Commit graph

15108 commits

Author SHA1 Message Date
Dr. Stephen Henson
3af45d9978 Disable some algorithms by default
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-11 02:41:15 +00:00
Viktor Dukhovni
aea145e399 Regenerate SSL record/statem error strings
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-10 20:18:05 -05:00
Dr. Stephen Henson
71405d683c fix shadow warning
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-10 23:39:13 +00:00
Kurt Roeckx
1918e01c9f File is about s_time, not s_client
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-01-10 13:13:20 +01:00
Kurt Roeckx
869e978c98 Allow disabling the min and max version
Reviewed-by: Viktor Dukhovni <openssl-users@dukhovni.org>
2016-01-10 13:04:55 +01:00
Viktor Dukhovni
ca0004e561 Future-proof deprecated declartion parsing
Support two-digest major/minor/micro numbers and die when the input
fails to parse

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-01-09 22:30:59 -05:00
Rich Salz
d594199bb4 RT41897: Add an CRYPTO_secure_actual_size
This is already documented, I just forgot to include the code :)

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-09 19:13:15 -05:00
Mat
f820b79248 Fix c++ compilation
Fixes https://github.com/openssl/openssl/issues/532

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-01-09 19:05:44 -05:00
Mat
77f31b3a8a Adds missing type casts
This fixes https://github.com/openssl/openssl/issues/534

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-01-09 19:04:02 -05:00
Mat
3e45d39347 Adds crypto-mdebug as a valid option
Adds crypto-mdebug as a valid option. Fixes https://github.com/openssl/openssl/issues/537

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-01-09 19:02:41 -05:00
Mat
85d7bdf036 Fix build failure on Windows
Fixes https://github.com/openssl/openssl/issues/530

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-01-09 18:11:07 -05:00
Dr. Stephen Henson
7ba4f9dda5 update ordinals
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-09 21:55:46 +00:00
Dr. Stephen Henson
7a556fb6f8 Add DEPRECATEDIN support.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-09 21:52:03 +00:00
Dr. Stephen Henson
c3be59a47c Correct header defines
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-09 21:52:03 +00:00
Dr. Stephen Henson
a9988d54f6 remove hard coded algorithms
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-09 21:52:03 +00:00
Dr. Stephen Henson
2854c7989d Recognise disabled algorithms automatically.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-09 21:52:03 +00:00
Rich Salz
6ac11bd0b9 Fix no CRYPTO_MDEBUG build (windows)
In order for mkdep to find #ifdef'd functions, they must be
wrapped (in the header file) with
        #ifndef OPENSSL_NO_...
So do that for various CRYPTO_mem_debug... things.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-08 14:35:04 -05:00
Viktor Dukhovni
8da94770f0 Fixup actually update danetest.c
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-08 14:11:16 -05:00
Rich Salz
f232d6ece3 Another portability fix.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-08 13:06:01 -05:00
Viktor Dukhovni
8707e3be0c Update comment as bn_dup_expand is gone
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-08 12:53:39 -05:00
Viktor Dukhovni
64c711cd0e Simplify deprecated declaration exception
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-08 12:53:20 -05:00
Rich Salz
7ff970ef55 Portability fix for apps/s_client.c
Make some local variables and a table of them be static.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-08 12:48:15 -05:00
Viktor Dukhovni
59fd40d4e5 DANE CHANGES
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 22:00:14 -05:00
Viktor Dukhovni
60d8edbc09 Fix some typos in comments
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 20:53:23 -05:00
Viktor Dukhovni
98186eb4e4 Backwards-compatibility subject to OPENSSL_API_COMPAT
Provide backwards-compatiblity for functions, macros and include
files if OPENSSL_API_COMPAT is either not defined or defined less
than the version number of the release in which the feature was
deprecated.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 20:53:18 -05:00
Viktor Dukhovni
cddd424a5b DANE s_client support
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 20:01:32 -05:00
Richard Levitte
0c1badc8af Remove all remaining traces if PEM_Seal
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-08 01:18:55 +01:00
Viktor Dukhovni
21fa90b242 Minor test update
* Remove extraneous test/Makefile.orig
* Use basedomain instead of argv[1] in test/danetest.c

