- 04 7月, 2020 6 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12339)
-
由 Richard Levitte 提交于
OpenSSL::config::guess_system() is supposed to return system triplets. However, for Windows and VMS, it returned the final OpenSSL config target instead. We move the entries for them to the table that OpenSSL::config::map_guess() uses, so it can properly convert the input triplet to an OpenSSL config target. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12339)
-
由 Matt Caswell 提交于
Thanks to Michael Mueller on the openssl-users list for the suggested improvement. Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12338)
-
由 Matt Caswell 提交于
[extended tests] Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12275)
-
由 Matt Caswell 提交于
If an empty password was supplied we ignored it and were trying to use the fallback method to read the password instead (i.e. read from stdin). However if that failed (which it always does if the cmp option -batch is used) then we were reporting that we had successfully read the password without actually setting one. Instead, if an empty password is explicitly provided we should use it. If no password is supplied explicitly and we have no fallback method then we assume the empty password. [extended tests] Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12275)
-
由 Matt Caswell 提交于
In HTTP_new_bio(), if the host has a trailing '/' we took a copy of the hostname but failed to terminate it properly. Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12275)
-
- 03 7月, 2020 9 次提交
-
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12280)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12280)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12279)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12279)
-
由 Dr. David von Oheimb 提交于
Make the improved semantics of VFO replace the previous VF and remove VFO Add warnings about overriding use of HARNESS_VERBOSE* variables Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12279)
-
由 Richard Levitte 提交于
This line wasn't properly handled: SCRIPTS{misc,linkname=tsget}=tsget.pl It generated an attribute "linkname=tsget" with the value 1, instead of what it should have, an attribute "linkname" with the value "tsget". Fixes #12341 Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12344)
-
由 Jon Spillett 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12334)
-
由 Jakub Wilk 提交于
CLA: trivial Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12329)
-
由 Richard Levitte 提交于
'absolutedir' does a thorough job ensuring that we have a "real" path to both source and build directory, unencumbered by symbolic links. However, that isn't enough on case insensitive file systems on Unix flavored platforms, where it's possible to stand in, for example, /PATH/TO/Work/openssl, and then do this: perl ../../work/openssl/Configure ... and thereby having it look like the source directory and the build directory aren't the same. We solve this by having a closer look at the computed source and build directories, and making sure they are exactly the same strings if they are in fact the same directory. This is especially important when making symbolic links based on this directories, but may have other ramifications as well. Fixes #12323 Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12337)
-
- 02 7月, 2020 6 次提交
-
-
由 Nicola Tuveri 提交于
Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/12326)
-
由 Nicola Tuveri 提交于
We can run tests in parallel by setting the HARNESS_JOBS environment variable. Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/12326)
-
由 Nicola Tuveri 提交于
The environment variable `HARNESS_JOBS` can be used to control how many jobs to run in parallel. The default is still to run jobs sequentially. This commit does not define custom `rules`, and different versions of `TAP::Harness` come with different strategies regarding the default `rules` that define which test recipes can be run in parallel. In recent versions of Perl, unless specified otherwise any task can be run in parallel. Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/12326)
-
由 Nicola Tuveri 提交于
Fixes #12303 Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12304)
-
由 Miłosz Kaniewski 提交于
Usually it will be freed in tls_early_post_process_client_hello(). However if a ClientHello callback will be used and will return SSL_CLIENT_HELLO_RETRY then tls_early_post_process_client_hello() may never come to the point where pre_proc_exts is freed. Fixes #12194 CLA: trivial Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/12330)
-
由 Pauli 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12322)
-
- 01 7月, 2020 10 次提交
-
-
由 Matt Caswell 提交于
A number of the KDF reset functions were resetting a little too much Fixes #12225 Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12229)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
由 Dr. David von Oheimb 提交于
Move check that cert signing is allowed from x509v3_cache_extensions() to where it belongs: internal_verify(), generalize it for proxy cert signing. Correct and simplify check_issued(), now checking self-issued (not: self-signed). Add test case to 25-test_verify.t that demonstrates successful fix Fixes #1418 Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
由 Dr. David von Oheimb 提交于
candidate issuer cert cannot be the same as the subject cert 'x' Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
由 Dr. David von Oheimb 提交于
by adding CA basic constraints, CA key usage, and key IDs to the cert and by add -partial_chain to the verify call that trusts this cert Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
由 Dr. David von Oheimb 提交于
This prepares some corrections and improves readability (coding style). Among others, it adds the static function check_sig_alg_match() and the internal functions x509_likely_issued() and x509_signing_allowed(). Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
- 30 6月, 2020 5 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12245) (cherry picked from commit 0c3d0247a7b16cf10d6d869f34b40aa833b79fd5)
-
由 Shane Lontis 提交于
Improper use of negative value (It just needs to pass zero instead of -1). Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12237)
-
由 Benny Baumann 提交于
Prior to this patch doing something like openssl s_client -dtls1 -tls1 ... could cause s_client to speak TLS on a UDP socket which does not normally make much sense. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12266)
-
由 Pauli 提交于
Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/12267)
-
由 Pauli 提交于
Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/12267)
-
- 29 6月, 2020 4 次提交
-
-
由 Rich Salz 提交于
Change default FIPS HMAC KEY from all-zero's Use default FIPSKEY if not given on command line. Make all -macopt in fipsinstall optional Make all tests, except fipsinstall, use the default -macopt and -mac_name flags. Define and use FIPSDIR variable on VMS/MMS. Also use SRCDIR/BLDDIR in SRCTOP/BLDTOP. Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12235)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12232)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12232)
-
由 Richard Levitte 提交于
Remove code in help_main() that duplicates the case when 'openssl' is called with no arguments, which is now handled in main(). Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12295)
-