wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
19725 commits 20 branches 302 tags 153 MiB
Commit graph

19725 commits

This branch
This branch
All branches
Author SHA1 Message Date
Andy Polyakov
8ab9af5e28 engines/e_capi.c: slip in PROV_RSA_AES for interchangable CSP only. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3034)
 2017-03-29 11:52:27 +02:00
Andy Polyakov
3a5b64b2f0 engines/e_capi.c: adhere to CryptAcquireContextW unconditionally. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2017-03-29 11:52:13 +02:00
Andy Polyakov
8f0e5888ea engine/e_capi.c: more formatting and styling fixes. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2017-03-29 11:51:17 +02:00
Pauli
d7735c1eec Documentation cleanup for man1/nseq.pod 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3074)
 2017-03-29 09:43:04 +01:00
Pauli
829e4d5582 Documentation clean up for man1/list.pod 
[skip ci]

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3072)
 2017-03-29 09:40:56 +01:00
Steven Collison
209fac9f8a doc: Add stitched ciphers to EVP_EncryptInit.pod 
These ciphers don't appear to be documented anywhere. Given the
performance[1] benefits I think it makes sense to expose them.

[1] https://software.intel.com/sites/default/files/open-ssl-performance-paper.pdf

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3067)
 2017-03-29 09:31:39 +01:00
Steven Collison
254b58fd73 doc: Add missing options in s_{server,client} 
These were added to the help in ad775e04f6 but not the pods.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3065)
 2017-03-29 09:25:44 +01:00
Qin Long
dc8da7b1b8 Fix the build warning under OPENSSL_NO_GOST 
Variable 'pktype' was set but not used under OPENSSL_NO_GOST. This change
will fix the build warning under [-Werror=unused-but-set-variable].

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2961)
 2017-03-29 07:37:02 +02:00
Qin Long
cff55b90e9 Cleaning UEFI Build with additional OPENSSL_SYS_UEFI flags 
Add OPENSSL_SYS_UEFI to remove unused syslog and uid stuffs for
more clean UEFI build.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2961)
 2017-03-29 07:35:59 +02:00
Benjamin Kaduk
0acee5045a Further de-obfuscation 
A similar change that probably should have been wrapped into
commit e0926ef49d.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3010)
 2017-03-29 07:33:39 +02:00
Jon Spillett
8c55c46147 Add documentation for SNI APIs 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3071)
 2017-03-29 07:26:41 +02:00
Rich Salz
a01dbac232 Remove duplicate doc 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3068)
 2017-03-29 07:18:57 +02:00
FdaSilvaYY
69687aa829 More typo fixes 
Fix some comments too
[skip ci]

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3069)
 2017-03-29 07:14:29 +02:00
Jon Spillett
7bd278957d Typo in SSL_CTX_sess_number.pod - started 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3070)
 2017-03-29 07:10:18 +02:00
Jon Spillett
edb79c3a34 Tidy up the SSL options in SSL_CTX_set_options.pod 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3070)
 2017-03-29 07:10:18 +02:00
Jon Spillett
3aaa1bd076 SSL_CTX_use_PrivateKey_file uses private key, not certificate 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3070)
 2017-03-29 07:10:18 +02:00
Jon Spillett
d5d5b5fc77 Typo in SSL_CONF_cmd_argv.pod 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3070)
 2017-03-29 07:10:18 +02:00
Jon Spillett
f5f85f755d Typo in SSL_CONF_CTX_set1_prefix.pod - change SSL_CTX_cmd to SSL_CONF_cmd 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3070)
 2017-03-29 07:10:18 +02:00
Jon Spillett
818f861756 Typo in SSL_CONF_CTX_set_flags.pod 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3070)
 2017-03-29 07:10:18 +02:00
Pauli
2fae041d6c Test infrastructure additions. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3011)
 2017-03-29 08:51:43 +10:00
FdaSilvaYY
a6ac1ed686 Fix 0 -> NULL, indentation 
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3066)
 2017-03-28 16:16:49 -04:00
FdaSilvaYY
cbe9524183 Refomat a few comments on 80 cols 
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3066)
 2017-03-28 16:16:49 -04:00
FdaSilvaYY
a8cd439bf5 Spelling fixes 
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3066)
 2017-03-28 16:16:49 -04:00
FdaSilvaYY
1ee4b98e69 Fix a few more typos 
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3066)
 2017-03-28 16:16:49 -04:00
Jon Spillett
09fdfa4b2f Add documentation for SSL_*_ex_data() functions 
[skip ci]

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3050)
 2017-03-28 21:50:13 +02:00
Jon Spillett
86fde069d4 Add documentation for SSL version methods 
[skip ci]

