- 08 6月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Only applies to algorithms that support it. Both raw private and public keys can be obtained for X25519, Ed25519, X448, Ed448. Raw private keys only can be obtained for HMAC, Poly1305 and SipHash Fixes #6259 Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6394)
-
- 04 6月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
These were never made public so can just be deleted. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6386)
-
- 30 5月, 2018 1 次提交
-
-
由 Mingtao Yang 提交于
OpenSSL 1.1.0 made the X509_LOOKUP_METHOD structure opaque, so applications that were previously able to define a custom lookup method are not able to be ported. This commit adds getters and setters for each of the current fields of X509_LOOKUP_METHOD, along with getters and setters on several associated opaque types (such as X509_LOOKUP and X509_OBJECT). Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6152)
-
- 29 5月, 2018 5 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6371)
-
由 Dr. Matthias St. Pierre 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6290)
-
由 Dr. Matthias St. Pierre 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6290)
-
由 Dr. Matthias St. Pierre 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6290)
-
由 Dr. Matthias St. Pierre 提交于
amends 6db7fadfReviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6290)
-
- 27 5月, 2018 1 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
In commit 6decf943, fourteen public symbols were removed from util/libcrypto.num on the master branch and the following symbols renumbered. Unfortunately, the symbols `OCSP_resp_get0_signer` and `X509_get0_authority_key_id` were not adjusted accordingly on the OpenSSL_1_1_0-stable branch. This commit fixes the collision by doing a 'double swap'. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6278)
-
- 20 5月, 2018 2 次提交
-
-
由 Richard Levitte 提交于
This adds the possibility to exclude files by regexp in util/copy.pl Partial fix for #3254 Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6303)
-
由 Richard Levitte 提交于
--quiet stops warnings of this sort: Cannot find "BIO_read_ex" in podpath: cannot find suitable replacement path, cannot resolve link We know what causes these warnings, it's perfectly innocuous, and we don't want to hear it any more. Partial fix for #3254 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6304)
-
- 18 5月, 2018 1 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6273)
-
- 17 5月, 2018 3 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5227)
-
由 Matt Caswell 提交于
We send a session ticket automatically in TLSv1.3 at the end of the handshake. This commit provides the ability to set how many tickets should be sent. By default this is one. Fixes #4978 Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5227)
-
由 Richard Levitte 提交于
There are *roff parsers that are strict about the NAME section being one line only. The man(7) on Debian GNU/Linux suggests that this is appropriate, so we compensate our multi-line NAME sections by fixing the *roff output. Noted by Eric S. Raymond Related to #6264 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6268)
-
- 15 5月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Also retains support for drafts 27 and 26 Fixes #6257 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6258)
-
- 01 5月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Fixes #5061 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6139)
-
- 27 4月, 2018 2 次提交
-
-
由 Rich Salz 提交于
Add a script to find them in the future Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/6103)
-
由 Bernd Edlinger 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5964)
-
- 19 4月, 2018 4 次提交
-
-
由 Andy Polyakov 提交于
s_server -rev emits info output on stderr, i.e. unbufferred, which risks intermixing with output from TLSProxy itself on non-line boundaries, which in turn is confusing to TAP parser. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5975)
-
由 Andy Polyakov 提交于
(resolve uninitialized variable warning and harmonize output). Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5975)
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5975)
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5975)
-
- 18 4月, 2018 1 次提交
-
-
由 FdaSilvaYY 提交于
fix some indents, and restrict to 80 cols some lines. Reviewed-by: NBen Kaduk <kaduk@mit.edu> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4466)
-
- 15 4月, 2018 2 次提交
-
-
由 Andy Polyakov 提交于
Original condition was susceptible to race condition... Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5933)
-
由 Andy Polyakov 提交于
Bind even test/ssltest_old.c to loopback interface. This allows to avoid unnecessary alerts from Windows and Mac OS X firewalls. Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5933)
-
- 14 4月, 2018 1 次提交
-
-
由 Bernd Edlinger 提交于
Address the concern that commit c53c2fec raised differently. The original direction of the traffic is encoded in bit 0 of the flight number. Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5923)
