Commits · 5d71f7ea291761777a2b2a84f340ffb38b3ea14a · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

Nov 07, 2016

Correct the Id for the TLS1.3 ciphersuite · 5d71f7ea

Matt Caswell authored Nov 07, 2016



We have one TLS1.3 ciphersuite, but there is a typo in the id that should
be corrected.

Reviewed-by: Rich Salz <rsalz@openssl.org>

5d71f7ea

Always ensure that init_msg is initialised for a CCS · c4377574

Matt Caswell authored Nov 03, 2016

We read it later in grow_init_buf(). If CCS is the first thing received in
a flight, then it will use the init_msg from the last flight we received. If
the init_buf has been grown in the meantime then it will point to some
arbitrary other memory location. This is likely to result in grow_init_buf()
attempting to grow to some excessively large amount which is likely to
fail. In practice this should never happen because the only time we receive
a CCS as the first thing in a flight is in an abbreviated handshake. None
of the preceding messages from the server flight would be large enough to
trigger this.

Reviewed-by: Rich Salz <rsalz@openssl.org>

c4377574

Nov 06, 2016

Windows: use default ZLIB1 unless --with-zlib-lib is set · 475592e2

Richard Levitte authored Oct 24, 2016



Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1772)

475592e2

Fix the LIBZ macro on VC config targets · 111b234c

Richard Levitte authored Oct 24, 2016



If zlib-dynamic was given but not --with-zlib-lib, LIBZ was defined to
the empty string.  Instead, give it the default "ZLIB1".

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1772)

111b234c

VMS: pretend to use -znodelete · 1186a2b3

Richard Levitte authored Nov 06, 2016



VMS only unloads shared libraries at process rundown, so tell the
OpenSSL code so by pretending we linked with -znodelete.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1862)

1186a2b3

Nov 05, 2016
- constant time test: include our internal/numbers.h rather than limits.h · c76da13c
  Richard Levitte authored Nov 05, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1856)
```
  c76da13c
Nov 04, 2016

VMS build file template: assign 'arch' to local symbol table · 3ee24d4a

Richard Levitte authored Nov 04, 2016



Since the local symbol table is looked up before the global symbol
table, 'arch' assigned in the local symbol table of the DCL where MMS
is called would be seen before the 'arch' defined in descrip.mms.
Assigning it to the local symbol table in descrip.mms removes that
issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1853)

3ee24d4a

Missed a mention of RT · 1e62cc12

Rich Salz authored Nov 04, 2016



Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1849)

1e62cc12

Correct internal tests sources · b93cb165

Richard Levitte authored Nov 04, 2016



The sources for internal tests were sometimes badly formed, assuming
perl variables such as $target{cpuid_asm_src} contains only one file
name.  This change correctly massages all file names in such a
variable.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1850)

b93cb165

VMS: update the list of files that need some extra treatment · 5c3dbd2e

Richard Levitte authored Nov 04, 2016



This is related to a lack in path merging involding includes of includes

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1846)

5c3dbd2e

VMS: correct the logic around linking executables · fb0abdce

Richard Levitte authored Nov 04, 2016



The logic around avoiding MULDEF warnings was flawed.  Simplifying it
makes it better.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1846)

fb0abdce

Don't create fixtures for simple tests · 308b876d

Emilia Kasper authored Nov 03, 2016



The test fixtures are (meant to be) useful for sharing common
setup. Don't bother when we don't have any setup/teardown.

This only addresses simple tests. Parameterized tests (ADD_ALL_TESTS)
will be made more user-friendly in a follow-up.

Reviewed-by: Rich Salz <rsalz@openssl.org>

308b876d

testutil: always print errors on failure · 6ec327ee
Emilia Kasper authored Nov 03, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
6ec327ee

Travis: add a strict build · 7b195438

Richard Levitte authored Nov 03, 2016



Clang on Linux seems to catch things that we might miss otherwise.
Also, throw in 'no-deprecated' to make sure we test that as well.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1839)

7b195438

Fix a missed size_t variable declaration · c42a78cb

Matt Caswell authored Nov 04, 2016



pqueue_size() now returns a size_t, but the variable that gets returned
was still declared as an int.

Reviewed-by: Rich Salz <rsalz@openssl.org>

c42a78cb

Fix some style issues from libssl size_tify review · ff04799d
Matt Caswell authored Nov 04, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
ff04799d
Tweak the SSL_read()/SSL_write() text based on feedback received. · ed9fa2c7
Matt Caswell authored Oct 26, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
ed9fa2c7

Rename all "read" variables with "readbytes" · 54105ddd

Matt Caswell authored Oct 26, 2016

Travis is reporting one file at a time shadowed variable warnings where
"read" has been used. This attempts to go through all of libssl and replace
"read" with "readbytes" to fix all the problems in one go.

Reviewed-by: Rich Salz <rsalz@openssl.org>

54105ddd

Clarify the return values for SSL_read_ex()/SSL_write_ex() · 740bfeba
Matt Caswell authored Oct 25, 2016
```
Give more detail on what constitutes success/failure.

