This project is mirrored from https://github.com/openssl/openssl.git.
Pull mirroring failed .
Last successful update .
Last successful update .
- 22 Sep, 2020 3 commits
-
-
Matt Caswell authored
Reviewed-by:Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
- 21 Sep, 2020 4 commits
-
-
olszomal authored
CLA: trivial Reviewed-by:
Kurt Roeckx <kurt@roeckx.be> Reviewed-by:
Matt Caswell <matt@openssl.org> GH: #12205 (cherry picked from commit 434343f8)
-
Norman Ashley authored
OCSP_basic_sign_ctx() in ocsp_srv.c , does not check for RSA_METHOD_FLAG_NO_CHECK. If a key has RSA_METHOD_FLAG_NO_CHECK set, OCSP sign operations can fail because the X509_check_private_key() can fail. The check for the RSA_METHOD_FLAG_NO_CHECK was moved to crypto/rsa/rsa_ameth.c as a common place to check. Checks in ssl_rsa.c were removed. Reviewed-by:
Tim Hudson <tjh@openssl.org> Reviewed-by:
Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12419)
-
Tomas Mraz authored
The check is applied only with X509_V_FLAG_X509_STRICT. Fixes #12139 Reviewed-by:
David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by:
Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12909)
-
Tomas Mraz authored
The function returns 1 when the encoding of a decoded EC key used explicit encoding of the curve parameters. Reviewed-by:
-
- 20 Sep, 2020 1 commit
-
-
Henry N authored
Fix this error: crypto/ec/ecp_nistz256-armv4.S:3853: Error: bad arguments to instruction -- `orr r11,r10' crypto/ec/ecp_nistz256-armv4.S:3854: Error: bad arguments to instruction -- `orr r11,r12' crypto/ec/ecp_nistz256-armv4.S:3855: Error: bad arguments to instruction -- `orrs r11,r14' CLA: trivial Fixes #12848 Reviewed-by:
-
- 10 Sep, 2020 2 commits
-
-
Dr. Matthias St. Pierre authored
The original names were more intuitive: the generate_counter counts the number of generate requests, and the reseed_counter counts the number of reseedings (of the principal DRBG). reseed_gen_counter -> generate_counter reseed_prop_counter -> reseed_counter This partially reverts commit 35a34508. Reviewed-by:Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12759)
-
Dr. Matthias St. Pierre authored
In a nutshell, reseed propagation is a compatibility feature with the sole purpose to support the traditional way of (re-)seeding manually by calling 'RAND_add()' before 'RAND_bytes(). It ensures that the former has an immediate effect on the latter *within the same thread*, but it does not care about immediate reseed propagation to other threads. The implementation is lock-free, i.e., it works without taking the lock of the primary DRBG. Pull request #7399 not only fixed the data race issue #7394 but also changed the original implementation of the seed propagation unnecessarily. This commit reverts most of the changes of commit 1f985276 and intends to fix the data race while retaining the original simplicity of the seed propagation. - use atomics with relaxed semantics to load and store the seed counter - add a new member drbg->enable_reseed_propagation to simplify the overflow treatment of the seed propagation counter - don't handle races between different threads This partially reverts commit 1f985276. Reviewed-by:
-
- 07 Sep, 2020 2 commits
-
-
luxinyou authored
Fixes #12471 CLA: trivial Reviewed-by:
Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12533) (cherry picked from commit 4348995b)
-
Shane Lontis authored
x_algor.c: Explicit null dereferenced cms_sd.c: Resource leak ts_rsp_sign.c Resource Leak extensions_srvr.c: Resourse Leak v3_alt.c: Resourse Leak pcy_data.c: Resource Leak cms_lib.c: Resource Leak drbg_lib.c: Unchecked return code Reviewed-by:
-
- 28 Aug, 2020 2 commits
-
-
Richard Levitte authored
PEM_write_bio_PrivateKey_traditional() uses i2d_PrivateKey() to do the actual encoding to DER. However, i2d_PrivateKey() is a generic function that will do what it can to produce output according to what the associated EVP_PKEY_ASN1_METHOD offers. If that method offers a function 'old_priv_encode', which is expected to produce the "traditional" encoded form, then i2d_PrivateKey() uses that. If not, i2d_PrivateKey() will go on and used more modern methods, which are all expected to produce PKCS#8. To ensure that PEM_write_bio_PrivateKey_traditional() never produces more modern encoded forms, an extra check that 'old_priv_encode' is non-NULL is added. If it is NULL, an error is returned. Reviewed-by:
