zzy/openssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
openssl/crypto
History
Matt Caswell e4142ec43b Ensure that EXFLAG_INVALID_POLICY is checked even in leaf certs 
Even though we check the leaf cert to confirm it is valid, we
later ignored the invalid flag and did not notice that the leaf
cert was bad.

Fixes: CVE-2023-0465

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20585)
2023-03-28 13:31:38 +02:00
..
aes
Fix copyright disclaimer.
2023-03-16 10:17:58 +01:00
aria
Change loops conditions to make zero loop risk more obvious.
2022-05-24 14:11:20 +10:00
asn1
Improve the performance of d2i_AutoPrivateKey and friends
2023-03-15 08:39:25 +11:00
async
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
bf
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
bio
bss_dgram.c: Use BIO_ADDR_sockaddr() and BIO_ADDR_sockaddr_size()
2023-03-07 15:24:54 +01:00
bn
rsaz-*k-avx512.pl: fix wrong name of avx512 flag variable
2023-03-17 11:25:29 +01:00
buffer
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
camellia
Rename x86-32 assembly files from .s to .S.
2022-05-24 13:16:06 +10:00
cast
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
chacha
Do not build P10-specific AES-GCM assembler on macOS
2023-03-22 14:26:26 +01:00
cmac
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
cmp
CMP add: fix -reqin option, which requires adding OSSL_CMP_MSG_update_recipNonce()
2023-03-25 09:55:26 +01:00
cms
Fix size_t/int mismatch in cms_ec.c and rsa_sig.c
2023-03-15 08:24:42 +11:00
comp
Add zlib oneshot compression
2022-11-07 11:23:13 +01:00
conf
stack: Do not add error if pop/shift/value accesses outside of the stack
2022-10-21 18:02:35 +02:00
crmf
Compensate for CMP-related TODOs removed by PR #15539
2022-12-07 21:57:36 +01:00
ct
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
des
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
dh
S390x: Support ME and CRT offloading
2023-02-08 16:53:12 +01:00
dsa
Coverity 1521557: Error handling issues
2023-03-03 10:10:22 +11:00
dso
crypto/dso/dso_vms.c: Better definition of DSO_MALLOC()
2022-10-28 12:11:30 +02:00
ec
Fix potential infinite loops in ECDSA signing.
2023-03-01 09:20:49 +11:00
encode_decode
Coverity 1515953: negative loop bound
2022-10-14 12:53:02 +11:00
engine
crypto: Fix various typos, repeated words, align some spelling to LDP.
2022-10-12 16:55:01 +11:00
err
Provide better errors for some QUIC failures
2023-03-20 09:35:38 +11:00
ess
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
evp
EVP_PKEY_CTX_dup segmentation fault fix
2023-03-27 12:53:25 +02:00
ffc
Fix FFC mdprop setting bugs.
2023-03-01 09:36:49 +11:00
hmac
Adapt other parts of the source to the changed EVP_Q_digest() and EVP_Q_mac()
2021-06-23 23:00:36 +02:00
hpke
prevent HPKE sender setting seq unwisely
2022-12-08 10:59:03 +01:00
http
Fixes #20278: Fixed double free bug in crypto/http/http_client.c
2023-02-23 20:07:35 +11:00
idea
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
kdf
lhash
Change all references to OpenSSL 3.1 to OpenSSL 3.2 in the master branch
2022-10-07 10:05:50 +02:00
md2
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
md4
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
md5
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
mdc2
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
modes
Do not build P10-specific AES-GCM assembler on macOS
2023-03-22 14:26:26 +01:00
objects
OBJ_nid2obj(): Return UNDEF object instead of NULL for NID_undef
2023-03-23 15:33:47 +01:00
ocsp
Fix incomplete check on X509V3_add1_i2d()
2023-01-31 11:05:51 +11:00
pem
Avoid dangling ptrs in header and data params for PEM_read_bio_ex
2023-02-07 17:05:10 +01:00
perlasm
riscv: GCM: Simplify GCM calculation
2023-03-16 13:12:19 +11:00
pkcs7
Support signedAndEnveloped content in PKCS7_decrypt()
2023-02-07 17:05:10 +01:00
pkcs12
Fix PKCS12_newpass() to work with PBES2.
2023-03-15 08:49:03 +11:00
poly1305
Generate the preprocessed .s files for chacha and poly 1305 on ia64
2022-05-27 08:10:49 +02:00
property
Only call OPENSSL_init_crypto on fetch if using the default libctx
2023-02-22 10:03:14 +11:00
rand
Release the drbg in the global default context before engines
2022-11-02 11:01:20 +01:00
rc2
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
rc4
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
rc5
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
ripemd
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
rsa
Remove ossl_rsa_pss_params_30_set_maskgenalg().
