- Apr 20, 2016
-
-
Andy Polyakov authored
Reviewed-by:Richard Levitte <levitte@openssl.org>
-
- Apr 18, 2016
-
-
Rich Salz authored
Give the API new names, document it. Reviewed-by: -
Rich Salz authored
Make OBJ_name_cmp internal Rename idea_xxx to IDEA_xxx Rename get_rfc_xxx to BN_get_rfc_xxx Rename v3_addr and v3_asid functions to X509v3_... Reviewed-by:
-
- Apr 13, 2016
-
-
Matt Caswell authored
no-sha is no longer an option so remove OPENSSL_NO_SHA guards. Reviewed-by: -
Matt Caswell authored
no-aes is no longer a Configure option and therefore the OPENSSL_NO_AES guards can be removed. Reviewed-by: -
Dr. Stephen Henson authored
The check_defer() function was used to ensure that EVP_cleanup() was always called before OBJ_cleanup(). The new cleanup code ensures this so it is no longer needed. Remove obj_cleanup() call in OID config module: it is not needed any more either. Reviewed-by:Matt Caswell <matt@openssl.org>
-
Matt Caswell authored
There is a preference for suffixes to indicate that a function is internal rather than prefixes. Note: the suffix is only required to disambiguate internal functions and public symbols with the same name (but different case) Reviewed-by:
Tim Hudson <tjh@openssl.org> Reviewed-by:
-
Matt Caswell authored
There was a lot of naming inconsistency, so we try and standardise on one form. Reviewed-by:
-
Matt Caswell authored
OBJ_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by:
-
Matt Caswell authored
EVP_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by:
-
- Mar 29, 2016
-
-
Matt Caswell authored
Move the the BIO_METHOD and BIO structures into internal header files, provide appropriate accessor methods and update all internal code to use the new accessors where appropriate. Reviewed-by:
-
- Mar 23, 2016
-
-
Rich Salz authored
Reviewed-by:
-
- Mar 21, 2016
-
-
David Benjamin authored
BIO_new, etc., don't need a non-const BIO_METHOD. This allows all the built-in method tables to live in .rodata. Reviewed-by: -
Matt Caswell authored
Fix compilation with --strict-warnings and no-seed Reviewed-by:Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
This removes all scripts that deal with MINFO as well, since that's only used by mk1mf. Reviewed-by:Andy Polyakov <appro@openssl.org>
-
- Mar 20, 2016
-
-
Rich Salz authored
Don't have #error statements in header files, but instead wrap the contents of that file in #ifndef OPENSSL_NO_xxx This means it is now always safe to include the header file. Reviewed-by:
-
- Mar 18, 2016
-
-
Matt Caswell authored
There were a couple of CMAC references without OPENSSL_NO_CMAC guards. Reviewed-by: -
Matt Caswell authored
OCB is AEAD capable but was not marked as such with the EVP_CIPH_FLAG_AEAD_CIPHER flag. Reviewed-by: -
Matt Caswell authored
There is a potential double free in EVP_DigestInit_ex. This is believed to be reached only as a result of programmer error - but we should fix it anyway. Issue reported by Guido Vranken. Reviewed-by:
-
- Mar 11, 2016
-
-
Kurt Roeckx authored
Reviewed-by:
-
Bill Cox authored
Reviewed-by:
-
Andy Polyakov authored
Reviewed-by:
-
- Mar 09, 2016
-
-
Richard Levitte authored
crypto/evp/e_aes.c and crypto/modes/gcm128.c include ppc_arch.h, which is located in crypto/, so add that as extra include directory for them. Issue reported by Jeffrey Walton <noloader@gmail.com> Reviewed-by:
-
- Mar 08, 2016
-
-
Alessandro Ghedini authored
Reviewed-by:
-
- Mar 07, 2016
-
-
Matt Caswell authored
We had the function EVP_CIPHER_CTX_cipher_data which is newly added for 1.1.0. As we now also need an EVP_CIPHER_CTX_set_cipher_data it makes more sense for the former to be called EVP_CIPHER_CTX_get_cipher_data. Reviewed-by: -
