Dr. Stephen Henson
34c2db9b56
constify ECDSA_SIG_get0()
...
PR#4436
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-03-19 22:04:38 +00:00
Alex Gaynor
5a339364f7
GH36: Add casts to match the documentation
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-19 12:17:31 -04:00
Richard Levitte
f38526357e
Implement support for no-ts
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-18 20:17:19 +01:00
Matt Caswell
114de5b595
Ensure that no-comp functions are flagged as such
...
mkdef.pl was not detecting no-comp functions. This updates the header file
so that mkdef.pl detects that no-comp applies, and the functions are marked
accordingly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-18 12:09:27 +00:00
Rich Salz
1fbab1dc6f
Remove Netware and OS/2
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-17 17:06:57 -04:00
Rich Salz
23d38992fc
Remove ultrix/mips support.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-17 15:29:15 -04:00
Dr. Stephen Henson
a7e7bad168
Simplify define as we don't support MS-DOS anymore.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-03-17 14:29:01 +00:00
Richard Levitte
37d42aae2e
Prepare for 1.1.0-pre5-dev
...
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-16 18:21:46 +01:00
Richard Levitte
e711d13af3
Prepare for 1.1.0-pre4 release
...
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-16 18:21:17 +01:00
Dr. Stephen Henson
a6eb1ce6a9
Make X509_SIG opaque.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-11 17:40:47 +00:00
Kurt Roeckx
208527a75d
Review comments
...
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-11 10:39:10 -05:00
Bill Cox
2d0b441267
Add blake2 support.
...
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-11 10:39:10 -05:00
Rob Percival
680ddc996b
constify CT_POLICY_EVAL_CTX getters
...
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-11 09:06:04 -05:00
Rob Percival
49e5db0b31
check reviewer --reviewer=emilia
...
Pass entire CTLOG_STORE to SCT_print, rather than just the SCT's CTLOG
SCT_print now looks up the correct CT log for you.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-10 14:53:04 -05:00
Rob Percival
8359b57f27
check reviewer --reviewer=emilia
...
Remove 'log' field from SCT and related accessors
In order to still have access to an SCT's CTLOG when calling SCT_print,
SSL_CTX_get0_ctlog_store has been added.
Improved documentation for some CT functions in openssl/ssl.h.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-10 14:53:04 -05:00
Rich Salz
599eccfcbf
RT3676 add: Export ASN.1 DHparams
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-03-09 20:58:08 -05:00
Viktor Dukhovni
dd60efea95
Add X509_CHECK_FLAG_NEVER_CHECK_SUBJECT flag
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-03-09 20:41:28 -05:00
Richard Levitte
29f082603a
Remove duplicate typedef of ECPKPARAMETERS in ec.h
...
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-03-10 02:35:12 +01:00
Kurt Roeckx
2b8fa1d56c
Deprecate the use of version-specific methods
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1824
2016-03-09 19:45:05 +01:00
Kurt Roeckx
1fc7d6664a
Fix usage of OPENSSL_NO_*_METHOD
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1824
2016-03-09 19:38:18 +01:00
Kurt Roeckx
b11836a63a
Make SSL_CIPHER_get_version return a const char *
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1595
2016-03-09 19:10:28 +01:00
Kurt Roeckx
e4646a8963
Constify security callbacks
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
MR: #1595
2016-03-09 19:10:28 +01:00
Rich Salz
60b350a3ef
RT3676: Expose ECgroup i2d functions
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-03-09 12:25:21 -05:00
Rob Percival
9ddff1e83c
Document importance of CTLOG_STORE outliving SCT if SCT_set0_log is used
...
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:34:48 -05:00
Rob Percival
eac84e8127
Makes STACK_OF(SCT)* parameter of i2d_SCT_LIST const
...
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:34:48 -05:00
Rob Percival
14db9bbd71
Removes SCT_LIST_set_source and SCT_LIST_set0_logs
...
Both of these functions can easily be implemented by callers instead.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:34:48 -05:00
Rob Percival
21b908a8f9
Makes SCT_get0_log return const CTLOG*
...
