wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
17149 commits 20 branches 302 tags 153 MiB
Commit graph

8233 commits

Author SHA1 Message Date
FdaSilvaYY
3c82e437bb Add checks on sk_TYPE_push() returned result 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-06-23 14:03:29 +01:00
FdaSilvaYY
687b486859 Rework error handling from asn1_do_lock method. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-06-23 14:00:47 +01:00
Andy Polyakov
fc6076ca27 rand/randfile.c: make it non-ASCII-savvy. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-22 21:52:08 +02:00
Andy Polyakov
094878164d Move OS-specific fopen quirks to o_fopen.c. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-22 21:51:53 +02:00
Andy Polyakov
eeac54ef6d crypto/cryptlib.c: omit OPENSSL_ia32cap_loc(). 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-06-22 20:20:37 +02:00
FdaSilvaYY
f430ba31ac Spelling... and more spelling 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1245)
 2016-06-22 00:26:10 +02:00
Kurt Roeckx
5388b8d4e8 Avoid creating an illegal pointer. 
Found by tis-interpreter

Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1230
 2016-06-21 20:55:54 +02:00
Kurt Roeckx
01238aec40 buf2hexstr: properly deal with empty string 
It wrote before the start of the string

found by afl

Reviewed-by: Richard Levitte <levitte@openssl.org>

MR: #2994
 2016-06-21 20:55:54 +02:00
David Benjamin
abeae4d325 Make arm-xlate.pl set use strict. 
It was already nearly clean. Just one undeclared variable.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1240)
 2016-06-20 16:26:15 -04:00
Richard Levitte
d0ba7bc8a0 make update 
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
 2016-06-20 21:34:37 +02:00
Richard Levitte
ed17c7c146 Fix proxy certificate pathlength verification 
While travelling up the certificate chain, the internal
proxy_path_length must be updated with the pCPathLengthConstraint
value, or verification will not work properly.  This corresponds to
RFC 3820, 4.1.4 (a).

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
 2016-06-20 21:34:37 +02:00
Richard Levitte
c8223538cb Check that the subject name in a proxy cert complies to RFC 3820 
The subject name MUST be the same as the issuer name, with a single CN
entry added.

RT#1852

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
 2016-06-20 21:34:37 +02:00
Kurt Cancemi
5e6e650d62 Remove pointless free loop in X509_TRUST_cleanup() 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1194)
 2016-06-20 09:58:58 -04:00
Kurt Cancemi
fa3a0286d1 Remove pointless free loop in X509_PURPOSE_cleanup() 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1194)
 2016-06-20 09:58:58 -04:00
Kurt Cancemi
b88e95f3a0 crypto/evp/e_aes_cbc_hmac_sha256.c: Remove spurious memset 
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1231)
 2016-06-20 09:38:37 -04:00
Emilia Kasper
9267c11bb5 Make DSA_SIG and ECDSA_SIG getters const. 
Reorder arguments to follow convention.

Also allow r/s to be NULL in DSA_SIG_get0, similarly to ECDSA_SIG_get0.

This complements GH1193 which adds non-const setters.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-06-20 14:58:36 +02:00
Andy Polyakov
b73cfb137e rand/randfile.c: remove obsolete commentary. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-20 13:28:13 +02:00
Andy Polyakov
4973a60cb9 aes/asm/bsaes-armv7.pl: omit redundant stores in XTS subroutines. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-06-20 12:30:15 +02:00
Andy Polyakov
3d32bab8f1 aes/asm/bsaes-armv7.pl: fix XTS decrypt test failure. 
RT#4578

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-06-20 12:29:47 +02:00
Richard Levitte
b8f304f70d Change default directory for the .rnd file on Windows and VMS 
The previous change for Windows wasn't quite right.  Corrected to use
%HOME%, %USERPROFILE% and %SYSTEMPROFILE%, in that order.

Also adding the default home for VMS, SYS$LOGIN:

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
 2016-06-20 11:06:40 +02:00
FdaSilvaYY
823146d65f Useless header include of openssl/rand.h 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1168)
 2016-06-18 16:30:24 -04:00
FdaSilvaYY
93b8981d89 Useless includes 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1168)
 2016-06-18 16:30:24 -04:00
FdaSilvaYY
5ab0b7e626 Missing NULL check on OBJ_dup result in x509_name_canon 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1168)
 2016-06-18 16:30:24 -04:00
FdaSilvaYY
b1b1cba4e2 Fix an MSVC warning. 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1168)
 2016-06-18 16:30:24 -04:00
Matt Caswell
ac94c8fdb9 Improve const correctness for stacks of EVP_MD 
EVP_MDs are always const, so stacks of them should be too. This silences
a warning about type punning on OpenBSD.

