Commits · 8baf9968dfd8ef2bc20cf2bf3de09304eb2213c5 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Jan 12, 2016

Make EVP_CIPHER_CTX opaque and renew the creator / destructor functions · 8baf9968

Richard Levitte authored Dec 13, 2015



Following the method used for EVP_MD_CTX and HMAC_CTX,
EVP_CIPHER_CTX_init and EVP_CIPHER_CTX_cleanup are joined together
into one function, EVP_CIPHER_CTX_reset, with EVP_CIPHER_CTX_init kept
as an alias.
EVP_CIPHER_CTX_cleanup fills no purpose of its own any more and is
therefore removed.

Reviewed-by: Rich Salz <rsalz@openssl.org>

8baf9968

RT4227: Range-check in apps. · bd4850df

Rich Salz authored Jan 11, 2016



Implement range-checking in all counts in apps.  Turns out only a couple
of cases were missing.  And make the range-checking code more strict.
Replace almost all opt_ulong() calls with opt_long()

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

bd4850df

Yet another make update. · 2bec39eb
Rich Salz authored Jan 11, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
2bec39eb

Make sure to have both upper and mixed case symbols in SYMBOL_VECTOR · d9aad55a

Richard Levitte authored Jan 12, 2016

It was assumed that the syntax FOO/Foo=PROCEDURE would create both an
upper case and mixed case symbol in the GST. Not so, it requires
having both FOO/Foo=PROCEDURE (to create the upper case alias) and
Foo=PROCEDURE (to create the mixed case slot).

We make sure that any symbol always occupies two slots (even those
that don't exist) by filling up with SPARE when necessary. That will
assure that any changes will still have the same symbols in the same
slots no matter what (save a complete rewrite of the ordinals files).

Reviewed-by: Rich Salz <rsalz@openssl.org>

d9aad55a

Use SPARE instead of PRIVATE_PROCEDURE to reserve unused SYMBOL_VECTOR slots · d4b009d5

Richard Levitte authored Jan 12, 2016



It was assumed that a dummy with the type PRIVATE_PROCEDURE would
simply occupy a slot but otherwise ignore the symbol.  Not so, but
there is SPARE for that purpose.

Reviewed-by: Rich Salz <rsalz@openssl.org>

d4b009d5

The limit per SYMBOL_VECTOR isn't the amount of symbols, it's the line length · fd40db9e
Richard Levitte authored Jan 12, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
fd40db9e
VMS INDENTIFICATION should only have the version number · 6bd3e10b
Richard Levitte authored Jan 12, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
6bd3e10b

Jan 11, 2016

GH528: "cipher -v" output is confusing. · baf245ec

Rich Salz authored Jan 09, 2016



Fix the docs, and refactor some common code.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

