- 04 9月, 2015 3 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 David Bar 提交于
Also has changes from from David Woodhouse <David.Woodhouse@intel.com> and some tweaks from me. Signed-off-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Dr. Stephen Henson 提交于
Add test to check PBE lookups: these can fail if the PBE table is not correctly orders. Add to "make test". Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 03 9月, 2015 4 次提交
-
-
由 Rich Salz 提交于
It's test code that only runs on 64bit time_t machines. Move it to a standalone test/gmdifftest Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
There are many places (nearly 50) where we malloc and then memset. Add an OPENSSL_zalloc routine to encapsulate that. (Missed one conversion; thanks Richard) Also fixes GH328 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 02 9月, 2015 4 次提交
-
-
由 Viktor Dukhovni 提交于
Avoid using cnid = 0, use NID_undef instead, and return early instead of trying to find an instance of that in the subject DN. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Viktor Dukhovni 提交于
Initialize pointers in param id by the book (explicit NULL assignment, rather than just memset 0). In x509_verify_param_zero() set peername to NULL after freeing it. In x509_vfy.c's internal check_hosts(), avoid potential leak of possibly already non-NULL peername. This is only set when a check succeeds, so don't need to do this repeatedly in the loop. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Emilia Kasper 提交于
The NULL cipher case can't actually happen because we have no EVP_PBE_CTL combinations where cipher_nid is -1 and keygen is PKCS12_PBE_keyivgen. But make the code more obviously correct. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 01 9月, 2015 8 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 mrpre 提交于
Slightly modified from the original PR. Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Ben Kaduk 提交于
Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
由 Emilia Kasper 提交于
Don't dereference |d| when |top| is zero. Also test that various BIGNUM methods behave correctly on zero/even inputs. Follow-up to b11980d79a52ec08844f08bea0e66c04b691840b Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 28 8月, 2015 3 次提交
-
-
由 Alessandro Ghedini 提交于
Fix more potential leaks in X509_verify_cert() Fix memory leak in ClientHello test Fix memory leak in gost2814789 test Fix potential memory leak in PKCS7_verify() Fix potential memory leaks in X509_add1_reject_object() Refactor to use "goto err" in cleanup. Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
由 Ismo Puustinen 提交于
If the seed value for dsa key generation is too short (< qsize), return an error. Also update the documentation. Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
由 Rich Salz 提交于
Fix from David Baggett via tweet. Signed-off-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 27 8月, 2015 1 次提交
-
-
由 David Brodski 提交于
Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 26 8月, 2015 2 次提交
-
-
由 Rich Salz 提交于
Undocumented, unused, unnecessary (replaced by secure arena). Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
If a binary sequence is all zero's, call BN_zero. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 24 8月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NBen Laurie <ben@openssl.org>
-
- 17 8月, 2015 1 次提交
-
-
由 Dmitry Belyavsky 提交于
Add new OIDs for latest GOST updates Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 14 8月, 2015 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Ismo Puustinen 提交于
Part of RT 3997 Per Ben, just jump to common exit code. Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 12 8月, 2015 5 次提交
-
-
由 Dr. Stephen Henson 提交于
PR#3974 PR#3975 Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Rich Salz 提交于
This was obsolete in 2001. This is not the same as Gost94 digest. Thanks to Dmitry Belyavsky <beldmit@gmail.com> for review and advice. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Matt Caswell 提交于
The function BN_MONT_CTX_set was assuming that the modulus was non-zero and therefore that |mod->top| > 0. In an error situation that may not be the case and could cause a seg fault. This is a follow on from CVE-2015-1794. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 11 8月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Especially since after the #ifdef cleanups this is not useful. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 06 8月, 2015 1 次提交
-
-
由 Anton Blanchard 提交于
Signed-off-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 04 8月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
EC_KEY_set_public_key_affine_coordinates was using some variables that only apply if OPENSSL_NO_EC2M is not defined. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 01 8月, 2015 2 次提交
-
-
由 Ben Laurie 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Loganaden Velvindron 提交于
From a CloudFlare patch. Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
- 30 7月, 2015 1 次提交
-
-
由 Martin Vejnar 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-