- 01 3月, 2022 3 次提交
-
-
由 Nicola Tuveri 提交于
Fixes #17743 Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17763)
-
由 Nicola Tuveri 提交于
`SSL_kECDHE` and `SSL_kEECDH`, and `SSL_kDHE` and `SSL_kEDH` are already marked as aliases of each other in the headers. This commit, for each pair, replaces the leftover uses of the latter synonym with the first one, which is considered more common. Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17763)
-
由 Tom Cosgrove 提交于
Reverting to using swapcontext() when compiling with clang on BTI-enabled builds fixes the BTI setjmp() failure seen when running asynctest. The issue with setjmp/longjmp is a known clang bug: see https://github.com/llvm/llvm-project/issues/48888 Change-Id: I6eeaaa2e15f402789f1b3e742038f84bef846e29 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17698)
-
- 28 2月, 2022 6 次提交
-
-
由 Jiasheng Jiang 提交于
Since the potential failure of memory allocation, it should be better to check the return value of the OPENSSL_strndup(), like x509v3_add_len_value(). And following the comment of 'if (astrlen < 0)', return -1 if fails. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17737)
-
由 Jiasheng Jiang 提交于
As the potential failure of the OPENSSL_zalloc(), the OSSL_LIB_CTX_new() could return NULL. Therefore, it should be better to check it and return error if fails in order to guarantee the success of the initialization. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17738)
-
由 Matt Caswell 提交于
This option is no longer set by default from OpenSSL 3.0. Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/17748)
-
由 xkernel 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17741)
-
由 Pauli 提交于
Fixes #17753 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/17764)
-
由 Pauli 提交于
Previously, a NULL property query was never cached and this lead to a performance degregation. Now, such a query is converted to an empty string and cached. Fixes #17752 Fixes https://github.openssl.org/openssl/openssl/issues/26Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17769)
-
- 25 2月, 2022 1 次提交
-
-
由 Richard Levitte 提交于
This is crucial when the build tree isn't the source tree, as they only take effect in directories where included header files reside. The issue only comes up when linking with the static libraries, since the shared libraries have upper case aliases of all symbols. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/17755)
-
- 24 2月, 2022 6 次提交
-
-
由 Jiasheng Jiang 提交于
As the glue2bio() could return NULL pointer if fails, it should be better to check the return value in order to avoid the use of NULL pointer. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17718)
-
由 Jiasheng Jiang 提交于
Since the memory allocation may fail, the BIO_new_mem_buf() may return NULL pointer. Therefore, it should be better to check it and return error if fails. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17730)
-
由 Carlo Teubner 提交于
CLA: trivial Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17731)
-
由 Raul Ferrando 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17708)
-
由 Matt Caswell 提交于
This macro and function were deprecated in the documentation but not in the source. Following an OTC vote the deprecation has been removed from the documentation. See https://github.com/openssl/technical-policies/issues/26 Fixes #17517 Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17750)
-
由 msa42 提交于
CLA: trivial Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17745)
-
- 23 2月, 2022 3 次提交
-
-
由 Matt Caswell 提交于
The SNI test in test_cert_cb_int() was always failing because it used SSL_CTX_new() instead of SSL_CTX_new_ex() and was therefore not using the correct libctx. PR #17739 amended the test to check the return value from SSL_CTX_new() which made the failure obvious. Fixes #17757 Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/17758)
-
由 xkernel 提交于
Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17740)
-
由 Jiasheng Jiang 提交于
As the potential failure of the memory allocation, it should be better to check the return value of SSL_CTX_new() and return error if fails, like SSL_CTX_new_ex(). Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17739)
-
- 22 2月, 2022 4 次提交
-
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17724)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17724)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17723)
-
由 Deepankar Bhattacharjee 提交于
