Commits · 9ab930b27d51a13362e6647074f13589a8ac004d · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

30 Oct, 2015 1 commit

Matt Caswell authored Jul 29, 2015

The function ssl3_get_message gets a whole message from the underlying bio
and returns it to the state machine code. The new state machine code will
split this into two discrete steps: get the message header and get the
message body. This commit splits the existing function into these two
sub steps to facilitate the state machine implementation.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

9ab930b2

29 Oct, 2015 1 commit

BN_GF2m_mod_inv(): check bn_wexpand return value · 94b3664a

Pascal Cuoq authored Oct 12, 2015



Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@akamai.com>

MR #1276, RT #4107

94b3664a

28 Oct, 2015 1 commit

Remove SSLeay history, etc., from docs · a528d4f0

Rich Salz authored Oct 27, 2015



If something was "present in all versions" of SSLeay, or if it was
added to a version of SSLeay (and therefore predates OpenSSL),
remove mention of it.  Documentation history now starts with OpenSSL.

Remove mention of all history before OpenSSL 0.9.8, inclusive.

Remove all AUTHOR sections.

Reviewed-by: Tim Hudson <tjh@openssl.org>

a528d4f0

27 Oct, 2015 1 commit

Remove HAMC_cleanup · 6f5c0303

Rich Salz authored Oct 27, 2015



Old API for use with OpenSSL-0.9.6.  Remove it.

Reviewed-by: Tim Hudson <tjh@openssl.org>

6f5c0303

26 Oct, 2015 1 commit
- Move crypto/threads to demo/threads · 0e56b4b4
  Rich Salz authored Oct 26, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  0e56b4b4
25 Oct, 2015 1 commit
- Probably fix travis (wine build). · d2c3d5d4
  Ben Laurie authored Oct 24, 2015
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
  d2c3d5d4
24 Oct, 2015 2 commits
- Improve make depend. · 84cf97af
  Ben Laurie authored Oct 03, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  84cf97af
- Fix undeclared variable warnings. · 2f1a5d16
  Ben Laurie authored Oct 03, 2015
```
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
```
  2f1a5d16
23 Oct, 2015 9 commits

Remove useless code · 070c2332

Alessandro Ghedini authored Oct 08, 2015



RT#4081

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

070c2332

Check memory allocation · 8cf9d71a

Alessandro Ghedini authored Oct 08, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

8cf9d71a

Fix references to various RFCs · 3240e7cf

Alessandro Ghedini authored Oct 08, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

3240e7cf

Fix typos · d900a015

Alessandro Ghedini authored Oct 08, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

d900a015

Set salt length after the malloc has succeeded · c2319cf9
Alessandro Ghedini authored Oct 08, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
c2319cf9

Fix memory leaks and other mistakes on errors · 3f6c7691

Alessandro Ghedini authored Oct 08, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

3f6c7691

Replace malloc+strlcpy with strdup · 8acaabec

Alessandro Ghedini authored Oct 08, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

8acaabec

Do not treat 0 return value from BIO_get_fd() as error · 4428c7db

Alessandro Ghedini authored Oct 02, 2015



0 is a valid file descriptor.

RT#4068

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

4428c7db

Remove bugs/ and crypto/threads/ · dad0b512

Alessandro Ghedini authored Oct 23, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

dad0b512

22 Oct, 2015 4 commits

Clarify return values for EVP_DigestVerifyFinal. · 8cbb048c

Adam Eijdenberg authored Oct 19, 2015



Previous language was unclear.  New language isn't pretty but I believe
it is more accurate.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ben Laurie <ben@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

8cbb048c

Only include SRP headers when OPENSSL_NO_SRP is undefined · 5212d39b
Richard Levitte authored Oct 22, 2015
```
[fixes github issue #447]

Reviewed-by: Tim Hudson <tjh@openssl.org>
```
5212d39b
Make Configure die when unsupported options are given · 489eb740
Richard Levitte authored Oct 22, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
489eb740

Add an explicit list of options that can be disabled, enabled, ... · 8b527be2

Richard Levitte authored Oct 22, 2015



Configure has, so far, had no control at all of which 'no-' options it
can be given.  This means that, for example, someone could configure
with something absurd like 'no-stack' and then watch the build crumble
to dust...  or file a bug report.

