- Dec 07, 2015
-
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Make TARFILE include ../ instead of having that hard coded all over the place. When transforming file names in TAR_COMMAND, use $(NAME) instead of openssl-$(VERSION) Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Andy Polyakov authored
and engage it in most modules. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Viktor Dukhovni authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Dec 06, 2015
-
-
Viktor Dukhovni authored
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
- Dec 05, 2015
-
-
Kurt Roeckx authored
Reviewed-by: Rich Salz <rsalz@openssl.org> MR: #364
-
- Dec 04, 2015
-
-
Kurt Roeckx authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Kurt Roeckx authored
SSL_{CTX}_set_tmp_ecdh() allows to set 1 EC curve and then tries to use it. On the other hand SSL_{CTX_}set1_curves() allows you to set a list of curves, but only when SSL_{CTX_}set_ecdh_auto() was called to turn it on. Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Kurt Roeckx authored
This only gets used to set a specific curve without actually checking that the peer supports it or not and can therefor result in handshake failures that can be avoided by selecting a different cipher. Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Matt Caswell authored
The new state machine code missed an allowed transition when resuming a session via EAP FAST. This commits adds the missing check for the transition. Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Viktor Dukhovni authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Running 'make TEST=test_ordinals test' starts the whole build process, which wasn't desired for this target. Instead, we take a shortcut. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Dec 03, 2015
-
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
RT#4162 Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Dec 02, 2015
-
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
'./Configure reconf' hasn't been working for a while, because a perl lable needs to be immediately followed by a block. Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Dr. Stephen Henson authored
Remove RSA_FLAG_SIGN_VER: this was origininally used to retain binary compatibility after RSA_METHOD was extended to include rsa_sign and rsa_verify fields. It is no longer needed. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
The contents of this variable ($memleak_devteam_backtrace) is added to $cflags unless we build for a platform we know doesn't support gcc's -rdynamic och backtrace() and friends. Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Dr. Stephen Henson authored
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a legacy from when digests were linked to public key types. All signing is now handled by the corresponding EVP_PKEY_METHOD. Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms already block unsupported types. Remove now obsolete EVP_dss1() and EVP_ecdsa(). Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Catch a common 'make update' failure: conflicting ordinals. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
The feature_test_macros(7) manual tells us that _BSD_SOURCE is deprecated since glibc 2.20 and that the compiler will warn about it being used, unless _DEFAULT_SOURCE is defined as well. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
This is an option for builds with gcc and --strict-warnings. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Main goal was to improve performance on RISC platforms, e.g. 10% was measured on MIPS, POWER8... Reviewed-by: Matt Caswell <matt@openssl.org>
-
Andy Polyakov authored
and CRYPTO_ocb128_encrypt to handle in==out. Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Dec 01, 2015
-
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Nov 30, 2015
-
-
Rich Salz authored
Rename it to be an internal function bn_init. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Dr. Stephen Henson authored
Don't hard code EVP_sha* etc for signature algorithms: use table indices instead. Add SHA224 and SHA512 to tables. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
- Nov 28, 2015
-
-
Viktor Dukhovni authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Nov 27, 2015
-
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Change handshake hash array into a single digest context simplifying the handhake hash code. Use EVP_md5_sha1() if needed for handshake hashes in TLS 1.1 and earlier. Simplify PRF code to also use a single digest and treat EVP_md5_sha1() as a special case. Modify algorithm2 field of ciphers to use a single index value for handshake hash and PRF instead of a bitmap. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Matt Caswell authored
Various updates following feedback from the recent commit of the new GOST2012 code. Reviewed-by: Andy Polyakov <appro@openssl.org>
-
- Nov 26, 2015
-
-
Dr. Stephen Henson authored
Now that X509_VERIFY_PARAM is opaque X509_VERIFY_PARAM_ID is no longer needed. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Matt Caswell authored
The SRP_create_verifier_BN function goes to the |err| label if the |salt| value passed to it is NULL. It is then deref'd. Reviewed-by: Rich Salz <rsalz@openssl.org>
-