aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* remove md array: it is not used any more.Dr. Stephen Henson2017-02-213-107/+27
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2679)
* Removed ugly size_t less than zero check.Hikar2017-02-211-1/+1
| | | | | | | | CLA: trivial. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2674)
* Ensure minsize >= sizeof(SH_LIST)Pauli2017-02-211-1/+4
| | | | | | | | | | | | | | | | The sh_add_to_list function will overwrite subsequent slots in the free list for small allocations. This causes a segmentation fault if the writes goes off the end of the secure memory. I've not investigated if this problem can overwrite memory without the segmentation fault, but it seems likely. This fix limits the minsize to the sizeof of the SH_LIST structure (which also has a side effect of properly aligning the pointers). The alternative would be to return an error if minsize is too small. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2657)
* fix spelling of Camellia in commentPauli2017-02-211-2/+2
| | | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2337)
* Implementation of the ARIA cipher as described in RFC 5794.Pauli2017-02-2127-34/+1197
| | | | | | | | | | | | | | This implementation is written in endian agnostic C code. No attempt at providing machine specific assembly code has been made. This implementation expands the evptests by including the test cases from RFC 5794 and ARIA official site rather than providing an individual test case. Support for ARIA has been integrated into the command line applications, but not TLS. Implemented modes are CBC, CFB1, CFB8, CFB128, CTR, ECB and OFB128. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2337)
* Added '-nameopt' option to the verify command.Dmitry Belyavskiy2017-02-202-3/+22
| | | | | | | | It makes possible to print the certificate's DN correctly in case of verification errors. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2656)
* Don't call memcpy if len is zero.Rich Salz2017-02-202-0/+9
| | | | | | | | | | | Prevent undefined behavior in CRYPTO_cbc128_encrypt: calling this function with the 'len' parameter being 0 would result in a memcpy where the source and destination parameters are the same, which is undefined behavior. Do same for AES_ige_encrypt. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2671)
* Revert "Use memcmp() instead of CRYPTO_memcmp() when fuzzing"Kurt Roeckx2017-02-202-5/+0
| | | | | | | This reverts commit 3aad8e18707bccaabee5f111de2db0696b45781c. Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2686
* .travis.yml: remove osx from build matrix.Andy Polyakov2017-02-191-1/+0
| | | | | | | | | Travis OS X utilization and backlog statistics suggest that it became bottleneck for our integration builds with requests piling up for days during working days of the week. Suggestion is to remove osx till capacity is lesser issue. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Use memcmp() instead of CRYPTO_memcmp() when fuzzingKurt Roeckx2017-02-192-0/+5
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> GH: #2633
* Internal siphash tests are not run.Todd Short2017-02-191-1/+2
| | | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2649)
* VMS fix of test/recipes/80-test_ssl_new.tRichard Levitte2017-02-191-2/+2
| | | | | | | | | On VMS, file names with more than one period get all but the last get escaped with a ^, so 21-key-update.conf.in becomes 21-key-update^.conf.in That means that %conf_dependent_tests and %skip become useless unless we massage the file names that are used as indexes. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2678)
* Fix no-dh and no-dsaRichard Levitte2017-02-191-1/+3
| | | | | | | Since 20-cert-select.conf will vary depending in no-dh and no-dsa, don't check it against original when those options are selected Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2680)
* If all versions of a proto are disabled, disabled the proto as wellRichard Levitte2017-02-171-0/+4
| | | | | | For example, 'no-dtls1 no-dtls1_2' will imply 'no-dtls' Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2670)
* test/README: clarify last test number groupAndy Polyakov2017-02-171-1/+2
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Explicitly disallow DSA for TLS 1.3Dr. Stephen Henson2017-02-171-5/+12
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2667)
* add DSA cert testsDr. Stephen Henson2017-02-172-1/+77
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2667)
* Add DH parameters, DSA cert and keyDr. Stephen Henson2017-02-173-0/+54
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2667)
* Add DSA support to mkcert.shDr. Stephen Henson2017-02-171-0/+1
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2667)
* Add and use function test_pem to work out test filenames.Dr. Stephen Henson2017-02-175-42/+37
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2667)
* Fix a slightly confusing if condition in a2i_ASN1_INTEGER.Bernd Edlinger2017-02-171-1/+1
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2640)
* Fix a merge errorMatt Caswell2017-02-171-1/+1
| | | | | | Fix an error code clash due to a merge Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2665)
* Fix test_x509_storeRichard Levitte2017-02-171-0/+5
