openssl.git
7 years agoecdsa.pod: typo.
Andy Polyakov [Wed, 11 Jan 2012 21:41:32 +0000 (21:41 +0000)]
ecdsa.pod: typo.
PR: 2678
Submitted by: Annie Yousar

7 years agoasn1/t_x509.c: fix serial number print, harmonize with a_int.c.
Andy Polyakov [Wed, 11 Jan 2012 21:12:22 +0000 (21:12 +0000)]
asn1/t_x509.c: fix serial number print, harmonize with a_int.c.
PR: 2675
Submitted by: Annie Yousar

7 years agoaes-sparcv9.pl: clean up regexp
Andy Polyakov [Wed, 11 Jan 2012 15:30:53 +0000 (15:30 +0000)]
aes-sparcv9.pl: clean up regexp
PR: 2685

7 years agofix warning (revert original patch)
Dr. Stephen Henson [Tue, 10 Jan 2012 14:36:41 +0000 (14:36 +0000)]
fix warning (revert original patch)

7 years agocmac.c: optimize make_kn and move zero_iv to const segment.
Andy Polyakov [Fri, 6 Jan 2012 13:19:16 +0000 (13:19 +0000)]
cmac.c: optimize make_kn and move zero_iv to const segment.

7 years agobn_nist.c: harmonize buf in BN_nist_mod_256 with other mod functions.
Andy Polyakov [Fri, 6 Jan 2012 13:17:47 +0000 (13:17 +0000)]
bn_nist.c: harmonize buf in BN_nist_mod_256 with other mod functions.

7 years agoUpdate for 0.9.8s and 1.0.0f, and for 1.0.1 branch.
Bodo Möller [Thu, 5 Jan 2012 13:48:55 +0000 (13:48 +0000)]
Update for 0.9.8s and 1.0.0f, and for 1.0.1 branch.

(While the 1.0.0f CHANGES entry on VOS PRNG seeding was missing
in HEAD, the actual code is here already.)

7 years agoFix usage indentation
Bodo Möller [Thu, 5 Jan 2012 13:16:30 +0000 (13:16 +0000)]
Fix usage indentation

7 years agoFix for builds without DTLS support.
Bodo Möller [Thu, 5 Jan 2012 10:22:41 +0000 (10:22 +0000)]
Fix for builds without DTLS support.

Submitted by: Brian Carlstrom

7 years agoPR: 2671
Dr. Stephen Henson [Thu, 5 Jan 2012 00:28:43 +0000 (00:28 +0000)]
PR: 2671
Submitted by: steve

Update maximum message size for certifiate verify messages to support
4096 bit RSA keys again as TLS v1.2 messages is two bytes longer.

7 years agoSubmitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Dr. Stephen Henson [Thu, 5 Jan 2012 00:23:17 +0000 (00:23 +0000)]
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Send fatal alert if heartbeat extension has an illegal value.

7 years agodisable heartbeats if tlsext disabled
Dr. Stephen Henson [Thu, 5 Jan 2012 00:07:46 +0000 (00:07 +0000)]
disable heartbeats if tlsext disabled

7 years agoupdate CHANGES
Dr. Stephen Henson [Wed, 4 Jan 2012 23:54:17 +0000 (23:54 +0000)]
update CHANGES

7 years agoSubmitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen <tuexen...
Dr. Stephen Henson [Wed, 4 Jan 2012 23:52:26 +0000 (23:52 +0000)]
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>, Michael Tuexen <tuexen@fh-muenster.de>
Reviewed by: steve

Fix for DTLS plaintext recovery attack discovered by Nadhem Alfardan and
Kenny Paterson.

