- Oct 23, 2015
-
-
Alessandro Ghedini authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Alessandro Ghedini authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Alessandro Ghedini authored
0 is a valid file descriptor. RT#4068 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Alessandro Ghedini authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Oct 22, 2015
-
-
Adam Eijdenberg authored
Previous language was unclear. New language isn't pretty but I believe it is more accurate. Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Ben Laurie <ben@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
[fixes github issue #447] Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Configure has, so far, had no control at all of which 'no-' options it can be given. This means that, for example, someone could configure with something absurd like 'no-stack' and then watch the build crumble to dust... or file a bug report. This introduces some sanity into the possible choices. The added list comes from looking for the explicit ones used in Configure, and from grepping after OPENSSL_NO_ in all source files. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Oct 21, 2015
-
-
Richard Levitte authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Because the default error macro generator assumes the header file with error macros is in include/openssl and therefore generates a C file with error texts that include <openssl/{name}.h>, we need to generate the error macros and texts for CT separately, since the CT module doesn't follow the default criteria. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Matt Caswell authored
The function SSLv23_server_method() is an old name. New code should use TLS_server_method() instead. Therefore don't use SSLv23_server_method() in an example in the docs. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Change the sanity check in PACKET_buf_init to check for excessive length buffers, which should catch the interesting cases where len has been cast from a negative value whilst avoiding any undefined behaviour. RT#4094 Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Oct 18, 2015
-
-
Richard Levitte authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Rename it to ct_int.h Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Check for Host header in query_responder instead of process_responder. This also fixes a memory leak in the old code if the headers was NULL. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Oct 17, 2015
-
-
Manish Goregaokar authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Oct 16, 2015
-
-
Rich Salz authored
Signed-off-by: Rich Salz <rsalz@akamai.com> Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Dmitry Belyavsky authored
When using command line applications errors occur when trying to load engines specified in a config file. Introduced by commit a0a82324 RT#4093 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Oct 15, 2015
-
-
Matt Caswell authored
There are a number of engines in the OpenSSL source code which are now obsolete. The following engines have been removed: 4758cca, aep, atalla, cswift, nuron, sureware. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Don't mark a certificate as self signed if keyUsage is present and certificate signing not asserted. PR#3979 Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Emilia Kasper authored
False positive: gcc (4.8) can't figure out the SSL_IS_DTLS logic. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Oct 14, 2015
-
-
Emilia Kasper authored
Thanks to the OpenBSD community for bringing this to our attention. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Oct 13, 2015
-
-
Dr. Stephen Henson authored
RFC5753 requires that we omit parameters for AES key wrap and set them to NULL for 3DES wrap. OpenSSL decrypt uses the received algorithm parameters so can transparently handle either form. Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Alessandro Ghedini authored
Follow-up to f386742c . Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Alessandro Ghedini authored
Signed-off-by: Rich Salz <rsalz@akamai.com> Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-