Dr. Stephen Henson
3af45d9978
Disable some algorithms by default
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-11 02:41:15 +00:00
Viktor Dukhovni
aea145e399
Regenerate SSL record/statem error strings
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-10 20:18:05 -05:00
Dr. Stephen Henson
71405d683c
fix shadow warning
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-10 23:39:13 +00:00
Kurt Roeckx
1918e01c9f
File is about s_time, not s_client
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-01-10 13:13:20 +01:00
Kurt Roeckx
869e978c98
Allow disabling the min and max version
...
Reviewed-by: Viktor Dukhovni <openssl-users@dukhovni.org>
2016-01-10 13:04:55 +01:00
Viktor Dukhovni
ca0004e561
Future-proof deprecated declartion parsing
...
Support two-digest major/minor/micro numbers and die when the input
fails to parse
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-01-09 22:30:59 -05:00
Rich Salz
d594199bb4
RT41897: Add an CRYPTO_secure_actual_size
...
This is already documented, I just forgot to include the code :)
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-09 19:13:15 -05:00
Mat
f820b79248
Fix c++ compilation
...
Fixes https://github.com/openssl/openssl/issues/532
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-01-09 19:05:44 -05:00
Mat
77f31b3a8a
Adds missing type casts
...
This fixes https://github.com/openssl/openssl/issues/534
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-01-09 19:04:02 -05:00
Mat
3e45d39347
Adds crypto-mdebug as a valid option
...
Adds crypto-mdebug as a valid option. Fixes https://github.com/openssl/openssl/issues/537
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-01-09 19:02:41 -05:00
Mat
85d7bdf036
Fix build failure on Windows
...
Fixes https://github.com/openssl/openssl/issues/530
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-01-09 18:11:07 -05:00
Dr. Stephen Henson
7ba4f9dda5
update ordinals
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-09 21:55:46 +00:00
Dr. Stephen Henson
7a556fb6f8
Add DEPRECATEDIN support.
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-09 21:52:03 +00:00
Dr. Stephen Henson
c3be59a47c
Correct header defines
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-09 21:52:03 +00:00
Dr. Stephen Henson
a9988d54f6
remove hard coded algorithms
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-09 21:52:03 +00:00
Dr. Stephen Henson
2854c7989d
Recognise disabled algorithms automatically.
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-09 21:52:03 +00:00
Rich Salz
6ac11bd0b9
Fix no CRYPTO_MDEBUG build (windows)
...
In order for mkdep to find #ifdef'd functions, they must be
wrapped (in the header file) with
#ifndef OPENSSL_NO_...
So do that for various CRYPTO_mem_debug... things.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-08 14:35:04 -05:00
Viktor Dukhovni
8da94770f0
Fixup actually update danetest.c
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-08 14:11:16 -05:00
Rich Salz
f232d6ece3
Another portability fix.
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-08 13:06:01 -05:00
Viktor Dukhovni
8707e3be0c
Update comment as bn_dup_expand is gone
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-08 12:53:39 -05:00
Viktor Dukhovni
64c711cd0e
Simplify deprecated declaration exception
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-08 12:53:20 -05:00
Rich Salz
7ff970ef55
Portability fix for apps/s_client.c
...
Make some local variables and a table of them be static.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-08 12:48:15 -05:00
Viktor Dukhovni
59fd40d4e5
DANE CHANGES
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 22:00:14 -05:00
Viktor Dukhovni
60d8edbc09
Fix some typos in comments
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 20:53:23 -05:00
Viktor Dukhovni
98186eb4e4
Backwards-compatibility subject to OPENSSL_API_COMPAT
...
Provide backwards-compatiblity for functions, macros and include
files if OPENSSL_API_COMPAT is either not defined or defined less
than the version number of the release in which the feature was
deprecated.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 20:53:18 -05:00
Viktor Dukhovni
cddd424a5b
DANE s_client support
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 20:01:32 -05:00
Richard Levitte
0c1badc8af
Remove all remaining traces if PEM_Seal
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-08 01:18:55 +01:00
Viktor Dukhovni
21fa90b242
Minor test update
...
