- 15 11月, 2016 1 次提交
-
-
由 marko asplund 提交于
Useful e.g. to fully script CA commands Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1797)
-
- 14 11月, 2016 4 次提交
-
-
prio openssl 1.1.0 seed_len < q was accepted and the seed argument was then ignored. Now DSA_generate_parameters_ex() returns an error in such a case but no error string. Signed-off-by: NSebastian Andrzej Siewior <sebastian@breakpoint.cc> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1657)
-
由 Matt Caswell 提交于
This reverts commit 349d1cfd. The proposed fix is incorrect. It marks the "run_once" code as having finished before it has. The intended semantics of run_once is that no threads should proceed until the code has run exactly once. With this change the "second" thread will think the run_once code has already been run and will continue, even though it is still in progress. This could result in a crash or other incorrect behaviour. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1669)
-
由 DK 提交于
Fixed deadlock in CRYPTO_THREAD_run_once() if call to init() is causing a recursive call to CRYPTO_THREAD_run_once() again that is causing a hot deadloop inside do { } while (result == ONCE_ININIT); section. CLA: trivial Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1913)
-
- 13 11月, 2016 4 次提交
-
-
由 Matthias Kraft 提交于
Avoid a memory alignment issue. Signed-off-by: NMatthias Kraft <Matthias.Kraft@softwareag.com> CLA: trivial Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1650)
-
由 EasySec 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1837)
-
由 EasySec 提交于
Replace the 'SSL' broken link with SSL_CTX_set_security_level which seems not being referenced from elsewhere Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1898)
-
由 enkore 提交于
CLA: trivial Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1909)
-
- 12 11月, 2016 2 次提交
-
-
由 Kurt Roeckx 提交于
New minimal fuzz corpora set Reviewed-by: NAndy Polyakov <appro@openssl.org> GH: #1910
-
由 Kurt Roeckx 提交于
llvm's ubsan reported: runtime error: negation of -9223372036854775808 cannot be represented in type 'int64_t' (aka 'long'); cast to an unsigned type to negate this value to itself Found using libfuzzer Reviewed-by: NRich Salz <rsalz@openssl.org> GH: #1908
-
- 11 11月, 2016 11 次提交
-
-
由 Andy Polyakov 提交于
This provides up to 30% better performance on some of recent processors. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
In order to minimize dependency on assembler version a number of post-SSE2 instructions are encoded manually. But in order to simplify the procedure only register operands are considered. Non-register operands are passed down to assembler. Module in question uses pshufb with memory operands, and old [GNU] assembler can't handle it. Fortunately in this case it's possible skip just the problematic segment without skipping SSSE3 support altogether. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
The links weren't properly terminated with a " Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1901)
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1900)
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1900)
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1900)
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1900)
-
由 Richard Levitte 提交于
When configured no-dso, there are no DSO_{whatever} macros defined. Therefore, before checking those, you have to check if OPENSSL_NO_DSO is defined. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1902)
-
由 Richard Levitte 提交于
- the pod path hadn't been changed with the directory layout change - apparently, pod2html doesn't add ".html" at the end of links, making them useless, so we need to fix that With thanks for the report to Michel <michel.sales@free.fr> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1896)
-
- 10 11月, 2016 18 次提交
-
-
由 Matt Caswell 提交于
The test loops through all the ciphers, attempting to test each one in turn. However version negotiation happens before cipher selection, so with TLSv1.3 switched on if we use a non-TLSv1.3 compatible cipher suite we get "no share cipher". Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
Now that we can link specifically with static libraries, the immediate need to split ppccap.c (and eventually other *cap.c files) is no more. This reverts commit e3fb4d3d. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
This is a skin deep change, which simply renames most places where we talk about curves in a TLS context to groups. This is because TLS1.3 has renamed the extension, and it can now include DH groups too. We still only support curves, but this rename should pave the way for a future extension for DH groups. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1889)
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1889)
-
由 Richard Levitte 提交于
Very simply, support having the .a extension to denote depending on static libraries. Note that this is not supported on native Windows when building shared libraries, as there is not static library then, just an import library with the same name. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1889)
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1890)
-
由 Richard Levitte 提交于
Instead of enumerating exactly those files in test/ that include ../ssl/ssl_locl.h, assume they all do. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1891)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Andy Polyakov 提交于
This is done by taking one vector, "corrupting" last bit of the tag value and verifying that decrypt fails. Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Don't set choice selector on parse failure: this can pass unexpected values to the choice callback. Instead free up partial structure directly. CVE-2016-7053 Thanks to Tyler Nighswander of ForAllSecure for reporting this issue. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Richard Levitte 提交于
The offset to the memory to clear was incorrect, causing a heap buffer overflow. CVE-2016-7054 Thanks to Robert Święcki for reporting this Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Some of stone-age assembler can't cope with r0 in address. It's actually sensible thing to do, because r0 is shunted to 0 in address arithmetic and by refusing r0 assembler effectively makes you understand that. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-