- May 09, 2016
-
-
J Mohan Rao Arisankala authored
- Missing checks for allocation failure. - releasing memory in few missing error paths Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
- May 07, 2016
-
-
Ben Laurie authored
Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Ben Laurie authored
Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
- May 06, 2016
-
-
Dr. Stephen Henson authored
PR#4449 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Jeffrey Walton authored
PR#4478 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org>
-
Dr. Stephen Henson authored
PR#4466 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
isnotnick authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
We don't need it, but external users might find it handy. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
- May 05, 2016
-
-
Dr. Stephen Henson authored
The default ASN.1 handling can be used for SEED. This also makes CMS work with SEED. PR#4504 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Rich Salz authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Dr. Stephen Henson authored
Try to set the ASN.1 parameters for CMS encryption even if the IV length is zero as the underlying cipher should still set the type. This will correctly result in errors if an attempt is made to use an unsupported cipher type. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Sergio Garcia Murillo authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
If the application has limited the size of the async pool using ASYNC_init_thread() then we could run out of jobs while trying to start a libssl io operation. However libssl was failing to handle this and treating it like a fatal error. It should not be fatal...we just need to retry when there are jobs available again. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Emilia Kasper authored
This demystifies two for-loops that do nothing. They were used to write the ladder in a unified way. Now that the ladder is otherwise commented, remove the dead loops. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Rich Salz authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Matt Caswell authored
Based on an orignal commit by GitHub user BertramScharpf. Rebased and updated to take account of all the updates since this was first raised. GH PR#62 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Rich Salz authored
Reviewed-by: Andy Polyakov <appro@openssl.org>
-
J Mohan Rao Arisankala authored
list -disabled was checking OPENSSL_NO_SSL/OPENSSL_NO_TLS, which are not used to disable SSL/TLS respectively. Building with these macros wrongly show as SSL/TLS disabled, hence removing this code. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
FdaSilvaYY authored
Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> GH: #1021
-
- May 04, 2016
-
-
Dr. Stephen Henson authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
The name length limit check in x509_name_ex_d2i() includes the containing structure as well as the actual X509_NAME. This will cause large CRLs to be rejected. Fix by limiting the length passed to ASN1_item_ex_d2i() which will then return an error if the passed X509_NAME exceeds the length. RT#4531 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1025)
-
Marek Klein authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1020)
-
Matt Caswell authored
The old BIO_accept() function can encounter errors during malloc. We need to ensure we properly clean up if that occurs. GH Issue #817 Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Dr. Stephen Henson authored
PR#4514 Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
RT#4527 Reviewed-by: Matt Caswell <matt@openssl.org>
-
FdaSilvaYY authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
The TLSProxy based tests don't work when TLS is disabled so we shouldn't run them. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
The init_client() function in the apps sets up the client connection. It may try multiple addresses until it finds one that works. We should clear the error queue if we eventually get a successful connection because otherwise we get stale errors hanging around. This can cause problems in subsequent calls to SSL_get_error(), i.e. non-fatal NBIO events appear as fatal. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-