- Jan 26, 2017
-
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Nov 28, 2016
-
-
Emilia Kasper authored
Verify that the encrypt-then-mac negotiation is handled correctly. Additionally, when compiled with no-asm, this test ensures coverage for the constant-time MAC copying code in ssl3_cbc_copy_mac. The proxy-based CBC padding test covers that as well but it's nevertheless better to have an explicit handshake test for mac-then-encrypt. Reviewed-by: Andy Polyakov <appro@openssl.org>
-
- Nov 13, 2016
-
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1669)
-
- Nov 10, 2016
-
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Nov 02, 2016
-
-
Matt Caswell authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Nov 01, 2016
-
-
Rich Salz authored
This reverts commit ca1574ce . Not suitabled for a minor release as it breaks the ABI. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Oct 31, 2016
-
-
Rich Salz authored
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Oct 25, 2016
-
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1767)
-
- Oct 13, 2016
-
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Sep 26, 2016
-
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Sep 22, 2016
-
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Sep 14, 2016
-
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Aug 25, 2016
-
-
Matt Caswell authored
EC DRBG support was added in 7fdcb457 in 2011 and then later removed. However the CHANGES entry for its original addition was left behind. This just removes the spurious CHANGES entry. Reviewed-by: Stephen Henson <steve@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Aug 24, 2016
-
-
Rich Salz authored
Add CVE to CHANGES Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Rich Salz authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
- Aug 13, 2016
-
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Aug 05, 2016
-
-
klemens authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1413)
-
klemens authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1413)
-
- Aug 04, 2016
-
-
Matt Caswell authored
The release scripts expect to see the date "xx XXX xxxx" in CHANGES. At some point the year got changed from xxxx to 2016. This changes it back. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Jun 20, 2016
-
-
Richard Levitte authored
The previous change for Windows wasn't quite right. Corrected to use %HOME%, %USERPROFILE% and %SYSTEMPROFILE%, in that order. Also adding the default home for VMS, SYS$LOGIN: Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org>
-
- Jun 17, 2016
-
-
Matt Caswell authored
Previously we would try %RANDFILE%, then %HOME% and finally "C:". Unfortunately this often ends up being "C:" which the user may not have write permission for. Now we try %RANDFILE% first, and then the same set of environment vars as GetTempFile() uses, i.e. %TMP%, then %TEMP%, %USERPROFILE% and %SYSTEMROOT%. If all else fails we fall back to %HOME% and only then "C:". Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Jun 16, 2016
-
-
Matt Caswell authored
Previously EVP_EncodeUpdate returned a void. However there are a couple of error conditions that can occur. Therefore the return type has been changed to an int, with 0 indicating error and 1 indicating success. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Jun 06, 2016
-
-
Matt Caswell authored
The flags RSA_FLAG_NO_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME and DH_FLAG_NO_EXP_CONSTTIME which previously provided the ability to switch off the constant time implementation for RSA, DSA and DH have been made no-ops and deprecated. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Jun 01, 2016
-
-
Rich Salz authored
RT2630 -- segfault for int overlow RT2877 -- check return values in apps/rand Update CHANGES file for previous "windows rand" changes. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- May 20, 2016
-
-
Rich Salz authored
Rename sk_xxx to OPENSSL_sk_xxx and _STACK to OPENSSL_STACK Rename lh_xxx API to OPENSSL_LH_xxx and LHASH_NODE to OPENSSL_LH_NODE Make lhash stuff opaque. Use typedefs for function pointers; makes the code simpler. Remove CHECKED_xxx macros. Add documentation; remove old X509-oriented doc. Add API-compat names for entire old API Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
- May 16, 2016
-
-
FdaSilvaYY authored
Add a status return value instead of void. Add some sanity checks on reference counter value. Update the docs. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
- May 12, 2016
-
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
While it seemed like a good idea to have this file once upon a time, this kind of file belongs with the package maintainer rather than in our source. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
This makes it possible to just run ./config on a x86_64 machine with no extra fuss. RT#4356 Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- May 11, 2016
-
-
Dr. Stephen Henson authored
Update pkcs8 utility to use 256 bit AES using SHA256 by default. Update documentation. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
- May 10, 2016
-
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- May 09, 2016
-
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- May 05, 2016
-
-
Rich Salz authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
FdaSilvaYY authored
Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> GH: #1021
-
- May 03, 2016
-
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- May 02, 2016
-
-
Richard Levitte authored
Reviewed-by: Stephen Henson <steve@openssl.org>
-
- Apr 15, 2016
-
-
Rich Salz authored
Make X509_OBJECT, X509_STORE_CTX, X509_STORE, X509_LOOKUP, and X509_LOOKUP_METHOD opaque. Remove unused X509_CERT_FILE_CTX Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
- Apr 14, 2016
-
-
Matt Caswell authored
In most cases we expect that people will be using shared libraries not static ones, therefore we make that the default. Reviewed-by: Richard Levitte <levitte@openssl.org>
-