- 16 10月, 2020 1 次提交
-
-
由 Pauli 提交于
Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/13084)
-
- 15 10月, 2020 12 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com>
-
由 Matt Caswell 提交于
Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com>
-
由 Matt Caswell 提交于
Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/13144)
-
由 Akshit Akhoury 提交于
CLA: trivial Reviewed-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13062)
-
由 Dr. Matthias St. Pierre 提交于
This change makes the naming more consistent, because three different terms were used for the same thing. (The term libctx was used by far most often.) Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
-
由 Dr. Matthias St. Pierre 提交于
Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
-
由 Matt Caswell 提交于
These were previously added as an internal API. But since the CMS code needs them, other code might do too. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13088)
-
由 Matt Caswell 提交于
Fixes #12983 Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13088)
-
由 Matt Caswell 提交于
Low level algorithm implementations have no business knowing about details of the higher level CMS concept. This knowledge is therefore moved into the CMS layer. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13088)
-
由 Matt Caswell 提交于
There is a large amount of CMS sepcific code in the algorithms. This is in the wrong place and breaks layering. This code should be in the CMS layer. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13088)
-
由 Matt Caswell 提交于
There is quite a large amount of algorithm specific CMS code sitting in the algorithm directories. However, this seems to break layering. Algorithms really have no business knowing anything about CMS. Really it should be the other way around. Where there is algorithm specific CMS code it is the CMS layer that should know how to handle different algorithms. Therefore we move this code into the CMS layer. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13088)
-
由 Matt Caswell 提交于
We were downgrading a key in the CMS code. This is no longer necessary. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13088)
-
- 14 10月, 2020 10 次提交
-
-
由 Nicola Tuveri 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13018)
-
由 Nicola Tuveri 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13018)
-
由 Nicola Tuveri 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13018)
-
由 Nicola Tuveri 提交于
Note that with this commit the optional parameter is introduced, but libssl still ignores it. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13018)
-
由 Nicola Tuveri 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13018)
-
由 Nicola Tuveri 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13018)
-
由 Nicola Tuveri 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13018)
-
由 Kurt Roeckx 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> GH: #13085
-
由 Yury Is 提交于
Several embedded toolchains may provide dummy implemented getentropy() function which always returns -1 and sets errno to the ENOSYS. As a result the function SSL_CTX_new() fails to create a new context. Fixes #13002 Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/13114)
-
由 Randall S. Becker 提交于
The default settings are now IEEE float. CLA: Permission is granted by the author to the ITUGLIB team to use these modifications. Fixes #12919 Signed-off-by: NRandall S. Becker <rsbecker@nexbridge.com> Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13108)
-
- 13 10月, 2020 2 次提交
-
-
由 Richard Levitte 提交于
The temporary copy that's made didn't have a lock, which could end up with a crash. We now handle locks a bit better, and take extra care to lock it and keep track of which lock is used where and which lock is thrown away. Fixes #12876 Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12978)
-
由 Ikko Ashimine 提交于
orignal -> original CLA: trivial Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/13111)
-
- 12 10月, 2020 13 次提交
-
-
由 Rainer Jung 提交于
In OpenSSL 1.1.1 the script run_tests.pl has an effectiver workaround to fall back to Test::Harness, if TAP::Harness is not available. That code has substantially changed, but it seems it should still fall back but doesn't. Observed on SuSE Linux Enterprise Server 11 (SLES11). Error messages: Can't locate TAP/Parser.pm in @inc (@inc contains: /path/to/bld/openssl300/test/../util/perl /path/to/local/perl/lib/perl5 /usr/lib/perl5/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/5.10.0 /usr/lib/perl5/site_perl/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/site_perl/5.10.0 /usr/lib/perl5/vendor_perl/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/vendor_perl/5.10.0 /usr/lib/perl5/vendor_perl .) at /path/to/local/perl/lib/perl5/parent.pm line 20. BEGIN failed--compilation aborted at /path/to/bld/openssl300/test/run_tests.pl line 131. and Can't locate TAP/Harness.pm in @inc (@inc contains: /path/to/bld/openssl300/test/../util/perl /path/to/local/perl/lib/perl5 /usr/lib/perl5/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/5.10.0 /usr/lib/perl5/site_perl/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/site_perl/5.10.0 /usr/lib/perl5/vendor_perl/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/vendor_perl/5.10.0 /usr/lib/perl5/vendor_perl .) at /path/to/local/perl/lib/perl5/parent.pm line 20. BEGIN failed--compilation aborted at /path/to/bld/openssl300/test/run_tests.pl line 215. Concerning the fix: the docs for parent.pm show, that without the "-norequire" it puts the require statement in a BEGIN block which probably runs before the eval, to the loading is no longer encapsulated by the eval. Without the additional require line, the loading doesn't happen at all, so the availability testing fails. Combining the "-norequire" and an explicit "require" worked for me. Tested on the original problem platform SLES 11, but also on SLES 12 and 15, RHEL 6, 7 and 8 plus Solaris 10 Sparc. Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12500)
-
由 Richard Levitte 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13074)
-
由 Richard Levitte 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13074)
-
由 Richard Levitte 提交于
This makes it possible to easily deprecated selections of PEM functions. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13074)
-
由 Richard Levitte 提交于
This makes it possible to easily deprecated selections of ASN1 functions. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13074)
-
由 Richard Levitte 提交于
The triggering macro that decides if a symbol is to be considered deprecated is OPENSSL_NO_DEPRECATEDIN_x_y[_z]. OpenSSL::ParseC renames any OPENSSL_NO_DEPRECATED_x_y[_z] by inserting "IN". Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13074)
-
由 Richard Levitte 提交于
As opposed to DEPRECATEDIN_{major}_{minor}(), any use of these macros must be guarded with a corresponding OPENSSL_NO_DEPRECATED_{major}_{minor}: #ifndef OPENSSL_NO_DEPRECATED_3_0 OSSL_DEPRECATEDIN_3_0 int RSA_size(const RSA *rsa); #endif Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13074)
-
由 Richard Levitte 提交于
It turns out that they have __declspec(deprecated) that correspond pretty much to GCC's __attribute__((deprecated)), including for messages. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13074)
-
由 Richard Levitte 提交于
The macro value is changed to use deprecation messages where whose are supported. We also add the macro OSSL_DEPRECATED_FOR(), to be used whenever an additional message text is desirable, for example to tell the user what the deprecated is replaced with. Example: OSSL_DEPRECATED_FOR(3.0,"use EVP_PKEY and EVP_PKEY_size() instead") int RSA_size(const RSA *rsa); Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13074)
-
由 Richard Levitte 提交于
The diverse DEPRECATEDIN_x_y_z macros are rewritten in terms of this macro. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13074)
-
由 Pauli 提交于
coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13091)
-
由 Pauli 提交于
Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13091)
-
由 Pauli 提交于
Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13091)
-
- 11 10月, 2020 2 次提交
-
-
由 Richard Levitte 提交于
The functions i2d_PrivateKey(), try_key_value() i store_result.c and X509_PUBKEY_set() were all essentially duplicating this functionality to some degree. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13094)
-
由 Richard Levitte 提交于
This adds OSSL_ENCODER_to_data() and OSSL_DECODER_from_data(). These functions allow fairly simple rewrites of type-specific i2d and d2i calls. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13094)
-