- Dec 11, 2017
-
-
Matt Caswell authored
In 20-cert-select.conf there is a TLSv1.1 specific test which we should skip if TLSv1.1. is disabled. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4890)
-
- Dec 10, 2017
-
-
Matt Caswell authored
The tests in 25-cipher.conf all use TLSv1.2 ciphersuites so we shouldn't run it if we don't have TLSv1.2 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4889)
-
- Dec 09, 2017
-
-
FdaSilvaYY authored
check is already made 10 line above. clean commented code Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4885)
-
Patrick Steuer authored
Stop valgrind's complaints about uninitialized values. Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4842)
-
Patrick Steuer authored
Generate keys using EVP_CIPHER's key generation routine to support keys of a specific form. Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4842)
-
Patrick Steuer authored
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4843)
-
Daniel Bevenius authored
I noticed that some of the BIO_METHOD structs are placing the name on the same line as the type and some don't. This commit places the name on a separate line for consistency (which looks like what the majority do) CLA: trivial Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4878)
-
- Dec 08, 2017
-
-
Daniel Bevenius authored
CLA: trivial Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4880)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4841)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4841)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4841)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4841)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4841)
-
FdaSilvaYY authored
Expression '...' is always true. The 'b->init' variable is assigned values twice successively Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4753)
-
FdaSilvaYY authored
Pointer 'o' is set inside a local buffer, so it can't be NULL. Also fix coding style and add comments Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4754)
-
Benjamin Kaduk authored
s_client -status is not available in this configuration. While here, remove an outdated TODO(TLS1.3) comment. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4873)
-
Benjamin Kaduk authored
make_dummy_resp() uses OCSP types, and get_cert_and_key() is unused once make_dummy_resp() is compiled out, so neither can be included in the build when OCSP is disabled and strict warnings are active. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4873)
-
Benjamin Kaduk authored
There's no reason to wrap this call in TEST_true() if we're not checking the return value of TEST_true() -- all of the surrounding similar calls do not have the macro wrapping them. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4873)
-
Benjamin Kaduk authored
Avoid memory leaks in error paths, and correctly apply parentheses to function calls in a long if-chain. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4873)
-
Richard Levitte authored
Otherwise, any command that relies on ssl modules may fail, because SSL_add_ssl_module() will be called after the config file has already been loaded. Fixes #4788 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4792)
-
Richard Levitte authored
IF OPENSSL_init_ssl() is called with the option flag OPENSSL_INIT_LOAD_CONFIG, any SSL config will be handled wrongly (i.e. there will be an attempt to load libssl_conf.so or whatever corresponds to that on non-Unix platforms). Therefore, at least SSL_add_ssl_module() MUST be called before OPENSSL_init_crypto() is called. The base ssl init does that, plus adds all kinds of ciphers and digests, which is harmless. Fixes #4788 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4792)
-
Bernd Edlinger authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4862)
-
Benjamin Kaduk authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4874)
-
Andy Polyakov authored
256-bit AVX512VL was estimated to deliver ~50% improvement over AVX2 and it did live up to the expectations. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4838)
-
Andy Polyakov authored
It was observed that AVX512 code paths can negatively affect overall Skylake-X system performance. But we are talking specifically about 512-bit code, while AVX512VL, 256-bit variant of AVX512F instructions, is supposed to fly as smooth as AVX2. Which is why it remains unmasked. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4838)
-
Paul Yang authored
[to be squashed] Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4767)
-
Paul Yang authored
1. the 'ignore -days' warning should not be printed without '-x509' 2. the 'ignore -days' warning should terminate with new-line Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4767)
-
Richard Levitte authored
Some compilers react badly to non-ASCII characters Fixes #4877 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4879)
-
JitendraLulla authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4717)
-
JitendraLulla authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4717)
-
JitendraLulla authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4717)
-
JitendraLulla authored
extending afalg with aes-cbc-192/256, afalgtest.c also updated accordingly. comments from matt, Stephen considered fix indentation, remove printf from afalgtest.c Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4717)
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4872)
-
- Dec 07, 2017
-
-
Richard Levitte authored
Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4818)
-
Richard Levitte authored
It's better to inform the user about this than silently ignoring something that the user might expect to work, somehow. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4818)
-
Richard Levitte authored
This is, even when they contain spaces or all kinds of funny quotes Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4818)
-
Richard Levitte authored
This way, any of the relevant environment variables for the platform being configured are preserved and don't have to be recalled manually when reconfiguring. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4818)
-
Richard Levitte authored
Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4818)
-
Richard Levitte authored
In other words, make the following possible: ./config CC=clang or ./Configure CC=clang linux-x86_64 Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4818)
-
Richard Levitte authored
There are cases when we overwrite %ENV values, and while this is perfectly fine on some platforms, it isn't on others, because the Configure script isn't necessarely run in a separate process, and thus, changing %ENV may very well change the environment of the calling shell. VMS is such a platform. Furthermore, saving away values that we use also allow us to save them in configdata.pm in an effective way, and recall those values just as effectively when reconfiguring. Also, this makes sure that we do use the saved away values when reconfiguring, when the actual environment variables might otherwise affect us. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4818)
-