Dr. Stephen Henson
789b12599d
Add conditional unit testing interface.
...
Don't call internal functions directly call them through
SSL_test_functions(). This also makes unit testing work on
Windows and platforms that don't export internal functions
from shared libraries.
By default unit testing is not enabled: it requires the compile
time option "enable-unit-test".
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
(cherry picked from commit e0fc7961c4
)
Conflicts:
ssl/heartbeat_test.c
ssl/ssl.h
util/mkdef.pl
2014-07-24 19:42:26 +01:00
Matt Caswell
371d9a627b
Prepare for 1.0.2-beta3-dev
...
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-07-22 21:31:04 +01:00
Matt Caswell
2f63ad1c6d
Prepare for 1.0.2-beta2 release
...
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-07-22 21:30:33 +01:00
Matt Caswell
0e32035292
make update
...
Reviewed-by: Stephen Henson <steve@openssl.org>
2014-07-22 21:30:33 +01:00
Dr. Stephen Henson
f5ce8d6a61
update $default_depflags
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-07-22 21:12:25 +01:00
Andy Polyakov
0ae6ba18ab
CHANGES: mention new platforms.
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-07-22 20:18:06 +02:00
Billy Brumley
4ccc2c19e2
"EC_POINT_invert" was checking "dbl" function pointer instead of "invert".
...
PR#2569
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit cba11f57ce
)
2014-07-21 22:28:09 +01:00
Tim Hudson
b5e611a973
Remove old unused and unmaintained demonstration code.
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 62352b8138
)
2014-07-22 07:26:55 +10:00
Andy Polyakov
a2f34441ab
sha1-ppc.pl: shave off one cycle from BODY_20_39
...
and improve performance by 10% on POWER[78].
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 5c3598307e
)
2014-07-21 15:30:59 +02:00
Tim Hudson
2be9425514
Minor documentation update removing "really" and a
...
statement of opinion rather than a fact.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit c8d133e4b6
)
2014-07-21 20:25:14 +10:00
Dr. Stephen Henson
f284fc7cc3
Add test header to Makefile, update ordinals
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-20 20:50:38 +01:00
Andy Polyakov
c991d8ae8b
Initial POWER8 support from development branch.
...
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-20 14:36:49 +02:00
Dr. Stephen Henson
be12cb3e24
Fix documentation for RSA_set_method(3)
...
PR#1675
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 197400c3f0d617d71ad8167b52fb73046d334320)
2014-07-19 18:25:53 +01:00
Dr. Stephen Henson
4c05b1f8d6
Make *Final work for key wrap again.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 58f4698f67
)
2014-07-17 23:31:11 +01:00
Dr. Stephen Henson
6e1e5996df
Sanity check lengths for AES wrap algorithm.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit d12eef1501
)
2014-07-17 12:58:42 +01:00
Jeffrey Walton
6ccd120f5f
Fix typo, add reference.
...
PR#3456
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit d48e78f0cf
)
2014-07-17 12:08:26 +01:00
Matt Caswell
ca818b322d
Disabled XTS mode in enc utility as it is not supported
...
PR#3442
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 2097a17c57
)
2014-07-16 21:01:38 +01:00
Matt Caswell
b11c24110c
Add Matt Caswell's fingerprint, and general update on the fingerprints file to bring it up to date
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 3bd548192a
)
2014-07-15 23:22:49 +01:00
Dr. Stephen Henson
beac6cb5aa
Clarify -Verify and PSK.
...
PR#3452
(cherry picked from commit ca2015a617
)
2014-07-15 20:23:25 +01:00
Dr. Stephen Henson
666a597ffb
Fix DTLS certificate requesting code.
...
Use same logic when determining when to expect a client
certificate for both TLS and DTLS.
PR#3452
(cherry picked from commit c8d710dc5f
)
2014-07-15 18:23:35 +01:00
Dr. Stephen Henson
d4dbabb814
Don't allow -www etc options with DTLS.
...
The options which emulate a web server don't make sense when doing DTLS.
Exit with an error if an attempt is made to use them.
PR#3453
(cherry picked from commit 58a2aaeade8bdecd0f9f0df41927f7cff3012547)
2014-07-15 12:25:19 +01:00
Dr. Stephen Henson
c71e37aa6c
Use case insensitive compare for servername.
...
PR#3445
(cherry picked from commit 1c3e9a7c67
)
2014-07-14 23:59:58 +01:00
Hubert Kario
cdae9a58e6
document -nextprotoneg option in man pages
...
Add description of the option to advertise support of
Next Protocol Negotiation extension (-nextprotoneg) to
man pages of s_client and s_server.
PR#3444
(cherry picked from commit 7efd0e777e
)
2014-07-14 23:43:21 +01:00
Dr. Stephen Henson
fa2b54c83a
Use more common name for GOST key exchange.
...
(cherry picked from commit 7aabd9c92fe6f0ea2a82869e5171dcc4518cee85)
2014-07-14 18:31:55 +01:00
Matt Caswell
14b5d0d029
Fixed valgrind complaint due to BN_consttime_swap reading uninitialised data.
...
This is actually ok for this function, but initialised to zero anyway if
PURIFY defined.
This does have the impact of masking any *real* unitialised data reads in bn though.
Patch based on approach suggested by Rich Salz.
