- 15 2月, 2017 14 次提交
-
-
由 Dr. Stephen Henson 提交于
Use negotiated signature algorithm and certificate index in tls_construct_key_exchange instead of recalculating it. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2623)
-
由 Dr. Stephen Henson 提交于
Now the certificate and signature algorithm is set in one place we can use it directly insetad of recalculating it. The old functions ssl_get_server_send_pkey() and ssl_get_server_cert_index() are no longer required. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2623)
-
由 Dr. Stephen Henson 提交于
Update tls_choose_sigalg to choose a signature algorithm for all versions of TLS not just 1.3. For TLS 1.2 we choose the highest preference signature algorithm for the chosen ciphersuite. For TLS 1.1 and earlier the signature algorithm is determined by the ciphersuite alone. For RSA we use a special MD5+SHA1 signature algorithm. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2623)
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2623)
-
由 Dr. Stephen Henson 提交于
Add inline function ssl_has_cert which checks to see if a certificate and private key for a given index are not NULL. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2623)
-
由 FdaSilvaYY 提交于
[skip ci] Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2571)
-
由 Guido Vranken 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1613)
-
由 Guido Vranken 提交于
Prevents that OPENSSL_gmtime incorrectly signals success if gmtime_r fails, and that struct* tm result's possibly uninitialized content is used Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1613)
-
由 Bernd Edlinger 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2618)
-
由 Guido Vranken 提交于
Prevent allocations of size 0 in sh_init, which are not possible with the default OPENSSL_zalloc, but are possible if the user has installed their own allocator using CRYPTO_set_mem_functions. If the 0-allocations succeeds, the secure heap code will later access (at least) the first byte of that space, which is technically an OOB access. This could lead to problems with some custom allocators that only return a valid pointer for subsequent free()-ing, and do not expect that the pointer is actually dereferenced. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2605)
-
由 Robert Scheck 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2300)
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2626)
-
由 Dr. Stephen Henson 提交于
When a certificate is prepended update the list pointer. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2628)
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2624)
-
- 14 2月, 2017 19 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
由 Matt Caswell 提交于
For converting the 2 byte group id into an unsigned int. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
由 Matt Caswell 提交于
Make sure we get an HRR in the right circumstances based on kex mode. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
由 Matt Caswell 提交于
Previously counting the number of tests in checkhandshake.pm took an initial guess and then modified it based on various known special cases. That is becoming increasingly untenable, so this changes it to properly calculate the number of tests we expect to run. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2341)
-
由 Yuchi 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2559)
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
This is handy when "offset(%reg)" is a perl variable. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Thanks to Jun Sun for spotting this. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 13 2月, 2017 7 次提交
-
-
由 Andrea Grandi 提交于
Remove call to cleanup function Use only one loop to find previous element Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2581)
-
由 Andrea Grandi 提交于
This fixes the num of fds added/removed returned by ASYNC_WAIT_CTX_get_changed_fds Previously, the numbers were not consistent with the fds actually written in the buffers since the fds that have been both added and removed are explicitly ignored in the loop. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2581)
-
由 Andrea Grandi 提交于
This happens when a fd is added and then immediately removed from the ASYNC_WAIT_CTX before pausing the job. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2581)
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Darren Tucker 提交于
CLA: trivial Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2604)
-
由 Richard Levitte 提交于
test/recipes/40-test_rehash.t uses test files from certs/demo, which doesn't exist any longer. Have it use PEM files from test/ instead. Because rehash wants only one certificate or CRL per file, we must also filter those PEM files to produce test files with a single object each. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2594)
-