Commits · 2cb761c1f4e0155743f4414932b5cff167389cf4 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Jul 07, 2014
- Prevent infinite loop loading config files. · 2cb761c1
  David Lloyd authored Jul 07, 2014
```
PR#2985
(cherry picked from commit 9d23f422)
```
  2cb761c1
- Improve X509_check_host() documentation. · 3ebcecf5
  Viktor Dukhovni authored Jul 07, 2014
```
Based on feedback from Jeffrey Walton.

(cherry picked from commit b73ac027)
```
  3ebcecf5
- Update API to use (char *) for email addresses and hostnames · e83c9137
  Viktor Dukhovni authored Jul 07, 2014
```
Reduces number of silly casts in OpenSSL code and likely most
applications.  Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().

(cherry picked from commit 297c67fc)
```
  e83c9137
- Set optional peername when X509_check_host() succeeds. · 55fe5683
  Viktor Dukhovni authored Jul 06, 2014
```
Pass address of X509_VERIFY_PARAM_ID peername to X509_check_host().
Document modified interface.

(cherry picked from commit ced3d915)
```
  55fe5683
- New peername element in X509_VERIFY_PARAM_ID · 1eb57ae2
  Viktor Dukhovni authored Jul 06, 2014
```
Declaration, memory management, accessor and documentation.

(cherry picked from commit 6e661d45)
```
  1eb57ae2
- One more typo when changing !result to result <= 0 · 41e3ebd5
  Viktor Dukhovni authored Jun 23, 2014
```
(cherry picked from commit eef1827f)
```
  41e3ebd5
- Fix typo in last commit · 9624b50d
  Viktor Dukhovni authored Jun 22, 2014
```
(cherry picked from commit 90b70a6a)
```
  9624b50d
- Multiple verifier reference identities. · 449d8645
  Viktor Dukhovni authored Jun 22, 2014
```
Implemented as STACK_OF(OPENSSL_STRING).

(cherry picked from commit 8abffa4a)
```
  449d8645
- Implement sk_deep_copy. · 7f7e11ee
  Viktor Dukhovni authored Jun 22, 2014
```
(cherry picked from commit 66d884f0)
```
  7f7e11ee
Jul 06, 2014
- Usage for -hack and -prexit -verify_return_error · 43f534b9
  Dr. Stephen Henson authored Jul 06, 2014
```
(cherry picked from commit ee724df7)
```
  43f534b9
- Document certificate status request options. · fbe8ea3a
  Dr. Stephen Henson authored Jul 06, 2014
```
(cherry picked from commit cba3f1c7)
```
  fbe8ea3a
- s_server usage for certificate status requests · affc941e
  Dr. Stephen Henson authored Jul 06, 2014
```
(cherry picked from commit a44f219c)
```
  affc941e
- Update ticket callback docs. · 012f7474
  Dr. Stephen Henson authored Jul 03, 2014
```
(cherry picked from commit a23a6e85)
```
  012f7474
Jul 05, 2014
- Sanity check keylength in PVK files. · 5c1b373b
  Dr. Stephen Henson authored Jul 06, 2014
```
PR#2277
(cherry picked from commit 733a6c882e92f8221bd03a51643bb47f5f81bb81)
```
  5c1b373b
- Added reference to platform specific cryptographic acceleration such as AES-NI · 648a9f7c
  Jeffrey Walton authored Jul 05, 2014
  
  648a9f7c
- Fixed error in pod files with latest versions of pod2man · 623acb90
  Matt Caswell authored Jul 05, 2014
```
(cherry picked from commit 07255f0a76d9d349d915e14f969b9ff2ee0d1953)
```
  623acb90
- sha512-x86_64.pl: fix typo. · 6ce295a3
  Andy Polyakov authored Jul 05, 2014
```
PR: #3431
(cherry picked from commit 7eb9680a)
```
  6ce295a3
- s3_pkt.c: fix typo. · 0359ccfd
  Andy Polyakov authored Jul 05, 2014
```
(cherry picked from commit 0e7a32b5)
```
  0359ccfd
- apps/speed.c: add multi-block benchmark. · 9c1cf94f
  Andy Polyakov authored Jul 05, 2014
```
(cherry picked from commit 375a64e3)
```
  9c1cf94f
- Return smaller of ret and f. · ff5b11f5
  Alan Hryngle authored Jul 05, 2014
```
PR#3418.
(cherry picked from commit fdea4fff)
```
  ff5b11f5
- Don't limit message sizes in ssl3_get_cert_verify. · 8358302d
  Dr. Stephen Henson authored Jul 05, 2014
```
PR#319 (reoponed version).
(cherry picked from commit 7f6e9578)
```
  8358302d
Jul 04, 2014
- Add license info. · 534656a9
  Dr. Stephen Henson authored Jul 04, 2014
```
(cherry picked from commit 55707a36)
```
  534656a9
- typo · 2cfbec1c
  Dr. Stephen Henson authored Jul 04, 2014
  
