[openssl-commits] [web] master update
The branch master has been updated via 9da4a32ecfc59dfae1476ac8af43ca5f6e2069a6 (commit) from 33850da7c04593eaecb7ea9dacb6887989ad81d0 (commit) - Log - commit 9da4a32ecfc59dfae1476ac8af43ca5f6e2069a6 Author: Mark J. CoxDate: Thu Jan 28 16:30:24 2016 + Link to sec adv --- Summary of changes: news/newsflash.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/news/newsflash.txt b/news/newsflash.txt index 0a9c18b..14e67a1 100644 --- a/news/newsflash.txt +++ b/news/newsflash.txt @@ -4,6 +4,7 @@ # Format is two fields, colon-separated; the first line is the column # headings. URL paths must all be absolute. Date: Item +28-Jan-2016: Security Advisory: two security fixes 28-Jan-2016: OpenSSL 1.0.2f is now available, including bug and security fixes 28-Jan-2016: OpenSSL 1.0.1r is now available, including bug and security fixes 25-Jan-2016: OpenSSL 1.0.2f and 1.0.1r https://mta.openssl.org/pipermail/openssl-announce/2016-January/58.html;>security releases due 28th Jan 2016 _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_0_1r delete
The annotated tag OpenSSL_1_0_1r has been deleted was c091f787c167eb8e570d5f5e8a1d35c3f57deef0 - Log - 73008bc6ef3f3490368ad2ab844f827e73a6198d Prepare for 1.0.1r release --- _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [web] master update
The branch master has been updated via f22bb490115a71b980e4da6e35da76c678c99b98 (commit) from 61bead2a571724dab0540bcd2b390a559f1fd515 (commit) - Log - commit f22bb490115a71b980e4da6e35da76c678c99b98 Author: Matt CaswellDate: Thu Jan 28 15:50:07 2016 + Update wording on download page --- Summary of changes: source/index.html | 9 + 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/source/index.html b/source/index.html index 971c2c6..39bcdb8 100644 --- a/source/index.html +++ b/source/index.html @@ -34,11 +34,12 @@ releases. This is also our Long Term Support (LTS) version (support will be provided until 31st December 2019). Support for the 1.0.1 series will be provided until 31st December 2016 (with security bug fixes only for - the final year). The 0.9.8 and 1.0.0 series are currently only receiving - security bug fixes and all support will be discontinued for these on - 31st December 2015. Our newest version is 1.1.0 which is currently in + the final year). The 1.0.1 version is currently only receiving + security bug fixes and all support will be discontinued for this version + on 31st December 2016. Our newest version is 1.1.0 which is currently in alpha testing and should not be used for production purposes at this - time. + time. The 0.9.8 and 1.0.0 versions are now out of support and should not +be used. _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_0_1-stable update
The branch OpenSSL_1_0_1-stable has been updated via 69ff2444908e73d4b973f42daf989b46c774772e (commit) via 09ccb58518e84f76939f7e69929723263a42ca2e (commit) via 6210c70992011d6f4c52b63b0a1da3c3471ba5b0 (commit) via bea4cb2e804160f08bd7f10286946c422e38ac3c (commit) via 5fed60f9622c023c358f2f8e5cb6692b5cc2d9bb (commit) via 4040a7fd104b412bd446338c6c28a62eb7d8e852 (commit) via 8bc643efc89cbcfba17369801cf4eeca037b6cc1 (commit) from 126ac21c80967ec00f802d356462c1b83fa0f54c (commit) - Log - commit 69ff2444908e73d4b973f42daf989b46c774772e Author: Matt CaswellDate: Thu Jan 28 14:22:09 2016 + Prepare for 1.0.1s-dev Reviewed-by: Richard Levitte commit 09ccb58518e84f76939f7e69929723263a42ca2e Author: Matt Caswell Date: Thu Jan 28 14:21:21 2016 + Prepare for 1.0.1r release Reviewed-by: Richard Levitte commit 6210c70992011d6f4c52b63b0a1da3c3471ba5b0 Author: Richard Levitte Date: Thu Jan 28 15:18:50 2016 +0100 TARFILE wasn't correctly set This solves an earlier cherry-pick mistake. Reviewed-by: Matt Caswell commit bea4cb2e804160f08bd7f10286946c422e38ac3c Author: Matt Caswell Date: Thu Jan 28 12:28:53 2016 + Further updates to CHANGES and NEWS Reviewed-by: Richard Levitte commit 5fed60f9622c023c358f2f8e5cb6692b5cc2d9bb