- 20 Mar, 2018 6 commits
-
-
Matt Caswell authored
The travis logs are going above 4Mb causing the builds to fail. One test creates excessive output. This change reduces that output by approx 180k. [extended tests] Reviewed-by:
Richard Levitte <levitte@openssl.org> Reviewed-by:
Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5694)
-
Matt Caswell authored
Broken by commit 3e3c7c36 . Fixes #5681 Reviewed-by:
Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/5688)
-
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by:
-
Richard Levitte authored
Without it, the RAND_POOL typedef is missing Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5685)
-
- 19 Mar, 2018 34 commits
-
-
Dr. Matthias St. Pierre authored
[extended tests] The test_rand_reseed assumed that the global DRBGs were not used previously. This assumption is false when the tests are executed in random order (OPENSSL_TEST_RAND_ORDER). So we uninstantiate them first and add a test for the first instantiation. Reviewed-by:
-
Richard Levitte authored
We did the SSL_CONF_cmd() pass last of all things that could affect the SSL ctx. However, the results of this, for example: -max_protocol TLSv1.3 -tls1_2 ... would mean that the protocol min got set to TLSv1.2 and the protocol max to TLSv1.3, when they should clearly both be TLSv1.2. However, if we see the SSL_CONF_cmd() switches as generic and those internal to s_client and s_server as specialisations, we get something that makes a little more sense. Reviewed-by:Tim Hudson <tjh@openssl.org> Reviewed-by:
-
Todd Short authored
Reviewed-by:
-
Todd Short authored
Reviewed-by:
-
Richard Levitte authored
The error string header files aren't supposed to be included directly, so there's no point testing that they can. Reviewed-by:
-
Richard Levitte authored
Have all test programs using that function specify those versions. Additionally, have the remaining test programs that use SSL_CTX_new directly specify at least the maximum protocol version. Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
If for nothing else, they are needed when doing a regression test Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
The fix in conf_include_test.c seems to be required because some compilers give an error if you give an empty string for the second argument to strpbrk(). It doesn't really make sense to send an empty string for this argument anyway, so make sure it has at least one character in it. Reviewed-by:
Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5666)
-
Todd Short authored
Place the session ticket AES and HMAC keys into secure memory. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Rich Salz authored
Use shorter names for some defines, so also had to change the .c file that used them. Reviewed-by:
-
Tomas Mraz authored
When SSL_CTX is created preinitialize it with system default configuration from system_default section. Reviewed-by:
-
Kurt Roeckx authored
Reviewed-by:
Paul Dale <paul.dale@oracle.com> Reviewed-by:
-
Kurt Roeckx authored
Since the public and private DRBG are per thread we don't need one per ssl object anymore. It could also try to get entropy from a DRBG that's really from an other thread because the SSL object moved to an other thread. Reviewed-by:
-
Kurt Roeckx authored
This avoids lock contention. Reviewed-by:
-
Jack Lloyd authored
Without actually using EVP_PKEY_FLAG_AUTOARGLEN Reviewed-by:
-
Jack Lloyd authored
Reviewed-by:
-
Jack Lloyd authored
Reviewed-by:
-
Andy Polyakov authored
Since they intend to omit gcc, it's more appropriate to simply detect if there is NDK's clang on PATH, as opposite to requiring to specify it with CC=clang (and looking for it on PATH). Also detect NDK version and default to armv7-a for NDK>16. Address failure to recognize -D__ADNDROID_API__=N in CPPFLAGS. Reviewed-by:
-
Andy Polyakov authored
Reviewed-by:
-
Andy Polyakov authored
Reviewed-by:
-
Andy Polyakov authored
Current endianness detection is somewhat opportunistic and can fail in cross-compile scenario. Since we are more likely to cross-compile for little-endian now, adjust the default accordingly. Reviewed-by:
-
Andy Polyakov authored
Adjusting ARM default broke clang support, and x86[_64] needed path adjustment. Reviewed-by:
-
Andy Polyakov authored
Occasionally you have to pass -no-integrated-as to clang, but we consider any -no-option as no-option. Don't touch -no-integrated-as. Reviewed-by:
-
Bernd Edlinger authored
Don't pass a pointer to uninitialized processed value for BIO_CB_READ and BIO_CB_WRITE Check the correct cmd code in BIO_callback_ctrl Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Raw private/public key loading may fail for X25519/X448 if ec has been disabled. Also fixed a missing blank line in evppkey.txt resulting in a warning in the test output. Reviewed-by:
Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5664)
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
