- Oct 24, 2016
-
-
Andy Polyakov authored
Reviewed-by:Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by:
-
- Oct 22, 2016
-
-
jrmarino authored
The __DragonFly__ macros were introduced in issue #1546 along with a function naming fix, but it was decided they should be handled separately. Reviewed-by:
Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1765)
-
- Oct 21, 2016
-
-
Rich Salz authored
Add DragonFly version of BSD. Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1584)
-
- Oct 19, 2016
-
-
Mat authored
Only set the load_crypto_strings_inited to 1 when err_load_crypto_strings_int was called. This solves the following issue: - openssl is built with no-err - load_crypto_strings_inited is set to 1 during the OPENSSL_init_crypto call - During the cleanup: OPENSSL_cleanup, err_free_strings_int is called because load_crypto_strings_inited == 1 - err_free_strings_int calls do_err_strings_init because it has never been called - Now do_err_strings_init calls OPENSSL_init_crypto - But since we are in the cleanup (stopped == 1) this results in an error: CRYPTOerr(CRYPTO_F_OPENSSL_INIT_CRYPTO, ERR_R_INIT_FAIL); - which then tries to initialize everything we are trying to clean up: ERR_get_state, ossl_init_thread_start, etc Reviewed-by:
Tim Hudson <tjh@openssl.org> Reviewed-by:
-
FdaSilvaYY authored
Reviewed-by:
-
Richard Levitte authored
crypto/asn1/asn1_item_list.c needed including dh.h and rsa.h directly. The reason is that they are not included by x509.h when configured 'no-deprecated' Reviewed-by:
-
- Oct 18, 2016
-
-
Patrick Steuer authored
crypto/s390xcap.c: internal/cryptlib.h needs to be included for OPENSSL_cpuid_setup function prototype is located there to avoid build error due to -Werror=missing-prototypes. Signed-off-by:
Patrick Steuer <psteuer@mail.de> Reviewed-by:
-
Patrick Steuer authored
crypto/evp/e_aes.c: Types of inp and out parameters of AES_xts_en/decrypt functions need to be changed from char to unsigned char to avoid build error due to '-Werror=incompatible-pointer-types'. crypto/aes/asm/aes-s390x.pl: Comments need to reflect the above change. Signed-off-by:
-
Patrick Steuer authored
crypto/asn1/a_strex.c: Type of width variable in asn1_valid_host function needs to be changed from char to signed char to avoid build error due to '-Werror=type-limits'. Signed-off-by:
-
- Oct 17, 2016
-
-
Dr. Stephen Henson authored
Don't rely on embedded flag to free strings correctly: it wont be set if there is a malloc failure during initialisation. Thanks to Guido Vranken for reporting this issue. Reviewed-by:
-
- Oct 15, 2016
-
-
Matt Caswell authored
If len == 0 in a call to ERR_error_string_n() then we can read beyond the end of the buffer. Really applications should not be calling this function with len == 0, but we shouldn't be letting it through either! Thanks to Agostino Sarubbo for reporting this issue. Agostino's blog on this issue is available here: https://blogs.gentoo.org/ago/2016/10/14/openssl-libcrypto-stack-based-buffer-overflow-in-err_error_string_n-err-c/ Reviewed-by:
-
- Oct 11, 2016
-
-
Dr. Stephen Henson authored
The original X509_NAME decode free code was buggy: this could result in double free or leaks if a malloc failure occurred. Simplify and fix the logic. Thanks to Guido Vranken for reporting this issue. Reviewed-by:
-
- Oct 10, 2016
-
-
David Benjamin authored
Align at 5 characters, not 4. There are 5-digit numbers in the output. Also avoid emitting an extra blank line and trailing whitespace. Reviewed-by:
Kurt Roeckx <kurt@openssl.org> Reviewed-by:
-
David Benjamin authored
The prevailing style seems to not have trailing whitespace, but a few lines do. This is mostly in the perlasm files, but a few C files got them after the reformat. This is the result of: find . -name '*.pl' | xargs sed -E -i '' -e 's/( |'$'\t'')*$//' find . -name '*.c' | xargs sed -E -i '' -e 's/( |'$'\t'')*$//' find . -name '*.h' | xargs sed -E -i '' -e 's/( |'$'\t'')*$//' Then bn_prime.h was excluded since this is a generated file. Note mkerr.pl has some changes in a heredoc for some help output, but other lines there lack trailing whitespace too. Reviewed-by:
