openssl

Author	SHA1	Message	Date
Mat	642565106e	Fix return type for CRYPTO_THREAD_run_once return type should be int and not void Signed-off-by: Rich Salz <rsalz@akamai.com> Reviewed-by: Richard Levitte <levitte@openssl.org>	2016-03-09 20:42:30 -05:00
Viktor Dukhovni	dd60efea95	Add X509_CHECK_FLAG_NEVER_CHECK_SUBJECT flag Reviewed-by: Dr. Stephen Henson <steve@openssl.org>	2016-03-09 20:41:28 -05:00
Richard Levitte	29f082603a	Remove duplicate typedef of ECPKPARAMETERS in ec.h Reviewed-by: Stephen Henson <steve@openssl.org>	2016-03-10 02:35:12 +01:00
Kurt Roeckx	6b51459026	Run make update Reviewed-by: Rich Salz <rsalz@openssl.org> MR: #2296	2016-03-10 01:44:47 +01:00
Richard Levitte	32e4cc0cde	Travis - the source directory is _srcdist, not _srcdir Reviewed-by: Stephen Henson <steve@openssl.org>	2016-03-10 01:31:06 +01:00
Richard Levitte	c5798e0eb5	Correct slight logic error in processing IF in build.info This corrects a fault where the inner IF in this example was still being acted upon: IF[0] ...whatever... IF[1] ...whatever more... ENDIF ENDIF With this change, the inner IF is skipped over. Reviewed-by: Matt Caswell <matt@openssl.org>	2016-03-09 23:58:44 +01:00
Richard Levitte	64b9d84bfd	When grepping something starting with a dash, remember to use -e Reviewed-by: Viktor Dukhovni <viktor@openssl.org>	2016-03-09 22:34:27 +01:00
Kurt Roeckx	2b8fa1d56c	Deprecate the use of version-specific methods Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1824	2016-03-09 19:45:05 +01:00
Kurt Roeckx	885e601d97	Use version flexible method instead of fixed version Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1824	2016-03-09 19:39:54 +01:00
Kurt Roeckx	0d5301aff9	Use minimum and maximum protocol version instead of version fixed methods Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1824	2016-03-09 19:38:56 +01:00
Kurt Roeckx	1fc7d6664a	Fix usage of OPENSSL_NO_*_METHOD Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1824	2016-03-09 19:38:18 +01:00
Kurt Roeckx	ca3895f0b5	Move disabling of RC4 for DTLS to the cipher list. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595	2016-03-09 19:10:28 +01:00
Kurt Roeckx	82478521aa	Remove DES cipher alias Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595	2016-03-09 19:10:28 +01:00
Kurt Roeckx	29c4cf0cd1	Update ciphers -s documentation Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595	2016-03-09 19:10:28 +01:00
Kurt Roeckx	cdc72e497d	Document SSL_get1_supported_ciphers Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595	2016-03-09 19:10:28 +01:00
Kurt Roeckx	d7a474264b	IDEA is not supported in TLS 1.2 This currently seems to be the only cipher we still support that should get disabled. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595	2016-03-09 19:10:28 +01:00
Kurt Roeckx	3eb2aff401	Add support for minimum and maximum protocol version supported by a cipher Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595	2016-03-09 19:10:28 +01:00
Kurt Roeckx	068c358ac3	Add ssl_get_client_min_max_version() function Adjust ssl_set_client_hello_version to get both the minimum and maximum and then make ssl_set_client_hello_version use the maximum version. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595	2016-03-09 19:10:28 +01:00
Kurt Roeckx	b11836a63a	Make SSL_CIPHER_get_version return a const char * Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595	2016-03-09 19:10:28 +01:00
Kurt Roeckx	6063453c5a	Remove unused code Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595	2016-03-09 19:10:28 +01:00
Kurt Roeckx	7d65007238	Make function to convert version to string Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595	2016-03-09 19:10:28 +01:00
Kurt Roeckx	e4646a8963	Constify security callbacks Reviewed-by: Viktor Dukhovni <viktor@openssl.org> MR: #1595	2016-03-09 19:10:28 +01:00
Rob Percival	ca74c38dc8	Documentation for ctx_set_ctlog_list_file() Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 13:07:09 -05:00
Rob Percival	6bea2a72a8	Minor improvement to formatting of SCT output in s_client Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 13:07:09 -05:00
Rob Percival	328f36c5c5	Do not display a CT log error message if CT validation is disabled Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 13:07:09 -05:00
Rich Salz	60b350a3ef	RT3676: Expose ECgroup i2d functions Reviewed-by: Dr. Stephen Henson <steve@openssl.org>	2016-03-09 12:25:21 -05:00
