Andy Polyakov
f5b798f50c
Add GHASH for PowerISA 2.0.7.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-20 14:14:26 +02:00
Dr. Stephen Henson
03c075e572
Windows build fixes.
...
Add cmac.h to mkdef.pl
Remove ENGINE_load_rsax from engine.h: no longer built.
Update ordinals
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-19 22:57:37 +01:00
Dr. Stephen Henson
f8c03d4dbf
Fix documentation for RSA_set_method(3)
...
PR#1675
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-07-19 22:57:37 +01:00
Mike Bland
b2e50bcd0e
Check the test registry size during add_test()
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-19 19:24:36 +01:00
Mike Bland
50bba6852d
Update heartbeat_test #includes
...
ssl/ssl_locl.h now comes first to ensure that it will compile standalone.
test/testutil.h is considered to be in the same directory as the test file,
since the test file will be linked into test/ and built there.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-19 19:24:35 +01:00
Mike Bland
6017a55143
Use testutil registry in heartbeat_test
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-19 19:24:35 +01:00
Mike Bland
5e3de8e609
test/testutil.c test registry functions.
...
These help standardize the structure of main() and result reporting.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-19 19:24:35 +01:00
Dr. Stephen Henson
d31fed73e2
RFC 5649 support.
...
Add support for RFC5649 key wrapping with padding.
Add RFC5649 tests to evptests.txt
Based on PR#3434 contribution by Petr Spacek <pspacek@redhat.com>.
EVP support and minor changes added by Stephen Henson.
Doxygen comment block updates by Tim Hudson.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-18 21:37:13 +01:00
Dr. Stephen Henson
58f4698f67
Make *Final work for key wrap again.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-17 23:29:14 +01:00
Dr. Stephen Henson
d12eef1501
Sanity check lengths for AES wrap algorithm.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-17 12:57:40 +01:00
Jeffrey Walton
d48e78f0cf
Fix typo, add reference.
...
PR#3456
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-07-17 12:07:37 +01:00
Matt Caswell
2097a17c57
Disabled XTS mode in enc utility as it is not supported
...
PR#3442
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-07-16 20:59:35 +01:00
Andy Polyakov
e91718e80d
Revert "Add GHASH for PowerISA 2.07."
...
This reverts commit 927f2e5dea
.
2014-07-16 13:38:15 +02:00
Andy Polyakov
6cd13f70bb
Revert "Engage GHASH for PowerISA 2.07."
...
This reverts commit 14aaf883d9
.
2014-07-16 13:37:37 +02:00
Andy Polyakov
14aaf883d9
Engage GHASH for PowerISA 2.07.
2014-07-16 08:03:34 +02:00
Andy Polyakov
927f2e5dea
Add GHASH for PowerISA 2.07.
2014-07-16 08:01:41 +02:00
Matt Caswell
3bd548192a
Add Matt Caswell's fingerprint, and general update on the fingerprints file to bring it up to date
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-15 23:13:37 +01:00
Dr. Stephen Henson
ca2015a617
Clarify -Verify and PSK.
...
PR#3452
2014-07-15 20:22:39 +01:00
Dr. Stephen Henson
c8d710dc5f
Fix DTLS certificate requesting code.
...
Use same logic when determining when to expect a client
certificate for both TLS and DTLS.
PR#3452
2014-07-15 18:23:13 +01:00
Dr. Stephen Henson
199772e534
Don't allow -www etc options with DTLS.
...
The options which emulate a web server don't make sense when doing DTLS.
Exit with an error if an attempt is made to use them.
PR#3453
2014-07-15 12:32:41 +01:00
Rich Salz
6c0a1e2f8c
Merge branch 'master' of git.openssl.org:openssl
2014-07-15 00:05:43 -04:00
Dr. Stephen Henson
1c3e9a7c67
Use case insensitive compare for servername.
...
PR#3445
2014-07-14 23:59:13 +01:00
Hubert Kario
7efd0e777e
document -nextprotoneg option in man pages
...
Add description of the option to advertise support of
Next Protocol Negotiation extension (-nextprotoneg) to
man pages of s_client and s_server.
PR#3444
2014-07-14 23:42:59 +01:00
Dr. Stephen Henson
ec5a992cde
Use more common name for GOST key exchange.
