Skip to main content
swh:1:snp:dc2a5002442a00b1c0eda7c65d04ea7455e166cd
sort by:
RevisionAuthorDateMessageCommit Date
ce052c8 Matt Caswell03 December 2015, 14:56:22 UTCPrepare for 1.0.0t release Reviewed-by: Richard Levitte <levitte@openssl.org>03 December 2015, 14:56:22 UTC
a402b2b Matt Caswell01 December 2015, 14:39:47 UTCUpdate CHANGES and NEWS Update the CHANGES and NEWS files for the new release. Reviewed-by: Rich Salz <rsalz@openssl.org>02 December 2015, 23:36:05 UTC
d275dbe Dr. Stephen Henson23 February 2015, 12:57:50 UTCFree up passed ASN.1 structure if reused. Change the "reuse" behaviour in ASN1_item_d2i: if successful the old structure is freed and a pointer to the new one used. If it is not successful then the passed structure is untouched. Exception made for primitive types so ssl_asn1.c still works. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org> Conflicts: doc/crypto/d2i_X509.pod02 December 2015, 20:40:11 UTC
cf432b3 Dr. Stephen Henson10 November 2015, 19:03:07 UTCFix leak with ASN.1 combine. When parsing a combined structure pass a flag to the decode routine so on error a pointer to the parent structure is not zeroed as this will leak any additional components in the parent. This can leak memory in any application parsing PKCS#7 or CMS structures. CVE-2015-3195. Thanks to Adam Langley (Google/BoringSSL) for discovering this bug using libFuzzer. PR#4131 Reviewed-by: Richard Levitte <levitte@openssl.org>02 December 2015, 20:40:11 UTC
015b172 Richard Levitte02 December 2015, 17:18:03 UTC_BSD_SOURCE is deprecated, use _DEFAULT_SOURCE instead The feature_test_macros(7) manual tells us that _BSD_SOURCE is deprecated since glibc 2.20 and that the compiler will warn about it being used, unless _DEFAULT_SOURCE is defined as well. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit f9fd35248c9a3b1125d9ab82ffb19d62e86533ac)02 December 2015, 17:50:00 UTC
295b9e8 Dr. Stephen Henson24 November 2015, 16:37:52 UTCFix uninitialised p error. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 63eb10a07ee29a312e50a227f5b3a290b1ad22b4)24 November 2015, 16:55:54 UTC
275502e Dr. Stephen Henson03 September 2015, 13:27:19 UTCLimit depth of ASN1 parse printing. Thanks to Guido Vranken <guidovranken@gmail.com> for reporting this issue. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 158e5207a794603f5d64ffa95e0247c7808ab445) Conflicts: crypto/asn1/asn1_par.c24 November 2015, 15:30:40 UTC
d7ebdc2 Dr. Stephen Henson10 October 2015, 23:06:56 UTCTypo. PR#4079 Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit c69ce9351336f5b4a8b33890756b3fd185528210) Conflicts: crypto/evp/e_des3.c10 October 2015, 23:38:04 UTC
54edf96 Dr. Stephen Henson06 October 2015, 13:15:14 UTCDon't try and parse boolean type. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit e58c4d3cdde7a0a01df2884bfeec31a2b07be22d)06 October 2015, 14:17:28 UTC
63bd505 Ismo Puustinen18 September 2015, 20:07:23 UTCGH367: use random data if seed too short. Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org> (cherry picked from commit 6f997dc36504d67d1339ceb6bce4ecba673d8568)29 September 2015, 16:50:14 UTC
5872c51 Rich Salz25 September 2015, 15:41:37 UTCChange --debug to -d for compat with old releases. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 1d4ddb4e1a088f1333c4bb155c52c7f94e572bca)25 September 2015, 15:41:37 UTC
640bc79 Rich Salz22 September 2015, 21:21:49 UTCRemove stricts-warnings on 1.0.0 travis. Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit 68d53e4f303c0b4926ad109e75ff728db229f497)22 September 2015, 21:22:20 UTC
ac8cd2c Rich Salz21 September 2015, 23:54:36 UTCGH398: Add mingw cross-compile, etc. For all release branches. It adds travis build support. If you don't have a config file it uses the default (because we enabled travis for the project), which uses ruby/rake/rakefiles, and you get confusing "build still failing" messages. Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit db9defdfe306e1adf0af7188b187d535eb0268da)22 September 2015, 17:47:24 UTC
