- 08 Sep, 2014 12 commits
-
-
Dario B authored
I added some error-checking while integrating this patch. Reviewed-by:Tim Hudson <tjh@openssl.org>
-
Scott Schaefer authored
pod2man now complains when item tags are not sequential. Also complains about missing =back and other tags. Silence the warnings; most were already done. Reviewed-by: -
Rich Salz authored
The original RT request included a patch. By the time we got around to doing it, however, the callback scheme had changed. So I wrote a new function RSA_check_key_ex() that uses the BN_GENCB callback. But thanks very much to Vinet Sharma <vineet.sharma@gmail.com> for the initial implementation. Reviewed-by:Dr. Stephen Henson <steve@openssl.org>
-
Rich Salz authored
Reviewed-by: -
Robin Lee authored
Copy the ifdef/undef stanza from x509.h to x509v3.h Reviewed-by: -
Rich Salz authored
In the current code, the check isn't redundant. And in fact the REAL check was missing. This avoids a NULL-deref crash. Reviewed-by: -
Martin Olsson authored
Reviewed-by: -
Martin Olsson authored
Also, I (rsalz) changed "#ifdef undef" to "#if 0" Reviewed-by: -
Rich Salz authored
empty merge; script hiccup. Reviewed-by: -
Rich Salz authored
The function returns 0 or 1, only. Reviewed-by: -
Rich Salz authored
The function returns 0 or 1, only. Reviewed-by: -
Alon Bar-Lev authored
Reviewed-by:
-
- 07 Sep, 2014 1 commit
-
-
Viktor Dkhovni authored
Regexp was bracketed wrong. Reviewed-by:
-
- 05 Sep, 2014 5 commits
-
-
Emilia Kasper authored
Reviewed-by: -
Emilia Kasper authored
i2d_re_X509_tbs re-encodes the TBS portion of the certificate. Reviewed-by:
Rich Salz <rsalz@openssl.org> Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:Emilia Käsper <emilia@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: -
Adam Langley authored
Fix a bug in handling of 128 byte long PSK identity in psk_client_callback. OpenSSL supports PSK identities of up to (and including) 128 bytes in length. PSK identity is obtained via the psk_client_callback, implementors of which are expected to provide a NULL-terminated identity. However, the callback is invoked with only 128 bytes of storage thus making it impossible to return a 128 byte long identity and the required additional NULL byte. This CL fixes the issue by passing in a 129 byte long buffer into the psk_client_callback. As a safety precaution, this CL also zeroes out the buffer before passing it into the callback, uses strnlen for obtaining the length of the identity returned by the callback, and aborts the handshake if the identity (without the NULL terminator) is longer than 128 bytes. (Original patch amended to achieve strnlen in a different way.) Reviewed-by:
-
- 03 Sep, 2014 3 commits
-
-
Richard Levitte authored
string returns 0 with errno = ENOENT. Reviewed-by:Andy Polyakov <appro@openssl.org>
-
Phil Mesnier authored
Reviewed-by:
Richard Levitte <levitte@openssl.org> Reviewed-by:
-
Clang via Jeffrey Walton authored
Can't really happen, but the flow of control isn't obvious. Add an initializer. Reviewed-by:Matt Caswell <matt@openssl.org>
-
- 02 Sep, 2014 1 commit
-
-
Emilia Kasper authored
"inline" without static is not correct as the compiler may choose to ignore it and will then either emit an external definition, or expect one. Reviewed-by:Geoff Thorpe <geoff@openssl.org>
-
- 01 Sep, 2014 2 commits
-
-
Kurt Cancemi authored
Reviewed-by: -
Adam Williamson authored
RT842, closed back in 2004, changed the default serial number to be a random number rather than zero. Finally time to update the doc Reviewed-by:
-
- 31 Aug, 2014 2 commits
-
-
Rich Salz authored
Reviewed-by: -
TANABE Hiroyasu authored
Add .crt/.cer/.crl to the filenames parsed. I also updated the podpage (since it didn't exist when this ticket was first created, nor when it was re-created seven years later). Reviewed-by:
-
- 30 Aug, 2014 9 commits
-
-
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Rich Salz authored
Reviewed-by: -
Rich Salz authored
Andy pointed out there is also darwin64, so tweak the pattern. Reviewed-by: -
Rich Salz authored
Re-order algorithm list. Be consistent in command synopsis. Add content about signing. Add EXAMPLE section Add some missing options: -r, -fips-fingerprint -non-fips-allow Various other fixes. Reviewed-by: -
Rich Salz authored
Andy found an additional typo "can be can be". Now I have that silly "Que sera sera" song stuck in my head. Reviewed-by: -
James Westby authored
Add the file written by James Westby, graciously contributed under the terms of the OpenSSL license. Reviewed-by: -
Andy Polyakov authored
New option allows to perform benchmarks on misaligned data. Reviewed-by:
-
- 29 Aug, 2014 3 commits
-
-
Rich Salz authored
The doc says that port can be "*" to mean any port. That's wrong. Reviewed-by: -
Matt Caswell authored
PR2693 Reviewed-by: -
Jim Reid authored
Add Darwin to list of case-insensitive filenames when installing manapges. When doing this, I noticed that we weren't setting "filecase" for the HTML doc install. Reviewed-by:
-
- 28 Aug, 2014 2 commits
-
-
Rich Salz authored
Make X509_REQ_print_ex do the same thing that X509_REQ_print does. Reviewed-by: -
Rich Salz authored
RT1665: aes documentation. Paul Green wrote a nice aes.pod file. But we now encourage the EVP interface. So I took his RT item and used it as impetus to add the AES modes to EVP_EncryptInit.pod I also noticed that rc4.pod has spurious references to some other cipher pages, so I removed them. RT2300: Clean up MD history (merged into RT1665) Put HISTORY section only in EVP_DigestInit.pod. Also add words to discourage use of older cipher-specific API, and remove SEE ALSO links that point to them. Make sure digest pages have a NOTE that says use EVP_DigestInit. Review feedback: More cleanup in EVP_EncryptInit.pod Fixed SEE ALSO links in ripemd160.pod, sha.pod, mdc2.pod, blowfish.pod, rc4.d, and des.pod. Re-order sections in des.pod for consistency Reviewed-by:
-
