Commits · 308ff28673ae1a4a1b346761224b4a8851d41f58 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

May 23, 2016

Fix error return value in SRP functions · 308ff286

Matt Caswell authored Apr 25, 2016



The functions SRP_Calc_client_key() and SRP_Calc_server_key() were
incorrectly returning a valid pointer in the event of error.

Issue reported by Yuan Jochen Kang

Reviewed-by: Richard Levitte <levitte@openssl.org>

308ff286

Add error return for OPENSSL_INIT_set_config_filename() · dae00d63

Matt Caswell authored May 23, 2016



The OPENSSL_INIT_set_config_filename() function can fail so ensure that it
provides a suitable error code.

GitHub Issue #920

Reviewed-by: Rich Salz <rsalz@openssl.org>

dae00d63

Use strerror_r()/strerror_s() instead of strerror() where possible · 7d37818d

Matt Caswell authored May 23, 2016



The function strerror() is not thread safe. We should use strerror_r()
where possible, or strerror_s() on Windows.

RT#2267

Reviewed-by: Richard Levitte <levitte@openssl.org>

7d37818d

#4342: few missing malloc return checks and free in error paths · a93e0e78

J Mohan Rao Arisankala authored May 23, 2016



ossl_hmac_cleanup, pkey_hmac_cleanup:
 - allow to invoke with NULL data
 - using EVP_PKEY_CTX_[get|set]_data

EVP_DigestInit_ex:
 - remove additional check for ‘type’ and doing clear free instead of
free

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

a93e0e78

Windows notes: add a few lines on gaining admin privs for installing · 1c7bfec5
Richard Levitte authored May 23, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
1c7bfec5
VMS: show the ossl_dataroot logical as well when doing "mms debug_logicals" · 7285ac09
Richard Levitte authored May 23, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
7285ac09
Install the scripts the same way on Windows and VMS as on Unix · 2ff4d293
Richard Levitte authored May 23, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
2ff4d293
Make sure tsget.pl and c_rehash.pl get installed on VMS and Windows. · 5f94746f
Richard Levitte authored May 23, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
5f94746f

Make sure tsget and c_rehash are named with .pl suffix on Windows and VMS · 34f5d44f

Richard Levitte authored May 23, 2016



Especially on Windows, the .pl suffix is associated with the perl
interpreter, and therefore make those scripts usable as commands of
their own.  On VMS, it simply looks better.

Reviewed-by: Rich Salz <rsalz@openssl.org>

34f5d44f

Make sure to initialize all CA.pl variables properly · 35b060fc
Richard Levitte authored May 23, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
35b060fc

Add buf-freelists to deprecated options · 050a36a9

Todd Short authored May 23, 2016



The buf-freelists option was removed in master. There may be some
things that try to disable it, so don't error out.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

050a36a9

Remove unused error/function codes. · 0cd0a820

Rich Salz authored May 23, 2016



Add script to find unused err/reason codes
Remove unused reason codes.
Remove entries for unused functions

Reviewed-by: Matt Caswell <matt@openssl.org>

0cd0a820

Support -no-CAfile -no-CApath in ctx2 · f65a8c1e
Dr. Stephen Henson authored May 23, 2016
```
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
```
f65a8c1e
remove encrypt then mac ifdefs · 77ab2b01
Dr. Stephen Henson authored May 23, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
77ab2b01
VMS: remove last VAX vestiges · f3fcd4d5
Richard Levitte authored May 23, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
f3fcd4d5
make update · 60980390
Dr. Stephen Henson authored May 19, 2016
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
60980390

Support for traditional format private keys. · 05dba815

Dr. Stephen Henson authored May 17, 2016



Add new function PEM_write_bio_PrivateKey_traditional() to enforce the
use of legacy "traditional" private key format. Add -traditional option
to pkcs8 and pkey utilities.

Reviewed-by: Matt Caswell <matt@openssl.org>

05dba815

Slight cleanup of the collection of READMEs, INSTALLs and NOTES · 07930a75

Richard Levitte authored May 23, 2016



README is a fairly independent document, and so is INSTALL.  NOTES are
merely addendums to INSTALL.  Therefore , INSTALL.DJGPP and
README.PERL get renamed to NOTES.DJGPP and NOTES.PERL.

