Commits · 287d0b948d184dbba782de15a9895189c5e34854 · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

22 Dec, 2015 10 commits

Add ssl configuration support to s_server and s_client · 287d0b94
Dr. Stephen Henson authored Jul 08, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
287d0b94
Load module in SSL_library_init · f33bad33
Dr. Stephen Henson authored Apr 23, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
f33bad33
Add ssl_mcnf.c to Makefile · 540912cd
Dr. Stephen Henson authored Apr 19, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
540912cd

SSL library configuration module. · 59b1696c

Dr. Stephen Henson authored Mar 14, 2015

This adds support for SSL/TLS configuration using configuration modules.
Sets of command value pairs are store and can be replayed through an
SSL_CTX or SSL structure using SSL_CTX_config or SSL_config.

Reviewed-by: Richard Levitte <levitte@openssl.org>

59b1696c

Cleanup CRYPTO_{push,pop}_info · 4fae386c

Rich Salz authored Dec 16, 2015



Rename to OPENSSL_mem_debug_{push,pop}.
Remove simple calls; keep only calls used in recursive functions.
Ensure we always push, to simplify so that we can always pop

Reviewed-by: Richard Levitte <levitte@openssl.org>

4fae386c

Rename *_realloc_clean to *_clear_realloc · c99de053

Rich Salz authored Dec 16, 2015



Just like *_clear_free routines.  Previously undocumented, used
a half-dozen times within OpenSSL source.

Reviewed-by: Richard Levitte <levitte@openssl.org>

c99de053

Also change the non-debug versions to use size_t · f5d97098
Kurt Roeckx authored Dec 22, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
MR: #1518
```
f5d97098

Fix memory leak in DSA redo case. · 679d8751

David Benjamin authored Dec 17, 2015



Found by clang scan-build.

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>

RT: #4184, MR: #1496

679d8751

Configure: refine 'reconf' logic. · 91cf7551
Andy Polyakov authored Dec 21, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
91cf7551
bn/asm/bn-c64xplus.asm: update commentary. · b859d70d
Andy Polyakov authored Dec 21, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
b859d70d

21 Dec, 2015 1 commit
- sha/asm/sha256-armv4.pl: one of "universal" flags combination didn't compile. · cfe67073
  Andy Polyakov authored Dec 15, 2015
```
(and unify table address calculation in ARMv8 code path).

Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  cfe67073
19 Dec, 2015 4 commits

Fix URLs mangled by reformat · 79caf5d3

Matt Caswell authored Dec 19, 2015

Some URLs in the source code ended up getting mangled by indent. This fixes
it. Based on a patch supplied by Arnaud Lacombe <al@aerilon.ca>

Reviewed-by: Richard Levitte <levitte@openssl.org>

79caf5d3

Fix the etags action line, as etags doesn't take -R · 7a64489f
Richard Levitte authored Dec 19, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
7a64489f

Remove fixed DH ciphersuites. · bc71f910

Dr. Stephen Henson authored Dec 15, 2015



Remove all fixed DH ciphersuites and associated logic.

Reviewed-by: Matt Caswell <matt@openssl.org>

bc71f910

delete unused context · 74a62e96
Dr. Stephen Henson authored Dec 19, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
74a62e96

18 Dec, 2015 3 commits

Remove some L<asdf|asdf> which crept back in. · 7795475f
Rich Salz authored Dec 18, 2015
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
7795475f

Remove err and prime demo's · f4d654d2

Rich Salz authored Dec 18, 2015



ERR is not really a public facility; remove the demo.
prime shows how to generate a prime.  See apps.

Reviewed-by: Tim Hudson <tjh@openssl.org>

f4d654d2

Remove the "eay" c-file-style indicators · 31384753

Richard Levitte authored Dec 18, 2015



Since we don't use the eay style any more, there's no point tryint to
tell emacs to use it.

Reviewed-by: Matt Caswell <matt@openssl.org>

31384753

17 Dec, 2015 4 commits

Add SSL_CIPHER_description() for Chacha20/Poly1305 · 0d3587c7

Matt Caswell authored Dec 17, 2015



SSL_CIPHER_description() was returning "unknown" for the encryption
in the new ChaCha20/Poly1305 TLS ciphersuites.

RT#4183

Reviewed-by: Richard Levitte <levitte@openssl.org>

0d3587c7

Modify the lower level memory allocation routines to take size_t · ff842856

Richard Levitte authored Dec 17, 2015



We've been using int for the size for a long time, it's about time...

