- 18 11月, 2016 2 次提交
-
-
由 Kurt Roeckx 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> GH: #1500
-
由 Andy Polyakov 提交于
In non-__KERNEL__ context 32-bit-style __ARMEB__/__ARMEL__ macros were set in arm_arch.h, which is shared between 32- and 64-bit builds. Since it's not included in __KERNEL__ case, we have to adhere to official 64-bit pre-defines, __AARCH64EB__/__AARCH64EL__. [If we are to share more code, it would need similar adjustment.] Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 17 11月, 2016 3 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 FdaSilvaYY 提交于
Both strdup or malloc failure should raise à err. Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1905)
-
由 FdaSilvaYY 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1905)
-
- 16 11月, 2016 11 次提交
-
-
由 Rob Percival 提交于
This reflects its position in include/openssl/ct.h. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1548)
-
由 Rob Percival 提交于
Otherwise, |dec| gets moved past the end of the signature by o2i_SCT_signature and then can't be correctly freed afterwards. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1548)
-
由 Rob Percival 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1548)
-
由 Rich Salz 提交于
Factorise multiple bn_get_top(group->field) calls Add missing checks on some conditional BN_copy return value Add missing checks on some BN_copy return value Add missing checks on a few bn_wexpand return value Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1626)
-
由 Rob Percival 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1554)
-
由 Rob Percival 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1554)
-
由 Rob Percival 提交于
As requested in https://github.com/openssl/openssl/pull/1554#issuecomment-246371575. Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1554)
-
由 Rob Percival 提交于
See https://github.com/openssl/openssl/pull/1554#issuecomment-246354677. Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1554)
-
由 Rob Percival 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1554)
-
由 Rob Percival 提交于
Do not call the time "current", as a different time can be provided. For example, a time slightly in the future, to provide tolerance for CT logs with a clock that is running fast. Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1554)
-
由 Rob Percival 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1554)
-
- 15 11月, 2016 3 次提交
-
-
由 Dr. Stephen Henson 提交于
Simplify PKCS#12 PBE algorithm by working out Ij + B + 1 directly instead of using BIGNUMs. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1922)
-
由 Richard Levitte 提交于
Under certain circumstances, the libcrypto init code would loop, causing a deadlock. This would typically happen if something in ossl_init_base() caused an OpenSSL error, and the error stack routines would recurse into the init code before the flag that ossl_init_base() had been run was checked. This change makes sure ossl_init_base isn't run once more of the base is initiated. Thanks to Dmitry Kostjuchenko for the idea. Fixes Github issue #1899 Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1922)
-
- 14 11月, 2016 3 次提交
-
-
prio openssl 1.1.0 seed_len < q was accepted and the seed argument was then ignored. Now DSA_generate_parameters_ex() returns an error in such a case but no error string. Signed-off-by: NSebastian Andrzej Siewior <sebastian@breakpoint.cc> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1657)
-
由 Matt Caswell 提交于
This reverts commit 349d1cfd. The proposed fix is incorrect. It marks the "run_once" code as having finished before it has. The intended semantics of run_once is that no threads should proceed until the code has run exactly once. With this change the "second" thread will think the run_once code has already been run and will continue, even though it is still in progress. This could result in a crash or other incorrect behaviour. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 DK 提交于
Fixed deadlock in CRYPTO_THREAD_run_once() if call to init() is causing a recursive call to CRYPTO_THREAD_run_once() again that is causing a hot deadloop inside do { } while (result == ONCE_ININIT); section. CLA: trivial Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1913)
-
- 12 11月, 2016 1 次提交
-
-
由 Kurt Roeckx 提交于
llvm's ubsan reported: runtime error: negation of -9223372036854775808 cannot be represented in type 'int64_t' (aka 'long'); cast to an unsigned type to negate this value to itself Found using libfuzzer Reviewed-by: NRich Salz <rsalz@openssl.org> GH: #1908
-
- 11 11月, 2016 5 次提交
-
-
由 Andy Polyakov 提交于
This provides up to 30% better performance on some of recent processors. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
In order to minimize dependency on assembler version a number of post-SSE2 instructions are encoded manually. But in order to simplify the procedure only register operands are considered. Non-register operands are passed down to assembler. Module in question uses pshufb with memory operands, and old [GNU] assembler can't handle it. Fortunately in this case it's possible skip just the problematic segment without skipping SSSE3 support altogether. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
When configured no-dso, there are no DSO_{whatever} macros defined. Therefore, before checking those, you have to check if OPENSSL_NO_DSO is defined. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1902)
-
- 10 11月, 2016 5 次提交
-
-
由 Richard Levitte 提交于
Now that we can link specifically with static libraries, the immediate need to split ppccap.c (and eventually other *cap.c files) is no more. This reverts commit e3fb4d3d. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
Don't set choice selector on parse failure: this can pass unexpected values to the choice callback. Instead free up partial structure directly. CVE-2016-7053 Thanks to Tyler Nighswander of ForAllSecure for reporting this issue. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Richard Levitte 提交于
The offset to the memory to clear was incorrect, causing a heap buffer overflow. CVE-2016-7054 Thanks to Robert Święcki for reporting this Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Some of stone-age assembler can't cope with r0 in address. It's actually sensible thing to do, because r0 is shunted to 0 in address arithmetic and by refusing r0 assembler effectively makes you understand that. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 09 11月, 2016 6 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
At the moment you can only do an HKDF Extract and Expand in one go. For TLS1.3 we need to be able to do an Extract first, and the subsequently do a number of Expand steps on the same PRK. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 FdaSilvaYY 提交于
Split x509_verify_param_zero code to the right place Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Richard Levitte 提交于
Having that code in one central object file turned out to cause trouble when building test/modes_internal_test. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1883)
-
由 FdaSilvaYY 提交于
BN_RECP_CTX_new direclty use bn_init to avoid twice memset calls Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1879)
-
由 Rich Salz 提交于
Thanks to Falko Strenzke for bringing this to our attention. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1882)
-
- 08 11月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-