wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11194 commits 20 branches 302 tags 153 MiB
Commit graph

11194 commits

This branch
This branch
All branches
Author SHA1 Message Date
Tim Hudson
b5e611a973 Remove old unused and unmaintained demonstration code. 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 62352b8138)
 2014-07-22 07:26:55 +10:00
Andy Polyakov
a2f34441ab sha1-ppc.pl: shave off one cycle from BODY_20_39 
and improve performance by 10% on POWER[78].

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 5c3598307e)
 2014-07-21 15:30:59 +02:00
Tim Hudson
2be9425514 Minor documentation update removing "really" and a 
statement of opinion rather than a fact.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit c8d133e4b6)
 2014-07-21 20:25:14 +10:00
Dr. Stephen Henson
f284fc7cc3 Add test header to Makefile, update ordinals 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-20 20:50:38 +01:00
Andy Polyakov
c991d8ae8b Initial POWER8 support from development branch. 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-07-20 14:36:49 +02:00
Dr. Stephen Henson
be12cb3e24 Fix documentation for RSA_set_method(3) 
PR#1675
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 197400c3f0d617d71ad8167b52fb73046d334320)
 2014-07-19 18:25:53 +01:00
Dr. Stephen Henson
4c05b1f8d6 Make *Final work for key wrap again. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 58f4698f67)
 2014-07-17 23:31:11 +01:00
Dr. Stephen Henson
6e1e5996df Sanity check lengths for AES wrap algorithm. 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit d12eef1501)
 2014-07-17 12:58:42 +01:00
Jeffrey Walton
6ccd120f5f Fix typo, add reference. 
PR#3456
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit d48e78f0cf)
 2014-07-17 12:08:26 +01:00
Matt Caswell
ca818b322d Disabled XTS mode in enc utility as it is not supported 
PR#3442

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 2097a17c57)
 2014-07-16 21:01:38 +01:00
Matt Caswell
b11c24110c Add Matt Caswell's fingerprint, and general update on the fingerprints file to bring it up to date 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 3bd548192a)
 2014-07-15 23:22:49 +01:00
Dr. Stephen Henson
beac6cb5aa Clarify -Verify and PSK. 
PR#3452
(cherry picked from commit ca2015a617)
 2014-07-15 20:23:25 +01:00
Dr. Stephen Henson
666a597ffb Fix DTLS certificate requesting code. 
Use same logic when determining when to expect a client
certificate for both TLS and DTLS.

PR#3452
(cherry picked from commit c8d710dc5f)
 2014-07-15 18:23:35 +01:00
Dr. Stephen Henson
d4dbabb814 Don't allow -www etc options with DTLS. 
The options which emulate a web server don't make sense when doing DTLS.
Exit with an error if an attempt is made to use them.

PR#3453
(cherry picked from commit 58a2aaeade8bdecd0f9f0df41927f7cff3012547)
 2014-07-15 12:25:19 +01:00
Dr. Stephen Henson
c71e37aa6c Use case insensitive compare for servername. 
PR#3445
(cherry picked from commit 1c3e9a7c67)
 2014-07-14 23:59:58 +01:00
Hubert Kario
cdae9a58e6 document -nextprotoneg option in man pages 
Add description of the option to advertise support of
Next Protocol Negotiation extension (-nextprotoneg) to
man pages of s_client and s_server.

PR#3444
(cherry picked from commit 7efd0e777e)
 2014-07-14 23:43:21 +01:00
Dr. Stephen Henson
fa2b54c83a Use more common name for GOST key exchange. 
(cherry picked from commit 7aabd9c92fe6f0ea2a82869e5171dcc4518cee85)
 2014-07-14 18:31:55 +01:00
Matt Caswell
14b5d0d029 Fixed valgrind complaint due to BN_consttime_swap reading uninitialised data. 
This is actually ok for this function, but initialised to zero anyway if
PURIFY defined.

This does have the impact of masking any *real* unitialised data reads in bn though.

Patch based on approach suggested by Rich Salz.

PR#3415

(cherry picked from commit 77747e2d9a5573b1dbc15e247ce18c03374c760c)
 2014-07-13 22:20:15 +01:00
Peter Mosmans
2fbd94252a Add names of GOST algorithms. 
PR#3440
(cherry picked from commit 924e5eda2c)
 2014-07-13 18:31:09 +01:00
Richard Levitte
5b9188454b * crypto/ui/ui_lib.c: misplaced brace in switch statement. 
Detected by dcruette@qualitesys.com

(cherry picked from commit 8b5dd34091)
 2014-07-13 19:13:38 +02:00
Ben Laurie
5e189b4b8d Don't clean up uninitialised EVP_CIPHER_CTX on error (CID 483259). 
(cherry picked from commit c1d1b0114e)
 2014-07-10 17:49:53 +01:00
Matt Caswell
23bd628735 Fix memory leak in BIO_free if there is no destroy function. 
Based on an original patch by Neitrino Photonov <neitrinoph@gmail.com>

