mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-03-01 19:28:10 +08:00
Code Issues Packages Projects Releases Wiki Activity
e4142ec43b
openssl/crypto
History
Matt Caswell e4142ec43b Ensure that EXFLAG_INVALID_POLICY is checked even in leaf certs 
Even though we check the leaf cert to confirm it is valid, we
later ignored the invalid flag and did not notice that the leaf
cert was bad.

Fixes: CVE-2023-0465

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20585)
2023-03-28 13:31:38 +02:00
..
aes Fix copyright disclaimer. 2023-03-16 10:17:58 +01:00
aria
asn1 Improve the performance of d2i_AutoPrivateKey and friends 2023-03-15 08:39:25 +11:00
async Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
bf Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
bio bss_dgram.c: Use BIO_ADDR_sockaddr() and BIO_ADDR_sockaddr_size() 2023-03-07 15:24:54 +01:00
bn rsaz-*k-avx512.pl: fix wrong name of avx512 flag variable 2023-03-17 11:25:29 +01:00
buffer Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
camellia
cast Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
chacha Do not build P10-specific AES-GCM assembler on macOS 2023-03-22 14:26:26 +01:00
cmac Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
cmp CMP add: fix -reqin option, which requires adding OSSL_CMP_MSG_update_recipNonce() 2023-03-25 09:55:26 +01:00
cms Fix size_t/int mismatch in cms_ec.c and rsa_sig.c 2023-03-15 08:24:42 +11:00
comp Add zlib oneshot compression 2022-11-07 11:23:13 +01:00
conf stack: Do not add error if pop/shift/value accesses outside of the stack 2022-10-21 18:02:35 +02:00
crmf Compensate for CMP-related TODOs removed by PR #15539 2022-12-07 21:57:36 +01:00
ct Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
des Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
dh S390x: Support ME and CRT offloading 2023-02-08 16:53:12 +01:00
dsa Coverity 1521557: Error handling issues 2023-03-03 10:10:22 +11:00
dso crypto/dso/dso_vms.c: Better definition of DSO_MALLOC() 2022-10-28 12:11:30 +02:00
ec Fix potential infinite loops in ECDSA signing. 2023-03-01 09:20:49 +11:00
encode_decode Coverity 1515953: negative loop bound 2022-10-14 12:53:02 +11:00
engine crypto: Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:01 +11:00
err Provide better errors for some QUIC failures 2023-03-20 09:35:38 +11:00
ess Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
evp EVP_PKEY_CTX_dup segmentation fault fix 2023-03-27 12:53:25 +02:00
ffc Fix FFC mdprop setting bugs. 2023-03-01 09:36:49 +11:00
hmac
hpke prevent HPKE sender setting seq unwisely 2022-12-08 10:59:03 +01:00
http Fixes #20278: Fixed double free bug in crypto/http/http_client.c 2023-02-23 20:07:35 +11:00
idea Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
kdf
lhash Change all references to OpenSSL 3.1 to OpenSSL 3.2 in the master branch 2022-10-07 10:05:50 +02:00
md2 Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
md4 Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
md5 Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
mdc2 Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
modes Do not build P10-specific AES-GCM assembler on macOS 2023-03-22 14:26:26 +01:00
objects OBJ_nid2obj(): Return UNDEF object instead of NULL for NID_undef 2023-03-23 15:33:47 +01:00
ocsp Fix incomplete check on X509V3_add1_i2d() 2023-01-31 11:05:51 +11:00
pem Avoid dangling ptrs in header and data params for PEM_read_bio_ex 2023-02-07 17:05:10 +01:00
perlasm riscv: GCM: Simplify GCM calculation 2023-03-16 13:12:19 +11:00
pkcs7 Support signedAndEnveloped content in PKCS7_decrypt() 2023-02-07 17:05:10 +01:00
pkcs12 Fix PKCS12_newpass() to work with PBES2. 2023-03-15 08:49:03 +11:00
poly1305
property Only call OPENSSL_init_crypto on fetch if using the default libctx 2023-02-22 10:03:14 +11:00
rand Release the drbg in the global default context before engines 2022-11-02 11:01:20 +01:00
rc2 Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
rc4 Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
rc5 Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
ripemd Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
rsa Remove ossl_rsa_pss_params_30_set_maskgenalg(). 2023-03-01 20:04:10 +11:00
seed Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
sha crypto/sha/asm/sha512-ia64.pl: When checking assembler file names, ignore case 2022-11-04 10:37:13 +01:00
siphash crypto/*: Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:01 +11:00
sm2 Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
sm3
sm4 Fix SM4-XTS build failure on Mac mini M1 2023-02-06 12:36:07 +01:00
