- 05 2月, 2019 3 次提交
-
-
由 Sam Roberts 提交于
Trim trailing whitespace. It doesn't match OpenSSL coding standards, AFAICT, and it can cause problems with git tooling. Trailing whitespace remains in test data and external source. Reviewed-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8092)
-
由 Patrick Steuer 提交于
Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7991)
-
由 Richard Levitte 提交于
In the removal of BEGINRAW / ENDRAW, attention to the difference between capital .S and lowercase .s wasn't duly paid. This corrects the error. Fixes #8155 Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8157)
-
- 01 2月, 2019 5 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8120)
-
由 Andy Polyakov 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8120)
-
由 Bernd Edlinger 提交于
If the second PUBKEY is malformed there is use after free. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8122)
-
由 Bernd Edlinger 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8116)
-
由 Bernd Edlinger 提交于
Additionally avoid undefined behavior with in-place memcpy in X509_CRL_digest. Fixes #8099 Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8112)
-
- 31 1月, 2019 3 次提交
-
-
由 Richard Levitte 提交于
We never used it for anything Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8125)
-
由 Richard Levitte 提交于
It was an ugly hack to avoid certain problems that are no more. Also added GENERATE lines for perlasm scripts that didn't have that explicitly. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8125)
-
由 David Benjamin 提交于
EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS and EVP_PKEY_CTRL_DSA_PARAMGEN_MD are only exposed from EVP_PKEY_CTX_ctrl, which means callers must write more error-prone code (see also issue #1319). Add the missing wrapper macros and document them. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8093)
-
- 29 1月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
If the call the ERR_set_error_data() in ERR_add_error_vdata() fails then a mem leak can occur. This commit checks that we successfully added the error data, and if not frees the buffer. Fixes #8085 Reviewed-by: NPaul Yang <yang.yang@baishancloud.com> (Merged from https://github.com/openssl/openssl/pull/8105)
-
- 28 1月, 2019 1 次提交
-
-
由 Antonio Iacono 提交于
A CAdES Basic Electronic Signature (CAdES-BES) contains, among other specifications, a collection of Signing Certificate reference attributes, stored in the signedData ether as ESS signing-certificate or as ESS signing-certificate-v2. These are described in detail in Section 5.7.2 of RFC 5126 - CMS Advanced Electronic Signatures (CAdES). This patch adds support for adding ESS signing-certificate[-v2] attributes to CMS signedData. Although it implements only a small part of the RFC, it is sufficient many cases to enable the `openssl cms` app to create signatures which comply with legal requirements of some European States (e.g Italy). Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7893)
-
- 27 1月, 2019 2 次提交
-
-
由 Ping Yu 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Yang <yang.yang@baishancloud.com> Signed-off-by: NPing Yu <ping.yu@intel.com> Signed-off-by: NSteven Linsell <stevenx.linsell@intel.com> (Merged from https://github.com/openssl/openssl/pull/7573)
-
由 David Asraf 提交于
When the ret parameter is NULL the generated prime is in rnd variable and not in ret. CLA: trivial Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8076)
-
- 25 1月, 2019 1 次提交
-
-
由 Klotz, Tobias 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7569)
-
- 22 1月, 2019 1 次提交
-
-
由 Richard Levitte 提交于
Add platform::Unix, which is a generic Unix module to support product name and extensions functionlity. However, this isn't quite enough, as mingw and Cygwin builds are done using the same templates, but since shared libraries work as on Windows and are named accordingly, platform::mingw and platform::Cygwin were also added to provide the necessary tweaks. This reworks Configurations/unix-Makefile.tmpl to work out product names in platform::Unix et al terms. In this one, we currently do care about the *_extension config attributes, and the modules adapt accordingly where it matters. This change also affected crypto/include/internal/dso_conf.h.in, since the DSO extension is meant to be the same as the short shared library extension, which isn't '.so' everywhere. 'shared_extension' attributes that had the value '.so.\$(SHLIB_VERSION_NUMBER)' are removed, platform::Unix provides an extension where the shared library version number is hard-coded instead. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7473)
-
- 21 1月, 2019 2 次提交
-
-
由 Bernd Edlinger 提交于
If this fails try out if mfspr268 works. Use OPENSSL_ppccap=0x20 for enabling mftb, OPENSSL_ppccap=0x40 for enabling mfspr268, and OPENSSL_ppccap=0 for enabling neither. Fixes #8012 Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8043)
-
由 Corey Minyard 提交于
If you use a BIO and set up your own buffer that is not freed, the memory bio will leak the BIO_BUF_MEM object it allocates. The trouble is that the BIO_BUF_MEM is allocated and kept around, but it is not freed if BIO_NOCLOSE is set. The freeing of BIO_BUF_MEM was fairly confusing, simplify things so mem_buf_free only frees the memory buffer and free the BIO_BUF_MEM in mem_free(), where it should be done. Alse add a test for a leak in the memory bio Setting a memory buffer caused a leak. Signed-off-by: NCorey Minyard <minyard@acm.org> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8051)
