Commits · 5b8aa1a2af738f93b535798bfc07069aada264e1 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Feb 24, 2015

Remove CVS filtering from find targets · 5b8aa1a2
Rich Salz authored Feb 24, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
5b8aa1a2

Move build config table to separate files. · f09e7ca9

Rich Salz authored Feb 24, 2015



Move the build configuration table into separate files.  The Configurations
file is standard configs, and Configurations.team is for openssl-team
members.  Any other file, Configurations*, found in the same directory
as the Configure script, is loaded.

To add another file, use --config=FILE flags (which should probably be
an absolute path).

Written by Stefen Eissing <stefan.eissing@greenbytes.de> and Rich Salz
<rsalz@openssl.org>, contributed by Akamai Technologies.

Reviewed-by: Richard Levitte <levitte@openssl.org>

f09e7ca9

Document -no_explicit · 384dee51
Dr. Stephen Henson authored Feb 24, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
384dee51
Fix crash in SPARC T4 XTS. · 775b669d
Andy Polyakov authored Feb 22, 2015
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
775b669d
aes/asm/bsaes-armv7: fix kernel-side XTS and harmonize with Linux. · e620e5ae
Andy Polyakov authored Feb 24, 2015
```
XTS bug spotted and fix suggested by Adrian Kotelba.

Reviewed-by: Tim Hudson <tjh@openssl.org>
```
e620e5ae
Don't set no_protocol if -tls1 selected. · ccc22756
Dr. Stephen Henson authored Feb 24, 2015
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
ccc22756

Feb 22, 2015

perlasm/x86masm.pl: make it work. · 2f8d82d6

Andy Polyakov authored Feb 22, 2015



Though this doesn't mean that masm becomes supported, the script is
still provided on don't-ask-in-case-of-doubt-use-nasm basis.
See RT#3650 for background.

Reviewed-by: Matt Caswell <matt@openssl.org>

2f8d82d6

sha/asm/sha1-586.pl: fix typo. · 3372c4ff

Andy Polyakov authored Feb 22, 2015



The typo doesn't affect supported configuration, only unsupported masm.

Reviewed-by: Matt Caswell <matt@openssl.org>

3372c4ff

evp/evp_test.c: avoid crashes when referencing uninitialized pointers. · 1526fea5
Andy Polyakov authored Feb 22, 2015
```
For some reason failure surfaced on ARM platforms.

Reviewed-by: Matt Caswell <matt@openssl.org>
```
1526fea5
typo · 15b5d658
Dr. Stephen Henson authored Feb 22, 2015
```
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
```
15b5d658

Fix null-pointer dereference · bcfa19a8

Edgar Pek authored Feb 21, 2015



Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Richard Levitte <levitte@openssl.org>

bcfa19a8

Fix memory leak · edac5dc2
Kurt Roeckx authored Feb 21, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
edac5dc2

Avoid a double-free in an error path. · 1549a265

Doug Hogan authored Jan 07, 2015



Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>

1549a265

Restore -DTERMIO/-DTERMIOS on Windows platforms. · ba4bdee7

Richard Levitte authored Feb 22, 2015



The previous defaulting to TERMIOS took away -DTERMIOS / -DTERMIO a
bit too enthusiastically.  Windows/DOSish platforms of all sorts get
identified as OPENSSL_SYS_MSDOS, and they get a different treatment
altogether UNLESS -DTERMIO or -DTERMIOS is explicitely given with the
configuration.  The answer is to restore those macro definitions for
the affected configuration targets.

Reviewed-by: Tim Hudson <tjh@openssl.org>

ba4bdee7

Feb 21, 2015

Assume TERMIOS is default, remove TERMIO on all Linux. · 64e6bf64

Richard Levitte authored Feb 12, 2015



The rationale for this move is that TERMIOS is default, supported by
POSIX-1.2001, and most definitely on Linux.  For a few other systems,
TERMIO may still be the termnial interface of preference, so we keep
-DTERMIO on those in Configure.

crypto/ui/ui_openssl.c is simplified in this regard, and will define
TERMIOS for all systems except a select few exceptions.
Reviewed-by: Matt Caswell <matt@openssl.org>

64e6bf64

Add additional EC documentation. · 146ca72c
Dr. Stephen Henson authored Feb 19, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
146ca72c

Feb 19, 2015

Use named curve parameter encoding by default. · 86f300d3

Dr. Stephen Henson authored Feb 19, 2015



Many applications require named curve parameter encoding instead of explicit
parameter encoding (including the TLS library in OpenSSL itself). Set this
encoding by default instead of requiring an explicit call to set it.

