- 04 4月, 2017 8 次提交
-
-
由 Matt Caswell 提交于
DHparams has d2i_DHparams_fp, d2i_DHxparams_bio etc, but the equivalent macros for DHxparams were omitted. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3111)
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3114)
-
由 Matt Caswell 提交于
The macro SSL_get_server_tmp_key() returns information about the temp key used by the server during a handshake. This was returning NULL for TLSv1.3 and causing s_client to omit this information in its connection summary. Fixes #3081 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3114)
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3091)
-
由 Matt Caswell 提交于
Make sure the server can write normal data after earlier writing early data. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3091)
-
由 Tatsuhiro Tsujikawa 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3091)
-
由 Matt Caswell 提交于
Commit 9b5c865d introduced a synthetic delay between arrival of EoED and CF. We actually want to delay the arrival of CF even further to demonstrate that we can write early data even when "in init". Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3091)
-
由 Matt Caswell 提交于
If we have received the EoED message but not yet had the CF then we are "in init". Despite that we still want to write application data, so suppress the "in init" check in ssl3_write_bytes() in that scenario. Fixes #3041 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3091)
-
- 03 4月, 2017 5 次提交
-
-
由 Kazuki Yamaguchi 提交于
SSL_get_max_early_data() recently added by 3fc8d856 ("Construct the ticket_early_data_info extension", 2017-02-17) is supposed to take an SSL, but it doesn't. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3113)
-
由 Richard Levitte 提交于
This test doesn't actually fail completely, but there's no real pattern to distinguish which data files should be omitted when no-ec2m is configured and which should not. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3103)
-
由 Richard Levitte 提交于
It's of course also possible to just add them to the PR description, but having these lines in the commit messages provide better automation. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3104)
-
由 Richard Levitte 提交于
When creating a single commit PR, github will now automatically include the commit comment first in the pull request description, and add the template content last. That makes the description section at the end useless. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3104)
-
由 Andy Polyakov 提交于
It seems to be problematic to probe processor capabilities with SIGILL on MacOS X. The problem should be limited to cases when application code is debugged, but crashes were reported even during normal execution... Reviewed-by: NKurt Roeckx <kurt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 01 4月, 2017 3 次提交
-
-
由 Andy Polyakov 提交于
Configure started with 'require 5.10.0', but if executed by older perl it failed with "might be runaway multi-line // string" instead of naturally expected "Perl v5.10.0 required--this is only v5.x.y". Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Originally there was dependency on BN configuration parameters, but it stemmed from times when "long long" support was optional. Today we require 64-bit support from compiler, and there is no reason to have "greatest-width integer" depend on BN configuration. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 31 3月, 2017 5 次提交
-
-
由 Jon Spillett 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3087)
-
由 Matt Caswell 提交于
Numerous changes have been made to the supported built-in extensions and SSL_extension_supported() has not kept up. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3097)
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3083)
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3083)
-
由 Andy Polyakov 提交于
'j' is specified as modifier for "greatest-width integer type", which in practice means 64 bits on both 32- and 64-bit platforms. Since we rely on __attribute__((__format__(__printf__,...))) to sanitize BIO_print format, we can use it to denote [u]int64_t-s in platform-neutral manner. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3083)
-
- 30 3月, 2017 9 次提交
-
-
由 Matt Caswell 提交于
s_client was always saying that early_data was rejected even when it was accepted. This was because it was using the wrong test to detect the end of the handshake. It was using SSL_in_init() which only tells you whether it is currently processing/sending/expecting handshake messages. It should use SSL_is_init_finished() which tells you that no handshake messages are being processed/sent/expected AND we have completed the handshake. In the early data case we are not processing/sending handshake messages and we are expecting early data (not a handshake message) - but the handshake has not yet completed. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3090)
-
由 Matt Caswell 提交于
This tests the bug fixed in the previous commit. We introduce a synthetic delay between the server receiving EoED and CF and check that we can still send early data. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3089)
-
由 Matt Caswell 提交于
If the server received EoED then SSL_read_early_data() will return SSL_READ_EARLY_DATA_FINISH. However if the CF has not yet been processed then SSL_is_init_finished() will still return 0. Therefore we should still be able to write early data. Fixes #3041 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3089)
-
由 Jon Spillett 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3085)
-
由 Pauli 提交于
Fix capitilistion of list items. Wrap long lines. Add full stops to the ends of sentances. Change ciphersuite to cipher suite in all of doc. [skip ci] Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3082)
-
由 Matt Caswell 提交于
We want to make sure that if we if are using SSL_MODE_AUTO_RETRY then if SSL_read_early_data() hits EndOfEarlyData then it doesn't auto retry and end up with normal data. The same issue could occur with read_ahead which is what we use in this test. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3077)
-
由 Matt Caswell 提交于
If read_ahead is set, or SSL_MODE_AUTO_RETRY is used then if SSL_read_early_data() hits an EndOfEarlyData message then it will immediately retry automatically, but this time read normal data instead of early data! Fixes #3041 Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3077)
-
由 Pauli 提交于
[skip ci] Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3073)
-
由 Andy Polyakov 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 29 3月, 2017 10 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3064)
-
由 Richard Levitte 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3064)
-
由 Richard Levitte 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3064)
-
由 Emilia Kasper 提交于
cipherbytes_test does not use the testutil / test_main test framework. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3034)
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Pauli 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3074)
-
由 Pauli 提交于
[skip ci] Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3072)
-
由 Steven Collison 提交于
These ciphers don't appear to be documented anywhere. Given the performance[1] benefits I think it makes sense to expose them. [1] https://software.intel.com/sites/default/files/open-ssl-performance-paper.pdfReviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3067)
-