Author: Matt Caswell Date: Wed Jan 27 13:55:05 2016 + Update CHANGES and NEWS ready for release Update CHANGES and NEWS with details of the issues fixed in the forthcoming release. Reviewed-by: Rich Salz commit 4040a7fd104b412bd446338c6c28a62eb7d8e852 Author: Viktor Dukhovni Date: Wed Dec 30 22:44:51 2015 -0500 Better SSLv2 cipher-suite enforcement Based on patch by: Nimrod Aviram CVE-2015-3197 Reviewed-by: Tim Hudson Reviewed-by: Richard Levitte commit 8bc643efc89cbcfba17369801cf4eeca037b6cc1 Author: Matt Caswell Date: Thu Dec 17 02:57:20 2015 + Always generate DH keys for ephemeral DH cipher suites Modified version of the commit ffaef3f15 in the master branch by Stephen Henson. This makes the SSL_OP_SINGLE_DH_USE option a no-op and always generates a new DH key for every handshake regardless. This is a follow on from CVE-2016-0701. This branch is not impacted by that CVE because it does not support X9.42 style parameters. It is still possible to generate parameters based on primes that are not "safe", although by default OpenSSL does not do this. The documentation does sign post that using such parameters is unsafe if the private DH key is reused. However to avoid accidental problems or future attacks this commit has been backported to this branch. Issue reported by Antonio Sanso Reviewed-by: Viktor Dukhovni --- Summary of changes: CHANGES | 25 - Makefile.org| 2 +- NEWS| 7 ++- README | 2 +- crypto/opensslv.h | 6 +++--- doc/ssl/SSL_CTX_set_tmp_dh_callback.pod | 29 + openssl.spec| 2 +- ssl/s2_srvr.c | 15 +-- ssl/s3_lib.c| 14 -- ssl/s3_srvr.c | 17 +++-- ssl/ssl.h | 2 +- 11 files changed, 58 insertions(+), 63 deletions(-) diff --git a/CHANGES b/CHANGES index 23ca912..39ab8bd 100644 --- a/CHANGES +++ b/CHANGES @@ -2,7 +2,30 @@ OpenSSL CHANGES ___ - Changes between 1.0.1q and 1.0.1r [xx XXX ] + Changes between 1.0.1r and 1.0.1s [xx XXX ] + + *) + + Changes between 1.0.1q and 1.0.1r [28 Jan 2016] + + *) Protection for DH small subgroup attacks + + As a precautionary measure the SSL_OP_SINGLE_DH_USE option has been + switched on by default and cannot be disabled. This could have some + performance impact. + [Matt Caswell] + + *) SSLv2 doesn't block disabled ciphers + + A malicious client can negotiate SSLv2 ciphers that have been disabled on + the server and complete SSLv2 handshakes even if all SSLv2 ciphers have + been disabled, provided that the SSLv2 protocol was not also disabled via + SSL_OP_NO_SSLv2. + + This issue was reported to OpenSSL on 26th December 2015 by Nimrod Aviram +
[openssl-commits] Build failed: openssl master.678
Build openssl master.678 failed Commit 35ade23b02 by Viktor Dukhovni on 1/29/2016 2:39 AM: Keep RC5 bit shifts in [0..31] Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated via da7947e8c6915d86616425ecbc4906f079ef122f (commit) from 22d192f106fe0d6e43a41a65278e76f612e2eca3 (commit) - Log - commit da7947e8c6915d86616425ecbc4906f079ef122f Author: Richard LevitteDate: Thu Jan 28 17:55:11 2016 +0100 Correct number of arguments in BIO_get_conn_int_port macro Reviewed-by: Rich Salz (cherry picked from commit 41a28cb2944a4e1c9d13889757a3bd9f72abeca1) --- Summary of changes: crypto/bio/bio.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/bio/bio.h b/crypto/bio/bio.h index 6e2293b..498cc32 100644 --- a/crypto/bio/bio.h +++ b/crypto/bio/bio.h @@ -479,7 +479,7 @@ struct bio_dgram_sctp_prinfo { # define BIO_get_conn_hostname(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,0) # define BIO_get_conn_port(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,1) # define BIO_get_conn_ip(b) BIO_ptr_ctrl(b,BIO_C_GET_CONNECT,2) -# define BIO_get_conn_int_port(b) BIO_ctrl(b,BIO_C_GET_CONNECT,3,0,NULL) +# define BIO_get_conn_int_port(b) BIO_ctrl(b,BIO_C_GET_CONNECT,3,NULL) # define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated via 2b0c11a620c3a3431410c5d56799286f60f60d8d (commit) from da7947e8c6915d86616425ecbc4906f079ef122f (commit) - Log - commit 2b0c11a620c3a3431410c5d56799286f60f60d8d Author: Kurt RoeckxDate: Wed Jan 27 20:31:57 2016 +0100 Fix CHANGES entry about DSA_generate_parameters_ex Reviewed-by: Viktor Dukhovni --- Summary of changes: CHANGES | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 0cfd730..f2126bc 100644 --- a/CHANGES +++ b/CHANGES @@ -109,7 +109,7 @@ [Emilia Käsper] *) In DSA_generate_parameters_ex, if the provided seed is too short, - return an error + use a random seed, as already documented. [Rich Salz and Ismo Puustinen ] Changes between 1.0.2c and 1.0.2d [9 Jul 2015] _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_0_1-stable update
The branch OpenSSL_1_0_1-stable has been updated via 99a5c8a6592b18ce9b06be8d623d7e85f3e62e63 (commit) from 5d5de781a5e091ecc60b9171ce3fb8daf8c31156 (commit) - Log - commit 99a5c8a6592b18ce9b06be8d623d7e85f3e62e63 Author: Kurt RoeckxDate: Wed Jan 27 20:31:57 2016 +0100 Fix CHANGES entry about DSA_generate_parameters_ex Reviewed-by: Viktor Dukhovni (cherry picked from commit 2b0c11a620c3a3431410c5d56799286f60f60d8d) --- Summary of changes: CHANGES | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 39ab8bd..cdc4e6f 100644 --- a/CHANGES +++ b/CHANGES @@ -66,7 +66,7 @@ [Emilia Käsper] *) In DSA_generate_parameters_ex, if the provided seed is too short, - return an error + use a random seed, as already documented. [Rich Salz and Ismo Puustinen ] Changes between 1.0.1o and 1.0.1p [9 Jul 2015] _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Fixed: mouse07410/openssl#8 (OpenSSL_1_0_2-stable - 685084c)
Build Update for mouse07410/openssl - Build: #8 Status: Fixed Duration: 5 minutes and 26 seconds Commit: 685084c (OpenSSL_1_0_2-stable) Author: Uri Blumenthal Message: Merge remote-tracking branch 'upstream/OpenSSL_1_0_2-stable' into OpenSSL_1_0_2-stable View the changeset: https://github.com/mouse07410/openssl/compare/44cff93b59fe...685084cf627d View the full build log and details: https://travis-ci.org/mouse07410/openssl/builds/105471869 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Errored: openssl/openssl#1369 (master - cc373a3)
Build Update for openssl/openssl - Build: #1369 Status: Errored Duration: 57 minutes and 46 seconds Commit: cc373a3 (master) Author: Rich Salz Message: Remove extraneous output from util/mk scripts Reviewed-by: Richard LevitteView the changeset: https://github.com/openssl/openssl/compare/45bf87a0b985...cc373a37a193 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/105517782 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 45bf87a0b985c79c4fe84722df7e3f50cde00dae (commit) from 1119ddff84a4e65327073991a8052002dd71fe00 (commit) - Log - commit 45bf87a0b985c79c4fe84722df7e3f50cde00dae Author: Rich SalzDate: Wed Jan 27 22:00:55 2016 -0500 Remove outdated tests These tests are not built, and only usable as hand-tests so not worth moving into our test framework. This closes https://github.com/openssl/openssl/pull/561 and RT 4252 Reviewed-by: Richard Levitte --- Summary of changes: crypto/lhash/lh_test.c | 89 -- crypto/o_dir_test.c| 67 - 2 files changed, 156 deletions(-) delete mode 100644 crypto/lhash/lh_test.c delete mode 100644 crypto/o_dir_test.c diff --git a/crypto/lhash/lh_test.c b/crypto/lhash/lh_test.c deleted file mode 100644 index c1d4578..000 --- a/crypto/lhash/lh_test.c +++ /dev/null @@ -1,89 +0,0 @@ -/* Copyright (C) 1995-1998 Eric Young (e...@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (e...@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (t...@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - *notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - *notice, this list of conditions and the following disclaimer in the - *documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - *must display the following acknowledgement: - *"This product includes cryptographic software written by - * Eric Young (e...