- Sep 24, 2014
-
-
Andy Polyakov authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Rich Salz authored
The following #ifdef tests were all removed: __MWERKS__ MAC_OS_pre_X MAC_OS_GUSI_SOURCE MAC_OS_pre_X OPENSSL_SYS_MACINTOSH_CLASSIC OPENSSL_SYS_MACOSX_RHAPSODY Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Emilia Kasper authored
Do the final padding check in EVP_DecryptFinal_ex in constant time to avoid a timing leak from padding failure. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
(Original commit adb46dbc ) Use the new constant-time methods consistently in s3_srvr.c Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Emilia Kasper authored
Also tweak s3_cbc.c to use new constant-time methods. Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1 This patch is based on the original RT submission by Adam Langley <agl@chromium.org>, as well as code from BoringSSL and OpenSSL. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
- Sep 23, 2014
-
-
Emilia Kasper authored
Sync libeay.num from 1.0.2 Reviewed-by: Dr Stephen Henson <steve@openssl.org>
-
Emilia Kasper authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit e9128d94)
-
Andy Polyakov authored
Reviewed-by: Bodo Moeller <bodo@openssl.org>
-
- Sep 21, 2014
-
-
Andy Polyakov authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Tim Hudson authored
that fixed PR#3450 where an existing cast masked an issue when i was changed from int to long in that commit Picked up on z/linux (s390) where sizeof(int)!=sizeof(long) Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Sep 20, 2014
-
-
Andy Polyakov authored
RT: 3333,3165 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Sep 19, 2014
-
-
Dr. Stephen Henson authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Rich Salz authored
Document the new features Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Sep 18, 2014
-
-
Jake Goulding authored
GetDIBits has been around since Windows2000 and BitBitmapBits is an old Win16 compatibility function that is much slower. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Sep 11, 2014
-
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
RT: 3149 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
RT: 3149 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Submitted by Shay Gueron, Intel Corp. RT: 3149 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Rich Salz authored
Move the readdir() lines out of the if statement, so that flist is available globally. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Sep 10, 2014
-
-
Rich Salz authored
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Rich Salz authored
If we don't find a signer in the internal list, then fall through and look at the internal list; don't just return NULL. Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
- Sep 09, 2014
-
-
Rich Salz authored
Say where to email bug reports. Mention general RT tracker info in a separate paragraph. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Matt Caswell authored
This is funny; Ben commented in the source, Matt opend a ticket, and Rich is doing the submit. Need more code-review? :) Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Rich Salz authored
Previous commit was reviewed by Geoff, not Stephen: Reviewed-by: Geoff Thorpe <geoff@openssl.org>
-
Rich Salz authored
For portability don't use "if ! expr" Reviewed-by: Geoff Thorpe <geoff@openssl.org>
-
Rich Salz authored
For portability don't use "if ! expr" Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Geoff Keating authored
When calling X509_set_version to set v1 certificate, that should mean that the version number field is omitted. Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Kurt Cancemi authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
- Sep 08, 2014
-
-
Paul Suhler authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Kurt Roeckx authored
This is a more comprehensive fix. It changes all keygen apps to use 2K keys. It also changes the default to use SHA256 not SHA1. This is from Kurt's upstream Debian changes. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Rich Salz authored
For consistency. Reviewed-by: Bodo Moeller <bodo@openssl.org>
-
Matthias Andree authored
In addition to Matthias's change, I also added -n to not remove links. And updated the manpage. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Bjoern Zeeb authored
The EXT_BITSTRING and EXT_IA5STRING are defined in x509v3.h, but the low-level functions are not public. They are useful, no need to make them static. Note that BITSTRING already was exposed since this RT was created, so now we just export IA5STRING functions. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Rich Salz authored
The documentation is wrong about what happens when the session cache fills up. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Erik Auerswald authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Dario B authored
I added some error-checking while integrating this patch. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Scott Schaefer authored
pod2man now complains when item tags are not sequential. Also complains about missing =back and other tags. Silence the warnings; most were already done. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Rich Salz authored
The original RT request included a patch. By the time we got around to doing it, however, the callback scheme had changed. So I wrote a new function RSA_check_key_ex() that uses the BN_GENCB callback. But thanks very much to Vinet Sharma <vineet.sharma@gmail.com> for the initial implementation. Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-