- 15 Mar, 2017 1 commit
-
-
Bernd Edlinger authored
Reviewed-by:
Richard Levitte <levitte@openssl.org> Reviewed-by:
Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2935) (cherry picked from commit 29d1fad7)
-
- 13 Mar, 2017 7 commits
-
-
Bernd Edlinger authored
and RSA_verify_PKCS1_PSS_mgf1 with 512-bit RSA vs. sha-512. Reviewed-by:
Andy Polyakov <appro@openssl.org> Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Andy Polyakov authored
Exteneded feature flags were not pulled on AMD processors, as result a number of extensions were effectively masked on Ryzen. Original fix for x86_64cpuid.pl addressed this problem, but messed up processor vendor detection. This fix moves extended feature detection past basic feature detection where it belongs. 32-bit counterpart is harmonized too. Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Matt Caswell authored
DTLSv1_listen() is stateless. We never increment the record read sequence while listening, and we reflect the incoming record's sequence number in our write sequence. The logic for doing the write sequence reflection was *after* we had finished processing the incoming ClientHello and before we write the ServerHello. In the normal course of events this is fine. However if we need to write an early alert during ClientHello processing (e.g. no shared cipher), then we haven't done the write sequence reflection yet. This means the alert gets written with the wrong sequence number (it will just be set to whatever value we left it in the last time we wrote something). If the sequence number is less than expected then the client will believe that the incoming alert is a retransmit and will therefore drop it, causing the client to hang waiting for a response from the server. Fixes #2886 Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2914)
-
- 12 Mar, 2017 1 commit
-
-
Matt Caswell authored
conf has the ability to expand variables in config files. Repeatedly doing this can lead to an exponential increase in the amount of memory required. This places a limit on the length of a value that can result from an expansion. Credit to OSS-Fuzz for finding this problem. Reviewed-by:
-
- 11 Mar, 2017 2 commits
-
-
Richard Levitte authored
This shouldn't have been applied to the 1.0.2 branch. This reverts commit 5247c038 . Reviewed-by:
Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2907)
-
Richard Levitte authored
It shouldn't try to return an action description for UIT_PROMPT type UI strings. Reviewed-by:
-
- 10 Mar, 2017 6 commits
-
-
Pauli authored
... in functions dealing with the SSL object rather than the context. Reviewed-by:
-
Bernd Edlinger authored
that refers to space deallocated by a call to the free function in tls_decrypt_ticket. Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
It was still generating EAY style source. Reviewed-by:
-
Richard Levitte authored
It was still generating EAY style source. Reviewed-by:
-
Matt Caswell authored
RSA_private_encrypt(), RSA_public_decrypt(), RSA_public_encrypt() and RSA_private_decrypt() are declared with a "const" from parameter, but this is not reflected in the docs. Reviewed-by:
-
- 09 Mar, 2017 2 commits
-
-
Pauli authored
even if run several times in a session. This amounts to moving the column counter so it isn't a function local static variable and reinitialising it each time. Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
- 08 Mar, 2017 2 commits
-
-
Pauli authored
to just the ciphers enc can process. This means no AEAD ciphers and no XTS mode. Reviewed-by:
-
Roberto Guimaraes authored
CLA: trivial Reviewed-by:
-
- 07 Mar, 2017 2 commits
-
-
Pauli authored
Reviewed-by:
-
Andy Polyakov authored
Exteneded feature flags were not pulled on AMD processors, as result a number of extensions were effectively masked on Ryzen. It should have been reported for Excavator since it implements AVX2 extension, but apparently nobody noticed or cared... Reviewed-by:
-
- 03 Mar, 2017 2 commits
-
-
Bernd Edlinger authored
Reviewed-by:
-
Pauli authored
explicitly state that the RSA cipher string means the same a kRSA. Reviewed-by:
-
- 28 Feb, 2017 1 commit
-
-
Rich Salz authored
Reviewed-by:
-
- 27 Feb, 2017 1 commit
-
-
Adrian Vollmer authored
...in the man page to reflect the actual default (2048 instead of 512) CLA: trivial Reviewed-by:
-
- 24 Feb, 2017 1 commit
-
-
Bernd Edlinger authored
Reviewed-by:
-
- 23 Feb, 2017 6 commits
-
-
Pauli authored
Reviewed-by:
-
Andy Polyakov authored
Travis OS X utilization and backlog statistics suggest that it became bottleneck for our integration builds with requests piling up for days during working days of the week. Suggestion is to remove osx till capacity is lesser issue. Reviewed-by:
-
Todd Short authored
If ret is allocated, it may be leaked on error. Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Andy Polyakov authored
pointers, except for minimal std[in|out|err]. (cherry picked from commit 800b299b ) Reviewed-by:
-
Rich Salz authored
Reviewed-by:
-
- 22 Feb, 2017 5 commits
-
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Rich Salz authored
Prevent that memory beyond the last element is accessed if every element of group->poly[] is non-zero Reviewed-by:
-
Richard Levitte authored
opendir(), readdir() and closedir() have been available on VMS since version 7.0. Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
- 21 Feb, 2017 1 commit
-
-
Dmitry Belyavskiy authored
Reviewed-by:
-