2023-03-01 20:04:10 +11:00
seed
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
sha
crypto/sha/asm/sha512-ia64.pl: When checking assembler file names, ignore case
2022-11-04 10:37:13 +01:00
siphash
crypto/*: Fix various typos, repeated words, align some spelling to LDP.
2022-10-12 16:55:01 +11:00
sm2
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
sm3
Add ROTATE inline asm support for SM3
2022-06-22 12:46:50 +02:00
sm4
Fix SM4-XTS build failure on Mac mini M1
2023-02-06 12:36:07 +01:00
srp
add a check for the return of sk_SRP_gN_new_null() so that capture the potential memory error in time
2022-10-20 19:04:44 +11:00
stack
Errors raised from OPENSSL_sk_set should have ERR_LIB_CRYPTO
2022-10-21 18:02:35 +02:00
store
crypto/*: Fix various typos, repeated words, align some spelling to LDP.
2022-10-12 16:55:01 +11:00
thread
thread: remove remnants of ossl_crypto_mem_barrier
2023-03-21 19:04:23 +11:00
ts
crypto/*: Fix various typos, repeated words, align some spelling to LDP.
2022-10-12 16:55:01 +11:00
txt_db
txt_db: fix -Wunused-but-set-variable
2022-10-21 15:56:32 +02:00
ui
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
whrlpool
Avoid duplicating symbols in legacy.a with some build options
2023-01-31 11:10:22 +11:00
x509
Ensure that EXFLAG_INVALID_POLICY is checked even in leaf certs
2023-03-28 13:31:38 +02:00
alphacpuid.pl
arm64cpuid.pl
Update copyright year
2022-05-03 13:34:51 +01:00
arm_arch.h
Apply aes-gcm unroll8+eor3 optimization patch to Neoverse V2
2023-02-08 16:54:57 +01:00
armcap.c
Avoid duplication of OPENSSL_armcap_P on 32bit ARM
2023-03-27 10:43:45 +02:00
armv4cpuid.pl
asn1_dsa.c
Update copyright year
2021-04-08 13:04:41 +01:00
bsearch.c
build.info
Use of sparse_array.c only in the shared libssl
2023-02-14 16:01:19 +01:00
c64xpluscpuid.pl
context.c
Add functions supporting thread pool only when it is enabled
2022-11-22 17:08:23 +01:00
core_algorithm.c
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
core_fetch.c
"Reserve" the method store when constructing methods
2022-07-20 07:28:17 +01:00
core_namemap.c
Add deprecation macro for 3.1 and deprecate OPENSSL_LH_stats
2022-06-22 09:36:14 +02:00
cpt_err.c
err: add additional errors
2022-01-12 20:10:21 +11:00
cpuid.c
Update copyright year
2022-05-03 13:34:51 +01:00
cryptlib.c
Update copyright year
2022-05-03 13:34:51 +01:00
ctype.c
Fixed typos in documentation and comments
2023-01-04 12:53:05 +01:00
cversion.c
der_writer.c
der_writer: Use uint32_t instead of long.
2022-06-27 10:58:40 +02:00
deterministic_nonce.c
Address coverity issue CID 1517105
2022-12-16 18:57:42 +01:00
dllmain.c
Update copyright year
2022-05-03 13:34:51 +01:00
ebcdic.c
ex_data.c
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
getenv.c
Update copyright year
2022-05-03 13:34:51 +01:00
ia64cpuid.S
info.c
info.c: Fix typos in seed macro name and description string
2023-01-10 12:15:42 +01:00
init.c
Add ZSTD compression support (RFC8478bis)
2022-10-18 09:30:21 -04:00
initthread.c
Update copyright year
2022-05-03 13:34:51 +01:00
loongarch64cpuid.pl
Add LoongArch64 cpuid and OPENSSL_loongarchcap_P
2022-10-12 18:02:12 +11:00
loongarch_arch.h
Add LoongArch64 cpuid and OPENSSL_loongarchcap_P
2022-10-12 18:02:12 +11:00
loongarchcap.c
Add LoongArch64 cpuid and OPENSSL_loongarchcap_P
2022-10-12 18:02:12 +11:00
LPdir_nyi.c
LPdir_unix.c
Update copyright year
2022-05-03 13:34:51 +01:00
LPdir_vms.c
LPdir_win32.c
LPdir_win.c
LPdir_wince.c
mem_clr.c
mem_sec.c
Do not check definition of a macro and use it in a single condition
2023-01-12 10:46:52 +01:00
mem.c
ERR: Make CRYPTO_malloc() and friends report ERR_R_MALLOC_FAILURE
2022-08-27 09:40:09 +02:00
mips_arch.h
o_dir.c
Update copyright year
2022-05-03 13:34:51 +01:00
o_fopen.c
crypto: Fix various typos, repeated words, align some spelling to LDP.