9203e92 Matt Caswell16 September 2015, 09:47:15 UTCMake sure OPENSSL_cleanse checks for NULL In master we have the function OPENSSL_clear_free(x,y), which immediately returns if x == NULL. In <=1.0.2 this function does not exist so we have to do: OPENSSL_cleanse(x, y); OPENSSL_free(x); However, previously, OPENSSL_cleanse did not check that if x == NULL, so the real equivalent check would have to be: if (x != NULL) OPENSSL_cleanse(x, y); OPENSSL_free(x); It would be easy to get this wrong during cherry-picking to other branches and therefore, for safety, it is best to just ensure OPENSSL_cleanse also checks for NULL. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 020d8fc83fe1a94232db1ee1166309e2458a8a18)17 September 2015, 21:35:47 UTC
df32994 Ivo Raisr11 September 2015, 16:24:33 UTCMake no-psk compile without warnings. PR#4035 Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org> (cherry picked from commit 929f6d6f55275b17cfdd5c405ef403bce87c9aef)16 September 2015, 17:12:31 UTC
01d8ae6 Dr. Stephen Henson11 September 2015, 15:13:52 UTCUse default field separator. If the field separator isn't specified through -nameopt then use XN_FLAG_SEP_CPLUS_SPC instead of printing nothing and returing an error. PR#2397 Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 03706afa30aeb4407287171a9d6f9a765395d0a2)11 September 2015, 19:54:00 UTC
6ee4fc4 Matt Caswell16 June 2015, 18:17:24 UTCFix building with OPENSSL_NO_TLSEXT. Builds using no-tlsext in 1.0.0 and 0.9.8 are broken. This commit fixes the issue. The same commit is applied to 1.0.1 and 1.0.2 branches for code consistency. However this commit will not fix no-tlsext in those branches which have always been broken for other reasons. The commit is not applied to master at all, because no-tlsext has been completely removed from that branch. Based on a patch by Marc Branchaud <marcnarc@xiplink.com> Reviewed-by: Emilia Käsper <emilia@openssl.org> (cherry picked from commit 9a931208d7fc8a3596dda005cdbd6439938f01b0) Conflicts: ssl/ssl_sess.c01 September 2015, 23:12:26 UTC
b4a99d8 Richard Levitte31 August 2015, 19:45:56 UTCIgnore .dir-locals.el Because we recently encourage people to have a .dir-locals.el, it's a good idea to ignore it on a git level. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit d7c02691a5e6f2716759eacb6f48c39f15ee57c8)31 August 2015, 23:19:54 UTC
c223cc0 Richard Levitte31 August 2015, 15:58:53 UTCRemove auto-fill-mode Apparently, emacs sees changes to auto-fill-mode as insecure Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 6dc08048d93ff35de882878f190ae49aa698b5d2)31 August 2015, 16:21:05 UTC
82f42f5 Richard Levitte31 August 2015, 15:25:17 UTCAdd an example .dir-locals.el This file, when copied to .dir-locals.el in the OpenSSL source top, will make sure that the CC mode style "OpenSSL-II" will be used for all C files. Additionally, I makes sure that tabs are never used as indentation character, regardless of the emacs mode, and that the fill column is 78. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 0927f0d822b1e0f55cb7d8bacf9004ad3495514b)31 August 2015, 16:21:04 UTC
ab3f51f Richard Levitte31 August 2015, 15:12:37 UTCAdd emacs CC mode style for OpenSSL This hopefully conforms closely enough to the current code style. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit d9b3554b2d9724bc2d1621a026ddaf0223e2d191)31 August 2015, 16:21:04 UTC
9604f87 Rich Salz16 August 2015, 22:38:24 UTCMove FAQ to the web. Best hope of keeping current. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 4f46473a86c9e3741203b22d4d401a3763583494)16 August 2015, 23:04:34 UTC
519bd50 Dirk Wetter31 July 2015, 17:02:51 UTCGH336: Return an exit code if report fails Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit e36ce2d986a5edbd33d6d176fb95c8046fae9725)01 August 2015, 18:33:33 UTC
895c1b7 Loganaden Velvindron31 July 2015, 17:20:16 UTCClear BN-mont values when free'ing it. From a CloudFlare patch. Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 1a586b3942de1c0bd64203d09385d5e74f499d8d)31 July 2015, 17:38:57 UTC
86fecb2 Martin Vejnar29 July 2015, 21:28:19 UTCRT3774: double-free in DSA Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit fa4629b6a2518d202fd051f228c3d8770682b3be)30 July 2015, 01:21:58 UTC
