提交 · c8bff7ad501c38f1ce9bfe9392fcb22a709e0f6f · btwise / openssl

10 2月, 2017 3 次提交

speed.c: simplify aggregation of ecdsa --multi results · c8bff7ad

由 Cristian Stoica 提交于 8月 02, 2016

CLA: trivial
Signed-off-by: NCristian Stoica <cristian.stoica@nxp.com>
Reviewed-by: NGeoff Thorpe <geoff@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1377)

c8bff7ad

speed.c: simplify aggregation of dsa --multi results · 0d4de756

由 Cristian Stoica 提交于 8月 02, 2016

CLA: trivial
Signed-off-by: NCristian Stoica <cristian.stoica@nxp.com>
Reviewed-by: NGeoff Thorpe <geoff@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1377)

0d4de756

speed.c: simplify aggregation of rsa --multi results · 8ac2d1ab

由 Cristian Stoica 提交于 8月 02, 2016

CLA: trivial
Signed-off-by: NCristian Stoica <cristian.stoica@nxp.com>
Reviewed-by: NGeoff Thorpe <geoff@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1377)

8ac2d1ab

09 2月, 2017 1 次提交

SSL_get_shared_sigalgs: handle negative idx parameter · 6d047e06

由 Peter Wu 提交于 2月 02, 2017

When idx is negative (as is the case with do_print_sigalgs in
apps/s_cb.c), AddressSanitizer complains about a buffer overflow (read).
Even if the pointer is not dereferenced, this is undefined behavior.

Change the user not to use "-1" as index since the function is
documented to return 0 on out-of-range values.

Tested with `openssl s_server` and `curl -k https://localhost:4433`.
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2349)

6d047e06

08 2月, 2017 1 次提交

apps: Add support for writing a keylog file · 4bf73e9f

由 Peter Wu 提交于 2月 01, 2017

The server and client demos (s_client and s_server) are extended with a
-keylogfile option. This is similar as setting the SSLKEYLOGFILE
environment variable for NSS and creates a keylog file which is suitable
for Wireshark.
Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2343)

4bf73e9f

07 2月, 2017 1 次提交

Remove unused variable · a19a6c81

由 Pauli 提交于 2月 06, 2017

Reviewed-by: NAndy Polyakov <appro@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2566)

a19a6c81

06 2月, 2017 1 次提交

Fix parsing of serial# in req · be4c82aa

由 Rich Salz 提交于 2月 05, 2017

Reported by Jakub Wilk.
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2556)

be4c82aa

03 2月, 2017 1 次提交

Add NNTP support (RFC 4642) to s_client ("-starttls nntp") · 8f85aa6b

由 Robert Scheck 提交于 1月 28, 2017

Reviewed-by: NAndy Polyakov <appro@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2310)

8f85aa6b

30 1月, 2017 5 次提交

fix style issues · 91410d40

由 Dr. Stephen Henson 提交于 1月 29, 2017

Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2301)

91410d40

Add SSL_get_peer_signature_type_nid() function. · 42ef7aea

由 Dr. Stephen Henson 提交于 1月 25, 2017

Add function to retrieve signature type: in the case of RSA
keys the signature type can be EVP_PKEY_RSA or EVP_PKEY_RSA_PSS.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2301)

42ef7aea

More complete PSS support. · b2eb6998

由 Dr. Stephen Henson 提交于 1月 25, 2017

Extend support for PSS key signatures by using the EVP_PKEY_RSA_PSS type
to distinguish them from PKCS1 signature types.

Allow setting of PSS signature algorithms using the string "PSS" or
"RSA-PSS".
Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2301)

b2eb6998

M
Miscellaneous style tweaks based on feedback received · 1f5b44e9
由 Matt Caswell 提交于 1月 20, 2017
```
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2259)
```
1f5b44e9

Update the s_client -sess_out feature to work for TLSv1.3 · be62b22b

由 Matt Caswell 提交于 1月 13, 2017

Previously "-sess_out" wrote out the session as soon as the handshake
finished. In TLSv1.3 this won't work because the NewSessionTicket message
arrives post-handshake. Instead we use the session callback mechanism to
do this.
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2259)

be62b22b

25 1月, 2017 5 次提交

Fix a few double ; · 0fe2a0af

由 FdaSilvaYY 提交于 12月 28, 2016

Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1618)

0fe2a0af

Fix some style and indent issue · 07a38fd2

由 FdaSilvaYY 提交于 9月 24, 2016

simplify some code.
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1618)

07a38fd2

Fix some extra or missing whitespaces... · 28b86f31

由 FdaSilvaYY 提交于 8月 24, 2016

Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1618)

