OpenSSL Valhalla Rampage @opensslrampage - Tumblr Blog

LibreSSL now turns off SSL 3 by default as a fix for POODLE. Thanks to the awesome people that have made this possible. Remember to donate!

#openbsd #libressl #release

•18+ Adults Only

Watch Anya Live on Cam

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.

✓ Live Streaming✓ Interactive Chat✓ Private Shows✓ HD Quality

Anya is LIVE right now

FREE

Free to watch • No registration required • HD streaming

Many thanks to all of the awesome hackers that have made this release possible. Again, if you like the work that OpenBSD is doing, please donate here

#openbsd #libressl #release

Provide a ressl config function that explicitly clears keys. Now that ressl config takes copies of the keys passed to it, the keys need to be explicitly cleared. While this can be done by calling the appropriate functions with a NULL pointer, it is simpler and more obvious to call one function that does this for you.

— jsing

#openbsd #libressl #ressl #cleanup

Add a new API function SSL_CTX_use_certificate_chain() that allows to read the PEM-encoded certificate chain from memory instead of a file. This idea is derived from an older implementation in relayd that was needed to use the function with a privep'ed process in a chroot. Now it is time to get it into LibreSSL to make the API more privsep- friendly and to make it available for other programs and the ressl library.

— reyk

#openbsd #openssl #libressl #ressl

X509v3_add_ext(): do not free stuff we did not allocate in the error path.

— miod

#openbsd #openssl #libressl

•18+ Adults Only

Watch Anya Live on Cam

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.

✓ Live Streaming✓ Interactive Chat✓ Private Shows✓ HD Quality

Anya is LIVE right now

FREE

Free to watch • No registration required • HD streaming

X509_TRUST_add(): check X509_TRUST_get0() return value before dereferencing it, for it may be NULL. Do not leak memory upon error.

— miod

#openbsd #openssl #libressl #memory leaks #null dereference

Someone (TM) thought it was smart to save memory by using malloc(1) and manual field fiddling to create an ASN1_INTEGER object, instead of using M_ASN1_INTEGER_new() which will allocate sizeof(long) bytes. That person had probably never looked into malloc(3) and never heard of allocation size rounding.

Thus, replace the obfuscated code with M_ASN1_INTEGER_new() followed by ASN1_INTEGER_set(), to achieve a similar result, without the need for /* version == 0 */ comments.

— miod

#openbsd #openssl #libressl

revamp the config interface to own memory. easier to use correctly without caller worrying about leaks or lifetimes.

— tedu

#openbsd #libressl #ressl

Revert r1.5 and reenable assembler version of ghash now that it has been fixed.

— miod

#openbsd #openssl #libressl

Doh, rev 1.4 had left out one routine with both 32-bit and 64-bit code, where the 64-bit code has to be disabled under OpenBSD/hppa.

— miod

#openbsd #openssl #libressl

•18+ Adults Only

Watch Anya Live on Cam

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.

✓ Live Streaming✓ Interactive Chat✓ Private Shows✓ HD Quality

Anya is LIVE right now

FREE

Free to watch • No registration required • HD streaming

Disable assembler code for ghash on hppa, causes wrong computations in some cases and breaks TLS 1.2; crank libcrypto.so minor version out of safety and to be able to tell broken versions apart easily.

— miod

#openbsd #openssl #libressl

There is not much point checking ecdhp is not NULL... twice.

— jsing

#openbsd #openssl #libressl

Check that the specified curve is one of the client preferences. Based on OpenSSL.

— jsing

#openbsd #openssl #libressl

Fix mmap() calls that check for a result other than MAP_FAILED.

— doug

#openbsd #openssl #libressl

X509_STORE_new(): do not leak memory upon error. X509_STORE_get1_certs(), X509_STORE_get1_crls(): check the result of allocations.

#openbsd #openssl #libressl #memory leaks

•18+ Adults Only

Watch Anya Live on Cam

Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.

✓ Live Streaming✓ Interactive Chat✓ Private Shows✓ HD Quality

Anya is LIVE right now

FREE

Free to watch • No registration required • HD streaming

X509_issuer_and_serial_hash(): do not leak memory if an error occurs during the first EVP block.

— miod

#openbsd #openssl #libressl #memory leaks

X509at_add1_attr(): do not free stuff we did not allocate in the error path.

— miod

#openbsd #openssl #libressl

Trending Blogs

Last Seen Blogs

OpenSSL Valhalla Rampage