Commit graph

17168 commits

Author SHA1 Message Date
Kurt Cancemi
b88e95f3a0 crypto/evp/e_aes_cbc_hmac_sha256.c: Remove spurious memset
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1231)
2016-06-20 09:38:37 -04:00
Jiri Horky
fb0303f3ce RT3136: Remove space after issuer/subject
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-20 09:25:12 -04:00
Emilia Kasper
9267c11bb5 Make DSA_SIG and ECDSA_SIG getters const.
Reorder arguments to follow convention.

Also allow r/s to be NULL in DSA_SIG_get0, similarly to ECDSA_SIG_get0.

This complements GH1193 which adds non-const setters.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-20 14:58:36 +02:00
Andy Polyakov
b73cfb137e rand/randfile.c: remove obsolete commentary.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-20 13:28:13 +02:00
Rob Percival
876a1a83ad Tests should check validation status directly
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-20 11:54:56 +01:00
Rob Percival
4fc31f7583 Test SCT lists
This encompasses what was previously tested.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-20 11:31:04 +01:00
Andy Polyakov
4973a60cb9 aes/asm/bsaes-armv7.pl: omit redundant stores in XTS subroutines.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-20 12:30:15 +02:00
Andy Polyakov
3d32bab8f1 aes/asm/bsaes-armv7.pl: fix XTS decrypt test failure.
RT#4578

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-20 12:29:47 +02:00
Richard Levitte
2be7014cc7 Change the RAND_file_name documentation accordingly
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-20 11:06:41 +02:00
Richard Levitte
b8f304f70d Change default directory for the .rnd file on Windows and VMS
The previous change for Windows wasn't quite right.  Corrected to use
%HOME%, %USERPROFILE% and %SYSTEMPROFILE%, in that order.

Also adding the default home for VMS, SYS$LOGIN:

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-20 11:06:40 +02:00
FdaSilvaYY
a8db2cfa4b Add a comment after some #endif at end of apps source code.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1168)
2016-06-18 16:30:24 -04:00
FdaSilvaYY
823146d65f Useless header include of openssl/rand.h
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1168)
2016-06-18 16:30:24 -04:00
FdaSilvaYY
93b8981d89 Useless includes
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1168)
2016-06-18 16:30:24 -04:00
FdaSilvaYY
5ab0b7e626 Missing NULL check on OBJ_dup result in x509_name_canon
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1168)
2016-06-18 16:30:24 -04:00
FdaSilvaYY
b1b1cba4e2 Fix an MSVC warning.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1168)
2016-06-18 16:30:24 -04:00
Matt Caswell
1dcb8ca2a4 Use a STACK_OF(OPENSSL_CSTRING) for const char * stacks
Better than losing the const qualifier.

RT4378

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-18 15:34:03 +01:00
Matt Caswell
6b44f2597e OpenBSD has intypes.h
Update e_os2.h so that inttypes.h is included.

RT4378

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-18 15:34:03 +01:00
Matt Caswell
d012c1a179 Replace 4 casts with 1
Changing the type of the |str| variable in asn1pars enables us to remove
4 casts with just 1. This silences an OpenBSD warning along the way.

RT4378

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-18 15:34:03 +01:00
Matt Caswell
ac94c8fdb9 Improve const correctness for stacks of EVP_MD
EVP_MDs are always const, so stacks of them should be too. This silences
a warning about type punning on OpenBSD.

RT4378

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-18 15:34:03 +01:00
Matt Caswell
98370c2dd7 constify SRP
Add const qualifiers to lots of SRP stuff. This started out as an effort
to silence some "type-punning" warnings on OpenBSD...but the fix was to
have proper const correctness in SRP.

RT4378

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-18 15:34:03 +01:00
Matt Caswell
7fb4b92c01 Avoid type punning warnings in b_addr.c
RT4378

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-18 15:34:03 +01:00
Matt Caswell
13c03c8d6d Change default directory for storing the .rnd file on Windows
Previously we would try %RANDFILE%, then %HOME% and finally "C:".
Unfortunately this often ends up being "C:" which the user may not
have write permission for.

Now we try %RANDFILE% first, and then the same set of environment vars
as GetTempFile() uses, i.e. %TMP%, then %TEMP%, %USERPROFILE% and
%SYSTEMROOT%. If all else fails we fall back to %HOME% and only then "C:".