Performance increase around 50%. Co-authored-by: NMadhusudhanan Duraisamy <madurais@in.ibm.com> Co-authored-by: NNilamjyoti Goswami <nilamgoswami@in.ibm.com> Co-authored-by: NSiva Sundar Anbareeswaran <srisivasundar@in.ibm.com> Reviewed-by: NDanny Tsen <dtsen@us.ibm.com> Tested-by: NDanny Tsen <dtsen@us.ibm.com> Signed-off-by: NDanny <dtsen@us.ibm.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16637)
-
- 21 2月, 2022 1 次提交
-
-
由 Pauli 提交于
Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/17709)
-
- 20 2月, 2022 8 次提交
-
-
由 Jiasheng Jiang 提交于
As the potential failure of the rand_get_global(), for example fail to get lock, 'dgbl' could be NULL pointer and be dereferenced later. Therefore, it should be better to check it and return error if fails, like RAND_get0_primary() and other callers. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/17690)
-
由 Jiasheng Jiang 提交于
Since the BIO_new may fail, the 'bio' could be NULL pointer and be used. Therefore, it should be better to check it and skip the print if fails. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/17690)
-
由 Jiasheng Jiang 提交于
Since the potential failure of the OSSL_PROVIDER_load(), for example there is no lock, the provider could fail to be loaded into the library context. Therefore, it should be better to check it and return error if fails. Also, in order to avoid free unknown pointer, 'c' should be initialized as NULL. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/17729)
-
由 yangyangtiantianlonglong 提交于
Added return value and error code in the sample Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17721)
-
由 yangyangtiantianlonglong 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17721)
-
由 Dimitris Apostolou 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/17713)
-
由 Oleg Pekar 提交于
Co-authored-by: NMatthias St. Pierre <matthias.st.pierre@ncp-e.com> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/17714)
-
由 Oleg Pekar 提交于
Fixed the date in the heading of "Changes between 1.1.1l and 1.1.1m" to 14 Dec 2021 Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/17714)
-
- 18 2月, 2022 1 次提交
-
-
由 EasySec 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17691)
-
- 17 2月, 2022 5 次提交
-
-
由 Armin Fuerst 提交于
Prefix output of generated dh parameters to avoid misinterpretation of lines beginning with ok[^a-zA-Z0-9] as a testresult. Also corrected indent and removed useless comma after last item. Fixes #17480 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17689)
-
由 Jiasheng Jiang 提交于
As the potential failure of the BIO_new(), it should be better to check the return value and return error if fails in order to avoid the dereference of NULL pointer. And because 'bio_s_msg' is checked before being used everytime, which has no need to add the check. But 'bio_s_out' is not. And since the check 'if (bio_s_out == NULL)' is redundant, it can be removed to make the code succincter. Also the 'sbio' and so forth should be checked like the other places in the same file. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17710)
-
由 Jiasheng Jiang 提交于
Just assert 'bn' to be non-NULL is not enough. The check for 'itmp' is still needed. If 'bn' is 0, the 'itmp' is assigned by OPENSSL_strdup(). Since OPENSSL_strdup() may fail because of the lack of memory, the 'itmp' will be NULL and be an valid parameter hashed in TXT_DB_get_by_index(), returning a wrong result. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17677)
-
由 Jiasheng Jiang 提交于
Since the OPENSSL_strdup() may return NULL if allocation fails, the 'port' could be NULL. And then it will be used in do_server(), which can accept NULL as an valid parameter. That means that the system could run with a wrong parameter. Therefore it should be better to check it, like the other memory allocation. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17673)
-
由 Tomas Mraz 提交于
This is needed for TLS-1.3. Also add check for uncompressed point format for ECDHE as the other formats are not allowed by RFC 8446. Fixes #17667 Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17678)
-
- 16 2月, 2022 2 次提交
-
-
由 因上努力果上随缘 提交于
This header files are included by multiple other headers. It's better to add define guards to prevent multi-inclusion. Adhere to the coding style, all preprocessor directives inside the guards gain a space. Signed-off-by:
Weiguo Li <liwg06@foxmail.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/17666)
-
由 Jiasheng Jiang 提交于
As the potential failure of the memory allocation, the OPENSSL_strdup() could return NULL pointer and then be assigned to 'server_ctx'. In order to tell the callers the failure of the configuration, it should be better to return error. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17705)
-