- Feb 05, 2016
-
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Viktor Dukhovni authored
Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Richard Levitte authored
Fortunately, we only use socklen_t internally Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Matt Caswell authored
Following on from earlier commits to prevent local symbols from being exported in the shared libraries on Linux, this makes the equivalent changes for Solaris. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Dr. Stephen Henson authored
Add new function EC_KEY_priv2buf() to allocated and encode private key octet in one call. Update and simplify ASN.1 and print routines. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Dr. Stephen Henson authored
Don't require an application to work out the appropriate buffer size for ASN1_bn_print(), which is unsafe. Ignore the supplied buffer and allocate it internally instead. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Dr. Stephen Henson authored
Update EC ASN.1 and print routines to use EC_KEY_oct2priv and EC_KEY_priv2oct. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Dr. Stephen Henson authored
New functions EC_KEY_oct2priv and EC_KEY_priv2oct. These are private key equivalents of EC_POINT_oct2point and EC_POINT_point2oct which convert between the private key octet format and EC_KEY. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
- Feb 04, 2016
-
-
Matt Caswell authored
Ensure we respect OPENSSL_NO_RDRAND Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
A small typo crept in. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Dmitry Sobinov authored
Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
This uilds on the same way of checking for availability as we do in TLSProxy. We use all IP factories we know of, starting with those who know both IPv6 and IPv4 and ending with the one that only knows IPv4 and cache their possible success as foundation for checking the available of each IP domain. 80-test_ssl.t has bigger chances of working on platforms that do not run both IP domains. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Mouse authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
This is an important move if scripts want to refer to the loaded module without having perl think it needs to be loaded (again). Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Todd Short authored
Add no-async option to Configure that forces ASYNC_NULL. Related to RT1979 An embedded system or replacement C library (e.g. musl or uClibc) may not support the *context APIs that are needed for async operation. Compiles with musl. Ran unit tests, async tests skipped as expected. Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Both getaddrinfo() and getnameinfo() have to be preceeded with a call to BIO_sock_init(). Also, make sure to give gai_strerror() the actual error code. Reviewed-by: Stephen Henson <steve@openssl.org>
-
Richard Levitte authored
Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Dmitry-Me authored
Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
-
Kurt Roeckx authored
Windows doesn't have h_error or hstrerror() Reviewed-by: Richard Levitte <levitte@openssl.org> MR: #1848
-
Kurt Roeckx authored
Reviewed-by: Richard Levitte <levitte@openssl.org> RT: #4288, MR: #1831
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Daniel Black authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Billy Brumley authored
Those even order that do not play nicely with Montgomery arithmetic Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org>
-
Emilia Kasper authored
In HMAC_Init_ex, NULL key signals reuse, but in single-shot HMAC, we can allow it to signal an empty key for convenience. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Viktor Szakats authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Kurt Roeckx authored
Reviewed-by: Richard Levitte <levitte@openssl.org> MR: #1841
-
Richard Levitte authored
Reviewed-by: Ben Laurie <ben@openssl.org>
-
Richard Levitte authored
The test program clienthello checks TLS extensions, so there's no point running it when no TLS protocol is available. Reviewed-by: Ben Laurie <ben@openssl.org>
-
Richard Levitte authored
Otherwise, it could typically always return an empty list, since it's often called first if at all. Reviewed-by: Ben Laurie <ben@openssl.org>
-
Rich Salz authored
And some others found in the Internet. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
Viktor Dukhovni authored
When connecting to "localhost" the Proxy's choice of client address family may not match the server's choice address family. Without MultiHomed => 1, the proxy may try the wrong address family first, and give up without trying the other. Reviewed-by: Richard Levitte <levitte@openssl.org>
-