Dr. Stephen Henson
e86951ca2a
Remove ancient obsolete files under pkcs7.
...
(cherry picked from commit 7be6b27aaf
)
2014-06-27 13:53:23 +01:00
Huzaifa Sidhpurwala
b7a4f98b15
Make sure BN_sqr can never return a negative value.
...
PR#3410
(cherry picked from commit e14e764c0d5d469da63d0819c6ffc0e1e9e7f0bb)
2014-06-26 23:56:32 +01:00
Andy Polyakov
82a9dafe32
bn_exp.c: move check for AD*X to rsaz-avx2.pl.
...
This ensures high performance is situations when assembler supports
AVX2, but not AD*X.
(cherry picked from commit f3f620e1e0
)
Resolved conflicts:
crypto/bn/asm/rsaz-avx2.pl
2014-06-27 00:36:05 +02:00
Andy Polyakov
1536bcfd56
aesv8-armx.pl: rigid input verification in key setup.
...
(cherry picked from commit 7b8c8c4d79
)
2014-06-25 22:12:08 +02:00
Viktor Dukhovni
3fc0b1edad
X509_check_mumble() failure is <= 0, not just 0
...
(cherry picked from commit a48fb0400c
)
2014-06-25 18:21:36 +01:00
Viktor Dukhovni
3d15d58e55
More complete input validation of X509_check_mumble
...
(cherry picked from commit 29edebe95c
)
2014-06-25 18:21:35 +01:00
Viktor Dukhovni
d93edc0aab
Drop hostlen from X509_VERIFY_PARAM_ID.
...
Just store NUL-terminated strings. This works better when we add
support for multiple hostnames.
(cherry picked from commit b3012c698a
)
2014-06-25 18:21:35 +01:00
Viktor Dukhovni
609daababb
More complete X509_check_host documentation.
...
(cherry picked from commit d241b80409
)
2014-06-25 18:21:35 +01:00
Andy Polyakov
a073ceeff4
aesv8-armx.pl: inclrease interleave factor.
...
This is to compensate for higher aes* instruction latency on Cortex-A57.
(cherry picked from commit 015364baf3
)
2014-06-24 08:10:37 +02:00
Andy Polyakov
5cd8ce42ec
ARMv8 assembly pack: add Cortex performance numbers.
...
(cherry picked from commit 0f777aeb50
)
2014-06-24 08:07:04 +02:00
Miod Vallat
d15f2d98ef
Fix off-by-one errors in ssl_cipher_get_evp()
...
In the ssl_cipher_get_evp() function, fix off-by-one errors in index validation before accessing arrays.
Bug discovered and fixed by Miod Vallat from the OpenBSD team.
PR#3375
2014-06-22 23:18:15 +01:00
Matt Caswell
00f5ee445b
Revert "Fix off-by-one errors in ssl_cipher_get_evp()"
...
This reverts commit 3d86077427
.
Incorrect attribution.
2014-06-22 23:17:40 +01:00
Matt Caswell
e7911530a9
Fixed Windows compilation failure
2014-06-22 20:18:09 +02:00
Richard Levitte
6ff73426c3
Make sure test/tests.com exit gracefully, even when openssl.exe wasn't
...
properly built.
2014-06-18 13:43:10 +02:00
Richard Levitte
a61e509e9b
Adjust VMS build to Unix build. Most of all, make it so the disabled
...
algorithms MD2 and RC5 don't get built.
Also, disable building the test apps in crypto/des and crypto/pkcs7, as
they have no support at all.
2014-06-18 13:43:09 +02:00
Felix Laurie von Massenbach
1b823494de
Fix signed/unsigned comparisons.
...
(cherry picked from commit 50cc4f7b3d
)
2014-06-17 18:38:36 +01:00
Felix Laurie von Massenbach
6657e68bf2
Fix shadow declaration.
...
(cherry picked from commit 1f61d8b5b1
)
2014-06-17 18:36:48 +01:00
Richard Levitte
23351c607b
Remove unused DANE macros. This should be the last DANE stuff...
2014-06-17 12:38:20 +02:00
Richard Levitte
9a6112d16a
DCL doesn't do well with empty lines, or lines starting with #
2014-06-16 13:25:16 +02:00
Richard Levitte
b9c0dae28e
Spaces were added in some strings for better readability. However, those spaces do not belong in file names, so when picking out the individual parts, remove the spaces
2014-06-16 13:25:16 +02:00
Andy Polyakov
d940b3b9c7
aesni-sha[1|256]-x86_64.pl: fix logical error and MacOS X build.
...
(cherry picked from commit 9024b84b7c
)
2014-06-16 10:12:56 +02:00
Viktor Dukhovni
cfbc10fb32
Enforce _X509_CHECK_FLAG_DOT_SUBDOMAINS internal-only
...
(cherry picked from commit d435e23959f1c2cb4feadbfba9ad884c59f37db9)
2014-06-14 22:31:28 +01:00
Dr. Stephen Henson
90d94ce39e
Accept CCS after sending finished.
...
Allow CCS after finished has been sent by client: at this point
keys have been correctly set up so it is OK to accept CCS from
server. Without this renegotiation can sometimes fail.
PR#3400
(cherry picked from commit 99cd6a91fcb0931feaebbb4832681d40a66fad41)
2014-06-14 22:31:28 +01:00
Andy Polyakov
79b960c046
evp/e_aes_cbc_sha[1|256].c: fix -DPEDANTIC build.
