- 25 5月, 2021 14 次提交
-
-
由 Jan Lana 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15439)
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15433)
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15433)
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15433)
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15433)
-
由 Pauli 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15365)
-
由 Pauli 提交于
Fixes #15133 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15365)
-
由 Richard Levitte 提交于
'openssl req' was still using old APIs that could only deal with EVP_PKEY_ASN1_METHOD based EVP_PKEYs. Now modified to use more generic functions that can handle all forms of EVP_PKEY, this app should be ready for the future. Fixes #15388 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15400)
-
由 Pauli 提交于
Fixes #12342 Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15427)
-
由 Pauli 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15427)
-
由 Pauli 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15427)
-
由 Shane Lontis 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15149)
-
由 Rich Salz 提交于
Add missing file/line args and call it engine_table_select Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15419)
-
由 Richard Levitte 提交于
This time noticed in OSSL_trace_set_channel.pod, and it turned out to be easy to mention the public functions affected instead. Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15422)
-
- 24 5月, 2021 19 次提交
-
-
由 Juergen Christ 提交于
Compiling under -Werror fails in gf_serialize: crypto/ec/curve448/f_generic.c:21:27: error: argument 1 of type 'uint8_t[56]' {aka 'unsigned char[56]'} with mismatched bound [-Werror=array-parameter=] 21 | void gf_serialize(uint8_t serial[SER_BYTES], const gf x, int with_hibit) | ~~~~~~~~^~~~~~~~~~~~~~~~~ In file included from crypto/ec/curve448/f_generic.c:12: crypto/ec/curve448/field.h:65:28: note: previously declared as 'uint8_t *' {aka 'unsigned char *'} void gf_serialize(uint8_t *serial, const gf x, int with_highbit); ~~~~~~~~~^~~~~~ Changed parameter to pointer to fix this warning. Signed-off-by: NJuergen Christ <jchrist@linux.ibm.com> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15376)
-
由 Richard Levitte 提交于
We have reports that some are using example.com in their /etc/hosts for testing purposes, so we can't necessarily assume that those will fail. We fix it by using "random" hosts in that domain. Fixes #15395 Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15398)
-
由 Florian Mickler 提交于
If index.txt exists but has some problems (like for example consisting of a single \n character or number of fields wrong in one of the lines) then openssl will just exit. This fixes it by printing an error when load_index returns null. Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15360)
-
由 Florian Mickler 提交于
If index.txt exists but has some problems (like for example consisting of a single \n character in it, or some field-number error in one of the lines) openssl will just exit without any error message. Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15360)
-
由 Florian Mickler 提交于
If index.txt exists but has some problems (like for example a single \n character in it) openssl will just exit without any error message. Bug at least expirienced twice: https://superuser.com/questions/1327848/openssl-ca-fails-after-password-without-error-messageReviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15360)
-
由 Matt Caswell 提交于
The function collect_decoder decides whether a given decoder should be tried or not. It loops through all the names for matching keymgmts to see if any are a match or not. If there is a match then the decoder gets added. However, each keymgmt may have multiple aliases and a decoder was being added for each one. For example DHX has 4 alias names, and therefore 4 instances of the DHX decoder were added and being tried. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15404)
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15349)
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15349)
-
由 Jon Spillett 提交于
Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14326)
-
由 Jon Spillett 提交于
Added PKCS5_PBE_keyivgen_ex() to allow PBKDF1 algorithms to be fetched for a specific library context Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14326)
-
由 Jon Spillett 提交于
Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14326)
-
由 Matt Caswell 提交于
The non-destructive substitution syntax (s///r), was introduced in perl 5.14. We need to support 5.10 and above. Fixes #15378 Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15379)
-
由 Shane Lontis 提交于
pointers to provider size algorithm contexts. Fixes #14284 The gettable_ctx_params methods were confusingly passing a 'provctx' and a provider context which are completely different objects. Some objects such as EVP_KDF used 'data' while others such as EVP_MD used 'provctx'. For libcrypto this 'ctx' is an opaque ptr returned when a providers algorithm implementation creates an internal context using a new_ctx() method. Hence the new name 'algctx'. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15275)
-
由 Pauli 提交于
Also add a C++ constructor as per note 7 of IG 9.10 if no DEP is available and C++ is being used. Fixes #15322 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15324)
-
由 Pauli 提交于
It is now passed an arugment to pass to the callback Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15278)
-
由 Matt Caswell 提交于
If the DRBG is used within the scope of the FIPS OSSL_provider_init function then it attempts to register a thread callback via c_thread_start. However the implementation of c_thread_start assumed that the provider's provctx was already present. However because OSSL_provider_init is still running it was actually NULL. This means the thread callback fail to work correctly and a memory leak resulted. Instead of having c_thread_start use the provctx as the callback argument we change the definition of c_thread_start to have an explicit callback argument to use. Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15278)
-
由 Pauli 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15278)
-
由 Pauli 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15278)
-
由 Pauli 提交于
The FIPS provider leaks a RAND if the POST is run at initialisation time. This test case reliably reproduces this event. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15278)
-
- 22 5月, 2021 7 次提交
-
-
由 Dr. David von Oheimb 提交于
This makes the logic more intuitive and corrects the interpretation for NonStop. Fixes #15386 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15402)
-
由 Dr. David von Oheimb 提交于
Also add related warnings on irrelevant use of -nodetach and -content options. Fixes #15347 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15358)
-
由 Richard Levitte 提交于
The reason is that it currently doesn't build properly, due to the of pvkfmt.c, causing multiply defined symbols since libcrypto exports them as well. At the same time, it can't do without that source file, or it won't have access to certain internal symbols from there. Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15320)
-
由 Richard Levitte 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15320)
-
由 Richard Levitte 提交于
For a generic program, always go through the MCR utility. Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15397)
-
由 Richard Levitte 提交于
Because VMS C has some trouble with recursive inclusion of header files, we have had to help it out for object files where there is such an inclusion structure. Previously, we did so with temporary logical names that were the same as the first directory in an inclusion, so for example, to enable this inclusion (found in ssl/ssl_local.h), we created the logical name "record" when building any of the object files in the ssl/ subdirectories: #include "record/record.h" However, there is another way with the VMS C compiler, to selectively specify extra include directories in Unix form directly to the compiler. The logic is that from the directory where the source file to compile is located, the specified inclusion directory merged with the inclusion string should be able to access to specified header file. So for example, when a file in ssl/record/ is compiled, the following inclusion is found: #include "../ssl_local.h" So far so good, VMS C handles it properly. However, the recursive inclusion of "record/record.h" fails. However, if the compiler is helped out a little bit, with the following extra qualifier, then it works: /INCLUDE="../" The reason is that the compiler merges "../" and "record/record.h" into "../record/record.h", which is the correct path to that header file from the directory of the source file being compiled. All that remained was to figure out all places where this trouble may occur, and specify extra Unix formatted inclusion directories to specify on per object file basis. Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15369)
-
由 Robbie Harwood 提交于
Despite the name, these functions manipulate signatures, which means that their replacements are the EVP_PKEY_sign/EVP_PKEY_verify family. Signed-off-by: NRobbie Harwood <rharwood@redhat.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/15359)
-