- 27 Feb, 2017 1 commit
-
-
Adrian Vollmer authored
...in the man page to reflect the actual default (2048 instead of 512) CLA: trivial Reviewed-by:
Richard Levitte <levitte@openssl.org> Reviewed-by:
Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2754)
-
- 26 Feb, 2017 15 commits
-
-
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Richard Levitte authored
There are cases when, if you pass a NULL UI_METHOD, the called function will use an internal default. This is well and good, but there may be cases when this is undesirable and one would rather send in a UI that does absolutely nothing (sort of a /dev/null). UI_null() is the UI_METHOD for this purpose. Reviewed-by:
-
- 25 Feb, 2017 5 commits
-
-
Andy Polyakov authored
This is initial and minimal single-block implementation. Reviewed-by: -
Andy Polyakov authored
Effectively it's minor size optimization, 5-6% per affected subroutine. Reviewed-by: -
Andy Polyakov authored
On pre-Skylake best optimization strategy was balancing port-specific instructions, while on Skylake minimizing the sheer amount appears more sensible. Reviewed-by: -
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
- 24 Feb, 2017 10 commits
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Emilia Kasper authored
- Reject fractional seconds - Reject offsets - Check that the date/time digits are in valid range. - Add documentation for X509_cmp_time GH issue 2620 Reviewed-by:
-
Andy Polyakov authored
Since CI is engaged on per merge request basis, it can be wasteful to run each request through all the tests, especially those resource consuming. Idea is to mark most of tests as "extended" and provide a way to opt-in by marking last commit with [extended tests] tag. It's still not as optimal as one could wish, as decision to skip a test still requires machine time, and it's taken in configured environment, i.e. with updates and additional packages installed... Reviewed-by:
-
Andy Polyakov authored
Reviewed-by:
-
Bernd Edlinger authored
Avoid a -Wundef warning in refcount.h Avoid a -Wundef warning in o_str.c Avoid a -Wundef warning in testutil.h Include internal/cryptlib.h before openssl/stack.h to avoid use of undefined symbol OPENSSL_API_COMPAT. Reviewed-by:
Andy Polyakov <appro@openssl.org> Reviewed-by:
-
Dr. Stephen Henson authored
The certificate types used to be held in a fixed length array or (if it was too long) a malloced buffer. This was done to retain binary compatibility. The code can be simplified now SSL is opaque by always using a malloced buffer. Reviewed-by:
-
- 23 Feb, 2017 9 commits
-
-
Pauli authored
Reviewed-by:
-
Todd Short authored
If ret is allocated, it may be leaked on error. Reviewed-by:
Tim Hudson <tjh@openssl.org> Reviewed-by:
-
Kurt Roeckx authored
Reviewed-by:Matt Caswell <matt@openssl.org> GH: #2732
-
Kurt Roeckx authored
Reviewed-by:
-
Benjamin Kaduk authored
Make sure that we can stop handshake processing and resume it later. Also check that the cipher list and compression methods are sane. Unfortunately, we don't have the client-side APIs needed to force a specific (known) session ID to be sent in the ClientHello, so that accessor cannot be tested here. Reviewed-by:
-
Benjamin Kaduk authored
Certain callback APIs allow the callback to request async processing by trickling a particular error value up the stack to the application as an error return from the handshake function. In those cases, SSL_want() returns a code specific to the type of async processing needed. The create_ssl_connection() helper function for the tests is very helpful for several things, including creating API tests. However, it does not currently let us test the async processing functionality of these callback interfaces, because the special SSL error codes are treated as generic errors and the helper continues to loop until it reaches its maximum iteration count. Add a new parameter, 'want', that indicates an expected/desired special SSL error code, so that the helper will terminate when either side reports that error, giving control back to the calling function and allowing the test to proceed. Reviewed-by:
-
Benjamin Kaduk authored
create_ssl_connection() prints out the results if SSL_accept() and/or SSL_connect() fail, but was reusing the client return value when printing about SSL_accept() failures. Reviewed-by:
-
Benjamin Kaduk authored
Reviewed-by:
-
Benjamin Kaduk authored
Plumb things through in the same place as the SNI callback, since we recommend that the early callback replace (and supplement) the SNI callback, and add a few test cases. Reviewed-by:
-