| | | | | | Don't run this test unless 'openssl rehash' works properly. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2664)
* Fix symbol shadowRichard Levitte2017-02-171-4/+4
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2663)
* Updates following review feedbackMatt Caswell2017-02-173-3/+1
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Don't use an enum in the return type for a public API functionMatt Caswell2017-02-176-26/+15
| | | | | | We use an int instead. That means SSL_key_update() also should use an int. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Add some KeyUpdate testsMatt Caswell2017-02-176-5/+243
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Add documentation for SSL_key_update() and SSL_get_key_update_type()Matt Caswell2017-02-172-0/+123
| | | | | | | This also adds documentation for the pre-existing and related SSL_renegotiate*() functions. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Fix a shadowed global variable warningMatt Caswell2017-02-172-8/+8
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Updates following review feedbackMatt Caswell2017-02-175-9/+11
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Limit the number of KeyUpdate messages we can processMatt Caswell2017-02-174-0/+14
| | | | | | | | | | Too many KeyUpdate message could be inicative of a problem (e.g. an infinite KeyUpdate loop if the peer always responds to a KeyUpdate message with an "update_requested" KeyUpdate response), or (conceivably) an attack. Either way we limit the number of KeyUpdate messages we are prepared to handle. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Actually update the keys when a KeyUpdate message is sent or receivedMatt Caswell2017-02-177-51/+142
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* If we receive an "update_requested" KeyUpdate then respond with a KeyUpdateMatt Caswell2017-02-173-0/+20
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Add the ability for a server to receive a KeyUpdate messageMatt Caswell2017-02-171-1/+17
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Add the ability for s_client to send a KeyUpdate messageMatt Caswell2017-02-171-1/+11
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Add a SSL_get_key_update_type() functionMatt Caswell2017-02-173-0/+7
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Add the ability for a client to send a KeyUpdate messageMatt Caswell2017-02-172-6/+19
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Add the ability for a client to receive a KeyUpdate messageMatt Caswell2017-02-175-1/+38
| | | | | | This just receives the message. It doesn't actually update any keys yet. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Add SSL_trace() support for KeyUpdate messagesMatt Caswell2017-02-171-1/+17
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Add a capability to s_server to send KeyUpdate messagesMatt Caswell2017-02-171-0/+14
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Provide a function to send a KeyUpdate messageMatt Caswell2017-02-179-15/+86
| | | | | | This implements the server side KeyUpdate sending capability as well. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2609)
* Fix typo in x86_64-mont5.pl CFI directivesDavid Benjamin2017-02-171-1/+1
| | | | | | Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2655)
* Add a test of the X509_STORE / X509_LOOKUP APIRichard Levitte2017-02-161-0/+48
| | | | | | Fortunately, "openssl verify" makes good use of that API Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2652)
* test/README: clarify test number groupsRichard Levitte2017-02-161-9/+11
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2652)
* Fix a mem leak in ssl_test_ctx.cMatt Caswell2017-02-161-0/+1
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2650)
* Add client auth TLS 1.3 certificate selection testsDr. Stephen Henson2017-02-161-5/+46
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2643)
* Add ECDSA client certificatesDr. Stephen Henson2017-02-162-0/+38
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2643)
* Use tls_choose_sigalg for client auth.Dr. Stephen Henson2017-02-164-66/+19
| | | | | | | | | | For client auth call tls_choose_sigalg to select the certificate and signature algorithm. Use the selected algorithm in tls_construct_cert_verify. Remove obsolete tls12_get_sigandhash. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2643)
* Add client side support to tls_choose_sigalg.Dr. Stephen Henson2017-02-161-24/+54
| | | | | | | | | | | | | | | | Select appropriate signature algorithm and certificate for client authentication using tls_choose_sigalg. A lot of selection logic is very similar except not finding a certificate is not a fatal error: we just do not present a certificate. For TLS 1.2 and earlier we only check the current certificate is suitable (for compatibility with previous logic) for TLS 1.3 (where there are no compatibility issues) we support multiple client certificates for different algorithms. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2643)
* Change req_check_len error message, it also accepts 20 bytes, but states ↵lrns2017-02-161-1/+1
| | | | | | | 'less than' in the error message Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2648)
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-16 20:27:21 +0000