- 15 Jan, 2017 2 commits
-
-
Kurt Roeckx authored
Reviewed-by:
Andy Polyakov <appro@openssl.org> GH: #2230 (cherry picked from commit 68d4bcfd)
-
Kurt Roeckx authored
Found by afl Reviewed-by:
-
- 13 Jan, 2017 2 commits
-
-
Richard Levitte authored
RUN_ONCE really just returns 0 on failure or whatever the init function returned. By convention, however, the init function must return 0 on failure and 1 on success. This needed to be clarified. Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2225) (cherry picked from commit 37b8f1e2)
-
Richard Levitte authored
The use of EXFLAG_SET requires the inclusion of openssl/x509v3.h. openssl/ocsp.h does that, except when OCSP is disabled. Reviewed-by:
-
- 12 Jan, 2017 2 commits
-
-
Rich Salz authored
Also, if want SHA1 then use the pre-computed value if there. Reviewed-by:
Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2223) (cherry picked from commit 3e5d9da5)
-
Rich Salz authored
Reviewed-by:
-
- 10 Jan, 2017 3 commits
-
-
Rich Salz authored
Fixes GitHub issue 2169. Reviewed-by:
Kurt Roeckx <kurt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2207) (cherry picked from commit e043e882395c6104ce2a84f7ced0dc01b09791ad)
-
Kurt Roeckx authored
Found by tis-interpreter Reviewed-by:
Rich Salz <rsalz@openssl.org> GH: #1754 (cherry picked from commit 676befbe)
-
Matt Caswell authored
Otherwise the client will try to process it again. The second time around it will try and move the record data into handshake fragment storage and realise that there is no data left. At that point it marks it as read anyway. However, it is a bug that we go around the loop a second time, so we prevent that. Reviewed-by:
-
- 09 Jan, 2017 3 commits
-
-
Bernd Edlinger authored
Signed-off-by:
Kurt Roeckx <kurt@roeckx.be> Reviewed-by:
-
Rich Salz authored
Reviewed-by:
-
Rich Salz authored
Enhance find-doc-nits to be better about finding typedefs for callback functions. Fix all nits it now finds. Added some new typedef names to ssl.h some of which were documented but did not exist Reviewed-by:
-
- 08 Jan, 2017 2 commits
-
-
Dr. Stephen Henson authored
Add option ExpectedTmpKeyType to test the temporary key the server sends is of the correct type. Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
- 05 Jan, 2017 1 commit
-
-
Dr. Stephen Henson authored
BIO_seek and BIO_tell can cause problems with evp_test.c on some platforms. Avoid them by using a temporary memory BIO to store key PEM data. Reviewed-by:
-
- 03 Jan, 2017 2 commits
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
- 30 Dec, 2016 2 commits
-
-
Matt Caswell authored
Reviewed-by:
Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2160) (cherry picked from commit f1b25aae)
-
Matt Caswell authored
This macro has a typo in it which makes it unusable. This issue was already fixed in 1.0.2 in commit 75fdee04 , but the same fix was not applied to other branches. Reviewed-by:
-
- 29 Dec, 2016 1 commit
-
-
Markus Triska authored
Reviewed-by:
-
- 22 Dec, 2016 1 commit
-
-
Todd Short authored
Reviewed-by:
-
- 20 Dec, 2016 2 commits
-
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
For now, checking that the size is non-zero will suffice. Reviewed-by:
-
- 18 Dec, 2016 1 commit
-
-
Finn Hakansson authored
Reviewed-by:
-
- 17 Dec, 2016 1 commit
-
-
Richard Levitte authored
In some cases, both client and server end of the test can end up in SSL_ERROR_WANT_READ and never get out of it, making the test spin. Detect it and give up instead of waiting endlessly. Reviewed-by:
-
- 16 Dec, 2016 3 commits
-
-
Richard Levitte authored
When built with --strict-warnings and the Linux kernel headers don't match the kernel version, the preprocessor warnings in engines/afalg/e_afalg.c cause compilation errors. Use the macro PEDANTIC to avoid those warnings in that case. Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
- 15 Dec, 2016 1 commit
-
-
Kurt Roeckx authored
Calling it with lenght 0 and NULL as source is undefined behaviour. Reviewed-by:
-
- 14 Dec, 2016 2 commits
-
-
Rich Salz authored
More importantly, port CRL test from boringSSL crypto/x509/x509_test.cc Reviewed-by:
-
Dr. Stephen Henson authored
Add options to check the function and reason code matches expected values. Reviewed-by:
-
- 13 Dec, 2016 2 commits
-
-
Rich Salz authored
Reviewed-by:
-
Rich Salz authored
Don't use regexps for section names, just strings: More consistency. Rename "COMMAND OPTIONS" to OPTIONS. Fix a couple of other nit-level things. Reviewed-by:
-
- 12 Dec, 2016 7 commits
-
-
Azat Khuzhin authored
Fixes: 8d00e30f ("Don't try to init dasync internally") Reviewed-by:
-
Dmitry Belyavskiy authored
Reviewed-by:
-
Paul Hovey authored
Reviewed-by:
-
Paul Hovey authored
fix undoes errors introduced by https://github.com/openssl/openssl/commit/fc6076ca272f74eb1364c29e6974ad5da5ef9777?diff=split#diff-1014acebaa2c13d44ca196b9a433ef2eR184 Reviewed-by:
-
Benjamin Kaduk authored
Commit 0cd0a820 removed this macro along with many unused function and reason codes; ERR_FATAL_ERROR() was not used in the tree, but did have external consumers. Add it back to restore the API compatibility and avoid breaking applications for no internal benefit. Reviewed-by:
-
Matt Caswell authored
SSL_clear() was resetting numwpipes to 0, but not freeing any allocated memory for existing write buffers. Fixes #2026 Reviewed-by:
-
Andy Polyakov authored
$1<<32>>32 worked fine with either 32- or 64-bit perl for a good while, relying on quirk that [pure] 32-bit perl performed it as $1<<0>>0. But this apparently changed in some version past minimally required 5.10, and operation result became 0. Yet, it went unnoticed for another while, because most perl package providers configure their packages with -Duse64bitint option. Reviewed-by:
-
