- Mar 02, 2017
-
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2737)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2737)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2737)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2737)
-
Matt Caswell authored
We also skip any early_data that subsequently gets sent. Later commits will process it if we can. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2737)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2737)
-
Matt Caswell authored
We provide SSL_write_early() which *must* be called first on a connection (prior to any other IO function including SSL_connect()/SSL_do_handshake()). Also SSL_write_early_finish() which signals the end of early data. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2737)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2737)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2737)
-
Matt Caswell authored
Allows you to set the number of bytes that can be sent as early data Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2737)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2737)
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2825)
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2827)
-
Richard Levitte authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2827)
-
Matt Caswell authored
Don't create a custom boolean type for parsing CompressionExpected. Use the existing one instead. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2814)
-
Matt Caswell authored
Check whether we negotiate compression in various scenarios. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2814)
-
Matt Caswell authored
do_ssl3_write() was crashing when compression was enabled. We calculate the maximum length that a record will be after compression and reserve those bytes in the WPACKET. Unfortunately we were adding the maximum compression overhead onto the wrong variable resulting in a corrupted record. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2814)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2814)
-
Robert Scheck authored
Based on initial patch by Alex Bergmann <alex@linlab.net> and new function ldap_ExtendedResponse_parse() by Andy Polyakov <appro@openssl.org>. Thanks very much to both. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2293)
-
Andy Polyakov authored
GH#2816 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
Private hstrerror was introduced to address linking problem on HP-UX, but truth be told conemporary systems, HP-UX included, wouldn't come to that call, they would use getaddrinfo and gai_strerror, while gethostbyname and h_errno are there to serve legacy systems. Since legacy systems are naturally disappearing breed, we can as well just let user interpret number. GH#2816 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
[skip ci] Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Jon Spillett authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2822)
-
Andy Polyakov authored
For pull requests not tagged with [extended tests]: - short-curcuit most expensive fuzz and install tests; - skip over non-shared builds; Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2810)
-
Andy Polyakov authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2810)
-
Richard Levitte authored
[skip ci] Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2818)
-
- Mar 01, 2017
-
-
Bernd Edlinger authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2693)
-
Andy authored
CLA: trivial Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2806)
-
Richard Levitte authored
With VMS C, the second parameter takes a 32-bit pointer. When building with 64-bit pointer size default, we must compensate. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2811)
-
Richard Levitte authored
Use EVP_CIPHER_CTX_reset() instead Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2812)
-
Emilia Kasper authored
- FLAT_INC - PKCS1_CHECK (the SSL_OP_PKCS1_CHECK options have been no-oped) - PKCS_TESTVECT (debugging leftovers) - SSL_AD_MISSING_SRP_USERNAME (unfinished feature) - DTLS_AD_MISSING_HANDSHAKE_MESSAGE (unfinished feature) - USE_OBJ_MAC (note this removes a define from the public header but very unlikely someone would be depending on it) - SSL_FORBID_ENULL Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Benjamin Kaduk authored
It's undocumented and unused in the tree. The idea seems to have never gained much traction, and can be removed without breaking ABI compatibility. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2800)
-
Benjamin Kaduk authored
Cleanse instead, and free in the free routine. Seems to have been introduced in commit 846ec07d when EVP_CIPHER_CTX was made opaque. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2798)
-
- Feb 28, 2017
-
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org>
-
Richard Levitte authored
Base address setting was done for the sake of FIPS. Since FIPS references have been removed, we clean away this one as well. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2791)
-
Bernd Edlinger authored
Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2764)
-