- 28 4月, 2021 6 次提交
-
-
由 Tomas Mraz 提交于
It is possible for the stack of X509_OBJECTs held in an X509_STORE_CTX to have a custom compare function associated with it. Normally (by default) this uses X509_NAME_cmp(). The X509_STORE_CTX_get1_issuer() function assumed that it would always be X509_NAME_cmp(). By implementing OPENSSL_sk_find_all() function we can avoid explicitly using X509_NAME_cmp() in X509_STORE_CTX_get1_issuer(). Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14728)
-
由 Jon Spillett 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15041)
-
由 Tomas Mraz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15028)
-
由 Tomas Mraz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15028)
-
由 Tomas Mraz 提交于
Fixes #14198 Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15028)
-
由 Rich Salz 提交于
Fixes: 13562 Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15035)
-
- 27 4月, 2021 11 次提交
-
-
由 Andreas Schwab 提交于
CLA: trivial Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15023)
-
由 Shane Lontis 提交于
Fixes #14667 Reworked test supplied by @smcpeak into a unit test. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14938) (cherry picked from commit 7c65179ad95d0f6f598ee82e763fce2567fe5802)
-
由 Richard Levitte 提交于
The 'sn' and 'ln' strings may be dynamically allocated, and the ASN1_OBJECT flags have a bit set to say this. If an ASN1_OBJECT with such strings is passed to d2i_ASN1_OBJECT() for reuse, the strings must be freed, or there is a memory leak. Fixes #14667 Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14938) (cherry picked from commit 65b88a75921533ada8b465bc8d5c0817ad927947)
-
由 Paul Kehrer 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15018)
-
由 Paul Kehrer 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15018)
-
由 Paul Kehrer 提交于
This is used with the pyca/cryptography test suite Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15018)
-
由 Paul Kehrer 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15018)
-
由 Tanzinul Islam 提交于
Commit 6b297840 exposed a bug with C++Builder's Clang-based compilers, which cause inline function definitions in C translation units to not be found by the linker. Disable the inclusion of the triggering header. Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15025)
-
由 Shane Lontis 提交于
The replacement functions EVP_PKEY_eq() and EVP_PKEY_parameters_eq() already exist. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/14997)
-
由 Shane Lontis 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14936)
-
由 Shane Lontis 提交于
Fix dh_rfc5114 option in genpkey. Fixes #14145 Fixes #13956 Fixes #13952 Fixes #13871 Fixes #14054 Fixes #14444 Updated documentation for app to indicate what options are available for DH and DHX keys. DH and DHX now have different keymanager gen_set_params() methods. Added CHANGES entry to indicate the breaking change. Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14883)
-
- 26 4月, 2021 2 次提交
-
-
由 Tomas Mraz 提交于
Fixes #14701 Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14898)
-
由 Klaas van Schelven 提交于
`openssl verify` silently ignores any but the first certificate in the `certificates` argument. See #14675 Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14754)
-
- 25 4月, 2021 2 次提交
-
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14970)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14970)
-
- 24 4月, 2021 4 次提交
-
-
由 Richard Levitte 提交于
Some keys with groups that aren't supported by FIPS were still used for Derive stanzas, even when testing with the FIPS provider. This was due to the flaw in evp_keymgmt_util_try_import() that meant that even though the key was invalid for FIPS, it could still come through, because the imported keydata wasn't cleared on import error. With that flaw corrected, these few Derive stanzas start failing. We mitigate this by making of "offending" Derive stanzas only available with the default provider. Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/15008)
-
由 Richard Levitte 提交于
We do here like in all other decoder implementations, drop all errors that were caused by a failing asn1_d2i_read_bio(), as it's most likely to mean that the input isn't DER, and another decoder implementation, if there is any left, should have a go. Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/15008)
-
由 Richard Levitte 提交于
The diverse variants of try_XXX() were filtering errors independently of each other. It's better done in ossl_store_handle_load_result() itself, where we have control over the overall success and failure of the attempts. Fixes #14973 Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/15008)
-
由 Richard Levitte 提交于
If evp_keymgmt_util_try_import() allocated keydata, and the import itself fails, it should deallocate keydata. Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/15008)
-
- 23 4月, 2021 13 次提交
-
-
由 Richard Levitte 提交于
This file is outside the source tree, so we have no business removing it. This is especially concerning if that was the tarball the user had to create the source tree. Fixes #14981 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14985)
-
由 Pauli 提交于
One of the KDFs and one of the MACs use DES as an underlying algorithm in some tests. Separate these out into their own files which are conditionally excluded. Fixes #14958 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14975)
-
由 Pauli 提交于
Fixes #14958 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14975)
-
由 Pauli 提交于
In this case, there was a slight different error output format that wasn't being accounted for in the error test. Fixes #14961 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14976)
-
由 Pauli 提交于
With this option, the openssl command line tool is not created. Without that it is impossible to create the fipsmodule.cnf file that the tests would otherwise depend upon. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14979)
-
由 Pauli 提交于
The TLS curves test strong assumes that TLS 1.2 and TLS 1.3 are present. It is only conditioned out if TLS 1.2 isn't. This changes also conditions it out if TLS 1.3 isn't present. Fixes ##14965 Reviewed-by: NBen Kaduk <kaduk@mit.edu> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14978)
-
由 Pauli 提交于
The evp_extra_test program was trying to validate these curves when they were not build. Fixes #14959 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14977)
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14942)
-
由 Dr. Matthias St. Pierre 提交于
Fixes #14968 Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14969)
-
由 Randall S. Becker 提交于
Fixes #14931. Signed-off-by: NRandall S. Becker <rsbecker@nexbridge.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/14932)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14967)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14971)
-
由 Rich Salz 提交于
Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14943)
-
- 22 4月, 2021 2 次提交
-
-
由 Niclas Rosenvik 提交于
Some compilers(g++ on Solaris/Illumos) define __STDC__VERSION__ in c++ . This causes c++ code that uses openssl to break on these compilers since _Noreturn is not a keyword in c++ . CLA: trivial Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14944)
-
由 Rich Salz 提交于
Fixes: #13904 Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14946)
-