PR#3439

(cherry picked from commit 66816c53be)
 2014-07-09 23:32:18 +01:00
Andy Polyakov
371feee876 x86_64 assembly pack: improve masm support. 
(cherry picked from commit 1b0fe79f3e)
 2014-07-09 22:46:13 +02:00
Andy Polyakov
f50f0c6aa3 Please Clang's sanitizer, addendum. 
(cherry picked from commit d11c70b2c2)
 2014-07-09 22:45:52 +02:00
Andy Polyakov
2064e2db08 Please Clang's sanitizer. 
PR: #3424,#3423,#3422
(cherry picked from commit 021e5043e5)
 2014-07-09 22:45:38 +02:00
Andy Polyakov
de222838fe apps/speed.c: fix compiler warnings in multiblock_speed(). 
(cherry picked from commit c4f8efab34)
 2014-07-07 17:03:27 +02:00
Andy Polyakov
0ad2a0a303 sha[1|512]-x86_64.pl: fix logical errors with $shaext=0. 
(cherry picked from commit 07b635cceb)
 2014-07-07 17:02:00 +02:00
David Lloyd
2cb761c1f4 Prevent infinite loop loading config files. 
PR#2985
(cherry picked from commit 9d23f422a3)
 2014-07-07 13:54:11 +01:00
Viktor Dukhovni
3ebcecf5c4 Improve X509_check_host() documentation. 
Based on feedback from Jeffrey Walton.

(cherry picked from commit b73ac02735)
 2014-07-07 20:35:49 +10:00
Viktor Dukhovni
e83c913723 Update API to use (char *) for email addresses and hostnames 
Reduces number of silly casts in OpenSSL code and likely most
applications.  Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().

(cherry picked from commit 297c67fcd8)
 2014-07-07 19:20:34 +10:00
Viktor Dukhovni
55fe56837a Set optional peername when X509_check_host() succeeds. 
Pass address of X509_VERIFY_PARAM_ID peername to X509_check_host().
Document modified interface.

(cherry picked from commit ced3d9158a)
 2014-07-07 19:20:34 +10:00
Viktor Dukhovni
1eb57ae2b7 New peername element in X509_VERIFY_PARAM_ID 
Declaration, memory management, accessor and documentation.

(cherry picked from commit 6e661d458f)
 2014-07-07 19:20:34 +10:00
Viktor Dukhovni
41e3ebd5ab One more typo when changing !result to result <= 0 
(cherry picked from commit eef1827f89)
 2014-07-07 19:19:13 +10:00
Viktor Dukhovni
9624b50d51 Fix typo in last commit 
(cherry picked from commit 90b70a6a6b)
 2014-07-07 19:19:13 +10:00
Viktor Dukhovni
449d864515 Multiple verifier reference identities. 
Implemented as STACK_OF(OPENSSL_STRING).

(cherry picked from commit 8abffa4a73)
 2014-07-07 19:19:13 +10:00
Viktor Dukhovni
7f7e11ee5c Implement sk_deep_copy. 
(cherry picked from commit 66d884f067)
 2014-07-07 19:19:13 +10:00
Dr. Stephen Henson
43f534b986 Usage for -hack and -prexit -verify_return_error 
(cherry picked from commit ee724df75d)
 2014-07-06 22:45:20 +01:00
Dr. Stephen Henson
fbe8ea3abe Document certificate status request options. 
(cherry picked from commit cba3f1c739)
 2014-07-06 22:45:20 +01:00
Dr. Stephen Henson
affc941ea6 s_server usage for certificate status requests 
(cherry picked from commit a44f219c00)
 2014-07-06 22:45:20 +01:00
Dr. Stephen Henson
012f7474f7 Update ticket callback docs. 
(cherry picked from commit a23a6e85d8)
 2014-07-06 12:40:16 +01:00
Dr. Stephen Henson
5c1b373be6 Sanity check keylength in PVK files. 
PR#2277
(cherry picked from commit 733a6c882e92f8221bd03a51643bb47f5f81bb81)
 2014-07-06 00:36:14 +01:00
Jeffrey Walton
648a9f7c2f Added reference to platform specific cryptographic acceleration such as AES-NI 2014-07-06 00:04:09 +01:00
Matt Caswell
623acb90cc Fixed error in pod files with latest versions of pod2man 
(cherry picked from commit 07255f0a76d9d349d915e14f969b9ff2ee0d1953)
 2014-07-06 00:04:09 +01:00
Andy Polyakov
6ce295a301 sha512-x86_64.pl: fix typo. 
PR: #3431
(cherry picked from commit 7eb9680ae1)
 2014-07-06 00:00:34 +02:00
Andy Polyakov
0359ccfd8b s3_pkt.c: fix typo. 
(cherry picked from commit 0e7a32b55e)
 2014-07-05 23:57:28 +02:00
Andy Polyakov
9c1cf94f34 apps/speed.c: add multi-block benchmark. 
(cherry picked from commit 375a64e349)
 2014-07-05 23:54:43 +02:00
Alan Hryngle
ff5b11f547 Return smaller of ret and f. 
PR#3418.
(cherry picked from commit fdea4fff8f)
 2014-07-05 22:38:17 +01:00
Dr. Stephen Henson
8358302d47 Don't limit message sizes in ssl3_get_cert_verify. 
PR#319 (reoponed version).
(cherry picked from commit 7f6e957864)
 2014-07-05 13:30:38 +01:00
Dr. Stephen Henson
534656a997 Add license info. 
(cherry picked from commit 55707a36cc)
 2014-07-04 18:43:06 +01:00
Dr. Stephen Henson
2cfbec1cae typo 2014-07-04 13:50:26 +01:00