| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| |
|
|
|
|
| |
and reference gethostby*(3) and /etc/hosts instead.
Say that setnetent(3), getnetent(3), and endnetent(3) now do nothing.
With feedback from guenther and significant help from deraadt@.
|
| |
|
|
|
|
| |
While here, stop implying plans to support additional address
families in the future, and do not call gethostbyname2(3) "advanced".
OK deraadt@ guenther@
|
| |
|
|
|
|
| |
getnetent(3), and endnetent(3) do nothing, just like sethostent(3),
gethostent(3), and endhostent(3) years ago.
OK deraadt@ guenther@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
of OpenSSL commit c0caa945f6ef30363e0d01d75155f20248403df4 to our
version of this function.
ok beck, jsing
Original commit message:
commit c0caa945f6ef30363e0d01d75155f20248403df4
Author: Pauli <paul.dale@oracle.com>
Date: Wed Nov 1 06:58:13 2017 +1000
Address a timing side channel whereby it is possible to determine some
information about the length of the scalar used in DSA operations from
a large number (2^32) of signatures.
This doesn't rate as a CVE because:
* For the non-constant time code, there are easier ways to extract
more information.
* For the constant time code, it requires a significant number of signatures
to leak a small amount of information.
Thanks to Neals Fournaise, Eliane Jaulmes and Jean-Rene Reinhard for
reporting this issue.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4576)]
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
this is OpennSSL commit 4a089bbdf11f9e231cc68f42bba934c954d81a49.
ok beck, jsing
Original commit message:
commit 4a089bbdf11f9e231cc68f42bba934c954d81a49
Author: Pauli <paul.dale@oracle.com>
Date: Wed Nov 1 06:58:39 2017 +1000
Address a timing side channel whereby it is possible to determine some
information about the length of the scalar used in ECDSA operations
from a large number (2^32) of signatures.
This doesn't rate as a CVE because:
* For the non-constant time code, there are easier ways to extract
more information.
* For the constant time code, it requires a significant number of signatures
to leak a small amount of information.
Thanks to Neals Fournaise, Eliane Jaulmes and Jean-Rene Reinhard for
reporting this issue.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4576)]
|
| | |
|
| |
|
|
|
| |
to some parameters of some functions. Update the documentation.
Add a few additional missing const qualifiers while here.
|
| |
|
|
| |
show the public data type name "LHASH_OF(SSL_SESSION)" instead.
|
| |
|
|
|
| |
and avoid the internal, undocumented names "struct ssl_st *"
and "struct ssl_ctx_st *".
|
| |
|
|
|
| |
to some parameters and return values of some functions.
Update the documentation.
|
| | |
|
| |
|
|
|
|
|
| |
BIO_f_asn1() will be taken care of later.
Tested in a bulk by sthen
ok bcook jca jsing
|
| |
|
|
| |
previous commit.
|
| |
|
|
|
|
|
|
| |
our libssl functions match theirs wrt const, except for BIO_f_ssl(3)
which will be fixed in a later step.
this went through a i386 bulk by sthen
ok jsing
|
| |
|
|
|
|
| |
grepability.
Req. by jsing
|
| | |
|
| |
|
|
| |
ok bcook
|
| |
|
|
|
| |
While here, include a patch from tb@
adding the missing return type to ENGINE_ctrl() in the SYNOPSIS.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
* Correct documentation of DH_new(3), DH_free(3), DSA_new(3), DSA_free(3),
RSA_new(3), and RSA_free(3) with respect to reference counting.
* Stop referencing engine(3).
|
| |
|
|
|
|
|
| |
and more concise.
* Correct the description of the return values of DH_set_method(3)
and DSA_set_method(3).
* Stop referencing engine(3).
|
| |
|
|
|
|
|
|
|
|
| |
* Add three missing const qualifiers to function prototypes.
* Correct the argument type of RSA_new_method(3).
* Remove duplicate decsription of RSA_flags(3) and RSA_new_method(3).
* Make the description of method selection simpler, more precise,
and more concise.
* Correct description of the return value of RSA_set_method(3).
* Stop referencing engine(3).
|
| | |
|
| |
|
|
|
|
| |
covering the remaining functions that were documented in engine(3),
except for seven functions that are completely pointless and that
were merely listed but not really documented.
|
| |
|
|
|
| |
covering 60% of the documented functions). The old, abominable
engine(3) manual page shall die soon.
|
| |
|
|
|
|
| |
to accept a NULL argument. Document that.
