openbsd/src/lib/libssl, branch libressl-v2.3.1 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v2.3.1 2015-10-25T16:07:04+00:00 Sort the obsolete flags. 2015-10-25T16:07:04+00:00 doug 2015-10-25T16:07:04+00:00 urn:sha1:fa8b89b99dd0b9e5ae639623c7a1078d667bf0ce Mark SSL_OP_NO_{COMPRESSION,SSLv2,SSLv3} as obsolete. 2015-10-25T15:58:57+00:00 doug 2015-10-25T15:58:57+00:00 urn:sha1:d256da11a93b993f54bb8954ac8809c42d8374bf For backward compatibility, the flags are redefined as 0. ok jsing@ Remove last vestige of SSL_OP_NO_SSLv3 support. 2015-10-25T15:52:49+00:00 doug 2015-10-25T15:52:49+00:00 urn:sha1:3f1b7952aea47c899837e322b46789df0cef2709 No part of LibreSSL checks for this flag any longer. ok jsing@ Simplify ssl23_get_client_hello error handling. 2015-10-25T15:49:04+00:00 doug 2015-10-25T15:49:04+00:00 urn:sha1:1b22d2c5e4e56c3e39d49b552bf6edb38fe2e738 ssl23_get_client_hello sets type=1 on error and continues processing. It should return an error immediately to simplify things. This also allows us to start removing the last of SSL_OP_NO_SSL*. Added extra paranoia for s->version to make sure it is set properly. ok jsing@ Another change that is needed to restore the previous behaviour of 2015-10-22T15:38:05+00:00 jsing 2015-10-22T15:38:05+00:00 urn:sha1:58745053fad850f0ca2930bb12a0fc6facaa4250 ASN1_{GENERALIZED,UTC}TIME_set_string(), which allows it to be called with a NULL pointer. ok beck@ Restore previous behaviour and allow 2015-10-22T15:03:19+00:00 jsing 2015-10-22T15:03:19+00:00 urn:sha1:2e1d9bc20c9a09e727775598ba9e62f1a4468c86 ASN1_{GENERALIZED,UTC,}TIME_set_string() to be called with a NULL pointer. Found the hard way by @kinichiro on github. ok beck@ Reject too small bits value in BN_generate_prime_ex(), so that it does not risk 2015-10-21T19:02:22+00:00 miod 2015-10-21T19:02:22+00:00 urn:sha1:169b1d04ba02c0b6ed76ddbfa052ef2c50e38d9e becoming negative in probable_prime_dh_safe(). Reported by Franck Denis who noticed `openssl gendh 0' would segfault. Fix adapted from OpenSSL RT#2701. ok beck@ jsing@ In the case where len is not a multiple of sizeof(RC4_CHUNK) the RC4 code 2015-10-21T16:36:50+00:00 jsing 2015-10-21T16:36:50+00:00 urn:sha1:5bfa54bf57c9fe322705272ef6828f70c873d9de will end up doing a read and write of up to 7 bytes beyond the specified length. This is effectively a non-issue since we read and write back the same data and due to alignment it is within a page boundary. Regardless, avoid this by removing the "special" handling for the remaining length and allow the standard (non-chunk) code to process the remaining bytes, which does not result in overrun. Reported by Pascal Cuoq <cuoq at trust-in-soft.com> - thanks! ok beck@ miod@ Lob a style(9) grenade in here. 2015-10-20T15:50:13+00:00 jsing 2015-10-20T15:50:13+00:00 urn:sha1:620677b2340697a41ad69a37d94dd1ad52b47455 free rbio before wbio 2015-10-19T17:59:39+00:00 beck 2015-10-19T17:59:39+00:00 urn:sha1:6c2478c297314f103957d5e960715bc9458fff3f ok jsing@