* Remove extraneous test/Makefile.orig
* Use basedomain instead of argv[1] in test/danetest.c
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-07 17:25:23 -05:00
Rich Salz
7b0a09f9cc
Fix another build break for no-mem-debug
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 16:16:34 -05:00
Rich Salz
ebd8df0ed8
Fix build-break; 'make update'
...
Commit bbd86bf542
broke certain builds.
Commit 0674427f71
missing 'make update'
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 15:40:08 -05:00
Rich Salz
bbd86bf542
mem functions cleanup
...
Only two macros CRYPTO_MDEBUG and CRYPTO_MDEBUG_ABORT to control this.
If CRYPTO_MDEBUG is not set, #ifdef out the whole debug machinery.
(Thanks to Jakob Bohm for the suggestion!)
Make the "change wrapper functions" be the only paradigm.
Wrote documentation!
Format the 'set func' functions so their paramlists are legible.
Format some multi-line comments.
Remove ability to get/set the "memory debug" functions at runtme.
Remove MemCheck_* and CRYPTO_malloc_debug_init macros.
Add CRYPTO_mem_debug(int flag) function.
Add test/memleaktest.
Rename CRYPTO_malloc_init to OPENSSL_malloc_init; remove needless calls.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 15:14:18 -05:00
Richard Levitte
3cb8c3265f
Remove the old VMS linker option file creator for shlibs
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-01-07 21:09:43 +01:00
Richard Levitte
a388633da5
Enhance util/mkdef.pl to provide a VMS linker option file for shlibs
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-01-07 21:09:43 +01:00
Richard Levitte
0674427f71
Remove crypto/pem/pem_seal.c
...
It's functionality appears unused. If we're wrong, we will revert.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-07 21:06:34 +01:00
Viktor Dukhovni
170b735820
DANE support for X509_verify_cert()
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 13:48:59 -05:00
Dr. Stephen Henson
a8eba56ef6
use more descriptive name DEFINE_STACK_OF_CONST
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 18:00:51 +00:00
Dr. Stephen Henson
4a1f3f2741
Only declare stacks in headers
...
Don't define stacks in C source files: it causes warnings
about unused functions in some compilers.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 18:00:51 +00:00
Dr. Stephen Henson
8588571572
Rename DECLARE*STACK_OF to DEFINE*STACK_OF
...
Applications wishing to include their own stacks now just need to include
DEFINE_STACK_OF(foo)
in a header file.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 18:00:51 +00:00
Dr. Stephen Henson
c5e0c54047
remove unused PREDECLARE
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 18:00:51 +00:00
Dr. Stephen Henson
4a640fb6c3
Fix declarations and constification for inline stack.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 18:00:51 +00:00
Dr. Stephen Henson
411abf2dd3
Change STACK_OF to use inline functions.
...
Change DECLARE_STACK_OF into inline functions. This avoids the need for
auto generated mkstack.pl macros and now handles const properly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 18:00:51 +00:00
Viktor Dukhovni
249d9719a6
DANE make update
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-06 18:53:15 -05:00
Viktor Dukhovni
63b658341e
DANE documentation typos
...
Reported-by: Claus Assmann
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-06 14:15:12 -05:00
Rich Salz
700b4a4ae7
Remove more (rest?) of FIPS build stuff.
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-01-06 12:07:26 -05:00
Rich Salz
0b0443af64
Remove some unused perl scripts
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-06 11:26:36 -05:00
Viktor Dukhovni
919ba00942
DANE support structures, constructructors and accessors
...
Also tweak some of the code in demos/bio, to enable interactive
testing of BIO_s_accept's use of SSL_dup. Changed the sconnect
client to authenticate the server, which now exercises the new
SSL_set1_host() function.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-05 19:31:49 -05:00
Viktor Dukhovni
e29c73c93b
Fix X509_STORE_CTX_cleanup()
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-01-03 18:45:05 -05:00
Viktor Dukhovni
0e7abc9037
Drop incorrect id == -1 case from X509_check_trust
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-03 17:21:40 -05:00
Viktor Dukhovni
d9b8b89bec
X509_verify_cert() cleanup
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-03 17:21:16 -05:00
Viktor Dukhovni
63c6aa6b93
Cleanup of verify(1) failure output
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-03 17:05:50 -05:00