-
- Oct 01, 2016
-
-
Dr. Stephen Henson authored
Tidy up srp_Calc_k and SRP_Calc_u by making them a special case of srp_Calc_xy which performs SHA1(PAD(x) | PAD(y)). This addresses an OCAP Audit issue. Reviewed-by:
-
- Sep 29, 2016
-
-
Dr. Stephen Henson authored
If a STACK (corresponding to SEQUENCE OF or SET OF) is NULL then the field is absent as opposed to empty (present but has zero elements). Reviewed-by: -
Dr. Stephen Henson authored
Reviewed-by:
-
- Sep 22, 2016
-
-
Rich Salz authored
Change code so when switching on an enumeration, have case's for all enumeration values. Reviewed-by:Andy Polyakov <appro@openssl.org>
-
Matt Caswell authored
Add a function for testing whether a given OCSP_RESPID matches with a certificate. Reviewed-by: -
Matt Caswell authored
OCSP_RESPID was made opaque in 1.1.0, but no accessors were provided for setting the name/key value for the OCSP_RESPID. Reviewed-by:
-
- Sep 21, 2016
-
-
Matt Caswell authored
If OPENSSL_sk_insert() calls OPENSSL_realloc() and it fails, it was leaking the originally allocated memory. Reviewed-by: -
Andy Polyakov authored
Suggested in GH#1589. Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reported in GH#1589, but solution is different from suggested. Reviewed-by: -
Rich Salz authored
Reviewed-by: -
Rich Salz authored
This reverts commit 81f9ce1e . Reviewed-by:
-
Matt Caswell authored
We should check the last BN_CTX_get() call to ensure that it isn't NULL before we try and use any of the allocated BIGNUMs. Issue reported by Shi Lei. Reviewed-by:
-
- Sep 19, 2016
-
-
Matt Caswell authored
We were casting num_alloc to size_t in lots of places, or just using it in a context where size_t makes more sense - so convert it. This simplifies the code a bit. Also tweak the style in stack.c a bit following on from the previous commit Reviewed-by: -
Guido Vranken authored
Reviewed-by:
-
- Sep 18, 2016
-
-
FdaSilvaYY authored
Reviewed-by:
Viktor Dukhovni <viktor@openssl.org> Reviewed-by:
-
- Sep 17, 2016
-
-
FdaSilvaYY authored
APP_INFO is currently a field of MEM struct. Reviewed-by:
-
- Sep 14, 2016
-
-
Matt Caswell authored
The internal SRP function t_fromb64() converts from base64 to binary. It does not validate that the size of the destination is sufficiently large - that is up to the callers. In some places there was such a check, but not in others. Add an argument to t_fromb64() to provide the size of the destination buffer and validate that we don't write too much data. Also add some sanity checks to the callers where appropriate. With thanks to Shi Lei for reporting this issue. Reviewed-by:
-
- Sep 13, 2016
-
-
Andy Polyakov authored
Reviewed-by:
-
- Sep 11, 2016
-
-
Richard Levitte authored
The DSO API was picky about casing of symbol names on VMS. There's really no reason to be that picky, it's mostly just annoying. Therefore, we take away the possibility to flag for a choice, and will instead first try to find a symbol with exact case, and failing that, we try to find it in upper case. Reviewed-by:
-
- Sep 09, 2016
-
-
Tim Hudson authored
even when the public key is not present in an EC_KEY Reviewed-by:Stephen Henson <steve@openssl.org>
-
- Sep 08, 2016
-
-
Richard Levitte authored
VMS sets that errno when the device part of a file spec is malformed or a logical name that doesn't exist. Reviewed-by: -
Matt Caswell authored
Certain functions are automatically called during auto-deinit in order to deallocate resources. However, if we have never entered a function which marks lib crypto as inited then they never get called. This can happen if the user only ever makes use of a small sub-set of functions that don't hit the auto-init code. This commit ensures all such resources deallocated by these functions also init libcrypto when they are initially allocated. Reviewed-by:
Ben Laurie <ben@openssl.org>
-
Andy Polyakov authored
RT#4667 Reviewed-by:
-
