- Aug 28, 2014
-
-
Dr. Stephen Henson authored
Use "parse" and "add" for function and callback names instead of "first" and "second". Change arguments to callback so the extension type is unsigned int and the buffer length is size_t. Note: this *will* break existing code. Reviewed-by:Emilia Käsper <emilia@openssl.org>
-
Dr. Stephen Henson authored
Since sanity checks are performed for all custom extensions the serverinfo checks are no longer needed. Reviewed-by: -
Dr. Stephen Henson authored
Reject attempts to use extensions handled internally. Add flags to each extension structure to indicate if an extension has been sent or received. Enforce RFC5246 compliance by rejecting duplicate extensions and unsolicited extensions and only send a server extension if we have sent the corresponding client extension. Reviewed-by: -
Dr. Stephen Henson authored
Use the same structure for client and server custom extensions. Add utility functions in new file t1_ext.c. Use new utility functions to handle custom server and client extensions and remove a lot of code duplication. Reviewed-by: -
Dr. Stephen Henson authored
Reviewed-by:Geoff Thorpe <geoff@openssl.org>
-
Emilia Kasper authored
Pull constant-time methods out to a separate header, add tests. Reviewed-by:Bodo Moeller <bodo@openssl.org>
-
Raphael Spreitzer authored
Reviewed-by:Tim Hudson <tjh@openssl.org>
-
Rich Salz authored
Gah, I hate when I forget to pull before merging. Reviewed-by: rsalz
-
Rich Salz authored
Add the wrapper to all public header files (Configure generates one). Don't bother for those that are just lists of #define's that do renaming. Reviewed-by:
-
- Aug 27, 2014
-
-
Emilia Kasper authored
The old code implicitly relies on the ASN.1 code returning a \0-prefixed buffer when the buffer length is 0. Change this to verify explicitly that the ASN.1 string has positive length. Reviewed-by:Dr Stephen Henson <steve@openssl.org>
-
Matt Caswell authored
When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. Reviewed-by: -
Adam Langley authored
This change saves several EC routines from crashing when an EC_KEY is missing a public key. The public key is optional in the EC private key format and, without this patch, running the following through `openssl ec` causes a crash: -----BEGIN EC PRIVATE KEY----- MBkCAQEECAECAwQFBgcIoAoGCCqGSM49AwEH -----END EC PRIVATE KEY----- Reviewed-by: -
Mihai Militaru authored
I also removed some trailing whitespace and cleaned up the "see also" list. Reviewed-by: -
Rich Salz authored
Reviewed-by:
-
- Aug 26, 2014
-
-
Rich Salz authored
Stupid git tricks :( Reviewed-by: rsalz
-
David Gatwood authored
The description of when the server creates a DH key is confusing. This cleans it up. (rsalz: also removed trailing whitespace.) Reviewed-by:Viktor Dukhovni <viktor@openssl.org>
-
David Gatwood authored
The description of when the server creates a DH key is confusing. This cleans it up. (rsalz: also removed trailing whitespace.) Reviewed-by:
-
- Aug 25, 2014
-
-
Jan Schaumann authored
The EXAMPLE that used FILE and RC2 doesn't compile due to a few minor errors. Tweak to use IDEA and AES-128. Remove examples about RC2 and RC5. Reviewed-by:
-
- Aug 24, 2014
-
-
Matt Caswell authored
This patch was submitted by user "Kox" via the wiki Reviewed-by:
-
- Aug 22, 2014
-
-
Emilia Kasper authored
Use existing error code SSL_R_RECORD_TOO_SMALL for too many empty records. For ease of backporting the patch to release branches. Reviewed-by: -
Emilia Kasper authored
Add an extra NULL dereference check Reviewed-by: -
Emilia Kasper authored
Clarify the intended use of EVP_PKEY_sign. Make the code example compile. Reviewed-by:
-
- Aug 21, 2014
-
-
Jeffrey Walton authored
Remove extra initialization calls in the sample program. Reviewed-by: -
Emilia Kasper authored
In Visual Studio, inline is available in C++ only, however __inline is available for C, see http://msdn.microsoft.com/en-us/library/z8y1yy88.aspx Reviewed-by:
Richard Levitte <levitte@openssl.org> Reviewed-by:
-
Emilia Kasper authored
Reviewed-by:Andy Polyakov <appro@openssl.org>
-
- Aug 20, 2014
-
-
Andy Polyakov authored
RT: 2835 Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Laszlo Papp authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by:
-
- Aug 19, 2014
-
-
Martin Olsson authored
Don't check err variable until after it's been set. Reviewed-by: -
Martin Olsson authored
Don't need to check auth for NULL since we did when we assigned to it. Reviewed-by: -
Martin Olsson authored
I also found a couple of others (padlock and signinit) and fixed them. Reviewed-by: -
Rich Salz authored
-
Jeffrey Walton authored
Also rewrite section on compiler bugs; Matt pointed out that it has some grammatical issues. Reviewed-by: -
Jeffrey Walton authored
Also rewrite section on compiler bugs; Matt pointed out that it has some grammatical issues.
-
John Fitzgibbon authored
Extra SSL_get_selected_srtp_profile() declaration in ssl/srtp.h causes -Werror builds to fail. Reviewed-by:
-
- Aug 18, 2014
-
-
Laszlo Papp authored
-
Laszlo Papp authored
Reviewed-by: -
John Gardiner Myers authored
The file param is "const char*" not "char*" Reviewed-by:
-
