aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Remove unnecessary trailing whitespaceSam Roberts2019-02-0563-113/+113
| | | | | | | | | | | | Trim trailing whitespace. It doesn't match OpenSSL coding standards, AFAICT, and it can cause problems with git tooling. Trailing whitespace remains in test data and external source. Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8092)
* crypto/poly1305/asm/poly1305-s390x.pl: add vx code path.Patrick Steuer2019-02-051-164/+780
| | | | | | | | Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7991)
* Make some simple getters take const SSL/SSL_CTXSam Roberts2019-02-055-25/+25
| | | | | | Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8145)
* Fix Invalid Argument return code from IP_Factory in connect_to_server().Matthias Kraft2019-02-041-1/+1
| | | | | | | | Fixes #7732 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8158)
* Android build: fix usage of NDK home variable ($ndk_var)batist732019-02-041-1/+2
| | | | | | | | CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8153)
* Build: correct assembler generation in crypto/rc4/build.infoRichard Levitte2019-02-041-2/+2
| | | | | | | | | | | In the removal of BEGINRAW / ENDRAW, attention to the difference between capital .S and lowercase .s wasn't duly paid. This corrects the error. Fixes #8155 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8157)
* Add an entry to the CHANGES for the d2i_X509_PUBKEY fixBernd Edlinger2019-02-011-0/+4
| | | | | | | | The commit 5dc40a83c74be579575a512b30d9c1e0364e6a7b forgot to add a short description to the CHANGES file. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8144)
* VMS: Clean away stray debugging prints from descrip.mms.tmplRichard Levitte2019-02-011-5/+0
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8140)
* Fix end-point shared secret for DTLS/SCTPMichael Tuexen2019-02-0115-7/+330
| | | | | | | | | | | | | When computing the end-point shared secret, don't take the terminating NULL character into account. Please note that this fix breaks interoperability with older versions of OpenSSL, which are not fixed. Fixes #7956 Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7957)
* poly1305/asm/poly1305-ppc.pl: add vector base 2^26 implementation.Andy Polyakov2019-02-012-111/+1452
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8120)
* perlasm/ppc-xlate.pl: add VSX word load/store instructions.Andy Polyakov2019-02-011-0/+2
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8120)
* Fix a crash in reuse of i2d_X509_PUBKEYBernd Edlinger2019-01-312-0/+50
| | | | | | | If the second PUBKEY is malformed there is use after free. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8122)
* Fixed d2i_X509 in-place not re-hashing the ex_flagsBernd Edlinger2019-01-312-0/+32
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8116)
* Fix a memory leak with di2_X509_CRL reuseBernd Edlinger2019-01-312-0/+27
| | | | | | | | | | Additionally avoid undefined behavior with in-place memcpy in X509_CRL_digest. Fixes #8099 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8112)
* Better phrasing around 1.1.0Richard Levitte2019-01-311-5/+5
| | | | | | | | Fixes #8129 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/8130)
* Configure: clean away unused variables and double assignmentsRichard Levitte2019-01-311-5/+0
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8125)
* Build: clean away RENAME and SHARED_NAMERichard Levitte2019-01-311-4/+0
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8125)
* Build: remove EXTRARichard Levitte2019-01-313-11/+2
| | | | | | | We never used it for anything Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8125)
* Build: Remove BEGINRAW / ENDRAW / OVERRIDERichard Levitte2019-01-3111-133/+22
| | | | | | | | | | It was an ugly hack to avoid certain problems that are no more. Also added GENERATE lines for perlasm scripts that didn't have that explicitly. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8125)
* Build cleanup: Remove the VMS hack from test/build.infoRichard Levitte2019-01-312-21/+27
| | | | | | | | | | | There was a hack specifically for VMS, which involved setting a make variable to indicate that test/libtestutil contains a 'main'. Instead, we use the new attributes 'has_main' to indicate this, and let the VMS build file template fend with it appropriately. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8125)
* VMS: force 'pinshared'Richard Levitte2019-01-311-0/+2
| | | | | | | | VMS doesn't currently support unloading of shared object, and we need to reflect that. Without this, the shlibload test fails Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8131)
* Fix error message for s_server -psk optionweinholtendian2019-01-311-1/+1
| | | | | | | | | | | | Previously if -psk was given a bad key it would print "Not a hex number 's_server'". CLA: Trivial Reviewed-by: Paul Yang <yang.yang@baishancloud.com> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/8113)
* Reuse already defined macrosPetr Vorel2019-01-301-7/+2
| | | | | | | | | | | | instead of duplicity the code. CLA: trivial Signed-off-by: Petr Vorel <petr.vorel@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8127)