7 years agoClear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576)
Dr. Stephen Henson [Wed, 4 Jan 2012 23:16:15 +0000 (23:16 +0000)]
Clear bytes used for block padding of SSL 3.0 records. (CVE-2011-4576)

7 years agoOnly allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)
Dr. Stephen Henson [Wed, 4 Jan 2012 23:15:51 +0000 (23:15 +0000)]
Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)

7 years agofix CHANGES
Dr. Stephen Henson [Wed, 4 Jan 2012 23:10:44 +0000 (23:10 +0000)]
fix CHANGES

7 years agoCheck GOST parameters are not NULL (CVE-2012-0027)
Dr. Stephen Henson [Wed, 4 Jan 2012 23:03:40 +0000 (23:03 +0000)]
Check GOST parameters are not NULL (CVE-2012-0027)

7 years agoPrevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577)
Dr. Stephen Henson [Wed, 4 Jan 2012 23:01:54 +0000 (23:01 +0000)]
Prevent malformed RFC3779 data triggering an assertion failure (CVE-2011-4577)

7 years agoupdate FAQ
Dr. Stephen Henson [Wed, 4 Jan 2012 20:05:58 +0000 (20:05 +0000)]
update FAQ

7 years agofix warnings
Dr. Stephen Henson [Wed, 4 Jan 2012 14:45:47 +0000 (14:45 +0000)]
fix warnings

7 years agoSubmitted by: Adam Langley <agl@chromium.org>
Dr. Stephen Henson [Wed, 4 Jan 2012 14:25:42 +0000 (14:25 +0000)]
Submitted by: Adam Langley <agl@chromium.org>
Reviewed by: steve

Fix memory leaks.

7 years agooops, revert wrong patch
Dr. Stephen Henson [Tue, 3 Jan 2012 22:06:21 +0000 (22:06 +0000)]
oops, revert wrong patch

7 years agoonly send heartbeat extension from server if client sent one
Dr. Stephen Henson [Tue, 3 Jan 2012 22:03:20 +0000 (22:03 +0000)]
only send heartbeat extension from server if client sent one

7 years agoincomplete provisional OAEP CMS decrypt support
Dr. Stephen Henson [Mon, 2 Jan 2012 18:25:37 +0000 (18:25 +0000)]
incomplete provisional OAEP CMS decrypt support

7 years agorecognise HEARTBEATS in mkdef.pl script
Dr. Stephen Henson [Sat, 31 Dec 2011 23:50:01 +0000 (23:50 +0000)]
recognise HEARTBEATS in mkdef.pl script

7 years agoupdate CHANGES
Dr. Stephen Henson [Sat, 31 Dec 2011 23:08:15 +0000 (23:08 +0000)]
update CHANGES

7 years agoPR: 2658
Dr. Stephen Henson [Sat, 31 Dec 2011 22:59:57 +0000 (22:59 +0000)]
PR: 2658
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Support for TLS/DTLS heartbeats.

7 years agomake update
Dr. Stephen Henson [Tue, 27 Dec 2011 14:46:03 +0000 (14:46 +0000)]
make update

7 years agoupdate default depflags
Dr. Stephen Henson [Tue, 27 Dec 2011 14:45:32 +0000 (14:45 +0000)]
update default depflags

7 years agofix error code
Dr. Stephen Henson [Tue, 27 Dec 2011 14:40:21 +0000 (14:40 +0000)]
fix error code

7 years agofix deprecated statement
Dr. Stephen Henson [Tue, 27 Dec 2011 14:39:13 +0000 (14:39 +0000)]
fix deprecated statement

7 years agoPR: 1794
Dr. Stephen Henson [Tue, 27 Dec 2011 14:21:45 +0000 (14:21 +0000)]
PR: 1794
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

- remove some unncessary SSL_err and permit
an srp user callback to allow a worker to obtain
a user verifier.

- cleanup and comments in s_server and demonstration
for asynchronous srp user lookup

7 years agoPR: 2326
Dr. Stephen Henson [Mon, 26 Dec 2011 19:37:58 +0000 (19:37 +0000)]
PR: 2326
Submitted by: Tianjie Mao <tjmao@tjmao.net>
Reviewed by: steve

Fix incorrect comma expressions and goto f_err as alert has been set.

