- Jun 15, 2017
-
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3689)
-
Richard Levitte authored
Because apps/progs.h isn't configuration agnostic, it's not at all suited for 'make update' or being versioned, so change it to be dynamically generated. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3688)
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3472)
-
Richard Levitte authored
If it did, it really is something that should be checked in, and should therefore make a CI build fail. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3686)
-
Pauli authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3684)
-
- Jun 14, 2017
-
-
Rich Salz authored
This flag was added in 1992 and only documented in the CHANGES file. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3681)
-
Bernd Edlinger authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3675)
-
Bernd Edlinger authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3675)
-
Bernd Edlinger authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3675)
-
Bernd Edlinger authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3671)
-
Bernd Edlinger authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3672)
-
- Jun 13, 2017
-
-
Rich Salz authored
The generating script got updated, but the generated file did not. Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3668)
-
Bernd Edlinger authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3666)
-
Andy Polyakov authored
[As well as few extra instructions from earlier spec.] Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Paul Yang authored
Update s_client -help and pod file. Signed-off-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3654)
-
- Jun 12, 2017
-
-
Richard Levitte authored
Reading the prologue of this file conserved the "# Function codes" line, and then duplicated it when rewriting this file, adding a new "# Function codes" line everytime there's an update. Better then to skip over all comment lines and have the prologue defined in mkerr.pl, just the same as we do with the other affected files. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3664)
-
Richard Levitte authored
Sometimes, one might only want to rework a subset of all the internal error codes. -module allows the caller to specify exactly which library modules to rewrite. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3662)
-
Paul Yang authored
Mostly braces and NULL pointer check and also copyright year bump Signed-off-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3657)
-
Bernd Edlinger authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3660)
-
Rich Salz authored
Add "*" as indicator meaning the function/reason is removed, so put an empty string in the function/reason string table; this preserves backward compatibility by keeping the #define's. In state files, trailing backslash means text is on the next line. Add copyright to state files Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3640)
-
Bernd Edlinger authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3658)
-
Paul Yang authored
To reduce duplicate code Signed-off-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3656)
-
Benjamin Kaduk authored
Call it from the early callback used for testing these functions, and verify the expected contents of the ClientHello Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2976)
-
Benjamin Kaduk authored
It is an API to be used from the early callback that indicates what extensions were present in the ClientHello, and in what order. This can be used to eliminate unneeded calls to SSL_early_get0_ext() (which itself scales linearly in the number of extensions supported by the library). Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2976)
-
Benjamin Kaduk authored
Per the TODO comment, we now have proper certificate selection for TLS 1.3 client certificates, so this test can move into its own block. (It cannot merge with the previous block, as it requires EC.) Verified that the test passes when configured with enable-tls1_3 no-tls1 no-tls1_1 no-tls1_2. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3131)
-
Benjamin Kaduk authored
We prevent compression both when the server is parsing the ClientHello and when the client is constructing the ClientHello. A 1.3 ServerHello has no way to hand us back a compression method, and we already check that the server does not try to give us back a compression method that we did not request, so these checks seem sufficient. Weaken the INSTALL note slightly, as we do now expect to interoperate with other implementations. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3131)
-
- Jun 11, 2017
-
-
Rich Salz authored
Reviewed-by: Kurt Roceckx <kurt@openssl.org>
-
Josh Soref authored
The previous word was a misspelling of nicety Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3464)
-
Rich Salz authored
Make funcs to deal with non-null-term'd string in both asn1_generalizedtime_to_tm() and asn1_utctime_to_tm(). Fixes issue #3444. This one is used to enforce strict format (RFC 5280) check and to convert GeneralizedTime to UTCTime. apps/ca has been changed to use the new API. Test cases and documentation are updated/added Signed-off-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3566)
-
Beat Bolli authored
Adjust brace placement, whitespace after keywords, indentation and empty lines after variable declarations according to https://www.openssl.org/policies/codingstyle.html . Indent literal sections by exactly one space. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3580)
-
Josh Soref authored
spelling: algorithm spelling: anyway spelling: assigned spelling: authenticated spelling: callback spelling: certificate spelling: compatibility spelling: configuration spelling: digest spelling: encrypted spelling: function spelling: output spelling: receive spelling: renegotiation spelling: signing spelling: similar spelling: string (Merged from https://github.com/openssl/openssl/pull/3580)Reviewed-by : Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3580)
-
Rich Salz authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> CLA: trivial (Merged from https://github.com/openssl/openssl/pull/3419)
-
- Jun 10, 2017
-
-
Rich Salz authored
CLA: trivial Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3627)
-
- Jun 09, 2017
-
-
Paul Yang authored
Check return value of NETSCAPE_SPKI_new() and NETSCAPE_SPKI_b64_encode(), and also clean up coding style incidentally. Signed-off-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3647)
-
Benjamin Kaduk authored
Move the call to ct_base64_decode(), which allocates, until after the check for NULL output parameter. Also place a cap on the number of padding characters used to decrement the output length -- any more than two '='s is not permitted in a well-formed base64 text. Prior to this change, ct_base64_decode() would return a length of -1 along with allocated storage for an input of "====". Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3379)
-
Josh Soref authored
This incorrectly spelled item exists for compatibility purposes CLA: Trivial Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3460)
-
Pichulin Dmitrii authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3642)
-
Jonathan Protzenko authored
CLA: trivial Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3487)
-
Luke Faraone authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3599)
-