- 08 10月, 2015 4 次提交
-
-
由 Pascal Cuoq 提交于
Signed-off-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NRich Salz <rsalz@openssl.org> MR #1231
-
由 Pascal Cuoq 提交于
Signed-off-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NRich Salz <rsalz@openssl.org> MR #1231
-
由 Pascal Cuoq 提交于
It returns -1 on error, not 0. Signed-off-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NRich Salz <rsalz@openssl.org> MR #1231
-
由 Pascal Cuoq 提交于
BN_with_flags() will read the dest->flags to keep the BN_FLG_MALLOCED but overwrites everything else. Signed-off-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NRich Salz <rsalz@openssl.org> MR #1231
-
- 07 10月, 2015 3 次提交
-
-
由 Matt Caswell 提交于
The function ssl_check_for_safari fingerprints the incoming extensions to see whether it is one of the broken versions of safari. However it was failing to reset the PACKET back to the same position it started in, hence causing some extensions to be skipped incorrectly. Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
由 Alessandro Ghedini 提交于
-Allow mingw debug builds to fail on Travis CI -Fix Travis email notifications config -Rename a variable to avoid a bogus warning with old GCC error: declaration of ``dup'' shadows a global declaration [-Werror=shadow] -Disable pedantic ms-format warnings with mingw -Properly define const DH parameters -Restore --debug flag in Travis CI builds; -d would get incorrectly passed to ./Configure in mingw debug builds. Signed-off-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Emilia Kasper 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 06 10月, 2015 8 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dmitry Belyavskiy 提交于
This change introduces short names and NIDs for Russian GOST ciphers according to GOST R 34.13-2015 Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Alessandro Ghedini 提交于
RT#4069 Reviewed-by: NEmilia Käsper <emilia@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Emilia Kasper 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Emilia Kasper 提交于
The user callback takes a non-const pointer, so don't pass PACKET data to it directly; rather, grab a local copy. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Emilia Kasper 提交于
Fix alerts. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Emilia Kasper 提交于
Move all packet parsing to the beginning of the method. This limits the SSLv2 compatibility soup to the parsing, and makes the rest of the processing uniform. This is also needed for simpler EMS support: EMS servers need to do an early scan for EMS to make resumption decisions. This'll be easier when the entire ClientHello is parsed in the beginning. As a side effect, 1) PACKETize ssl_get_prev_session and tls1_process_ticket; and 2) Delete dead code for SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 05 10月, 2015 7 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NBen Laurie <ben@openssl.org>
-
由 Richard Levitte 提交于
Some makedepend mechanisms remove all directory information in the target, so a dependency can looks like this: ssl3_record.o: record/ssl3_record.c However, that doesn't quite suit us, our Makefile has us build record/ssl3_record.o rather than ssl3_record.o. To clear this up, a change to util/clean-depend.pl takes care of this case by looking up the original file in the dependencies and restoring the directory information from it. Reviewed-by: NBen Laurie <ben@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Even though SOCKET is effectively declared as (void *) on Windows, it's not actually a pointer, but an index within per-process table of kernel objects. The table size is actually limited and its upper limit is far below upper limit for signed 32-bit integer. This is what makes cast in question possible. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Dr. Stephen Henson 提交于
When a decoding error in ASN.1 occurs only free up the partial structure at the top level. This simplifies embedded handling and fixes freeing up of structures when presented with malformed input. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 03 10月, 2015 2 次提交
-
-
由 Kurt Roeckx 提交于
Thanks to David Benjamin <davidben@google.com> for pointing them out. Reviewed-by: NSteve Henson <steve@openssl.org> MR #1198
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 01 10月, 2015 4 次提交
-
-
由 Matt Caswell 提交于
This reverts commit 3aabc1dd. Reviewed-by: NStephen Henson <steve@openssl.org>
-
由 Dmitry Belyavskiy 提交于
Add some custom ctrls for Engine specific use. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Richard Levitte 提交于
Any time you configure with enable-deprecated, make depend would scream bloody murder. This change has it quiet down a bit. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Matt Caswell 提交于
This patch updates the "DEFAULT" cipherstring to be "ALL:!COMPLEMENTOFDEFAULT:!eNULL". COMPLEMENTOFDEFAULT is now defined internally by a flag on each ciphersuite indicating whether it should be excluded from DEFAULT or not. This gives us control at an individual ciphersuite level as to exactly what is in DEFAULT and what is not. Finally all DES, RC4 and RC2 ciphersuites are added to COMPLEMENTOFDEFAULT and hence removed from DEFAULT. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 30 9月, 2015 12 次提交
-
-
由 Andy Polyakov 提交于
Close difference gap on Cortex-A9, which resulted in further improvement even on other processors. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
Looks like someone forgot to do a "make update" since crypto/ts/Makefile keeps changing. So include that. Second is that the declare_dh_bn macro fools the libeay.num script. The declarations are only needed in one file (dh_rfc5114) so remove them from the header and put the "raw" declarations directly into that file. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Removed duplicated ordinals from libeay.num Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Occaisionally we have had problems where there are duplicated ordinals in libeay.num or ssleay.num. This adds a test for this issue. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Ben Laurie 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Matt Caswell 提交于
Add additional NID references in the CMS/SMIME capabilities code to cater for GOST12. Patch supplied by Dmitry Belyavsky <beldmit@gmail.com> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 David Woodhouse 提交于
Much related/similar work also done by Ivan Nestlerode <ivan.nestlerode@sonos.com> +Replace FILE BIO's with dummy ops that fail. +Include <stdio.h> for sscanf() even with no-stdio (since the declaration is there). We rely on sscanf() to parse the OPENSSL_ia32cap environment variable, since it can be larger than a 'long'. And we don't rely on the availability of strtoull(). +Remove OPENSSL_stderr(); not used. +Make OPENSSL_showfatal() do nothing (currently without stdio there's nothing we can do). +Remove file-based functionality from ssl/. The function prototypes were already gone, but not the functions themselves. +Remove unviable conf functionality via SYS_UEFI +Add fallback definition of BUFSIZ. +Remove functions taking FILE * from header files. +Add missing DECLARE_PEM_write_fp_const +Disable X509_LOOKUP_hash_dir(). X509_LOOKUP_file() was already compiled out, so remove its prototype. +Use OPENSSL_showfatal() in CRYPTO_destroy_dynlockid(). +Eliminate SRP_VBASE_init() and supporting functions. Users will need to build the verifier manually instead. +Eliminate compiler warning for unused do_pk8pkey_fp(). +Disable TEST_ENG_OPENSSL_PKEY. +Disable GOST engine as is uses [f]printf all over the place. +Eliminate compiler warning for unused send_fp_chars(). Signed-off-by: NRich Salz <rsalz@akamai.com> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Problem was exposed in mingw64 build, or in other words on P64 platform. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
On Windows OPENSSL_EXPORT_VAR_AS_FUNCTION is defined and in a sense this modification simply harmonizes it with "VAR_AS_VAR". Reviewed-by: NRich Salz <rsalz@openssl.org>
-