@cryptsoft.com)" - *The word 'cryptographic' can be left out if the rouines from the library - *being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - *the apps directory (application code) you must include an acknowledgement: - *"This product includes software written by Tim Hudson (t...@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include -#include -#include -#include - -main() -{ -LHASH *conf; -char buf[256]; -int i; - -conf = lh_new(lh_strhash, strcmp); -for (;;) { -char *p; - -buf[0] = '\0'; -fgets(buf, 256, stdin); -if (buf[0] == '\0') -break; -i = strlen(buf); -p = OPENSSL_malloc(i + 1); -if (p == NULL) -abort(); -memcpy(p, buf, i + 1); -lh_insert(conf, p); -} - -lh_node_stats(conf, stdout); -lh_stats(conf, stdout); -lh_node_usage_stats(conf, stdout); -exit(0); -} diff --git
[openssl-commits] [openssl] master update
The branch master has been updated via cc373a37a193dbd00be20fc358b03403338ff873 (commit) from 45bf87a0b985c79c4fe84722df7e3f50cde00dae (commit) - Log - commit cc373a37a193dbd00be20fc358b03403338ff873 Author: Rich SalzDate: Thu Jan 28 14:17:19 2016 -0500 Remove extraneous output from util/mk scripts Reviewed-by: Richard Levitte --- Summary of changes: util/mkdef.pl | 21 + util/mkerr.pl | 1 - 2 files changed, 9 insertions(+), 13 deletions(-) diff --git a/util/mkdef.pl b/util/mkdef.pl index 097d252..3151800 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -1028,7 +1028,8 @@ sub reduce_platforms return $ret; } -sub info_string { +sub info_string +{ (my $symbol, my $exist, my $platforms, my $kind, my $algorithms) = @_; my %a = defined($algorithms) ? @@ -1046,13 +1047,13 @@ sub info_string { return $ret; } -sub maybe_add_info { +sub maybe_add_info +{ (my $name, *nums, my @symbols) = @_; my $sym; my $new_info = 0; my %syms=(); - print STDERR "Updating $name info\n"; foreach $sym (@symbols) { (my $s, my $i) = split /\\/, $sym; if (defined($nums{$s})) { @@ -1076,12 +1077,11 @@ sub maybe_add_info { } } if ($new_info) { - print STDERR "$new_info old symbols got an info update\n"; + print STDERR "$name: $new_info old symbols have updated info\n"; if (!$do_rewrite) { print STDERR "You should do a rewrite to fix this.\n"; } } else { - print STDERR "No old symbols needed info update\n"; } } @@ -1171,7 +1171,8 @@ sub print_test_file } } -sub get_version { +sub get_version +{ return $config{version}; } @@ -1431,8 +1432,6 @@ sub rewrite_numbers (*OUT,$name,*nums,@symbols)=@_; my $thing; - print STDERR "Rewriting $name\n"; - my @r = grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:\w+\(\w+\)/,@symbols); my $r; my %r; my %rsyms; foreach $r (@r) { @@ -1481,8 +1480,6 @@ sub update_numbers ($basevers, $vers) = get_openssl_version(); - print STDERR "Updating $name numbers\n"; - my @r = grep(/^\w+(\{[0-9]+\})?\\.*?:.*?:\w+\(\w+\)/,@symbols); my $r; my %r; my %rsyms; foreach $r (@r) { @@ -1512,9 +1509,9 @@ sub update_numbers } } if($new_syms) { - print STDERR "$new_syms New symbols added\n"; + print STDERR "$name: Added $new_syms new symbols\n"; } else { - print STDERR "No New symbols Added\n"; + print STDERR "$name: No new symbols added\n"; } } diff --git a/util/mkerr.pl b/util/mkerr.pl index 4b41c6c..7e84de9 100644 --- a/util/mkerr.pl +++ b/util/mkerr.pl @@ -384,7 +384,6 @@ foreach $lib (keys %csrc) my $hfile = $hinc{$lib}; my $cfile = $csrc{$lib}; if(!$fnew{$lib} && !$rnew{$lib}) { - print STDERR "$lib:\t\tNo new error codes\n"; next unless $rebuild; } else { print STDERR "$lib:\t\t$fnew{$lib} New Functions,"; _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 1119ddff84a4e65327073991a8052002dd71fe00 (commit) from 78d6a74a6caffb1949da68e599de94a9d309e49a (commit) - Log - commit 1119ddff84a4e65327073991a8052002dd71fe00 Author: Rich SalzDate: Thu Jan 28 14:26:50 2016 -0500 Add more components to build. Add enable-crypto-mdebug enable-rc5 enable-md2 to any target that was --strict-warnings. Reviewed-by: Richard Levitte --- Summary of changes: .travis.yml | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.travis.yml