Commit graph

17676 commits

Author SHA1 Message Date
Rich Salz
219116d866 Remove get_hash completely
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1389)
2016-08-04 14:23:08 -04:00
Rich Salz
412c8507ee Remove "lockit" from internal error-hash function
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1389)
2016-08-04 14:23:08 -04:00
Dr. Stephen Henson
20fc103f78 Limit status message sisze in ts_get_status_check
Thanks to Shi Lei for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-04 17:34:28 +01:00
FdaSilvaYY
acc0049213 Pack globals variables used to control apps/verify_callback()
into a structure , to avoid any accident .

Plus some few cleanups

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-04 17:07:58 +02:00
JimC
e7932c1eb7 Ignore windows generated manifests
- Commit a95ce7f builds *.manifest files on windows -- added them to
  .gitignore.

- ignore pod -> html temp file

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-04 17:05:48 +02:00
FdaSilvaYY
c47ba4e96c Constify some ASN1_OBJECT *obj input parameters
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-04 17:02:48 +02:00
FdaSilvaYY
cfc5e0aa73 Constify inputs of two X509_LOOKUP_METHOD methods
... get_by_fingerprint() and get_by_alias()

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-04 17:02:48 +02:00
FdaSilvaYY
924212a670 Constify input buffer
of X509_NAME_add_entry_by_OBJ, X509_NAME_add_entry_by_NID, X509_NAME_ENTRY_create_by_NID

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-04 17:02:48 +02:00
FdaSilvaYY
69b017f66b Constify two internal methods
- append_ia5
- old_entry_print

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-04 17:02:48 +02:00
FdaSilvaYY
f48ebf9f4c Constify ASN1_INTEGER_get, ASN1_ENUMERATED_get
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-04 17:02:48 +02:00
Richard Levitte
547a19cf4f VMS: have the IVP verify that a well known engine loads properly
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-04 16:57:49 +02:00
Richard Levitte
9e64457d1e Have 'openssl engine' exit with non-zero when some engine fails to load
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-04 16:57:49 +02:00
Richard Levitte
5fc2c6896d VSI submission: make the VMS version of RAND_poll() faster and more secure
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-04 16:51:39 +02:00
Richard Levitte
fda2767347 VSI submisson: make better use of item lists in o_time.c
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-04 16:51:39 +02:00
Richard Levitte
262ee9a2c2 Travis: When testing installation, build in separate dir, otherwise in checkout
The rationale is that installation from a tarball is a common task
that everyone performs.  For all other builds, we do specialised
tests, and might as well build them directly in the checkout, which
also gives us fuzz corpora.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-08-04 16:49:36 +02:00
Matt Caswell
81dd999028 Prepare for 1.1.0-pre7-dev
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-04 15:02:43 +01:00
Matt Caswell
2f554efe20 Prepare for 1.1.0-pre6 release
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-04 15:00:44 +01:00
Matt Caswell
a3507a1107 make update
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-04 15:00:43 +01:00
Matt Caswell
c98740f8a6 Fix date in CHANGES
The release scripts expect to see the date "xx XXX xxxx" in CHANGES. At
some point the year got changed from xxxx to 2016. This changes it back.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-04 14:55:41 +01:00
Richard Levitte
790555d675 Don't check any revocation info on proxy certificates
Because proxy certificates typically come without any CRL information,
trying to check revocation on them will fail.  Better not to try
checking such information for them at all.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-03 16:05:28 +02:00
Richard Levitte
ea24fe2996 INSTALL: Make the use of [, ], { and } consistent and explain it
The diverse notations used in INSTALL are not as self explanatory as
we might imagine, so let's attempt a consistent notation for mandatory
and optional pieces of a command line, and to explain the meaning of
each notation.