Reviewed-by: Rich Salz <rsalz@openssl.org>

07930a75

Remove INSTALL.WCE and refs to it. · 20ab55f4
Rich Salz authored May 23, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
20ab55f4

Add text/x509aux to gitignore · 48244109

Todd Short authored May 23, 2016



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

48244109

Add checks on CRYPTO_set_ex_data return value · e5a5e3f3

FdaSilvaYY authored Feb 14, 2016


Fix possible leak in danetest.c

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

e5a5e3f3

Fix some malloc failure crashes on X509_STORE_CTX_set_ex_data · a98810bf

FdaSilvaYY authored Feb 13, 2016



from BoringSSL 306ece31bcaaed49e0240a2e5555f8901ebb2d45

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

a98810bf

Fix and simplify error handling in (RSA/EC_kmeth)_new_method() · 11ed851d

FdaSilvaYY authored May 17, 2016

Inspired from PR #873.
Nearly same as 2bbf0baa

.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

11ed851d

Remove useless NULL checks · aca6dae9

FdaSilvaYY authored May 07, 2016



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

aca6dae9

Windows: shut DEL up · 7d52e554
Richard Levitte authored May 23, 2016
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
7d52e554

May 22, 2016
- Complete the rename of LHASH functions and types · 154fe2b4
  Richard Levitte authored May 22, 2016
```
LHASH_NODE was used internally, which doesn't work when configured
'no-deprecated'

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  154fe2b4
- util/process_docs.pl: Add more debugging output · 398c1b77
  Richard Levitte authored May 23, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  398c1b77
- Improve the checking of pod sections · c4d59893
  Richard Levitte authored May 23, 2016
```
(i.e. remove some bugs)

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  c4d59893
- HTML docs on Unix: Add a HTML title · beadb441
  Richard Levitte authored May 21, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  beadb441
- process_docs.pl: When starting to read a new head1 section, remove previous text · e4860d53
  Richard Levitte authored May 21, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  e4860d53
- Add a missing comma in OPENSSL_malloc.pod · eae02924
  Richard Levitte authored May 21, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  eae02924
- Add the missing NAME header in the OCSP docs · aec3ecd0
  Richard Levitte authored May 21, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  aec3ecd0
- Avoid creating an illegal pointer · 1544583b
  Kurt Roeckx authored May 21, 2016
```
Found by tis-interpreter

Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1106
```
  1544583b
- Avoid creating an illegal pointer · acc60092
  Kurt Roeckx authored May 21, 2016
```
Found by tis-interpreter

Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1106
```
  acc60092
May 21, 2016

Have doc-nit-check look for mandatory manual sections · 169a8e39
Richard Levitte authored May 22, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
169a8e39
Constify stack and lhash macros. · 4591e5fb
Dr. Stephen Henson authored May 21, 2016
```
RT#4471

Reviewed-by: Tim Hudson <tjh@openssl.org>
```
4591e5fb

Indent and dead code cleanup · 8bf78043

FdaSilvaYY authored May 20, 2016



tofree pointer  is no more used...

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1103)

8bf78043

Add OpenSSL copyright to .pl files · 6aa36e8e
Rich Salz authored May 21, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
6aa36e8e

Doc nits cleanup, round 2 · 05ea606a

Rich Salz authored May 20, 2016



Fix some code examples, trailing whitespace
Fix TBA sections in verify, remove others.
Remove empty sections
Use Mixed Case not ALL CAPS in head2
Enhance doc-nits script.
Remove extra =cut line

Reviewed-by: Richard Levitte <levitte@openssl.org>

05ea606a

May 20, 2016

Fix Windows 64 bit crashes · fcb318c6

Matt Caswell authored May 19, 2016

The function InitOnceExceuteOnce is the best way to support the
implementation of CRYPTO_THREAD_run_once() on Windows. Unfortunately
WinXP doesn't have it. To get around that we had two different
implementations: one for WinXP and one for later versions. Which one was
used was based on the value of _WIN32_WINNT.

This approach was starting to cause problems though because other parts of
OpenSSL assume _WIN32_WINNT is going to be 0x0501 and crashes were
occurring dependant on include file ordering. In addition a conditional
based on _WIN32_WINNT had made its way into a public header file through
commit 5c4328f0

. This is problematic because the value of this macro can
vary between OpenSSL build time and application build time.

The simplest solution to this mess is just to always use the WinXP version
of CRYPTO_THREAD_run_once(). Its perhaps slightly sub-optimal but probably
not noticably.

GitHub Issue #1086

Reviewed-by: Richard Levitte <levitte@openssl.org>

fcb318c6