wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
17388 commits 20 branches 302 tags 153 MiB
Commit graph

2337 commits

Author SHA1 Message Date
Dr. Stephen Henson
3770b877ea Add mask for newly created symlink. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-07-22 12:07:13 +01:00
Dr. Stephen Henson
ee8f785873 Check suffixes properly. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-07-22 12:07:13 +01:00
Dr. Stephen Henson
f22ff0eb16 use correct name for duplicate 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-07-22 12:07:13 +01:00
FdaSilvaYY
e8aa8b6c8f Fix a few if(, for(, while( inside code. 
Fix some indentation at the same time

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1292)
 2016-07-20 07:21:53 -04:00
FdaSilvaYY
7606c231c9 Simplify buffer limit checking, and reuse BIO_snprintf returned value. 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1284)
 2016-07-20 01:35:38 -04:00
FdaSilvaYY
edbff8da9b Code factorisation and simplification 
Fix some code indentation

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1284)
 2016-07-20 01:35:38 -04:00
FdaSilvaYY
f6c460e8f6 Fix double calls to strlen 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1284)
 2016-07-20 01:35:38 -04:00
FdaSilvaYY
cdd202f254 Simplify code related to tmp_email_dn. 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1284)
 2016-07-20 01:35:38 -04:00
FdaSilvaYY
1c72f70df4 Use more X509_REQ_get0_pubkey & X509_get0_pubkey 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1284)
 2016-07-20 01:35:38 -04:00
Richard Levitte
d6accd5040 Fix forgotten goto 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-07-19 15:26:40 +02:00
Richard Levitte
642a166ce1 Convert the last uses of sockaddr in apps/* to use BIO_ADDR instead 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-07-19 14:32:39 +02:00
Dr. Stephen Henson
d166ed8c11 check return values for EVP_Digest*() APIs 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-07-15 14:09:05 +01:00
Matt Caswell
4bbd4ba66d Disallow multiple protocol flags to s_server and s_client 
We shouldn't allow both "-tls1" and "-tls1_2", or "-tls1" and "-no_tls1_2".
The only time multiple flags are allowed is where they are all "-no_<prot>".

This fixes Github Issue #1268

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-07-08 16:20:59 +01:00
Dr. Stephen Henson
ab6a591caa Support PKCS v2.0 print in pkcs12 utility. 
Extended alg_print() in pkcs12 utility to support PBES2 algorithms.

RT#4588

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-07-08 02:09:02 +01:00
Richard Levitte
d513369bfa perl: Separate compile-time environment from runtime environment 
Make it possible to have a separate and different perl command string
for installable scripts than we use when building, with the
environment variable HASHBANGPERL.  Its value default to the same as
the environment PERL if it's defined, otherwise '/usr/bin/env perl'.

Note: this is only relevant for Unix-like environments.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2016-07-04 15:40:31 +02:00
Richard Levitte
0483f58652 Simplify INCLUDE statements in build.info files 
Now that INCLUDE considers both the source and build trees, no need
for the rel2abs perl fragment hacks any more.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-07-01 18:36:08 +02:00
FdaSilvaYY
6b4a77f56e Whitespace cleanup in apps 
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1264)
 2016-06-29 09:56:39 -04:00
David Benjamin
748e85308e Fix BN_is_prime* calls. 
This function returns a tri-state -1 on error. See BoringSSL's
53409ee3d7595ed37da472bc73b010cd2c8a5ffd.

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1251
 2016-06-25 11:01:30 +02:00
Rich Salz
3b5bea3604 Add -ciphers flag to enc command 
Don't print the full list of ciphers as part of the -help output.

Reviewed-by: Andy Polyakov <appro@openssl.org>
 2016-06-24 16:39:05 -04:00
mmiyashita
1d8b4eb2b4 segmentation fault with 'openssl s_client -prexit -keymatexport' 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1243)
 2016-06-21 17:30:46 -04:00
Richard Levitte
a392ef20f0 Allow proxy certs to be present when verifying a chain 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
 2016-06-20 21:34:37 +02:00
Richard Levitte
14d3c0dd2c apps/req.c: Increment the right variable when parsing '+' 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-06-20 20:11:07 +02:00
Jiri Horky
fb0303f3ce RT3136: Remove space after issuer/subject 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-20 09:25:12 -04:00
FdaSilvaYY
a8db2cfa4b Add a comment after some #endif at end of apps source code. 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1168)
 2016-06-18 16:30:24 -04:00
FdaSilvaYY
823146d65f Useless header include of openssl/rand.h 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1168)
 2016-06-18 16:30:24 -04:00
Matt Caswell
1dcb8ca2a4 Use a STACK_OF(OPENSSL_CSTRING) for const char * stacks 
Better than losing the const qualifier.

