test data.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Dr. Stephen Henson [Tue, 10 Feb 2015 15:53:12 +0000 (15:53 +0000)]
Add HMAC test data.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Dr. Stephen Henson [Tue, 10 Feb 2015 13:44:17 +0000 (13:44 +0000)]
MAC support for evp_test
Reviewed-by: Richard Levitte <levitte@openssl.org>
Dr. Stephen Henson [Tue, 10 Feb 2015 18:06:56 +0000 (18:06 +0000)]
New macro to set mac key.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Dr. Stephen Henson [Tue, 10 Feb 2015 15:53:56 +0000 (15:53 +0000)]
Return error code is any tests fail.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Richard Levitte [Thu, 12 Feb 2015 12:16:20 +0000 (13:16 +0100)]
Transfer a fix from 1.0.1
manually picked from
e7b85bc40200961984925604ca444517359a6067
Reviewed-by: Stephen Henson <steve@openssl.org>
Rich Salz [Thu, 12 Feb 2015 19:38:31 +0000 (14:38 -0500)]
RT937: Enable pilotAttributeType uniqueIdentifier
Reviewed-by: Richard Levitte <levitte@openssl.org>
Andy Polyakov [Thu, 12 Feb 2015 18:26:37 +0000 (19:26 +0100)]
evp/evp.h: add missing camellia-ctr declarations.
Reviewed-by: Matt Caswell <matt@openssl.org>
Graeme Perrow [Thu, 12 Feb 2015 18:00:42 +0000 (13:00 -0500)]
RT3670: Check return from BUF_MEM_grow_clean
Reviewed-by: Richard Levitte <levitte@openssl.org>
Clang via Jeffrey Walton [Thu, 12 Feb 2015 16:20:48 +0000 (11:20 -0500)]
RT3684: rand_egd needs stddef.h
And remove backup definition of offsetof.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Eric Dequin [Thu, 12 Feb 2015 15:44:30 +0000 (10:44 -0500)]
Missing OPENSSL_free on error path.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Andy Polyakov [Fri, 23 Jan 2015 22:02:27 +0000 (23:02 +0100)]
Engage ecp_nistz256-armv4 module.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Andy Polyakov [Wed, 11 Feb 2015 19:34:18 +0000 (20:34 +0100)]
Add ec/asm/ecp_nistz256-armv4.pl module.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Andy Polyakov [Wed, 11 Feb 2015 19:30:13 +0000 (20:30 +0100)]
Add Camellia CTR mode.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Andy Polyakov [Wed, 11 Feb 2015 19:28:47 +0000 (20:28 +0100)]
Add more Camellia OIDs.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Matt Caswell [Sun, 8 Feb 2015 23:37:54 +0000 (23:37 +0000)]
Add SSL_SESSION_get0_ticket API function.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Matt Caswell [Sun, 8 Feb 2015 22:41:10 +0000 (22:41 +0000)]
Correct reading back of tlsext_tick_lifetime_hint from ASN1.
When writing out the hint, if the hint > 0, then we write it out otherwise
we skip it.
Previously when reading the hint back in, if were expecting to see one
(because the ticket length > 0), but it wasn't present then we set the hint
to -1, otherwise we set it to 0. This fails to set the hint to the same as
when it was written out.
The hint should never be negative because the RFC states the hint is
unsigned. It is valid for a server to set the hint to 0 (this means the
lifetime is unspecified according to the RFC). If the server set it to 0, it
should still be 0 when we read it back in.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Matt Caswell [Sun, 8 Feb 2015 15:43:16 +0000 (15:43 +0000)]
Provide the API functions SSL_SESSION_has_ticket and
SSL_SESSION_get_ticket_lifetime_hint. The latter has been reported as
required to fix Qt for OpenSSL 1.1.0. I have also added the former in order
to determine whether a ticket is present or not - otherwise it is difficult
to know whether a zero lifetime hint is because the server set it to 0, or
because there is no ticket.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Matt Caswell [Sun, 8 Feb 2015 15:42:46 +0000 (15:42 +0000)]
Make tlsext_tick_lifetime_hint an unsigned long (from signed long).
From RFC4507:
"The ticket_lifetime_hint field contains a hint from the server about how
long the ticket should be stored. The value indicates the lifetime in
seconds as a 32-bit unsigned integer in network byte order."
Reviewed-by: Tim Hudson <tjh@openssl.org>
Andy Polyakov [Tue, 10 Feb 2015 21:04:28 +0000 (22:04 +0100)]
ec/ecp_nistz256.c: fix compiler warnings.
Reviewed-by: Matt Caswell <matt@openssl.org>
Andy Polyakov [Tue, 10 Feb 2015 21:02:54 +0000 (22:02 +0100)]
Configure: disable warning C4090 in Windows builds.
Reviewed-by: Matt Caswell <matt@openssl.org>
Andy Polyakov [Tue, 10 Feb 2015 20:52:25 +0000 (21:52 +0100)]
ec/asm/ecp_nistz256-x86.pl: fix typos (error shows in Windows build).
Reviewed-by: Matt Caswell <matt@openssl.org>
Dr. Stephen Henson [Mon, 9 Feb 2015 23:24:10 +0000 (23:24 +0000)]
New evp_test updates.
Print usage message.
Print expected and got values if mismatch.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Dr. Stephen Henson [Mon, 9 Feb 2015 17:33:02 +0000 (17:33 +0000)]
Add new test file.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Dr. Stephen Henson [Mon, 9 Feb 2015 17:29:47 +0000 (17:29 +0000)]
Initial version of new evp_test program.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Emilia Kasper [Thu, 5 Feb 2015 15:38:54 +0000 (16:38 +0100)]
Fix hostname validation in the command-line tool to honour negative return values.
Specifically, an ASN.1 NumericString in the certificate CN will fail UTF-8 conversion
and result in a negative return value, which the "x509 -checkhost" command-line option
incorrectly interpreted as success.
Also update X509_check_host docs to reflect reality.
Thanks to Sean Burford (Google) for reporting this issue.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Matt Caswell [Tue, 10 Feb 2015 10:12:19 +0000 (10:12 +0000)]
Remove some functions that are no longer used and break the build with:
./config --strict-warnings enable-deprecated
Reviewed-by: Tim Hudson <tjh@openssl.org>
Matt Caswell [Tue, 10 Feb 2015 09:45:18 +0000 (09:45 +0000)]
HMAC_cleanup, and HMAC_Init are stated as deprecated in the docs and source.
Mark them as such with OPENSSL_USE_DEPRECATED
Reviewed-by: Tim Hudson <tjh@openssl.org>
projects / openssl.git / log