9e2b04b Rich Salz28 July 2015, 16:41:36 UTCTweak README about rt and bug reporting. Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 932af1617e277904bcca6e47729a420bba39785b)29 July 2015, 14:40:17 UTC
1fb21ac Richard Levitte13 July 2015, 13:48:57 UTCRemove extra '; \' in apps/Makefile Fixes GH#330 Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit eeb97bce751296b2e04a92d00c0d0a792ba61834) Conflicts: apps/Makefile13 July 2015, 15:16:05 UTC
916aaef Richard Levitte10 July 2015, 16:29:17 UTCSet numeric IDs for tar as well Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit da24e6f8a05ea657684094e04c1a54efa04c2962)10 July 2015, 18:31:59 UTC
00e651b Richard Levitte10 July 2015, 13:40:53 UTCStop using tardy Instead of piping through tardy, and possibly suffering from bugs in certain versions, use --transform, --owner and --group directly with GNU tar (we already expect that tar variant). Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 27f98436b9a84b94fbdd8e32960504634ae44cc0) Conflicts: Makefile.org10 July 2015, 15:32:25 UTC
14cf669 Dr. Stephen Henson09 July 2015, 15:56:45 UTCSort @sstacklst correctly. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 2a7059c56f885a3fa0842e886f5178def8e5481d)09 July 2015, 15:59:33 UTC
18c5ead Dr. Stephen Henson06 July 2015, 13:17:49 UTCdocument -2 return value Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 5727582cf51e98e5e0faa435e7da2c8929533c0d) Conflicts: doc/crypto/X509_NAME_get_index_by_NID.pod06 July 2015, 17:41:50 UTC
1392c23 Dr. Stephen Henson01 July 2015, 22:40:03 UTCFix PSK handling. The PSK identity hint should be stored in the SSL_SESSION structure and not in the parent context (which will overwrite values used by other SSL structures with the same SSL_CTX). Use BUF_strndup when copying identity as it may not be null terminated. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 3c66a669dfc7b3792f7af0758ea26fe8502ce70c)02 July 2015, 12:04:42 UTC
989ba38 Dr. Stephen Henson24 June 2015, 11:28:50 UTCDon't output bogus errors in PKCS12_parse PR#3923 Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit ffbf304d4832bd51bb0618f8ca5b7c26647ee664)25 June 2015, 03:56:20 UTC
c040acd Richard Levitte15 June 2015, 07:59:25 UTCMake preprocessor error into real preprocessor error Reviewed-by: Kurt Roeckx <kurt@openssl.org> (cherry picked from commit b4f0d1a4a89b964dba80036a6348ca0a1913c526)16 June 2015, 11:14:11 UTC
7c3f919 Richard Levitte13 June 2015, 11:13:55 UTCRemove one extraneous parenthesis Reviewed-by: Kurt Roeckx <kurt@openssl.org> (cherry picked from commit 30cf91784bfde82622f79d87d17d20ce73329532)16 June 2015, 11:14:11 UTC
c9f4108 Matt Caswell11 June 2015, 14:16:43 UTCPrepare for 1.0.0t-dev Reviewed-by: Stephen Henson <steve@openssl.org>11 June 2015, 14:16:43 UTC
a06ec5a Matt Caswell11 June 2015, 14:13:36 UTCPrepare for 1.0.0s release Reviewed-by: Stephen Henson <steve@openssl.org>11 June 2015, 14:13:36 UTC
62bbfe0 Matt Caswell10 June 2015, 10:49:31 UTCUpdate CHANGES and NEWS Updates to CHANGES and NEWS to take account of the latest security fixes. Reviewed-by: Rich Salz <rsalz@openssl.org>11 June 2015, 14:10:48 UTC
f46e809 Emilia Kasper12 May 2015, 17:00:30 UTCPKCS#7: Fix NULL dereference with missing EncryptedContent. CVE-2015-1790 Reviewed-by: Rich Salz <rsalz@openssl.org>11 June 2015, 14:10:48 UTC
57de321 Emilia Kasper08 April 2015, 14:56:43 UTCFix length checks in X509_cmp_time to avoid out-of-bounds reads. Also tighten X509_cmp_time to reject more than three fractional seconds in the time; and to reject trailing garbage after the offset. CVE-2015-1789 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>11 June 2015, 14:10:48 UTC
857b2ce Dr. Stephen Henson05 June 2015, 11:11:25 UTCFix infinite loop in CMS Fix loop in do_free_upto if cmsbio is NULL: this will happen when attempting to verify and a digest is not recognised. Reported by Johannes Bauer. CVE-2015-1792 Reviewed-by: Matt Caswell <matt@openssl.org>11 June 2015, 14:10:48 UTC
809bf2e Richard Levitte11 June 2015, 13:41:25 UTCCorrection of make depend merge error $(PROGS) was mistakenly removed, adding it back. Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 5ef5b9ffa91ad6061c42291564a1dc786300ebdd)11 June 2015, 13:53:32 UTC