-
Jung-uk Kim authored
For example, FreeBSD prepends "FreeBSD" to version string, e.g., FreeBSD clang version 11.0.0 (git@github.com:llvm/llvm-project.git llvmorg-11.0.0-rc2-0-g414f32a9e86) Target: x86_64-unknown-freebsd13.0 Thread model: posix InstalledDir: /usr/bin This prevented us from properly detecting AVX support, etc. CLA: trivial Reviewed-by:
Richard Levitte <levitte@openssl.org> Reviewed-by:
Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/12725) (cherry picked from commit cd84d883)
-
- 13 Aug, 2020 2 commits
-
-
Tomas Mraz authored
Reviewed-by:
-
Tomas Mraz authored
Fixes #12588 Reviewed-by:
-
- 30 Jul, 2020 1 commit
-
-
Matt Caswell authored
A recently added certificate in test/certs expired causing test_verify to fail. This add a replacement certificate with a long expiry date. Reviewed-by:
-
- 24 Jul, 2020 2 commits
-
-
Gustaf Neumann authored
Reviewed-by:
-
Read Hughes authored
Fix EVP_EncodeBlock description using incorrect parameter name for encoding length CLA: trivial Reviewed-by:
Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12518) (cherry picked from commit 1660c8fa)
-
- 22 Jul, 2020 3 commits
-
-
Vitezslav Cizek authored
The condition in test_error_checks() was inverted, so the test succeeded as long as error_check() failed. Incidently, error_check() contained several bugs that assured it always failed, thus giving overall drbg test success. Remove the broken explicit zero check. RAND_DRBG_uninstantiate() cleanses the data via drbg_ctr_uninstantiate(), but right after that it resets drbg->data.ctr using RAND_DRBG_set(), so TEST_mem_eq(zero, sizeof(drbg->data)) always failed. (backport from https://github.com/openssl/openssl/pull/11195) Signed-off-by:
Vitezslav Cizek <vcizek@suse.com> Reviewed-by:
-
Nihal Jere authored
CLA: trivial Reviewed-by:
-
Viktor Dukhovni authored
The 'MinProtocol' and 'MaxProtocol' configuration commands now silently ignore TLS protocol version bounds when configurign DTLS-based contexts, and conversely, silently ignore DTLS protocol version bounds when configuring TLS-based contexts. The commands can be repeated to set bounds of both types. The same applies with the corresponding "min_protocol" and "max_protocol" command-line switches, in case some application uses both TLS and DTLS. SSL_CTX instances that are created for a fixed protocol version (e.g. TLSv1_server_method()) also silently ignore version bounds. Previously attempts to apply bounds to these protocol versions would result in an error. Now only the "version-flexible" SSL_CTX instances are subject to limits in configuration files in command-line options. Expected to resolve #12394 Reviewed-by:
-
- 20 Jul, 2020 1 commit
-
-
Dimitri John Ledkov authored
Today, majority of web-browsers reject communication as allowed by the security level 1. Instead key sizes and algorithms from security level 2 are required. Thus remove the now obsolete warning against using security levels higher than 1. For example Ubuntu, compiles OpenSSL with security level set to 2, and further restricts algorithm versions available at that security level. Reviewed-by:
-
- 17 Jul, 2020 1 commit
-
-
Pauli authored
The documentation was off by one for the length this function could return. Reviewed-by:
-
- 16 Jul, 2020 2 commits
-
-
Dr. David von Oheimb authored
If a presumably self-signed cert is last in chain we verify its signature only if X509_V_FLAG_CHECK_SS_SIGNATURE is set. Upon this request we do the signature verification, but not in case it is a (non-conforming) self-issued CA certificate with a key usage extension that does not include keyCertSign. Make clear when we must verify the signature of a certificate and when we must adhere to key usage restrictions of the 'issuing' cert. Add some comments for making internal_verify() easier to understand. Update the documentation of X509_V_FLAG_CHECK_SS_SIGNATURE accordingly. Reviewed-by:
-
Dr. David von Oheimb authored