PR#3415
(cherry picked from commit 77747e2d9a5573b1dbc15e247ce18c03374c760c)
2014-07-13 22:20:15 +01:00
Peter Mosmans
2fbd94252a
Add names of GOST algorithms.
...
PR#3440
(cherry picked from commit 924e5eda2c
)
2014-07-13 18:31:09 +01:00
Richard Levitte
5b9188454b
* crypto/ui/ui_lib.c: misplaced brace in switch statement.
...
Detected by dcruette@qualitesys.com
(cherry picked from commit 8b5dd34091
)
2014-07-13 19:13:38 +02:00
Ben Laurie
5e189b4b8d
Don't clean up uninitialised EVP_CIPHER_CTX on error (CID 483259).
...
(cherry picked from commit c1d1b0114e
)
2014-07-10 17:49:53 +01:00
Matt Caswell
23bd628735
Fix memory leak in BIO_free if there is no destroy function.
...
Based on an original patch by Neitrino Photonov <neitrinoph@gmail.com>
PR#3439
(cherry picked from commit 66816c53be
)
2014-07-09 23:32:18 +01:00
Andy Polyakov
371feee876
x86_64 assembly pack: improve masm support.
...
(cherry picked from commit 1b0fe79f3e
)
2014-07-09 22:46:13 +02:00
Andy Polyakov
f50f0c6aa3
Please Clang's sanitizer, addendum.
...
(cherry picked from commit d11c70b2c2
)
2014-07-09 22:45:52 +02:00
Andy Polyakov
2064e2db08
Please Clang's sanitizer.
...
PR: #3424,#3423,#3422
(cherry picked from commit 021e5043e5
)
2014-07-09 22:45:38 +02:00
Andy Polyakov
de222838fe
apps/speed.c: fix compiler warnings in multiblock_speed().
...
(cherry picked from commit c4f8efab34
)
2014-07-07 17:03:27 +02:00
Andy Polyakov
0ad2a0a303
sha[1|512]-x86_64.pl: fix logical errors with $shaext=0.
...
(cherry picked from commit 07b635cceb
)
2014-07-07 17:02:00 +02:00
David Lloyd
2cb761c1f4
Prevent infinite loop loading config files.
...
PR#2985
(cherry picked from commit 9d23f422a3
)
2014-07-07 13:54:11 +01:00
Viktor Dukhovni
3ebcecf5c4
Improve X509_check_host() documentation.
...
Based on feedback from Jeffrey Walton.
(cherry picked from commit b73ac02735
)
2014-07-07 20:35:49 +10:00
Viktor Dukhovni
e83c913723
Update API to use (char *) for email addresses and hostnames
...
Reduces number of silly casts in OpenSSL code and likely most
applications. Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().
(cherry picked from commit 297c67fcd8
)
2014-07-07 19:20:34 +10:00
Viktor Dukhovni
55fe56837a
Set optional peername when X509_check_host() succeeds.
...
Pass address of X509_VERIFY_PARAM_ID peername to X509_check_host().
Document modified interface.
(cherry picked from commit ced3d9158a
)
2014-07-07 19:20:34 +10:00
Viktor Dukhovni
1eb57ae2b7
New peername element in X509_VERIFY_PARAM_ID
...
Declaration, memory management, accessor and documentation.
(cherry picked from commit 6e661d458f
)
2014-07-07 19:20:34 +10:00
Viktor Dukhovni
41e3ebd5ab
One more typo when changing !result to result <= 0
...
(cherry picked from commit eef1827f89
)
2014-07-07 19:19:13 +10:00
Viktor Dukhovni
9624b50d51
Fix typo in last commit
...
(cherry picked from commit 90b70a6a6b
)
2014-07-07 19:19:13 +10:00
Viktor Dukhovni
449d864515
Multiple verifier reference identities.
...
Implemented as STACK_OF(OPENSSL_STRING).
(cherry picked from commit 8abffa4a73
)
2014-07-07 19:19:13 +10:00
Viktor Dukhovni
7f7e11ee5c
Implement sk_deep_copy.
...
(cherry picked from commit 66d884f067
)
2014-07-07 19:19:13 +10:00
Dr. Stephen Henson
43f534b986
Usage for -hack and -prexit -verify_return_error
...
(cherry picked from commit ee724df75d
)
2014-07-06 22:45:20 +01:00
Dr. Stephen Henson
fbe8ea3abe
Document certificate status request options.
...
(cherry picked from commit cba3f1c739
)
2014-07-06 22:45:20 +01:00
Dr. Stephen Henson
affc941ea6
s_server usage for certificate status requests
...
(cherry picked from commit a44f219c00
)
2014-07-06 22:45:20 +01:00
Dr. Stephen Henson
012f7474f7
Update ticket callback docs.
...
(cherry picked from commit a23a6e85d8
)
2014-07-06 12:40:16 +01:00
Dr. Stephen Henson
5c1b373be6
Sanity check keylength in PVK files.
...
PR#2277
(cherry picked from commit 733a6c882e92f8221bd03a51643bb47f5f81bb81)
2014-07-06 00:36:14 +01:00
Jeffrey Walton
648a9f7c2f
Added reference to platform specific cryptographic acceleration such as AES-NI
2014-07-06 00:04:09 +01:00
Matt Caswell
623acb90cc
Fixed error in pod files with latest versions of pod2man
...
(cherry picked from commit 07255f0a76d9d349d915e14f969b9ff2ee0d1953)
2014-07-06 00:04:09 +01:00