db96b5a Matt Caswell11 June 2015, 00:30:06 UTCMore ssl_session_dup fixes Fix error handling in ssl_session_dup, as well as incorrect setting up of the session ticket. Follow on from CVE-2015-1791. Thanks to LibreSSL project for reporting these issues. Conflicts: ssl/ssl_sess.c Reviewed-by: Tim Hudson <tjh@openssl.org>11 June 2015, 09:13:02 UTC
cb9f1bc Matt Caswell04 June 2015, 13:22:00 UTCEC_POINT_is_on_curve does not return a boolean The function EC_POINT_is_on_curve does not return a boolean value. It returns 1 if the point is on the curve, 0 if it is not, and -1 on error. Many usages within OpenSSL were incorrectly using this function and therefore not correctly handling error conditions. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by: Kurt Roeckx <kurt@openssl.org> (cherry picked from commit 68886be7e2cd395a759fcd41d2cede461b68843d) Conflicts: crypto/ec/ec2_oct.c crypto/ec/ecp_oct.c crypto/ec/ectest.c10 June 2015, 09:57:05 UTC
9545eac Matt Caswell10 June 2015, 08:32:34 UTCFix Kerberos issue in ssl_session_dup The fix for CVE-2015-1791 introduced an error in ssl_session_dup for Kerberos. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit dcad51bc13c9b716d9a66248bcc4038c071ff158)10 June 2015, 09:03:42 UTC
228806a Dr. Stephen Henson08 June 2015, 12:23:00 UTCreturn correct NID for undefined object Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 0fb9990480919163cc375a2b6c0df1d8d901a77b)08 June 2015, 20:47:24 UTC
bb82db1 Matt Caswell04 June 2015, 10:18:55 UTCRemove misleading comment Remove a comment that suggested further clean up was required. DH_free() performs the necessary cleanup. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit f3d889523ee84f1e87e4da0d59e2702a4bee7907)04 June 2015, 11:58:00 UTC
470446d Matt Caswell04 June 2015, 10:16:16 UTCClean premaster_secret for GOST Ensure OPENSSL_cleanse() is called on the premaster secret value calculated for GOST. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit b7ee4815f2452c854cc859e8dda88f2673cdddea) Conflicts: ssl/s3_srvr.c04 June 2015, 11:58:00 UTC
91e64e1 Matt Caswell04 June 2015, 10:41:30 UTCClean Kerberos pre-master secret Ensure the Kerberos pre-master secret has OPENSSL_cleanse called on it. With thanks to the Open Crypto Audit Project for reporting this issue. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 4e3dbe37ca39fa68b6949fbde62f3ec0f0584f7e)04 June 2015, 11:44:47 UTC
0d3a7e7 Matt Caswell19 May 2015, 12:59:47 UTCFix off-by-one error in BN_bn2hex A BIGNUM can have the value of -0. The function BN_bn2hex fails to account for this and can allocate a buffer one byte too short in the event of -0 being used, leading to a one byte buffer overrun. All usage within the OpenSSL library is considered safe. Any security risk is considered negligible. With thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and Filip Palian for discovering and reporting this issue. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit c56353071d9849220714d8a556806703771b9269) Conflicts: crypto/bn/bn_print.c04 June 2015, 08:31:08 UTC
a85eef7 Richard Levitte31 May 2015, 15:47:31 UTCAdd the macro OPENSSL_SYS_WIN64 This is for consistency. Additionally, have its presence define OPENSSL_SYS_WINDOWS as well. Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 3f131556d6678bc3754f1e6d98a9a5bfc24e368c) Conflicts: e_os2.h02 June 2015, 16:06:45 UTC
0ae3473 Matt Caswell18 May 2015, 15:27:48 UTCFix race condition in NewSessionTicket If a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket then a race condition can occur potentially leading to a double free of the ticket data. CVE-2015-1791 This also fixes RT#3808 where a session ID is changed for a session already in the client session cache. Since the session ID is the key to the cache this breaks the cache access. Parts of this patch were inspired by this Akamai change: https://github.com/akamai/openssl/commit/c0bf69a791239ceec64509f9f19fcafb2461b0d3 Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 27c76b9b8010b536687318739c6f631ce4194688) Conflicts: ssl/ssl.h ssl/ssl_err.c02 June 2015, 11:49:03 UTC
