- 04 5月, 2021 16 次提交
-
-
由 Matt Caswell 提交于
Fixes #14409 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15072)
-
由 Matt Caswell 提交于
Check that reading/writing to a core bio via BIO_new_from_core_bio() works as expected. Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15072)
-
由 Matt Caswell 提交于
Previously the concept of wrapping an OSSL_CORE_BIO in a real BIO was an internal only concept for our own providers. Since this is likely to be generally useful, we make it a part of the public API. Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15072)
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15121)
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15121)
-
由 Petr Gotthard 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15118)
-
由 Pauli 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15105)
-
由 Richard Levitte 提交于
They completely ignored any passphrase related setting. Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15119)
-
由 Richard Levitte 提交于
Fixes #15114 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15119)
-
由 Richard Levitte 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8871)
-
由 Richard Levitte 提交于
This is required for 'make update' and fips checksums Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8871)
-
由 Richard Levitte 提交于
This adds the following scripts: util/lang-compress.pl: Compress source code, which language is determined by the first argument. For the moment, we know 'perl' (perlasm source code), 'C' (C source code) and 'S' (Assembler with C preprocessor directives). This removes comments and empty lines, and compresses series of horizontal spaces to one single space in the languages where that's appropriate. util/fips-checksums.sh: Takes source file names as arguments, pushes them through util/lang-compress.pl and unifdef with FIPS_MODE defined, and calculates the checksum on the result. Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8871)
-
由 Richard Levitte 提交于
This file will be the basis for the FIPS module checksum calculation Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8871)
-
由 Richard Levitte 提交于
OpenSSL::Config::Query is a configuration querying tool that's meant to make it easier to query the diverse configuration data for info. That's much easier than to dig through all the parts of %unified_info. Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8871)
-
由 Richard Levitte 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15084)
-
由 Richard Levitte 提交于
The perl interpreter name itself might contain spaces and need quoting. __fixup_prg() does this for us. Fixes #14256 Co-authored-by: NTomáš Mráz <tomas@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15084)
-
- 02 5月, 2021 2 次提交
-
-
由 Pauli 提交于
It's only useful for the FIPS lab and shouldn't be in production. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15092)
-
由 FdaSilvaYY 提交于
`strdup(propq)` failure is doing a `goto err;` from where `SSL_CTX_free` is called. The possible call is made before reference and lock fields setup. Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/15052)
-
- 01 5月, 2021 7 次提交
-
-
由 Hubert Kario 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/15099)
-
由 Rich Salz 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/14995)
-
由 Dmitry Belyavskiy 提交于
Fixes #12735 Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/xxxxx)
-
由 Tomas Mraz 提交于
Adjust the stuff we are building and testing in various configurations to trim the run time a little bit. Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15087)
-
由 Tomas Mraz 提交于
It might not be necessary with the most recent toolchain versions but apparently many 32bit linux architectures and commonly used toolchain versions require this. It is also harmless to include even on architectures that do not need it. Fixes #14083 Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15086)
-
由 Shane Lontis 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15091)
-
由 Petr Gotthard 提交于
Switch lib/apps.c do_sign_init() to use EVP_DigestSignInit_ex, so it works with external providers. Since EVP_DigestSignInit_ex requires a digest name instead of an EVP_MD pointer, the apps using do_sign_init() had to be modified to pass char* instead of EVP_MD*. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/15014)
-
- 30 4月, 2021 14 次提交
-
-
由 Daniel Bevenius 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15085)
-
由 Richard Levitte 提交于
OSSL_STORE's loading function could prompt repeatedly for the same passphrase. It turns out that OSSL_STORE_load() wasn't caching the passphrase properly. Fixed in this change. Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15064)
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15074)
-
由 Tomas Mraz 提交于
Fixes #14873 Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15074)
-
由 Richard Levitte 提交于
The pre-population of names has become more thorough. Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15066)
-
由 Richard Levitte 提交于
In the provider file: scheme loader implementation, the OSSL_DECODER_CTX was set up with all sorts of implementations, even if the caller has declared a limited expectation on what should be loaded, which means that even though a certificate is expected, all the diverse decoders to produce an EVP_PKEY are added to the decoding change. This optimization looks more closely at the expected type, and only adds the EVP_PKEY related decoder implementations to the chain if there is no expectation, or if the expectation is one of OSSL_STORE_INFO_PARAMS, OSSL_STORE_INFO_PUBKEY, OSSL_STORE_INFO_PKEY. Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15066)
-
由 Pauli 提交于
A pair of the disabled string checks were incorrect. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15082)
-
由 Shane Lontis 提交于
Update OSSL_STORE_attach() documentation to indicate it increases the ref_count of the passed in bio Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15058)
-
由 Shane Lontis 提交于
A newly created BIO object within this function calls OSSL_STORE_attach() which increases the ref count to 2. OSSL_STORE_close() then decrements the ref count by 1, so the BIO still remains. The following new test was picking up this leak using.. > valgrind openssl crl -hash -noout < test/testcrl.pem Not quite sure why the existing tests were not picking this up since they appear to run through a similiar path.. such as > valgrind openssl pkey < test-runs/test_rsa/rsa-pkcs8-ff.dd Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15058)
-
由 Shane Lontis 提交于
Fixes #15031 The maybe_stdin needed to be passed to load_key_certs_crls(). Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15058)
-
由 Tomas Mraz 提交于
The EVP_PKEY_asn1_set_public and EVP_PKEY_meth_set_copy have some API breaking constification changes in 3.0. Fixes #9296 Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15068)
-
由 Eric Curtin 提交于
Just something I noticed while reading this code. This was probably committed a very long time ago. Fixed typo anther -> another. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15078)
-
由 Pauli 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14434)
-
由 Jon Spillett 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14434)
-
- 29 4月, 2021 1 次提交
-
-
由 Matt Caswell 提交于
SHA1 is now in security level 0. SHA1 is required for DTLSv1.1. Therefore ssl_test_new needed some adjustments in the event that DTLSv1.2 is disabled. There are also adjustments required if using the FIPS module and DTLSv1.2 is disabled. The only DTLS version supported by the FIPS module is DTLSv1.2. Fixes #14956 Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15047)
-