- Dec 08, 2016
-
-
Richard Levitte authored
TTY_get() sometimes surprises us with new errno values to determine if we have a controling terminal or not. This generated error is a helpful tool to figure out that this was what happened and what the unknown value is. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2043)
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2040)
-
- Dec 07, 2016
-
-
Richard Levitte authored
The best way to test the UI interface is currently by using an openssl command that uses password_callback. The only one that does this is 'genrsa'. Since password_callback uses a UI method derived from UI_OpenSSL(), it ensures that one gets tested well enough as well. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2040)
-
Richard Levitte authored
Since there are many parts of UI_process() that can go wrong, it isn't very helpful to only return -1 with no further explanation. With this change, the error message will at least show which part went wrong. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2037)
-
- Dec 05, 2016
-
-
Kurt Roeckx authored
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2025
-
Kurt Roeckx authored
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2025
-
Matt Caswell authored
Improves the readability of the code, and reduces the liklihood of errors. Also made a few minor style changes. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Improves the readability of the code, and reduces the liklihood of errors. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
At the moment the msg callback only received the record header with the outer record type in it. We never pass the inner record type - we probably need to at some point. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Add some tests for the new record construction Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Dec 03, 2016
-
-
Viktor Dukhovni authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Dec 02, 2016
-
-
Kurt Roeckx authored
The fuzzers use -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION, and actually get different results based on that. We should have at least some targets that actually fully use the fuzz corpora. Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
-
Kurt Roeckx authored
We want to be in the same global state each time we come in FuzzerTestOneInput(). There are various reasons why we might not be that include: - Initialization that happens on first use. This is mostly the RUN_ONCE() things, or loading of error strings. - Results that get cached. For instance a stack that is sorted, RSA blinding that has been set up, ... So I try to trigger as much as possible in FuzzerInitialize(), and for things I didn't find out how to trigger this it needs to happen in FuzzerTestOneInput(). Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
-
Kurt Roeckx authored
This is something you might want to change depending on the version to use, there is no point in us fixing this to something. Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
-
Kurt Roeckx authored
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
-
Kurt Roeckx authored
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
-
Kurt Roeckx authored
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
-
Kurt Roeckx authored
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
-
Kurt Roeckx authored
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
-
Kurt Roeckx authored
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
-
Kurt Roeckx authored
This allows to free everything we allocated, so we can detect memory leaks. Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
-
Kurt Roeckx authored
There was a time it could be NULL, but that was changed to always have it. Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
-
Kurt Roeckx authored
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #2023
-
Matt Caswell authored
Reviewed-by: Stephen Henson <steve@openssl.org>
-
- Nov 30, 2016
-
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
We also split the long string literals into 3 to avoid problems where we go over the 509 character limit. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Nov 29, 2016
-
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
This updates the record layer to use the TLSv1.3 style nonce construciton. It also updates TLSProxy and ossltest to be able to recognise the new layout. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Commit b3618f44 added a test for mac-then-encrypt. However the test fails when running with "enable-tls1_3". The problem is that the test creates a connection, which ends up being TLSv1.3. However it also restricts the ciphers to a single mac-then-encrypt ciphersuite that is not TLSv1.3 compatible so the connection aborts and the test fails. Mac-then-encrypt is not relevant to TLSv1.3, so the test should disable that protocol version. Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Matt Caswell authored
Calling SSL_set_accept_state() after DTLSv1_listen() clears the state, so SSL_accept() no longer works. In 1.0.2 calling DTLSv1_listen() would set the accept state automatically. We should still do that. Fixes #1989 Reviewed-by: Andy Polyakov <appro@openssl.org>
-
- Nov 28, 2016
-
-
Rich Salz authored
Test suite used from boring, written by David Benjamin. Test driver converted from C++ to C. Added a Perl program to check the testsuite file. Extensive review feedback incorporated (thanks folks). Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-