summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Modify the block's character of yaml to avoid future problemsbaserock/pedroalvarez/power-portPedro Alvarez2013-12-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When blocks of text are flowed with >, e.g. key: value foo: > The quick brown fox jumps over the lazy dog. The new-lines of the text block are removed. This causes confusion when shell scripts are involved, as the following Yaml would be parsed as one shell command, rather than two: command: > echo foo bar ls This escaped detection since if text is indented, Yaml treats it as a different block, so command: > if true; then echo foo bar fi is parsed correctly, but command: > if true; then echo foo bar ls fi is not. To avoid this confusion, we can always use `|`, which will preserve the newlines, so an explicit continuation can be requested with a `\` at the end of the line. command: | echo foo bar \ baz quux
* Merge branch 'baserock/pedroalvarez/power-port' into baserock/morphPedro Alvarez2013-12-031-1/+6
|\ | | | | | | | | Reviewed-by: Dan Firth Reviewed-by: Lars Wirzenius
| * Update chunk morphology make it able to build openssl in ppc64Pedro Alvarez2013-12-021-1/+6
|/
* Add morphologybaserock/larswirzenius/morphLars Wirzenius2013-09-231-0/+10
|
* use 10240 for record sizeOpenSSL_1_0_1eDr. Stephen Henson2013-02-111-1/+1
| | | | Workaround for non-compliant tar files sometimes created by "make dist".
* prepare for releaseDr. Stephen Henson2013-02-115-6/+7
|
* Update NEWSDr. Stephen Henson2013-02-111-0/+4
|
* FAQ/README: we are now using Git instead of CVSLutz Jaenicke2013-02-113-4/+4
|
* sparccpuid.S: work around emulator bug on T1.Andy Polyakov2013-02-111-2/+2
| | | | (cherry picked from commit 3caeef94bd045608af03b061643992e3afd9c445)
* ssl/*: fix linking errors with no-srtp.Andy Polyakov2013-02-095-6/+39
|
* ssl/s3_[clnt|srvr].c: fix warnings.Andy Polyakov2013-02-092-0/+6
|
* s3_cbc.c: make CBC_MAC_ROTATE_IN_PLACE universal.Andy Polyakov2013-02-081-8/+9
| | | | (cherry picked from commit f93a41877d8d7a287debb7c63d7b646abaaf269c)
* s3_cbc.c: get rid of expensive divisions [from master].Andy Polyakov2013-02-081-14/+21
| | | | (cherry picked from commit e9baceab5a385e570706ca98dec768b2d89d1ac6)
* e_aes_cbc_hmac_sha1.c: fine-tune cache line alignment.Andy Polyakov2013-02-081-1/+1
| | | | With previous commit it also ensures that valgrind is happy.
* Add clang target.Ben Laurie2013-02-071-0/+1
|
* Remove extraneous brackets (clang doesn't like them).Ben Laurie2013-02-071-1/+1
|
* e_aes_cbc_hmac_sha1.c: align calculated MAC at cache line.Andy Polyakov2013-02-071-36/+43
|
* ssl/[d1|s3]_pkt.c: harmomize orig_len handling.Andy Polyakov2013-02-072-2/+6
|
* Fix IV check and padding removal.Dr. Stephen Henson2013-02-071-21/+12
| | | | | | | Fix the calculation that checks there is enough room in a record after removing padding and optional explicit IV. (by Steve) For AEAD remove the correct number of padding bytes (by Andy)
* Fix for EXP-RC2-CBC-MD5Adam Langley2013-02-062-9/+47
| | | | | | MD5 should use little endian order. Fortunately the only ciphersuite affected is EXP-RC2-CBC-MD5 (TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5) which is a rarely used export grade ciphersuite.
