- 28 Oct, 2016 1 commit
-
-
Matt Caswell authored
A zero return from BIO_read()/BIO_write() could mean that an IO operation is retryable. A zero return from SSL_read()/SSL_write() means that the connection has been closed down (either cleanly or not). Therefore we should not propagate a zero return value from BIO_read()/BIO_write() back up the stack to SSL_read()/SSL_write(). This could result in a retryable failure being treated as fatal. Reviewed-by:Richard Levitte <levitte@openssl.org>
-
- 26 Oct, 2016 4 commits
-
-
Matt Caswell authored
Reviewed-by: -
Rich Salz authored
Move manpages to manX directories Add Windows/VMS install fix from Richard Levitte Update README Fix typo's Remove some duplicates Reviewed-by: -
Richard Levitte authored
The current version of the VMS compiler provides C99 features, strictly language wise. Unfortunately, even the most recent standard library isn't fully updated for that standard, so we need to use an earlier standard that the compiler supports. Most importantly, this affects the __STDC_VERSION__ value, which the compiler unfortunately currently defaults to 199901L. With this change we won't have to give VMS special treatment when looking for features based on that macro. Reviewed-by:
Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1785)
-
Rich Salz authored
Reviewed-by:Tim Hudson <tjh@openssl.org>
-
- 25 Oct, 2016 2 commits
-
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
This is overdue since the addition of the unified build system Reviewed-by:
-
- 24 Oct, 2016 8 commits
-
-
Andy Polyakov authored
[And remove FPU mutiplication subroutine.] Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Rich Salz authored
Reviewed-by:
Emilia Käsper <emilia@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1629)
-
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by:
-
- 22 Oct, 2016 2 commits
-
-
Kurt Roeckx authored
Reviewed-by: -
jrmarino authored
The __DragonFly__ macros were introduced in issue #1546 along with a function naming fix, but it was decided they should be handled separately. Reviewed-by:
-
- 21 Oct, 2016 4 commits
-
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Claus Assmann authored
CLA: trivial Reviewed-by:
Matt Caswell <matt@openssl.org> Reviewed-by:
-
Rich Salz authored
Add DragonFly version of BSD. Reviewed-by:
-
- 19 Oct, 2016 13 commits
-
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
In apps/apps.c, one can set up an engine with setup_engine(). However, we freed the structural reference immediately, which means that for engines that don't already have a structural reference somewhere else (because it's a built in engine), we end up returning an invalid reference. Instead, the function release_engine() is added, and called at the end of the routines that call setup_engine(). Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Also, fix __wrap_cmd so it doesn't return unnecessary empty strings Reviewed-by:
-
Richard Levitte authored
So far, apps and test programs, were a bit rigidely accessible as executables or perl scripts. But what about scripts in some other language? Or what about running entirely external programs? The answer is certainly not to add new functions to access scripts for each language or wrapping all the external program calls in our magic! Instead, this adds a new functions, cmd(), which is useful to access executables and scripts in a more generalised manner. app(), test(), fuzz(), perlapp() and perltest() are rewritten in terms of cmd(), and serve as examples how to do something similar for other scripting languages, or constrain the programs to certain directories. Reviewed-by:
-
Andrea Grandi authored
Reviewed-by:
-
Mat authored
Only set the load_crypto_strings_inited to 1 when err_load_crypto_strings_int was called. This solves the following issue: - openssl is built with no-err - load_crypto_strings_inited is set to 1 during the OPENSSL_init_crypto call - During the cleanup: OPENSSL_cleanup, err_free_strings_int is called because load_crypto_strings_inited == 1 - err_free_strings_int calls do_err_strings_init because it has never been called - Now do_err_strings_init calls OPENSSL_init_crypto - But since we are in the cleanup (stopped == 1) this results in an error: CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO, ERR_R_INIT_FAIL); - which then tries to initialize everything we are trying to clean up: ERR_get_state, ossl_init_thread_start, etc Reviewed-by:
-
FdaSilvaYY authored
Reviewed-by:
-
Richard Levitte authored
crypto/asn1/asn1_item_list.c needed including dh.h and rsa.h directly. The reason is that they are not included by x509.h when configured 'no-deprecated' Reviewed-by:
-
Andrea Grandi authored
Reviewed-by:
-
- 18 Oct, 2016 4 commits
-
-
FdaSilvaYY authored
Reviewed-by:
-
Patrick Steuer authored
crypto/s390xcap.c: internal/cryptlib.h needs to be included for OPENSSL_cpuid_setup function prototype is located there to avoid build error due to -Werror=missing-prototypes. Signed-off-by:
Patrick Steuer <psteuer@mail.de> Reviewed-by:
-
Patrick Steuer authored
crypto/evp/e_aes.c: Types of inp and out parameters of AES_xts_en/decrypt functions need to be changed from char to unsigned char to avoid build error due to '-Werror=incompatible-pointer-types'. crypto/aes/asm/aes-s390x.pl: Comments need to reflect the above change. Signed-off-by:
-
Patrick Steuer authored
crypto/asn1/a_strex.c: Type of width variable in asn1_valid_host function needs to be changed from char to signed char to avoid build error due to '-Werror=type-limits'. Signed-off-by:
-
- 17 Oct, 2016 2 commits
-
-
David Woodhouse authored
Reviewed-by:
-
David Woodhouse authored
OpenSSL 1.1.0 will negotiate EtM on DTLS but will then not actually *do* it. If we use DTLSv1.2 that will hopefully be harmless since we'll tend to use an AEAD ciphersuite anyway. But if we're using DTLSv1, then we certainly will end up using CBC, so EtM is relevant — and we fail to interoperate with anything that implements EtM correctly. Fixing it in HEAD and 1.1.0c will mean that 1.1.0[ab] are incompatible with 1.1.0c+... for the limited case of non-AEAD ciphers, where they're *already* incompatible with other implementations due to this bug anyway. That seems reasonable enough, so let's do it. The only alternative is just to turn it off for ever... which *still* leaves 1.0.0[ab] failing to communicate with non-OpenSSL implementations anyway. Tested against itself as well as against GnuTLS both with and without EtM. Reviewed-by:
-
