Commits · 32b07f5a80d22b34cfcd6df76d425bed771b0146 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Jan 05, 2015

Additional fix required for no-srtp to work · 32b07f5a
Matt Caswell authored Dec 22, 2014
```
RT3638

Reviewed-by: Emilia Käsper <emilia@openssl.org>
```
32b07f5a
Fix building with no-srtp · e783bae2
Piotr Sikora authored Dec 22, 2014
```
RT3638

Reviewed-by: Emilia Käsper <emilia@openssl.org>
```
e783bae2

Add a clang build target for linux-x86_64 · cb2bc054

Emilia Kasper authored Jan 05, 2015



This change documents the world as-is, by turning all warnings on,
and then turning warnings that trigger off again.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

cb2bc054

Jan 04, 2015

Remove inconsistency in ARM support. · c1669e1c

Andy Polyakov authored Nov 07, 2014


This facilitates "universal" builds, ones that target multiple
architectures, e.g. ARMv5 through ARMv7. See commentary in
Configure for details.

Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

c1669e1c

ecp_nistz256-x86_64.pl: fix occasional failures. · 9e557ab2

Andy Polyakov authored Jan 04, 2015



RT: 3607
Reviewed-by: Adam Langley <agl@google.com>
Reviewed-by: Emilia Kasper <emilia@openssl.org>

9e557ab2

RT2914: NULL check missing in X509_name_canon · 2c60925d

Rich Salz authored Jan 04, 2015



Check for NULL return from X509_NAME_ENTRY_new()

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

2c60925d

Jan 02, 2015

Remove SGC restart flag. · 95275599
Dr. Stephen Henson authored Jan 02, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
95275599

Remove MS SGC · 63eab8a6

Dr. Stephen Henson authored Oct 24, 2014



MS Server gated cryptography is obsolete and dates from the time of export
restrictions on strong encryption and is only used by ancient versions of
MSIE.
Reviewed-by: Matt Caswell <matt@openssl.org>

63eab8a6

Clear existing extension state. · 4f605ccb

Dr. Stephen Henson authored Dec 05, 2014



When parsing ClientHello clear any existing extension state from
SRP login and SRTP profile.

Thanks to Karthikeyan Bhargavan for reporting this issue.
Reviewed-by: Matt Caswell <matt@openssl.org>

4f605ccb

Dec 31, 2014

typo in s_client · 2a9338ee

Dominik Neubauer authored Mar 04, 2014



Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Geoff Thorpe <geoff@openssl.org>

2a9338ee

remove duplicate defines · b17dcb0d

Martin Nowak authored Apr 21, 2014



Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Geoff Thorpe <geoff@openssl.org>

b17dcb0d

constify tls 1.2 lookup tables. · d97ed219

Cristian Rodríguez authored Apr 20, 2014



None of this should live in writable memory

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Geoff Thorpe <geoff@openssl.org>

d97ed219

Add missing include of sys/time.h · 97d5809c
Kurt Roeckx authored Dec 30, 2014
```
gettimeofday was undefined

Reviewed-by: Geoff Thorpe <geoff@openssl.org>
```
97d5809c

Dec 30, 2014

mark all block comments that need format preserving so that · 1d97c843

Tim Hudson authored Dec 28, 2014


indent will not alter them when reformatting comments

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

1d97c843

Make "run" volatile · aa8a9266
Kurt Roeckx authored Dec 16, 2014
```
RT#3629

Reviewed-by: Richard Levitte <levitte@openssl.org>
```
aa8a9266

Document openssl dgst -hmac option · 5075e52e

Thorsten Glaser authored May 22, 2009



Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>

5075e52e

dlfcn: always define _GNU_SOURCE · c1844095

Kurt Roeckx authored Dec 23, 2013

We need this for the freebsd kernel with glibc as used in the Debian kfreebsd
ports. There shouldn't be a problem defining this on systems not using glibc.

Reviewed-by: Richard Levitte <levitte@openssl.org>

c1844095

Fix memory leak in the apps · 8c00f4cf

Kurt Roeckx authored Dec 07, 2014



The BIO_free() allocated ex_data again that we already freed.

Reviewed-by: Richard Levitte <levitte@openssl.org>

8c00f4cf

Dec 28, 2014

RT3548: Remove unsupported platforms · 32dfde10

Rich Salz authored Dec 28, 2014



This commit removes DG-UX.
It also flushes out some left-behinds in config.
And regenerates TABLE from Configure (hadn't been done in awhile).

