- 07 7月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3852)
-
- 03 7月, 2017 2 次提交
-
-
由 Rich Salz 提交于
Fix a =head1 section name Fix a typo in POD label Remove a spurious =back Add a missing blank line Avoid 'legacy' -- use 'deprecated' if still needed if we cannot just reword. Always do strict checking Do not warn about missing "RETURN VALUES" unless -s is set. Change OpenSSL version 1.1 -> 1.1.0 Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3830)
-
由 Richard Levitte 提交于
Instead, make it possible to disable the console reader that's part of the UI module. This makes it possible to use the UI API and other UI methods in environments where the console reader isn't useful. To disable the console reader, configure with 'no-ui-console' / 'disable-ui-console'. 'no-ui' / 'disable-ui' is now an alias for 'no-ui-console' / 'disable-ui-console'. Fixes #3806 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3820)
-
- 30 6月, 2017 3 次提交
-
-
由 Rich Salz 提交于
Only for Unix platforms Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3754)
-
由 Richard Levitte 提交于
For Windows, we care which way it is, the resulting file is just a pile of symbols. For VMS, we really need to care about the numeric ordering, and getting the symbols sorted by symbol version too didn't agree with that. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3804)
-
由 Richard Levitte 提交于
This allows us to guard Unix specific functions with #ifndef / #ifdef OPENSSL_SYS_UNIX Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3804)
-
- 29 6月, 2017 2 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3542)
-
由 Richard Levitte 提交于
This STORE module adds the following functionality: - A function OSSL_STORE_open(), OSSL_STORE_load() and OSSL_STORE_close() that accesses a URI and helps loading the supported objects (PKEYs, CERTs and CRLs for the moment) from it. - An opaque type OSSL_STORE_INFO that holds information on each loaded object. - A few functions to retrieve desired data from a OSSL_STORE_INFO reference. - Functions to register and unregister loaders for different URI schemes. This enables dynamic addition of loaders from applications or from engines. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3542)
-
- 27 6月, 2017 2 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3781)
-
由 Richard Levitte 提交于
To make sure that our symbols don't clash with other libraries, we claim the namespaces OSSL and OPENSSL. Because C doesn't provide namespaces, the only solution is to have them as prefixes on symbols, thus we allow OSSL_ and OPENSSL_ as prefixes. These namespace prefixes are optional for the foreseeable future, and will only be used for new modules as needed on a case by case basis, until further notice. For extra safety, there's an added requirement that module names - apart from the namespace prefix - be at least 2 characters long. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3781)
-
- 25 6月, 2017 1 次提交
-
-
由 Benjamin Kaduk 提交于
Put them into the TLSProxy::Message namespace along with the extension type constants. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3326)
-
- 22 6月, 2017 1 次提交
-
-
由 Sascha Steinbiss 提交于
Adding a get1 style accessor as brought up in mailing list post https://mta.openssl.org/pipermail/openssl-users/2016-November/004796.htmlReviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1876)
-
- 21 6月, 2017 7 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3670)
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3670)
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3670)
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3670)
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3670)
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3670)
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3670)
-
- 13 6月, 2017 3 次提交
-
-
由 Richard Levitte 提交于
Reading the prologue of this file conserved the "# Function codes" line, and then duplicated it when rewriting this file, adding a new "# Function codes" line everytime there's an update. Better then to skip over all comment lines and have the prologue defined in mkerr.pl, just the same as we do with the other affected files. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3664)
-
由 Richard Levitte 提交于
Sometimes, one might only want to rework a subset of all the internal error codes. -module allows the caller to specify exactly which library modules to rewrite. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3662)
-
由 Rich Salz 提交于
Add "*" as indicator meaning the function/reason is removed, so put an empty string in the function/reason string table; this preserves backward compatibility by keeping the #define's. In state files, trailing backslash means text is on the next line. Add copyright to state files Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3640)
-
- 12 6月, 2017 3 次提交
-
-
由 Benjamin Kaduk 提交于