RT4378

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-18 15:34:03 +01:00
Matt Caswell
d012c1a179 Replace 4 casts with 1 
Changing the type of the |str| variable in asn1pars enables us to remove
4 casts with just 1. This silences an OpenBSD warning along the way.

RT4378

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-18 15:34:03 +01:00
FdaSilvaYY
0ad69cd6c0 Spelling fixes 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1219)
 2016-06-16 15:08:57 -04:00
Matt Caswell
f219a1b048 Revert "RT4526: Call TerminateProcess, not ExitProcess" 
This reverts commit 9c1a9ccf65.

TerminateProcess is asynchronous, so the code as written in the above
commit is not correct. It is also probably not needed in the speed
case. Reverting in order to figure out the correct solution.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-06-16 17:37:37 +01:00
Richard Levitte
2ac6115d9e Deal with the consequences of constifying getters 
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2016-06-15 20:09:27 +02:00
Rich Salz
9c1a9ccf65 RT4526: Call TerminateProcess, not ExitProcess 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-15 13:38:51 -04:00
FdaSilvaYY
82643254d6 Constify X509_TRUST_add method. 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
 2016-06-15 13:22:38 -04:00
Matt Caswell
d285b5418e Avoid a double-free in crl2pl7 
The variable |crtflst| could get double freed in an error path.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-14 11:27:10 +01:00
Matt Caswell
a45dca668e Add missing break statement 
The -psk option processing was falling through to the -srp option
processing in the ciphers app.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-14 11:21:44 +01:00
Rich Salz
a7be5759cf RT3809: basicConstraints is critical 
This is really a security bugfix, not enhancement any more.
Everyone knows critical extensions.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2016-06-13 09:18:22 -04:00
Dr. Stephen Henson
6ec6d52071 Don't skip leading zeroes in PSK keys. 
Don't use BN_hex2bn() for PSK key conversion as the conversion to
BN and back removes leading zeroes, use OPENSSL_hexstr2buf() instead.

RT#4554

Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-06-12 19:44:17 +01:00
John Denker
a3ef2c1679 RT2759: Don't read TTY when already at EOF. 
Reviewed-by: Andy Polyakov <appro@openssl.org>
 2016-06-12 08:52:40 -04:00
Rich Salz
7315ce80de Avoid memory leaks if options repeated. 
Reviewed-by: Andy Polyakov <appro@openssl.org>
 2016-06-12 08:02:46 -04:00
Rich Salz
fe08bd76e2 GH1183: Fix -unix and -connect, etc., override 
If a user specifies -unix, -6, etc., then the program tries to
use the last one specified.  This is confusing code and leads to
scripting errors.  Instead, allow only one type.

Reviewed-by: Andy Polyakov <appro@openssl.org>
 2016-06-10 10:45:49 -04:00
Rich Salz
b1ffe8dbee GH1123: sort dir before rehash 
This is needed to generate stable output names/symlinks.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-02 15:12:50 -04:00
Richard Levitte
6616429d4c Build the 'openssl rehash' command on VMS version 8.3 and up 
Include a note in INSTALL that tests must be run from an unprivileged
process.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-06-02 21:11:07 +02:00
Matt Caswell
1c422164d8 Fix memory leak in crl2pkcs7 app 
The crl2pkcs7 app leaks a stack of OPENSSL_STRINGs in error paths.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-01 18:00:53 +01:00
Matt Caswell
a855d1a155 Free a temporary buffer used by dsaparam application 
The dsaparam application allocates a temporary buffer but then doesn't
free it.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-01 18:00:53 +01:00
Matt Caswell
6e4ab54b93 Free memory on error in cms app 
The make_receipt_request() function in the cms app can leak memory on
an error condition.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-01 18:00:53 +01:00
Rich Salz
44c8a5e2b9 Add final(?) set of copyrights. 
Add copyright to missing assembler files.
Add copyrights to missing test/* files.
Add copyrights
Various source and misc files.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-01 11:27:25 -04:00
Rich Salz
0f91e1dff4 Fix some RAND bugs 
RT2630 -- segfault for int overlow
RT2877 -- check return values in apps/rand
Update CHANGES file for previous "windows rand" changes.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-01 10:45:18 -04:00
Matt Caswell
f83b85fb0f Ensure an ASN1_OBJECT is freed in error paths 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-01 14:58:46 +01:00
Matt Caswell
7b0ee1353d Free allocated password strings on exit 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-01 14:58:46 +01:00
Matt Caswell
a3768e0c9b Free a BIO_ADDR if DTLSv1_listen return <=0 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-01 14:51:36 +01:00
Matt Caswell
5bf7c7725b Ensure BIGNUM is freed in an error path 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-01 14:51:36 +01:00