* Document and add macros for additional DSA optionsDavid Benjamin2019-01-304-7/+25
| | | | | | | | | EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS and EVP_PKEY_CTRL_DSA_PARAMGEN_MD are only exposed from EVP_PKEY_CTX_ctrl, which means callers must write more error-prone code (see also issue #1319). Add the missing wrapper macros and document them. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8093)
* Complain if -twopass is used incorrectlyMatt Caswell2019-01-302-1/+9
| | | | | | | | | | | The option -twopass to the pkcs12 app is ignored if -passin, -passout or -password is used. We should complain if an attempt is made to use it in combination with those options. Fixes #8107 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8114)
* Fix no-dso buildsMatt Caswell2019-01-301-0/+1
| | | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8111)
* Don't leak memory from ERR_add_error_vdata()Matt Caswell2019-01-291-3/+15
| | | | | | | | | | | If the call the ERR_set_error_data() in ERR_add_error_vdata() fails then a mem leak can occur. This commit checks that we successfully added the error data, and if not frees the buffer. Fixes #8085 Reviewed-by: Paul Yang <yang.yang@baishancloud.com> (Merged from https://github.com/openssl/openssl/pull/8105)
* Android build: use ANDROID_NDK_HOME rather than ANDROID_NDKRichard Levitte2019-01-292-14/+19
| | | | | | | | | | | | It apepars that ANDROID_NDK_HOME is the recommended standard environment variable for the NDK. We retain ANDROID_NDK as a fallback. Fixes #8101 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8103)
* crypto/cms: Add support for CAdES Basic Electronic Signatures (CAdES-BES)Antonio Iacono2019-01-2730-478/+852
| | | | | | | | | | | | | | | | | A CAdES Basic Electronic Signature (CAdES-BES) contains, among other specifications, a collection of Signing Certificate reference attributes, stored in the signedData ether as ESS signing-certificate or as ESS signing-certificate-v2. These are described in detail in Section 5.7.2 of RFC 5126 - CMS Advanced Electronic Signatures (CAdES). This patch adds support for adding ESS signing-certificate[-v2] attributes to CMS signedData. Although it implements only a small part of the RFC, it is sufficient many cases to enable the `openssl cms` app to create signatures which comply with legal requirements of some European States (e.g Italy). Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7893)
* add an additional async notification communication method based on callbackPing Yu2019-01-2714-20/+369
| | | | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Yang <yang.yang@baishancloud.com> Signed-off-by: Ping Yu <ping.yu@intel.com> Signed-off-by: Steven Linsell <stevenx.linsell@intel.com> (Merged from https://github.com/openssl/openssl/pull/7573)
* clarify which functions are the CMS functions which must have CMS_PARTIAL setMichael Richardson2019-01-271-1/+2
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7960)
* crypto/bn: fix return value in BN_generate_primeDavid Asraf2019-01-271-1/+1
| | | | | | | | | | | | When the ret parameter is NULL the generated prime is in rnd variable and not in ret. CLA: trivial Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8076)
* s_client: fix not to send a command letter of RShigeki Ohtsu2019-01-271-3/+1
| | | | | | | | | | | Before 1.1.0, this command letter is not sent to a server. CLA: trivial (cherry picked from commit bc180cb4887c2e82111cb714723a94de9f6d2c35) Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8081)
* Remove stray -modulus option from the ec manual page.Tomas Mraz2019-01-271-4/+0
| | | | | | Reviewed-by: Paul Yang <yang.yang@baishancloud.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8082)
* Add "weak" declarations of symbols used in safestack.h and lhash.hMatthias Kraft2019-01-272-2/+62
| | | | | | | | | | | | | | | | | | Only for SunCC for now. It turns out that some compilers to generate external variants of unused static inline functions, and if they use other external symbols, those need to be present as well. If you then happen to include one of safestack.h or lhash.h without linking with libcrypto, the build fails. Fixes #6912 Signed-off-by: Matthias Kraft <Matthias.Kraft@softwareag.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8087)
* X509_STORE: fix two misspelled compatibility macrosDr. Matthias St. Pierre2019-01-251-0/+4
| | | | | | | Fixes #8084 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8086)
* Cleanup vxworks support to be able to compile for VxWorks 7Klotz, Tobias2019-01-249-12/+84
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7569)
* Fix s_client so that it builds on WindowsMatt Caswell2019-01-241-2/+4
| | | | | | | Fixes #8050 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8065)
* Revert "Keep the DTLS timer running after the end of the handshake if ↵Matt Caswell2019-01-242-31/+0
| | | | | | | | | | | | | | appropriate" This commit erroneously kept the DTLS timer running after the end of the handshake. This is not correct behaviour and shold be reverted. This reverts commit f7506416b1311e65d5c440defdbcfe176f633c50. Fixes #7998 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8047)