* prepare for next versionDr. Stephen Henson2013-02-064-5/+9
|
* typoOpenSSL_1_0_1dDr. Stephen Henson2013-02-041-1/+1
|
* Prepare for release.Dr. Stephen Henson2013-02-044-5/+6
|
* typoDr. Stephen Henson2013-02-041-2/+2
|
* make updateDr. Stephen Henson2013-02-043-33/+53
|
* Fix error codes.Dr. Stephen Henson2013-02-045-3/+5
|
* Reword NEWS entry.Dr. Stephen Henson2013-02-041-1/+1
|
* Update NEWSDr. Stephen Henson2013-02-041-0/+2
|
* Add CHANGES entries.Dr. Stephen Henson2013-02-041-0/+21
|
* e_aes_cbc_hmac_sha1.c: cleanse temporary copy of HMAC secret.Andy Polyakov2013-02-031-0/+2
|
* bn_word.c: fix overflow bug in BN_add_word.Andy Polyakov2013-02-021-17/+8
| | | | (cherry picked from commit 134c00659a1bc67ad35a1e4620e16bc4315e6e37)
* x86_64 assembly pack: keep making Windows build more robust.Andy Polyakov2013-02-022-2/+4
| | | | | PR: 2963 and a number of others (cherry picked from commit 4568182a8b8cbfd15cbc175189029ac547bd1762)
* e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues.Andy Polyakov2013-02-024-40/+208
| | | | Address CBC decrypt timing issues and reenable the AESNI+SHA1 stitch.
* Merge remote-tracking branch 'origin/OpenSSL_1_0_1-stable' into ↵Ben Laurie2013-02-010-0/+0
|\ | | | | | | OpenSSL_1_0_1-stable
| * ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility.Andy Polyakov2013-02-017-31/+38
| | | | | | | | | | Kludge alert. This is arranged by passing padding length in unused bits of SSL3_RECORD->type, so that orig_len can be reconstructed.
* | ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility.Andy Polyakov2013-02-017-31/+38
|/
* Don't access EVP_MD_CTX internals directly.Dr. Stephen Henson2013-02-011-2/+2
|
* s3/s3_cbc.c: allow for compilations with NO_SHA256|512.Andy Polyakov2013-02-011-1/+18
|
* ssl/s3_cbc.c: md_state alignment portability fix.Andy Polyakov2013-02-011-15/+16
| | | | | RISCs are picky and alignment granted by compiler for md_state can be insufficient for SHA512.
* ssl/s3_cbc.c: uint64_t portability fix.Andy Polyakov2013-02-011-11/+6
| | | | | | Break dependency on uint64_t. It's possible to declare bits as unsigned int, because TLS packets are limited in size and 32-bit value can't overflow.
* typo.Dr. Stephen Henson2013-01-311-1/+1
|
* Merge branch 'ben/timing-1.0.1' into OpenSSL_1_0_1-stableDr. Stephen Henson2013-01-314-0/+63
|\
| * Add ordinal for CRYPTO_memcmp: since this will affect multipleDr. Stephen Henson2013-01-311-0/+1
| | | | | | | | branches it needs to be in a "gap".
| * Timing fix mitigation for FIPS mode.Dr. Stephen Henson2013-01-313-0/+62
| | | | | | | | | | | | | | | | We have to use EVP in FIPS mode so we can only partially mitigate timing differences. Make an extra call to EVP_DigestSignUpdate to hash additonal blocks to cover any timing differences caused by removal of padding.
* | Update NEWSDr. Stephen Henson2013-01-311-0/+1
| |
* | Don't try and verify signatures if key is NULL (CVE-2013-0166)Dr. Stephen Henson2013-01-293-3/+16
|/ | | | Add additional check to catch this in ASN1_item_verify too.
* Oops. Add missing file.Ben Laurie2013-01-281-0/+696
|
* Update DTLS code to match CBC decoding in TLS.Ben Laurie2013-01-285-57/+67
| | | | | This change updates the DTLS code to match the constant-time CBC behaviour in the TLS.
* Don't crash when processing a zero-length, TLS >= 1.1 record.Ben Laurie2013-01-285-7/+24
| | | | | | | The previous CBC patch was bugged in that there was a path through enc() in s3_pkt.c/d1_pkt.c which didn't set orig_len. orig_len would be left at the previous value which could suggest that the packet was a sufficient length when it wasn't.
* Make CBC decoding constant time.Ben Laurie2013-01-289-197/+214
| | | | | | | | | | | | | This patch makes the decoding of SSLv3 and TLS CBC records constant time. Without this, a timing side-channel can be used to build a padding oracle and mount Vaudenay's attack. This patch also disables the stitched AESNI+SHA mode pending a similar fix to that code. In order to be easy to backport, this change is implemented in ssl/, rather than as a generic AEAD mode. In the future this should be changed around so that HMAC isn't in ssl/, but crypto/ as FIPS expects.
View Lorry Controller Status