This introduces some sanity into the possible choices.

The added list comes from looking for the explicit ones used in
Configure, and from grepping after OPENSSL_NO_ in all source files.

Reviewed-by: Rich Salz <rsalz@openssl.org>

8b527be2

21 Oct, 2015 5 commits

make update · 15db6a40
Richard Levitte authored Oct 19, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
15db6a40
Don't forget to load the CT error strings · a0e8da5d
Richard Levitte authored Oct 19, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
a0e8da5d

Handle CT error macros separately · cc79f06c

Richard Levitte authored Oct 19, 2015



Because the default error macro generator assumes the header file with
error macros is in include/openssl and therefore generates a C file
with error texts that include <openssl/{name}.h>, we need to generate
the error macros and texts for CT separately, since the CT module
doesn't follow the default criteria.

Reviewed-by: Matt Caswell <matt@openssl.org>

cc79f06c

Don't use SSLv23_server_method in an example · 21cd6e00

Matt Caswell authored Oct 21, 2015



The function SSLv23_server_method() is an old name. New code should use
TLS_server_method() instead. Therefore don't use SSLv23_server_method() in
an example in the docs.

Reviewed-by: Richard Levitte <levitte@openssl.org>

21cd6e00

Avoid undefined behaviour in PACKET_buf_init · 3fde6c92

Matt Caswell authored Oct 21, 2015



Change the sanity check in PACKET_buf_init to check for excessive length
buffers, which should catch the interesting cases where len has been cast
from a negative value whilst avoiding any undefined behaviour.

RT#4094

Reviewed-by: Richard Levitte <levitte@openssl.org>

3fde6c92

18 Oct, 2015 7 commits
- ct_locl.h moved, reflect it in crypto/ct/Makefile · 788d72ba
  Richard Levitte authored Oct 18, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
  788d72ba
- make update · 338cb762
  Richard Levitte authored Oct 18, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  338cb762
- Add crypto/include/internal to the directories to scan for stack declarations · d865cb13
  Richard Levitte authored Oct 18, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  d865cb13
- Because ct_locl.h is used between modules, move it to internal headers · eb6d5f99
  Richard Levitte authored Oct 18, 2015
```
Rename it to ct_int.h

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  eb6d5f99
- Move auto Host adding to query_responder · 76e0cd12
  Dr. Stephen Henson authored Oct 18, 2015
```
Check for Host header in query_responder instead of process_responder. This
also fixes a memory leak in the old code if the headers was NULL.

Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  76e0cd12
- Fix memory leak with -issuer option. · bb7fc98c
  Dr. Stephen Henson authored Oct 18, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  bb7fc98c
- set string type when embedding · 7f3e6f8c
  Dr. Stephen Henson authored Oct 18, 2015
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  7f3e6f8c
17 Oct, 2015 1 commit

Move contributing info to CONTRIBUTING · eb05f173

Manish Goregaokar authored Oct 17, 2015



Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

eb05f173

16 Oct, 2015 2 commits

Run tests on Travis for mingw builds as well · 1a3ae788

Rich Salz authored Oct 16, 2015



Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Andy Polyakov <appro@openssl.org>

1a3ae788

Fix error message when loading engines from config · 1f08d945

Dmitry Belyavsky authored Oct 16, 2015

When using command line applications errors occur when trying to
load engines specified in a config file. Introduced by commit
a0a82324



RT#4093

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

1f08d945

15 Oct, 2015 4 commits

Remove Obsolete engines · 8b7080b0

Matt Caswell authored Oct 13, 2015



There are a number of engines in the OpenSSL source code which are now
obsolete. The following engines have been removed: 4758cca, aep, atalla,
cswift, nuron, sureware.

Reviewed-by: Rich Salz <rsalz@openssl.org>

8b7080b0

Fix self signed handling. · f51e5ed6

Dr. Stephen Henson authored Aug 05, 2015



Don't mark a certificate as self signed if keyUsage is present and
certificate signing not asserted.

PR#3979

Reviewed-by: Matt Caswell <matt@openssl.org>

f51e5ed6

embed CRL serial number and signature fields · 34a42e14
Dr. Stephen Henson authored Oct 11, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
34a42e14
embed certificate serial number and signature fields · 81e49438
Dr. Stephen Henson authored Oct 11, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
81e49438