提交 · 348be7ec60f7cce7503ba759a1a5a7591a648f1f · OpenHarmony / Third Party Openssl

28 9月, 2006 3 次提交

M
Fix ASN.1 parsing of certain invalid structures that can result · 348be7ec
由 Mark J. Cox 提交于 9月 28, 2006
```
in a denial of service.  (CVE-2006-2937)  [Steve Henson]
```
348be7ec

Fix buffer overflow in SSL_get_shared_ciphers() function. · 3ff55e96

由 Mark J. Cox 提交于 9月 28, 2006

(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
 malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]

3ff55e96

Fixes for the following claims: · cbb92dfa

由 Richard Levitte 提交于 9月 28, 2006

  1) Certificate Message with no certs

  OpenSSL implementation sends the Certificate message during SSL
  handshake, however as per the specification, these have been omitted.

  -- RFC 2712 --
     CertificateRequest, and the ServerKeyExchange shown in Figure 1
     will be omitted since authentication and the establishment of a
     master secret will be done using the client's Kerberos credentials
     for the TLS server.  The client's certificate will be omitted for
     the same reason.
  -- RFC 2712 --

  3) Pre-master secret Protocol version

  The pre-master secret generated by OpenSSL does not have the correct
  client version.

  RFC 2712 says, if the Kerberos option is selected, the pre-master
  secret structure is the same as that used in the RSA case.

  TLS specification defines pre-master secret as:
         struct {
             ProtocolVersion client_version;
             opaque random[46];
         } PreMasterSecret;

  where client_version is the latest protocol version supported by the
  client

  The pre-master secret generated by OpenSSL does not have the correct
  client version. The implementation does not update the first 2 bytes
  of random secret for Kerberos Cipher suites. At the server-end, the
  client version from the pre-master secret is not validated.

PR: 1336

cbb92dfa

26 9月, 2006 1 次提交
- D
  
  Initialize new callbacks and make sure hent is always initialized. · 019bfef8
  由 Dr. Stephen Henson 提交于 9月 26, 2006
  
  019bfef8
25 9月, 2006 1 次提交
- R
  
  Complete the change for VMS. · 0709249f
  由 Richard Levitte 提交于 9月 25, 2006
  
  0709249f
24 9月, 2006 1 次提交
- D
  Submitted by: Brad Spencer <spencer@jacknife.org> · 89c9c667
  由 Dr. Stephen Henson 提交于 9月 23, 2006
```
Reviewed by: steve
```
  89c9c667
23 9月, 2006 2 次提交
- D
  Buffer size handling fix for enc. · 347ed3b9
  由 Dr. Stephen Henson 提交于 9月 22, 2006
```
PR:1374
```
  347ed3b9
- D
  Using correct lock for X509_REQ. · 5b73c360
  由 Dr. Stephen Henson 提交于 9月 22, 2006
```
PR:1348
```
  5b73c360
22 9月, 2006 2 次提交
- D
  
  Update length if copying MSB set in asn1_string_canon(). · eebeb52b
  由 Dr. Stephen Henson 提交于 9月 22, 2006
  
  eebeb52b
- D
  
  Updated file. · 6ec6cfc7
  由 Dr. Stephen Henson 提交于 9月 21, 2006
  
  6ec6cfc7
21 9月, 2006 6 次提交
- D
  
  Add missing prototype. Fix various warnings (C++ comments, ; outside function). · 44181ea8
  由 Dr. Stephen Henson 提交于 9月 21, 2006
  
  44181ea8
- D
  Make int_rsa_sign function match prototype. · c80c7bf9
  由 Dr. Stephen Henson 提交于 9月 21, 2006
```
PR: 1383
```
  c80c7bf9
- D
  
  Compile in gost engine. · ffa5ebf3
  由 Dr. Stephen Henson 提交于 9月 21, 2006
  
  ffa5ebf3
- D
  
  Updated version of gost engine. · 926c41bd
  由 Dr. Stephen Henson 提交于 9月 21, 2006
  
  926c41bd
- D
  
  Do CRL method init after other operations. · 1182301c
  由 Dr. Stephen Henson 提交于 9月 21, 2006
  
  1182301c
- D
  Tidy up CRL handling by checking for critical extensions when it is · 010fa0b3
  由 Dr. Stephen Henson 提交于 9月 21, 2006
```
loaded. Add new function X509_CRL_get0_by_serial() to lookup a revoked
entry to avoid the need to access the structure directly.

Add new X509_CRL_METHOD to allow common CRL operations (verify, lookup) to be
redirected.
```
  010fa0b3
19 9月, 2006 5 次提交
- A
  Build error on non-unix. · 4ca7d975
  由 Andy Polyakov 提交于 9月 18, 2006
```
PR: 1390
```
  4ca7d975
- A
  Race condition in ms/uplink.c. · b7741110
  由 Andy Polyakov 提交于 9月 18, 2006
```
PR: 1382
```
  b7741110
- A
  