28b86f31

s_client: Better response success check for CONNECT · ec2a0e60

由 Richard Levitte 提交于 10月 05, 2016

Instead of looking for "200" and "established" (and failing all other
2xx responses or "Established"), let's look for a line that's not a
header (i.e. doesn't contain a ':') and where the first space is
followed by a '2'.
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1664)

ec2a0e60

Cleanup EVP_CIPH/EP_CTRL duplicate defines · 9d6fcd42

由 Todd Short 提交于 1月 09, 2017

Remove duplicate defines from EVP source files.
Most of them were in evp.h, which is always included.
Add new ones evp_int.h
EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK is now always defined in evp.h, so
remove conditionals on it
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2201)

9d6fcd42

23 1月, 2017 1 次提交

Fix use before assignment · 0db1fb3f

由 FdaSilvaYY 提交于 11月 16, 2016

 it was getting the SerialNumber of a previous cert.
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2272)

0db1fb3f

21 1月, 2017 1 次提交

'openssl passwd' command can now compute AIX MD5-based passwords hashes. · 037f2c3f

由 Gaétan Njinang 提交于 1月 20, 2017

The difference between the AIX MD5 password algorithm and the standard MD5
password algorithm is that in AIX there is no magic string while in the
standard MD5 password algorithm the magic string is "$1$"

Documentation of '-aixmd5' option of 'openssl passwd' command is added.

1 test is added in test/recipes/20-test-passwd.t
Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2251)

037f2c3f

18 1月, 2017 1 次提交

Fix list -disabled for blake2 alg · 487d3a72

由 EasySec 提交于 1月 17, 2017

Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2241)

487d3a72

12 1月, 2017 1 次提交
- R
  Enable apps to get a UI_METHOD for the default prompter · 264b2d92
  由 Richard Levitte 提交于 12月 06, 2016
```
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2204)
```
  264b2d92
08 1月, 2017 1 次提交

print errors in pkey utility · 0396a447

由 Dr. Stephen Henson 提交于 1月 03, 2017

Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2177)

0396a447

08 12月, 2016 1 次提交

Make sure that password_callback exercises UI · 57c0f378

由 Richard Levitte 提交于 12月 08, 2016

Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2040)

57c0f378

23 11月, 2016 3 次提交

M
Fix some style issues with TLSv1.3 state machine PR · 6530c490
由 Matt Caswell 提交于 11月 23, 2016
```
Reviewed-by: NRich Salz <rsalz@openssl.org>
```
6530c490
M
Fix some style issues identified during review · f5ca0b04
由 Matt Caswell 提交于 11月 21, 2016
```
Reviewed-by: NRich Salz <rsalz@openssl.org>
```
f5ca0b04

Add an s_server capability to read an OCSP Response from a file · acf65ae5

由 Matt Caswell 提交于 11月 15, 2016

Current s_server can only get an OCSP Response from an OCSP responder. This
provides the capability to instead get the OCSP Response from a DER encoded
file.

This should make testing of OCSP easier.
Reviewed-by: NRich Salz <rsalz@openssl.org>

acf65ae5

18 11月, 2016 4 次提交

Avoid warnings like unused enum value (as suggested by Rich Salz) · 7524c520

由 Robert Scheck 提交于 11月 18, 2016

Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1945)

7524c520

Shift inside of switch back one level (code style change, as requested by Rich Salz) · 1d8a94fb

由 Robert Scheck 提交于 11月 17, 2016

Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1945)

1d8a94fb

Add LMTP support (RFC 2033) to s_client ("-starttls lmtp") · 9576545a

由 Robert Scheck 提交于 11月 17, 2016

Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1945)

9576545a

D
Support MSBLOB format if RC4 is disabled · b6c68982
由 Dr. Stephen Henson 提交于 11月 17, 2016
```
Reviewed-by: NMatt Caswell <matt@openssl.org>
```
b6c68982

17 11月, 2016 9 次提交

Handle "int_ctx_new:unsupported algorithm" error · 86ff6cc6

由 Nicola Tuveri 提交于 10月 07, 2016

Calling EVP_PKEY_CTX_new_id(curve_NID, NULL) causes an error for most
curves that are implemented through the EC low-level API, and in the
last commit we call it for every curve to avoid treating X25519 as a
special case.

Last commit code already handles correctly this failure, but does not
remove these events from the thread error queue, thus some
false-positive warnings are printed at the end of execution.

This commit ensures that the error queue is clean, without flushing
other errors.
Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1658)

86ff6cc6

Do not handle R_EC_X25519 as a special case · b756d694

由 Nicola Tuveri 提交于 10月 07, 2016

Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1658)

b756d694

Remove leftover KDF pointer · 79438087

由 Nicola Tuveri 提交于 10月 07, 2016

Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1658)

79438087

Use CRYPTO_memcmp for comparing derived secrets · 9bffdebc

由 Nicola Tuveri 提交于 10月 06, 2016

Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1658)

9bffdebc

Reintroduce preliminary sanity check in ECDH speed and remove further checks in the benchmark loop. · f7d984dd