-
- 13 4月, 2018 3 次提交
-
-
由 Richard Levitte 提交于
The scrypt and RSA-PSS documents were a mixture of section 3 and section 7 material. With pre-1.1.1 OpenSSL, this is understandable, since we had a different directory layout. With 1.1.1, we've moved to the typical man-page directory layout, and the documents need to be updated accordingly. Also, the scrypt document contained a description of EVP_PKEY_CTX_set1_pbe_pass(), which is a generic function rather than an scrypt specific function, and therefore should be documented separately. Fixes #5802 Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5942)
-
由 Andy Polyakov 提交于
The failure is "impossible", because we have confirmation that s_server listens, yet Mac OS X fails to connect. This avoids 10 minutes timeout on Travis CI. Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5907)
-
由 Andy Polyakov 提交于
On rare occasion 's_server | perl -ne print' can complete before corresponding waitpid, which on Windows can results in -1 return value. This is not an error, don't treat it like one. Collect even return value from s_server. Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5907)
-
- 11 4月, 2018 1 次提交
-
-
由 Richard Levitte 提交于
For test recipes that want to use the directory of the data directory or a subdirectory thereof, rather than just individual files. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5928)
-
- 08 4月, 2018 3 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5887)
-
由 Andy Polyakov 提交于
Original logic was "if no records found *or* last one is truncated, then leave complete records in queue." Trouble is that if we don't pass on complete records and get complete packet in opposite direction, then queued records will go back to sender. In other words complete records should always be passed on. [Possible alternative would be to match direction in reconstruct_record.] Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5887)
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5887)
-
- 05 4月, 2018 2 次提交
-
-
由 Matt Caswell 提交于
The GOST engine needs to be loaded before we initialise libssl. Otherwise the GOST ciphersuites are not enabled. However the SSL conf module must be loaded before we initialise libcrypto. Otherwise we will fail to read the SSL config from a config file properly. Another problem is that an application may make use of both libcrypto and libssl. If it performs libcrypto stuff first and OPENSSL_init_crypto() is called and loads a config file it will fail if that config file has any libssl stuff in it. This commit separates out the loading of the SSL conf module from the interpretation of its contents. The loading piece doesn't know anything about SSL so this can be moved to libcrypto. The interpretation of what it means remains in libssl. This means we can load the SSL conf data before libssl is there and interpret it when it later becomes available. Fixes #5809 Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5818)
-
由 Andy Polyakov 提交于
By asking for port 0, you get a free port dynamically assigned by OS. TLSProxy::Proxy now asks for 0 and asks s_server to do the same. The s_server's port is reported in "ACCEPT" line, which TLSProxy::Proxy parses and uses. Because the server port is now a random affair in TLSProxy::Proxy, it's no longer possible to change it with the method 'server_port', and it has become an accessor only. For the sake of orthogonality, so has the method 'server_addr'. Remove all fork calls on Windows, as fork is not to be trusted there. This naturally minimized amount of fork calls on POSIX systems, to 1. Sink s_server's output to 'perl -ne print' which ensures that output is written strictly in lines. This keeps TAP parser happy. Improve synchronization in -naccept +n cases by establishing next connection to s_server *after* s_client finishes instead of before it starts. Improve error handling and clean up some methods. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5843)
-
- 03 4月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5851)
-
- 31 3月, 2018 1 次提交
-
-
由 Richard Levitte 提交于
test/cipherlist_test.c is an internal consistency check, and therefore requires that the shared library it runs against matches what it was built for. test/recipes/test_cipherlist.t is made to refuse running unless library version and build version match. This adds a helper program test/versions.c, that simply displays the library and the build version. Partially fixes #5751 Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5753) (cherry picked from commit cde87deafa7486f26bdf954867a6d72ca4ea06e7)
-
- 30 3月, 2018 1 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
The RAND_DRBG API was added in PR #5462 and modified by PR #5547. This commit adds the corresponding documention. Reviewed-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5461)
-
- 29 3月, 2018 1 次提交
-
-
由 Vitezslav Cizek 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/5007)
-