- 10 Apr, 2019 1 commit
-
-
Richard Levitte authored
Even with custome ciphers, the combination in == NULL && inl == 0 should not be passed down to the backend cipher function. The reason is that these are the values passed by EVP_*Final, and some of the backend cipher functions do check for these to see if a "final" call is made. Fixes #8675 Reviewed-by:
Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8676)
-
- 09 Apr, 2019 9 commits
-
-
Paul Yang authored
This commit makes the X509_set_sm2_id to 'set0' behaviour, which means the memory management is passed to X509 and user doesn't need to free the sm2_id parameter later. API name also changes to X509_set0_sm2_id. Document and test case are also updated. Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8626)
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
When the purpose is to pass parameters to a setter function, that setter function needs to know the size of the data passed. This remains true for the pointer data types as well. Reviewed-by:
-
Matt Caswell authored
If using a custom X509_LOOKUP_METHOD then calls to X509_STORE_CTX_get_by_subject may crash due to an incorrectly initialised X509_OBJECT being passed to the callback get_by_subject function. Fixes #8673 Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8541)
-
Matt Caswell authored
When we attempt to fetch a method with a given NID we will ask the providers for it if we don't already know about it. During that process we may be told about other methods with a different NID. We need to make sure we don't confuse the two. Reviewed-by:
-
Richard Levitte authored
The targets Cygwin-x86 and Cygwin-x86_64 are the ones that should do this. Fixes #8684 Reviewed-by:
-
Richard Levitte authored
OSSL_PARAM_END is a macro that can only be used to initialize an OSSL_PARAM array, not to assign an array element later on. For completion, we add an end constructor to facilitate that kind of assignment. Reviewed-by:
-
Shane Lontis authored
Reviewed-by:
Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by:
-
- 08 Apr, 2019 4 commits
-
-
Shane Lontis authored
Reviewed-by:
Tim Hudson <tjh@openssl.org> Reviewed-by:
-
Pauli authored
Using a byte buffer causes problems for device that don't handle unaligned reads. Instead use the properly aligned variable that was already pointed at. Reviewed-by:
-
Dan Campbell authored
Fixes #8645 Reviewed-by:
Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by:
-
Shane Lontis authored
Reviewed-by:
-
- 07 Apr, 2019 2 commits
-
-
Patrick Steuer authored
ISO C90 forbids specifying subobject to initialize Signed-off-by:
Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by:
-
Patrick Steuer authored
C++ style comments are not allowed in ISO C90 Signed-off-by:
-
- 06 Apr, 2019 3 commits
-
-
FdaSilvaYY authored
Found by Coverity. Reviewed-by:
-
Pauli authored
Reviewed-by:
Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/8629)
-
Bernd Edlinger authored
Reviewed-by:
-
- 05 Apr, 2019 8 commits
-
-
Richard Levitte authored
The value of the 'default_properties' command is simply passed to EVP_set_default_properties(). Reviewed-by:
-
Richard Levitte authored
EVP_MD_fetch() can be given a property query string. However, there are cases when it won't, for example in implicit fetches. Therefore, we also need a way to set a global property query string to be used in all subsequent fetches. This also applies to all future algorithm fetching functions. Reviewed-by:
-
Richard Levitte authored
Additionally, merge ENGINE_CONF into CONF. Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Other configuration modules may have use for tracing, and having one tracing category for each of them is a bit much. Instead, we make one category for them all. Reviewed-by:
-
Richard Levitte authored
It was assumed that the config functionality returned a boolean. However, it may return a negative number on error, so we need to take that into account. Reviewed-by:
-
Richard Levitte authored
The three macros EVP_F_AESNI_XTS_INIT_KEY, EVP_F_AES_T4_XTS_INIT_KEY and EVP_F_AES_XTS_INIT_KEY are affected. Reviewed-by:
-
Pauli authored
than the update call. The means an earlier error return at the cost of some duplicated code. Reviewed-by:
-
- 04 Apr, 2019 9 commits
-
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Dr. Matthias St. Pierre authored
Fixes #8667 Reviewed-by:
-
Matt Caswell authored
There are some ciphersuites that were introduced in TLSv1.0/TLSv1.1 but are backwards compatible with SSLv3. Fixes #8655 Reviewed-by:
-
Matt Caswell authored
Fixes no-sm2 (and also no-sm3 and no-ec) Reviewed-by:
-
Richard Levitte authored
Since the macro to indicate if the test provider module is available is local to the test programs, it's better to use a name that isn't as easily confused with a library feature disabling macro that one would expect to find in opensslconf.h. Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
- 03 Apr, 2019 4 commits
-
-
Richard Levitte authored
The number that was used was already taken Reviewed-by:
-
Tomas Mraz authored
This prevents failure of openssl s_server socket binding to wildcard address on hosts with disabled IPv6. Reviewed-by:
Kurt Roeckx <kurt@roeckx.be> Reviewed-by:
-
Todd Short authored
Modify openssl OCSP utility to produce certIDs in responses using other hash algorithms (e.g. SHA256). Added option -rcid for this purpose. Reviewed-by:
Ben Kaduk <kaduk@mit.edu> Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