  As x86ms.pl is out, remove do_masm.bat and mention to it in INSTALL.W32. · 78260d89
  由 Andy Polyakov 提交于 9月 18, 2006
  
  78260d89
- A
  
  Remove x86ms.pl and reimplement x86*.pl. · 4b67fefe
  由 Andy Polyakov 提交于 9月 18, 2006
  
  4b67fefe
- A
  
  Improve 386 portability of aes-586.pl. · 3a8012cb
  由 Andy Polyakov 提交于 9月 18, 2006
  
  3a8012cb
18 9月, 2006 2 次提交
- B
  Ensure that the addition mods[i]+delta cannot overflow in probable_prime(). · a53cdc5b
  由 Bodo Möller 提交于 9月 18, 2006
```
[Problem pointed out by Adam Young <adamy (at) acm.org>]
```
  a53cdc5b
- D
  
  Overhaul of by_dir code to handle dynamic loading of CRLs. · 5d20c4fb
  由 Dr. Stephen Henson 提交于 9月 17, 2006
  
  5d20c4fb
17 9月, 2006 1 次提交
- D
  GOST public key algorithm ENGINE donated to the OpenSSL by Cryptocom. · a04549cc
  由 Dr. Stephen Henson 提交于 9月 17, 2006
```
Very early version, doesn't do much yet, not even added to the build system.
```
  a04549cc
15 9月, 2006 1 次提交
- D
  Support for AKID in CRLs and partial support for IDP. Overhaul of CRL · bc7535bc
  由 Dr. Stephen Henson 提交于 9月 14, 2006
```
handling to support this.
```
  bc7535bc
13 9月, 2006 1 次提交
- D
  
  Update docs. · 83357f04
  由 Dr. Stephen Henson 提交于 9月 13, 2006
  
  83357f04
12 9月, 2006 1 次提交
- B
  
  Update · b6699c3f
  由 Bodo Möller 提交于 9月 12, 2006
  
  b6699c3f
11 9月, 2006 2 次提交
- D
  Fixes for new CRL/cert callbacks. Update CRL processing code to use new · 016bc5ce
  由 Dr. Stephen Henson 提交于 9月 11, 2006
```
callbacks.
```
  016bc5ce
- B
  ensure that ciphersuite strings such as "RC4-MD5" match the SSL 2.0 · ed65f7dc
  由 Bodo Möller 提交于 9月 11, 2006
```
ciphersuite as well
```
  ed65f7dc
10 9月, 2006 1 次提交
- D
  Add verify callback functions to lookup a STACK of matching certs or CRLs · 4d50a2b4
  由 Dr. Stephen Henson 提交于 9月 10, 2006
```
based on subject name.

New thread safe functions to retrieve matching STACK from X509_STORE.

Cache some IDP components.
```
  4d50a2b4
08 9月, 2006 1 次提交
- B
  Make sure the int_rsa_verify() prototype matches the implementation · 7f430166
  由 Bodo Möller 提交于 9月 08, 2006
```
(m_len currently is 'unsigned int', not 'size_t')

Submitted by: Gisle Vanem
```
  7f430166
06 9月, 2006 6 次提交
- D
  
  Additional detail. · 29a1bb07
  由 Dr. Stephen Henson 提交于 9月 06, 2006
  
  29a1bb07
- B
  
  update information on "current version" ... · 99e9a900
  由 Bodo Möller 提交于 9月 06, 2006
  
  99e9a900
- D
  
  Add an FAQ. · 715020e3
  由 Dr. Stephen Henson 提交于 9月 06, 2006
  
  715020e3
- B
  Remove non-functional part of recent patch, after discussion with · 29528860
  由 Bodo Möller 提交于 9月 06, 2006
```
Colin Percival (this would have caused more problems than solved,
and isn't really necessary anyway)
```
  29528860
- B
  
  Make consistent with 0.9.8-branch version of this file · 613e7d2a
  由 Bodo Möller 提交于 9月 06, 2006
  
  613e7d2a
- B
  
  Every change so far that is in the 0.9.8 branch is (or should be) in HEAD · 6a2c4710
  由 Bodo Möller 提交于 9月 06, 2006
  
  6a2c4710
05 9月, 2006 1 次提交
- M
  Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher · b79aa05e
  由 Mark J. Cox 提交于 9月 05, 2006
```
(CVE-2006-4339)

Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
```
  b79aa05e
01 9月, 2006 2 次提交
- A
  
  Rewrite sha1-586.pl. · 500b5a18
  由 Andy Polyakov 提交于 8月 31, 2006
  
  500b5a18
- A
  
  Fix bug in aes-586.pl. · 2b8a5406
  由 Andy Polyakov 提交于 8月 31, 2006
  
  2b8a5406

OpenHarmony / Third Party Openssl 10 个月 前同步成功

OpenHarmony / Third Party Openssl
10 个月前同步成功