- Jan 25, 2018
-
-
Benjamin Kaduk authored
Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5068)
-
Benjamin Kaduk authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5152)
-
Bernd Edlinger authored
Reviewed-by:
-
- Jan 24, 2018
-
-
Christian Heimes authored
The getters for min and max proto version wrongly passed NULL instead of 0 as third argument to SSL_ctrl() and SSL_CTX_ctrl(). The third argument is not used, but the error results in a compiler warning: warning: passing argument 3 of ‘SSL_CTX_ctrl’ makes integer from pointer without a cast [-Wint-conversion] int v = SSL_CTX_get_max_proto_version(self->ctx); See https://github.com/openssl/openssl/pull/4364 Signed-off-by:
Christian Heimes <christian@python.org> Reviewed-by:
Kurt Roeckx <kurt@roeckx.be> Reviewed-by:
Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/5128)
-
Steffan Karger authored
When using the SSL_CTX_get_min_min_version macro while compiling with -Wall, my compiler rightfully complains about this construction: warning: passing argument 3 of ‘SSL_CTX_ctrl’ makes integer from pointer without a cast [-Wint-conversion] These macro's should use 0, instead of NULL, for the third argument, like most other SSL_CTX_ctrl 'get' wrappers do. CLA: trivial Signed-off-by:
Steffan Karger <steffan.karger@fox-it.com> Reviewed-by:
-
David Cooper authored
Reviewed-by:
-
David Cooper authored
Correct error return value in OCSP_basic_sign(). Reviewed-by:
-
David Cooper authored
Reviewed-by:
-
David Cooper authored
Make editorial changes suggested by Rich Salz and add the -rsigopt option to the man page for the ocsp command. Reviewed-by:
-
David Cooper authored
Add a -rsigopt option to the ocsp command that allows signature parameters to be provided for the signing of OCSP responses. The parameters that may be provided to -rsigopt are the same as may be provided to -sigopt in the ca, req, and x509 commands. This PR also defines a OCSP_basic_sign_ctx() function, which functions in the same way as OCSP_basic_sign(), except that it accepts a EVP_MD_CTX rather than a key and digest. The OCSP_basic_sign_ctx() function is used to implement the -rsigopt option in the ocsp command. Reviewed-by:
-
Todd Short authored
Reviewed-by:
Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Probably this is the CCS between the first and second ClientHellos. It should be ignored. Reviewed-by:
-
Matt Caswell authored
Fixes #4283 Reviewed-by:
-
Matt Caswell authored
Fixes some bugs identified during testing. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
This enables sending and receiving of the TLSv1.3 cookie on the server side as appropriate. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
This just adds the various extension functions. More changes will be required to actually use them. Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
We incorrectly assumed that explicit dependencies meant that the source directory would be added for inclusion. However, if the dependent file is generated, it's stored in the build directory, and that should be used for inclusion rather than the source directory. Reviewed-by:
-
Richard Levitte authored
This ensures that only one set of includes is associated with each object file, reagardless of where it's used. For example, if apps/build.info has this: SOURCE[openssl]=foo.c INCLUDE[openssl]=.. ../include and test/build.info has this: SOURCE[footest]=../apps/foo.c INCLUDE[footest]=../include The inclusion directories used for apps/foo.o would differ depending on which program's dependencies get generated first in the build file. With this change, all those INCLUDEs get combined into one set of inclusion directories tied to the object file. Reviewed-by:
-
- Jan 23, 2018
-
-
Pauli authored
Support added for these two digests, available only via the EVP interface. Reviewed-by:
-
Richard Levitte authored
EVP_PKEY_asn1_find_str() would search through standard asn1 methods first, then those added by the application, which EVP_PKEY_asn1_find() worked the other way around. Also, EVP_PKEY_asn1_find_str() didn't handle aliases. This change brings EVP_PKEY_asn1_find_str() closer to EVP_PKEY_asn1_find(). Fixes #5086 Reviewed-by:
-
Richard Levitte authored
This reverts commit d85722d3 . Reviewed-by:
-
Benjamin Kaduk authored
The 'loop' variable is only used if EC is available. Reviewed-by:
-
Rich Salz authored
Thanks to Nicolas Schodet for pointing this out. Reviewed-by:
Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5141)
-
Richard Levitte authored
Since libssl requires libcrypto and libcrypto.pc already has Libs.private set exactly the same, there's no reason to repeat it in libssl.pc. Reviewed-by:
-
Richard Levitte authored
Even -pthread gets treated that way. The reason to do this is so it ends up in 'Libs.private' in libcrypto.pc. Fixes #3884 Reviewed-by:
-
- Jan 22, 2018
-
-
Richard Levitte authored
Fixes #5143 Reviewed-by:
-
Rich Salz authored
Thanks to David Vernet for reporting this. Reviewed-by:
-
Richard Levitte authored
That inclusion turned out to be completely unnecessary [extended tests] Reviewed-by:
-
Rich Salz authored
Based on code from Matthias Ballreich, Steve Henson, and Wolf Tobias. Reviewed-by:
-
Richard Levitte authored
This includes unnecessary use of the top as inclusion directory Reviewed-by:
-