RT4378

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-18 15:34:03 +01:00
Matt Caswell
98370c2dd7 constify SRP 
Add const qualifiers to lots of SRP stuff. This started out as an effort
to silence some "type-punning" warnings on OpenBSD...but the fix was to
have proper const correctness in SRP.

RT4378

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-18 15:34:03 +01:00
Matt Caswell
7fb4b92c01 Avoid type punning warnings in b_addr.c 
RT4378

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-18 15:34:03 +01:00
Matt Caswell
13c03c8d6d Change default directory for storing the .rnd file on Windows 
Previously we would try %RANDFILE%, then %HOME% and finally "C:".
Unfortunately this often ends up being "C:" which the user may not
have write permission for.

Now we try %RANDFILE% first, and then the same set of environment vars
as GetTempFile() uses, i.e. %TMP%, then %TEMP%, %USERPROFILE% and
%SYSTEMROOT%. If all else fails we fall back to %HOME% and only then "C:".

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-06-17 17:26:18 +01:00
FdaSilvaYY
0ad69cd6c0 Spelling fixes 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1219)
 2016-06-16 15:08:57 -04:00
Rich Salz
7f96f15bcf Fix build break. 
Aggregate local initializers are rarely portable (:

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-06-16 14:22:58 -04:00
Nathaniel McCallum
ebad0b0beb Add EVP_PKEY_get0_hmac() function 
Before the addition of this function, it was impossible to read the
symmetric key from an EVP_PKEY_HMAC type EVP_PKEY.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1217)
 2016-06-16 13:33:47 -04:00
Matt Caswell
b84e12266f Fix the build and tests following constification of DH, DSA, RSA 
Misc fixes following the constification of the DH, DSA and RSA
getters.

Reviewed-by: Stephen Henson <steve@openssl.org>
 2016-06-16 13:34:44 +01:00
Matt Caswell
cf3404fcc7 Change the return type of EVP_EncodeUpdate 
Previously EVP_EncodeUpdate returned a void. However there are a couple
of error conditions that can occur. Therefore the return type has been
changed to an int, with 0 indicating error and 1 indicating success.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-06-16 09:50:48 +01:00
Richard Levitte
2ac6115d9e Deal with the consequences of constifying getters 
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2016-06-15 20:09:27 +02:00
Richard Levitte
fd809cfdbd Constify the parameter getters for RSA, DSA and DH 
Including documentation changes

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2016-06-15 20:09:27 +02:00
FdaSilvaYY
c8f717fe87 Constify input buffers of some X509V3 and X509_PURPOSE -related methods 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
 2016-06-15 13:22:38 -04:00
FdaSilvaYY
82643254d6 Constify X509_TRUST_add method. 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
 2016-06-15 13:22:38 -04:00
FdaSilvaYY
bd227450d4 Constify asn1/asn_mime.c 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
 2016-06-15 13:22:38 -04:00
FdaSilvaYY
fa3a84422d Constify some input buffers in asn1 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
 2016-06-15 13:22:38 -04:00
FdaSilvaYY
dc423f898e Constify CMS_get0_type input 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
 2016-06-15 13:22:38 -04:00
FdaSilvaYY
472f727c55 Constify UI 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
 2016-06-15 13:22:38 -04:00
FdaSilvaYY
82af00fbdd Constify PKCS12_create, PKCS12_add_key, PKCS12_add_safe. 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
 2016-06-15 13:22:38 -04:00
FdaSilvaYY
159b9a4d17 Constify some conf_mod.c internal methods 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
 2016-06-15 13:22:38 -04:00
Richard Levitte
fdcb499cc2 Change (!seqtt) to (seqtt == NULL) 
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2016-06-15 01:36:11 +02:00
Richard Levitte
bace847eae Always check that the value returned by asn1_do_adb() is non-NULL 
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2016-06-15 01:36:11 +02:00
Andy Polyakov
4e3d2866b6 perlasm/x86*.pl: add endbranch instruction. 
For further information see "Control-flow Enforcement Technology
Preview" by Intel.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-06-14 23:43:52 +02:00
Andy Polyakov
cc77d0d84a modes/asm/ghashp8-ppc.pl: improve performance by 2.7x. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-06-14 23:28:39 +02:00
Andy Polyakov
627c953376 aes/asm/aesp8-ppc.pl: implement "tweak chaining". 
This is useful in Linux kernel context, in cases data happens
to be fragmented and processing can take multiple calls.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-06-14 23:19:45 +02:00
Andy Polyakov
46f047d76b evp/e_aes.c: wire hardware-assisted XTS subroutines. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-06-14 23:19:35 +02:00
Andy Polyakov
b53d32574b aes/asm/aesp8-ppc.pl: add XTS subroutines. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-06-14 23:19:27 +02:00