7 years agorecognise no-sctp
Dr. Stephen Henson [Sun, 25 Dec 2011 14:59:52 +0000 (14:59 +0000)]
recognise no-sctp

7 years agorecognise SCTP in mkdef.pl script
Dr. Stephen Henson [Sun, 25 Dec 2011 14:46:15 +0000 (14:46 +0000)]
recognise SCTP in mkdef.pl script

7 years agoPR: 2535
Dr. Stephen Henson [Sun, 25 Dec 2011 14:45:15 +0000 (14:45 +0000)]
PR: 2535
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Add SCTP support for DTLS (RFC 6083).

7 years agotypo
Dr. Stephen Henson [Fri, 23 Dec 2011 15:03:03 +0000 (15:03 +0000)]
typo

7 years agorecognise DECLARE_PEM_write_const, update ordinals
Dr. Stephen Henson [Fri, 23 Dec 2011 14:58:30 +0000 (14:58 +0000)]
recognise DECLARE_PEM_write_const, update ordinals

7 years agodelete unimplemented function from header file, update ordinals
Dr. Stephen Henson [Fri, 23 Dec 2011 14:09:30 +0000 (14:09 +0000)]
delete unimplemented function from header file, update ordinals

7 years agosync and update ordinals
Dr. Stephen Henson [Thu, 22 Dec 2011 16:11:47 +0000 (16:11 +0000)]
sync and update ordinals

7 years agoremove prototype for deleted SRP function
Dr. Stephen Henson [Thu, 22 Dec 2011 16:05:02 +0000 (16:05 +0000)]
remove prototype for deleted SRP function

7 years agoNew ctrl values to clear or retrieve extra chain certs from an SSL_CTX.
Dr. Stephen Henson [Thu, 22 Dec 2011 15:14:32 +0000 (15:14 +0000)]
New ctrl values to clear or retrieve extra chain certs from an SSL_CTX.
New function to retrieve compression method from SSL_SESSION structure.

Delete SSL_SESSION_get_id_len and SSL_SESSION_get0_id functions
as they duplicate functionality of SSL_SESSION_get_id. Note: these functions
have never appeared in any release version of OpenSSL.

7 years agoPR: 2563
Dr. Stephen Henson [Mon, 19 Dec 2011 17:01:37 +0000 (17:01 +0000)]
PR: 2563
Submitted by: Paul Green <Paul.Green@stratus.com>
Reviewed by: steve

Improved PRNG seeding for VOS.

7 years agoupdate CHANGES.
Andy Polyakov [Mon, 19 Dec 2011 14:48:49 +0000 (14:48 +0000)]
update CHANGES.

7 years agoupdate CHANGES
Dr. Stephen Henson [Mon, 19 Dec 2011 14:41:03 +0000 (14:41 +0000)]
update CHANGES

7 years agoapps/speed.c: fix typo in last commit.
Andy Polyakov [Mon, 19 Dec 2011 14:33:09 +0000 (14:33 +0000)]
apps/speed.c: fix typo in last commit.

7 years agoapps/speed.c: Cygwin alarm() fails sometimes.
Andy Polyakov [Thu, 15 Dec 2011 22:30:03 +0000 (22:30 +0000)]
apps/speed.c: Cygwin alarm() fails sometimes.
PR: 2655

7 years agovpaes-x86.pl: revert previous commit and solve the problem through x86masm.pl.
Andy Polyakov [Thu, 15 Dec 2011 22:20:05 +0000 (22:20 +0000)]
vpaes-x86.pl: revert previous commit and solve the problem through x86masm.pl.
PR: 2657

7 years agoPR: 1794
Dr. Stephen Henson [Wed, 14 Dec 2011 22:17:06 +0000 (22:17 +0000)]
PR: 1794
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

Remove unnecessary code for srp and to add some comments to
s_client.

- the callback to provide a user during client connect is
no longer necessary since rfc 5054 a connection attempt
with an srp cipher and no user is terminated when the
cipher is acceptable

- comments to indicate in s_client the (non-)usefulness of
th primalaty tests for non known group parameters.

