- Jun 03, 2016
-
-
Richard Levitte authored
Needed to get the needed declarations for STACK_OF(X509) Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Generate small test programs to check that external programs can be built with our stuff at a very basic level. For now, they check that each of our header files can be included individually without compile failure. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
According to the x509 man page in the section discussing -certopt it says that the ca_default option is the same as that used by the ca utility and (amongst other things) has the effect of suppressing printing of the signature - but in fact it doesn't. This error seems to have been present since the documentation was written back in 2001. It never had this effect. The default config file sets the certopt value to ca_default. The ca utility takes that and THEN adds additional options to suppress printing of the signature. So the ca utility DOES suppress printing of the signature - but it is not as a result of using the ca_default option. GitHub Issue #247 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
If the string to print is exactly 2048 character long (excluding the NULL terminator) then BIO_printf will chop off the last byte. This is because it has filled its static buffer but hasn't yet allocated a dynamic buffer. In cases where we don't have a dynamic buffer we need to truncate but that is not the case for BIO_printf(). We need to check whether we are able to have a dynamic buffer buffer deciding to truncate. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Jonas Maebe authored
zapparams modification based on tip from Matt Caswell RT#3198 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Matt Caswell authored
The ssl3_init_finished_mac() function can fail, in which case we need to propagate the error up through the stack. RT#3198 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Fill out the INSTALL instructions with more information on Configure arguments, environment variables and Makefile targets. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Mat authored
Use STATUS_SUCCESS instead of 0. Renamed USE_BCRYPT to RAND_WINDOWS_USE_BCRYPT to avoid possible collisions with other defines. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1142)
-
Mat authored
Adds missing casts for 64-bit. Removed zero initialization of hProvider. hProvider is an "out" parameter of CryptAcquireContextW. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1142)
-
Mat authored
Define USE_BCRYPT Removed _WIN32_WINNT define Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1142)
-
Mat authored
When openssl is compiled with MSVC and _WIN32_WINNT>=0x0601 (Windows 7), BCryptGenRandom is used instead of the legacy CryptoAPI. This change brings the following benefits: - Removes dependency on CryptoAPI (legacy API) respectively advapi32.dll - CryptoAPI Cryptographic Service Providers (rsa full) are not dynamically loaded. - Allows Universal Windows Platform (UWP) apps to use openssl (CryptGenRandom is not available for Windows store apps) Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1142)
-
Matt Caswell authored
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Tweak to the wording on merge commits. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Fix some typos and other minor amendments to NOTES.PERL. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Make the recommendation for MSYS perl in an MSYS environment more forceful. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Fix typos and clarify a few things in the CONTRIBUTING file. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
The README file was a little out of date so needed a refresh Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Pauli authored
The problem is the checking in policy_cache_set, there is a race condition between the null check and obtaining the lock. The fix is in policy_cache_new to detect if the creation has happened already. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
RT#4557 Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Ben Laurie authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Ben Laurie authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Ben Laurie authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Ben Laurie authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Emilia Kasper authored
Port client auth tests to the new framework, add coverage. The old tests were only testing success, and only for some protocol versions; the new tests add all protocol versions and various failure modes. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
_ctr32 in function name refers to 32-bit counter, but it was implementing 64-bit one. This didn't pose problem to EVP, but 64-bit counter was just misleading. RT#4512 Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Jun 02, 2016
-
-
Rich Salz authored
This is needed to generate stable output names/symlinks. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
Include a note in INSTALL that tests must be run from an unprivileged process. Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Numerous test failures were occuring when Configured with enable-ubsan although they could all be traced back to one issue. Reviewed-by: Andy Polyakov <appro@openssl.org>
-
Dr. Stephen Henson authored
Also fixes -Wstrict-oveflow warning on this file. RT#4474 (partial) Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
Adapt util/process_docs.pl Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
The S symbol class wasn't checked. Notified by Sebastian Andrzej Siewior Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- Jun 01, 2016
-
-
Rich Salz authored
checkpoint before release. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
The set_reasons() function in v3_crld.c leaks a STACK_OF(CONF_VALUE) object on an error path. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
The int X509_PURPOSE_add() function was leaking an X509_PURPOSE object on error. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
The X509_TRUST_add() function was leaking an X509_TRUST object on error. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
The ASN1_item_pack() function was leaking an ASN1_STRING object on error paths. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
The ASN1_GENERALIZEDTIME_adj() function leaks an ASN1_GENERALIZEDTIME object on an error path. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
The v2i_POLICY_MAPPINGS() function leaked ASN1_OBJECT pointers on error paths. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
The notice_section() function allocates a STACK_OF(CONF_VALUE) but then fails to free it on an error path. Reviewed-by: Richard Levitte <levitte@openssl.org>
-