baf245ec

Have mkdef.pl use case sensitive symbols for shareable symbol vector · 855eff54
Richard Levitte authored Jan 11, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
855eff54
Function pop_info() returned a dangling pointer · 96e25c49
Pascal Cuoq authored Jan 10, 2016
```
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
96e25c49
update ordinals · abf81f1f
Dr. Stephen Henson authored Jan 11, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
abf81f1f
Use ossl_inline and DEFINE_LHASH_OF · 89d6aa10
Dr. Stephen Henson authored Jan 11, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
89d6aa10
Remove mkstack.pl: it is no longer needed. · 26a884c2
Dr. Stephen Henson authored Dec 24, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
26a884c2
Add lh_doall_arg inlining · 2a056de8
Dr. Stephen Henson authored Dec 24, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
2a056de8
Add lh_doall inlining · 63c75cd6
Dr. Stephen Henson authored Dec 24, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
63c75cd6
Add lh_new() inlining · 62d0577e
Dr. Stephen Henson authored Dec 24, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
62d0577e

Inline LHASH_OF · e6b5c341

Dr. Stephen Henson authored Jan 11, 2016



Make LHASH_OF use static inline functions.

Add new lh_get_down_load and lh_set_down_load functions and their
typesafe inline equivalents.

Make lh_error a function instead of a macro.

Reviewed-by: Rich Salz <rsalz@openssl.org>

e6b5c341

GH540: add casts to safestack.h · 8e423bde

Alessandro Ghedini authored Jan 10, 2016



Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

8e423bde

Fix jpaketest compilation error. · 7d57d4d0
Dr. Stephen Henson authored Jan 11, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
7d57d4d0

Only run DANE tests when EC is supported · 74b31db6

Richard Levitte authored Jan 11, 2016



Since danetest is to test DANE rather than specific algorithms, it's
acceptable to require EC when testing it.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

74b31db6

Make SSL{_CTX,}_{get,set,clear}_options functions · 8106cb8b

Viktor Dukhovni authored Jan 10, 2016



These now take and return unsigned long, and get is constified.
Updated related documentation and util/ssleay.num

Reviewed-by: Matt Caswell <matt@openssl.org>

8106cb8b

Adjust $default_depflags to changes in Configure · ccf73257

Richard Levitte authored Jan 11, 2016



We use $default_depflags to check if a 'make depend' is needed after
configuring, so it needs to be kept up to date.

Reviewed-by: Matt Caswell <matt@openssl.org>

ccf73257

Fix NSS format session output · 1446f72b

Matt Caswell authored Dec 29, 2015

Commit 189ae368

 (RT ticket 3352) provided the capability to output
session key data in NSS format. The big apps cleanup broke that capability.
This commit restores it.

RT#4201

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

1446f72b

Update leak test to check return values. · ec04e866
Dr. Stephen Henson authored Jan 10, 2016
```
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
```
ec04e866

Add memory leak return value. · 4e482ae6

Dr. Stephen Henson authored Jan 10, 2016



Make CRYPTO_mem_leaks() and CRYPTO_mem_leaks_fp() return a status value.
Update documentation. Don't abort() if there are leaks.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

4e482ae6

Enable/disable crypto-mdebug just like other features · c2e27310
Viktor Dukhovni authored Jan 10, 2016
```
Also always abort() on leak failure.

Reviewed-by: Stephen Henson <steve@openssl.org>
```
c2e27310
Disable some algorithms by default · 3af45d99
Dr. Stephen Henson authored Jan 10, 2016
```
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
```
3af45d99
Regenerate SSL record/statem error strings · aea145e3
Viktor Dukhovni authored Jan 09, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
aea145e3

Jan 10, 2016

fix shadow warning · 71405d68
Dr. Stephen Henson authored Jan 10, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
71405d68
File is about s_time, not s_client · 1918e01c
Kurt Roeckx authored Jan 02, 2016
```
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
1918e01c
Allow disabling the min and max version · 869e978c
Kurt Roeckx authored Jan 02, 2016
```
Reviewed-by: Viktor Dukhovni <openssl-users@dukhovni.org>
```
869e978c

Future-proof deprecated declartion parsing · ca0004e5

Viktor Dukhovni authored Jan 09, 2016



Support two-digest major/minor/micro numbers and die when the input
fails to parse

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

ca0004e5

RT41897: Add an CRYPTO_secure_actual_size · d594199b

Rich Salz authored Jan 07, 2016



This is already documented, I just forgot to include the code :)

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

d594199b

Fix c++ compilation · f820b792

Mat authored Jan 09, 2016

Fixes https://github.com/openssl/openssl/issues/532



Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>

f820b792

Adds missing type casts · 77f31b3a

Mat authored Jan 09, 2016

This fixes https://github.com/openssl/openssl/issues/534



Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>

77f31b3a

Adds crypto-mdebug as a valid option · 3e45d393

Mat authored Jan 09, 2016

Adds crypto-mdebug as a valid option. Fixes https://github.com/openssl/openssl/issues/537



Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>

3e45d393

Jan 09, 2016

Fix build failure on Windows · 85d7bdf0

Mat authored Jan 09, 2016

Fixes https://github.com/openssl/openssl/issues/530



Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>

85d7bdf0

update ordinals · 7ba4f9dd
Dr. Stephen Henson authored Jan 09, 2016
```
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
```
7ba4f9dd
Add DEPRECATEDIN support. · 7a556fb6
Dr. Stephen Henson authored Jan 09, 2016
```
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
```
7a556fb6
Correct header defines · c3be59a4
Dr. Stephen Henson authored Jan 08, 2016
```
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
```
c3be59a4