- Jul 08, 2016
-
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Replace nptest with sanity test. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Commit aea145e3 removed some error codes that are generated algorithmically: mapping alerts to error texts. Found by Andreas Karlsson. This restores them, and adds two missing ones. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Rich Salz authored
Function-like macros are replaced with prototypes and a note that they are implemented as macros. Constants are just referenced in-line in the text. Tweak BIO_TYPE_... documentation. Also fix RT4592. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
We shouldn't allow both "-tls1" and "-tls1_2", or "-tls1" and "-no_tls1_2". The only time multiple flags are allowed is where they are all "-no_<prot>". This fixes Github Issue #1268 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Some Unix variants require shared libraries to have the execute permissions set, or they won't be loadable or executable when loaded. Among others, cygwin has this requirement. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
It's possible to have a very few rules for some directories and trust that other patterns further along will take care of whatever is left. .gitignore should therefore be loosely organised from least generic to most generic, allowing things like this: # Keep any file with extensions, such as foo.c, bar.h, ... !/dir/*.* # .... # Remove all object files *.o *.obj With this change, we implement some very generic rules for what will and will not be ignored in the fuzz subdirectory, and truse that patterns later on (such as *.o, *.obj, *.exe) will take care of everything we didn't specifically specify for the fuzz subdirectory. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
If application uses any of Windows-specific interfaces, make it application developer's respondibility to include <windows.h>. Rationale is that <windows.h> is quite "toxic" and is sensitive to inclusion order (most notably in relation to <winsock2.h>). It's only natural to give complete control to the application developer. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Extended alg_print() in pkcs12 utility to support PBES2 algorithms. RT#4588 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Jul 07, 2016
-
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
$openssldir and $enginesdir were mistakenly made unavailable to other perl fragments. They are still needed in the definition of CFLAGS. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
This logical names permits '#include <openssl/foo.h>' to work properly. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
OpenSSL engines are tied to the OpenSSL shared library versions, starting with OpenSSL 1.1. We therefore need to install them in directories which have the shared library version in it's name, to easily allow multiple OpenSSL versions to be installed at the same time. For VMS, the change is a bit more involved, primarly because the top installation directory was already versioned, *as well as* some of the files inside. That's a bit too much. Version numbering in files is also a bit different on VMS. The engines for shared library version 1.1 will therefore end up in OSSL$INSTROOT:[ENGINES0101.'arch'] ('arch' is the architecture we build for) Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
OpenSSL engines are tied to the OpenSSL shared library versions, starting with OpenSSL 1.1. We therefore need to install them in directories which have the shared library version in it's name, to easily allow multiple OpenSSL versions to be installed at the same time. For Unix, the default installation directory is changed from $PREFIX/lib/engines to $PREFIX/lib/engines-${major}_${minor} (mingw) or $PREFIX/lib/engines-${major}.${minor} (all but mingw) ($PREFIX is the directory given for the configuration option --prefix, and ${major} and ${minor} are the major and minor shared library version numbers) Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
OpenSSL engines are tied to the OpenSSL shared library versions, starting with OpenSSL 1.1. We therefore need to install them in directories which have the shared library version in it's name, to easily allow multiple OpenSSL versions to be installed at the same time. For windows, the default installation directory is changed from $PREFIX/lib/engines to $PREFIX/lib/engines-${major}_${minor} ($PREFIX is the directory given for the configuration option --prefix, and ${major} and ${minor} are the major and minor shared library version numbers) Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Jul 06, 2016
-
-
Rich Salz authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Richard Levitte authored
When creating the library $lib.olb, make sure the extension is there. Otherwise, a logical name with the same name as the file in question will redirect the creation elsewhere. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Jul 05, 2016
-
-
Richard Levitte authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
The calls we made to it were redundant, as the same initialization is done later in OPENSSL_init_crypto() anyway. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
FdaSilvaYY authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
FdaSilvaYY authored
Separate invalid input case from any internal (malloc) failure Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
FdaSilvaYY authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
FdaSilvaYY authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Jul 04, 2016
-
-
Rich Salz authored
Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
Make it possible to have a separate and different perl command string for installable scripts than we use when building, with the environment variable HASHBANGPERL. Its value default to the same as the environment PERL if it's defined, otherwise '/usr/bin/env perl'. Note: this is only relevant for Unix-like environments. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
- Jul 02, 2016
-
-
Andreas Karlsson authored
The SSL_load_client_CA_file() failed to load any CAs due to an inccorrect assumption about the return value of lh_*_insert(). The return value when inserting into a hash is the old value of the key. The bug was introduced in 3c82e437. Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1279)
-
Richard Levitte authored
On VMS, it's customary to have a procedure to check that the software was installed correctly and can run as advertised. The procedure added here is fairly simple, it checks that all libraries are in place, that the header crypto.h is in place, and that the command 'openssl version -a' runs without trouble. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
- The install top is versioned by default. However, only the major version should be used. - the default areas for certs, private keys an config files have changed, now all prefixed with 'OSSL$'. This gets reflected in cryptlib.h. - [.VMS]openssl_startup.com.in had some faults regarding creating rooted concealed logical names. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
This makes it possible for script writers to lock on to a specific version if they need to. Note that only the major version number is used. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Also, have the static library file names contain the pointer size when applicable. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Ben Laurie authored
Also, make sure that per-file deps are included in the build, even if previous builds have failed. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Jul 01, 2016
-
-
Matt Caswell authored
Don't use hardcoded SSL_METHODs! Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
We calculate the size required for the ServerKeyExchange message and then call BUF_MEM_grow_clean() on the buffer. However we fail to take account of 2 bytes required for the signature algorithm and 2 bytes for the signature length, i.e. we could overflow by 4 bytes. In reality this won't happen because the buffer is pre-allocated to a large size that means it should be big enough anyway. Addresses an OCAP Audit issue. Reviewed-by: Rich Salz <rsalz@openssl.org>
-