2014-07-14 18:31:55 +01:00
Dr. Stephen Henson
aa224e9719
Fix typo.
2014-07-14 18:31:55 +01:00
Rich Salz
9d6253cfd3
Add tags/TAGS; approved by tjh
2014-07-14 11:27:16 -04:00
Matt Caswell
f8571ce822
Fixed valgrind complaint due to BN_consttime_swap reading uninitialised data.
...
This is actually ok for this function, but initialised to zero anyway if
PURIFY defined.
This does have the impact of masking any *real* unitialised data reads in bn though.
Patch based on approach suggested by Rich Salz.
PR#3415
2014-07-13 22:17:39 +01:00
Peter Mosmans
924e5eda2c
Add names of GOST algorithms.
...
PR#3440
2014-07-13 18:30:07 +01:00
Richard Levitte
8b5dd34091
* crypto/ui/ui_lib.c: misplaced brace in switch statement.
...
Detected by dcruette@qualitesys.com
2014-07-13 19:11:46 +02:00
Ben Laurie
c1d1b0114e
Don't clean up uninitialised EVP_CIPHER_CTX on error (CID 483259).
2014-07-10 17:49:02 +01:00
Matt Caswell
66816c53be
Fix memory leak in BIO_free if there is no destroy function.
...
Based on an original patch by Neitrino Photonov <neitrinoph@gmail.com>
PR#3439
2014-07-09 23:29:17 +01:00
Andy Polyakov
1b0fe79f3e
x86_64 assembly pack: improve masm support.
2014-07-09 20:08:01 +02:00
Andy Polyakov
d11c70b2c2
Please Clang's sanitizer, addendum.
2014-07-08 23:06:59 +02:00
Andy Polyakov
021e5043e5
Please Clang's sanitizer.
...
PR: #3424,#3423,#3422
2014-07-08 22:24:44 +02:00
Andy Polyakov
c4f8efab34
apps/speed.c: fix compiler warnings in multiblock_speed().
2014-07-07 17:02:26 +02:00
Andy Polyakov
07b635cceb
sha[1|512]-x86_64.pl: fix logical errors with $shaext=0.
2014-07-07 17:01:07 +02:00
David Lloyd
9d23f422a3
Prevent infinite loop loading config files.
...
PR#2985
2014-07-07 13:19:57 +01:00
Viktor Dukhovni
b73ac02735
Improve X509_check_host() documentation.
...
Based on feedback from Jeffrey Walton.
2014-07-07 20:34:06 +10:00
Viktor Dukhovni
297c67fcd8
Update API to use (char *) for email addresses and hostnames
...
Reduces number of silly casts in OpenSSL code and likely most
applications. Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().
2014-07-07 19:11:38 +10:00
Dr. Stephen Henson
ee724df75d
Usage for -hack and -prexit -verify_return_error
2014-07-06 22:42:50 +01:00
Dr. Stephen Henson
cba3f1c739
Document certificate status request options.
2014-07-06 22:40:01 +01:00
Dr. Stephen Henson
a44f219c00
s_server usage for certificate status requests
2014-07-06 22:40:01 +01:00
Dr. Stephen Henson
5ecf1141a5
Sanity check keylength in PVK files.
...
PR#2277
2014-07-06 00:36:16 +01:00
Jeffrey Walton
75b7606881
Added reference to platform specific cryptographic acceleration such as AES-NI
2014-07-06 00:03:13 +01:00
Matt Caswell
fd9e244370
Fixed error in pod files with latest versions of pod2man
2014-07-06 00:03:13 +01:00
Andy Polyakov
7eb9680ae1
sha512-x86_64.pl: fix typo.
...
PR: #3431
2014-07-05 23:59:57 +02:00
Andy Polyakov
0e7a32b55e
s3_pkt.c: fix typo.
2014-07-05 23:56:54 +02:00
Andy Polyakov
375a64e349
apps/speed.c: add multi-block benchmark.
2014-07-05 23:53:55 +02:00
Alan Hryngle
fdea4fff8f
Return smaller of ret and f.
...
PR#3418.
2014-07-05 22:37:41 +01:00
Viktor Dukhovni
ced3d9158a
Set optional peername when X509_check_host() succeeds.
...
Pass address of X509_VERIFY_PARAM_ID peername to X509_check_host().
Document modified interface.
2014-07-06 01:50:50 +10:00