2022-10-12 16:55:01 +11:00
o_init.c
Update copyright year
2022-05-03 13:34:51 +01:00
o_str.c
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
o_time.c
Update copyright year
2021-03-11 13:27:36 +00:00
packet.c
Rationalize FIPS sources
2023-02-08 16:20:55 +01:00
param_build_set.c
Update copyright year
2022-05-03 13:34:51 +01:00
param_build.c
OSSL_PARAM_BLD and BIGNUM; ensure at least one byte is allocated
2023-01-11 23:38:13 +01:00
params_dup.c
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
params_from_text.c
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
params.c
In OSSL_PARAM_set_BN(), make sure that the data_size field is at least 1
2023-01-11 23:38:13 +01:00
pariscid.pl
passphrase.c
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
ppccap.c
Update copyright year
2022-05-03 13:34:51 +01:00
ppccpuid.pl
Update copyright year
2022-05-03 13:34:51 +01:00
provider_child.c
Fix a potential memory leak in crypto/provider_child.c
2023-02-01 08:20:08 +11:00
provider_conf.c
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
provider_core.c
Implement OSSL_PROVIDER_get0_default_search_path, add docs and tests.
2022-12-06 18:24:06 +01:00
provider_local.h
make struct provider_info_st a full type
2021-06-24 14:48:15 +01:00
provider_predefined.c
make struct provider_info_st a full type
2021-06-24 14:48:15 +01:00
provider.c
Stop raising ERR_R_MALLOC_FAILURE in most places
2022-10-05 14:02:03 +02:00
punycode.c
Add more punycode tests and remove ossl_a2ucompare()
2023-02-08 16:17:37 +01:00
quic_vlint.c
QUIC: Enable building with QUIC support disabled
2023-01-13 13:20:16 +00:00
README-sparse_array.md
riscv32cpuid.pl
Add RISC-V 32 cpuid support
2022-09-05 10:20:30 +10:00
riscv64cpuid.pl
Add basic RISC-V cpuid and OPENSSL_riscvcap
2022-05-19 16:32:49 +10:00
riscvcap.c
Add basic RISC-V cpuid and OPENSSL_riscvcap
2022-05-19 16:32:49 +10:00
s390x_arch.h
S390X: Accelerate keccak XOF
2023-03-07 18:21:51 +01:00
s390xcap.c
S390x: Support ME and CRT offloading
2023-02-08 16:53:12 +01:00
s390xcpuid.pl
self_test_core.c
Update copyright year
2022-05-03 13:34:51 +01:00
sleep.c
sleep.c: Limit the sleep time instead of sleeping for days or even years
2023-03-18 19:04:58 +01:00
sparccpuid.S
sparcv9cap.c
Split bignum code out of the sparcv9cap.c
2021-07-15 09:33:04 +02:00
sparse_array.c
Coverity 1507376: Dereference after null check
2022-07-22 14:42:13 +02:00
threads_lib.c
Define threads_lib.c functions only for OPENSSL_SYS_UNIX
2022-11-14 07:47:53 +00:00
threads_none.c
CRYPTO_THREAD_lock_new(): Avoid infinite recursion on allocation error
2022-10-05 10:20:10 +11:00
threads_pthread.c
CRYPTO_THREAD_lock_new(): Avoid infinite recursion on allocation error
2022-10-05 10:20:10 +11:00
threads_win.c
VC++ 2010 x86 compilers do not have InterlockedOr64
2023-03-22 14:45:29 +01:00
time.c
time: move OSSL_TIME to libcrypto
2022-09-13 21:13:22 +10:00
trace.c
add OSSL_TRACE_STRING(), OSSL_TRACE_STRING_MAX, and OSSL_trace_string()
2023-01-26 09:16:51 +01:00
uid.c
Openssl fails to compile on Debian with kfreebsd kernels
2021-09-02 10:02:32 +10:00
vms_rms.h
x86_64cpuid.pl
Update copyright year
2021-04-08 13:04:41 +01:00
x86cpuid.pl