...
(cherry picked from commit ce00c64df9
)
2014-06-14 23:16:29 +02:00
Richard Levitte
66a6e2b2b6
Adjust VMS build files to the Unix ones
2014-06-14 16:58:11 +02:00
Richard Levitte
1be1d05184
Make sure that disabling the MAYLOSEDATA3 warning is only done when the
...
compiler supports it. Otherwise, there are warnings about it lacking
everywhere, which is quite tedious to read through while trying to check
for other warnings.
2014-06-14 16:58:11 +02:00
Richard Levitte
9f8c183283
Update the VMS tests according to the latest unixly tests.
...
Partly provided by Zoltan Arpadffy <arpadffy@polarhome.com>
2014-06-14 16:58:11 +02:00
Andy Polyakov
8301245a5e
aesni-sha256-x86_64.pl: add missing rex in shaext.
...
PR: 3405
(cherry picked from commit 91a6bf80f8
)
2014-06-14 16:04:04 +02:00
Andy Polyakov
1f6d207625
sha1-x86_64.pl: add missing rex prefix in shaext.
...
PR: 3405
(cherry picked from commit c9cf29cca2
)
2014-06-14 15:28:38 +02:00
Matt Caswell
561ba12463
Fixed incorrect return code handling in ssl3_final_finish_mac.
...
Based on an original patch by Joel Sing (OpenBSD) who also originally identified the issue.
2014-06-13 15:50:58 +01:00
Matt Caswell
7f133c357b
Revert "Fixed incorrect return code handling in ssl3_final_finish_mac"
...
This reverts commit 728bd41a15
.
Missing attribution.
2014-06-13 15:50:28 +01:00
Viktor Dukhovni
3cc8a3f234
Client-side namecheck wildcards.
...
A client reference identity of ".example.com" matches a server
certificate presented identity that is any sub-domain of "example.com"
(e.g. "www.sub.example.com).
With the X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS flag, it matches
only direct child sub-domains (e.g. "www.sub.example.com").
(cherry picked from commit e52c52f10bb8e34aaf8f28f3e5b56939e8f6b357)
2014-06-12 23:19:24 +01:00
Kurt Cancemi
3d86077427
Fix off-by-one errors in ssl_cipher_get_evp()
...
In the ssl_cipher_get_evp() function, fix off-by-one errors in index validation before accessing arrays.
PR#3375
2014-06-12 21:12:43 +01:00
Andy Polyakov
56ba280ccd
Facilitate back-porting of AESNI and SHA modules.
...
Fix SEH and stack handling in Win64 build.
(cherry picked from commit 977f32e852
)
2014-06-12 21:51:35 +02:00
Matt Caswell
955bfbc268
Added OPENSSL_assert check as per PR#3377 reported by Rainer Jung <rainer.jung@kippdata.de>
2014-06-12 20:42:33 +01:00
Dr. Stephen Henson
2eab488c02
remove some more DANE code
2014-06-12 11:09:14 +01:00
Dr. Stephen Henson
fa7a0efbac
make update
2014-06-12 10:52:49 +01:00
Dr. Stephen Henson
3fe8f005b0
Fix Windows build.
2014-06-12 10:52:49 +01:00
Dr. Stephen Henson
5af09776ce
Remove unimplemented functions.
2014-06-12 10:52:49 +01:00
Richard Levitte
995d08d104
Update the VMS build according to the latest unixly build.
...
Partly provided by Zoltan Arpadffy <arpadffy@polarhome.com>
2014-06-12 16:59:47 +02:00
Richard Levitte
ca422f3563
The 1.0.2 cms-test.pl had some changes that don't quite work on VMS...
2014-06-12 16:58:39 +02:00
Richard Levitte
68a1e0bc35
Bring in the 1.0.1g to 1.0.1h changes into CHANGES.
2014-06-12 12:22:24 +02:00
Richard Levitte
ed6c278f60
Small cleanup, double entry in CHANGES.
2014-06-12 12:18:13 +02:00
Andy Polyakov
d85a772ec3
Enable multi-block support by default.
...
(cherry picked from commit 77a27a5066
)
2014-06-11 20:41:46 +02:00
Dr. Stephen Henson
fb2f9f266c
Fix compilation with no-comp
...
(cherry picked from commit 7239a09c7b5757ed8d0e9869f3e9b03c0e11f4d1)
2014-06-11 14:41:00 +01:00
Andy Polyakov
66aeaec067
ghash-x86_64.pl: optimize for upcoming Atom.
...
(cherry picked from commit 1cf8f57b43
)
2014-06-11 11:35:23 +02:00
Andy Polyakov
70fddbe32a
Add support for Intel SHA extension.
...
(cherry picked from commit 619b94667c
)
2014-06-11 10:30:31 +02:00
Rob Stradling
5fc3d333c7
Separate the SCT List parser from the SCT List viewer
...
(cherry picked from commit fd2309aa29
)
2014-06-11 00:10:45 +01:00
Matt Caswell
728bd41a15
Fixed incorrect return code handling in ssl3_final_finish_mac
2014-06-10 23:32:27 +01:00
Andy Polyakov
77fb5a303b
Engage GHASH for ARMv8.
...
(cherry picked from commit 82741e9c89
)
2014-06-11 00:10:00 +02:00