- Feb 15, 2017
-
-
Dr. Stephen Henson authored
Add inline function ssl_has_cert which checks to see if a certificate and private key for a given index are not NULL. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2623)
-
- Feb 14, 2017
-
-
FdaSilvaYY authored
[skip ci] Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2571)
-
Guido Vranken authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1613)
-
Guido Vranken authored
Prevents that OPENSSL_gmtime incorrectly signals success if gmtime_r fails, and that struct* tm result's possibly uninitialized content is used Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1613)
-
Bernd Edlinger authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2618)
-
Guido Vranken authored
Prevent allocations of size 0 in sh_init, which are not possible with the default OPENSSL_zalloc, but are possible if the user has installed their own allocator using CRYPTO_set_mem_functions. If the 0-allocations succeeds, the secure heap code will later access (at least) the first byte of that space, which is technically an OOB access. This could lead to problems with some custom allocators that only return a valid pointer for subsequent free()-ing, and do not expect that the pointer is actually dereferenced. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2605)
-
Robert Scheck authored
Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2300)
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2626)
-
Dr. Stephen Henson authored
When a certificate is prepended update the list pointer. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2628)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2624)
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
Matt Caswell authored
For converting the 2 byte group id into an unsigned int. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
Matt Caswell authored
Make sure we get an HRR in the right circumstances based on kex mode. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
Matt Caswell authored
Previously counting the number of tests in checkhandshake.pm took an initial guess and then modified it based on various known special cases. That is becoming increasingly untenable, so this changes it to properly calculate the number of tests we expect to run. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
Yuchi authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2559)
-
- Feb 13, 2017
-
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
This is handy when "offset(%reg)" is a perl variable. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Thanks to Jun Sun for spotting this. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andrea Grandi authored
Remove call to cleanup function Use only one loop to find previous element Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2581)
-
Andrea Grandi authored
This fixes the num of fds added/removed returned by ASYNC_WAIT_CTX_get_changed_fds Previously, the numbers were not consistent with the fds actually written in the buffers since the fds that have been both added and removed are explicitly ignored in the loop. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2581)
-
Andrea Grandi authored
This happens when a fd is added and then immediately removed from the ASYNC_WAIT_CTX before pausing the job. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2581)
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Darren Tucker authored
CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2604)
-
Richard Levitte authored
test/recipes/40-test_rehash.t uses test files from certs/demo, which doesn't exist any longer. Have it use PEM files from test/ instead. Because rehash wants only one certificate or CRL per file, we must also filter those PEM files to produce test files with a single object each. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2594)
-
- Feb 11, 2017
-
-
Adam Langley authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2590)
-
- Feb 10, 2017
-
-
Dr. Stephen Henson authored
The original intent of SSL_PKEY_RSA_SIGN and SSL_PKEY_RSA_ENC was to support two different keys for RSA signing and decrypt. However this was never implemented and we only ever set one key and the other was always NULL. Replace with single SSL_PKEY_RSA type. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2587)
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2587)
-
Andy Polyakov authored
.cfi_{start|end}proc and .cfi_def_cfa were not tracked. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2585)
-