  2cfbec1c
- Remove all RFC5878 code. · 22db480d
  Dr. Stephen Henson authored Jul 04, 2014
```
Remove RFC5878 code. It is no longer needed for CT and has numerous bugs.
```
  22db480d
Jul 03, 2014
- Merge branch 'rsalz-docfixes' · d1073822
  Rich Salz authored Jul 02, 2014
  
  d1073822
- Close 3170, remove reference to Ariel Glenn's old 0.9.8 doc · 03ae3ca6
  Rich Salz authored Jul 03, 2014
```
(cherry picked from commit f1112985)
```
  03ae3ca6
Jul 02, 2014
- e_os.h: limit _MSC_VER trickery to older compilers. · 61df34e9
  Andy Polyakov authored Jul 02, 2014
```
PR: #3390
(cherry picked from commit aab3560b)
```
  61df34e9
- bn_exp.c: fix x86_64-specific crash with one-word modulus. · 47b9e06c
  Andy Polyakov authored Jul 02, 2014
```
PR: #3397
(cherry picked from commit eca441b2)
```
  47b9e06c
- Fix doc typo. · 88822622
  Matt Smart authored Jul 02, 2014
```
ERR_get_error(3) references the non-existent
ERR_get_last_error_line_data instead of the one that does exist,
ERR_peek_last_error_line_data.

PR#3283
(cherry picked from commit 5cc99c6c)
```
  88822622
- Make disabling last cipher work. · 8f243ab6
  Thijs Alkemade authored Jul 02, 2014
```
(cherry picked from commit 7cb472bd)
```
  8f243ab6
Jul 01, 2014
- ASN1 sanity check. · 9223a31e
  Dr. Stephen Henson authored Jul 02, 2014
```
Primitive encodings shouldn't use indefinite length constructed
form.

PR#2438 (partial).
(cherry picked from commit 398e99fe)
```
  9223a31e
- Accessor functions for app_data in ECDSA_METHOD · 654ae3d6
  Dr. Stephen Henson authored Jul 01, 2014
```
(cherry picked from commit 387b844f)
```
  654ae3d6
- Fix possible buffer overrun. · 70c739b8
  Ben Laurie authored Apr 23, 2014
```
(cherry picked from commit 2db3ea29)

Conflicts:
	ssl/ssl_locl.h
	ssl/t1_lib.c
```
  70c739b8
- sha512-x86_64.pl: fix linking problem under Windows. · daa96141
  Andy Polyakov authored Jul 01, 2014
```
(cherry picked from commit 29be3f64)
```
  daa96141
Jun 30, 2014

Fix copy for CCM, GCM and XTS. · 802fdcda

Dr. Stephen Henson authored Jun 30, 2014

Internal pointers in CCM, GCM and XTS contexts should either be
NULL or set to point to the appropriate key schedule. This needs
to be adjusted when copying contexts.
(cherry picked from commit c2fd5d79)

802fdcda

Make EVP_Digest* work again. · 6006e352
Dr. Stephen Henson authored Jun 30, 2014

6006e352

Jun 29, 2014

Don't core dump when using CMAC with dgst. · 2af68ef7

Dr. Stephen Henson authored Jun 29, 2014

We can't unfortunately print the CMAC cipher used without extending the API.

PR#2579
(cherry picked from commit 79e31a2842e10271581cbfdaae0145dd4bd35107)

2af68ef7

Make CMAC work with EVP_PKEY. · df401f47
Dr. Stephen Henson authored Jun 29, 2014
```
Add patch originally accidentally omitted to allow CMAC to work with
EVP_PKEY APIs.
```
df401f47

Clarified that the signature's buffer size, `s`, is not used as an · 3875ee59

Jeffrey Walton authored Jun 29, 2014

IN parameter.

Under the old docs, the only thing stated was "at most
EVP_PKEY_size(pkey) bytes will be written". It was kind of misleading
since it appears EVP_PKEY_size(pkey) WILL be written regardless of the
signature's buffer size.

(cherry picked from commit 6e6ba36d)

3875ee59

Make EVP_CIPHER_CTX_copy work in GCM mode. · 14183e50
ZNV authored Jun 29, 2014
```
PR#3272
(cherry picked from commit 370bf1d7)
```
14183e50