Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Modify the block's character of yaml to avoid future problemsbaserock/pedroalvarez/power-port | Pedro Alvarez | 2013-12-04 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When blocks of text are flowed with >, e.g. key: value foo: > The quick brown fox jumps over the lazy dog. The new-lines of the text block are removed. This causes confusion when shell scripts are involved, as the following Yaml would be parsed as one shell command, rather than two: command: > echo foo bar ls This escaped detection since if text is indented, Yaml treats it as a different block, so command: > if true; then echo foo bar fi is parsed correctly, but command: > if true; then echo foo bar ls fi is not. To avoid this confusion, we can always use `|`, which will preserve the newlines, so an explicit continuation can be requested with a `\` at the end of the line. command: | echo foo bar \ baz quux | ||||
* | Merge branch 'baserock/pedroalvarez/power-port' into baserock/morph | Pedro Alvarez | 2013-12-03 | 1 | -1/+6 |
|\ | | | | | | | | | Reviewed-by: Dan Firth Reviewed-by: Lars Wirzenius | ||||
| * | Update chunk morphology make it able to build openssl in ppc64 | Pedro Alvarez | 2013-12-02 | 1 | -1/+6 |
|/ | |||||
* | Add morphologybaserock/larswirzenius/morph | Lars Wirzenius | 2013-09-23 | 1 | -0/+10 |
| | |||||
* | use 10240 for record sizeOpenSSL_1_0_1e | Dr. Stephen Henson | 2013-02-11 | 1 | -1/+1 |
| | | | | Workaround for non-compliant tar files sometimes created by "make dist". | ||||
* | prepare for release | Dr. Stephen Henson | 2013-02-11 | 5 | -6/+7 |
| | |||||
* | Update NEWS | Dr. Stephen Henson | 2013-02-11 | 1 | -0/+4 |
| | |||||
* | FAQ/README: we are now using Git instead of CVS | Lutz Jaenicke | 2013-02-11 | 3 | -4/+4 |
| | |||||
* | sparccpuid.S: work around emulator bug on T1. | Andy Polyakov | 2013-02-11 | 1 | -2/+2 |
| | | | | (cherry picked from commit 3caeef94bd045608af03b061643992e3afd9c445) | ||||
* | ssl/*: fix linking errors with no-srtp. | Andy Polyakov | 2013-02-09 | 5 | -6/+39 |
| | |||||
* | ssl/s3_[clnt|srvr].c: fix warnings. | Andy Polyakov | 2013-02-09 | 2 | -0/+6 |
| | |||||
* | s3_cbc.c: make CBC_MAC_ROTATE_IN_PLACE universal. | Andy Polyakov | 2013-02-08 | 1 | -8/+9 |
| | | | | (cherry picked from commit f93a41877d8d7a287debb7c63d7b646abaaf269c) | ||||
* | s3_cbc.c: get rid of expensive divisions [from master]. | Andy Polyakov | 2013-02-08 | 1 | -14/+21 |
| | | | | (cherry picked from commit e9baceab5a385e570706ca98dec768b2d89d1ac6) | ||||
* | e_aes_cbc_hmac_sha1.c: fine-tune cache line alignment. | Andy Polyakov | 2013-02-08 | 1 | -1/+1 |
| | | | | With previous commit it also ensures that valgrind is happy. | ||||
* | Add clang target. | Ben Laurie | 2013-02-07 | 1 | -0/+1 |
| | |||||
* | Remove extraneous brackets (clang doesn't like them). | Ben Laurie | 2013-02-07 | 1 | -1/+1 |
| | |||||
* | e_aes_cbc_hmac_sha1.c: align calculated MAC at cache line. | Andy Polyakov | 2013-02-07 | 1 | -36/+43 |
| | |||||
* | ssl/[d1|s3]_pkt.c: harmomize orig_len handling. | Andy Polyakov | 2013-02-07 | 2 | -2/+6 |
| | |||||
* | Fix IV check and padding removal. | Dr. Stephen Henson | 2013-02-07 | 1 | -21/+12 |
| | | | | | | | Fix the calculation that checks there is enough room in a record after removing padding and optional explicit IV. (by Steve) For AEAD remove the correct number of padding bytes (by Andy) | ||||
* | Fix for EXP-RC2-CBC-MD5 | Adam Langley | 2013-02-06 | 2 | -9/+47 |
| | | | | | | MD5 should use little endian order. Fortunately the only ciphersuite affected is EXP-RC2-CBC-MD5 (TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5) which is a rarely used export grade ciphersuite. | ||||
* | prepare for next version | Dr. Stephen Henson | 2013-02-06 | 4 | -5/+9 |
| | |||||
* | typoOpenSSL_1_0_1d | Dr. Stephen Henson | 2013-02-04 | 1 | -1/+1 |
| | |||||
* | Prepare for release. | Dr. Stephen Henson | 2013-02-04 | 4 | -5/+6 |
| | |||||
* | typo | Dr. Stephen Henson | 2013-02-04 | 1 | -2/+2 |
| | |||||
* | make update | Dr. Stephen Henson | 2013-02-04 | 3 | -33/+53 |
| | |||||
* | Fix error codes. | Dr. Stephen Henson | 2013-02-04 | 5 | -3/+5 |
| | |||||
* | Reword NEWS entry. | Dr. Stephen Henson | 2013-02-04 | 1 | -1/+1 |
| | |||||
