- Apr 07, 2017
-
-
Rich Salz authored
Document thread-safety issues Have RSA_null return NULL (always fails) Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2244)
-
- Mar 30, 2017
-
-
Andy Polyakov authored
'j' is specified as modifier for "greatest-width integer type", which in practice means 64 bits on both 32- and 64-bit platforms. Since we rely on __attribute__((__format__(__printf__,...))) to sanitize BIO_print format, we can use it to denote [u]int64_t-s in platform-neutral manner. Reviewed-by:
Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3083)
-
- Mar 29, 2017
-
-
Richard Levitte authored
Reviewed-by:
Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3064)
-
FdaSilvaYY authored
Fix some comments too [skip ci] Reviewed-by:
Tim Hudson <tjh@openssl.org> Reviewed-by:
-
- Mar 28, 2017
-
-
FdaSilvaYY authored
Reviewed-by:
Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3066)
-
- Mar 15, 2017
-
-
Richard Levitte authored
Just as for DH, DSA and RSA, this gives the engine associated with the key. Reviewed-by:
-
- Mar 14, 2017
-
-
Pauli authored
Reviewed-by:
-
- Mar 13, 2017
-
-
Richard Levitte authored
Reviewed-by:
-
- Mar 02, 2017
-
-
Andy Polyakov authored
[skip ci] Reviewed-by:
-
- Feb 28, 2017
-
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
This reimplementation was necessary before VMS C V7.1. Since that's the minimum version we support in this OpenSSL version, the reimplementation is no longer needed. Reviewed-by:
-
- Feb 24, 2017
-
-
Emilia Kasper authored
- Reject fractional seconds - Reject offsets - Check that the date/time digits are in valid range. - Add documentation for X509_cmp_time GH issue 2620 Reviewed-by:
-
- Feb 16, 2017
-
-
Matt Caswell authored
Reviewed-by:
-
- Feb 01, 2017
-
-
Todd Short authored
The core SipHash supports either 8 or 16-byte output and a configurable number of rounds. The default behavior, as added to EVP, is to use 16-byte output and 2,4 rounds, which matches the behavior of most implementations. There is an EVP_PKEY_CTRL that can control the output size. Reviewed-by:
-
- Jan 26, 2017
-
-
Matt Caswell authored
Reviewed-by:
-
- Nov 28, 2016
-
-
Emilia Kasper authored
Verify that the encrypt-then-mac negotiation is handled correctly. Additionally, when compiled with no-asm, this test ensures coverage for the constant-time MAC copying code in ssl3_cbc_copy_mac. The proxy-based CBC padding test covers that as well but it's nevertheless better to have an explicit handshake test for mac-then-encrypt. Reviewed-by:
-
- Nov 13, 2016
-
-
Richard Levitte authored
Reviewed-by:
-
- Nov 10, 2016
-
-
Matt Caswell authored
Reviewed-by:
-
- Nov 02, 2016
-
-
Matt Caswell authored
Reviewed-by:
-
- Nov 01, 2016
-
-
Rich Salz authored
This reverts commit ca1574ce . Not suitabled for a minor release as it breaks the ABI. Reviewed-by:
-
- Oct 31, 2016
-
-
Rich Salz authored
Reviewed-by:
-
- Oct 25, 2016
-
-
Richard Levitte authored
Reviewed-by:
-
- Oct 13, 2016
-
-
Richard Levitte authored
Reviewed-by:
-
- Sep 26, 2016
-
-
Matt Caswell authored
Reviewed-by:
-
- Sep 22, 2016
-
-
Matt Caswell authored
Reviewed-by:
-
- Sep 14, 2016
-
-
Richard Levitte authored
Reviewed-by:
-
- Aug 25, 2016
-
-
Matt Caswell authored
EC DRBG support was added in 7fdcb457 in 2011 and then later removed. However the CHANGES entry for its original addition was left behind. This just removes the spurious CHANGES entry. Reviewed-by:
Stephen Henson <steve@openssl.org>
-
Richard Levitte authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by:
-
- Aug 24, 2016
-
-
Rich Salz authored
Add CVE to CHANGES Reviewed-by:Emilia Käsper <emilia@openssl.org>
-
Rich Salz authored
Reviewed-by:Viktor Dukhovni <viktor@openssl.org>
-
- Aug 13, 2016
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
- Aug 05, 2016
-
-
klemens authored
Reviewed-by:
-
klemens authored
Reviewed-by:
-
- Aug 04, 2016
-
-
Matt Caswell authored
The release scripts expect to see the date "xx XXX xxxx" in CHANGES. At some point the year got changed from xxxx to 2016. This changes it back. Reviewed-by:
-
- Jun 20, 2016
-
-
Richard Levitte authored
The previous change for Windows wasn't quite right. Corrected to use %HOME%, %USERPROFILE% and %SYSTEMPROFILE%, in that order. Also adding the default home for VMS, SYS$LOGIN: Reviewed-by:
-
- Jun 17, 2016
-
-
Matt Caswell authored
Previously we would try %RANDFILE%, then %HOME% and finally "C:". Unfortunately this often ends up being "C:" which the user may not have write permission for. Now we try %RANDFILE% first, and then the same set of environment vars as GetTempFile() uses, i.e. %TMP%, then %TEMP%, %USERPROFILE% and %SYSTEMROOT%. If all else fails we fall back to %HOME% and only then "C:". Reviewed-by:
-
- Jun 16, 2016
-
-
Matt Caswell authored
Previously EVP_EncodeUpdate returned a void. However there are a couple of error conditions that can occur. Therefore the return type has been changed to an int, with 0 indicating error and 1 indicating success. Reviewed-by:
-
- Jun 06, 2016
-
-
Matt Caswell authored
The flags RSA_FLAG_NO_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME and DH_FLAG_NO_EXP_CONSTTIME which previously provided the ability to switch off the constant time implementation for RSA, DSA and DH have been made no-ops and deprecated. Reviewed-by:
-
- Jun 01, 2016
-
-
Rich Salz authored
RT2630 -- segfault for int overlow RT2877 -- check return values in apps/rand Update CHANGES file for previous "windows rand" changes. Reviewed-by:
-