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:34:48 -05:00
Rob Percival
12d2d28185
Makes CTLOG_STORE_get0_log_by_id return const CTLOG*
...
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:34:48 -05:00
Rob Percival
70073f3e3a
Treat boolean functions as booleans
...
Use "!x" instead of "x <= 0", as these functions never return a negative
value.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:34:48 -05:00
Rob Percival
8c92c4eac0
Make parameters of CTLOG_get* const
...
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:34:48 -05:00
Rob Percival
5da65ef23c
Extensive application of __owur to CT functions that return a boolean
...
Also improves some documentation of those functions.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:34:48 -05:00
Rob Percival
8fbb93d0e2
Makes SCT_LIST_set_source return the number of successes
...
No longer terminates on first error, but instead tries to set the source
of every SCT regardless of whether an error occurs with some.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:34:48 -05:00
Matt Caswell
2e52e7df51
Remove the old threading API
...
All OpenSSL code has now been transferred to use the new threading API,
so the old one is no longer used and can be removed. We provide some compat
macros for removed functions which are all no-ops.
There is now no longer a need to set locking callbacks!!
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-09 12:41:39 +00:00
Matt Caswell
8eed7e873b
Convert rand code to new threading API
...
Replace the CRYPTO_LOCK_RAND and CRYPTO_LOCK_RAND2 locks with new thread
API style locks.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 01:14:57 +00:00
Alessandro Ghedini
0b1a07c8a7
Convert RSA blinding to new multi-threading API
...
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 23:52:48 +00:00
Alessandro Ghedini
16203f7b71
Convert CRYPTO_LOCK_SSL_* to new multi-threading API
...
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 18:48:38 -05:00
Richard Levitte
be1251f73d
Remove the transfer of lock hooks from bind_engine
...
With the new threads API, this is no longer needed.
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-09 00:33:38 +01:00
Richard Levitte
6d5667110a
Engine API repair - memory management hooks
...
The Engine API lost the setting of memory management hooks in
bind_engine. Here's putting that back.
EX_DATA and ERR functions need the same treatment.
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-09 00:33:38 +01:00
Matt Caswell
9471f7760d
Convert mem_dbg and mem_sec to the new Thread API
...
Use new Thread API style locks, and thread local storage for mem_dbg
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 21:06:04 +00:00
Rich Salz
040d43b3ff
OpenSSLDie --> OPENSSL_die
...
Also removed a bunch of unused define's from e_os.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-08 14:46:17 -05:00
Dr. Stephen Henson
706a13f112
Make DSA_SIG opaque.
...
This adds a new accessor function DSA_SIG_get0.
The customisation of DSA_SIG structure initialisation has been removed this
means that the 'r' and 's' components are automatically allocated when
DSA_SIG_new() is called. Update documentation.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 17:02:16 +00:00
Alessandro Ghedini
c001ce3313
Convert CRYPTO_LOCK_X509_* to new multi-threading API
...
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 11:10:34 -05:00
Alessandro Ghedini
41cfbccc99
Convert CRYPTO_LOCK_UI to new multi-threading API
...
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 11:10:34 -05:00
Alessandro Ghedini
9b398ef297
Convert CRYPTO_LOCK_EC_* to new multi-threading API
...
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 11:10:34 -05:00
Alessandro Ghedini
03273d61e7
Convert CRYPTO_LOCK_EVP_PKEY to new multi-threading API
...
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 11:10:34 -05:00
Alessandro Ghedini
fb46be0348
Convert CRYPTO_LOCK_BIO to new multi-threading API
...
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 11:10:34 -05:00
Todd Short
3ec13237f0
Add cipher query functions
...
Add functions to determine authentication, key-exchange, FIPS and AEAD.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 09:19:15 -05:00
Alessandro Ghedini
7b8e12d24e
Convert ERR_STRING_DATA to new multi-threading API
...
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 14:11:59 +00:00
Alessandro Ghedini
8509dcc9f3
Convert ERR_STATE to new multi-threading API
...
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 14:11:09 +00:00
Alessandro Ghedini
f75200115d
Convert CRYPTO_LOCK_EX_DATA to new multi-threading API
...
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 09:07:32 -05:00