Commits · f5b798f50c83bed58d90f940e427552b97eddcb7 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Jul 20, 2014
- Add GHASH for PowerISA 2.0.7. · f5b798f5
  Andy Polyakov authored Jul 20, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  f5b798f5
Jul 19, 2014

Dr. Stephen Henson authored Jul 19, 2014



Add cmac.h to mkdef.pl
Remove ENGINE_load_rsax from engine.h: no longer built.
Update ordinals
Reviewed-by: Tim Hudson <tjh@openssl.org>

03c075e5

Fix documentation for RSA_set_method(3) · f8c03d4d
Dr. Stephen Henson authored Jul 19, 2014
```
PR#1675
Reviewed-by: Matt Caswell <matt@openssl.org>
```
f8c03d4d
Check the test registry size during add_test() · b2e50bcd
Mike Bland authored Jul 17, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
b2e50bcd

Update heartbeat_test #includes · 50bba685

Mike Bland authored Jun 18, 2014

ssl/ssl_locl.h now comes first to ensure that it will compile standalone.
test/testutil.h is considered to be in the same directory as the test file,
since the test file will be linked into test/ and built there.

Reviewed-by: Tim Hudson <tjh@openssl.org>

50bba685

Use testutil registry in heartbeat_test · 6017a551
Mike Bland authored Jul 15, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
6017a551

test/testutil.c test registry functions. · 5e3de8e6

Mike Bland authored Jun 19, 2014



These help standardize the structure of main() and result reporting.

Reviewed-by: Tim Hudson <tjh@openssl.org>

5e3de8e6

Jul 18, 2014

RFC 5649 support. · d31fed73

Dr. Stephen Henson authored Jul 18, 2014



Add support for RFC5649 key wrapping with padding.

Add RFC5649 tests to evptests.txt

Based on PR#3434 contribution by Petr Spacek <pspacek@redhat.com>.

EVP support and minor changes added by Stephen Henson.

Doxygen comment block updates by Tim Hudson.

Reviewed-by: Tim Hudson <tjh@openssl.org>

d31fed73

Jul 17, 2014
- Make *Final work for key wrap again. · 58f4698f
  Dr. Stephen Henson authored Jul 17, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  58f4698f
- Sanity check lengths for AES wrap algorithm. · d12eef15
  Dr. Stephen Henson authored Jul 17, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  d12eef15
- Fix typo, add reference. · d48e78f0
  Jeffrey Walton authored Jul 17, 2014
```
PR#3456
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
```
  d48e78f0
Jul 16, 2014
- Disabled XTS mode in enc utility as it is not supported · 2097a17c
  Matt Caswell authored Jul 13, 2014
```
PR#3442

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  2097a17c
- Revert "Add GHASH for PowerISA 2.07." · e91718e8
  Andy Polyakov authored Jul 16, 2014
```
This reverts commit 927f2e5d.
```
  e91718e8
- Revert "Engage GHASH for PowerISA 2.07." · 6cd13f70
  Andy Polyakov authored Jul 16, 2014
```
This reverts commit 14aaf883.
```
  6cd13f70
- Engage GHASH for PowerISA 2.07. · 14aaf883
  Andy Polyakov authored Jul 16, 2014
  
  14aaf883
- Add GHASH for PowerISA 2.07. · 927f2e5d
  Andy Polyakov authored Jul 16, 2014
  
  927f2e5d
Jul 15, 2014
- Add Matt Caswell's fingerprint, and general update on the fingerprints file to bring it up to date · 3bd54819
  Matt Caswell authored Jul 15, 2014
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
  3bd54819
- Clarify -Verify and PSK. · ca2015a6
  Dr. Stephen Henson authored Jul 15, 2014
```
PR#3452
```
  ca2015a6
- Fix DTLS certificate requesting code. · c8d710dc
  Dr. Stephen Henson authored Jul 15, 2014
```
Use same logic when determining when to expect a client
certificate for both TLS and DTLS.