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
740bfeba
Fix a shadowed variable declaration warning picked up by Travis · 02ba18a6
Matt Caswell authored Oct 25, 2016
```
Rename "read" to "readbytes"

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
02ba18a6
Document the HMAC_size() function · 8d2b1819
Matt Caswell authored Oct 25, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
8d2b1819
Test the size_t constant time functions · be2ef0e2
Matt Caswell authored Oct 25, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
be2ef0e2
Ensure SSL_DEBUG works following size_t changes · 2b7363ec
Matt Caswell authored Oct 25, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
2b7363ec
Clarify the return values for the peek functions · 3cdc2f8f
Matt Caswell authored Oct 25, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
3cdc2f8f
Updates various man pages based on review feedback received. · 6782e5fd
Matt Caswell authored Oct 21, 2016
```
Improvements to style, grammar etc.

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
6782e5fd
Fix style issues in HMAC_size() · d0ee717c
Matt Caswell authored Oct 21, 2016
```
Based on review feedback.

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
d0ee717c

Fix some bogus warnings about uninitialised variables · f0ca8f89

Matt Caswell authored Oct 20, 2016



Travis was failing in some builds due to a bogus complaint
about uninit variables.

Reviewed-by: Rich Salz <rsalz@openssl.org>

f0ca8f89

Fix some clashing symbol numbers due to merge conflict · d02ef3d0
Matt Caswell authored Oct 20, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
d02ef3d0

Document the newly added SSL functions · 7714dc5e

Matt Caswell authored Oct 20, 2016



Also document SSL_peek() which was missing from the docs.

Reviewed-by: Rich Salz <rsalz@openssl.org>

7714dc5e

Remove a stray TODO that has already been fixed · 699ae859
Matt Caswell authored Oct 19, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
699ae859
Provide some constant time functions for dealing with size_t values · 2688e7a0
Matt Caswell authored Oct 19, 2016
```
Also implement the using of them

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
2688e7a0
Ensure HMAC_size() handles errors correctly · 708e06c5
Matt Caswell authored Oct 19, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
708e06c5
Now that we can use size_t in PACKET lets use it · 56a26ce3
Matt Caswell authored Oct 19, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
56a26ce3
Fix misc size_t issues causing Windows warnings in 64 bit · 348240c6
Matt Caswell authored Oct 19, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
348240c6

Convert the mac functions to just return 1 for success and 0 for failure · a14aa99b

Matt Caswell authored Oct 19, 2016



Previously they return -1 for failure or the size of the mac. But the size
was never used anywhere.

Reviewed-by: Rich Salz <rsalz@openssl.org>

a14aa99b

Fix some ssl3_record code witch converstion to/from size_t · c08d12ca
Matt Caswell authored Oct 19, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
c08d12ca
Add some PACKET functions for size_t · 153703df
Matt Caswell authored Oct 19, 2016
```
And use them in the DTLS code

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
153703df

Convert SSL BIO to use SSL_write_ex(). · 8051ab2b

Matt Caswell authored Oct 19, 2016



We also modify the SSL_get_error() function to handle the fact that with
SSL_write_ex() the error return is 0 not -1, and fix some bugs in the
SSL BIO reading.

Reviewed-by: Rich Salz <rsalz@openssl.org>

8051ab2b

Fix some missed size_t updates · 8b0e934a
Matt Caswell authored Oct 06, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
8b0e934a
Resolve some outstanding size_t related TODOs · e3c9727f
Matt Caswell authored Oct 04, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
e3c9727f