7 years agoAdd private keys and generation scripts for test certificates in apps
Dr. Stephen Henson [Wed, 14 Dec 2011 22:14:47 +0000 (22:14 +0000)]
Add private keys and generation scripts for test certificates in apps
directory.

7 years agovpaes-x86.pl: portability fix.
Andy Polyakov [Wed, 14 Dec 2011 21:29:32 +0000 (21:29 +0000)]
vpaes-x86.pl: portability fix.
PR: 2657

7 years agoRemove redundant TLS exporter.
Ben Laurie [Tue, 13 Dec 2011 15:57:39 +0000 (15:57 +0000)]
Remove redundant TLS exporter.

7 years agoPadlock engine doesn't build (the asm parts are not built for some reason),
Ben Laurie [Tue, 13 Dec 2011 15:56:40 +0000 (15:56 +0000)]
Padlock engine doesn't build (the asm parts are not built for some reason),
so remove for now.

7 years agoFix warning.
Ben Laurie [Tue, 13 Dec 2011 15:55:35 +0000 (15:55 +0000)]
Fix warning.

7 years agoBack out redundant verification time change.
Ben Laurie [Tue, 13 Dec 2011 15:00:43 +0000 (15:00 +0000)]
Back out redundant verification time change.

7 years agoMake it possible to set a time for verification.
Ben Laurie [Tue, 13 Dec 2011 14:38:12 +0000 (14:38 +0000)]
Make it possible to set a time for verification.

7 years agomodexp512-x86_64.pl: Solaris protability fix.
Andy Polyakov [Mon, 12 Dec 2011 15:10:14 +0000 (15:10 +0000)]
modexp512-x86_64.pl: Solaris protability fix.

PR: 2656

7 years agodetect and use older PKITS data
Dr. Stephen Henson [Sun, 11 Dec 2011 16:39:25 +0000 (16:39 +0000)]
detect and use older PKITS data

7 years agoUpdates from fips2 branch: close streams in test utilities, use cofactor ECDH
Dr. Stephen Henson [Sat, 10 Dec 2011 13:38:34 +0000 (13:38 +0000)]
Updates from fips2 branch: close streams in test utilities, use cofactor ECDH
add new key and signature generation tests to fips_test_suite.

7 years agoadd cofactor ECDH support from fips branch
Dr. Stephen Henson [Sat, 10 Dec 2011 13:35:11 +0000 (13:35 +0000)]
add cofactor ECDH support from fips branch

7 years agouse different names for asm temp files to avoid problems on some platforms
Dr. Stephen Henson [Sat, 10 Dec 2011 13:29:38 +0000 (13:29 +0000)]
use different names for asm temp files to avoid problems on some platforms

7 years agoadd commented out option to allow use of older PKITS data
Dr. Stephen Henson [Sat, 10 Dec 2011 00:49:55 +0000 (00:49 +0000)]
add commented out option to allow use of older PKITS data

7 years agoupdate CHANGES
Dr. Stephen Henson [Sat, 10 Dec 2011 00:49:05 +0000 (00:49 +0000)]
update CHANGES

7 years agoimplement -attime option as a verify parameter then it works with all relevant applic...
Dr. Stephen Henson [Sat, 10 Dec 2011 00:37:22 +0000 (00:37 +0000)]
implement -attime option as a verify parameter then it works with all relevant applications

7 years agoperlasm/x86gas.pl: give a hand old assemblers assembling loop instruction.
Andy Polyakov [Fri, 9 Dec 2011 19:16:20 +0000 (19:16 +0000)]
perlasm/x86gas.pl: give a hand old assemblers assembling loop instruction.

7 years agox86-mont.pl: fix bug in integer-only squaring path.
Andy Polyakov [Fri, 9 Dec 2011 14:21:25 +0000 (14:21 +0000)]
x86-mont.pl: fix bug in integer-only squaring path.
PR: 2648

7 years agoReplace expired test server and client certificates with new ones.
Dr. Stephen Henson [Thu, 8 Dec 2011 14:44:05 +0000 (14:44 +0000)]
Replace expired test server and client certificates with new ones.