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-17 17:26:18 +01:00
Richard Levitte
4813ad2d24 Harmonise the different build files
- User targets are now the same and generally do the same things
- configdata.pm depends on exactly the same files on all platforms
- VMS production of shared libraries is simplified
- VMS automatic dependency files get the extension .D rather than .MMS

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-17 16:06:31 +02:00
Rich Salz
d3b64b89ed Fix GCC build; make update; fix number re-use
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-16 15:48:03 -04:00
FdaSilvaYY
0ad69cd6c0 Spelling fixes
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1219)
2016-06-16 15:08:57 -04:00
Matt Caswell
2b1343b914 no-ripemd is an alias for no-rmd160
mkdef.pl was failing to understand no-ripemd. This is a deprecated option
which should act as an alias for no-rmd160.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-16 20:05:37 +01:00
Rich Salz
7f96f15bcf Fix build break.
Aggregate local initializers are rarely portable (:

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-16 14:22:58 -04:00
Nathaniel McCallum
ebad0b0beb Add EVP_PKEY_get0_hmac() function
Before the addition of this function, it was impossible to read the
symmetric key from an EVP_PKEY_HMAC type EVP_PKEY.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1217)
2016-06-16 13:33:47 -04:00
Matt Caswell
f219a1b048 Revert "RT4526: Call TerminateProcess, not ExitProcess"
This reverts commit 9c1a9ccf65.

TerminateProcess is asynchronous, so the code as written in the above
commit is not correct. It is also probably not needed in the speed
case. Reverting in order to figure out the correct solution.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-16 17:37:37 +01:00
Matt Caswell
b02b574317 Skip the TLSProxy tests if environmental problems are an issue
On some platforms we can't startup the TLSProxy due to environmental
problems (e.g. network set up on the build machine). These aren't OpenSSL
problems so we shouldn't treat them as test failures. Just visibly
indicate that we are skipping the test.

We only skip the first time we attempt to start up the proxy. If that works
then everything else should do...if not we should probably investigate and
so report as a failure.

This also removes test_networking...there is a danger that this turns into
a test of user's environmental set up rather than OpenSSL.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-16 16:32:14 +01:00
Matt Caswell
b84e12266f Fix the build and tests following constification of DH, DSA, RSA
Misc fixes following the constification of the DH, DSA and RSA
getters.

Reviewed-by: Stephen Henson <steve@openssl.org>
2016-06-16 13:34:44 +01:00
Matt Caswell
cf3404fcc7 Change the return type of EVP_EncodeUpdate
Previously EVP_EncodeUpdate returned a void. However there are a couple
of error conditions that can occur. Therefore the return type has been
changed to an int, with 0 indicating error and 1 indicating success.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-16 09:50:48 +01:00
Richard Levitte
2ac6115d9e Deal with the consequences of constifying getters
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-06-15 20:09:27 +02:00
Richard Levitte
fd809cfdbd Constify the parameter getters for RSA, DSA and DH
Including documentation changes

Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-06-15 20:09:27 +02:00
Rich Salz
9c1a9ccf65 RT4526: Call TerminateProcess, not ExitProcess
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-15 13:38:51 -04:00
FdaSilvaYY
c8f717fe87 Constify input buffers of some X509V3 and X509_PURPOSE -related methods
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
2016-06-15 13:22:38 -04:00
FdaSilvaYY
82643254d6 Constify X509_TRUST_add method.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
2016-06-15 13:22:38 -04:00
FdaSilvaYY
bd227450d4 Constify asn1/asn_mime.c
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
2016-06-15 13:22:38 -04:00
FdaSilvaYY
fa3a84422d Constify some input buffers in asn1
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
2016-06-15 13:22:38 -04:00
FdaSilvaYY
dc423f898e Constify CMS_get0_type input
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
2016-06-15 13:22:38 -04:00
FdaSilvaYY
472f727c55 Constify UI
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
2016-06-15 13:22:38 -04:00
FdaSilvaYY
82af00fbdd Constify PKCS12_create, PKCS12_add_key, PKCS12_add_safe.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
2016-06-15 13:22:38 -04:00
FdaSilvaYY
159b9a4d17 Constify some conf_mod.c internal methods
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1215)
2016-06-15 13:22:38 -04:00
Richard Levitte
fdcb499cc2 Change (!seqtt) to (seqtt == NULL)
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-06-15 01:36:11 +02:00
Richard Levitte
bace847eae Always check that the value returned by asn1_do_adb() is non-NULL
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-06-15 01:36:11 +02:00
Andy Polyakov
4e3d2866b6 perlasm/x86*.pl: add endbranch instruction.
For further information see "Control-flow Enforcement Technology
Preview" by Intel.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 23:43:52 +02:00
Andy Polyakov
cc77d0d84a modes/asm/ghashp8-ppc.pl: improve performance by 2.7x.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 23:28:39 +02:00
Andy Polyakov
627c953376 aes/asm/aesp8-ppc.pl: implement "tweak chaining".
This is useful in Linux kernel context, in cases data happens
to be fragmented and processing can take multiple calls.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 23:19:45 +02:00
Andy Polyakov
74daca72a5 test/evptests.txt: add more XTS tests.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 23:19:41 +02:00
Andy Polyakov
46f047d76b evp/e_aes.c: wire hardware-assisted XTS subroutines.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 23:19:35 +02:00