Commits · 6cf412c473d8145562b76219ce3da73b201b3255 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

03 Sep, 2016 2 commits
- modes/asm/ghash-armv4.pl: improve interoperability with Android NDK. · 6cf412c4
  Andy Polyakov authored Aug 27, 2016
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  6cf412c4
- Configure: clarify and refine -static. · 047d97af
  Andy Polyakov authored Sep 01, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  047d97af
02 Sep, 2016 5 commits

Configurations/10-main.conf: add android64-mips64 target. · c1ec40ef
Andy Polyakov authored Sep 01, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
c1ec40ef

MIPS assembly pack: adapt it for MIPS[32|64]R6. · 947716c1

Andy Polyakov authored Sep 01, 2016

MIPS[32|64]R6 is binary and source incompatible with previous MIPS ISA
specifications. Fortunately it's still possible to resolve differences
in source code with standard pre-processor and switching to trap-free
version of addition and subtraction instructions.

Reviewed-by: Richard Levitte <levitte@openssl.org>

947716c1

Configurations/10-main.conf: add android64-x86_64 target. · a4324912
Andy Polyakov authored Aug 31, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
a4324912
Configurations/10-main.conf: fix omittions in commentary. · d5a39c12
Andy Polyakov authored Aug 31, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
d5a39c12

Configurations/10-main.conf: remove solaris-x86-cc target. · 216a0cc4

Andy Polyakov authored Aug 31, 2016



Since vendor assembler can't assemble our modules with -KPIC flag,
it, assembly support, was not available as an option. But this
means lack of side-channel resistant code, which is incompatible
with security by todays standards.

Reviewed-by: Rich Salz <rsalz@openssl.org>

216a0cc4

01 Sep, 2016 5 commits

Move 05-test_fuzz.t to 90-test_fuzz.t · 377ab6d1

Richard Levitte authored Sep 01, 2016



This adheres much better to the documentation in test/README

Reviewed-by: Rich Salz <rsalz@openssl.org>

377ab6d1

Document the enhanced tests specification · b3e718e2
Richard Levitte authored Sep 01, 2016
```
Reviewed-by: Emilia Käsper <emilia@openssl.org>
```
b3e718e2
Revert "INSTALL: add information on option no-fuzz-test" · 967e831e
Richard Levitte authored Sep 01, 2016
```
This reverts commit 7f9ae888

.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
```
967e831e
Revert "Make it possible to disable fuzz testing" · a5e1f123
Richard Levitte authored Sep 01, 2016
```
This reverts commit eb40eaed

.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
```
a5e1f123

Add a more versatile test chooser · 90aeaf6b

Richard Levitte authored Sep 01, 2016



So far, the test runner (test/run_tests.pl) could get a list of tests
to run, and if non were given, it assumes all available tests should
be performed.

However, that makes skipping just one or two tests a bit of a pain.
This change makes the possibilities more versatile, run_checker.pl
takes these arguments and will process them in the given order,
starting with an empty set of tests to perform:

    alltests            The current set becomes the whole set of
                        available tests.
    test_xxx            Adds 'test_xxx' to the current set.
    -test_xxx           Removes 'test_xxx' from the current set.  If
                        nothing has been added to the set before this
                        argument, the current set is first initialised
                        to the whole set of available tests, then
                        'test_xxx' is removed from the current set.
    list                Display all available tests, then stop.

If no arguments are given, 'alltests' is assumed.

Reviewed-by: Emilia Käsper <emilia@openssl.org>

90aeaf6b

31 Aug, 2016 9 commits

INSTALL: add information on option no-fuzz-test · 7f9ae888
Richard Levitte authored Aug 31, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
7f9ae888
INSTALL: add information on the environment variable BUILDFILE · ed43fe73
Richard Levitte authored Aug 31, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
ed43fe73
INSTALL: clarify OPENSSL_LOCAL_CONFIG_DIR · bf98d9da
Richard Levitte authored Aug 31, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
bf98d9da

Have Configure's HASH or TABLE produce complete lists · d63c12c6

Richard Levitte authored Aug 31, 2016



Because some targets execute perl code that might die, we risk
incomplete lists.  Make it so dying doesn't happen when we're listing
targets.

Reviewed-by: Rich Salz <rsalz@openssl.org>

d63c12c6

Configure's print_table_entry printed incorrect information · 0c0d78b8
Richard Levitte authored Aug 31, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
0c0d78b8

Make it possible to disable fuzz testing · eb40eaed

Richard Levitte authored Aug 31, 2016



These tests take a very long time on some platforms, and arent't
always strictly necessary.  This makes it possible to turn them
off.  The necessary binaries are still built, though, in case
someone still wants to do a manual run.

Reviewed-by: Andy Polyakov <appro@openssl.org>

eb40eaed

crypto/bn/*: x86[_64] division instruction doesn't handle constants, change... · 68b4a6e9

Andy Polyakov authored Aug 27, 2016

crypto/bn/*: x86[_64] division instruction doesn't handle constants, change constraint from 'g' to 'r'.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>

68b4a6e9

The Perl interpreter might be in a path with spaces, so maybe quote it · f879d5ff

Richard Levitte authored Aug 30, 2016



Note: some shells do not like the command verb to be quoted, so we avoid
it unless it's actually necessary.

RT#4665

Reviewed-by: Rich Salz <rsalz@openssl.org>

f879d5ff

Code cleanup UI · bde588df

Rich Salz authored Aug 30, 2016



Remove NULL check on parameter, and use NULL not ! on buffer.

