- 25 8月, 2017 1 次提交
-
-
由 Richard Levitte 提交于
This is a vestige from pre-1.1.0 OpenSSL Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4256)
-
- 22 8月, 2017 2 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4217)
-
由 Pauli 提交于
return true for characters > 127. I.e. they are allowing extended ASCII characters through which then cause problems. E.g. marking superscript '2' as a number then causes the common (ch - '0') conversion to number to fail miserably. Likewise letters with diacritical marks can also cause problems. If a non-ASCII character set is being used (currently only EBCDIC), it is adjusted for. The implementation uses a single table with a bit for each of the defined classes. These functions accept an int argument and fail for values out of range or for characters outside of the ASCII set. They will work for both signed and unsigned character inputs. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4102)
-
- 21 8月, 2017 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3740)
-
由 Matt Caswell 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3740)
-
- 08 8月, 2017 1 次提交
-
-
由 Bernd Edlinger 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4111)
-
- 07 7月, 2017 1 次提交
-
-
由 Pauli 提交于
Bounds checking strpy, strcat and sprintf. These are the remaining easy ones to cover a recently removed commit. Some are trivial, some have been modified and a couple left as they are because the reverted change didn't bounds check properly. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3871)
-
- 05 7月, 2017 1 次提交
-
-
由 Rich Salz 提交于
[extended tests] Original text: Use BUF_strlcpy() instead of strcpy(). Use BUF_strlcat() instead of strcat(). Use BIO_snprintf() instead of sprintf(). In some cases, keep better track of buffer lengths. This is part of a large change submitted by Markus Friedl <markus@openbsd.org> Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/3701)
-
- 21 6月, 2017 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3585)
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3585)
-
- 11 6月, 2017 1 次提交
-
-
由 Rich Salz 提交于
CLA: trivial Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3627)
-
- 08 6月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Run perltidy on util/mkerr Change some mkerr flags, write some doc comments Make generated tables "const" when genearting lib-internal ones. Add "state" file for mkerr Renerate error tables and headers Rationalize declaration of ERR_load_XXX_strings Fix out-of-tree build Add -static; sort flags/vars for options. Also tweak code output Moved engines/afalg to engines (from master) Use -static flag Standard engine #include's of errors Don't linewrap err string tables unless necessary Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3392)
-
- 26 4月, 2017 3 次提交
-
-
由 Dr. Stephen Henson 提交于
Make signature security level checking more flexible by using X509_get_signaure_info(): some signature methods (e.g. PSS, ED25519) do not indicate the signing digest (if any) in the signature OID. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3301)
-
由 Dr. Stephen Henson 提交于
Many signature types define the digest and public key type by a single OID such as ecdsa_with_sha256. Some types (RSA-PSS for example) use a single OID to indicate the signature scheme and additional parameters are encoded in the AlgorithmIdentifier. Add an X509_SIG_INFO structure to contain details about the signature type: specifically the digest algorithm, public key algorithm, security bits and various flags. This supports both existing algorithms and more complex types. Add accessors for the structure and a special case that retrieves signature information from a certificate. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3301)
-
由 Dmitry Belyavskiy 提交于
The CA names should be printed according to user's decision print_name instead of set of BIO_printf dump_cert_text instead of set of BIO_printf Testing cyrillic output of X509_CRL_print_ex Write and use X509_CRL_print_ex Reduce usage of X509_NAME_online Using X509_REQ_print_ex instead of X509_REQ_print Fix nameopt processing. Make dump_cert_text nameopt-friendly Move nameopt getter/setter to apps/apps.c Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3262)
-
- 21 4月, 2017 1 次提交
-
-
由 Rich Salz 提交于