9837785 Matt Caswell09 March 2015, 16:09:04 UTCClear state in DTLSv1_listen This is a backport of commit e83ee04bb7de800cdb71d522fa562e99328003a3 from the master branch (and this has also been applied to 1.0.2). In 1.0.2 this was CVE-2015-0207. For other branches there is no known security issue, but this is being backported as a precautionary measure. The DTLSv1_listen function is intended to be stateless and processes the initial ClientHello from many peers. It is common for user code to loop over the call to DTLSv1_listen until a valid ClientHello is received with an associated cookie. A defect in the implementation of DTLSv1_listen means that state is preserved in the SSL object from one invokation to the next. Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit cce3e4adb78a8d3eeb6e0e4efe332fcc5d75f615)02 June 2015, 08:15:16 UTC
aaa654d Dr. Stephen Henson28 May 2015, 14:44:20 UTCcheck for error when creating PKCS#8 structure Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 2849707fa65d2803e6d1c1603fdd3fd1fdc4c6cc)28 May 2015, 17:02:43 UTC
296559b Dr. Stephen Henson28 May 2015, 14:45:57 UTCPEM doc fixes Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit f097f81c891bb1f479426d8ac9c9541390334983)28 May 2015, 17:02:43 UTC
079495c Richard Levitte08 April 2015, 17:26:11 UTCHave mkerr.pl treat already existing multiline string defs properly Since source reformat, we ended up with some error reason string definitions that spanned two lines. That in itself is fine, but we sometimes edited them to provide better strings than what could be automatically determined from the reason macro, for example: {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER), "Peer haven't sent GOST certificate, required for selected ciphersuite"}, However, mkerr.pl didn't treat those two-line definitions right, and they ended up being retranslated to whatever the macro name would indicate, for example: {ERR_REASON(SSL_R_NO_GOST_CERTIFICATE_SENT_BY_PEER), "No gost certificate sent by peer"}, Clearly not what we wanted. This change fixes this problem. Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 2cfdfe0918f03f8323c9523a2beb2b363ae86ca7)23 May 2015, 11:17:58 UTC
591c819 Richard Levitte23 May 2015, 04:33:41 UTCFix update and depend in engines/ The update: target in engines/ didn't recurse into engines/ccgost. The update: and depend: targets in engines/ccgost needed a fixup. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 8b822d2566853ee5e313c37529f71336209b28ab)23 May 2015, 09:19:02 UTC
439c193 Richard Levitte22 May 2015, 17:23:43 UTCMissed a couple of spots in the update change Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 6f45032f6730622e8d484d92e07c7fce7d1f88ac) Conflicts: apps/Makefile23 May 2015, 09:18:53 UTC
1b84038 Richard Levitte22 May 2015, 15:54:06 UTCFix the update target and remove duplicate file updates We had updates of certain header files in both Makefile.org and the Makefile in the directory the header file lived in. This is error prone and also sometimes generates slightly different results (usually just a comment that differs) depending on which way the update was done. This removes the file update targets from the top level Makefile, adds an update: target in all Makefiles and has it depend on the depend: or local_depend: targets, whichever is appropriate, so we don't get a double run through the whole file tree. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 0f539dc1a2f45580435c39dada44dd276e79cb88) Conflicts: Makefile.org apps/Makefile test/Makefile crypto/cmac/Makefile crypto/srp/Makefile23 May 2015, 09:17:35 UTC
e261cf5 Matt Caswell19 May 2015, 15:03:02 UTCFix off-by-one in BN_rand If BN_rand is called with |bits| set to 1 and |top| set to 1 then a 1 byte buffer overflow can occur. There are no such instances within the OpenSSL at the moment. Thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke, Filip Palian for discovering and reporting this issue. Reviewed-by: Kurt Roeckx <kurt@openssl.org>22 May 2015, 22:47:16 UTC
