wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10854 commits 20 branches 302 tags 153 MiB
Commit graph

10854 commits

This branch
This branch
All branches
Author SHA1 Message Date
Dr. Stephen Henson
976c58302b Add function to free compression methods. 
Although the memory allocated by compression methods is fixed and
cannot grow over time it can cause warnings in some leak checking
tools. The function SSL_COMP_free_compression_methods() will free
and zero the list of supported compression methods. This should
*only* be called in a single threaded context when an application
is shutting down to avoid interfering with existing contexts
attempting to look up compression methods.
 2014-03-01 23:14:08 +00:00
Dr. Stephen Henson
b60272b01f PKCS#8 support for alternative PRFs. 
Add option to set an alternative to the default hmacWithSHA1 PRF
for PKCS#8 private key encryptions. This is used automatically
by PKCS8_encrypt if the nid specified is a PRF.

Add option to pkcs8 utility.

Update docs.
 2014-03-01 23:14:08 +00:00
Dr. Stephen Henson
124d218889 Fix memory leak. 2014-03-01 23:14:08 +00:00
Andy Polyakov
cd077dab08 Makefile.org: fix syntax error on Solaris. 
PR: 3271
(cherry picked from commit 65370f9bbc)
 2014-02-28 22:55:44 +01:00
Dr. Stephen Henson
d1201e3195 Fix compilation errors with no-nextprotoneg 2014-02-28 13:35:30 +00:00
Dr. Stephen Henson
5f2329b82a Fix fips flag handling. 
Don't set the fips flags in cipher and digests as the implementations
aren't suitable for FIPS mode and will be redirected to the FIPS module
versions anyway.

Return EVP_CIPH_FLAG_FIPS or EVP_MD_FLAG_FIPS if a FIPS implementation
exists when calling EVP_CIPHER_flags and EVP_MD_flags repectively.

Remove unused FIPS code from e_aes.c: the 1.0.2 branch will never be
used to build a FIPS module.
 2014-02-27 19:18:58 +00:00
Dr. Stephen Henson
01fb5e133f Remove unused file. 
The file evp_fips.c isn't used in OpenSSL 1.0.2 as FIPS and non-FIPS
implementations of algorithms can coexist.
 2014-02-27 19:08:53 +00:00
Andy Polyakov
fd2c85f6ae evp/e_aes.c: harmonize with 1.0.1. 2014-02-27 17:47:23 +01:00
Andy Polyakov
41977c2e04 Configure: mark unixware target as elf-1. 
(cherry picked from commit 4ca026560a)
 2014-02-27 14:32:46 +01:00
Andy Polyakov
ca88a1d439 perlasm/x86asm.pl: recognize elf-1 denoting old ELF platforms. 
(cherry picked from commit b62a4a1c0e)
 2014-02-27 14:30:42 +01:00
Andy Polyakov
5615196f7b perlasm/x86gas.pl: limit special OPENSSL_ia32cap_P treatment to ELF. 
(cherry picked from commit ce876d8316)
 2014-02-27 14:29:07 +01:00
Andy Polyakov
1f59eb5f11 rc4/asm/rc4-586.pl: allow for 386-only build. 
(cherry picked from commit f861b1d433)
 2014-02-27 14:28:54 +01:00
Andy Polyakov
4bf6d66e67 des/asm/des-586.pl: shortcut reference to DES_SPtrans. 
(cherry picked from commit fd361a67ef)
 2014-02-27 14:28:44 +01:00
Andy Polyakov
2f34088e5e Makefile.org: mask touch's exit code 
[but don't let it mask make's].

PR: 3269
 2014-02-27 12:35:02 +01:00
Andy Polyakov
559e69f9b4 crypto/Makefile: make it OSF-make-friendly 
PR: 3165
 2014-02-26 16:42:57 +01:00
Rob Stradling
f3b7e522d8 CABForum EV OIDs for Subject Jurisdiction of Incorporation or Registration. 
(cherry picked from commit ffcc832ba6e17859d45779eea87e38467561dd5d)
 2014-02-26 15:33:10 +00:00
Dr. Stephen Henson
73be56a21d Fix for WIN32 builds with KRB5 2014-02-26 15:33:10 +00:00
Andy Polyakov
d00ae7cf70 sha/asm/sha256-586.pl: don't try to compile SIMD with no-sse2. 
(cherry picked from commit d49135e7ea)
 2014-02-26 10:23:56 +01:00
Andy Polyakov
f92926e331 sha/asm/sha512-x86_64.pl: fix compilation error on Solaris. 
(cherry picked from commit 147cca8f53)
 2014-02-26 09:31:40 +01:00
Andy Polyakov
241c8004ce Configure: blended processor target in solaris-x86-cc. 
(cherry picked from commit 7bb9d84e35)
 2014-02-26 09:31:26 +01:00
Andy Polyakov
8d08627c94 ssl/t1_enc.c: check EVP_MD_CTX_copy return value. 
PR: 3201
(cherry picked from commit 03da57fe14)
 2014-02-25 22:23:49 +01:00
Andy Polyakov
aa1bb606f3 aes/asm/vpaes-ppc.pl: fix traceback info. 
(cherry picked from commit e704741bf3)
 2014-02-25 20:13:41 +01:00
Zoltan Arpadffy
dabd4f1986 OpenVMS fixes. 2014-02-25 15:16:03 +00:00
Dr. Stephen Henson
251c47001b update NEWS with v3_scts.c issue 2014-02-25 15:08:45 +00:00
Dr. Stephen Henson
3678161d71 Don't use BN_ULLONG in n2l8 use SCTS_TIMESTAMP. 2014-02-25 15:05:08 +00:00
Dr. Stephen Henson
6634416732 Fix for v3_scts.c 
Not all platforms define BN_ULLONG. Define SCTS_TIMESTAMP as a type
which should work on all platforms.
 2014-02-25 14:54:09 +00:00
Dr. Stephen Henson
7101fd705c update NEWS 2014-02-25 13:56:40 +00:00
Dr. Stephen Henson
0f9bcf3319 Avoid Windows 8 Getversion deprecated errors. 
Windows 8 SDKs complain that GetVersion() is deprecated.