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-07 17:25:23 -05:00
Rich Salz
7b0a09f9cc Fix another build break for no-mem-debug
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 16:16:34 -05:00
Rich Salz
ebd8df0ed8 Fix build-break; 'make update'
Commit bbd86bf542 broke certain builds.
Commit 0674427f71 missing 'make update'

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 15:40:08 -05:00
Rich Salz
bbd86bf542 mem functions cleanup
Only two macros CRYPTO_MDEBUG and CRYPTO_MDEBUG_ABORT to control this.
If CRYPTO_MDEBUG is not set, #ifdef out the whole debug machinery.
        (Thanks to Jakob Bohm for the suggestion!)
Make the "change wrapper functions" be the only paradigm.
Wrote documentation!
Format the 'set func' functions so their paramlists are legible.
Format some multi-line comments.
Remove ability to get/set the "memory debug" functions at runtme.
Remove MemCheck_* and CRYPTO_malloc_debug_init macros.
Add CRYPTO_mem_debug(int flag) function.
Add test/memleaktest.
Rename CRYPTO_malloc_init to OPENSSL_malloc_init; remove needless calls.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 15:14:18 -05:00
Richard Levitte
3cb8c3265f Remove the old VMS linker option file creator for shlibs
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-01-07 21:09:43 +01:00
Richard Levitte
a388633da5 Enhance util/mkdef.pl to provide a VMS linker option file for shlibs
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-01-07 21:09:43 +01:00
Richard Levitte
0674427f71 Remove crypto/pem/pem_seal.c
It's functionality appears unused.  If we're wrong, we will revert.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-07 21:06:34 +01:00
Viktor Dukhovni
170b735820 DANE support for X509_verify_cert()
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 13:48:59 -05:00
Dr. Stephen Henson
a8eba56ef6 use more descriptive name DEFINE_STACK_OF_CONST
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 18:00:51 +00:00
Dr. Stephen Henson
4a1f3f2741 Only declare stacks in headers
Don't define stacks in C source files: it causes warnings
about unused functions in some compilers.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 18:00:51 +00:00
Dr. Stephen Henson
8588571572 Rename DECLARE*STACK_OF to DEFINE*STACK_OF
Applications wishing to include their own stacks now just need to include

DEFINE_STACK_OF(foo)

in a header file.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 18:00:51 +00:00
Dr. Stephen Henson
c5e0c54047 remove unused PREDECLARE
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 18:00:51 +00:00
Dr. Stephen Henson
4a640fb6c3 Fix declarations and constification for inline stack.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 18:00:51 +00:00
Dr. Stephen Henson
411abf2dd3 Change STACK_OF to use inline functions.
Change DECLARE_STACK_OF into inline functions. This avoids the need for
auto generated mkstack.pl macros and now handles const properly.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 18:00:51 +00:00
Viktor Dukhovni
249d9719a6 DANE make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-06 18:53:15 -05:00
Viktor Dukhovni
63b658341e DANE documentation typos
Reported-by: Claus Assmann

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-06 14:15:12 -05:00
Rich Salz
700b4a4ae7 Remove more (rest?) of FIPS build stuff.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-01-06 12:07:26 -05:00
Rich Salz
0b0443af64 Remove some unused perl scripts
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-06 11:26:36 -05:00
Viktor Dukhovni
919ba00942 DANE support structures, constructructors and accessors
Also tweak some of the code in demos/bio, to enable interactive
testing of BIO_s_accept's use of SSL_dup.  Changed the sconnect
client to authenticate the server, which now exercises the new
SSL_set1_host() function.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-05 19:31:49 -05:00
Viktor Dukhovni
e29c73c93b Fix X509_STORE_CTX_cleanup()
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-01-03 18:45:05 -05:00
Viktor Dukhovni
0e7abc9037 Drop incorrect id == -1 case from X509_check_trust
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-03 17:21:40 -05:00
Viktor Dukhovni
d9b8b89bec X509_verify_cert() cleanup
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-03 17:21:16 -05:00
Viktor Dukhovni
63c6aa6b93 Cleanup of verify(1) failure output
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-03 17:05:50 -05:00