Reviewed-by: Richard Levitte <levitte@openssl.org>

32dfde10

Dec 25, 2014

RT3548: unsupported platforms · 6c23ca0c

Rich Salz authored Dec 25, 2014



This commit removes Sinix/ReliantUNIX RM400
(And a missed piece of BEOS fluff)

Reviewed-by: Richard Levitte <levitte@openssl.org>

6c23ca0c

Dec 22, 2014

RT3548: Remove unsupported platforms. · 5ad4fdce
Rich Salz authored Dec 22, 2014
```
This commit removes MPE/iX

Reviewed-by: Andy Polyakov <appro@openssl.org>
```
5ad4fdce

Improves certificates HOWTO · 67472bd8

Alok Menghrajani authored Nov 30, 2014



* adds links to various related documents.
* fixes a few typos.
* rewords a few sentences.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

67472bd8

Small typo · 7cfab40f
Richard Levitte authored Dec 22, 2014
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
7cfab40f

RT3548: Remvoe unsupported platforms · f2319414

Rich Salz authored Dec 21, 2014



This commit removes SunOS (a sentimental favorite of mine).

Reviewed-by: Richard Levitte <levitte@openssl.org>

f2319414

Dec 20, 2014

Fix incorrect OPENSSL_assert() usage. · 2521fcd8

Michael Tuexen authored Nov 16, 2014



Return an error code for I/O errors instead of an assertion failure.

PR#3470
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>

2521fcd8

RT3548: Remove outdated platforms · e03b2987

Rich Salz authored Dec 19, 2014



This commit removes all mention of NeXT and NextStep.

Reviewed-by: Richard Levitte <levitte@openssl.org>

e03b2987

Dec 19, 2014
- Fix a problem if CFLAGS is too long cversion.c fails to compile when config · 488f16e3
  Matt Caswell authored Dec 19, 2014
```
is run with --strict-warnings.

Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  488f16e3
Dec 18, 2014

Made it an error to define OPENSSL_USE_DEPRECATED if OpenSSL has been built · c0fc27f8
Matt Caswell authored Dec 18, 2014
```
with OPENSSL_NO_DEPRECATED defined

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
c0fc27f8
Update CHANGES for deprecated updates · bd2bd374
Matt Caswell authored Dec 17, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
bd2bd374
make update following changes to default config settings · 6385043f
Matt Caswell authored Dec 17, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
6385043f
Change all instances of OPENSSL_NO_DEPRECATED to OPENSSL_USE_DEPRECATED · 53e95716
Matt Caswell authored Dec 17, 2014
```
Introduce use of DECLARE_DEPRECATED

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
53e95716
Remove redundant OPENSSL_NO_DEPRECATED suppression · 5bafb04d
Matt Caswell authored Dec 17, 2014
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
5bafb04d

Turn on OPENSSL_NO_DEPRECATED by default. · 07c4c14c

Matt Caswell authored Dec 17, 2014


Also introduce OPENSSL_USE_DEPRECATED. If OPENSSL_NO_DEPRECATED is
defined at config stage then OPENSSL_USE_DEPRECATED has no effect -
deprecated functions are not available.
If OPENSSL_NO_DEPRECATED is not defined at config stage then
applications must define OPENSSL_USE_DEPRECATED in order to access
deprecated functions.
Also introduce compiler warnings for gcc for applications using
deprecated functions

Reviewed-by: Rich Salz <rsalz@openssl.org>

07c4c14c

RT3548: Remove some obsolete platforms · 59ff1ce0

Rich Salz authored Dec 18, 2014



This commit removes Sony NEWS4

Reviewed-by: Richard Levitte <levitte@openssl.org>

59ff1ce0

Return error when a bit string indicates an invalid amount of bits left · 5a1e8c67
Kurt Roeckx authored Dec 15, 2014
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
5a1e8c67
Fix yet anoither 'make clean' breakage. · 040b60f6
Rich Salz authored Dec 18, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
040b60f6

Dec 17, 2014

RT3548: Remove some obsolete platforms · b317819b
Rich Salz authored Dec 17, 2014
```
This commit removes BEOS.

Reviewed-by: Richard Levitte <levitte@openssl.org>
```
b317819b
RT3544: Restore MWERKS for NetWare · 179f6b2f
Rich Salz authored Dec 17, 2014
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
179f6b2f

Reject invalid constructed encodings. · 89f40f36

Dr. Stephen Henson authored Dec 16, 2014



According to X6.90 null, object identifier, boolean, integer and enumerated
types can only have primitive encodings: return an error if any of
these are received with a constructed encoding.
Reviewed-by: Emilia Käsper <emilia@openssl.org>

89f40f36

Add a comment noting the padding oracle. · 03af8430
Emilia Kasper authored Dec 17, 2014
```
Reviewed-by: Andy Polyakov <appro@openssl.org>
```
03af8430