* Make sure we trigger retransmits in DTLS testingMatt Caswell2019-01-244-14/+36
| | | | | | | | | | | | | | | | During a DTLS handshake we may need to periodically handle timeouts in the DTLS timer to ensure retransmits due to lost packets are performed. However, one peer will always complete a handshake before the other. The DTLS timer stops once the handshake has finished so any handshake messages lost after that point will not automatically get retransmitted simply by calling DTLSv1_handle_timeout(). However attempting an SSL_read implies a DTLSv1_handle_timeout() and additionally will process records received from the peer. If those records are themselves retransmits then we know that the peer has not completed its handshake yet and a retransmit of our final flight automatically occurs. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8047)
* Build: change remaining $unified_info{install} checks to use attributesRichard Levitte2019-01-225-39/+21
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8063)
* Rework build: Windows dependency building fixRichard Levitte2019-01-221-0/+1
| | | | | | | | | One variable misssing Fixes #8060 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8061)
* Build: pass attributes down to make rule generatorsRichard Levitte2019-01-221-0/+5
| | | | | | | | | For good measure, we pass down attributes when calling obj2shlib, obj2lib, obj2dso, obj2bin, or in2script. We currently don't use them in our build file templates, but might as well for future use. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7581)
* Build: use attributes to indicate installed script classesRichard Levitte2019-01-224-13/+40
| | | | | | | | | | | | | | | | | | | | | We have two classes of scripts to be installed, those that are installed as "normal" programs, and those that are installed as "misc" scripts. These classes are installed in different locations, so the build file templates must pay attention. Because we didn't have the tools to indicate what scripts go where, we had these scripts hard coded in the build template files, with the maintenance issues that may cause. Now that we have attributes, those can be used to classify the installed scripts, and have the build file templates simply check the attributes to know what's what. Furthermore, the 'tsget.pl' script exists both as 'tsget.pl' and 'tsget', which is done by installing a symbolic link (or copy). This link name is now given through an attribute, which results in even less hard coding in the Unix Makefile template. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7581)
* Build: Change all _NO_INST to use attributes instead.Richard Levitte2019-01-229-50/+106
| | | | | | | | | This means that all PROGRAMS_NO_INST, LIBS_NO_INST, ENGINES_NO_INST and SCRIPTS_NO_INST are changed to be PROGRAM, LIBS, ENGINES and SCRIPTS with the associated attribute 'noinst'. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7581)
* Configure: add attributes to end product build.info variablesRichard Levitte2019-01-221-70/+86
| | | | | | | | | | | | | | | | | | | | | | | Among others, this avoids having special variables like PROGRAMS_NO_INST. Instead, we can have something like this: PROGRAMS{noinst}=foo bar Configure itself is entirely agnostic to these attributes, they are simply passed to the build file templates, to be used as they see fit. Attributes can also have values, for example: SCRIPTS{linkname=foo}=foo.pl This could help indicate to build file templates that care that the perl script 'foo.pl' should also exist with the name 'foo', preferably as a symbolic link. Fixes #7568 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7581)
* Configure: teach the tokenizer to handle other separators than spacesRichard Levitte2019-01-221-18/+29
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7581)
* Update NOTES.ANDROIDMatt Eaton2019-01-211-1/+1
| | | | | | | | | | | Minor typo fix to `adjustment` in the line: "In such case you have to pass matching target name to Configure and shouldn't use -D__ANDROID_API__=N. PATH adjustment becomes simpler, $ANDROID_NDK/bin:$PATH suffices." Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8054)
* Rework building: Get rid of old %unified_info structuresRichard Levitte2019-01-214-163/+14
| | | | | | | | | | | | Now that we have the names of libraries on different systems established through platform modules, we can remove the old structure to establish the same thing, i.e. $unified_info{sharednames} and $unified_info{rename}. That means removing support for the RENAME and SHARED_NAME keywords in build.info as well. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7473)
* Rework building: adapt some scriptsRichard Levitte2019-01-213-37/+14
| | | | | | | | | | | | | The platform module collection is made in such a way that any Perl script that wants to take part of the available information can use them just as well as the build system. This change adapts test/recipes/90-test_shlibload.t, util/mkdef.pl, and util/shlib_wrap.sh.in Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7473)
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-27 04:23:29 +0000