- Nov 16, 2014
-
-
Mike Bland authored
Before this change, variables for which a '=' appeared in the assignment would be parsed as the entire string up until the final '='. For example: BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ would result in the variable name "BUILD_CMD=shlib_target". This doesn't appear to harm the current generation of MINFO, but creates problems for other Makefile-related work I'm attempting. Change-Id: I1f3a606d67fd5464bb459e8f36c23b3e967b77e1 Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Mike Bland authored
These are based on debug-ben-debug-64-clang and is intended to produce consistent settings for folks involved in the unit testing effort detailed at: http://wiki.openssl.org/index.php/Unit_Testing -fsanitize has been removed from the set of clang flags for now. Apparently clang 3.1, which ships with FreeBSD 9.1, completely ignores -fsanitize. Clang 3.3, which ships with FreeBSD 9.2, compiles with it, but fails to link due to the absence of libasan: http://lists.freebsd.org/pipermail/freebsd-hackers/2013-December/043995.html https://www.mail-archive.com/cfe-commits@cs.uiuc.edu/msg92260.html http://reviews.llvm.org/D2644 We need -Wno-error=unused-const-variable because of this error: .../crypto/ec/ec_lib.c:74:19: error: unused variable 'EC_version' [-Werror,-Wunused-const-variable] static const char EC_version[] = "EC" OPENSSL_VERSION_PTEXT; Change-Id: I2cba53537137186114c083049ea1233550a741f9 Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Mike Bland authored
This fixes the errors when trying to assemble .s files using GitMake on OS X. Change-Id: I2221f558619302d22e0c57d7203173d634155678 Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Mike Bland authored
cscope.out is generated by cscope as described in: http://wiki.openssl.org/index.php/Testing_and_Development_Tools_and_Tips .d files are compiler-generated Makefile dependency files (e.g. using 'gcc -MMD -MP foo.c'). Change-Id: I2338858a6b6ee0527837d10a8b55cff1689023fd Signed-off-by: Mike Bland <mbland@acm.org> Signed-off-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Nov 13, 2014
-
-
Dr. Stephen Henson authored
Print out more details of the conection in ssltest specifically: server certificate curve name for EC, server temporary key (if any) and peer signing digest. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Add command line support for SSL_CONF: server side arguments are prefixed by -s_ (e.g. -s_no_ssl3) and client side with -c_. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
If the hash or public key algorithm is "undef" the signature type will receive special handling and shouldn't be included in the cross reference table. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Nov 12, 2014
-
-
Alok Menghrajani authored
Out is the buffer which needs to contain at least inl + cipher_block_size - 1 bytes. Outl is just an int*. Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Michal Bozon authored
PR#3535 Reviewed-by: Stephen Henson <steve@openssl.org>
-
Matt Caswell authored
Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
- Nov 11, 2014
-
-
Kurt Roeckx authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Nov 10, 2014
-
-
Russell Coker authored
This doesn't really fix the datarace but changes it so it can only happens once. This isn't really a problem since we always just set it to the same value. We now just stop writing it after the first time. PR3584, https://bugs.debian.org/534534 Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Kurt Roeckx authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Oct 30, 2014
-
-
Andy Polyakov authored
PR: 3474 Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
- Oct 29, 2014
-
-
Dr. Stephen Henson authored
The trial division and probable prime with coprime tests are disabled on WIN32 builds because they use internal functions not exported from the WIN32 DLLs. Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Stephen Henson <steve@openssl.org>
-
- Oct 28, 2014
-
-
Samuel Neves authored
Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Emilia Kasper authored
Tighten client-side session ticket handling during renegotiation: ensure that the client only accepts a session ticket if the server sends the extension anew in the ServerHello. Previously, a TLS client would reuse the old extension state and thus accept a session ticket if one was announced in the initial ServerHello. Reviewed-by: Bodo Moeller <bodo@openssl.org>
-
- Oct 27, 2014
-
-
Emilia Kasper authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Geoff Thorpe <geoff@openssl.org>
-
- Oct 24, 2014
-
-
Dr. Stephen Henson authored
SSL_set_SSL_CTX is used to change the SSL_CTX for SNI, keep the supported signature algorithms and raw cipherlist. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Oct 23, 2014
-
-
Andy Polyakov authored
Facilitate switch to custom scatter-gather routines. This modification does not change algorithms, only makes it possible to implement alternative. This is achieved by a) moving precompute table to assembly (perlasm parses ecp_nistz256_table.c and is free to rearrange data to match gathering algorithm); b) adhering to explicit scatter subroutine (which for now is simply a memcpy). First implementations that will use this option are 32-bit assembly implementations, ARMv4 and x86, where equivalent of current read-whole-table-select-single-value algorithm is too time-consuming. [On side note, switching to scatter-gather on x86_64 would allow to improve server-side ECDSA performance by ~5%]. Reviewed-by: Bodo Moeller <bodo@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Steve Marquess <marquess@openssl.org>
-
- Oct 22, 2014
-
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- Oct 21, 2014
-
-
Bodo Moeller authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Bodo Moeller authored
listed after TLS_FALLBACK_SCSV. RT: 3575 Reviewed-by: Emilia Kasper <emilia@openssl.org>
-
Kurt Roeckx authored
When we're configured with no-ssl3 and we receive an SSL v3 Client Hello, we set the method to NULL. We didn't used to do that, and it breaks things. This is a regression introduced in 62f45cc2 . Keep the old method since the code is not able to deal with a NULL method at this time. CVE-2014-3569, PR#3571 Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
- Oct 20, 2014
-
-
Tim Hudson authored
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
-
- Oct 17, 2014
-
-
Kurt Cancemi authored
Reviewed-by: Ben Laurie <ben@openssl.org>
-
- Oct 15, 2014
-
-
Tim Hudson authored
so the Win32 compile picks it up correctly. Reviewed-by: Richard Levitte <levitte@openssl.org> Conflicts: crypto/Makefile
-
Richard Levitte authored
The different -I compiler parameters will take care of the rest... Reviewed-by: Tim Hudson <tjh@openssl.org> Conflicts: crypto/evp/evp_enc.c crypto/rsa/rsa_oaep.c crypto/rsa/rsa_pk1.c
-
Matt Caswell authored
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
-
Matt Caswell authored
Reviewed-by: Bodo Möller <bodo@openssl.org>
-
Geoff Thorpe authored
CVE-2014-3568 Reviewed-by: Emilia Kasper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
CVE-2014-3567 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Matt Caswell authored
Related to CVE-2014-3513 This fix was developed by the OpenSSL Team Reviewed-by: Tim Hudson <tjh@openssl.org> Conflicts: util/mkdef.pl util/ssleay.num
-
Matt Caswell authored
CVE-2014-3513 This issue was reported to OpenSSL on 26th September 2014, based on an original issue and patch developed by the LibreSSL project. Further analysis of the issue was performed by the OpenSSL team. The fix was developed by the OpenSSL team. Reviewed-by: Tim Hudson <tjh@openssl.org>
-