Richard Levitte	c471884996	Comment away the extra checks in Configure The "extra checks" is a debugging tool to check the config resolving mechanism. It uses Perl's smart match, which is experimental and therefore always causes Perl to give out a warning, and it causes older Perl versions to fail entirely. So, it gets commented away, but stays otherwise in place, as it may be useful again. Reviewed-by: Matt Caswell <matt@openssl.org>	2016-03-09 17:59:14 +01:00
Richard Levitte	67336ea400	Make ct_dir and certs_dir static in test/ct_test.c Reviewed-by: Matt Caswell <matt@openssl.org>	2016-03-09 17:58:02 +01:00
Richard Levitte	1bee9d6b6c	Fix ct_test to not assume it's in the source directory ct_test assumed it's run in the source directory and failed when built elsewhere. It still defaults to that, but can be told another story with the environment variables CT_DIR and CERTS_DIR. Test recipe updated to match. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:35:18 -05:00
Rob Percival	9ddff1e83c	Document importance of CTLOG_STORE outliving SCT if SCT_set0_log is used Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	dc919c6935	Make SCT literals into const variables in ct_test.c Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	eac84e8127	Makes STACK_OF(SCT)* parameter of i2d_SCT_LIST const Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	14db9bbd71	Removes SCT_LIST_set_source and SCT_LIST_set0_logs Both of these functions can easily be implemented by callers instead. Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	21b908a8f9	Makes SCT_get0_log return const CTLOG* Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	12d2d28185	Makes CTLOG_STORE_get0_log_by_id return const CTLOG* Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	98af731064	Improved documentation of SCT_CTX_* functions Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	e5a7ac446b	Updates ct_err.c Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	5c081a8f74	Remove unnecessary call to SCT_set1_extensions(sct, "", 0) in ct_test.c Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	6d7fd9c142	Reset SCT validation_status if the SCT is modified Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	9c812014c8	Use SCT_VERSION_V1 in place of literal 0 in ct_test.c Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	70279a81a7	Fixes "usuable" typo in ct_locl.h Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	70073f3e3a	Treat boolean functions as booleans Use "!x" instead of "x <= 0", as these functions never return a negative value. Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	8c92c4eac0	Make parameters of CTLOG_get* const Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	5da65ef23c	Extensive application of __owur to CT functions that return a boolean Also improves some documentation of those functions. Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Rob Percival	8fbb93d0e2	Makes SCT_LIST_set_source return the number of successes No longer terminates on first error, but instead tries to set the source of every SCT regardless of whether an error occurs with some. Reviewed-by: Emilia Käsper <emilia@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>	2016-03-09 11:34:48 -05:00
Todd Short	aeb5b95576	Fix locking in ssl_cert_dup() Properly check the return value of CRYPTO_THREAD_lock_new() Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>	2016-03-09 11:26:01 -05:00
Richard Levitte	b7aacc3ac3	Restore building out of source with the unified build scheme Reviewed-by: Matt Caswell <matt@openssl.org>	2016-03-09 17:13:56 +01:00
Richard Levitte	467bbe090b	CT test can't run without EC, so skip it on that algo as well Reviewed-by: Matt Caswell <matt@openssl.org>	2016-03-09 17:13:23 +01:00
Richard Levitte	c469a9a81e	Fix ct_test to not assume it's in the source directory ct_test assumed it's run in the source directory and failed when built elsewhere. It still defaults to that, but can be told another story with the environment variables CT_DIR and CERTS_DIR. Test recipe updated to match. Reviewed-by: Matt Caswell <matt@openssl.org>	2016-03-09 17:13:23 +01:00
Matt Caswell	9b13e27c28	Update CHANGES and NEWS Update the CHANGES and NEWS files with information about the recently added AFALG engine and pipelining. Reviewed-by: Richard Levitte <levitte@openssl.org>	2016-03-09 15:31:22 +00:00

1 2 3 4 5 ...

15934 commits