- 03 7月, 2020 8 次提交
-
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12280)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12279)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12279)
-
由 Dr. David von Oheimb 提交于
Make the improved semantics of VFO replace the previous VF and remove VFO Add warnings about overriding use of HARNESS_VERBOSE* variables Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12279)
-
由 Richard Levitte 提交于
This line wasn't properly handled: SCRIPTS{misc,linkname=tsget}=tsget.pl It generated an attribute "linkname=tsget" with the value 1, instead of what it should have, an attribute "linkname" with the value "tsget". Fixes #12341 Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12344)
-
由 Jon Spillett 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12334)
-
由 Jakub Wilk 提交于
CLA: trivial Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12329)
-
由 Richard Levitte 提交于
'absolutedir' does a thorough job ensuring that we have a "real" path to both source and build directory, unencumbered by symbolic links. However, that isn't enough on case insensitive file systems on Unix flavored platforms, where it's possible to stand in, for example, /PATH/TO/Work/openssl, and then do this: perl ../../work/openssl/Configure ... and thereby having it look like the source directory and the build directory aren't the same. We solve this by having a closer look at the computed source and build directories, and making sure they are exactly the same strings if they are in fact the same directory. This is especially important when making symbolic links based on this directories, but may have other ramifications as well. Fixes #12323 Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12337)
-
- 02 7月, 2020 6 次提交
-
-
由 Nicola Tuveri 提交于
Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/12326)
-
由 Nicola Tuveri 提交于
We can run tests in parallel by setting the HARNESS_JOBS environment variable. Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/12326)
-
由 Nicola Tuveri 提交于
The environment variable `HARNESS_JOBS` can be used to control how many jobs to run in parallel. The default is still to run jobs sequentially. This commit does not define custom `rules`, and different versions of `TAP::Harness` come with different strategies regarding the default `rules` that define which test recipes can be run in parallel. In recent versions of Perl, unless specified otherwise any task can be run in parallel. Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/12326)
-
由 Nicola Tuveri 提交于
Fixes #12303 Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12304)
-
由 Miłosz Kaniewski 提交于
Usually it will be freed in tls_early_post_process_client_hello(). However if a ClientHello callback will be used and will return SSL_CLIENT_HELLO_RETRY then tls_early_post_process_client_hello() may never come to the point where pre_proc_exts is freed. Fixes #12194 CLA: trivial Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/12330)
-
由 Pauli 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12322)
-
- 01 7月, 2020 10 次提交
-
-
由 Matt Caswell 提交于
A number of the KDF reset functions were resetting a little too much Fixes #12225 Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12229)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
由 Dr. David von Oheimb 提交于
Move check that cert signing is allowed from x509v3_cache_extensions() to where it belongs: internal_verify(), generalize it for proxy cert signing. Correct and simplify check_issued(), now checking self-issued (not: self-signed). Add test case to 25-test_verify.t that demonstrates successful fix Fixes #1418 Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
由 Dr. David von Oheimb 提交于
candidate issuer cert cannot be the same as the subject cert 'x' Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
由 Dr. David von Oheimb 提交于
by adding CA basic constraints, CA key usage, and key IDs to the cert and by add -partial_chain to the verify call that trusts this cert Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
由 Dr. David von Oheimb 提交于
This prepares some corrections and improves readability (coding style). Among others, it adds the static function check_sig_alg_match() and the internal functions x509_likely_issued() and x509_signing_allowed(). Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10587)
-
- 30 6月, 2020 5 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12245) (cherry picked from commit 0c3d0247a7b16cf10d6d869f34b40aa833b79fd5)
-
由 Shane Lontis 提交于
Improper use of negative value (It just needs to pass zero instead of -1). Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12237)
-
由 Benny Baumann 提交于
Prior to this patch doing something like openssl s_client -dtls1 -tls1 ... could cause s_client to speak TLS on a UDP socket which does not normally make much sense. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12266)
-
由 Pauli 提交于
Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/12267)
-
由 Pauli 提交于
Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/12267)
-
- 29 6月, 2020 11 次提交
-
-
由 Rich Salz 提交于
Change default FIPS HMAC KEY from all-zero's Use default FIPSKEY if not given on command line. Make all -macopt in fipsinstall optional Make all tests, except fipsinstall, use the default -macopt and -mac_name flags. Define and use FIPSDIR variable on VMS/MMS. Also use SRCDIR/BLDDIR in SRCTOP/BLDTOP. Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12235)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12232)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12232)
-
由 Richard Levitte 提交于
Remove code in help_main() that duplicates the case when 'openssl' is called with no arguments, which is now handled in main(). Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12295)
-
由 Richard Levitte 提交于
Some configuration targets pretend to be for a specific compiler, but are more widely usable, and should reflect that. [work in progress] Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Richard Levitte 提交于
'config' is now a mere wrapper for backward compatibility. All documentation is changed accordingly. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Richard Levitte 提交于
These options were coded in util/perl/OpenSSL/config.pm, but that got removed when the OpenSSL::config::main() function was removed. We're not putting them back, but in 'Configure'. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Richard Levitte 提交于
There's no reason to have two different tables, when we can simply detect if the tuple elements are code or scalar. Furthermore, order is important in some cases, and that order is harder not to say impossible when maintaining two tables. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Richard Levitte 提交于
The strings we expand contain other variable references than just ${MACHINE}. Instead of having to remember what to expand, we simply evaluate the string as a, well, string. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Richard Levitte 提交于
Now that Configure called config.pm's functions directly, the 'config' script doesn't have much else to do than to pass arguments. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-
由 Richard Levitte 提交于
map_guess() is now table driven, just like get_system(). Additionally, it now takes a config hash table and returns one of its own. This way, 'Configure' can pass whatever it has already found to OpenSSL::config::get_platform(), and easily merge the returned hash table into its %config. This also gets rid of variables that we no longer need. That includes $PERL and all the $__CNF_ environment variables. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11230)
-