Commits · d2c3d5d4fcfee0820ed3e7018f9b1537a97cbe2e · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

25 Oct, 2015 1 commit
- Probably fix travis (wine build). · d2c3d5d4
  Ben Laurie authored Oct 24, 2015
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
  d2c3d5d4
24 Oct, 2015 2 commits
- Improve make depend. · 84cf97af
  Ben Laurie authored Oct 03, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  84cf97af
- Fix undeclared variable warnings. · 2f1a5d16
  Ben Laurie authored Oct 03, 2015
```
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
```
  2f1a5d16
23 Oct, 2015 9 commits

Alessandro Ghedini authored Oct 08, 2015



RT#4081

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

070c2332

Check memory allocation · 8cf9d71a

Alessandro Ghedini authored Oct 08, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

8cf9d71a

Fix references to various RFCs · 3240e7cf

Alessandro Ghedini authored Oct 08, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

3240e7cf

Fix typos · d900a015

Alessandro Ghedini authored Oct 08, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

d900a015

Set salt length after the malloc has succeeded · c2319cf9
Alessandro Ghedini authored Oct 08, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
c2319cf9

Fix memory leaks and other mistakes on errors · 3f6c7691

Alessandro Ghedini authored Oct 08, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

3f6c7691

Replace malloc+strlcpy with strdup · 8acaabec

Alessandro Ghedini authored Oct 08, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

8acaabec

Do not treat 0 return value from BIO_get_fd() as error · 4428c7db

Alessandro Ghedini authored Oct 02, 2015



0 is a valid file descriptor.

RT#4068

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

4428c7db

Remove bugs/ and crypto/threads/ · dad0b512

Alessandro Ghedini authored Oct 23, 2015



Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

dad0b512

22 Oct, 2015 4 commits

Clarify return values for EVP_DigestVerifyFinal. · 8cbb048c

Adam Eijdenberg authored Oct 19, 2015



Previous language was unclear.  New language isn't pretty but I believe
it is more accurate.

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Ben Laurie <ben@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

8cbb048c

Only include SRP headers when OPENSSL_NO_SRP is undefined · 5212d39b
Richard Levitte authored Oct 22, 2015
```
[fixes github issue #447]

Reviewed-by: Tim Hudson <tjh@openssl.org>
```
5212d39b
Make Configure die when unsupported options are given · 489eb740
Richard Levitte authored Oct 22, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
489eb740

Add an explicit list of options that can be disabled, enabled, ... · 8b527be2

Richard Levitte authored Oct 22, 2015



Configure has, so far, had no control at all of which 'no-' options it
can be given.  This means that, for example, someone could configure
with something absurd like 'no-stack' and then watch the build crumble
to dust...  or file a bug report.

This introduces some sanity into the possible choices.

The added list comes from looking for the explicit ones used in
Configure, and from grepping after OPENSSL_NO_ in all source files.

Reviewed-by: Rich Salz <rsalz@openssl.org>

8b527be2

21 Oct, 2015 5 commits

make update · 15db6a40
Richard Levitte authored Oct 19, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
15db6a40
Don't forget to load the CT error strings · a0e8da5d
Richard Levitte authored Oct 19, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
a0e8da5d

Handle CT error macros separately · cc79f06c

Richard Levitte authored Oct 19, 2015



Because the default error macro generator assumes the header file with
error macros is in include/openssl and therefore generates a C file
with error texts that include <openssl/{name}.h>, we need to generate
the error macros and texts for CT separately, since the CT module
doesn't follow the default criteria.

Reviewed-by: Matt Caswell <matt@openssl.org>

cc79f06c

Don't use SSLv23_server_method in an example · 21cd6e00

Matt Caswell authored Oct 21, 2015



The function SSLv23_server_method() is an old name. New code should use
TLS_server_method() instead. Therefore don't use SSLv23_server_method() in
an example in the docs.

Reviewed-by: Richard Levitte <levitte@openssl.org>

21cd6e00

Avoid undefined behaviour in PACKET_buf_init · 3fde6c92

Matt Caswell authored Oct 21, 2015



Change the sanity check in PACKET_buf_init to check for excessive length
buffers, which should catch the interesting cases where len has been cast
from a negative value whilst avoiding any undefined behaviour.

RT#4094

Reviewed-by: Richard Levitte <levitte@openssl.org>

3fde6c92

18 Oct, 2015 7 commits
- ct_locl.h moved, reflect it in crypto/ct/Makefile · 788d72ba
  Richard Levitte authored Oct 18, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
  788d72ba
- make update · 338cb762
  Richard Levitte authored Oct 18, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  338cb762
- Add crypto/include/internal to the directories to scan for stack declarations · d865cb13
  Richard Levitte authored Oct 18, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  d865cb13
- Because ct_locl.h is used between modules, move it to internal headers · eb6d5f99
  Richard Levitte authored Oct 18, 2015
```
Rename it to ct_int.h

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  eb6d5f99
- Move auto Host adding to query_responder · 76e0cd12
  Dr. Stephen Henson authored Oct 18, 2015
```
Check for Host header in query_responder instead of process_responder. This
also fixes a memory leak in the old code if the headers was NULL.

Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  76e0cd12
- Fix memory leak with -issuer option. · bb7fc98c
  Dr. Stephen Henson authored Oct 18, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  bb7fc98c
- set string type when embedding · 7f3e6f8c
  Dr. Stephen Henson authored Oct 18, 2015
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  7f3e6f8c
17 Oct, 2015 1 commit

Move contributing info to CONTRIBUTING · eb05f173

Manish Goregaokar authored Oct 17, 2015



Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

eb05f173

16 Oct, 2015 2 commits

Run tests on Travis for mingw builds as well · 1a3ae788

Rich Salz authored Oct 16, 2015



Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Andy Polyakov <appro@openssl.org>

1a3ae788

Fix error message when loading engines from config · 1f08d945

Dmitry Belyavsky authored Oct 16, 2015

When using command line applications errors occur when trying to
load engines specified in a config file. Introduced by commit
a0a82324



RT#4093

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

1f08d945

15 Oct, 2015 9 commits
- Remove Obsolete engines · 8b7080b0
  Matt Caswell authored Oct 13, 2015
```
There are a number of engines in the OpenSSL source code which are now
obsolete. The following engines have been removed: 4758cca, aep, atalla,
cswift, nuron, sureware.

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  8b7080b0
- Fix self signed handling. · f51e5ed6
  Dr. Stephen Henson authored Aug 05, 2015
```
Don't mark a certificate as self signed if keyUsage is present and
certificate signing not asserted.

PR#3979

Reviewed-by: Matt Caswell <matt@openssl.org>
```
  f51e5ed6
- embed CRL serial number and signature fields · 34a42e14
  Dr. Stephen Henson authored Oct 11, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  34a42e14
- embed certificate serial number and signature fields · 81e49438
  Dr. Stephen Henson authored Oct 11, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  81e49438
- embed value field of X509_EXTENSION · 4392479c
  Dr. Stephen Henson authored Oct 11, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  4392479c
- add CHANGES entry for embed · 272d917d
  Dr. Stephen Henson authored Oct 11, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  272d917d
- Handle embed flag in ASN1_STRING_copy(). · 4002da0f
  Dr. Stephen Henson authored Oct 11, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  4002da0f
- PACKET: fix __owur · f4f78ff7
  Emilia Kasper authored Oct 15, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
  f4f78ff7
- Appease gcc's Wmaybe-uninitialized · bbafa47b
  Emilia Kasper authored Oct 15, 2015
```
False positive: gcc (4.8) can't figure out the SSL_IS_DTLS logic.

Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  bbafa47b