aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Fix BN_print()ky/bn-print-fixKazuki Yamaguchi2017-08-241-1/+1
| | | | Fix a typo made in commit 27c6d63dad08 (#4202).
* Move randomness to allocated bufferRich Salz2017-08-222-16/+14
| | | | | | | Don't keep it in the DRBG object, just allocate/free as needed. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4226)
* Improvement the formatting in bn_print.cPauli2017-08-231-22/+22
| | | | | | | Movely removal of unnecessary brackets but some could be bugs addressed too. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4202)
* (Re)move some things from e_os.hRich Salz2017-08-2219-195/+164
| | | | | | | | | | | Remove GETPID_IS_MEANINGLESS and osslargused. Move socket-related things to new file internal/sockets.h; this is now only needed by four(!!!) files. Compiles should be a bit faster. Remove USE_SOCKETS ifdef's Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4209)
* Remove useless macros in apps/speed.cPaul Yang2017-08-221-2/+0
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4221)
* Use "" not <> on e_os.h includeRich Salz2017-08-225-5/+5
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4220)
* Remove custom base64 code.Rich Salz2017-08-221-106/+6
| | | | | | | Use EVP_EncodeBlock/EVP_DecodeBlock Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4207)
* Don't try to compare the ctype functions on values > 127Richard Levitte2017-08-221-1/+1
| | | | | | | | Our internal replacement functions return 0 for those values. However, depending on locale, the C RTL functions may return 1. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4219)
* Don't try to test ctype functions for values < 0 or > 255Richard Levitte2017-08-221-10/+1
| | | | | | | Values that aren't representable as unsigned give undefined results. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4219)
* Use "" not <> for internal/ includesRich Salz2017-08-2279-103/+99
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4217)
* Fix the lack of isblank() with VMS CRichard Levitte2017-08-221-0/+12
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4216)
* Add random serial# support.Rich Salz2017-08-225-29/+59
| | | | | | | | | | Add -rand_serial to CA command and "serial_rand" config option. Up RAND_BITS to 159, and comment why: now confirms to CABForum guidelines (Ballot 164) as well as IETF RFC 5280 (PKIX). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4185)
* Avoid a self-assignment.Pauli2017-08-221-2/+2
| | | | | | | | | Clang is generating a warning over an assignment of a variable to itself. This occurs on an ASCII based machine where the convert to ASCII macro doesn't do anything. The fix is to introduce a temporary variable. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4214)
* Dead code elimination.Pauli2017-08-221-9/+0
| | | | | | | | Remove the exit_main function which is never used. Remove the exit_options array which is also unreferenced. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4213)
* This has been added to avoid the situation where some host ctype.h functionsPauli2017-08-2234-231/+559
| | | | | | | | | | | | | | | | | | return true for characters > 127. I.e. they are allowing extended ASCII characters through which then cause problems. E.g. marking superscript '2' as a number then causes the common (ch - '0') conversion to number to fail miserably. Likewise letters with diacritical marks can also cause problems. If a non-ASCII character set is being used (currently only EBCDIC), it is adjusted for. The implementation uses a single table with a bit for each of the defined classes. These functions accept an int argument and fail for values out of range or for characters outside of the ASCII set. They will work for both signed and unsigned character inputs. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4102)
* Fix ctype arguments.Pauli2017-08-227-9/+10
| | | | | | | | Cast arguments to the various ctype functions to unsigned char to match their documentation. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4203)
* Safely display SNI (just in case)Rich Salz2017-08-211-3/+11
| | | | | | | Thanks to Hubert Kario for pointing this out. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4193)
* Document missing EVP_PKEY_method_* itemsPaul Yang2017-08-212-0/+377
| | | | | | Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4104)
* Check # of arguments for remaining commands.Rich Salz2017-08-217-23/+48
| | | | | Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4201)
* Add PKEY_CTX setter tests for TLS1-PRFJohannes Bauer2017-08-211-0/+42
| | | | | | | | | PKEY_CTX setters tests were previously present for HKDF and scrypt; this patch also adds tests for the third currently supported KDF, TLS1-PRF. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4196)
* More updates following review feedbackMatt Caswell2017-08-215-29/+8
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3740)
* Updates following feedback on OPENSSL_assert() removalMatt Caswell2017-08-215-14/+1
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3740)
* Remove OPENSSL_assert() from crypto/x509v3Matt Caswell2017-08-212-41/+99