b/.travis.yml index b16998b..e3ab38f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -28,7 +28,7 @@ env: - CONFIG_OPTS="" - CONFIG_OPTS="shared" - CONFIG_OPTS="no-asm" -- CONFIG_OPTS="--debug --strict-warnings" +- CONFIG_OPTS="--debug --strict-warnings enable-crypto-mdebug enable-rc5 enable-md2" matrix: include: @@ -37,13 +37,13 @@ matrix: env: CONFIG_OPTS="-fsanitize=address" - os: linux compiler: clang-3.6 - env: CONFIG_OPTS="no-asm --debug --strict-warnings -fno-sanitize-recover -fsanitize=address -fsanitize=undefined" + env: CONFIG_OPTS="no-asm --debug --strict-warnings -fno-sanitize-recover -fsanitize=address -fsanitize=undefined enable-crypto-mdebug enable-rc5 enable-md2" - os: linux compiler: gcc-5 env: CONFIG_OPTS="-fsanitize=address" - os: linux compiler: gcc-5 - env: CONFIG_OPTS="no-asm --debug --strict-warnings -fno-sanitize-recover -fsanitize=address -fsanitize=undefined" + env: CONFIG_OPTS="no-asm --debug --strict-warnings -fno-sanitize-recover -fsanitize=address -fsanitize=undefined enable-crypto-mdebug enable-rc5 enable-md2" exclude: - os: osx compiler: clang-3.6 @@ -63,9 +63,9 @@ matrix: env: CONFIG_OPTS="no-asm" allow_failures: - compiler: i686-w64-mingw32-gcc - env: CONFIG_OPTS="--debug --strict-warnings" + env: CONFIG_OPTS="--debug --strict-warnings enable-crypto-mdebug enable-rc5 enable-md2" - compiler: x86_64-w64-mingw32-gcc - env: CONFIG_OPTS="--debug --strict-warnings" + env: CONFIG_OPTS="--debug --strict-warnings enable-crypto-mdebug enable-rc5 enable-md2" before_script: - sh .travis-create-release.sh $TRAVIS_OS_NAME _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Errored: openssl/openssl#1354 (OpenSSL_1_0_2-stable - 22d192f)
Build Update for openssl/openssl - Build: #1354 Status: Errored Duration: 11 minutes and 14 seconds Commit: 22d192f (OpenSSL_1_0_2-stable) Author: Matt Caswell Message: Prepare for 1.0.2g-dev Reviewed-by: Richard LevitteView the changeset: https://github.com/openssl/openssl/compare/3665fa25436f...22d192f106fe View the full build log and details: https://travis-ci.org/openssl/openssl/builds/105432403 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: openssl/openssl#1368 (master - 45bf87a)
Build Update for openssl/openssl - Build: #1368 Status: Still Failing Duration: 47 minutes and 50 seconds Commit: 45bf87a (master) Author: Rich Salz Message: Remove outdated tests These tests are not built, and only usable as hand-tests so not worth moving into our test framework. This closes https://github.com/openssl/openssl/pull/561 and RT 4252 Reviewed-by: Richard LevitteView the changeset: https://github.com/openssl/openssl/compare/1119ddff84a4...45bf87a0b985 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/105515411 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Still Failing: openssl/openssl#1369 (master - cc373a3)
Build Update for openssl/openssl - Build: #1369 Status: Still Failing Duration: 4 minutes and 21 seconds Commit: cc373a3 (master) Author: Rich Salz Message: Remove extraneous output from util/mk scripts Reviewed-by: Richard LevitteView the changeset: https://github.com/openssl/openssl/compare/45bf87a0b985...cc373a37a193 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/105517782 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [web] master update
The branch master has been updated via 4f41f34a62a93b93f5001aa56cd25dc17f4a58ad (commit) from b26f6369ab93a176b282c44961303172fbce3d07 (commit) - Log - commit 4f41f34a62a93b93f5001aa56cd25dc17f4a58ad Author: Richard LevitteDate: Thu Jan 28 13:44:14 2016 +0100 Updated release dates --- Summary of changes: policies/releasestrat.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/policies/releasestrat.html b/policies/releasestrat.html index 11220ab..35f644f 100644 --- a/policies/releasestrat.html +++ b/policies/releasestrat.html @@ -85,9 +85,9 @@ 10th December 2015, alpha release 1 - 7th January 2016, alpha release 2 - 4th February 2016, alpha release 3 - 3rd March 2016, 1.1.0 beta 1 release + 14th January 2016, alpha release 2 + 11th February 2016, alpha release 3 + 10th March 2016, 1.1.0 beta 1 release 31st March 2016, 1.1.0 beta 2 release 28th April 2016, 1.1.0 public release _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [web] master update