Reviewed-by: Richard Levitte <levitte@openssl.org>

bde588df

30 Aug, 2016 6 commits

Add some CertStatus tests · 767ccc3b

Matt Caswell authored Aug 30, 2016



The previous commit revealed a long standing problem where CertStatus
processing was broken in DTLS. This would have been revealed by better
testing - so add some!

Reviewed-by: Rich Salz <rsalz@openssl.org>

767ccc3b

Ensure the CertStatus message adds a DTLS message header where needed · f046afb0

Matt Caswell authored Aug 30, 2016



The function tls_construct_cert_status() is called by both TLS and DTLS
code. However it only ever constructed a TLS message header for the message
which obviously failed in DTLS.

Reviewed-by: Rich Salz <rsalz@openssl.org>

f046afb0

Configure: save away the value of OPENSSL_LOCAL_CONFIG_DIR for reconf · ee4cdb7f
Richard Levitte authored Aug 29, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
ee4cdb7f

Configure: Redo the logic for finding build file templates · 79822c3c

Richard Levitte authored Aug 29, 2016



Build file templates would be looked up like this if the user gave us
an additional directory to look for configuration files and build file
templates:

    $OPENSSL_LOCAL_CONFIG_DIR/$OSTYPE-Makefile.tmpl
    $SOURCEDIR/Configurations/$OSTYPE-Makefile.tmpl
    $OPENSSL_LOCAL_CONFIG_DIR/Makefile.tmpl
    $SOURCEDIR/Configurations/Makefile.tmpl

So for example, if the user created his own Makefile.tmpl and tried to
use it with a unixly config, it would never be user because we have a
unix-Makefile.tmpl in our Configurations directory.  This is clearly
wrong, and this change makes it look in this order instead:

    $OPENSSL_LOCAL_CONFIG_DIR/$OSTYPE-Makefile.tmpl
    $OPENSSL_LOCAL_CONFIG_DIR/Makefile.tmpl
    $SOURCEDIR/Configurations/$OSTYPE-Makefile.tmpl
    $SOURCEDIR/Configurations/Makefile.tmpl

Reviewed-by: Rich Salz <rsalz@openssl.org>

79822c3c

Configure: clean away temporary section of code · acc63c7d

Richard Levitte authored Aug 29, 2016



We've done away with Makefile as source of information and now use
configdata.pm exclusively.

Reviewed-by: Rich Salz <rsalz@openssl.org>

acc63c7d

Make it possible for the user to specify a different default build file · 8b5156d1
Richard Levitte authored Aug 29, 2016
```
Make sure the information is kept for reconfiguration too.

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
8b5156d1

29 Aug, 2016 5 commits
- Add ecp_nistz256-ppc64 module. · d8f432aa
  Andy Polyakov authored Aug 14, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  d8f432aa
- perlasm/ppc-xlate.pl: recognize .type directive. · b17ff188
  Andy Polyakov authored Aug 14, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  b17ff188
- bn/asm/ppc.pl: harmonize .size directive in bn_mul_words. · fca8f5de
  Andy Polyakov authored Aug 14, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  fca8f5de
- Remove comment tags from structs (coding style) · d196305a
  Rich Salz authored Aug 29, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  d196305a
- Use uppercase name for PCT_ enum · 66117ab0
  Rich Salz authored Aug 29, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  66117ab0
26 Aug, 2016 3 commits

VMS: honor --openssldir setting · 661a3963

Richard Levitte authored Aug 26, 2016



Because of a perl operator priority mixup, the --openssldir argument
wasn't honored.

Reviewed-by: Tim Hudson <tjh@openssl.org>

661a3963

Remove trailing zeros · e5f969a8
Rich Salz authored Aug 26, 2016
```
Reviewed-by: Andy Polyakov <appro@openssl.org>
```
e5f969a8

Improve the definition of STITCHED_CALL in e_rc4_hmac_md5.c · 216e8d91

Richard Levitte authored Aug 26, 2016



The definition of STITCHED_CALL relies on OPENSSL_NO_ASM.  However,
when a configuration simply lacks the assembler implementation for RC4
(which is where we have implemented the stitched call), OPENSSL_NO_ASM
isn't implemented.  Better, then, to rely on specific macros that
indicated that RC4 (and MD5) are implemented in assembler.

For this to work properly, we must also make sure Configure adds the
definition of RC4_ASM among the C flags.

Reviewed-by: Andy Polyakov <appro@openssl.org>

216e8d91

25 Aug, 2016 5 commits

Remove note from CHANGES about EC DRBG · bbf73f84

Matt Caswell authored Aug 25, 2016

EC DRBG support was added in 7fdcb457

 in 2011 and then later removed.
However the CHANGES entry for its original addition was left behind.
This just removes the spurious CHANGES entry.

Reviewed-by: Stephen Henson <steve@openssl.org>

bbf73f84

Update CHANGES, NEWS, README and opensslv.h on master · 156e34f2
Richard Levitte authored Aug 25, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
156e34f2

Fix uninit read in sslapitest · bee5ee5f

Matt Caswell authored Aug 25, 2016



msan detected an uninit read.

Reviewed-by: Richard Levitte <levitte@openssl.org>

bee5ee5f

CHANGES: mention Windows UTF-8 opt-in option. · eedb9db9
Andy Polyakov authored Aug 25, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
eedb9db9

Windows: UTF-8 opt-in for command-line arguments and console input. · fb5d9f1d

Andy Polyakov authored Aug 25, 2016



User can make Windows openssl.exe to treat command-line arguments
and console input as UTF-8 By setting OPENSSL_WIN32_UTF8 environment
variable (to any value). This is likely to be required for data
interchangeability with other OSes and PKCS#12 containers generated
with Windows CryptoAPI.

Reviewed-by: Richard Levitte <levitte@openssl.org>

fb5d9f1d