It is an API to be used from the early callback that indicates what extensions were present in the ClientHello, and in what order. This can be used to eliminate unneeded calls to SSL_early_get0_ext() (which itself scales linearly in the number of extensions supported by the library). Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2976)
-
由 Rich Salz 提交于
Reviewed-by: NKurt Roceckx <kurt@openssl.org>
-
由 Rich Salz 提交于
Make funcs to deal with non-null-term'd string in both asn1_generalizedtime_to_tm() and asn1_utctime_to_tm(). Fixes issue #3444. This one is used to enforce strict format (RFC 5280) check and to convert GeneralizedTime to UTCTime. apps/ca has been changed to use the new API. Test cases and documentation are updated/added Signed-off-by: NPaul Yang <paulyang.inf@gmail.com> Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3566)
-
- 09 6月, 2017 2 次提交
-
-
由 Rich Salz 提交于
The search is approximate; look only for those that look like functions. [skip ci] Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3641)
-
由 Rich Salz 提交于
Fix test for "documenting private functions" And add -p flag to doc-nits recipe Mark when things were deprecated, if doc'd as such Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3624)
-
- 08 6月, 2017 2 次提交
-
-
由 Todd Short 提交于
This works with ASN1_UTCTIME and ASN1_GENERALIZED_TIME Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3378)
-
由 Rich Salz 提交于
Run perltidy on util/mkerr Change some mkerr flags, write some doc comments Make generated tables "const" when genearting lib-internal ones. Add "state" file for mkerr Renerate error tables and headers Rationalize declaration of ERR_load_XXX_strings Fix out-of-tree build Add -static; sort flags/vars for options. Also tweak code output Moved engines/afalg to engines (from master) Use -static flag Standard engine #include's of errors Don't linewrap err string tables unless necessary Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3392)
-
- 02 6月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Report if any non-public items are documented. Add util/private.num that lists items that aren't in the public (lib*.num) files that we do want to document. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3603)
-
- 01 6月, 2017 1 次提交
-
-
由 Richard Levitte 提交于
This can be used by engines that need to retain the data for a longer time than just the call where this user data is passed. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3575)
-
- 31 5月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
In a recent PR (#3566) it seems that TLSProxy gave up trying to connect to the server process too quickly. This meant the test failed even though the server *did* eventually start. Currently we try 3 times to connect with a 0.1 second pause between each attempt. That is probably too aggressive. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3587)
-
- 30 5月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Require a comma between every name and a single space before the dash Reviewed-by: NKurt Roeckx <kurt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3559)
-
- 27 5月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
Issue #3562 describes a problem where a race condition can occur in the Proxy such that a test "ok" line can appear in the middle of other text causing the test harness to miss it. The issue is that we do not wait for the client process to finish after the test is complete, so that process may continue to write data to stdout/stderr at the same time that the test harness does. This commit fixes TLSProxy so that we always wait for the client process to finish before continuing. Fixes #3562 Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3567)
-
- 11 5月, 2017 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3409)
-
- 10 5月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
Verify that we fail if we receive an HRR but no change will result in ClientHello2. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3414)
-
- 09 5月, 2017 2 次提交
-
-
由 Benjamin Kaduk 提交于
Split the PEM_bytes_read_bio() implementation out into a pem_bytes_read_bio_flags() helper, to allow it to pass PEM_FLAG_SECURE as needed. Adjust the cleanup to properly use OPENSSL_secure_free() when needed, and reimplement PEM_bytes_read() as a wrapper around the _flags helper. Add documentation for PEM_bytes_read_bio() and the new secmem variant. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1700)
-
由 Benjamin Kaduk 提交于
The extended function includes a 'flags' argument to allow callers to specify different requested behaviors. In particular, callers can request that temporary storage buffers are allocated from the secure heap, which could be relevant when loading private key material. Refactor PEM_read_bio to use BIO_mems instead of BUFs directly, use some helper routines to reduce the overall function length, and make some of the checks more reasonable. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1700)
-
- 04 5月, 2017 2 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3368)
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3368)
-