- 20 Nov, 2014 10 commits
-
-
Annie Yousar authored
In keygen, return KEY_SIZE_TOO_SMALL not INVALID_KEYBITS. ** I also increased the minimum from 256 to 512, which is now documented in CHANGES file. ** Reviewed-by:Matt Caswell <matt@openssl.org>
-
Rich Salz authored
Fix CONF_load_modules to CONF_modules_load. Document that it calls exit. Advise against using it now. Add an error print to stderr. Reviewed-by: -
David Benjamin authored
the session's version (server). See also BoringSSL's commit bdf5e72f50e25f0e45e825c156168766d8442dde. Reviewed-by:Dr. Stephen Henson <steve@openssl.org>
-
Matt Caswell authored
ECDH_compute_key is silently ignored and the KDF is run on duff data Thanks to github user tomykaira for the suggested fix. Reviewed-by: -
Emilia Kasper authored
Reviewed-by: -
Emilia Kasper authored
once the ChangeCipherSpec message is received. Previously, the server would set the flag once at SSL3_ST_SR_CERT_VRFY and again at SSL3_ST_SR_FINISHED. This would allow a second CCS to arrive and would corrupt the server state. (Because the first CCS would latch the correct keys and subsequent CCS messages would have to be encrypted, a MitM attacker cannot exploit this, though.) Thanks to Joeri de Ruiter for reporting this issue. Reviewed-by: -
Emilia Kasper authored
The server must send a NewSessionTicket message if it advertised one in the ServerHello, so make a missing ticket message an alert in the client. An equivalent change was independently made in BoringSSL, see commit 6444287806d801b9a45baf1f6f02a0e3a16e144c. Reviewed-by: -
Emilia Kasper authored
The client sends a session ID with the session ticket, and uses the returned ID to detect resumption, so we do not need to peek at handshake messages: s->hit tells us explicitly if we're resuming. An equivalent change was independently made in BoringSSL, see commit 407886f589cf2dbaed82db0a44173036c3bc3317. Reviewed-by: -
Emilia Kasper authored
The same change was independently made in BoringSSL, see commit 9eaeef81fa2d4fd6246dc02b6203fa936a5eaf67 Reviewed-by: -
Emilia Kasper authored
This ensures that it's zeroed even if the SSL object is reused (as in ssltest.c). It also ensures that it applies to DTLS, too. Reviewed-by:
-
- 19 Nov, 2014 5 commits
-
-
Matt Caswell authored
Reviewed-by: -
Dr. Stephen Henson authored
If no keyfile has been specified use the certificate file instead. Fix typo: we need to check the chain is not NULL, not the chain file. Reviewed-by:
-
Dr. Stephen Henson authored
When no-ssl3 is set only make SSLv3 disabled by default. Retain -ssl3 options for s_client/s_server/ssltest. When no-ssl3-method is set SSLv3_*method() is removed and all -ssl3 options. We should document this somewhere, e.g. wiki, FAQ or manual page. Reviewed-by:Emilia Käsper <emilia@openssl.org>
-
Dr. Stephen Henson authored
Don't send or parse any extensions other than RI (which is needed to handle secure renegotation) for SSLv3. Reviewed-by: -
Dr. Stephen Henson authored
The supported signature algorithms extension needs to be processed before the certificate to use is decided and before a cipher is selected (as the set of shared signature algorithms supported may impact the choice). Reviewed-by:
-
- 18 Nov, 2014 4 commits
-
-
Matt Caswell authored
Reviewed-by: -
Dr. Stephen Henson authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by: -
Matt Caswell authored
Reviewed-by:
-
- 17 Nov, 2014 1 commit
-
-
Jan Hykel authored
Don't attempt to access msg structure if recvmsg returns an error. PR#3483 Reviewed-by:
Tim Hudson <tjh@openssl.org>
-
- 16 Nov, 2014 7 commits
-
-
Mike Bland authored
Change-Id: I626d751f19f24df6b967c17498d6189cc0acb96c Signed-off-by:
Mike Bland <mbland@acm.org> Signed-off-by:
Geoff Thorpe <geoff@openssl.org> Reviewed-by:
Richard Levitte <levitte@openssl.org>
-
Mike Bland authored
This is the only Makefile without SRC defined. This change enables a standard Makefile include directive to cover crypto/jpake/*.d files. This was automatically applied by AddSrcVarIfNeeded() in: https://code.google.com/p/mike-bland/source/browse/openssl/update_makefiles.py Change-Id: I030204a1bc873b5de5b06c8ddc0b94bb224c6650 Signed-off-by:
