- May 06, 2015
-
-
Richard Levitte authored
This is just to make sure that option is tested on a Unix build. This option is already present in ms/testss.bat, so it's an easy steal. Reviewed-by:Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Add command line switch entries to table and return SSL_CONF_TYPE_NONE for them in SSL_CONF_cmd_value_type. Update docs. Reviewed-by: -
Gunnar Kudrjavets authored
Compiling OpenSSL code with MSVC and /W4 results in a number of warnings. One category of warnings is particularly interesting - C4701 (potentially uninitialized local variable 'name' used). This warning pretty much means that there's a code path which results in uninitialized variables being used or returned. Depending on compiler, its options, OS, values in registers and/or stack, the results can be nondeterministic. Cases like this are very hard to debug so it's rational to fix these issues. This patch contains a set of trivial fixes for all the C4701 warnings (just initializing variables to 0 or NULL or appropriate error code) to make sure that deterministic values will be returned from all the execution paths. RT#3835 Signed-off-by:
Matt Caswell <matt@openssl.org> Matt's note: All of these appear to be bogus warnings, i.e. there isn't actually a code path where an unitialised variable could be used - its just that the compiler hasn't been able to figure that out from the logic. So this commit is just about silencing spurious warnings. Reviewed-by:
-
Matt Caswell authored
A copy&paste error as a result of the big apps cleanup broke the version specific methods in s_server. Reviewed-by: -
Rich Salz authored
Just as with the OPENSSL_malloc calls, consistently use sizeof(*ptr) for memset and memcpy. Remove needless casts for those functions. For memset, replace alternative forms of zero with 0. Reviewed-by:Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
What could be better than to refer to the RFC that defines it? Reviewed-by:Stephen Henson <steve@openssl.org>
-
- May 05, 2015
-
-
Matt Caswell authored
Fix error in WIN32_rename() introduced by commit b4faea50 . Reviewed-by:
-
Richard Levitte authored
Reviewed-by: -
Richard Levitte authored
Reviewed-by: -
Matt Caswell authored
Ensure all fatal errors transition into the new error state for DTLS. Reviewed-by: -
Matt Caswell authored
Ensure all fatal errors transition into the new error state on the client side. Reviewed-by: -
Matt Caswell authored
Ensure all fatal errors transition into the new error state on the server side. Reviewed-by: -
Matt Caswell authored
Reusing an SSL object when it has encountered a fatal error can have bad consequences. This is a bug in application code not libssl but libssl should be more forgiving and not crash. Reviewed-by: -
Rich Salz authored
Reviewed-by: -
Rich Salz authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
mancha security authored
Signed-off-by:
mancha security <mancha1@zoho.com> Signed-off-by:
-
mancha security authored
Signed-off-by:
-
Matt Caswell authored
Remove dependency on ssl_locl.h from v3_scts.c, and incidentally fix a build problem with kerberos (the dependency meant v3_scts.c was trying to include krb5.h, but without having been passed the relevanant -I flags to the compiler) Reviewed-by:
-
- May 04, 2015
-
-
Rich Salz authored
RLE is a no-op only for testing. Remove it. Reviewed-by: -
Rich Salz authored
If CA.pl is reading from /dev/null, then "chop $FILE" gives a warning. Sigh. Have to add "if $FILE". This just silences a build warning. Thanks to GitHub user andrejs-igumenovs for help with this. Reviewed-by: -
Rich Salz authored
For a local variable: TYPE *p; Allocations like this are "risky": p = OPENSSL_malloc(sizeof(TYPE)); if the type of p changes, and the malloc call isn't updated, you could get memory corruption. Instead do this: p = OPENSSL_malloc(sizeof(*p)); Also fixed a few memset() calls that I noticed while doing this. Reviewed-by: -
Richard Levitte authored
RT2943 only complains about the incorrect check of -K argument size, we might as well do the same thing with the -iv argument. Before this, we only checked that the given argument wouldn't give a bitstring larger than EVP_MAX_KEY_LENGTH. we can be more precise and check against the size of the actual cipher used. Reviewed-by: -
Richard Levitte authored
Reviewed-by: -
Rich Salz authored
Was memset with wrong sizeof. Reviewed-by: -
Rich Salz authored
Don't do access check on destination directory; it breaks when euid/egid is different from real uid/gid. Reviewed-by:
Rich Salz <rsalz@akamai.com>
-
Dr. Stephen Henson authored
Thanks to Brian Carpenter for reporting this issue. Reviewed-by: -
Dr. Stephen Henson authored
Reviewed-by:Tim Hudson <tjh@openssl.org>
-
- May 03, 2015
-
-
mancha security authored
Incorrect name used for SSL_AD_INTERNAL_ERROR. Signed-off-by:
-
Alok Menghrajani authored
This is the last of Alok's PR260 Reviewed-by: -
Alok Menghrajani authored
Signed-off-by:
-
Alok Menghrajani authored
Signed-off-by:
-
Rich Salz authored
https://github.com/openssl/openssl/pull/176 (CHANGES) https://rt.openssl.org/Ticket/Display.html?id=3545 (objects.txt) https://rt.openssl.org/Ticket/Display.html?id=3796 (verify.pod) Reviewed-by:
-
Dr. Stephen Henson authored
Add OSSL_NELEM macro to e_os.h to determine the number of elements in an array. Reviewed-by:
-
- May 02, 2015
-
-
Richard Levitte authored
ONEDIRS, EDIRS and WDIRS aren't used anywhere. Most probably remains from a build system of the past, it's time they get put to rest. Reviewed-by: -
Ben Laurie authored
Reviewed-by: Rich Salz
-
Dr. Stephen Henson authored
Reviewed-by: -
Richard Levitte authored
Cleanup of files that haven't been used, touched, or I suspect, even noticed for a long time. Reviewed-by: -
Gilles Khouzam authored
Signed-off-by:
-
Rich Salz authored
Use sizeof *foo parameter, to avoid these errors. Reviewed-by:Viktor Dukhovni <viktor@openssl.org>
-