b3c7214 Matt Caswell19 May 2015, 14:19:30 UTCReject negative shifts for BN_rshift and BN_lshift The functions BN_rshift and BN_lshift shift their arguments to the right or left by a specified number of bits. Unpredicatable results (including crashes) can occur if a negative number is supplied for the shift value. Thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and Filip Palian for discovering and reporting this issue. Reviewed-by: Kurt Roeckx <kurt@openssl.org> (cherry picked from commit 7cc18d8158b5fc2676393d99b51c30c135502107) Conflicts: crypto/bn/bn.h crypto/bn/bn_err.c22 May 2015, 22:23:50 UTC
ea04412 StudioEtrange20 May 2015, 08:36:44 UTCGitHub284: Fix typo in xx-32.pl scripts. Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>20 May 2015, 08:36:44 UTC
2dff75f Robert Swiecki18 May 2015, 23:08:02 UTCDon't add write errors into bytecounts Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 00d565cfbe90fab3b157e644caca4eb4a2ebec79)19 May 2015, 11:20:59 UTC
690d040 Rich Salz12 May 2015, 15:49:32 UTCAdd NULL checks from master The big "don't check for NULL" cleanup requires backporting some of the lowest-level functions to actually do nothing if NULL is given. This will make it easier to backport fixes to release branches, where master assumes those lower-level functions are "safe" This commit addresses those tickets: 3798 3799 3801. Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit f34b095fab1569d093b639bfcc9a77d6020148ff)13 May 2015, 16:56:02 UTC
6c63867 Gilles Khouzam02 May 2015, 02:20:42 UTCRT3820: Don't call GetDesktopWindow() Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit bed2edf1cb73f1fe2c11029acc694086bc14443e)02 May 2015, 12:02:18 UTC
b3ac37c Dr. Stephen Henson15 April 2015, 23:00:40 UTCLimit depth of nested sequences when generating ASN.1 Reported by Hanno Böck <hanno@hboeck.de> PR#3800 Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit c4137b5e828d8fab0b244defb79257619dad8fc7) Conflicts: crypto/asn1/asn1_gen.c22 April 2015, 20:57:50 UTC
50c2c64 Loganaden Velvindron22 April 2015, 15:16:30 UTCFix CRYPTO_strdup The function CRYPTO_strdup (aka OPENSSL_strdup) fails to check the return value from CRYPTO_malloc to see if it is NULL before attempting to use it. This patch adds a NULL check. RT3786 Signed-off-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 37b0cf936744d9edb99b5dd82cae78a7eac6ad60) Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 20d21389c8b6f5b754573ffb6a4dc4f3986f2ca4)22 April 2015, 16:26:20 UTC
a6202a7 Dr. Stephen Henson16 April 2015, 15:43:09 UTCFix encoding bug in i2c_ASN1_INTEGER Fix bug where i2c_ASN1_INTEGER mishandles zero if it is marked as negative. Thanks to Huzaifa Sidhpurwala <huzaifas@redhat.com> and Hanno Böck <hanno@hboeck.de> for reporting this issue. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit a0eed48d37a4b7beea0c966caf09ad46f4a92a44)18 April 2015, 13:44:54 UTC
6b7d6c4 Viktor Dukhovni16 April 2015, 06:53:29 UTCCode style: space after 'if' Reviewed-by: Matt Caswell <gitlab@openssl.org>16 April 2015, 17:53:17 UTC
2122099 Dr. Stephen Henson15 April 2015, 23:21:05 UTCReject empty generation strings. Reported by Hanno Böck <hanno@hboeck.de> Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 111b60bea01d234b5873488c19ff2b9c5d4d58e9) Conflicts: crypto/asn1/asn1_gen.c16 April 2015, 15:07:41 UTC
4bbff0f Matt Caswell10 April 2015, 15:49:33 UTCFix ssl_get_prev_session overrun If OpenSSL is configured with no-tlsext then ssl_get_prev_session can read past the end of the ClientHello message if the session_id length in the ClientHello is invalid. This should not cause any security issues since the underlying buffer is 16k in size. It should never be possible to overrun by that many bytes. This is probably made redundant by the previous commit - but you can never be too careful. With thanks to Qinghao Tang for reporting this issue. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 5e0a80c1c9b2b06c2d203ad89778ce1b98e0b5ad) Conflicts: ssl/ssl_sess.c14 April 2015, 14:01:20 UTC
923552b Matt Caswell10 April 2015, 16:25:27 UTCCheck for ClientHello message overruns The ClientHello processing is insufficiently rigorous in its checks to make sure that we don't read past the end of the message. This does not have security implications due to the size of the underlying buffer - but still needs to be fixed. With thanks to Qinghao Tang for reporting this issue. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit c9642eb1ff79a30e2c7632ef8267cc34cc2b0d79)14 April 2015, 13:51:57 UTC