Add OPENSSL_EC_EXPLICT_CURVE define.
Reviewed-by: Matt Caswell <matt@openssl.org>

86f300d3

Feb 14, 2015
- More RSA tests. · f37879d0
  Dr. Stephen Henson authored Feb 14, 2015
```
Reviewed-by: Andy Polyakov <appro@openssl.org>
```
  f37879d0
Feb 13, 2015

remove unused method declaration · f9e31463
Dr. Stephen Henson authored Feb 13, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
f9e31463

size_t for buffer functions. · e5bf3c92

Dr. Stephen Henson authored Feb 13, 2015



Change BUF_MEM_grow and BUF_MEM_grow_clean to return size_t.
Reviewed-by: Richard Levitte <levitte@openssl.org>

e5bf3c92

Add leak detection, fix leaks. · d5ec8efc
Dr. Stephen Henson authored Feb 12, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
d5ec8efc

Add EVP_PKEY test data. · b9d4e97c

Dr. Stephen Henson authored Feb 12, 2015



Add some EVP_PKEY test data for sign and verify tests including
failure cases.
Reviewed-by: Richard Levitte <levitte@openssl.org>

b9d4e97c

EVP_PKEY support for evp_test · 5824cc29

Dr. Stephen Henson authored Feb 11, 2015



Add two new keywords "PublicKey" and "PrivateKey". These will load a key
in PEM format from the lines immediately following the keyword and assign
it a name according to the value. These will be used later for public and
private key testing operations.

Add tests for Sign, Verify, VerifyRecover and Decrypt.
Reviewed-by: Richard Levitte <levitte@openssl.org>

5824cc29

Add CMAC test data. · 16cb8eb0
Dr. Stephen Henson authored Feb 10, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
16cb8eb0
Add HMAC test data. · b8c792dc
Dr. Stephen Henson authored Feb 10, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
b8c792dc
MAC support for evp_test · 83251f39
Dr. Stephen Henson authored Feb 10, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
83251f39
New macro to set mac key. · eff1a4d2
Dr. Stephen Henson authored Feb 10, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
eff1a4d2
Return error code is any tests fail. · 6906a7c1
Dr. Stephen Henson authored Feb 10, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
6906a7c1

Transfer a fix from 1.0.1 · 774ccae6

Richard Levitte authored Feb 12, 2015

manually picked from e7b85bc4


Reviewed-by: Stephen Henson <steve@openssl.org>

774ccae6

Feb 12, 2015
- RT937: Enable pilotAttributeType uniqueIdentifier · c81f425e
  Rich Salz authored Feb 12, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  c81f425e
- evp/evp.h: add missing camellia-ctr declarations. · 2b8f33a5
  Andy Polyakov authored Feb 12, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
  2b8f33a5
- RT3670: Check return from BUF_MEM_grow_clean · b0333e69
  Graeme Perrow authored Feb 12, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  b0333e69
- RT3684: rand_egd needs stddef.h · 5006c322
  Clang via Jeffrey Walton authored Feb 12, 2015
```
And remove backup definition of offsetof.

Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  5006c322
- Missing OPENSSL_free on error path. · 1d2932de
  Eric Dequin authored Feb 12, 2015
```
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  1d2932de
Feb 11, 2015
- Engage ecp_nistz256-armv4 module. · 7b4a4b71
  Andy Polyakov authored Jan 23, 2015
```
Reviewed-by: Emilia Käsper <emilia@openssl.org>
```
  7b4a4b71
- Add ec/asm/ecp_nistz256-armv4.pl module. · 7a6c9a2e
  Andy Polyakov authored Feb 11, 2015
```
Reviewed-by: Emilia Käsper <emilia@openssl.org>
```
  7a6c9a2e
- Add Camellia CTR mode. · dda81999
  Andy Polyakov authored Feb 11, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  dda81999
- Add more Camellia OIDs. · c79e1773
  Andy Polyakov authored Feb 11, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  c79e1773
Feb 10, 2015

Add SSL_SESSION_get0_ticket API function. · b7c9187b
Matt Caswell authored Feb 08, 2015
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
b7c9187b

Correct reading back of tlsext_tick_lifetime_hint from ASN1. · ea6bd264

Matt Caswell authored Feb 08, 2015



When writing out the hint, if the hint > 0, then we write it out otherwise
we skip it.

Previously when reading the hint back in, if were expecting to see one
(because the ticket length > 0), but it wasn't present then we set the hint
to -1, otherwise we set it to 0. This fails to set the hint to the same as
when it was written out.

The hint should never be negative because the RFC states the hint is
unsigned. It is valid for a server to set the hint to 0 (this means the
lifetime is unspecified according to the RFC). If the server set it to 0, it
should still be 0 when we read it back in.

Reviewed-by: Tim Hudson <tjh@openssl.org>

ea6bd264