- Apr 23, 2018
-
-
Billy Brumley authored
Co-authored-by: Nicola Tuveri <nic.tuv@gmail.com> Co-authored-by: Cesar Pereida Garcia <cesar.pereidagarcia@tut.fi> Co-authored-by: Sohaib ul Hassan <soh.19.hassan@gmail.com> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6009)
-
Kurt Roeckx authored
Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #6044
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/6043)
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6042)
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6042)
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6042)
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6042)
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6042)
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6042)
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6042)
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6042)
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Default osx image runs Mac OS X 10.12, which apparently suffers from infrequent socket failures affecting some tests. Later image runs 10.13... Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5986)
-
Richard Levitte authored
On Unix, this doesn't matter, but on other platforms, it may. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6050)
-
Richard Levitte authored
For 'openssl dhparams', the output file was opened after calculations were made, which is a waste of cycles and time if the output file turns out not to be writable. Fixes #3404 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6051)
-
- Apr 22, 2018
-
-
Kurt Roeckx authored
Reviewed-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> GH: #5910
-
- Apr 20, 2018
-
-
Bernd Edlinger authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6026)
-
Bernd Edlinger authored
Fixes: #5899 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5911)
-
Dr. Matthias St. Pierre authored
Two definitions in lines 127 and 136, introduced in 71a5516d . Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6029)
-
Dr. Matthias St. Pierre authored
Fixes #6022 In commit de4d764e , the following SSL_CTRL #define's where renamed SSL_CTRL_GET_CURVES -> SSL_CTRL_GET_GROUPS SSL_CTRL_SET_CURVES -> SSL_CTRL_SET_GROUPS SSL_CTRL_SET_CURVES_LIST -> SSL_CTRL_SET_GROUPS_LIST SSL_CTRL_GET_SHARED_CURVE -> SSL_CTRL_GET_SHARED_GROUP The corresponding function-like macros (e.g, SSL_get1_curves(ctx, s)) were renamed, too, and compatibility #define's were added. This was overlooked for the above constants. Since the constants are part of the public interface, they must not be removed for a minor release. As a consequence the Qt5 configure check (and the build) fails. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6023)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6020)
-
Matt Caswell authored
DTLS was not correctly returning the number of pending bytes left in a call to SSL_pending(). This makes the detection of truncated packets almost impossible. Fixes #5478 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6020)
-
Matt Caswell authored
Check that in a handshake done event SSL_in_init() is 0 (see #4574) Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6019)
-
Matt Caswell authored
In 1.1.0 and before calling SSL_in_init() from the info_callback at SSL_CB_HANDSHAKE_DONE would return 0. This commit fixes it so that it does again for 1.1.1. This broke Node. Fixes #4574 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6019)
-
- Apr 19, 2018
-
-
Kurt Roeckx authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6024)
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6025)
-
Bernd Edlinger authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5814)
-
Alois Mahdal authored
Actual behavior of DEFAULT is different than currently described. Rather than actinf as cipher string, DEFAULT cannot be combined using logical operators, etc. Fixes #5420. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5428)
-
Richard Levitte authored
Configurations/90-team.conf isn't for public consumption, so we rename it to 90-team.norelease.conf and make sure 'make dist' and 'make tar' don't include it in the tarball. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5836)
-
A. Schulze authored
CLA: trivial Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5801)
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6001)
-
Matt Caswell authored
The X509_STORE_CTX_init() docs explicitly allow a NULL parameter for the X509_STORE. Therefore we shouldn't crash if we subsequently call X509_verify_cert() and no X509_STORE has been set. Fixes #2462 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6001)
-
Matt Caswell authored
If we run the ocsp command line app and the responder returns a non-successful status code then the app should exit with a failure code. Based on an original patch by Tatsuhiro Tsujikawa. Fixes #2387 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5998)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5997)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5996)
-
Viktor Dukhovni authored
Also, future-proof index_index() return codes by requiring success to return a positive value. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Apr 18, 2018
-
-
Beat Bolli authored
Similar to 0652e8a7 ("Clarify default section in config.pod", 2018-04-12), reword a sentence to make it easier to parse. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5794)
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5994)
-
Andy Polyakov authored
s_server -rev emits info output on stderr, i.e. unbufferred, which risks intermixing with output from TLSProxy itself on non-line boundaries, which in turn is confusing to TAP parser. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5975)
-
Andy Polyakov authored
This fixes only those tests that were failing when network data was fragmented. Remaining ones might succeed for "wrong reasons". Bunch of tests have to fail to be considered successful and when data is fragmented they might fail for reasons other than originally intended. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5975)
-