-
Mike Bland authored
These correspond to targets of the same name in test/Makefile that clash when using the single-makefile build method using GitConfigure and GitMake. Change-Id: If7e900c75f4341b446608b6916a3d76f202026ea Signed-off-by:
-
Mike Bland authored
Before this change, variables for which a '=' appeared in the assignment would be parsed as the entire string up until the final '='. For example: BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \ would result in the variable name "BUILD_CMD=shlib_target". This doesn't appear to harm the current generation of MINFO, but creates problems for other Makefile-related work I'm attempting. Change-Id: I1f3a606d67fd5464bb459e8f36c23b3e967b77e1 Signed-off-by:
-
Mike Bland authored
These are based on debug-ben-debug-64-clang and is intended to produce consistent settings for folks involved in the unit testing effort detailed at: http://wiki.openssl.org/index.php/Unit_Testing -fsanitize has been removed from the set of clang flags for now. Apparently clang 3.1, which ships with FreeBSD 9.1, completely ignores -fsanitize. Clang 3.3, which ships with FreeBSD 9.2, compiles with it, but fails to link due to the absence of libasan: http://lists.freebsd.org/pipermail/freebsd-hackers/2013-December/043995.html https://www.mail-archive.com/cfe-commits@cs.uiuc.edu/msg92260.html http://reviews.llvm.org/D2644 We need -Wno-error=unused-const-variable because of this error: .../crypto/ec/ec_lib.c:74:19: error: unused variable 'EC_version' [-Werror,-Wunused-const-variable] static const char EC_version[] = "EC" OPENSSL_VERSION_PTEXT; Change-Id: I2cba53537137186114c083049ea1233550a741f9 Signed-off-by:
-
Mike Bland authored
This fixes the errors when trying to assemble .s files using GitMake on OS X. Change-Id: I2221f558619302d22e0c57d7203173d634155678 Signed-off-by:
-
Mike Bland authored
cscope.out is generated by cscope as described in: http://wiki.openssl.org/index.php/Testing_and_Development_Tools_and_Tips .d files are compiler-generated Makefile dependency files (e.g. using 'gcc -MMD -MP foo.c'). Change-Id: I2338858a6b6ee0527837d10a8b55cff1689023fd Signed-off-by:
-
- 13 Nov, 2014 3 commits
-
-
Dr. Stephen Henson authored
Print out more details of the conection in ssltest specifically: server certificate curve name for EC, server temporary key (if any) and peer signing digest. Reviewed-by: -
Dr. Stephen Henson authored
Add command line support for SSL_CONF: server side arguments are prefixed by -s_ (e.g. -s_no_ssl3) and client side with -c_. Reviewed-by: -
Dr. Stephen Henson authored
If the hash or public key algorithm is "undef" the signature type will receive special handling and shouldn't be included in the cross reference table. Reviewed-by:
-
- 12 Nov, 2014 3 commits
-
-
Alok Menghrajani authored
Out is the buffer which needs to contain at least inl + cipher_block_size - 1 bytes. Outl is just an int*. Reviewed-by: -
Michal Bozon authored
PR#3535 Reviewed-by: -
Matt Caswell authored
Reviewed-by:
-
- 11 Nov, 2014 1 commit
-
-
Kurt Roeckx authored
Reviewed-by:
-
- 10 Nov, 2014 2 commits
-
-
Russell Coker authored
This doesn't really fix the datarace but changes it so it can only happens once. This isn't really a problem since we always just set it to the same value. We now just stop writing it after the first time. PR3584, https://bugs.debian.org/534534 Signed-off-by:
Kurt Roeckx <kurt@roeckx.be> Reviewed-by:
Rich Salz <rsalz@openssl.org>
-
Kurt Roeckx authored
Reviewed-by:
-
- 30 Oct, 2014 1 commit
-
-
Andy Polyakov authored
PR: 3474 Reviewed-by:Kurt Roeckx <kurt@openssl.org>
-
- 29 Oct, 2014 3 commits
-
-
Dr. Stephen Henson authored
The trial division and probable prime with coprime tests are disabled on WIN32 builds because they use internal functions not exported from the WIN32 DLLs. Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by:
-