Reviewed-by: Rich Salz <rsalz@openssl.org>

ff842856

mem-cleanup, cont'd. · 33eaf4c2

Rich Salz authored Dec 16, 2015



Remove LEVITTE_DEBUG_MEM.
Remove {OPENSSL,CRYPTO}_remalloc.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

33eaf4c2

Rename sec_mem to mem_sec, like other files. · 3b089ca2
Rich Salz authored Dec 16, 2015
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
3b089ca2

16 Dec, 2015 15 commits

Fix typo. · 2503af26
Rich Salz authored Dec 16, 2015
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
2503af26
Provide better "make depend" warning. · 2e31ef03
Rich Salz authored Dec 10, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
2e31ef03
Fix no-dgram. · a7a14a23
Ben Laurie authored Dec 16, 2015
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
a7a14a23

Rename some BUF_xxx to OPENSSL_xxx · 7644a9ae

Rich Salz authored Dec 16, 2015



Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
Add #define's for the old names.
Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros.

Reviewed-by: Tim Hudson <tjh@openssl.org>

7644a9ae

fix for no-ec · e4cf8663
Dr. Stephen Henson authored Dec 16, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
e4cf8663
make update · 91b0d2c1
Dr. Stephen Henson authored Dec 16, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
91b0d2c1
Use EVP_PKEY for client side EC. · 61dd9f7a
Dr. Stephen Henson authored Dec 14, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
61dd9f7a
Use EVP_PKEY for server EC. · 880d9d86
Dr. Stephen Henson authored Dec 13, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
880d9d86
Add ECDH/DH utility functions. · 3f3504bd
Dr. Stephen Henson authored Dec 15, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
3f3504bd
remove unnecessary key copy · 44d4f8f2
Dr. Stephen Henson authored Dec 13, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
44d4f8f2
Constify EC_KEY in ECDH_compute_key. · 2c61a5ec
Dr. Stephen Henson authored Dec 13, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
2c61a5ec

Remove ECDH client auth code. · c66ce5eb

Dr. Stephen Henson authored Dec 12, 2015



Remove incomplete non-functional ECDH client authentication code.

Reviewed-by: Richard Levitte <levitte@openssl.org>

c66ce5eb

Remove SSL_OP_SINGLE_ECDH_USE code. · 57be4444

Dr. Stephen Henson authored Dec 12, 2015



Since auto ecdh is now always used SSL_OP_SINGLE_ECDH_USE is
redundant. Simplify associated code.

Reviewed-by: Richard Levitte <levitte@openssl.org>

57be4444

Use EC_KEY_key2buf and EC_oct2key in libssl. · cae41364
Dr. Stephen Henson authored Dec 12, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
cae41364

New EC functions. · 981bd8a2

Dr. Stephen Henson authored Dec 12, 2015



New functions EC_POINT_point2buf and EC_KEY_key2buf which encode
a point and allocate a buffer in one call.

New function EC_KEY_oct2key() which sets public key in an EC_KEY
structure from an encoded point.

Reviewed-by: Richard Levitte <levitte@openssl.org>

981bd8a2

15 Dec, 2015 3 commits

Fix build on Solaris · 19a86b03

Matt Caswell authored Dec 15, 2015

Solaris builds were failing during async compilation because the .o files
created from compiling the corresponding .c files held in async/arch were
ending up in the top level async directory. Consequently the link fails
because it can't find the .o files.

Thanks to Richard Levitte for pointing me in the right direction on this.

Reviewed-by: Richard Levitte <levitte@openssl.org>

19a86b03

Fix updating via mkdef.pl · 3addf183

Matt Caswell authored Dec 15, 2015

The previous commit introduced a new file format for ssleay.num and
libeay.num, i.e. the introduction of a version field. Therefore the update
capability in mkdef.pl needs updating to take account of the new format.

Reviewed-by: Richard Levitte <levitte@openssl.org>

3addf183

Don't export internal symbols · e863d920

Matt Caswell authored Dec 14, 2015

On Linux when creating the .so file we were exporting all symbols. We should
only be exporting public symbols. This commit fixes the issue. It is only
applicable to linux currently although the same technique may work for other
platforms (e.g. Solaris should work the same way).

This also adds symbol version information to our exported symbols.

Reviewed-by: Richard Levitte <levitte@openssl.org>

e863d920