- Jul 04, 2017
-
-
Rich Salz authored
Reviewed-by:
Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3842)
-
Richard Levitte authored
If scheme is NULL, the allocated res is leaked Reviewed-by:
Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3841)
-
- Jul 03, 2017
-
-
Pauli authored
This prevents a warning when building with crypto-mdebug. Reviewed-by:
-
Rich Salz authored
And BN_pseudo_rand_range is really BN_rand_range. Document that we might deprecate those functions. Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3743)
-
Andy Polyakov authored
Reviewed-by:
Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/3643)
-
Andy Polyakov authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3824)
-
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
[Also typo and readability fixes. Ryzen result is added.] Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Rich Salz authored
Fix a =head1 section name Fix a typo in POD label Remove a spurious =back Add a missing blank line Avoid 'legacy' -- use 'deprecated' if still needed if we cannot just reword. Always do strict checking Do not warn about missing "RETURN VALUES" unless -s is set. Change OpenSSL version 1.1 -> 1.1.0 Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Matt Caswell authored
We need to use the hashsize in generating the exportsecret not 0! Otherwise we end up with random garbage for the secret. It was pure chance that this passed the tests previously. It so happens that, because we call SSL_export_keying_material() repeatedly for different scenarios in the test, we end up in the tls13_export_keying_material() at exactly the same position in the stack each time and therefore end up using the same random garbage secret each time! Reviewed-by:
Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3810)
-
Richard Levitte authored
Instead, make it possible to disable the console reader that's part of the UI module. This makes it possible to use the UI API and other UI methods in environments where the console reader isn't useful. To disable the console reader, configure with 'no-ui-console' / 'disable-ui-console'. 'no-ui' / 'disable-ui' is now an alias for 'no-ui-console' / 'disable-ui-console'. Fixes #3806 Reviewed-by:
-
Richard Levitte authored
The post process callback might potentially say "no" to everything (by constantly returning NULL) and thereby cause an endless loop. Ensure that we stop all processing when "eof" is reached. Reviewed-by:
Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/3823)
-
Pauli authored
Reviewed-by:
Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3831)
-
- Jul 02, 2017
-
-
Kurt Roeckx authored
Reviewed-by: -
Richard Levitte authored
... so compare accordingly with "//localhost" Reviewed-by:
-
- Jul 01, 2017
-
-
Richard Levitte authored
Reviewed-by:
-
Rich Salz authored
Remove some incorrect copyright references. Move copyright to standard place Add OpenSSL copyright where missing. Remove copyrighted file that we don't use any more Remove Itanium assembler for RC4 and MD5 (assembler versions of old and weak algorithms for an old chip) Standardize apps/rehash copyright comment; approved by Timo Put dual-copyright notice on mkcert Reviewed-by:
-
- Jun 30, 2017
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
Rich Salz authored
Reviewed-by:
-
Rich Salz authored
This is done with the kind permission of Intel. Reviewed-by:
-
Rich Salz authored
Reviewed-by:
-
Matt Caswell authored
There are no public TLSv1_3_*method() functions so OPENSSL_NO_TLS1_3_METHOD doesn't make any sense and should be removed. Reviewed-by:
-
- Jun 29, 2017
-
-
Rich Salz authored
Only for Unix platforms Reviewed-by:
-
Richard Levitte authored
Most of the loader function pointers are crucial, they must be defined unconditionally. Therefore, let's make sure OSSL_STORE_register_loader refuses to register incomplete loaders Reviewed-by:
-
Richard Levitte authored
We have already made sure that the loader scheme isn't NULL, so checking if they are NULL or not when comparing registered loaders is redundant. We still soft assert it, just to be entirely sure. Reviewed-by:
-
Richard Levitte authored
For Windows, we care which way it is, the resulting file is just a pile of symbols. For VMS, we really need to care about the numeric ordering, and getting the symbols sorted by symbol version too didn't agree with that. Reviewed-by:
-
Richard Levitte authored
This allows us to guard Unix specific functions with #ifndef / #ifdef OPENSSL_SYS_UNIX Reviewed-by:
-
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Richard Levitte authored
store_attach_pem_bio() creates a STORE_CTX with the 'file' scheme loader backend in PEM reading mode on an already opened BIO. store_detach_pem_bio() detaches the STORE_CTX from the BIO and destroys it (without destroying the BIO). These two functions can be used in place of STORE_open() and STORE_close(), and are present as internal support for other OpenSSL functions. Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Steven Danneman authored
The packet parsing code for the server version string was incrementing the array index twice on every iteration. This meant that strings with an even number of characters would pass, but strings with an odd number (ex: 5.7.18-0ubuntu0.16.04.1) would cause the pos variable to get out of sync. This would cause a later failure with "MySQL packet is broken." CLA: trivial Reviewed-by:
-
