- 26 6月, 2016 2 次提交
-
-
由 Rich Salz 提交于
This reverts commit 82f31fe4. Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
由 Rich Salz 提交于
OBJ_nid2obj() and friends should be treated as const. Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
- 25 6月, 2016 10 次提交
-
-
由 David Benjamin 提交于
As of 37258dad and the corresponding upstream change, BN_mod_word may fail, like BN_div_word. Handle this properly. Thanks to Brian Smith for pointing this out. See BoringSSL's 44bedc348d9491e63c7ed1438db100a4b8a830be. Signed-off-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NRich Salz <rsalz@openssl.org> GH: #1251
-
由 David Benjamin 提交于
This function returns a tri-state -1 on error. See BoringSSL's 53409ee3d7595ed37da472bc73b010cd2c8a5ffd. Signed-off-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NRich Salz <rsalz@openssl.org> GH: #1251
-
由 Kurt Roeckx 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> GH: #1229
-
由 Kurt Roeckx 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> GH: #1229
-
由 Rich Salz 提交于
Don't print the full list of ciphers as part of the -help output. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
RT#4583 Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Nathaniel McCallum 提交于
Fixes openssl/openssl#1236 Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1237)
-
由 Kurt Roeckx 提交于
Found by afl Reviewed-by: NRich Salz <rsalz@openssl.org> MR: #3013
-
- 24 6月, 2016 7 次提交
-
-
由 Ben Laurie 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
aesni_cbc_hmac_sha256_ctrl() and aesni_cbc_hmac_sha1_ctrl() cleanse the HMAC key after use, but static int rc4_hmac_md5_ctrl() doesn't. Fixes an OCAP Audit issue. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Matt Caswell 提交于
This includes the newly added HMAC_CTX_get_md(). Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
As a result of opaque HMAC_CTX apps need a getter for the HMAC_CTX md. GitHub Issue #1152 Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
tag2nbyte had -1 at 18th position, but underlying ASN1_mbstring_copy supports NumericString. tag2nbyte is also used in do_print_ex which will not be broken by setting 1 at 18th position of tag2nbyte Reviewed-by: NStephen Henson <steve@openssl.org>
-
由 huangqinjin 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 huangqinjin 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 23 6月, 2016 11 次提交
-
-
with "make install -j8" it happens very often that two or more make instances are creating the same directory in parallel. As a result one instace creates the directory and second mkdir fails because the directory exists already (but it did not while testing for it earlier). Signed-off-by: NSebastian Andrzej Siewior <sebastian@breakpoint.cc> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1204)
-
由 Rich Salz 提交于
Code and tests by Steve. Reviewed-by: NDr. Stephen Henson <steve@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Viktor Dukhovni 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Kurt Roeckx 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> MR: #2986
-
由 FdaSilvaYY 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 FdaSilvaYY 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Richard Levitte 提交于
The previous fix contained a mistake, where any absolute path in %directories would be cleared away instead of just being left alone. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 22 6月, 2016 6 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1245)
-
由 mmiyashita 提交于
Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1243)
-
由 Kurt Roeckx 提交于
Found by tis-interpreter Reviewed-by: NRich Salz <rsalz@openssl.org> GH: #1230
-
由 David Benjamin 提交于
Using RSA_PKCS1_PADDING with RSA_private_decrypt is inherently unsafe. The API requires writing output on success and touching the error queue on error. Thus, although the padding check itself is constant-time as of 294d1e36, and the logic after the decryption in the SSL code is constant-time as of adb46dbc, the API boundary in the middle still leaks whether the padding check succeeded, giving us our much-loved Bleichenbacher padding oracle. Instead, PKCS#1 padding must be handled by the caller which uses RSA_NO_PADDING, in timing-sensitive code integrated with the Bleichenbacher mitigation. Removing PKCS#1 padding in constant time is actually much simpler when the expected length is a constant (and if it's not a constant, avoiding a padding oracle seems unlikely), so just do it inline. Signed-off-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NRich Salz <rsalz@openssl.org> GH: #1222
-
由 Kurt Roeckx 提交于
It wrote before the start of the string found by afl Reviewed-by: NRichard Levitte <levitte@openssl.org> MR: #2994
-
由 Petr Vaněk 提交于
Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1241)
-
- 21 6月, 2016 4 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Richard Levitte 提交于
We recalculate the location of the directories we keep track of. However, we did so after having moved to the new directory already, so the data we did the calculations from were possibly not quite correct. This change moves the calculations to happen before moving to the new directory. This issue is sporadic, and possibly dependent on the platform. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Rich Salz 提交于
Add missing entries to NAME section Add SYNOPSIS lines, remove old NAME entries Update find-doc-nits; better regexp's for parsing SYNOPSIS sections. Rename a couple of files to have an API name. Remove RSA_private_decrypt; it was duplicate content Update for recent doc additions Reviewed-by: NMatt Caswell <matt@openssl.org>
-