- Aug 30, 2017
-
-
Paul Yang authored
This is yet another 'code health' commit to respond to this round of code health Tuesday [skip ci] Reviewed-by:
Matt Caswell <matt@openssl.org> Reviewed-by:
Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4107)
-
Todd Short authored
Reviewed-by:
Andy Polyakov <appro@openssl.org> Reviewed-by:
Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4264)
-
Andy Polyakov authored
The commit subject is a bit misleading in sense that decisions affect only gcc and gcc-alikes, like clang, recent icc... Reviewed-by:
Richard Levitte <levitte@openssl.org> Reviewed-by:
-
Andy Polyakov authored
This reverts commit a610934c . Reviewed-by:
-
Jon Spillett authored
AEAD cipher mode implementation is based on that used for AES: https://tools.ietf.org/html/rfc5116 TLS GCM cipher suites as specified in: https://tools.ietf.org/html/rfc6209 Reviewed-by:
Paul Dale <paul.dale@oracle.com> Reviewed-by:
-
Jon Spillett authored
Reviewed-by:
-
- Aug 29, 2017
-
-
Pauli authored
Reviewed-by:
-
Pauli authored
cryptilib.h is the second. Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Removed e_os.h from all bar three headers (apps/apps.h crypto/bio/bio_lcl.h and ssl/ssl_locl.h). Added e_os.h into the files that need it now. Directly reference internal/nelem.h when required. Reviewed-by:
-
- Aug 28, 2017
-
-
Kurt Roeckx authored
Reviewed-by:
-
Kurt Roeckx authored
The one creating the DRBG should instantiate it, it's there that we know which parameters we should use to instantiate it. This splits the rand init in two parts to avoid a deadlock because when the global drbg is created it wands to call rand_add on the global rand method. Reviewed-by:
-
Rich Salz authored
Fixes CVE 2017-3735 Reviewed-by:
Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4276)
-
Richard Levitte authored
Reviewed-by:
-
Dr. Matthias St. Pierre authored
The DRBG callbacks 'get_entropy()' and 'cleanup_entropy()' are designed in such a way that the randomness buffer does not have to be allocated by the calling function. It receives the address of a dynamically allocated buffer from get_entropy() and returns this address to cleanup_entropy(), where it is freed. If these two calls are properly paired, the address can be stored in a stack local variable of the calling function, so there is no need for having a 'randomness' member (and a 'filled' member) in 'RAND_DRBG'. Reviewed-by:
-
Dr. Matthias St. Pierre authored
With the introduction of RAND_poll_ex(), the `RAND_add()` calls were replaced by meaningless cb(...). This commit changes the 'cb(...)' calls back to 'rand_add(...)' calls by changing the signature as follows: -int RAND_poll_ex(RAND_poll_fn cb, void *arg); +int RAND_poll_ex(RAND_poll_cb rand_add, void *arg); Changed the function typedef name to 'RAND_poll_cb' to emphasize the fact that the function type represents a callback function. Reviewed-by:
-
Dr. Matthias St. Pierre authored
Unlike the NIST DRBG standard, entropy counts are in bits and buffer lengths are in bytes. This has lead to some confusion and errors in the past, see my comment on PR 3789. To clarify the destinction between entropy counts and buffer lengths, a 'len' suffix has been added to all member names of RAND_DRBG which represent buffer lengths: - {min,max}_{entropy,adin,nonce,pers} + {min,max}_{entropy,adin,nonce,pers}len This change makes naming also more consistent, as can be seen in the diffs, for example: - else if (adinlen > drbg->max_adin) { + else if (adinlen > drbg->max_adinlen) { Also replaced all 'ent's by 'entropy's, following a suggestion of Paul Dale. Reviewed-by:
-
- Aug 27, 2017
-
-
Rich Salz authored
VisualStudio 6 and earlier aren't supported. Reviewed-by:
-
- Aug 25, 2017
-
-
Rich Salz authored
Reviewed-by:
-
Richard Levitte authored
The guard was checked but never defined. Also, rename it to reflect that this is an internal header file, not a public one. Reviewed-by:
-
Richard Levitte authored
The socket stuff for DJGPP and VMS was only partially moved to include/internal/sockets.h... Remains vxWorks. Reviewed-by:
-
Paul Yang authored
Reviewed-by:
-
Paul Yang authored
this part contains only the return (x) fix. Reviewed-by:
-
Rich Salz authored
Also use a local variable, collapse some code. Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Richard Levitte authored
This is a vestige from pre-1.1.0 OpenSSL Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Kazuki Yamaguchi authored
A condition was removed by commit 1053a6e2 ; presumably it was an unintended change. Restore the previous behavior so the get_session_cb won't be called with zero-length session ID. Reviewed-by:
Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4236)
-
Matt Caswell authored
Reviewed-by:
Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4251)
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Meena Vyas authored
Reviewed-by:
-
Meena Vyas authored
Reviewed-by:
-
- Aug 24, 2017
-
-
Pauli authored
range of ctype functions. Revert "Don't try to compare the ctype functions on values > 127" This reverts commit 6ac58908 . Reviewed-by:
-
Richard Levitte authored
This mimics the behaviour of DES_crypt, where the salt and password are expected to be in EBCDIC when CHARSET_EBCDIC is defined, and are converted internally to ASCII. This is also done with the magic ID string if it's not already ASCII. The resulting output is entirely built up of ASCII components and is converted back to EBCDIC at the end. Reviewed-by:
-