* | Update NEWS | Dr. Stephen Henson | 2013-02-04 | 1 | -0/+2 |
| | |||||
* | Add CHANGES entries. | Dr. Stephen Henson | 2013-02-04 | 1 | -0/+21 |
| | |||||
* | e_aes_cbc_hmac_sha1.c: cleanse temporary copy of HMAC secret. | Andy Polyakov | 2013-02-03 | 1 | -0/+2 |
| | |||||
* | bn_word.c: fix overflow bug in BN_add_word. | Andy Polyakov | 2013-02-02 | 1 | -17/+8 |
| | | | | (cherry picked from commit 134c00659a1bc67ad35a1e4620e16bc4315e6e37) | ||||
* | x86_64 assembly pack: keep making Windows build more robust. | Andy Polyakov | 2013-02-02 | 2 | -2/+4 |
| | | | | | PR: 2963 and a number of others (cherry picked from commit 4568182a8b8cbfd15cbc175189029ac547bd1762) | ||||
* | e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues. | Andy Polyakov | 2013-02-02 | 4 | -40/+208 |
| | | | | Address CBC decrypt timing issues and reenable the AESNI+SHA1 stitch. | ||||
* | Merge remote-tracking branch 'origin/OpenSSL_1_0_1-stable' into ↵ | Ben Laurie | 2013-02-01 | 0 | -0/+0 |
|\ | | | | | | | OpenSSL_1_0_1-stable | ||||
| * | ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility. | Andy Polyakov | 2013-02-01 | 7 | -31/+38 |
| | | | | | | | | | | Kludge alert. This is arranged by passing padding length in unused bits of SSL3_RECORD->type, so that orig_len can be reconstructed. | ||||
* | | ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility. | Andy Polyakov | 2013-02-01 | 7 | -31/+38 |
|/ | |||||
* | Don't access EVP_MD_CTX internals directly. | Dr. Stephen Henson | 2013-02-01 | 1 | -2/+2 |
| | |||||
* | s3/s3_cbc.c: allow for compilations with NO_SHA256|512. | Andy Polyakov | 2013-02-01 | 1 | -1/+18 |
| | |||||
* | ssl/s3_cbc.c: md_state alignment portability fix. | Andy Polyakov | 2013-02-01 | 1 | -15/+16 |
| | | | | | RISCs are picky and alignment granted by compiler for md_state can be insufficient for SHA512. | ||||
* | ssl/s3_cbc.c: uint64_t portability fix. | Andy Polyakov | 2013-02-01 | 1 | -11/+6 |
| | | | | | | Break dependency on uint64_t. It's possible to declare bits as unsigned int, because TLS packets are limited in size and 32-bit value can't overflow. | ||||
* | typo. | Dr. Stephen Henson | 2013-01-31 | 1 | -1/+1 |
| | |||||
* | Merge branch 'ben/timing-1.0.1' into OpenSSL_1_0_1-stable | Dr. Stephen Henson | 2013-01-31 | 4 | -0/+63 |
|\ | |||||
| * | Add ordinal for CRYPTO_memcmp: since this will affect multiple | Dr. Stephen Henson | 2013-01-31 | 1 | -0/+1 |
| | | | | | | | | branches it needs to be in a "gap". | ||||
| * | Timing fix mitigation for FIPS mode. | Dr. Stephen Henson | 2013-01-31 | 3 | -0/+62 |
| | | | | | | | | | | | | | | | | We have to use EVP in FIPS mode so we can only partially mitigate timing differences. Make an extra call to EVP_DigestSignUpdate to hash additonal blocks to cover any timing differences caused by removal of padding. | ||||
* | | Update NEWS | Dr. Stephen Henson | 2013-01-31 | 1 | -0/+1 |
| | | |||||
* | | Don't try and verify signatures if key is NULL (CVE-2013-0166) | Dr. Stephen Henson | 2013-01-29 | 3 | -3/+16 |
|/ | | | | Add additional check to catch this in ASN1_item_verify too. | ||||
* | Oops. Add missing file. | Ben Laurie | 2013-01-28 | 1 | -0/+696 |
| | |||||
* | Update DTLS code to match CBC decoding in TLS. | Ben Laurie | 2013-01-28 | 5 | -57/+67 |
| | | | | | This change updates the DTLS code to match the constant-time CBC behaviour in the TLS. | ||||
* | Don't crash when processing a zero-length, TLS >= 1.1 record. | Ben Laurie | 2013-01-28 | 5 | -7/+24 |
| | | | | | | | The previous CBC patch was bugged in that there was a path through enc() in s3_pkt.c/d1_pkt.c which didn't set orig_len. orig_len would be left at the previous value which could suggest that the packet was a sufficient length when it wasn't. | ||||
* | Make CBC decoding constant time. | Ben Laurie | 2013-01-28 | 9 | -197/+214 |
| | | | | | | | | | | | | | This patch makes the decoding of SSLv3 and TLS CBC records constant time. Without this, a timing side-channel can be used to build a padding oracle and mount Vaudenay's attack. This patch also disables the stitched AESNI+SHA mode pending a similar fix to that code. In order to be easy to backport, this change is implemented in ssl/, rather than as a generic AEAD mode. In the future this should be changed around so that HMAC isn't in ssl/, but crypto/ as FIPS expects. |