dafa953 Dr. Stephen Henson02 April 2015, 12:45:14 UTCDon't set *pval to NULL in ASN1_item_ex_new. While *pval is usually a pointer in rare circumstances it can be a long value. One some platforms (e.g. WIN64) where sizeof(long) < sizeof(ASN1_VALUE *) this will write past the field. *pval is initialised correctly in the rest of ASN1_item_ex_new so setting it to NULL is unecessary anyway. Thanks to Julien Kauffmann for reporting this issue. Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit f617b4969a9261b9d7d381670aefbe2cf766a2cb) Conflicts: crypto/asn1/tasn_new.c10 April 2015, 18:53:45 UTC
e35e22e Dr. Stephen Henson22 March 2015, 17:34:56 UTCMake OCSP response verification more flexible. If a set of certificates is supplied to OCSP_basic_verify use those in addition to any present in the OCSP response as untrusted CAs when verifying a certificate chain. PR#3668 Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 4ca5efc2874e094d6382b30416824eda6dde52fe)24 March 2015, 12:14:56 UTC
06cf441 Matt Caswell19 March 2015, 13:45:41 UTCPrepare for 1.0.0s-dev Reviewed-by: Richard Levitte <levitte@openssl.org>19 March 2015, 13:45:41 UTC
81741de Matt Caswell19 March 2015, 13:43:00 UTCPrepare for 1.0.0r release Reviewed-by: Richard Levitte <levitte@openssl.org>19 March 2015, 13:43:00 UTC
f2f2f64 Matt Caswell19 March 2015, 13:43:00 UTCmake update Reviewed-by: Richard Levitte <levitte@openssl.org>19 March 2015, 13:43:00 UTC
34fc239 Matt Caswell19 March 2015, 11:35:33 UTCFix unsigned/signed warnings Fix some unsigned/signed warnings introduced as part of the fix for CVE-2015-0293 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>19 March 2015, 13:00:12 UTC
dfc3e96 Matt Caswell19 March 2015, 10:16:32 UTCFix a failure to NULL a pointer freed on error. Reported by the LibreSSL project as a follow on to CVE-2015-0209 Reviewed-by: Richard Levitte <levitte@openssl.org>19 March 2015, 13:00:11 UTC
ab1c362 Matt Caswell17 March 2015, 17:01:09 UTCUpdate NEWS file Update the NEWS file with the latest entries from CHANGES ready for the release. Reviewed-by: Richard Levitte <levitte@openssl.org>19 March 2015, 13:00:11 UTC
c304658 Matt Caswell17 March 2015, 16:56:27 UTCUpdate CHANGES for release Update CHANGES fiel with all the latest fixes ready for the release. Reviewed-by: Richard Levitte <levitte@openssl.org>19 March 2015, 13:00:11 UTC
66e2035 Matt Caswell18 March 2015, 10:04:06 UTCRemove overlapping CHANGES/NEWS entries Remove entries from CHANGES and NEWS from letter releases that occur *after* the next point release. Without this we get duplicate entries for the same issue appearing multiple times. Reviewed-by: Richard Levitte <levitte@openssl.org>19 March 2015, 13:00:11 UTC
1a08063 Emilia Kasper04 March 2015, 17:05:02 UTCFix reachable assert in SSLv2 servers. This assert is reachable for servers that support SSLv2 and export ciphers. Therefore, such servers can be DoSed by sending a specially crafted SSLv2 CLIENT-MASTER-KEY. Also fix s2_srvr.c to error out early if the key lengths are malformed. These lengths are sent unencrypted, so this does not introduce an oracle. CVE-2015-0293 This issue was discovered by Sean Burford (Google) and Emilia Käsper of the OpenSSL development team. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>19 March 2015, 13:00:11 UTC
9104dc4 Emilia Kasper27 February 2015, 15:52:23 UTCPKCS#7: avoid NULL pointer dereferences with missing content In PKCS#7, the ASN.1 content component is optional. This typically applies to inner content (detached signatures), however we must also handle unexpected missing outer content correctly. This patch only addresses functions reachable from parsing, decryption and verification, and functions otherwise associated with reading potentially untrusted data. Correcting all low-level API calls requires further work. CVE-2015-0289 Thanks to Michal Zalewski (Google) for reporting this issue. Reviewed-by: Steve Henson <steve@openssl.org>19 March 2015, 13:00:11 UTC
