- Apr 15, 2016
-
-
Rich Salz authored
Make X509_OBJECT, X509_STORE_CTX, X509_STORE, X509_LOOKUP, and X509_LOOKUP_METHOD opaque. Remove unused X509_CERT_FILE_CTX Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
Richard Levitte authored
To begin with, the default should have been the import library, not the DLL itself. However, we don't know what directory it's installed in either way, so we may as well demand the full path from the user Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
- Apr 14, 2016
-
-
Matt Caswell authored
Update the Travis and Appveyor builds to explicitly state no-shared where applicable. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
In most cases we expect that people will be using shared libraries not static ones, therefore we make that the default. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Travis identified a problem with freeing the ex_data locks which wasn't quite right in ff234405 . Trying to fix it identified a further problem: the ex_data locks are cleaned up by OPENSSL_cleanup(), which is called explicitly by CRYPTO_mem_leaks(), but then later the BIO passed to CRYPTO_mem_leaks() is freed. An attempt is then made to use the ex_data lock already freed. Reviewed-by: Tim Hudson <tjh@openssl.org>
-
Jérôme Duval authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Richard Levitte authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
-
Matt Caswell authored
no-stdio does not work with the apps. Since the tests also need the apps it doesn't support that either. Therefore we disable building of both. no-autoalginit is not compatible with the apps because it requires explicit loading of the algorithms, and the apps don't do that. Therefore we disable building the apps for this option. Similarly the tests depend on the apps so we also disable the tests. Finally the whole point about no-autoalginit is to avoid excessive executable sizes when doing static linking. Therefore we disable "shared" if this option is selected. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Running a "make update" wanted to add err_cleanup to libcrypto.num which is wrong. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Lyon Chen authored
Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
Some locks were not being properly cleaned up during close down. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Shlomi Fish authored
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Matt Caswell authored
During Configure we attempt to check the kernel version of this platform to see whether we can compile the AFALG engine. If the kernel version looks recent enough then we enable AFALG. However when we compile e_afalg.c we check the version of the linux headers. If there is a mismatch between the linux headers and the currently running kernel then we don't compile the AFLAG engine and continue. This was causing a link error. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Viktor Dukhovni authored
Introduced in: commit 79c7f74d Author: Ben Laurie <ben@links.org> Date: Tue Mar 29 19:37:57 2016 +0100 Fix buffer overrun in ASN1_parse(). Problem input: https://tools.ietf.org/html/draft-ietf-curdle-pkix-eddsa-00#section-8.1 -----BEGIN PUBLIC KEY----- MC0wCAYDK2VkCgECAyEAGb9ECWmEzf6FQbrBZ9w7lshQhqowtrbLDFw4rXAxZuE= -----END PUBLIC KEY----- Previously: 0:d=0 hl=2 l= 45 cons: SEQUENCE 2:d=1 hl=2 l= 8 cons: SEQUENCE 4:d=2 hl=2 l= 3 prim: OBJECT :1.3.101.100 9:d=2 hl=2 l= 1 prim: ENUMERATED :02 Error in encoding 140735164989440:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:../openssl/crypto/asn1/asn1_lib.c:148: Now: 0:d=0 hl=2 l= 45 cons: SEQUENCE 2:d=1 hl=2 l= 8 cons: SEQUENCE 4:d=2 hl=2 l= 3 prim: OBJECT :1.3.101.100 9:d=2 hl=2 l= 1 prim: ENUMERATED :02 12:d=1 hl=2 l= 33 prim: BIT STRING 0000 - 00 19 bf 44 09 69 84 cd-fe 85 41 ba c1 67 dc 3b ...D.i....A..g.; 0010 - 96 c8 50 86 aa 30 b6 b6-cb 0c 5c 38 ad 70 31 66 ..P..0....\8.p1f 0020 - e1 . Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Viktor Dukhovni authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
- Apr 13, 2016
-
-
Matt Caswell authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Document removal of no-aes, no-hmac, no-rsa, no-sha and no-md5. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
Update the config options documentation based on feedback. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
There were a lot of options missing from INSTALL. This adds descriptions for them. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
no-hmac is no longer an option so remove OPENSSL_NO_HMAC guards. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
no-sha is no longer an option so remove OPENSSL_NO_SHA guards. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
no-aes is no longer a Configure option and therefore the OPENSSL_NO_AES guards can be removed. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Matt Caswell authored
These algorithms are fundamental and extensively used. The "no-" options do not work either in 1.1.0 or in other released branches. Therefore the ability to disable them should be removed. Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Rich Salz authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Dr. Stephen Henson authored
The check_defer() function was used to ensure that EVP_cleanup() was always called before OBJ_cleanup(). The new cleanup code ensures this so it is no longer needed. Remove obj_cleanup() call in OID config module: it is not needed any more either. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Don't expose purely libcrypto internal symbols, even to libssl. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Andy Polyakov authored
Reviewed-by: Richard Levitte <levitte@openssl.org>
-
Richard Levitte authored
When compressing, the output / input is a binary format, not a text format like BASE64. This is important on Windows, where a ^Z in a text file is seen as EOF, and there could be a ^Z somewhere in a compressed file, cutting it short as input. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
The handling was Unix centric, already in Configure. Change that to just collect the value and let the build file templates figure out what to do with it. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Instead of absolute hard coding of the libz library name, have it use the macro LIBZ, which is set to defaults we know in case it's undefined. This allows our configuration to set something that's sane on current or older platforms, and allows the user to override it by defining LIBZ themselves. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
Reviewed-by: Matt Caswell <matt@openssl.org>
-
Richard Levitte authored
The macros ZLIB and ZLIB_SHARED weren't appropriately defined, deviating wrongly from how they worked in earlier OpenSSL versions. So, restore it so that ZLIB is defined if configured "enable-zlib" and so that ZLIB and ZLIB_SHARED are defined if configured "enable-zlib-dynamic". Additionally, correct the interpretation of the --with-zlib-lib value on Windows and VMS, where it's used to indicate the actual zlib zlib library file / logical name, as that can differ depending on zlib version and packaging on those platforms. Finally for Windows and VMS, we also define the macro LIBZ with that file name / logical name when configured "zlib-dynamic", so the compression unit can pick it up and use it. Reviewed-by: Matt Caswell <matt@openssl.org>
-
Matt Caswell authored
The above config options were failing in test_ssl_old. Reviewed-by: Richard Levitte <levitte@openssl.org>
-