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3049)
 2017-03-28 20:13:30 +02:00
Matt Caswell
249e3a1b20 Provide documentation for some state machine related functions 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3051)
 2017-03-28 15:46:40 +01:00
Dr. Stephen Henson
8845e02a74 update README 
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3059)
 2017-03-28 15:43:42 +01:00
Dr. Stephen Henson
d218f3c331 Add X25519 doc 
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3059)
 2017-03-28 15:43:41 +01:00
Dr. Stephen Henson
0af8fd6085 fix typo 
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3059)
 2017-03-28 15:43:41 +01:00
Matt Caswell
b31db50528 Provide documentation for missing SSL_SESSION_* functions 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3052)
 2017-03-28 15:15:41 +01:00
Rich Salz
43708c1545 Move PRIu64, OSSLzu to e_os.h 
Those macros are private, not public.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3044)
 2017-03-28 08:43:48 -04:00
Pauli
9ff79fa3e1 Add enable-aria where rc5 and md2 are built. 
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3046)
 2017-03-28 08:42:22 -04:00
Emilia Kasper
a0f44a34d2 asynctest: don't depend on apps 
Remove unnecessary include of apps.h. Tests shouldn't take a
dependency on apps. In this case, there is no dependency, the include
is unnecessary.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2017-03-28 14:40:25 +02:00
Emilia Kasper
24053693b0 X509_cmp_time.pod: fix doc nits 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2017-03-28 14:40:25 +02:00
Hannes Magnusson
feb891990a Remove redundant decl of 509_STORE_set_flags 
a47bc283 accidentally adds another define for X509_STORE_set_flags
It is already defined 5lines prior

CLA: trivial

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3047)
 2017-03-28 08:37:44 -04:00
Emilia Kasper
4ac139b49a Add documentation for X509 time functions 
[ci skip]

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2017-03-28 12:22:32 +02:00
Andy Polyakov
a4c74e88e4 apps/passwd.c: 32 bits are sufficient to hold ROUNDS_MAX. 
Even though C standard defines 'z' modifier, recent mingw compilers break
the contract by defining __STDC_VERSION__ with non-compliant MSVCRT.DLL.
In other words we can't use %zu with mingw, but insteadl of cooking

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2017-03-27 21:09:06 +02:00
Richard Levitte
165f1c3ef3 In err_cleanup(), cleanup the thread local storage too 
Fixes #3033

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3035)
 2017-03-27 12:54:40 +02:00
Andy Polyakov
0822d41b6d aes/asm/bsaes-armv7.pl: relax stack alignment requirement. 
Even though Apple refers to Procedure Call Standard for ARM Architecture
(AAPCS), they apparently adhere to custom version that doesn't follow
stack alignment constraints in the said standard. [Why or why? If it's
vendor lock-in thing, then it would be like worst spot ever.] And since
bsaes-armv7 relied on standard alignment, it became problematic to
execute the code on iOS.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2017-03-26 18:29:03 +02:00
Andy Polyakov
e08b444ac0 engines/e_capi.c: formatting and styling fixes. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2017-03-25 11:23:39 +01:00
Bernd Edlinger
1b6f5a4d3b Don't access memory before checking the correct length in aesni_cbc_hmac_sha256_ctrl in case EVP_CTRL_AEAD_TLS1_AAD. 
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3023)
 2017-03-25 11:12:18 +01:00
Matt Caswell
643a358042 Move the downgrade sentinel declarations to a header file 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3022)
 2017-03-24 14:07:11 +00:00
Matt Caswell
b9647e34ff Add a test for the TLSv1.3 downgrade mechanism 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3022)
 2017-03-24 14:07:11 +00:00
Matt Caswell
3556b83ea2 Make the TLSv1.3 downgrade mechanism a configurable option 
Make it disabled by default. When TLSv1.3 is out of draft we can remove
this option and have it enabled all the time.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3022)
 2017-03-24 14:07:11 +00:00
Matt Caswell
c3043dcd55 Add client side support for TLSv1.3 downgrade mechanism 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3022)
 2017-03-24 14:07:11 +00:00
Matt Caswell
f7f2a01d63 Add server side support for TLSv1.3 downgrade mechanism 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3022)
 2017-03-24 14:07:11 +00:00
Zack Williams
a41815f05e "any" instead of "and" 
The "and" should be an "any"

Fixed in LibreSSL's docs: http://man.openbsd.org/man5/x509v3.cnf.5#Subject_alternative_name

CLA: trivial

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2980)
 2017-03-24 13:43:21 +01:00
Ian Spence
f5fd3848fe Fix function documentation 
CLA: trivial

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2972)
 2017-03-24 13:39:02 +01:00
Andy Polyakov
120a9e1a82 bn/asm/sparcv9-mont.pl: fix squaring code path. 
This module is used only with odd input lengths, i.e. not used in normal
PKI cases, on contemporary processors. The problem was "illuminated" by
fuzzing tests.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2017-03-24 12:18:35 +01:00