Move check that cert signing is allowed from x509v3_cache_extensions() to where it belongs: internal_verify(), generalize it for proxy cert signing. Correct and simplify check_issued(), now checking self-issued (not: self-signed). Add test case to 25-test_verify.t that demonstrates successful fix. As prerequisites, this adds the static function check_sig_alg_match() and the internal functions x509_likely_issued() and x509_signing_allowed(). This is a backport of the core of PR #10587. Fixes #1418 Reviewed-by:
-
- 15 Jul, 2020 4 commits
-
-
aSoujyuTanaka authored
Reviewed-by:
Mark J. Cox <mark@awe.com> Reviewed-by:
-
aSoujyuTanaka authored
Reviewed-by:
-
aSoujyuTanaka authored
its miscompilation of the function. https://mta.openssl.org/pipermail/openssl-users/2018-August/008465.htmlReviewed-by:
-
aSoujyuTanaka authored
Reviewed-by:
-
- 13 Jul, 2020 1 commit
-
-
Nicola Tuveri authored
Backport of https://github.com/openssl/openssl/pull/12096 to 1.1.1 broke the build as the following functions are missing: const BIGNUM *EC_GROUP_get0_field(const EC_GROUP *group); int EC_GROUP_get_field_type(const EC_GROUP *group); Turns out that for the purposes of the test code, we don't really need to differentiate between prime and binary fields, and we can directly use the existing `EC_GROUP_get_degree()` in the same fashion as was being done for binary fields also for prime fields. Fixes https://github.com/openssl/openssl/issues/12432Reviewed-by:
-
- 12 Jul, 2020 1 commit
-
-
Billy Brumley authored
Reviewed-by:
-
- 09 Jul, 2020 1 commit
-
-
Glenn Strauss authored
improve reference implementation code in SSL_CTX_set_tlsext_ticket_key_cb man page change EVP_aes_128_cbc() to EVP_aes_256_cbc(), with the implication of requiring longer keys. Updating this code brings the reference implementation in line with implementation in openssl committed in 2016: commit 05df5c20 Use AES256 for the default encryption algorithm for TLS session tickets add comments where user-implementation is needed to complete code (backport from https://github.com/openssl/openssl/pull/12063) Reviewed-by:
-
- 07 Jul, 2020 2 commits
-
-
Nicola Tuveri authored
Test separately EC parameters and EC key generation. Some curves only support explicit params encoding. For some curves we have had cases in which generating the parameters under certain conditions failed, while generating and serializing a key under the same conditions did not. See <https://github.com/openssl/openssl/issues/12306> for more details. Reviewed-by:
-
Nicola Tuveri authored
If the key is to be serialized or printed as text and the framework returns an error, the app should signal the failure to the user using a non-zero exit status. Reviewed-by:
-
- 04 Jul, 2020 1 commit
-
-
Nicola Tuveri authored
The following built-in curves do not have an assigned OID: - Oakley-EC2N-3 - Oakley-EC2N-4 In general we shouldn't assume that an OID is always available. This commit detects such cases, raises an error and returns appropriate return values so that the condition can be detected and correctly handled by the callers, when serializing EC parameters or EC keys with the default `ec_param_enc:named_curve`. Fixes #12306 Reviewed-by:
-
- 02 Jul, 2020 2 commits
-
-
Richard Levitte authored
'absolutedir' does a thorough job ensuring that we have a "real" path to both source and build directory, unencumbered by symbolic links. However, that isn't enough on case insensitive file systems on Unix flavored platforms, where it's possible to stand in, for example, /PATH/TO/Work/openssl, and then do this: perl ../../work/openssl/Configure ... and thereby having it look like the source directory and the build directory aren't the same. We solve this by having a closer look at the computed source and build directories, and making sure they are exactly the same strings if they are in fact the same directory. This is especially important when making symbolic links based on this directories, but may have other ramifications as well. Fixes #12323 Reviewed-by: -
Miłosz Kaniewski authored
Usually it will be freed in tls_early_post_process_client_hello(). However if a ClientHello callback will be used and will return SSL_CLIENT_HELLO_RETRY then tls_early_post_process_client_hello() may never come to the point where pre_proc_exts is freed. Fixes #12194 CLA: trivial Reviewed-by:
-
- 01 Jul, 2020 1 commit
-
-
Pauli authored
Reviewed-by:
-
- 30 Jun, 2020 1 commit
-
-
Matt Caswell authored
Reviewed-by:
-