-
- 17 1月, 2019 3 次提交
-
-
由 David Benjamin 提交于
The RSAZ code requires the input be fully-reduced. To be consistent with the other codepaths, move the BN_nnmod logic before the RSAZ check. This fixes an oft-reported fuzzer bug. https://github.com/google/oss-fuzz/issues/1761Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7187)
-
由 Richard Levitte 提交于
Some of these functions take char*, which is seldom right, they should have been unsigned char*, because the content isn't expected to be text. Even better is to simply take void* as data type, which also happens to be transparent for any type these functions are called with, be it char* or unsigned char*. This shouldn't break anything. While we're at it, constify the input data parameters. Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7890)
-
由 Richard Levitte 提交于
Having a weak getauxval() and only depending on GNU C without looking at the library we build against meant that it got picked up where not really expected. So we change this to check for the glibc version, and since we know it exists from that version, there's no real need to make it weak. Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/8028)
-
- 16 1月, 2019 1 次提交
-
-
由 Richard Levitte 提交于
It turns out that AT_SECURE may be defined through other means than our inclusion of sys/auxv.h, so to be on the safe side, we define our own guard and use that to determine if getauxval() should be used or not. Fixes #7932 Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7933)
-
- 15 1月, 2019 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8019)
-
由 Matt Caswell 提交于
Spotted by OSTIF audit Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8019)
-
- 14 1月, 2019 1 次提交
-
-
由 Anna Henningsen 提交于
CLA: trivial Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8016)
-
- 09 1月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
Fixes #7966 Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7997)
-
- 08 1月, 2019 2 次提交
-
-
由 Viktor Dukhovni 提交于
1. In addition to overriding the default application name, one can now also override the configuration file name and flags passed to CONF_modules_load_file(). 2. By default we still keep going when configuration file processing fails. But, applications that want to be strict about initialization errors can now make explicit flag choices via non-null OPENSSL_INIT_SETTINGS that omit the CONF_MFLAGS_IGNORE_RETURN_CODES flag (which had so far been both undocumented and unused). 3. In OPENSSL_init_ssl() do not request OPENSSL_INIT_LOAD_CONFIG if the options already include OPENSSL_INIT_NO_LOAD_CONFIG. 4. Don't set up atexit() handlers when called with INIT_BASE_ONLY. Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7986)
-
由 Viktor Dukhovni 提交于
Some Travis builds appear to fail because generated objects get 2019 copyrights now, and the diff complains. Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7986)
-
- 05 1月, 2019 3 次提交
-
-
由 Richard Levitte 提交于
The stuff needed to build with SIV wasn't in place for s390x Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7988)
-
由 Patrick Steuer 提交于
Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6919)
-
由 Patrick Steuer 提交于
Added crypto/perlasm/s390x.pm Perl module. Its primary use is to be independent of binutils version, that is to write byte codes of instructions that are not part of the base instruction set. Currently only gas format is supported. Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6919)
-
- 04 1月, 2019 4 次提交
-
-
由 Matt Caswell 提交于
This enables cleanup to happen on DLL unload instead of at process exit. [extended tests] Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7647)
-
由 Matt Caswell 提交于
This option prevents OpenSSL from pinning itself in memory. Fixes #7598 [extended tests] Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7647)
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7647)
-
由 Matt Caswell 提交于
We have a number of instances where there are multiple "init" functions for a single CRYPTO_ONCE variable, e.g. to load config automatically or to not load config automatically. Unfortunately the RUN_ONCE mechanism was not correctly giving the right return value where an alternative init function was being used. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7647)
-
- 03 1月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NPaul Yang <yang.yang@baishancloud.com> (Merged from https://github.com/openssl/openssl/pull/7972)
-
- 31 12月, 2018 1 次提交
-
-
由 Bernd Edlinger 提交于
Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/7962)
-
- 23 12月, 2018 2 次提交
-
-
由 Shreya Bhandare 提交于
CLA: trivial Function EVP_PKEY_size has been modified to take a const parameter Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7892)
-
由 Jung-uk Kim 提交于
FreeBSD does not enable cryptodev(4) by default. OpenBSD disabled support for /dev/crypto by default from 4.9 and removed it from 5.7. Now the engine is properly enabled by default on BSD platforms (see #7885), it continuously complains: Could not open /dev/crypto: No such file or directory Hide the nagging error message behind ENGINE_DEVCRYPTO_DEBUG. CLA: trivial Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7896)
-