- 19 4月, 2018 3 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5975)
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5975)
-
由 Rahul Chaudhry 提交于
Branch to global symbol results in reference to PLT, and when compiling for THUMB-2 - in a R_ARM_THM_JUMP19 relocation. Some linkers don't support this relocation (ld.gold), while others can end up truncating the relocation to fit (ld.bfd). Convert this branch through PLT into a direct branch that the assembler can resolve locally. See https://github.com/android-ndk/ndk/issues/337 for background. The current workaround is to disable poly1305 optimization assembly, which is not optimal and can be reverted after this patch: https://github.com/freedesktop/gstreamer-cerbero/commit/beab607d2b1ff23c41b7e01aa9c64be5e247d1e6 CLA: trivial Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5949)
-
- 18 4月, 2018 11 次提交
-
-
由 FdaSilvaYY 提交于
fix some indents, and restrict to 80 cols some lines. Reviewed-by: NBen Kaduk <kaduk@mit.edu> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4466)
-
由 Matt Caswell 提交于
Explicitly state which digests can be used with which algorithms. Fixes #5854 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5992)
-
由 Peter Wu 提交于
Client can only send early data if the PSK allows for it, the max_early_data_size field can only be configured for the server side. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5702)
-
由 Peter Wu 提交于
This will be necessary to enable Wireshark to decrypt QUIC 0-RTT data. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5702)
-
由 Peter Wu 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5702)
-
由 Peter Wu 提交于
NSS 3.34 and boringssl have support for "EXPORTER_SECRET" (https://bugzilla.mozilla.org/show_bug.cgi?id=1287711) which is needed for QUIC 1-RTT decryption support in Wireshark. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5702)
-
由 Davide Galassi 提交于
Old code replaced in favor of a clearer implementation. Performances are not penalized. Updated the copyright end date to 2018. Reviewed-by: NDavid Benjamin <davidben@google.com> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5963)
-
由 Matt Caswell 提交于
Found by Coverity. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5970)
-
由 Matt Caswell 提交于
Fixes #5934 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5983)
-
由 Matt Caswell 提交于
The SSL_set_bio() tests only did standalone testing without being in the context of an actual connection. We extend this to do additional tests following a successful or failed connection attempt. This would have caught the issue fixed in the previous commit. Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5966)
-
由 Matt Caswell 提交于
If SSL_set_bio() is called with a NULL wbio after a failed connection then this can trigger an assertion failure. This should be valid behaviour and the assertion is in fact invalid and can simply be removed. Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5966)
-
- 17 4月, 2018 16 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5987)
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5874)
-
由 Matt Caswell 提交于
Make sure the info callback gets called in all the places we expect it to. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5874)
-
由 Matt Caswell 提交于
The first session ticket sent by the server is actually tacked onto the end of the first handshake from a state machine perspective. However in reality this is a post-handshake message, and should be preceeded by a handshake start event from an info callback perspective. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5874)
-
由 Matt Caswell 提交于
Fixes #5721 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5874)
-
由 Matt Caswell 提交于
We cannot provide a certificate status on a resumption so we should ignore this extension in that case. Fixes #1662 Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/5896)
-
由 Dr. Matthias St. Pierre 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5977)
-
由 Dr. Matthias St. Pierre 提交于
Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/5977)
-
由 Dr. Matthias St. Pierre 提交于
- drbg_lib.c: Silence coverity warning: the comment preceding the RAND_DRBG_instantiate() call explicitely states that the error is ignored and explains the reason why. - drbgtest: Add checks for the return values of RAND_bytes() and RAND_priv_bytes() to run_multi_thread_test(). Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5976)
-
由 Andy Polyakov 提交于
For formal backward compatibility print original "ACCEPT" message for fixed port and "ACCEPT host:port" for dynamically allocated. Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5956)
-
由 Bernd Edlinger 提交于
./config no-autoload-config Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5959)
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5990)
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5989)
-
由 Dr. Matthias St. Pierre 提交于
Fixes #5961 This reverts commit 3c5a61dd. The macros OPENSSL_MAKE_VERSION() and OPENSSL_VERSION_AT_LEAST() contain errors and don't work as designed. Apart from that, their introduction should be held back until a decision has been mad about the future versioning scheme. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5968)
-
- 16 4月, 2018 3 次提交
-
-
由 Bernd Edlinger 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5958)
-
由 Bernd Edlinger 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5958)
-
由 Matt Caswell 提交于
RSA key generation: ensure BN_mod_inverse and BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set. Based on an original patch by Billy Brumley CVE-2018-0737 Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 15 4月, 2018 4 次提交
-
-
由 Bernd Edlinger 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5951)
-
由 Bernd Edlinger 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5951)
-
由 Andy Polyakov 提交于
Original condition was susceptible to race condition... Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5933)
-
由 Andy Polyakov 提交于
Bind even test/ssltest_old.c to loopback interface. This allows to avoid unnecessary alerts from Windows and Mac OS X firewalls. Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5933)
-
- 14 4月, 2018 3 次提交
-
-
由 Matthias Kraft 提交于
The ongoing discussion about casting or not in PR #5626 had me compiling again with above mentioned flags. Indeed the compiler had to say something about it and I did these changes to silence it again. Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5943)
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5948)
-
由 Dr. Matthias St. Pierre 提交于
Fixes #5849 In pull request #5503 a fallback was added which adds a random nonce of security_strength/2 bits if no nonce callback is provided. This change raised the entropy requirements form 256 to 384 bit, which can cause problems on some platforms (e.g. VMS, see issue #5849). The requirements for the nonce are given in section 8.6.7 of NIST SP 800-90Ar1: A nonce may be required in the construction of a seed during instantiation in order to provide a security cushion to block certain attacks. The nonce shall be either: a) A value with at least (security_strength/2) bits of entropy, or b) A value that is expected to repeat no more often than a (security_strength/2)-bit random string would be expected to repeat. Each nonce shall be unique to the cryptographic module in which instantiation is performed, but need not be secret. When used, the nonce shall be considered to be a critical security parameter. This commit implements a nonce of type b) in order to lower the entropy requirements during instantiation back to 256 bits. The formulation "shall be unique to the cryptographic module" above implies that the nonce needs to be unique among (with high probability) among all DRBG instances in "space" and "time". We try to achieve this goal by creating a nonce of the following form nonce = app-specific-data || high-resolution-utc-timestamp || counter Where || denotes concatenation. The application specific data can be something like the process or group id of the application. A utc timestamp is used because it increases monotonically, provided the system time is synchronized. This approach may not be perfect yet for a FIPS evaluation, but it should be good enough for the moment. This commit also harmonizes the implementation of the get_nonce() and the get_additional_data() callbacks and moves the platform specific parts from rand_lib.c into rand_unix.c, rand_win.c, and rand_vms.c. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5920)
-