srp add a check for the return of sk_SRP_gN_new_null() so that capture the potential memory error in time 2022-10-20 19:04:44 +11:00
stack Errors raised from OPENSSL_sk_set should have ERR_LIB_CRYPTO 2022-10-21 18:02:35 +02:00
store crypto/*: Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:01 +11:00
thread thread: remove remnants of ossl_crypto_mem_barrier 2023-03-21 19:04:23 +11:00
ts crypto/*: Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:01 +11:00
txt_db txt_db: fix -Wunused-but-set-variable 2022-10-21 15:56:32 +02:00
ui Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
whrlpool Avoid duplicating symbols in legacy.a with some build options 2023-01-31 11:10:22 +11:00
x509 Ensure that EXFLAG_INVALID_POLICY is checked even in leaf certs 2023-03-28 13:31:38 +02:00
alphacpuid.pl
arm64cpuid.pl
arm_arch.h Apply aes-gcm unroll8+eor3 optimization patch to Neoverse V2 2023-02-08 16:54:57 +01:00
armcap.c Avoid duplication of OPENSSL_armcap_P on 32bit ARM 2023-03-27 10:43:45 +02:00
armv4cpuid.pl
asn1_dsa.c
bsearch.c
build.info Use of sparse_array.c only in the shared libssl 2023-02-14 16:01:19 +01:00
c64xpluscpuid.pl
context.c Add functions supporting thread pool only when it is enabled 2022-11-22 17:08:23 +01:00
core_algorithm.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
core_fetch.c
core_namemap.c
cpt_err.c
cpuid.c
cryptlib.c
ctype.c Fixed typos in documentation and comments 2023-01-04 12:53:05 +01:00
cversion.c
der_writer.c
deterministic_nonce.c Address coverity issue CID 1517105 2022-12-16 18:57:42 +01:00
dllmain.c
ebcdic.c
ex_data.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
getenv.c
ia64cpuid.S
info.c info.c: Fix typos in seed macro name and description string 2023-01-10 12:15:42 +01:00
init.c Add ZSTD compression support (RFC8478bis) 2022-10-18 09:30:21 -04:00
initthread.c
loongarch64cpuid.pl Add LoongArch64 cpuid and OPENSSL_loongarchcap_P 2022-10-12 18:02:12 +11:00
loongarch_arch.h Add LoongArch64 cpuid and OPENSSL_loongarchcap_P 2022-10-12 18:02:12 +11:00
loongarchcap.c Add LoongArch64 cpuid and OPENSSL_loongarchcap_P 2022-10-12 18:02:12 +11:00
LPdir_nyi.c
LPdir_unix.c
LPdir_vms.c
LPdir_win32.c
LPdir_win.c
LPdir_wince.c
mem_clr.c
mem_sec.c Do not check definition of a macro and use it in a single condition 2023-01-12 10:46:52 +01:00
mem.c
mips_arch.h
o_dir.c
o_fopen.c crypto: Fix various typos, repeated words, align some spelling to LDP. 2022-10-12 16:55:01 +11:00
o_init.c
o_str.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
o_time.c
packet.c Rationalize FIPS sources 2023-02-08 16:20:55 +01:00
param_build_set.c
param_build.c OSSL_PARAM_BLD and BIGNUM; ensure at least one byte is allocated 2023-01-11 23:38:13 +01:00
params_dup.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
params_from_text.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
params.c In OSSL_PARAM_set_BN(), make sure that the data_size field is at least 1 2023-01-11 23:38:13 +01:00
pariscid.pl
passphrase.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
ppccap.c
ppccpuid.pl
provider_child.c Fix a potential memory leak in crypto/provider_child.c 2023-02-01 08:20:08 +11:00
provider_conf.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
provider_core.c Implement OSSL_PROVIDER_get0_default_search_path, add docs and tests. 2022-12-06 18:24:06 +01:00
provider_local.h
provider_predefined.c
provider.c Stop raising ERR_R_MALLOC_FAILURE in most places 2022-10-05 14:02:03 +02:00
punycode.c Add more punycode tests and remove ossl_a2ucompare() 2023-02-08 16:17:37 +01:00
quic_vlint.c QUIC: Enable building with QUIC support disabled 2023-01-13 13:20:16 +00:00
README-sparse_array.md
riscv32cpuid.pl
riscv64cpuid.pl
riscvcap.c
s390x_arch.h S390X: Accelerate keccak XOF 2023-03-07 18:21:51 +01:00
s390xcap.c S390x: Support ME and CRT offloading 2023-02-08 16:53:12 +01:00
s390xcpuid.pl
self_test_core.c
sleep.c sleep.c: Limit the sleep time instead of sleeping for days or even years 2023-03-18 19:04:58 +01:00
sparccpuid.S
sparcv9cap.c
sparse_array.c
threads_lib.c Define threads_lib.c functions only for OPENSSL_SYS_UNIX 2022-11-14 07:47:53 +00:00
threads_none.c CRYPTO_THREAD_lock_new(): Avoid infinite recursion on allocation error 2022-10-05 10:20:10 +11:00
threads_pthread.c CRYPTO_THREAD_lock_new(): Avoid infinite recursion on allocation error 2022-10-05 10:20:10 +11:00
threads_win.c VC++ 2010 x86 compilers do not have InterlockedOr64 2023-03-22 14:45:29 +01:00
time.c
trace.c add OSSL_TRACE_STRING(), OSSL_TRACE_STRING_MAX, and OSSL_trace_string() 2023-01-26 09:16:51 +01:00
uid.c
vms_rms.h
x86_64cpuid.pl
x86cpuid.pl