While here, make the related sentences more precise and less verbose.
Tweaks and OK tb@.
|
| |
|
|
|
|
| |
simplifies the caller side.
tested by & ok inoguchi; discussed with schwarze
|
| |
|
|
|
|
|
|
|
|
|
| |
OpenSSL commit 7c96dbcdab9 by Rich Salz.
This cleans up the caller side quite a bit and reduces the number of
lines enclosed in #ifndef OPENSSL_NO_ENGINE. codesearch.debian.net
shows that almost nothing checks the return value of ENGINE_finish().
While there, replace a few nearby 'if (!ptr)' with 'if (ptr == NULL)'.
ok jsing, tested by & ok inoguchi
|
| |
|
|
|
| |
SSL_OP_TLS_ROLLBACK_BUG to no longer have any effect.
Update the manual page.
|
| |
|
|
|
|
|
| |
around the SSLv3/TLSv1.0 period... and buggy clients are buggy. This also
helps to clean up the RSA key exchange code.
ok "kill it with fire" beck@ tb@
|
| |
|
|
| |
collecting the information by inspecting the source code.
|
| |
|
|
|
| |
this to be "overridden" by the user supplied callback.
ok jsing@
|
| |
|
|
|
| |
triggered by OpenSSL commit a73d990e Feb 27 19:02:24 2018 +0100,
but with different content
|
| | |
|
| |
|
|
|
| |
suppresses any future config file loading.
ok schwarze@ with a nit from jsing@
|
| |
|
|
|
|
|
| |
Now that everything goes through the same code path, we can remove a layer
of indirection and just call ssl3_{read,write,peek} directly.
ok beck@ inoguchi@
|
| |
|
|
|
|
|
| |
These flags enabled experimental behaviour in the write path, which nothing
uses. Removing this code greatly simplifies ssl3_write().
ok beck@ inoguchi@ sthen@ tb@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Previously this incorrectly called tls_keypair_clear(), which results in
the private key being cleared, along with the certificate, OCSP staple and
pubkey hash. This breaks OCSP stapling if tls_config_clear_keys() is called
following tls_configure(), as is done by httpd.
Fix this by calling tls_keypair_clear_key() so that only the private key is
cleared, leaving the other public data untouched. While here, remove
tls_keypair_clear() and fold the necessary parts into tls_keypair_free().
ok beck@
|
| |
|
|
|
|
| |
being loaded behind our back, at a later point.
ok beck@
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
it may be something else. For primitive types it is possible that
a boolean int has been casted to an ASN1_VALUE pointer. Then the
64 bit read access to *pval may crash due to alignent or 32 bit
size.
bug report Anton Borowka; OK tedu@ jsing@ miod@
|
| |
|
|
|
|
|
| |
Found and fixed by Bernd Edlinger as part of OpenSSL commit
83b4049ab75e9da1815e9c854a9297bca3d4af6b
ok jsing, deraadt, bcook
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Tighten up checks for various X509_VERIFY_PARAM functions, and
allow for the verify param to be poisoned (preculding future
successful cert validation) if the setting of host, ip, or email
for certificate validation fails. (since many callers do not
check the return code in the wild and blunder along anyway)
Inspired by some discussions with Adam Langley.
ok jsing@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(1) Evaluate the "set" argument, which says whether to create a new
RDN or to prepend or append to an existing one, before reusing it
for a different purpose, i.e. for the "set" field of the new
X509_NAME_ENTRY structure.
(2) When incrementing of some "set" fields is needed, increment the
correct ones: All those to the right of the newly inserted entry,
but not the one of that entry itself.
These two bugs caused wrong results whenever using loc != -1,
i.e. whenever inserting rather than appending entries, even when
using set == 0 only, that is, even when using single-values RDNs only.
Both bugs have been continuously present since at least SSLeay-0.8.1
(released July 18, 1997) and the second one since at least SSLeay-0.8.0
(released June 25, 1997), so both are over twenty years old.
I found these bugs by code inspection while trying to document the
function X509_NAME_ENTRY_set(3), which is public, but undocumented
in OpenSSL.
OK beck@, jsing@
|
| | |
|
