- 21 11月, 2015 10 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
A new -async option is added which activates SSL_MODE_ASYNC. Also SSL_WANT_ASYNC errors are handled appropriately. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
The following entry points have been made async aware: SSL_accept SSL_read SSL_write Also added is a new mode - SSL_MODE_ASYNC. Calling the above functions with the async mode enabled will initiate a new async job. If an async pause is encountered whilst executing the job (such as for example if using SHA1/RSA with the Dummy Async engine), then the above functions return with SSL_WANT_ASYNC. Calling the functions again (with exactly the same args as per non-blocking IO), will resume the job where it left off. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
This engine is for developers of async aware applications. It simulates asynchronous activity with external hardware. This initial version supports SHA1 and RSA. Certain operations using those algorithms have async job "pauses" in them - using the new libcrypto async capability. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
Provides support for running asynchronous jobs. Currently this is completely stand alone. Future commits will integrate this into libssl and s_server/ s_client. An asynchronous capable engine will be required to see any benefit from this capability. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
The forthcoming async code needs to use pthread thread local variables. This updates the various Configurations to add the necessary flags. In many cases this is an educated guess as I don't have access to most of these environments! There is likely to be some tweaking needed. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
由 Matt Caswell 提交于
The al variable could be uninitialised in an error path. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Kurt Roeckx 提交于
Reviewed-by: NRich Salz <rsalz@akamai.com> RT #4100, MR #1264
-
由 Pascal Cuoq 提交于
Signed-off-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NRich Salz <rsalz@akamai.com> RT #4100, MR #1264
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 20 11月, 2015 3 次提交
-
-
由 Matt Caswell 提交于
There are lots of calls to EVP functions from within libssl There were various places where we should probably check the return value but don't. This adds these checks. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Use SHA256 for TSA and setted permitted digests to a sensible value. Based on PR#4141 Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Based on PR#2145 Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 19 11月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
PR#4141 Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 18 11月, 2015 3 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
Final part of flushing out SSLEay API's. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 17 11月, 2015 4 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Matt Caswell 提交于
We use the sysconf function to provide details about the page size in the secure memory code. This function can return -1 on error so we should check for this before proceeding. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
由 Matt Caswell 提交于
A call to X509_verify_cert() is used to build a chain of certs for the server to send back to the client. It isn't *actually* used for verifying the cert at all - just building the chain. Therefore the return value is ignored. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
由 Matt Caswell 提交于
The |passwd| variable in the code can be NULL if it goes to the err label. Therefore we cannot call strlen on it without first checking that it is non NULL. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 16 11月, 2015 4 次提交
-
-
由 Andy Polyakov 提交于
The problem remained unnoticed so far, because it's never called by default. You have to craft OPENSSL_ppccap environment variable to trigger the problem. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
由 Andy Polyakov 提交于
bn/asm/s390x.S: improve performance on z196 and z13 by up to 26%. [even z10 is couple percent faster]. Triggered by RT#4128, but solves the problem by real modulo-scheduling. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
It was also found that stich performs suboptimally on AMD Jaguar, hence execution is limited to XOP-capable and Intel processors. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 15 11月, 2015 1 次提交
-
-
由 Viktor Dukhovni 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 14 11月, 2015 12 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Dr. Stephen Henson 提交于
Print certificate details using accessor functions. Since X509_CERT_AUX_print is only used in one place and can't be used by applications (it uses an internal X509_CERT_AUX structure) this has been removed and replaced by a function X509_aux_print which takes an X509 pointer instead. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
This adds a TLSv1.0 cipher alias for ciphersuites requiring at least TLSv1.0: currently only PSK ciphersuites using SHA256 or SHA384 MAC (SSLv3 only supports SHA1 and MD5 MAC). Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
This disables some ciphersuites which aren't supported in SSL v3: specifically PSK ciphersuites which use SHA256 or SHA384 for the MAC. Thanks to the Open Crypto Audit Project for identifying this issue. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Nathan Phillip Brink 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Graeme Perrow 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> Signed-off-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 12 11月, 2015 1 次提交
-
-
由 Andy Polyakov 提交于
Triggered by RT#3989. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 11 11月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
The new function SSL_use_certificate_chain_file was always crashing in the internal function use_certificate_chain_file because it would pass a NULL value for SSL_CTX *, but use_certificate_chain_file would unconditionally try to dereference it. Reviewed-by: NStephen Henson <steve@openssl.org>
-