- 29 9月, 2016 3 次提交
-
-
由 Richard Levitte 提交于
Before loading a key from an engine, it may need to be initialized. When done loading the key, we must de-initialize the engine. (if the engine is already initialized somehow, only the reference counter will be incremented then decremented) Reviewed-by: NStephen Henson <steve@openssl.org>
-
由 Rich Salz 提交于
This reverts commit 0a720029. This fails to call ENGINE_finish; an alternate fix is forthcoming. Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
由 David Woodhouse 提交于
When I said before that s_client "used to work in 1.0.2" that was only partly true. It worked for engines which provided a default generic method for some key type, because it called ENGINE_set_default() and that ended up being an implicit initialisation and functional refcount. But an engine which doesn't provide generic methods doesn't get initialised, and then when you try to use it you get an error: cannot load client certificate private key file from engine 140688147056384:error:26096075:engine routines:ENGINE_load_private_key:not initialised:crypto/engine/eng_pkey.c:66: unable to load client certificate private key file cf. https://github.com/OpenSC/libp11/issues/107 (in which we discover that engine_pkcs11 *used* to provide generic methods that OpenSSL would try to use for ephemeral DH keys when negotiating ECDHE cipher suites in TLS, and that didn't work out very well.) Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1639)
-
- 22 9月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Change code so when switching on an enumeration, have case's for all enumeration values. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 21 9月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 16 9月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 22 8月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Add mutable versions of X509_get0_notBefore and X509_get0_notAfter. Rename X509_SIG_get0_mutable to X509_SIG_getm. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 20 8月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Update certificate and CRL time routines to match new standard. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 19 8月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 18 8月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 17 8月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 16 8月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Deprecate the function ASN1_STRING_data() and replace with a new function ASN1_STRING_get0_data() which returns a constant pointer. Update library to use new function. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 20 7月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Fix some indentation at the same time Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1292)
-
- 29 6月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1264)
-
- 16 6月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NStephen Henson <steve@openssl.org> Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
- 01 6月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 27 5月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
On Windows we were using the function _kbhit() to determine whether there was input waiting in stdin for us to read. Actually all this does is work out whether there is a keyboard press event waiting to be processed in the input buffer. This only seems to work in a standard Windows console (not Msys console) and also doesn't work if you redirect the input from some other source (as we do in TLSProxy tests). This commit changes things to work differently depending on whether we are on the Windows console or not. RT#4255 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 20 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Rename sk_xxx to OPENSSL_sk_xxx and _STACK to OPENSSL_STACK Rename lh_xxx API to OPENSSL_LH_xxx and LHASH_NODE to OPENSSL_LH_NODE Make lhash stuff opaque. Use typedefs for function pointers; makes the code simpler. Remove CHECKED_xxx macros. Add documentation; remove old X509-oriented doc. Add API-compat names for entire old API Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
- 19 5月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
Also adds 'esc_2254' to the possible command line name options RT#1466 Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 18 5月, 2016 2 次提交
-
-
由 FdaSilvaYY 提交于
Discard useless static engine_id Add a const qualifier Fix some spelling Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 17 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 12 5月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
RT#4403 Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 09 5月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
No code change Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 29 4月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/952)
-
- 27 4月, 2016 1 次提交
-
-
由 Ben Laurie 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 20 4月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Windows "select" only works for sockets so don't use it to wait for async. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 18 4月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Give the API new names, document it. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 05 4月, 2016 2 次提交
-
-
由 Rich Salz 提交于
This reverts commit 620d540b. It wasn't reviewed. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 FdaSilvaYY 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 31 3月, 2016 2 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Richard Levitte 提交于
setbuf() is only for 32-bit pointers. If compiled with /POINTER_SIZE=64, we get a nasty warning about possible loss of data. However, since the only pointer used in the call is a FILE *, and the C RTL shouldn't give us a pointer above the first 4GB, it's safe to turn off the warning for this call. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 22 3月, 2016 2 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Misc fixes for no-sock Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 18 3月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 11 3月, 2016 1 次提交
-
-
由 Rob Percival 提交于
Reviewed-by: NEmilia Käsper <emilia@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 10 3月, 2016 1 次提交
-
-
由 Rob Percival 提交于
Reviewed-by: NEmilia Käsper <emilia@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 08 3月, 2016 1 次提交
-
-
由 Todd Short 提交于
* Perform ALPN after the SNI callback; the SSL_CTX may change due to that processing * Add flags to indicate that we actually sent ALPN, to properly error out if unexpectedly received. * clean up ssl3_free() no need to explicitly clear when doing memset * document ALPN functions Signed-off-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
- 04 3月, 2016 1 次提交
-
-
由 Rob Percival 提交于
Reviewed-by: NBen Laurie <ben@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 29 2月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Implementation experience has shown that the original plan for async wait fds was too simplistic. Originally the async logic created a pipe internally and user/engine code could then get access to it via API calls. It is more flexible if the engine is able to create its own fd and provide it to the async code. Another issue is that there can be a lot of churn in the fd value within the context of (say) a single SSL connection leading to continually adding and removing fds from (say) epoll. It is better if we can provide some stability of the fd value across a whole SSL connection. This is problematic because an engine has no concept of an SSL connection. This commit refactors things to introduce an ASYNC_WAIT_CTX which acts as a proxy for an SSL connection down at the engine layer. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-