We only use GetVersion like this:

	(GetVersion() < 0x80000000)

which checks if the Windows version is NT based. Use a macro check_winnt()
which uses GetVersion() on older SDK versions and true otherwise.
(cherry picked from commit a4cc3c8041)
 2014-02-25 13:41:53 +00:00
Rob Stradling
a948732e1c Parse non-v1 SCTs less awkwardly. 
(cherry picked from commit 19f65ddbab)
 2014-02-25 13:04:21 +00:00
Andy Polyakov
c3006e0f5a util/pl/VC-32.pl: harmonize with 1.0.1 and fix typo. 2014-02-25 13:41:40 +01:00
Andy Polyakov
efe835eb5a ms/do_win64a.bat: forward to NUL, not NUL:. 
Allegedly formwarding to NUL: sometimes creates NUL file in file
system.

PR: 3250
(cherry picked from commit 63aff3001e)
 2014-02-24 19:37:48 +01:00
Dr. Stephen Henson
ab03ead035 we need /MD for fips builds 2014-02-24 18:21:35 +00:00
Dr. Stephen Henson
6a6e08960e Update NEWS with known issue. 2014-02-24 16:31:44 +00:00
Andy Polyakov
aedabeee3a BC-32.pl: refresh Borland C support. 
PR: 3251
Suggested by: Thorsten Schöning
(cherry picked from commit 779c51c644)
 2014-02-24 16:45:15 +01:00
Andy Polyakov
83fe7b9c83 x509/by_dir.c: fix run-away pointer (and potential SEGV) 
when adding duplicates in add_cert_dir.

PR: 3261
Reported by: Marian Done
(cherry picked from commit 758954e0d8)
 2014-02-24 15:21:37 +01:00
Dr. Stephen Henson
97654d7e28 Prepare for 1.0.2-beta2-dev 2014-02-24 13:52:51 +00:00
Dr. Stephen Henson
94f4166017 Prepare for 1.0.2-beta1 release 2014-02-24 13:51:34 +00:00
Dr. Stephen Henson
a74c9c9e10 OpenSSL 1.0.2 is now in beta 2014-02-24 13:50:38 +00:00
Dr. Stephen Henson
d2a3c4497f make update 2014-02-24 13:50:38 +00:00
Andy Polyakov
a129850922 config: recognize ARMv8/AArch64 target. 
(cherry picked from commit d099f0ed6c)
 2014-02-24 13:21:14 +01:00
Dr. Stephen Henson
c3f5d3d93a Only set current certificate to valid values. 
When setting the current certificate check that it has a corresponding
private key.
(cherry picked from commit 358d352aa2)
 2014-02-23 13:49:21 +00:00
Dr. Stephen Henson
c5ea65b157 New chain building flags. 
New flags to build certificate chains. The can be used to rearrange
the chain so all an application needs to do is add all certificates
in arbitrary order and then build the chain to check and correct them.

Add verify error code when building chain.

Update docs.
(cherry picked from commit 13dc3ce9ab)
 2014-02-23 13:49:21 +00:00
Dr. Stephen Henson
58b86e4235 Option to set current cert to server certificate. 
(cherry picked from commit daddd9a950)
 2014-02-23 13:49:21 +00:00
Ben Laurie
a466be6243 Fix typo. 2014-02-23 11:21:39 +00:00
Ben Laurie
60327ce41a Add debug flag. 2014-02-23 11:21:28 +00:00
Andy Polyakov
2d4d9623da aes/asm/aesni-x86[_64].pl: minor Atom-specific performance tweak. 
(cherry picked from commit 214368ffee)
 2014-02-21 12:15:07 +01:00
Andy Polyakov
6b3b6beaa1 ssl/ssl_cert.c: DANE update. 2014-02-21 12:12:25 +01:00
Dr. Stephen Henson
7743be3aac make update 2014-02-20 22:57:24 +00:00
Dr. Stephen Henson
b709f8ef54 fix WIN32 warnings 2014-02-20 22:41:06 +00:00
Rob Stradling
c74ce24cd2 Show the contents of the RFC6962 Signed Certificate Timestamp List Certificate/OCSP Extensions. 
Add the RFC6962 OIDs to the objects table.
(backport from master branch)
 2014-02-20 21:43:54 +00:00