- Dec 11, 2017
-
-
Matt Caswell authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4891)
-
Matt Caswell authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4891)
-
Matt Caswell authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4891)
-
Matt Caswell authored
In 20-cert-select.conf there is a TLSv1.1 specific test which we should skip if TLSv1.1. is disabled. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4890)
-
- Dec 10, 2017
-
-
Matt Caswell authored
The tests in 25-cipher.conf all use TLSv1.2 ciphersuites so we shouldn't run it if we don't have TLSv1.2 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4889)
-
- Dec 09, 2017
-
-
FdaSilvaYY authored
check is already made 10 line above. clean commented code Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4885)
-
Patrick Steuer authored
Stop valgrind's complaints about uninitialized values. Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4842)
-
Patrick Steuer authored
Generate keys using EVP_CIPHER's key generation routine to support keys of a specific form. Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4842)
-
Patrick Steuer authored
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4843)
-
Daniel Bevenius authored
I noticed that some of the BIO_METHOD structs are placing the name on the same line as the type and some don't. This commit places the name on a separate line for consistency (which looks like what the majority do) CLA: trivial Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4878)
-
- Dec 08, 2017
-
-
Daniel Bevenius authored
CLA: trivial Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4880)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4841)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4841)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4841)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4841)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4841)
-
FdaSilvaYY authored
Expression '...' is always true. The 'b->init' variable is assigned values twice successively Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4753)
-
FdaSilvaYY authored
Pointer 'o' is set inside a local buffer, so it can't be NULL. Also fix coding style and add comments Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4754)
-
Benjamin Kaduk authored
s_client -status is not available in this configuration. While here, remove an outdated TODO(TLS1.3) comment. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4873)
-
Benjamin Kaduk authored
make_dummy_resp() uses OCSP types, and get_cert_and_key() is unused once make_dummy_resp() is compiled out, so neither can be included in the build when OCSP is disabled and strict warnings are active. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4873)
-
Benjamin Kaduk authored
There's no reason to wrap this call in TEST_true() if we're not checking the return value of TEST_true() -- all of the surrounding similar calls do not have the macro wrapping them. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4873)
-
Benjamin Kaduk authored
Avoid memory leaks in error paths, and correctly apply parentheses to function calls in a long if-chain. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4873)
-
Richard Levitte authored
Otherwise, any command that relies on ssl modules may fail, because SSL_add_ssl_module() will be called after the config file has already been loaded. Fixes #4788 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4792)
-
Richard Levitte authored
IF OPENSSL_init_ssl() is called with the option flag OPENSSL_INIT_LOAD_CONFIG, any SSL config will be handled wrongly (i.e. there will be an attempt to load libssl_conf.so or whatever corresponds to that on non-Unix platforms). Therefore, at least SSL_add_ssl_module() MUST be called before OPENSSL_init_crypto() is called. The base ssl init does that, plus adds all kinds of ciphers and digests, which is harmless. Fixes #4788 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4792)
-
Bernd Edlinger authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4862)
-
Benjamin Kaduk authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4874)
-
Andy Polyakov authored
256-bit AVX512VL was estimated to deliver ~50% improvement over AVX2 and it did live up to the expectations. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4838)
-
Andy Polyakov authored
It was observed that AVX512 code paths can negatively affect overall Skylake-X system performance. But we are talking specifically about 512-bit code, while AVX512VL, 256-bit variant of AVX512F instructions, is supposed to fly as smooth as AVX2. Which is why it remains unmasked. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4838)
-
Paul Yang authored
[to be squashed] Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4767)
-
Paul Yang authored
1. the 'ignore -days' warning should not be printed without '-x509' 2. the 'ignore -days' warning should terminate with new-line Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4767)
-
Richard Levitte authored
Some compilers react badly to non-ASCII characters Fixes #4877 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4879)
-
JitendraLulla authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4717)
-
JitendraLulla authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4717)
-
JitendraLulla authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4717)
-
JitendraLulla authored
extending afalg with aes-cbc-192/256, afalgtest.c also updated accordingly. comments from matt, Stephen considered fix indentation, remove printf from afalgtest.c Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4717)
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4872)
-
- Dec 07, 2017
-
-
Richard Levitte authored
Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4818)
-
Richard Levitte authored
It's better to inform the user about this than silently ignoring something that the user might expect to work, somehow. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4818)
-
Richard Levitte authored
This is, even when they contain spaces or all kinds of funny quotes Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4818)
-
Richard Levitte authored
This way, any of the relevant environment variables for the platform being configured are preserved and don't have to be recalled manually when reconfiguring. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4818)
-