- 17 5月, 2016 15 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Due to short-circuiting we only need to check "cipher" for NULL once. PR#699 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Steffan Karger 提交于
CLA: none; trivial Signed-off-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NRich Salz <rsalz@openssl.org> GH: #1070
-
由 Kurt Roeckx 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> MR: #2153
-
由 TJ Saunders 提交于
This involves providing more session ticket key data, for both the cipher and the digest Signed-off-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NMatt Caswell <matt@openssl.org> GH: #515, MR: #2153
-
由 TJ Saunders 提交于
Signed-off-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NMatt Caswell <matt@openssl.org> GH: #515, MR: #2153
-
由 Dr. Stephen Henson 提交于
RT#4215 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Richard Levitte 提交于
The given sizes to not include the final NUL character. RT#2622 Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Matt Caswell 提交于
Workaround an apparent IO:Socket::IP bug where a seemingly valid server socket is being returned even though a valid connection does not exist. This causes the tests to intermittently hang. We additionally check that the peerport looks ok to verify that the returned socket looks usable. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Viktor Dukhovni 提交于
Document thread-safe lock creation Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Richard Levitte 提交于
RT#2534 Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Richard Levitte 提交于
RT#2558 Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Richard Levitte 提交于
RT#2616 Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 16 5月, 2016 10 次提交
-
-
由 Cristian Stoica 提交于
Some setups use links inside .git directory and make clean should not remove them to avoid breaking git meta-information. Signed-off-by: NCristian Stoica <cristian.stoica@nxp.com> CLA: none; trivial Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1078)
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1063)
-
由 Alessandro Ghedini 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Alessandro Ghedini 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Matt Caswell 提交于
The previous commit added SSL_CTX_set_tlsext_status_type(). This one adds some documentation for it. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 jfigus 提交于
To allow OCSP stapling to work with libcurl. Github PR #200 Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Kazuki Yamaguchi 提交于
Since 50932c4a "PACKETise ServerHello processing", ssl_next_proto_validate() incorrectly allows empty protocol name. draft-agl-tls-nextprotoneg-04[1] says "Implementations MUST ensure that the empty string is not included and that no byte strings are truncated." This patch restores the old correct behavior. [1] https://tools.ietf.org/html/draft-agl-tls-nextprotoneg-04Reviewed-by: NEmilia Käsper <emilia@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 FdaSilvaYY 提交于
Add a status return value instead of void. Add some sanity checks on reference counter value. Update the docs. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Richard Levitte 提交于
- "/Ox /O2 /Ob2" get's reduced to "/O2", the reason being: /Ox = /Ob2 /Og /Oi /Ot /Oy /Gs /O2 = /Ob2 /Og /Oi /Ot /Oy /Gs /GF /Gy - apps/openssl.cnf gets installed. - always delete files quietly, as they might not be there. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1075)
-
由 FdaSilvaYY 提交于
Fix some missing OBJ_dup failure checks. Merged from https://boringssl.googlesource.com/boringssl/+/0ce78a757d815c0dde9ed5884229f3a5b2cb3e9c%5E! Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1057)
-
- 14 5月, 2016 4 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 FdaSilvaYY 提交于
Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1042)
-
由 Alessandro Ghedini 提交于
The current limit of 2^14 bytes is too low (e.g. RFC 5246 specifies the maximum size of just the extensions field to be 2^16-1), and may cause bogus failures. RT#4063 Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/413)
-
由 Kirill Marinushkin 提交于
Currently point to wrong address Signed-off-by: NKirill Marinushkin <k.marinushkin@gmail.com> Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 13 5月, 2016 11 次提交
-
-
由 Insu Yun 提交于
check source's kdf_ukm, not destination's use != NULL, instead of implicit checking don't free internal data structure like pkey_rsa_copy() Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Richard Levitte 提交于
In some cases, perl's glob() thinks it needs to return file names with generation numbers, such as when a file name pattern includes two periods. Constructing other file names by simple appending to file names with generation numbers isn't a good idea, so for the VMS case, just peal the generation numbers if they are there. Fortunately, this is easy, as the returned generation number delimiter will always be a semi-colon. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
If the server does not send a session ticket extension, it should not then send the NewSessionTicket message. If the server sends the session ticket extension, it MUST then send the NewSessionTicket message. Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
由 David Benjamin 提交于
Per RFC 4507, section 3.3: This message [NewSessionTicket] MUST be sent if the server included a SessionTicket extension in the ServerHello. This message MUST NOT be sent if the server did not include a SessionTicket extension in the ServerHello. The presence of the NewSessionTicket message should be determined entirely from the ServerHello without probing. RT#4389 Reviewed-by: NEmilia Käsper <emilia@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
RT#4471 Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
RT#4302 Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
由 Dr. Stephen Henson 提交于
Fix -signer option in smime utility to output signer certificates when verifying. Add support for format SMIME for -inform and -outform with cms and smime utilities. PR#4215 Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
* Configure: Replaced -DTERMIO by -DTERMIOS in CFLAGS. * crypto/bio/bss_dgram.c [WATT32]: Remove obsolete redefinition of function names: sock_write, sock_read and sock_puts. * crypto/bio/bss_sock.c [WATT32]: For Watt-32 2.2.11 sock_write, sock_read and sock_puts are redefined to their private names so their names must be undefined first before they can be redefined again. * crypto/bio/bss_file.c (file_fopen) [__DJGPP__]: Make a copy of the passed file name and replace the leading dots in the dirname part and the basname part of the file name, unless LFN is supported. * e_os.h [__DJGPP__]: Undefine macro DEVRANDOM_EGD. Neither MS-DOS nor FreeDOS provide 'egd' sockets. New macro HAS_LFN_SUPPORT checks if underlying file system supports long file names or not. Include sys/un.h. Define WATT32_NO_OLDIES. * INSTALL.DJGPP: Update URL of WATT-32 library. Submitted by Juan Manuel Guerrero <juan.guerrero@gmx.de> RT#4217 Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Richard Levitte 提交于
DJGPP is a 3rd party configuration, we rely entirely on the OpenSSL to help us fine tune and test. Therefore, it's moved to its own config. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Rich Salz 提交于
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-