PR#3452
```
  c8d710dc
- Don't allow -www etc options with DTLS. · 199772e5
  Dr. Stephen Henson authored Jul 15, 2014
```
The options which emulate a web server don't make sense when doing DTLS.
Exit with an error if an attempt is made to use them.

PR#3453
```
  199772e5
- Merge branch 'master' of git.openssl.org:openssl · 6c0a1e2f
  Rich Salz authored Jul 15, 2014
  
  6c0a1e2f
Jul 14, 2014
- Use case insensitive compare for servername. · 1c3e9a7c
  Dr. Stephen Henson authored Jul 14, 2014
```
PR#3445
```
  1c3e9a7c
- document -nextprotoneg option in man pages · 7efd0e77
  Hubert Kario authored Jun 06, 2014
```
Add description of the option to advertise support of
Next Protocol Negotiation extension (-nextprotoneg) to
man pages of s_client and s_server.

PR#3444
```
  7efd0e77
- Use more common name for GOST key exchange. · ec5a992c
  Dr. Stephen Henson authored Jul 14, 2014
  
  ec5a992c
- Fix typo. · aa224e97
  Dr. Stephen Henson authored Jul 14, 2014
  
  aa224e97
- Add tags/TAGS; approved by tjh · 9d6253cf
  Rich Salz authored Jul 14, 2014
  
  9d6253cf
Jul 13, 2014
- Fixed valgrind complaint due to BN_consttime_swap reading uninitialised data. · f8571ce8
  Matt Caswell authored Jul 10, 2014
```
This is actually ok for this function, but initialised to zero anyway if
PURIFY defined.

This does have the impact of masking any *real* unitialised data reads in bn though.

Patch based on approach suggested by Rich Salz.

PR#3415
```
  f8571ce8
- Add names of GOST algorithms. · 924e5eda
  Peter Mosmans authored Jul 13, 2014
```
PR#3440
```
  924e5eda
- * crypto/ui/ui_lib.c: misplaced brace in switch statement. · 8b5dd340
  Richard Levitte authored Jul 13, 2014
```
  Detected by dcruette@qualitesys.com
```
  8b5dd340
Jul 10, 2014
- Don't clean up uninitialised EVP_CIPHER_CTX on error (CID 483259). · c1d1b011
  Ben Laurie authored Jul 10, 2014
  
  c1d1b011
Jul 09, 2014
- Fix memory leak in BIO_free if there is no destroy function. · 66816c53
  Matt Caswell authored Jul 09, 2014
```
Based on an original patch by Neitrino Photonov <neitrinoph@gmail.com>

PR#3439
```
  66816c53
- x86_64 assembly pack: improve masm support. · 1b0fe79f
  Andy Polyakov authored Jul 09, 2014
  
  1b0fe79f
Jul 08, 2014
- Please Clang's sanitizer, addendum. · d11c70b2
  Andy Polyakov authored Jul 08, 2014
  
  d11c70b2
- Please Clang's sanitizer. · 021e5043
  Andy Polyakov authored Jul 08, 2014
```
PR: #3424,#3423,#3422
```
  021e5043
Jul 07, 2014
- apps/speed.c: fix compiler warnings in multiblock_speed(). · c4f8efab
  Andy Polyakov authored Jul 07, 2014
  
  c4f8efab
- sha[1|512]-x86_64.pl: fix logical errors with $shaext=0. · 07b635cc
  Andy Polyakov authored Jul 07, 2014
  
  07b635cc
- Prevent infinite loop loading config files. · 9d23f422
  David Lloyd authored Jul 07, 2014
```
PR#2985
```
  9d23f422
- Improve X509_check_host() documentation. · b73ac027
  Viktor Dukhovni authored Jul 07, 2014
```
Based on feedback from Jeffrey Walton.
```
  b73ac027
- Update API to use (char *) for email addresses and hostnames · 297c67fc
  Viktor Dukhovni authored Jul 07, 2014
```
Reduces number of silly casts in OpenSSL code and likely most
applications.  Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().
```
  297c67fc
Jul 06, 2014
- Usage for -hack and -prexit -verify_return_error · ee724df7
  Dr. Stephen Henson authored Jul 06, 2014
  
  ee724df7