The branch master has been updated via e7fa3cd70c15cfc026bb84142e39b3202f1e2526 (commit) from 1472515d626a47fd37cb94fe723c6c7ddd05445f (commit) - Log - commit e7fa3cd70c15cfc026bb84142e39b3202f1e2526 Author: Richard LevitteDate: Thu Jan 28 13:51:20 2016 +0100 This year! --- Summary of changes: policies/releasestrat.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/policies/releasestrat.html b/policies/releasestrat.html index 794be50..1df590a 100644 --- a/policies/releasestrat.html +++ b/policies/releasestrat.html @@ -13,7 +13,7 @@ Release Strategy First issued 23rd December 2014 - Last modified 28th January 2015 + Last modified 28th January 2016 _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [web] master update
The branch master has been updated via 1472515d626a47fd37cb94fe723c6c7ddd05445f (commit) from 4f41f34a62a93b93f5001aa56cd25dc17f4a58ad (commit) - Log - commit 1472515d626a47fd37cb94fe723c6c7ddd05445f Author: Richard LevitteDate: Thu Jan 28 13:49:28 2016 +0100 Forgot to update the "Last modified" date --- Summary of changes: policies/releasestrat.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/policies/releasestrat.html b/policies/releasestrat.html index 35f644f..794be50 100644 --- a/policies/releasestrat.html +++ b/policies/releasestrat.html @@ -13,7 +13,7 @@ Release Strategy First issued 23rd December 2014 - Last modified 10th December 2015 + Last modified 28th January 2015 _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Passed: openssl/openssl#1351 (master - 7eba4e6)
Build Update for openssl/openssl - Build: #1351 Status: Passed Duration: 40 minutes and 49 seconds Commit: 7eba4e6 (master) Author: Viktor Dukhovni Message: Restore NUMPRIMES as a numeric literal This fixes clang compilation problem with size_t NUMPRIMES and int loop counters. Reviewed-by: Rich SalzView the changeset: https://github.com/openssl/openssl/compare/3538c7da3d53...7eba4e620774 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/105393871 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 7eba4e62077484aebec010157424287f1963c88f (commit) from 3538c7da3d53dca70be5f507376299843046d2b7 (commit) - Log - commit 7eba4e62077484aebec010157424287f1963c88f Author: Viktor DukhovniDate: Thu Jan 28 00:10:11 2016 -0500 Restore NUMPRIMES as a numeric literal This fixes clang compilation problem with size_t NUMPRIMES and int loop counters. Reviewed-by: Rich Salz --- Summary of changes: Makefile.in | 6 +++--- crypto/bn/bn_prime.c | 2 -- crypto/bn/bn_prime.h | 5 - crypto/bn/bn_prime.pl | 3 ++- 4 files changed, 9 insertions(+), 7 deletions(-) diff --git a/Makefile.in b/Makefile.in index 629141d..80d5f17 100644 --- a/Makefile.in +++ b/Makefile.in @@ -442,9 +442,9 @@ depend: update: generate errors ordinals depend generate: - (cd apps && $(MAKE) generate) - (cd crypto/bn && $(MAKE) generate) - (cd crypto/objects && $(MAKE) generate) + (cd apps && PERL='${PERL}' $(MAKE) generate) + (cd crypto/bn && PERL='${PERL}' $(MAKE) generate) + (cd crypto/objects && PERL='${PERL}' $(MAKE) generate) errors: $(PERL) util/ck_errf.pl -strict */*.c */*/*.c diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c index 8d1294f..a5887d9 100644 --- a/crypto/bn/bn_prime.c +++ b/crypto/bn/bn_prime.c @@ -121,8 +121,6 @@ */ #include "bn_prime.h" -#define NUMPRIMES OSSL_NELEM(primes) - static int witness(BIGNUM *w, const BIGNUM *a, const BIGNUM *a1, const BIGNUM *a1_odd, int k, BN_CTX *ctx, BN_MONT_CTX *mont); diff --git a/crypto/bn/bn_prime.h b/crypto/bn/bn_prime.h index d1fbcd1..6f6949c 100644 --- a/crypto/bn/bn_prime.h +++ b/crypto/bn/bn_prime.h @@ -57,7 +57,10 @@ */ typedef unsigned short prime_t; -static