- 10 11月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
if we have a malloc |x = OPENSSL_malloc(...)| sometimes we check |x| for NULL and sometimes we treat it as a boolean |if(!x) ...|. Standardise the approach in libssl. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 09 11月, 2015 2 次提交
-
-
由 Matt Caswell 提交于
The SSL object was being deref'd and then there was a later redundant check to see if it is NULL. We assume all SSL_foo functions pass a non NULL SSL object and do not check it. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Richard Levitte 提交于
./Configure [target] --strict-warnings -Wno-pedantic-ms-format would not add '-pedantic' because it matches '-Wno-pedantic-ms-format', which was added first. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 08 11月, 2015 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 06 11月, 2015 3 次提交
-
-
由 Matt Caswell 提交于
The SCTP code is not compiled by default. This fixes some compilation problems in that code. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
We were setting |s->renegotiate| and |s->new_session| to 0 twice in tls_finish_handshake. This is redundant so now we just do it once! Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
由 Matt Caswell 提交于
We finish the handshake when we move into the TLS_ST_OK state. At various points we were also unnecessarily finishing it when we were reading/writing the Finished message. It's much simpler just to do it in TLS_ST_OK, so remove the other calls. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 05 11月, 2015 4 次提交
-
-
由 Dr. Stephen Henson 提交于
Rebuild error source files: the new mkerr.pl functionality will now pick up and translate static function names properly. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Dr. Stephen Henson 提交于
In mkerr.pl read parse functions names in C source files and use them for translation and sanity checks. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
The various dtls1_get*_methods did not handle the DTLS_ANY_VERSION case, so this needed to be added. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 04 11月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
EVP_SignInit_ex was missing from the NAME section of its man page so typing "man EVP_SignInit_ex" failed to load the page. Reviewed-by: NStephen Henson <steve@openssl.org>
-
- 03 11月, 2015 8 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Richard Levitte 提交于
The actual implementation has the state of the connection being controlled with the peer parameter, non-NULL meaning connected and NULL meaning connected. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Richard Levitte 提交于
No dummy arguments. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Richard Levitte 提交于
BIO_int_ctrl isn't made for the purpose BIO_get_conn_int_port used it for. This also changes BIO_C_GET_CONNECT to actually return the port instead of assigning it to a pointer that was never returned back to the caller. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 02 11月, 2015 5 次提交
-
-
由 Matt Caswell 提交于
Clarify that git format-patch output is preferred for creating patch files. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
A buggy application that call SSL_write with a different length after a NBIO event could cause an OPENSSL_assert to be reached. The assert is not actually necessary because there was an explicit check a little further down that would catch this scenario. Therefore remove the assert an move the check a little higher up. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
An OPENSSL_assert was being used which could fail (e.g. on a malloc failure). Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
This OPENSSL_assert in (d)tls1_hearbeat is trivially always going to be true because it is testing the sum of values that have been set as constants just a few lines above and nothing has changed them. Therefore remove this. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Soheil Rashidi 提交于
Signed-off-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 01 11月, 2015 3 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
由 Rich Salz 提交于
Close GH Issue 69 Close GH PR 457 Some other updates By Rich Salz, Alessandro Ghedini, Steve Marquess, Collin Anderson Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
由 Rich Salz 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 31 10月, 2015 1 次提交
-
-
由 Rich Salz 提交于
All instances of SSLeay (any combination of case) were replaced with the case-equivalent OpenSSL. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 30 10月, 2015 10 次提交
-
-
由 Matt Caswell 提交于
There were a few remaining references to SSLv2 support which are no longer relevant now that it has been removed. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
There was a discrepancy between what ciphersuites we allowed to send a CertificateRequest, and what ciphersuites we allowed to receive one. So add PSK and SRP to the disallowed ones. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Some functions were marked as inline in statem_srvr.c where they probably didn't need to be, so remove it. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
|tls_process_finished| was checking that |peer_finish_md_len| was non-negative. However neither |tls1_final_finish_mac| or |ssl3_final_finish_mac| can ever return a negative value, so the check is superfluous. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Due the rest of the state machine changes it makes sense to change the SSL_state_string return strings from 3* to T*. They are not SSL3 specific Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
There was a few uses of snprintf in the DTLS SCTP code which made more sense to be a memcpy. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Add the ossl_statem prefix to various funtions to avoid name clashes. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Various enums were introduced as part of the state machine rewrite. As a matter of style it is preferred for these to be typedefs. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
The function dtls1_link_min_mtu() was only used within d1_lib.c so make it static. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Clang with --strict-warnings was complaining about an uninitalised variable. In reality it will never be used uninitialised but clang can't figure out the logic, so just init it anyway to silence the warning. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-