Commits · 367071f121d7e941846f612fba60dbb1d12cf9dd · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Mar 21, 2016

Adds s2i function for ct_precert_poison X509 extension · 367071f1

Rob Percival authored Mar 21, 2016



Allows CONF files for certificate requests to specify that a pre-
certificate should be created (see RFC6962).

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

367071f1

Fix memory leak where fdlookup linked list is not freed during · 55327ddf

Steven Linsell authored Mar 20, 2016


ASYNC_WAIT_CTX_free

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

55327ddf

Fix no-ts with --strict-warnings · 7188f1f6
Matt Caswell authored Mar 21, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
7188f1f6

Fix no-sock · f9e55034

Matt Caswell authored Mar 21, 2016



Misc fixes for no-sock

Reviewed-by: Richard Levitte <levitte@openssl.org>

f9e55034

Fix no-gost · 168c3b73

Matt Caswell authored Mar 21, 2016



Configure had the wrong name for the no-gost option.

Reviewed-by: Richard Levitte <levitte@openssl.org>

168c3b73

Don't use hardcoded values for types · ac19ae15
Dr. Stephen Henson authored Mar 21, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
ac19ae15

In for loop values, introduce a dummy to protect against empty list · 2b364f61

Richard Levitte authored Mar 21, 2016



In constructions such as 'for x in $(MAKEVAR); do ...', there's the
possibility that $(MAKEVAR) is en empty value.  Some shells don't like
that, so introduce a dummy value that gets discarded:

    for x in dummy $(MAKEVAR); do
        if [ "$$x" = "dummy" ]; then continue; fi

Closes RT#4459

Reviewed-by: Rich Salz <rsalz@openssl.org>

2b364f61

Fix no-seed · 8d9fb8c8

Matt Caswell authored Mar 21, 2016



Fix compilation with --strict-warnings and no-seed

Reviewed-by: Rich Salz <rsalz@openssl.org>

8d9fb8c8

Remove the no-rijndael option · dc110177

Matt Caswell authored Mar 21, 2016



Rijndael is an old name for AES.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

dc110177

Fix no-scrypt · 83bd31da

Matt Caswell authored Mar 21, 2016



Fix the evp tests when no-scrypt is used.

Reviewed-by: Richard Levitte <levitte@openssl.org>

83bd31da

Skip the CMS tests if CMS is disabled · 18cb0221

Matt Caswell authored Mar 21, 2016



This fixes the no-cms compile time option.

Reviewed-by: Emilia Käsper <emilia@openssl.org>

18cb0221

Fix no-dsa · 83ae8124

Matt Caswell authored Mar 18, 2016



Misc fixes for no-dsa.

Reviewed-by: Richard Levitte <levitte@openssl.org>

83ae8124

Build system: VC-WIN64I fixups. · b75ac3c2
Andy Polyakov authored Mar 18, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
b75ac3c2
Configurations/windows-makefile.tmpl: respect no-makedepend. · bb6b950e
Andy Polyakov authored Mar 19, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
bb6b950e
Windows build system: get uplink right. · acf15259
Andy Polyakov authored Mar 18, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
acf15259
config: fix off-by-centimeter-to-the-right typo. · d8292af4
Andy Polyakov authored Mar 16, 2016
```
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
```
d8292af4
Configurations/10-main.conf: freeze -std option in darwin*-ppc-cc. · c75065e1
Andy Polyakov authored Mar 14, 2016
```
RT#4422

Reviewed-by: Richard Levitte <levitte@openssl.org>
```
c75065e1
Remove mk1mf documentation · 3e67b333
Richard Levitte authored Mar 17, 2016
```
Reviewed-by: Andy Polyakov <appro@openssl.org>
```
3e67b333

Remove the remainder of util/mk1mf.pl and companion scripts · 007c80ea

Richard Levitte authored Mar 17, 2016



This removes all scripts that deal with MINFO as well, since that's
only used by mk1mf.

Reviewed-by: Andy Polyakov <appro@openssl.org>

007c80ea

Remove generation of ms/version32.rc from Configure, use util/mkrc.pl · 0ef1ce49

Richard Levitte authored Mar 17, 2016



utils/mkrc.pl was added a while ago as a better generator for the
Windows DLL resource file.  Finalize the change by removing the
ms/version32.rc generator from Configure and adding resource file
support using mkrc.pl in Configurations/windows-makefile.pl

Reviewed-by: Andy Polyakov <appro@openssl.org>

0ef1ce49

Remove the mk1mf VC-WIN* builds and its supporting scripts · 753585b9

Richard Levitte authored Mar 17, 2016



The mk1mf build for the VC-WIN* targets is broken and the unified
scheme works well enough, so we clean out the old.

