- Sep 25, 2014
-
-
Matt Caswell authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Emilia Kasper authored
Accidentally omitted from commit 455b65df Reviewed-by: Kurt Roeckx <kurt@openssl.org> (cherry picked from commit fdc35a9d)
-
Tim Hudson authored
so the Win32 compile picks it up correctly. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Richard Levitte authored
The different -I compiler parameters will take care of the rest... Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Sep 24, 2014
-
-
Dr. Stephen Henson authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 5886354d)
-
Andy Polyakov authored
RT: 3541 Reviewed-by: Emilia Kasper <emilia@openssl.org> (cherry picked from commit 8b07c005)
-
Andy Polyakov authored
Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 40155f40)
-
Emilia Kasper authored
Do the final padding check in EVP_DecryptFinal_ex in constant time to avoid a timing leak from padding failure. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 4aac102f) Conflicts: crypto/evp/evp_enc.c
-
Emilia Kasper authored
(Original commit adb46dbc ) Use the new constant-time methods consistently in s3_srvr.c Reviewed-by: Kurt Roeckx <kurt@openssl.org> (cherry picked from commit 455b65df)
-
Adam Langley authored
that bad encryptions are treated like random session keys in constant time. (cherry picked from commit adb46dbc ) Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
Also tweak s3_cbc.c to use new constant-time methods. Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1 This patch is based on the original RT submission by Adam Langley <agl@chromium.org>, as well as code from BoringSSL and OpenSSL. Reviewed-by: Kurt Roeckx <kurt@openssl.org> Conflicts: crypto/rsa/rsa_oaep.c crypto/rsa/rsa_pk1.c ssl/s3_cbc.c
-
- Sep 23, 2014
-
-
Emilia Kasper authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Emilia Kasper authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Emilia Kasper authored
i2d_re_X509_tbs re-encodes the TBS portion of the certificate. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Dr Stephen Henson <steve@openssl.org> (cherry picked from commit 95b1752c)
-
Emilia Kasper authored
This reverts commit 519ad9b3 . Reviewed-by: Dr Stephen Henson <steve@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
This reverts commit cacdfcb2 . Conflicts: crypto/x509/x509.h Reviewed-by: Dr Stephen Henson <steve@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Bodo Moeller <bodo@openssl.org> (cherry picked from commit 507efe73)
-
- Sep 21, 2014
-
-
Andy Polyakov authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit be07ae9b)
-
Dr. Stephen Henson authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 16e5b45f)
-
Andy Polyakov authored
RT: 3149 Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Andy Polyakov authored
RT: 3149 Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 84714790) Resolved conflicts: Configure TABLE
-
Andy Polyakov authored
RT: 3149 Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 4d3fa06f)
-
Andy Polyakov authored
Submitted by Shay Gueron, Intel Corp. RT: 3149 Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit f54be179)
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 902b30df)
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 6019cdd3) Resolved conflicts: Configure Makefile.org TABLE
-
Tim Hudson authored
that fixed PR#3450 where an existing cast masked an issue when i was changed from int to long in that commit Picked up on z/linux (s390) where sizeof(int)!=sizeof(long) Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit b5ff559f)
-
- Sep 20, 2014
-
-
Andy Polyakov authored
RT: 3333,3165 Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit d475b2a3)
-
- Sep 18, 2014
-
-
Jake Goulding authored
GetDIBits has been around since Windows2000 and BitBitmapBits is an old Win16 compatibility function that is much slower. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 99b00fd9)
-
- Sep 11, 2014
-
-
Rich Salz authored
Move the readdir() lines out of the if statement, so that flist is available globally. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 6f46c3c3)
-
- Sep 10, 2014
-
-
Rich Salz authored
Reviewed-by: Kurt Roeckx <kurt@openssl.org> (cherry picked from commit cb4bb56b)
-
Rich Salz authored
If we don't find a signer in the internal list, then fall through and look at the internal list; don't just return NULL. Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit b2aa38a9)
-
- Sep 09, 2014
-
-
Rich Salz authored
Say where to email bug reports. Mention general RT tracker info in a separate paragraph. Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 468ab1c2)
-
Matt Caswell authored
This is funny; Ben commented in the source, Matt opend a ticket, and Rich is doing the submit. Need more code-review? :) Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit eb63bce0)
-
Rich Salz authored
For portability don't use "if ! expr" Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit b999f66e)
-
Geoff Keating authored
When calling X509_set_version to set v1 certificate, that should mean that the version number field is omitted. Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 1f18f50c)
-
Kurt Cancemi authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 4eadd11c)
-
- Sep 08, 2014
-
-
Paul Suhler authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 4cd1119d)
-
Kurt Roeckx authored
This is a more comprehensive fix. It changes all keygen apps to use 2K keys. It also changes the default to use SHA256 not SHA1. This is from Kurt's upstream Debian changes. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org> (cherry picked from commit 44e0c2ba)
-