7 years agotransparently handle X9.42 DH parameters
Dr. Stephen Henson [Wed, 7 Dec 2011 12:44:03 +0000 (12:44 +0000)]
transparently handle X9.42 DH parameters

7 years agofix error discrepancy
Dr. Stephen Henson [Wed, 7 Dec 2011 12:28:40 +0000 (12:28 +0000)]
fix error discrepancy

7 years agoDocument RFC5114 "generation" options.
Dr. Stephen Henson [Wed, 7 Dec 2011 00:42:22 +0000 (00:42 +0000)]
Document RFC5114 "generation" options.

7 years agoInitial experimental support for X9.42 DH parameter format to handle
Dr. Stephen Henson [Wed, 7 Dec 2011 00:32:34 +0000 (00:32 +0000)]
Initial experimental support for X9.42 DH parameter format to handle
RFC5114 parameters and X9.42 DH public and private keys.

7 years agoThe default CN prompt message can be confusing when often the CN needs to
Dr. Stephen Henson [Tue, 6 Dec 2011 00:00:30 +0000 (00:00 +0000)]
The default CN prompt message can be confusing when often the CN needs to
 be the server FQDN: change it.
[Reported by PSW Group]

7 years agoResolve a stack set-up race condition (if the list of compression
Bodo Möller [Fri, 2 Dec 2011 12:52:00 +0000 (12:52 +0000)]
Resolve a stack set-up race condition (if the list of compression
methods isn't presorted, it will be sorted on first read).

Submitted by: Adam Langley

7 years agoFix ecdsatest.c.
Bodo Möller [Fri, 2 Dec 2011 12:41:17 +0000 (12:41 +0000)]
Fix ecdsatest.c.

Submitted by: Emilia Kasper

7 years agoUpdate HEAD CHANGES file.
Bodo Möller [Fri, 2 Dec 2011 12:28:20 +0000 (12:28 +0000)]
Update HEAD CHANGES file.

7 years agoFix BIO_f_buffer().
Bodo Möller [Fri, 2 Dec 2011 12:25:03 +0000 (12:25 +0000)]
Fix BIO_f_buffer().

Submitted by: Adam Langley
Reviewed by: Bodo Moeller

7 years agoUpdate DH_check() to peform sensible checks when q parameter is present.
Dr. Stephen Henson [Thu, 1 Dec 2011 17:27:36 +0000 (17:27 +0000)]
Update DH_check() to peform sensible checks when q parameter is present.

7 years agoCorrect some parameter values.
Dr. Stephen Henson [Thu, 1 Dec 2011 17:26:58 +0000 (17:26 +0000)]
Correct some parameter values.

7 years agobn/asm/mips.pl: fix typos.
Andy Polyakov [Thu, 1 Dec 2011 12:16:09 +0000 (12:16 +0000)]
bn/asm/mips.pl: fix typos.

7 years agoreturn error if counter exceeds limit and seed value supplied
Dr. Stephen Henson [Fri, 25 Nov 2011 16:03:42 +0000 (16:03 +0000)]
return error if counter exceeds limit and seed value supplied

7 years agocheck counter value against 4 * L, not 4096
Dr. Stephen Henson [Fri, 25 Nov 2011 15:01:23 +0000 (15:01 +0000)]
check counter value against 4 * L, not 4096

7 years agoPR: 1794
Dr. Stephen Henson [Fri, 25 Nov 2011 00:17:44 +0000 (00:17 +0000)]
PR: 1794
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr>
Reviewed by: steve

Make SRP conformant to rfc 5054.

Changes are:

- removal of the addition state after client hello
- removal of all pre-rfc srp alert ids
- sending a fatal alert when there is no srp extension but when the
server wants SRP
- removal of unnecessary code in the client.