X509_STORE_add_cert and X509_STORE_add_crl are changed to return success if the object to be added was already found in the store, rather than returning an error. Raise errors if empty or malformed files are read when loading certificates and CRLs. Remove NULL checks and allow a segv to occur. Add error handing for all calls to X509_STORE_add_c{ert|tl} Refactor these two routines into one. Bring the unit test for duplicate certificates up to date using the test framework. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2830)
-
- 13 4月, 2017 1 次提交
-
-
由 Todd Short 提交于
RT3877: Add X509 OCSP error codes and messages Add additional OCSP error codes for X509 verify usage RT3867: Support Multiple CA certs in ocsp app Add the ability to read multiple CA certs from a single file in the ocsp app. Update some missing X509 errors in documentation. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/941)
-
- 21 3月, 2017 1 次提交
-
-
由 David Benjamin 提交于
These two functions do the same thing. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3001)
-
- 25 2月, 2017 1 次提交
-
-
由 Emilia Kasper 提交于
- Reject fractional seconds - Reject offsets - Check that the date/time digits are in valid range. - Add documentation for X509_cmp_time GH issue 2620 Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 24 2月, 2017 1 次提交
-
-
由 Bernd Edlinger 提交于
Avoid a -Wundef warning in refcount.h Avoid a -Wundef warning in o_str.c Avoid a -Wundef warning in testutil.h Include internal/cryptlib.h before openssl/stack.h to avoid use of undefined symbol OPENSSL_API_COMPAT. Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2712)
-
- 04 2月, 2017 1 次提交
-
-
由 Bernd Edlinger 提交于
Fixed a memory leak in ASN1_digest and ASN1_item_digest. Reworked error handling in asn1_item_embed_new. Fixed error handling in int_ctx_new and EVP_PKEY_CTX_dup. Fixed a memory leak in CRYPTO_free_ex_data. Reworked error handing in x509_name_ex_d2i, x509_name_encode and x509_name_canon. Check for null pointer in tls_process_cert_verify. Fixes #2103 #2104 #2105 #2109 #2111 #2115 Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2342)
-
- 29 1月, 2017 1 次提交
-
-
由 Richard Levitte 提交于
X509_CRL_digest() didn't check if the precomputed sha1 hash was actually present. This also makes sure there's an appropriate flag to check. Reviewed-by: NKurt Roeckx <kurt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2314)
-
- 25 1月, 2017 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1618)
-
- 16 1月, 2017 3 次提交
-
-
由 Kurt Roeckx 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> GH: #2234
-
由 Kurt Roeckx 提交于
Found by oss-fuzz Reviewed-by: NAndy Polyakov <appro@openssl.org> GH: #2231
-
由 Kurt Roeckx 提交于
Found by afl Reviewed-by: NAndy Polyakov <appro@openssl.org> GH: #2230
-
- 13 1月, 2017 2 次提交
-
-
由 Richard Levitte 提交于
The use of EXFLAG_SET requires the inclusion of openssl/x509v3.h. openssl/ocsp.h does that, except when OCSP is disabled. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2227)
-
由 Rich Salz 提交于
Also, if want SHA1 then use the pre-computed value if there. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2223)
-
- 12 1月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2208)
-
- 11 1月, 2017 1 次提交
-
-
由 Kurt Roeckx 提交于
Found by tis-interpreter Reviewed-by: NRich Salz <rsalz@openssl.org> GH: #1754
-
- 15 12月, 2016 1 次提交
-
-
由 Rich Salz 提交于
More importantly, port CRL test from boringSSL crypto/x509/x509_test.cc Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1775)
-
- 14 12月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2079)
-
- 03 12月, 2016 1 次提交
-
-
由 Viktor Dukhovni 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 18 11月, 2016 1 次提交
-
-
由 Kurt Roeckx 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> GH: #1500
-
- 09 11月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Split x509_verify_param_zero code to the right place Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 08 11月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
and fix documentation. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1634)
-
- 12 10月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
The original X509_NAME decode free code was buggy: this could result in double free or leaks if a malloc failure occurred. Simplify and fix the logic. Thanks to Guido Vranken for reporting this issue. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1691)
-
- 22 9月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Change code so when switching on an enumeration, have case's for all enumeration values. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 21 9月, 2016 1 次提交
-
-
由 Rich Salz 提交于
This reverts commit 81f9ce1e. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 18 9月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1594)
-