- Apr 18, 2016
-
-
Rich Salz authored
Give the API new names, document it. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Make OBJ_name_cmp internal Rename idea_xxx to IDEA_xxx Rename get_rfc_xxx to BN_get_rfc_xxx Rename v3_addr and v3_asid functions to X509v3_... Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Jérôme Duval authored
* add a comment about Haiku being built with no-asm. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Ben Laurie authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Ben Laurie authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Ben Laurie authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Ben Laurie authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Apr 17, 2016
-
-
Richard Levitte authored
Recently, OCSP_basic_verify() was changed to always return 0 on error, when it would previously return 0 on error and < 0 on fatal error. This restores the previous semantics back. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Apr 16, 2016
-
-
Dr. Stephen Henson authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org>
-
- Apr 15, 2016
-
-
Rich Salz authored
Make X509_OBJECT, X509_STORE_CTX, X509_STORE, X509_LOOKUP, and X509_LOOKUP_METHOD opaque. Remove unused X509_CERT_FILE_CTX Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Richard Levitte authored
To begin with, the default should have been the import library, not the DLL itself. However, we don't know what directory it's installed in either way, so we may as well demand the full path from the user Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Apr 14, 2016
-
-
Matt Caswell authored
Update the Travis and Appveyor builds to explicitly state no-shared where applicable. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
In most cases we expect that people will be using shared libraries not static ones, therefore we make that the default. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Travis identified a problem with freeing the ex_data locks which wasn't quite right in ff234405 . Trying to fix it identified a further problem: the ex_data locks are cleaned up by OPENSSL_cleanup(), which is called explicitly by CRYPTO_mem_leaks(), but then later the BIO passed to CRYPTO_mem_leaks() is freed. An attempt is then made to use the ex_data lock already freed. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Jérôme Duval authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Matt Caswell authored
no-stdio does not work with the apps. Since the tests also need the apps it doesn't support that either. Therefore we disable building of both. no-autoalginit is not compatible with the apps because it requires explicit loading of the algorithms, and the apps don't do that. Therefore we disable building the apps for this option. Similarly the tests depend on the apps so we also disable the tests. Finally the whole point about no-autoalginit is to avoid excessive executable sizes when doing static linking. Therefore we disable "shared" if this option is selected. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Running a "make update" wanted to add err_cleanup to libcrypto.num which is wrong. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Lyon Chen authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Some locks were not being properly cleaned up during close down. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Shlomi Fish authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
During Configure we attempt to check the kernel version of this platform to see whether we can compile the AFALG engine. If the kernel version looks recent enough then we enable AFALG. However when we compile e_afalg.c we check the version of the linux headers. If there is a mismatch between the linux headers and the currently running kernel then we don't compile the AFLAG engine and continue. This was causing a link error. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Viktor Dukhovni authored
Introduced in: commit 79c7f74d Author: Ben Laurie <ben@links.org> Date: Tue Mar 29 19:37:57 2016 +0100 Fix buffer overrun in ASN1_parse(). Problem input: https://tools.ietf.org/html/draft-ietf-curdle-pkix-eddsa-00#section-8.1 -----BEGIN PUBLIC KEY----- MC0wCAYDK2VkCgECAyEAGb9ECWmEzf6FQbrBZ9w7lshQhqowtrbLDFw4rXAxZuE= -----END PUBLIC KEY----- Previously: 0:d=0 hl=2 l= 45 cons: SEQUENCE 2:d=1 hl=2 l= 8 cons: SEQUENCE 4:d=2 hl=2 l= 3 prim: OBJECT :1.3.101.100 9:d=2 hl=2 l= 1 prim: ENUMERATED :02 Error in encoding 140735164989440:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:../openssl/crypto/asn1/asn1_lib.c:148: Now: 0:d=0 hl=2 l= 45 cons: SEQUENCE 2:d=1 hl=2 l= 8 cons: SEQUENCE 4:d=2 hl=2 l= 3 prim: OBJECT :1.3.101.100 9:d=2 hl=2 l= 1 prim: ENUMERATED :02 12:d=1 hl=2 l= 33 prim: BIT STRING 0000 - 00 19 bf 44 09 69 84 cd-fe 85 41 ba c1 67 dc 3b ...D.i....A..g.; 0010 - 96 c8 50 86 aa 30 b6 b6-cb 0c 5c 38 ad 70 31 66 ..P..0....\8.p1f 0020 - e1 . Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Viktor Dukhovni authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Apr 13, 2016
-
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Document removal of no-aes, no-hmac, no-rsa, no-sha and no-md5. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Update the config options documentation based on feedback. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
There were a lot of options missing from INSTALL. This adds descriptions for them. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
no-hmac is no longer an option so remove OPENSSL_NO_HMAC guards. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
no-sha is no longer an option so remove OPENSSL_NO_SHA guards. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
no-aes is no longer a Configure option and therefore the OPENSSL_NO_AES guards can be removed. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
These algorithms are fundamental and extensively used. The "no-" options do not work either in 1.1.0 or in other released branches. Therefore the ability to disable them should be removed. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-