const prime_t primes[] = { +# define NUMPRIMES 2048 + +static const prime_t primes[2048] = { + 2,3,5,7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67, 71, 73, 79, 83, 89, diff --git a/crypto/bn/bn_prime.pl b/crypto/bn/bn_prime.pl index add6ffb..3a5f064 100644 --- a/crypto/bn/bn_prime.pl +++ b/crypto/bn/bn_prime.pl @@ -76,8 +76,9 @@ loop: while ($#primes < $num-1) { } print "typedef unsigned short prime_t;\n"; +printf "# define NUMPRIMES %d\n\n", $num; -print "static const prime_t primes[] = {"; +printf "static const prime_t primes[%d] = {\n", $num; for (my $i = 0; $i <= $#primes; $i++) { printf "\n" if ($i % 8) == 0; printf "%4d, ", $primes[$i]; _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 35ade23b02a02b5514941586030016b67ac0934e (commit) from 987157f6f63fa70dbeffca3c8bc62f26e9767ff2 (commit) - Log - commit 35ade23b02a02b5514941586030016b67ac0934e Author: Viktor DukhovniDate: Thu Jan 28 19:04:49 2016 -0500 Keep RC5 bit shifts in [0..31] Reviewed-by: Richard Levitte --- Summary of changes: crypto/rc5/rc5_locl.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/rc5/rc5_locl.h b/crypto/rc5/rc5_locl.h index 990..6b34f92 100644 --- a/crypto/rc5/rc5_locl.h +++ b/crypto/rc5/rc5_locl.h @@ -170,10 +170,10 @@ # endif #endif #ifndef ROTATE_l32 -# define ROTATE_l32(a,n) (((a)<<(n&0x1f))|(((a)&0x)>>(32-(n&0x1f +# define ROTATE_l32(a,n) (((a)<<(n&0x1f))|(((a)&0x)>>((32-n)&0x1f))) #endif #ifndef ROTATE_r32 -# define ROTATE_r32(a,n) (((a)<<(32-(n&0x1f)))|(((a)&0x)>>(n&0x1f))) +# define ROTATE_r32(a,n) (((a)<<((32-n)&0x1f))|(((a)&0x)>>(n&0x1f))) #endif #define RC5_32_MASK 0xL _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Fixed: openssl/openssl#1371 (master - 35ade23)
Build Update for openssl/openssl - Build: #1371 Status: Fixed Duration: 44 minutes and 31 seconds Commit: 35ade23 (master) Author: Viktor Dukhovni Message: Keep RC5 bit shifts in [0..31] Reviewed-by: Richard LevitteView the changeset: https://github.com/openssl/openssl/compare/987157f6f63f...35ade23b02a0 View the full build log and details: https://travis-ci.org/openssl/openssl/builds/105587507 -- You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.658
Build openssl master.658 failed Commit 7eba4e6207 by Viktor Dukhovni on 1/28/2016 11:36 AM: Restore NUMPRIMES as a numeric literal Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 3444c36ab489b7084832254723a356e3c2eb023a (commit) from 7eba4e62077484aebec010157424287f1963c88f (commit) - Log - commit 3444c36ab489b7084832254723a356e3c2eb023a Author: Rich SalzDate: Thu Jan 28 09:18:21 2016 -0500 Fix typo in md2.h Reviewed-by: Matt Caswell --- Summary of changes: include/openssl/md2.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/openssl/md2.h b/include/openssl/md2.h index 4104d0e..1dba7cf 100644 --- a/include/openssl/md2.h +++ b/include/openssl/md2.h @@ -64,7 +64,7 @@ # endif # include -typdef unsigned char MD2_INT; +typedef unsigned char MD2_INT; # define MD2_DIGEST_LENGTH 16 # define MD2_BLOCK 16 _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] Build failed: openssl master.677
Build openssl master.677 failed Commit 987157f6f6 by Dr. Stephen Henson on 1/28/2016 11:41 PM: Use callback for DSAPublicKey Configure your notification preferences _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [web] master update
The branch master has been updated via 61bead2a571724dab0540bcd2b390a559f1fd515 (commit) from e7fa3cd70c15cfc026bb84142e39b3202f1e2526 (commit) - Log - commit 61bead2a571724dab0540bcd2b390a559f1fd515 Author: Matt Caswell <m...