- Aug 01, 2017
-
-
Pauli authored
Simplify the only test that uses this macro so it doesn't need it anymore. Clean up the formatting a little. Reviewed-by:
Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4034)
-
Andy Polyakov authored
"More" refers to the fact that we make active BIT_INTERLEAVE choice in some specific cases. Update commentary correspondingly. Reviewed-by:Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
Even though tm->length >= 15 && v[14] == '.' works in practice, [because "YYYYMMDDHHMMSS." would be rejected as invalid by asn1_time_to_tm,] formal correctness with respect to buffer overstep in few lines vicinity improves readability. [Also fold one if condition and improve expression readability.] Reviewed-by:
Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4058)
-
Paul Yang authored
Reviewed-by:
-
Paul Yang authored
Seems this documentation is not dead, so add this missing part Reviewed-by:
-
Ken Goldman authored
Document that the RSA_get0_ functions permit a NULL BIGNUM **. Those output parameters are ignored. Reviewed-by:
Paul Dale <paul.dale@oracle.com> Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4064)
-
Matt Caswell authored
In TLSv1.3 we can resume, but still get a new session. This adds a test to make sure that is happening. Reviewed-by:
Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4068)
-
Matt Caswell authored
If a new_session_cb is set then it was only ever getting invoked if !s->hit is true. This is sensible for <=TLSv1.2 but does not work for TLSv1.3. Fixes #4045 Reviewed-by:
-
Paul Yang authored
This is to address issue #3932. Support comma-separated string to specify what extensions to be displayed. Reviewed-by:
-
- Jul 31, 2017
-
-
Xiaoyin Liu authored
I scanned all files in the doc folder with a spell checker (https://github.com/EWSoftware/VSSpellChecker ). This patch (hopefully) corrected all spell errors that it found. Reviewed-by:
Tim Hudson <tjh@openssl.org> Reviewed-by:
-
Bernd Edlinger authored
The memory blocks contain secret data and must be cleared before returning to the system heap. Reviewed-by:
-
Todd Short authored
Some extensions were being displayed twice, before they were parsed, and again after they were parsed. The supported_versions extension was not being fully displayed, as it was processed differently than other extensions. Move the debug callback to where the extensions are first collected, to catch all the extensions as they come in, so they are ordered correctly. Reviewed-by:
-
David Benjamin authored
The names of these ciphers have an "SSL_" prefix, but the RFC names use "TLS_": https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4 This dates back to these ciphers being originally defined in SSLv3. As SSLv3 is on its way out anyway and this is a new set of APIs, consistently use the TLS names. Reviewed-by:
-
Xiaoyin Liu authored
TLS_ST_SR_NEXT_PROTO means "SSLv3/TLS read next proto" Fix typo in the message for TLS_ST_SW_CERT_STATUS Reviewed-by:
-
Xiaoyin Liu authored
I think it's better to use `GetFileAttributes` to obtain the attributes of a file than `FindFirstFile`. If the input name contains `*`, this function should return failure rather than check whether the first match happens to be a file or a directory. Reviewed-by:
Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/3991)
-
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
Reviewed-by: -
Andy Polyakov authored
[And move misplaced macros.] Reviewed-by: -
Xiaoyin Liu authored
Reviewed-by:
-
Paul Yang authored
Check time string format before parsing Reduce more duplicated code By involving asn1_time_to_tm, we can now get information we mostly need to print a time string. This follows what was discussed at https://github.com/openssl/openssl/pull/4001#discussion_r129092251 Reviewed-by:
-
- Jul 30, 2017
-
-
Xiaoyin Liu authored
Reviewed-by:
-
Xiaoyin Liu authored
Reviewed-by:
-
Paul Yang authored
To state the fractional seconds part will be lost in the conversion. Reviewed-by:
-
Xiaoyin Liu authored
Reviewed-by:
-
Xiaoyin Liu authored
Remove the function prototypes for ssl_cert_get0_next_certificate, ssl_set_default_md, tls1_shared_list, dtls1_send_newsession_ticket, tls1_ctrl, and tls1_callback_ctrl, all of which are not defined. It also changed the signature of the function pqueue_next to `pitem *pqueue_next(piterator *item)` in pqueue.c, making it match the prototype in ssl_locl.h. (`piterator *` is equivalent to `pitem **`.) Reviewed-by:
-
Xiaoyin Liu authored
This patch removes the prototype of function RECORD_LAYER_set_write_sequence from record_locl.h, since this function is not defined. Reviewed-by:
-
- Jul 29, 2017
-
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Add functions to enumerate public key methods. Add test to ensure table is in the correct order. Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Bernd Edlinger authored
and d2i_PKCS8PrivateKey_bio before it goes out of scope. Reviewed-by:
-
- Jul 28, 2017
-
-
Paul Yang authored
original problem: if a private key is invaild, nothing outputted. the error filter in apps/rsa.c is not working any more. Reviewed-by:
-
Paul Yang authored
Documentation and test cases are also updated Reviewed-by:
-
Paul Yang authored
Since this file is modified in PR #3934, so should be cleaned up incidentially. Reviewed-by:
-