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3740)
* Remove OPENSSL_assert() from crypto/x509Matt Caswell2017-08-212-5/+29
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3740)
* Remove OPENSSL_assert() from crypto/threads_none.cMatt Caswell2017-08-211-3/+6
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3740)
* Remove OPENSSL_assert() from crypto/pemMatt Caswell2017-08-212-10/+16
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3740)
* Remove OPENSSL_assert() from crypto/kdfMatt Caswell2017-08-211-1/+2
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3740)
* Remove OPENSSL_assert() from crypto/hmacMatt Caswell2017-08-211-1/+2
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3740)
* Remove OPENSSL_assert() from crypto/ecMatt Caswell2017-08-212-2/+4
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3740)
* Remove OPENSSL_assert() from conf_api.cMatt Caswell2017-08-211-1/+2
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3740)
* Remove OPENSSL_assert() usage from crypto/bnMatt Caswell2017-08-212-6/+6
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3740)
* Remove OPENSSL_assert() from various crypto/bio filesMatt Caswell2017-08-213-14/+21
| | | | | | | bss_dgram.c is deferred until later due to ongoing discussions. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3740)
* Remove OPENSSL_assert() from crypto/asn1/bio_asn1.cMatt Caswell2017-08-211-1/+3
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3740)
* Remove double error messagesPauli2017-08-211-11/+7
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4204)
* Fix ui_write in apps/apps.cRichard Levitte2017-08-191-1/+1
| | | | | | | | | | It used the default UI reader as fallback instead of the UI writer. Fixes #4147 Fixes #4195 Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4198)
* Put thread-fork-init inside a run-once guardRich Salz2017-08-181-2/+11
| | | | | | | Thanks to Christian Heimes for pointing this out. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4191)
* Reorder extensions to put SigAlgs lastTodd Short2017-08-184-11/+16
| | | | | | | | | | | | | Force non-empty padding extension. When enabled, force the padding extension to be at least 1 byte long. WebSphere application server cannot handle having an empty extension (e.g. EMS/EtM) as the last extension in a client hello. This moves the SigAlgs extension last for TLSv1.2 to avoid this issue. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3921)
* Addressed build failure because of missing #ifdef AF_UNIX guardBalaji Marisetti2017-08-181-0/+2
| | | | | | | | CLA: trivial Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4067)
* Add a comment on expectations in the "tar" targetRichard Levitte2017-08-181-0/+2
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4179)
* Prepare tarball in dist directoryRichard Levitte2017-08-181-6/+6
| | | | | | | | | We changed directory to the wrong directory. This change also separates the preparation phase from the tarball building phase. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4179)
* Turn on error sensitivity in the "tar" targetRichard Levitte2017-08-181-0/+1
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4179)
* test/asn1_time_test.c: Better check of signed time_tRichard Levitte2017-08-181-2/+15
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4182)
* err/err.c: improve readability.Andy Polyakov2017-08-181-6/+2
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* err/err.c: fix "wraparound" bug in ERR_set_error_data.Andy Polyakov2017-08-181-2/+0
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Fix windows build after too aggressive e_os.h removalPauli2017-08-183-0/+3
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4187)
* Remove tests dependence on e_os.hPauli2017-08-1858-58/+74
| | | | | | | | | | | | Apart from ssltest_old.c, the test suite relied on e_os.h for the OSSL_NELEM macro and nothing else. The ssltest_old.c also requires EXIT and some socket macros. Create a new header to define the OSSL_NELEM macro and use that instead. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4186)
* Clear outputs in PKCS12_parse error handling.Bernd Edlinger2017-08-171-8/+13
| | | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4145)
* When building a tarball, avoid trying to copy submodulesRichard Levitte2017-08-171-1/+4
| | | | | | | | submodules are directories that we don't want in our tarballs, so avoid them. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4178)
* Determine the number of output columns for the list and help commands usingPauli2017-08-171-15/+35
| | | | | | | the command names rather than hard coding it (conditionally). Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4162)
* Fix OCSP_basic_verify() cert chain construction in case bs->certs is NULLDavid von Oheimb2017-08-164-56/+147
| | | | | | | | | | | Now the certs arg is not any more neglected when building the signer cert chain. Added case to test/recipes/80-test_ocsp.t proving fix for 3-level CA hierarchy. See also http://rt.openssl.org/Ticket/Display.html?id=4620 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4124)
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-27 18:23:43 +0000