@openssl.org> Date: Thu Jan 28 14:37:36 2016 + Updates for the new release --- Summary of changes: news/newsflash.txt | 2 + news/secadv/20160128.txt | 138 +++ news/vulnerabilities.xml | 103 ++- 3 files changed, 242 insertions(+), 1 deletion(-) create mode 100644 news/secadv/20160128.txt diff --git a/news/newsflash.txt b/news/newsflash.txt index 4ec145d..0a9c18b 100644 --- a/news/newsflash.txt +++ b/news/newsflash.txt @@ -4,6 +4,8 @@ # Format is two fields, colon-separated; the first line is the column # headings. URL paths must all be absolute. Date: Item +28-Jan-2016: OpenSSL 1.0.2f is now available, including bug and security fixes +28-Jan-2016: OpenSSL 1.0.1r is now available, including bug and security fixes 25-Jan-2016: OpenSSL 1.0.2f and 1.0.1r https://mta.openssl.org/pipermail/openssl-announce/2016-January/58.html;>security releases due 28th Jan 2016 14-Jan-2016: Alpha 2 of OpenSSL 1.1.0 is now available: please download and test it 10-Dec-2015: Alpha 1 of OpenSSL 1.1.0 is now available: please download and test it diff --git a/news/secadv/20160128.txt b/news/secadv/20160128.txt new file mode 100644 index 000..43a8933 --- /dev/null +++ b/news/secadv/20160128.txt @@ -0,0 +1,138 @@ +OpenSSL Security Advisory [28th Jan 2016] += + +NOTE: SUPPORT FOR VERSION 1.0.1 WILL BE ENDING ON 31ST DECEMBER 2016. NO +SECURITY FIXES WILL BE PROVIDED AFTER THAT DATE. UNTIL THAT TIME SECURITY FIXES +ONLY ARE BEING APPLIED. + +DH small subgroups (CVE-2016-0701) +== + +Severity: High + +Historically OpenSSL usually only ever generated DH parameters based on "safe" +primes. More recently (in version 1.0.2) support was provided for generating +X9.42 style parameter files such as those required for RFC 5114 support. The +primes used in such files may not be "safe". Where an application is using DH +configured with parameters based on primes that are not "safe" then an attacker +could use this fact to find a peer's private DH exponent. This attack requires +that the attacker complete multiple handshakes in which the peer uses the same +private DH exponent. For example this could be used to discover a TLS server's +private DH exponent if it's reusing the private DH exponent or it's using a +static DH ciphersuite. + +OpenSSL provides the option SSL_OP_SINGLE_DH_USE for ephemeral DH (DHE) in TLS. +It is not on by default. If the option is not set then the server reuses the +same private DH exponent for the life of the server process and would be +vulnerable to this attack. It is believed that many popular applications do set +this option and would therefore not be at risk. + +OpenSSL before 1.0.2f will reuse the key if: +- SSL_CTX_set_tmp_dh()/SSL_set_tmp_dh() is used and SSL_OP_SINGLE_DH_USE is not + set. +- SSL_CTX_set_tmp_dh_callback()/SSL_set_tmp_dh_callback() is used, and both the + parameters and the key are set and SSL_OP_SINGLE_DH_USE is not used. This is + an undocumted feature and parameter files don't contain the key. +- Static DH ciphersuites are used. The key is part of the certificate and + so it will always reuse it. This is only supported in 1.0.2. + +It will not reuse the key for DHE ciphers suites if: +- SSL_OP_SINGLE_DH_USE is set +- SSL_CTX_set_tmp_dh_callback()/SSL_set_tmp_dh_callback() is used and the + callback does not provide the key, only the parameters. The callback is + almost always used like this. + +Non-safe primes are generated by OpenSSL when using: +- genpkey with the dh_rfc5114 option. This will write an X9.42 style file + including the prime-order subgroup size "q". This is supported since the 1.0.2 + version. Older versions can't read files generated in this way. +- dhparam with the -dsaparam option. This has always been documented as + requiring the single use. + +The fix for this issue adds an additional check where a "q" parameter is +available (as is the case in X9.42 based parameters). This detects the +only known attack, and is the only possible defense for static DH ciphersuites. +This could have some performance impact. + +Additionally the SSL_OP_SINGLE_DH_USE option has been switched on by default +and cannot be disabled. This could have some performance impact. + +This issue affects OpenSSL version 1.0.2. + +OpenSSL 1.0.2 users should upgrade to 1.0.2f + +OpenSSL 1.0.1 is not affected by this CVE because it does not support X9.42 +based parameters. It