Matt Caswell authored
Implement aes128-cbc as a pipeline capable cipher in the dasync engine. As dasync is just a dummy engine, it actually just performs the parallel encrypts/decrypts in serial. Reviewed-by: -
David Woodhouse authored
Signed-off-by:
Kurt Roeckx <kurt@openssl.org>
-
Dr. Stephen Henson authored
Make PKCS8_PRIV_KEY_INFO opaque. Several accessor functions already exist for this structure. Two new ones were added to handle attributes. The old handling of broken formats has been removed and the corresponding structures simplified. Reviewed-by:
-
- Mar 03, 2016
-
-
Alessandro Ghedini authored
This patch implements the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as defined in RFC 5869. It is required to implement the QUIC and TLS 1.3 protocols (among others). Signed-off-by:
Dr. Stephen Henson <steve@openssl.org>
-
- Mar 02, 2016
-
-
Dr. Stephen Henson authored
Utility functions to pass a string or hex string to EVP_PKEY_CTX_ctrl(). Reviewed-by:
-
- Feb 25, 2016
-
-
Rich Salz authored
Simplifies calling code. Also fixed up any !ptr tests that were nearby, turning them into NULL tests. Reviewed-by:
-
- Feb 22, 2016
-
-
FdaSilvaYY authored
Remove some duplicated NULL/zero init. Signed-off-by:
-
- Feb 20, 2016
-
-
Richard Levitte authored
This takes us away from the idea that we know exactly how our static libraries are going to get used. Instead, we make them available to build shareable things with, be it other shared libraries or DSOs. On the other hand, we also have greater control of when the shared library cflags. They will never be used with object files meant got binaries, such as apps/openssl or test/test*. With unified, we take this a bit further and prepare for having to deal with extra cflags specifically to be used with DSOs (dynamic engines), libraries and binaries (applications). Reviewed-by:
-
- Feb 18, 2016
-
-
Richard Levitte authored
All those flags existed because we had all the dependencies versioned in the repository, and wanted to have it be consistent, no matter what the local configuration was. Now that the dependencies are gone from the versioned Makefile.ins, it makes much more sense to use the exact same flags as when compiling the object files. Reviewed-by: -
Rich Salz authored
Add -DBIO_DEBUG to --strict-warnings. Remove comments about outdated debugging ifdef guards. Remove md_rand ifdef guarding an assert; it doesn't seem used. Remove the conf guards in conf_api since we use OPENSSL_assert, not assert. For pkcs12 stuff put OPENSSL_ in front of the macro name. Merge TLS_DEBUG into SSL_DEBUG. Various things just turned on/off asserts, mainly for checking non-NULL arguments, which is now removed: camellia, bn_ctx, crypto/modes. Remove some old debug code, that basically just printed things to stderr: DEBUG_PRINT_UNKNOWN_CIPHERSUITES, DEBUG_ZLIB, OPENSSL_RI_DEBUG, RL_DEBUG, RSA_DEBUG, SCRYPT_DEBUG. Remove OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL. Reviewed-by:
-
- Feb 12, 2016
-
-
Andy Polyakov authored
RT#4210 Reviewed-by:
-
- Feb 11, 2016
-
-
Rich Salz authored
Add utility macros REF_ASSERT_NOT and REF_PRINT_COUNT This is also RT 4181 Reviewed-by: -
Rich Salz authored
Valgrind complains about using unitialized memory. So call OPENSSL_zalloc, not malloc. Reviewed-by:
-
- Feb 10, 2016
-
-
Dmitry-Me authored
Signed-off-by:
Kurt Roeckx <kurt@roeckx.be> Reviewed-by:
-
Matt Caswell authored
The new init functions can fail if the library has already been stopped. We should be able to indicate failure with a 0 return value. Reviewed-by:
-