This does away with the bash notation used in one spot, as it isn't
universally understood and will only confuse the unknowing more.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-03 15:46:52 +02:00
Richard Levitte
d178ddb3b6 INSTALL: Add missing details on VMS installation results
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-03 15:46:52 +02:00
Richard Levitte
9ad7f6c692 VMS: make sure to provide an absolute source directory for pod2html
Experience shows that pod2html changes directory during its process
without properly adjusting the given source directory.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-03 15:44:37 +02:00
Richard Levitte
fa849d738d VMS: If configured no-shared, don't provide shareable image logical names
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-03 15:44:37 +02:00
Dr. Stephen Henson
56f9953c84 Check for overlows and error return from ASN1_object_size()
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-02 13:40:32 +01:00
Dr. Stephen Henson
e9f17097e9 Check for overflows in ASN1_object_size().
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-02 13:40:32 +01:00
Richard Levitte
f37c159aed 80-test_ssl_new.t: only skip on $no_tls if no other skip conditions defined
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-02 13:27:39 +02:00
Richard Levitte
f4947bf10e In 80-test_ssl_new, more "plan tests" to a more useful position
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-02 11:37:38 +02:00
Matt Caswell
ee94aeee7d Fix tests for no-nextprotoneg
Fix the 80-test_ssl_test_ctx and 80-test_ssl_new tests when used with the
no-nextprotoneg option

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-02 10:19:56 +01:00
FdaSilvaYY
700b814549 Fix some style issues...
extra spacing and 80 cols

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1366)
2016-08-02 09:59:23 +02:00
Richard Levitte
cb926df2fa Don't overwrite existing installed openssl.cnf
Instead, install the new one as openssl.cnf.dist (openssl.cnf-dist on
VMS), and only install it as openssl.cnf if that file doesn't already
exist.

Also, don't install with exec privileges on VMS.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-02 00:55:46 +02:00
Richard Levitte
66c2eb8b80 All of ssldirs installation should be done by the install_ssldirs target
The Unix build file template didn't do that quite right.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-02 00:55:46 +02:00
Matt Caswell
255af26c5d Some minor tweaks to the fuzzing docs
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-01 22:07:04 +01:00
Dr. Stephen Henson
c2e888b54c Document certificate and CRL time functions.
RT#4639

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-01 19:54:11 +01:00
Dr. Stephen Henson
b26ab17f3d Constify some X509_CRL, X509_REQ functions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-01 19:53:43 +01:00
Dr. Stephen Henson
67302ade22 Constify some X509_CRL functions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-01 19:53:43 +01:00
Dr. Stephen Henson
10b0b817a0 make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-01 19:37:42 +01:00
Dr. Stephen Henson
5d8d9a8efa Add DSA_bits() function.
RT#4637

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-01 19:37:42 +01:00
Kurt Roeckx
6c1f368d88 Fix typo of BN_zero()
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-01 16:17:44 +02:00
Richard Levitte
ef8938c3e8 Forgotten make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-01 16:14:41 +02:00
Richard J. Moore
3c8537765c Const the ex data stuff too to fix warnings
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-01 16:13:27 +02:00
Richard J. Moore
4a9a0d9bcb Const EC_KEY_dup
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-01 16:13:27 +02:00
Wim Lewis
505aee296d Additional CMS content types from RFC 4073, RFC 5083, and RFC 5084.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1355)
2016-08-01 09:33:12 -04:00
FdaSilvaYY
0930e07d1e Useless allocation
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1342)
2016-08-01 09:32:03 -04:00
FdaSilvaYY
fd4b0c0832 Fix some style issues
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1342)
2016-08-01 09:32:03 -04:00
FdaSilvaYY
55b09fe69a Add missing help string
Fix an error message

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1342)
2016-08-01 09:32:03 -04:00
FdaSilvaYY
70c4e15612 Fix some awkward tests
Add some explanatory comments
Discard some useless parenthesis.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1342)
2016-08-01 09:32:03 -04:00
FdaSilvaYY
5f986ed32d Merge some conditional blocks of code.
Fix an #if check about rsa_count...

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1342)
2016-08-01 09:32:03 -04:00
FdaSilvaYY
4d82c58b97 Simplify default inits, add const qualifiers
Simplify some loops to reuse k variable

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1342)
2016-08-01 09:32:03 -04:00
FdaSilvaYY
8829ce3020 Cast to right type, simplify array args
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1342)
2016-08-01 09:32:03 -04:00