- Apr 27, 2018
-
-
Matt Caswell authored
Make it clear that you should not attempt to get the version before the first handshake is complete. Fixes #2893 Reviewed-by:
Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6014)
-
Richard Levitte authored
Fixes #6098 Reviewed-by:
Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/6104) (cherry picked from commit ff25dd1a)
-
Billy Brumley authored
Reviewed-by:
Rich Salz <rsalz@openssl.org> Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6101)
-
- Apr 26, 2018
-
-
Bernd Edlinger authored
Fixes: #5950 Reviewed-by:
-
Matt Caswell authored
Note that calling the *use_certificate* functions will replace any existing certificate of the same type. The same thing applies for private keys. Fixes #2147 Reviewed-by:
-
Richard Levitte authored
In a recent commit, a OPENSSL_NO_UI guard was dropped by mistake in PEM_def_callback(), so this puts it back. At the same time, that previous commit got rid of the necessity to have a OPENSSL_NO_STDIO guard, so we drop that instead. Reviewed-by:
-
Richard Levitte authored
get_last_sys_error() already exists, so there's no need for yet another macro that fulfills the same purpose. Fixes #4120 Reviewed-by:
Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6088) (cherry picked from commit b4c35656)
-
Richard Levitte authored
Add a bit more commentary to explain what's going on. Reviewed-by:
-
Richard Levitte authored
That error is already caught by EVP_read_pw_string_min, and causes this function to return -1, so the code detecting too short passwords in this function is practically dead. Fixes #5465 Reviewed-by:
-
- Apr 25, 2018
-
-
Richard Levitte authored
Fixes #6083 Reviewed-by:
-
Richard Levitte authored
Fixes #5656 Reviewed-by:
-
Matt Caswell authored
This option shows the certificates as sent by the server. It is not the full verified chain. Fixes #4933 Reviewed-by:
-
Matt Caswell authored
The MAX_CURVELIST macro defines the total number of in-built SSL/TLS curves that we support. However it has not been updated as new curves are added. Fixes #5232 Reviewed-by:
Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/6065) (cherry picked from commit ca50cd91)
-
- Apr 24, 2018
-
-
Matt Caswell authored
In 1.0.2 and below we always send the same client_version in a reneg ClientHello that we sent the first time around, regardless of what version eventually gets negotiated. According to a comment in statem_clnt.c this is a workaround for some buggy servers that choked if we changed the version used in the RSA encrypted premaster secret. In 1.1.0+ this behaviour no longer occurs. This restores the original behaviour. Fixes #1651 Reviewed-by:
-
Matt Caswell authored
Document the fact that if a session is not closed down cleanly then the session gets removed from the cache and marked as non-resumable. Fixes #4720 Reviewed-by:
-
Matt Caswell authored
In 1.1.0 and above we check the digest algorithm used to create signatures in intermediate CA certs. If it is not sufficiently strong then we reject the cert. To work out what digest was used we look at the OID for the signature. This works for most signatures, but not for RSA PSS where the digest is stored as parameter of the SignatureAlgorithmIdentifier. This results in the digest look up routines failing and the cert being rejected. PR #3301 added support for doing this properly in master. So in that branch this all works as expected. It also works properly in 1.0.2 where we don't have the digest checks at all. So the only branch where this fails is 1.1.0. PR #3301 seems too significant to backport to 1.1.0. Instead we simply skip the signature digest algorithm strength checks if we detect RSA PSS. Fixes #3558. Reviewed-by:
-
Matt Caswell authored
In 1.0.2 you could configure automatic ecdh params by using the ECDHParameters config directive and setting it to the value "+Automatic" or just "Automatic". This is no longer required in 1.1.0+ but we still recognise the "+Automatic" keyword for backwards compatibility. However we did not recognise just "Automatic" without the leading "+" which is equally valid. This commit fixes that omission. Fixes #4113 Reviewed-by:
-
- Apr 23, 2018
-
-
Billy Brumley authored
Reviewed-by:
-
Nicola Tuveri authored
Reviewed-by:
-
Nicola Tuveri authored
Reviewed-by:
-
Billy Brumley authored
Reviewed-by:
-
Nicola Tuveri authored
Reviewed-by:
-
Billy Brumley authored
Co-authored-by:
Nicola Tuveri <nic.tuv@gmail.com> Co-authored-by:
Cesar Pereida Garcia <cesar.pereidagarcia@tut.fi> Co-authored-by:
Sohaib ul Hassan <soh.19.hassan@gmail.com> Reviewed-by:
-
Andy Polyakov authored
Reviewed-by:
Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/6043) (cherry picked from commit 198a2ed7)
-
Richard Levitte authored
On Unix, this doesn't matter, but on other platforms, it may. Reviewed-by:
-
Richard Levitte authored
For 'openssl dhparams', the output file was opened after calculations were made, which is a waste of cycles and time if the output file turns out not to be writable. Fixes #3404 Reviewed-by:
-
- Apr 21, 2018
-
-
Bernd Edlinger authored
Back-port of #5911 Fixes: #5899 Reviewed-by:
-
- Apr 20, 2018
-
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Casting to the generic function type "void (*)(void)" prevents the warning. Backport of #5816 Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
DTLS was not correctly returning the number of pending bytes left in a call to SSL_pending(). This makes the detection of truncated packets almost impossible. Fixes #5478 Reviewed-by:
-
Matt Caswell authored
We were sending illegal parameter. This isn't correct. The parameters are legal, we just don't have an overlap. A more appropriate alert is handshake failure. Fixes #2919 Reviewed-by:
-
- Apr 19, 2018
-
-
Richard Levitte authored
Configurations/90-team.conf isn't for public consumption, so we rename it to 90-team.norelease.conf and make sure 'make dist' and 'make tar' don't include it in the tarball. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
The X509_STORE_CTX_init() docs explicitly allow a NULL parameter for the X509_STORE. Therefore we shouldn't crash if we subsequently call X509_verify_cert() and no X509_STORE has been set. Fixes #2462 Reviewed-by:
-
Matt Caswell authored
If we run the ocsp command line app and the responder returns a non-successful status code then the app should exit with a failure code. Based on an original patch by Tatsuhiro Tsujikawa. Fixes #2387 Reviewed-by:
-
Emilia Kasper authored
The behaviour of X509_cmp_time used to be undocumented. The new behaviour, documented in master, is to return only 0, 1, or -1. Make the code in the other branches to adhere to this behaviour too, to reduce confusion. There is nothing to be gained from returning other values. Fixes GH#4954 Reviewed-by:
Tim Hudson <tjh@openssl.org> Reviewed-by:
-
Matt Caswell authored
Explicitly state which digests can be used with which algorithms. Fixes #5854 Reviewed-by:
-
- Apr 18, 2018
-
-
Rahul Chaudhry authored
Branch to global symbol results in reference to PLT, and when compiling for THUMB-2 - in a R_ARM_THM_JUMP19 relocation. Some linkers don't support this relocation (ld.gold), while others can end up truncating the relocation to fit (ld.bfd). Convert this branch through PLT into a direct branch that the assembler can resolve locally. See https://github.com/android-ndk/ndk/issues/337 for background. The current workaround is to disable poly1305 optimization assembly, which is not optimal and can be reverted after this patch: https://github.com/freedesktop/gstreamer-cerbero/commit/beab607d2b1ff23c41b7e01aa9c64be5e247d1e6 CLA: trivial Reviewed-by:
-