0275883 Dr. Stephen Henson09 March 2015, 23:11:45 UTCFix ASN1_TYPE_cmp Fix segmentation violation when ASN1_TYPE_cmp is passed a boolean type. This can be triggered during certificate verification so could be a DoS attack against a client or a server enabling client authentication. CVE-2015-0286 Reviewed-by: Richard Levitte <levitte@openssl.org>19 March 2015, 13:00:11 UTC
7746ff5 Dr. Stephen Henson23 February 2015, 02:32:44 UTCFree up ADB and CHOICE if already initialised. CVE-2015-0287 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org>18 March 2015, 11:52:43 UTC
765db5f Dr. Stephen Henson11 March 2015, 23:30:52 UTCASN.1 print fix. When printing out an ASN.1 structure if the type is an item template don't fall thru and attempt to interpret as a primitive type. Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit 5dc1247a7494f50c88ce7492518bbe0ce6f124fa)12 March 2015, 13:46:44 UTC
683f03e Matt Caswell09 March 2015, 13:59:58 UTCCleanse buffers Cleanse various intermediate buffers used by the PRF (backported version from master). Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit 35fafc4dbc0b3a717ad1b208fe2867e8c64867de) Conflicts: ssl/s3_enc.c Conflicts: ssl/t1_enc.c11 March 2015, 10:54:35 UTC
765e246 Dr. Stephen Henson09 March 2015, 16:40:22 UTCupdate ordinals Reviewed-by: Matt Caswell <matt@openssl.org>09 March 2015, 16:40:22 UTC
f10dfa0 Dr. Stephen Henson08 March 2015, 17:31:48 UTCfix warning Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit d6ca1cee8b6efac5906ac66443d1ca67fe689ff8) Conflicts: ssl/ssl_locl.h08 March 2015, 22:44:10 UTC
394a30c Dr. Stephen Henson08 March 2015, 16:57:46 UTCFix warnings. Fix compiler warnings (similar to commit 25012d5e79) Reviewed-by: Richard Levitte <levitte@openssl.org>08 March 2015, 16:57:46 UTC
3697125 Dr. Stephen Henson03 March 2015, 14:20:23 UTCCleanse PKCS#8 private key components. New function ASN1_STRING_clear_free which cleanses an ASN1_STRING structure before freeing it. Call ASN1_STRING_clear_free on PKCS#8 private key components. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit a8ae0891d4bfd18f224777aed1fbb172504421f1) Conflicts: crypto/dh/dh_ameth.c08 March 2015, 16:32:35 UTC
71b0bb7 Kurt Roeckx04 March 2015, 20:57:52 UTCRemove export ciphers from the DEFAULT cipher list They are moved to the COMPLEMENTOFDEFAULT instead. This also fixes SSLv2 to be part of COMPLEMENTOFDEFAULT. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit bc2e18a3c818ae7e2d8c996b6648aa4ae8e3ee28)07 March 2015, 22:12:32 UTC
09712fd Matt Caswell06 March 2015, 13:00:47 UTCUpdate mkerr.pl for new format Make the output from mkerr.pl consistent with the newly reformatted code. Reviewed-by: Richard Levitte <levitte@openssl.org>06 March 2015, 14:09:49 UTC
4bf7b29 Dr. Stephen Henson18 February 2015, 00:34:59 UTCCheck public key is not NULL. CVE-2015-0288 PR#3708 Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 28a00bcd8e318da18031b2ac8778c64147cd54f9)02 March 2015, 15:26:52 UTC
42ad010 Dr. Stephen Henson02 March 2015, 13:26:29 UTCFix format script. The format script didn't correctly recognise some ASN.1 macros and didn't reformat some files as a result. Fix script and reformat affected files. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 437b14b533fe7f7408e3ebca6d5569f1d3347b1a)02 March 2015, 13:43:40 UTC
dac693c Matt Caswell09 February 2015, 11:38:41 UTCFix a failure to NULL a pointer freed on error. Inspired by BoringSSL commit 517073cd4b by Eric Roman <eroman@chromium.org> CVE-2015-0209 Reviewed-by: Emilia Käsper <emilia@openssl.org>25 February 2015, 20:38:25 UTC
6e161ee Dr. Stephen Henson24 February 2015, 13:52:21 UTCDocument -no_explicit Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 384dee51242e950c56b3bac32145957bfbf3cd4b)24 February 2015, 15:29:07 UTC
0e5e7af Andy Polyakov09 February 2015, 14:59:09 UTCBring objects.pl output even closer to new format. Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 849037169d98d070c27d094ac341fc6aca1ed2ca)09 February 2015, 15:04:58 UTC
2487d77 Andy Polyakov07 February 2015, 09:15:32 UTCHarmonize objects.pl output with new format. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 7ce38623194f6df6a846cd01753b63f361c88e57)09 February 2015, 09:01:54 UTC
back to top