- 31 3月, 2018 5 次提交
-
-
由 Bernd Edlinger 提交于
Thanks to Darovskikh Andrei for for reporting this issue. Fixes: #5785 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5793)
-
由 Matt Caswell 提交于
We have been unable to trace the contributor of that code to gain their agreement for the licence change so the code has to be removed. This commit reverts that contribution. The contribution had no functional impact so the original way of doing things is still valid. However the surrounding code has changed significantly so that the exact code as it was orignally cannot be used. This commit uses the original code as a basis, but rewrites it to use the PACKET API. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5808)
-
由 Matt Caswell 提交于
We should use the old EVP_PKEY_new_mac_key() instead. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5808)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5808)
-
由 Rich Salz 提交于
This commit removes the contribution of a user that we cannot trace to gain their consent for the licence change. I also cleaned up the return/error-return flow a bit. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5811)
-
- 30 3月, 2018 2 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
The RAND_DRBG API was added in PR #5462 and modified by PR #5547. This commit adds the corresponding documention. Reviewed-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5461)
-
由 FdaSilvaYY 提交于
methods : - EVP_PBE_scrypt - EVP_PKEY_meth_add0 - EVP_PKEY_meth_new - EVP_PKEY_CTX_dup Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/5783)
-
- 29 3月, 2018 16 次提交
-
-
由 Vitezslav Cizek 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/5007)
-
由 Vitezslav Cizek 提交于
Add BIO_get_conn_ip_family and BIO_set_conn_ip_family macros to util/private.num and document them in BIO_s_connect.pod. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/5007)
-
由 Vitezslav Cizek 提交于
The BIO was refactored in 417be660, but the manual wasn't fully updated to reflect some of the changes. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/5007)
-
由 Benjamin Kaduk 提交于
Add some more exposition on why unlocked access to the global rand_fork_count is safe, and provide a comment for the struct rand_drbg_st fork_count field. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/4110)
-
由 Andy Polyakov 提交于
picker() is type agnostic, but its output consumer is not. Or rather it doesn't work if picker() picks nothing when consumer expects array. So ensure array is returned when array is expected. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5770)
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5770)
-
由 Richard Levitte 提交于
The VMS C RTL has setbuf() working for short pointers only, probably the FILE pointer will always be in P0 (the lower 4GB). Fortunately, this only generates a warning about possible data loss (doesn't apply in this case) that we can simply turn off. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5789)
-
由 Richard Levitte 提交于
Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5776)
-
由 Richard Levitte 提交于
Instead of invoking the fuzz test programs once for every corpora file, we invoke them once for each directory of corpora files. This dramatically reduces the number of program invikations, as well as the time 99-test_fuzz.t takes to complete. fuzz/test-corpus.c was enhanced to handle directories as well as regular files. Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5776)
-
由 Richard Levitte 提交于
This wasn't a good solution, too many things depend on the quotes being there consistently. This reverts commit 49cd47ea. Fixes #5772 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5773)
-
由 Patrick Steuer 提交于
... to compute s390x aes function code from keylength. Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5250)
-
由 Patrick Steuer 提交于
Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5250)
-
由 Patrick Steuer 提交于
Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5250)
-
由 Patrick Steuer 提交于
Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5250)
-
由 Patrick Steuer 提交于
Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5250)
-
由 Rich Salz 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5780)
-
- 28 3月, 2018 11 次提交
-
-
由 Matt Caswell 提交于
This commit removes the contribution of a user that we cannot trace to gain their consent for the licence change. After this commit the various IS_*() macros in the auto-generated file conf_def.h may incorrectly return true if the supplied character has its most significant bit set. The IS_*() macros should be able to correctly handle 8-bit characters. Note that UTF-8 support is not a requirement. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5767)
-
由 Matt Caswell 提交于
If a server has been configured to use an ECDSA certificate, we should allow it regardless of whether the server's own supported groups list includes the certificate's group. Fixes #2033 Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5601)
-
由 Matt Caswell 提交于
This reverts commit 37a38595. These tests should now be fixed by commit e6e9170d. Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/5765)
-
由 Rich Salz 提交于
Based on the description in https://github.com/openssl/openssl/pull/5757, this re-implements the "allow NULL to be passed" behavior of a number of xxx_free routines. I also fixed up some egregious formatting errors that were nearby. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5761)
-
由 Miroslav Suk 提交于
ts/ts_rsp_sign.c: change to OPENSSL_gmtime. Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5720)
-
由 Konstantin Shemyak 提交于
When the "certificate purpose" is checked and KeyUsage extension is present, either 'digitalSignature' or 'nonRepudiation' is accepted. Manual page corrected to reflect the above. Signed-off-by: NKonstantin Shemyak <konstantin@shemyak.com> Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5727)
-
由 Philippe Antoine 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5729)
-
由 Andy Polyakov 提交于
Apparently applications rely on RAND_load_file's ability to work with non-regular files, customarily with /dev/urandom, so that the ban was not exactly appropriate. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5737)
-
由 Andy Polyakov 提交于
This is quick-n-dirty ad-hoc solution, the problem asks for more elegant one... Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5755)
-
由 Matt Caswell 提交于
The previous commit causes some tests to hang so we temporarily disable them. Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5757)
-
由 Matt Caswell 提交于
This removes some code because we cannot trace the original contributor to get their agreement for the licence change (original commit e03ddfae). After this change there will be numerous failures in the test cases until someone rewrites the missing code. All *_free functions should accept a NULL parameter. After this change the following *_free functions will fail if a NULL parameter is passed: BIO_ACCEPT_free() BIO_CONNECT_free() BN_BLINDING_free() BN_CTX_free() BN_MONT_CTX_free() BN_RECP_CTX_free() BUF_MEM_free() COMP_CTX_free() ERR_STATE_free() TXT_DB_free() X509_STORE_free() ssl3_free() ssl_cert_free() SSL_SESSION_free() SSL_free() [skip ci] Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5757)
-
- 27 3月, 2018 6 次提交
-
-
由 Matt Caswell 提交于
The alpn_selected value in the session should be NULL before we first populate it if this is a new session. We assert to make sure it is. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5715)
-
由 Matt Caswell 提交于
If we don't have OID data for an object then we should fail if we are asked to encode the ASN.1 for that OID. Fixes #5723 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5725)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Andy Polyakov 提交于
Comparison was effectively reduced to least significant bits. CVE-2018-0733 Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-