Reviewed-by: Andy Polyakov <appro@openssl.org>

753585b9

Fix ALPN - more fixes · 0351baae

Todd Short authored Mar 12, 2016



* Clear proposed, along with selected, before looking at ClientHello
* Add test case for above
* Clear NPN seen after selecting ALPN on server
* Minor documentation updates

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

0351baae

Add a comment on dane_verify() logic · 89ff989d
Viktor Dukhovni authored Mar 20, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
89ff989d

Mar 20, 2016

Remove #error from include files. · 3c27208f

Rich Salz authored Mar 18, 2016



Don't have #error statements in header files, but instead wrap
the contents of that file in #ifndef OPENSSL_NO_xxx
This means it is now always safe to include the header file.

Reviewed-by: Richard Levitte <levitte@openssl.org>

3c27208f

GH886: CONNECT should use HTTP/1.1 · 8230f6c7

Rich Salz authored Mar 19, 2016



By default you get 0.9 which isn't widely available.
But we use HTTP/1.0 for now.
Courtesy beusink@users.github.com

Reviewed-by: Tim Hudson <tjh@openssl.org>

8230f6c7

Have makedepend output to stdout and redirect it · f3e5948a

Richard Levitte authored Mar 20, 2016



This gives us better control of what files are produced.

Reviewed-by: Andy Polyakov <appro@openssl.org>

f3e5948a

ct_int.h only needed by crypto/ct · d57611ea

Rich Salz authored Mar 20, 2016



Merge ct_int.h into ct_locl.h

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

d57611ea

constify DSA_SIG_get0() · 99cccf36
Dr. Stephen Henson authored Mar 20, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
99cccf36
Move blake2_loclh to blake2 directory · 01ce6f74
Rich Salz authored Mar 20, 2016
```
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
```
01ce6f74

Fixed language · 270862b4

Alex Gaynor authored Mar 19, 2016


Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

270862b4

Fixed a bunch of typos in the docs · 35ed393e

Alex Gaynor authored Mar 19, 2016



Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

35ed393e

Mar 19, 2016

constify ECDSA_SIG_get0() · 34c2db9b

Dr. Stephen Henson authored Mar 17, 2016



PR#4436

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

34c2db9b

If the asm file to be compiled isn't generated, leave the ext alone · 674d5858
Richard Levitte authored Mar 19, 2016
```
Closes RT#4447

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
```
674d5858
make update · 812e0c8d
Richard Levitte authored Mar 19, 2016
```
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
```
812e0c8d

Don't let 'generate' target depend on generated files, act directly instead · 9a9f8ee7

Richard Levitte authored Mar 19, 2016



One of the 'generate' targets depended on $(SRCDIR)/apps/progs.h,
which depended on...  nothing.  This meant it never got regenerated
once it existed, regardless of need.  Of course, we could have it
depend on all the files checked to generate it, but they also depend
on progs.h, so we'd end up getting cricular dependencies, which makes
make unhappy.

Furthermore, and this applies for the other generated files, having
them as targets means that they may be regenerated on the fly in some
cases, and since they get written to the source tree, this isn't such
a good idea if that tree is read-only (which is a possible situation
in an out-of-tree build).

So, we move all the actions to the 'generate' targets themselves, thus
making sure they get regenerated in a controlled manner and regardless
of dependencies.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

9a9f8ee7

apps/progs.pl: add back the INCLUDE_FUNCTION_TABLE wrapper · ad2c5ed7
Richard Levitte authored Mar 19, 2016
```
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
```
ad2c5ed7
Revert "Ignore the generated apps/progs.h" · 37bbfd48
Viktor Dukhovni authored Mar 18, 2016
```
This reverts commit 91056e72

.

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
37bbfd48
Revert "Generate apps/progs.h on the fly" · ffc8d605
Viktor Dukhovni authored Mar 18, 2016
```
This reverts commit 04e2a527

.

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
ffc8d605
Revert "Include progs.h directly in openssl.c instead of via apps.h" · 1e7e1c8d
Viktor Dukhovni authored Mar 18, 2016
```
This reverts commit a45d7d53

.

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
1e7e1c8d
GH36: Add casts to match the documentation · 5a339364
Alex Gaynor authored Mar 19, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
5a339364