7 years agoFix NPN implementation for renegotiation.
Bodo Möller [Thu, 24 Nov 2011 21:07:01 +0000 (21:07 +0000)]
Fix NPN implementation for renegotiation.
(Problem pointed out by Ben Murphy.)

Submitted by: Adam Langley

7 years agosync and update ordinals
Dr. Stephen Henson [Tue, 22 Nov 2011 14:46:09 +0000 (14:46 +0000)]
sync and update ordinals

7 years agoadd cryptlib.h to mkdef.pl
Dr. Stephen Henson [Tue, 22 Nov 2011 14:44:58 +0000 (14:44 +0000)]
add cryptlib.h to mkdef.pl

7 years agosync and update ordinals
Dr. Stephen Henson [Mon, 21 Nov 2011 22:57:41 +0000 (22:57 +0000)]
sync and update ordinals

7 years agoadd strp.h to mkdef.pl headers
Dr. Stephen Henson [Mon, 21 Nov 2011 22:55:23 +0000 (22:55 +0000)]
add strp.h to mkdef.pl headers

7 years agomove internal functions to ssl_locl.h
Dr. Stephen Henson [Mon, 21 Nov 2011 22:52:13 +0000 (22:52 +0000)]
move internal functions to ssl_locl.h

7 years agobcmp doesn't exist on all platforms, replace with memcmp
Dr. Stephen Henson [Mon, 21 Nov 2011 22:28:29 +0000 (22:28 +0000)]
bcmp doesn't exist on all platforms, replace with memcmp

7 years agobsaes-x86_64.pl: fix buffer overrun in tail processing.
Andy Polyakov [Wed, 16 Nov 2011 23:34:01 +0000 (23:34 +0000)]
bsaes-x86_64.pl: fix buffer overrun in tail processing.

7 years agoIn EC_KEY_set_public_key_affine_coordinates include explicit check to see passed...
Dr. Stephen Henson [Wed, 16 Nov 2011 13:28:35 +0000 (13:28 +0000)]
In EC_KEY_set_public_key_affine_coordinates include explicit check to see passed components do not exceed field order

7 years agoAdd TLS exporter.
Ben Laurie [Tue, 15 Nov 2011 23:50:52 +0000 (23:50 +0000)]
Add TLS exporter.

7 years agoAdd DTLS-SRTP.
Ben Laurie [Tue, 15 Nov 2011 22:59:20 +0000 (22:59 +0000)]
Add DTLS-SRTP.

7 years agoConfigure: reimplement commit#21695.
Andy Polyakov [Tue, 15 Nov 2011 12:32:18 +0000 (12:32 +0000)]
Configure: reimplement commit#21695.

7 years agoConfigure, e_aes.c: allow for XTS assembler implementation.
Andy Polyakov [Tue, 15 Nov 2011 12:18:40 +0000 (12:18 +0000)]
Configure, e_aes.c: allow for XTS assembler implementation.

7 years agoFix some warnings caused by __owur. Temporarily (I hope) remove the more
Ben Laurie [Mon, 14 Nov 2011 00:36:10 +0000 (00:36 +0000)]
Fix some warnings caused by __owur. Temporarily (I hope) remove the more
aspirational __owur annotations.

7 years agobsaes-x86_64.pl: add Win64 SEH and "hadrware" calls to aes-x86_64.pl.
Andy Polyakov [Sun, 13 Nov 2011 20:33:41 +0000 (20:33 +0000)]
bsaes-x86_64.pl: add Win64 SEH and "hadrware" calls to aes-x86_64.pl.

7 years agobn_nist.c: fix strict-aliasing compiler warning.
Andy Polyakov [Sun, 13 Nov 2011 17:31:03 +0000 (17:31 +0000)]
bn_nist.c: fix strict-aliasing compiler warning.

7 years agoAdd RFC5114 DH parameters to OpenSSL. Add test data to dhtest.
Dr. Stephen Henson [Sun, 13 Nov 2011 14:07:36 +0000 (14:07 +0000)]
Add RFC5114 DH parameters to OpenSSL. Add test data to dhtest.