- Jan 15, 2017
-
-
Kurt Roeckx authored
Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2230 (cherry picked from commit 68d4bcfd)
-
Kurt Roeckx authored
Found by afl Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2230 (cherry picked from commit 244d7b28)
-
- Jan 13, 2017
-
-
Richard Levitte authored
RUN_ONCE really just returns 0 on failure or whatever the init function returned. By convention, however, the init function must return 0 on failure and 1 on success. This needed to be clarified. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2225) (cherry picked from commit 37b8f1e2)
-
Richard Levitte authored
The use of EXFLAG_SET requires the inclusion of openssl/x509v3.h. openssl/ocsp.h does that, except when OCSP is disabled. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2227) (cherry picked from commit d62210af)
-
- Jan 12, 2017
-
-
Rich Salz authored
Also, if want SHA1 then use the pre-computed value if there. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2223) (cherry picked from commit 3e5d9da5)
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2208) (cherry picked from commit 329f2f4a)
-
- Jan 10, 2017
-
-
Rich Salz authored
Fixes GitHub issue 2169. Reviewed-by: Kurt Roeckx <kurt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2207) (cherry picked from commit e043e882395c6104ce2a84f7ced0dc01b09791ad)
-
Kurt Roeckx authored
Found by tis-interpreter Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #1754 (cherry picked from commit 676befbe)
-
Matt Caswell authored
Otherwise the client will try to process it again. The second time around it will try and move the record data into handshake fragment storage and realise that there is no data left. At that point it marks it as read anyway. However, it is a bug that we go around the loop a second time, so we prevent that. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2200) (cherry picked from commit 290a0419)
-
- Jan 09, 2017
-
-
Bernd Edlinger authored
Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> GH: #2140 (cherry picked from commit c6d215e0)
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2151) (cherry picked from commit 3adc41dd)
-
Rich Salz authored
Enhance find-doc-nits to be better about finding typedefs for callback functions. Fix all nits it now finds. Added some new typedef names to ssl.h some of which were documented but did not exist Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2151) (cherry picked from commit 121677b4)
-
- Jan 08, 2017
-
-
Dr. Stephen Henson authored
Add option ExpectedTmpKeyType to test the temporary key the server sends is of the correct type. Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2191) (cherry picked from commit b93ad05d)
-
Dr. Stephen Henson authored
Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2191) (cherry picked from commit 9c4319bd)
-
- Jan 05, 2017
-
-
Dr. Stephen Henson authored
BIO_seek and BIO_tell can cause problems with evp_test.c on some platforms. Avoid them by using a temporary memory BIO to store key PEM data. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2183) (cherry picked from commit 71f60ef3)
-
- Jan 03, 2017
-
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 4fee75ca)
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 13ab8708)
-
- Dec 30, 2016
-
-
Matt Caswell authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2160) (cherry picked from commit f1b25aae)
-
Matt Caswell authored
This macro has a typo in it which makes it unusable. This issue was already fixed in 1.0.2 in commit 75fdee04 , but the same fix was not applied to other branches. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2160) (cherry picked from commit fb3ae0e8)
-
- Dec 29, 2016
-
-
Markus Triska authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> CLA: trivial (Merged from https://github.com/openssl/openssl/pull/2145) (cherry picked from commit 67adf0a7)
-
- Dec 22, 2016
-
-
Todd Short authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2134) (cherry picked from commit 8bfa99f0)
-
- Dec 20, 2016
-
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2121) (cherry picked from commit 2629440d)
-
Richard Levitte authored
For now, checking that the size is non-zero will suffice. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2120) (cherry picked from commit d7c8f142)
-
- Dec 18, 2016
-
-
Finn Hakansson authored
Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> CLA: trivial (Merged from https://github.com/openssl/openssl/pull/2086) (cherry picked from commit 0b742f93)
-
- Dec 17, 2016
-
-
Richard Levitte authored
In some cases, both client and server end of the test can end up in SSL_ERROR_WANT_READ and never get out of it, making the test spin. Detect it and give up instead of waiting endlessly. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2096) (cherry picked from commit ceb6d746)
-
- Dec 16, 2016
-
-
Richard Levitte authored
When built with --strict-warnings and the Linux kernel headers don't match the kernel version, the preprocessor warnings in engines/afalg/e_afalg.c cause compilation errors. Use the macro PEDANTIC to avoid those warnings in that case. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2095) (cherry picked from commit 97043e46)
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2093) (cherry picked from commit cd3fe0e0)
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2092)
-
- Dec 15, 2016
-
-
Kurt Roeckx authored
Calling it with lenght 0 and NULL as source is undefined behaviour. Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2089 (cherry picked from commit eeab356c)
-
- Dec 14, 2016
-
-
Rich Salz authored
More importantly, port CRL test from boringSSL crypto/x509/x509_test.cc Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1775) (cherry picked from commit 2b406990)
-
Dr. Stephen Henson authored
Add options to check the function and reason code matches expected values. Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit 99f2f1dc)
-
- Dec 13, 2016
-
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2079)
-
Rich Salz authored
Don't use regexps for section names, just strings: More consistency. Rename "COMMAND OPTIONS" to OPTIONS. Fix a couple of other nit-level things. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2076) (cherry picked from commit 3dfda1a6)
-
- Dec 12, 2016
-
-
Azat Khuzhin authored
Fixes: 8d00e30f ("Don't try to init dasync internally") Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> CLA: trivial (cherry picked from commit b9b5181d)
-
Dmitry Belyavskiy authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2075) (cherry picked from commit 498180de)
-
Paul Hovey authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> CLA: trivial (cherry picked from commit 6974fca4)
-
Paul Hovey authored
fix undoes errors introduced by https://github.com/openssl/openssl/commit/fc6076ca272f74eb1364c29e6974ad5da5ef9777?diff=split#diff-1014acebaa2c13d44ca196b9a433ef2eR184 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> CLA: trivial (cherry picked from commit 8bd62abe)
-
Benjamin Kaduk authored
Commit 0cd0a820 removed this macro along with many unused function and reason codes; ERR_FATAL_ERROR() was not used in the tree, but did have external consumers. Add it back to restore the API compatibility and avoid breaking applications for no internal benefit. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2049) (cherry picked from commit 036ba500)
-
Matt Caswell authored
SSL_clear() was resetting numwpipes to 0, but not freeing any allocated memory for existing write buffers. Fixes #2026 Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 4bf08600)
-
Andy Polyakov authored
$1<<32>>32 worked fine with either 32- or 64-bit perl for a good while, relying on quirk that [pure] 32-bit perl performed it as $1<<0>>0. But this apparently changed in some version past minimally required 5.10, and operation result became 0. Yet, it went unnoticed for another while, because most perl package providers configure their packages with -Duse64bitint option. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 82e08930)
-