generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
8,852 Commits 16 Branches 258 Tags
Commit Graph

1183 Commits

Author SHA1 Message Date
Dr. Stephen Henson
cc21b51add Don't try and parse boolean type. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit e58c4d3cdde7a0a01df2884bfeec31a2b07be22d)
 2015-10-06 15:18:05 +01:00
Matt Caswell
02f0c26cea Re-align some comments after running the reformat script. 
This should be a one off operation (subsequent invokation of the
script should not move them)

This commit is for the 0.9.8 changes

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:53:07 +00:00
Matt Caswell
40720ce3ca Run util/openssl-format-source -v -c . 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:52:55 +00:00
Matt Caswell
9d03aabea3 More comment changes required for indent 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:52:49 +00:00
Matt Caswell
13270477f4 Move more comments that confuse indent 
Conflicts:
	crypto/dsa/dsa.h
	demos/engines/ibmca/hw_ibmca.c
	ssl/ssl_locl.h

Conflicts:
	crypto/bn/rsaz_exp.c
	crypto/evp/e_aes_cbc_hmac_sha1.c
	crypto/evp/e_aes_cbc_hmac_sha256.c
	ssl/ssl_locl.h

Conflicts:
	crypto/ec/ec2_oct.c
	crypto/ec/ecp_nistp256.c
	crypto/ec/ecp_nistp521.c
	crypto/ec/ecp_nistputil.c
	crypto/ec/ecp_oct.c
	crypto/modes/gcm128.c
	ssl/ssl_locl.h

Conflicts:
	apps/apps.c
	crypto/crypto.h
	crypto/rand/md_rand.c
	ssl/d1_pkt.c
	ssl/ssl.h
	ssl/ssl_locl.h
	ssl/ssltest.c
	ssl/t1_enc.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:52:21 +00:00
Matt Caswell
c7c7a432df indent has problems with comments that are on the right hand side of a line. 
Sometimes it fails to format them very well, and sometimes it corrupts them!
This commit moves some particularly problematic ones.

Conflicts:
	crypto/bn/bn.h
	crypto/ec/ec_lcl.h
	crypto/rsa/rsa.h
	demos/engines/ibmca/hw_ibmca.c
	ssl/ssl.h
	ssl/ssl3.h

Conflicts:
	crypto/ec/ec_lcl.h
	ssl/tls1.h

Conflicts:
	crypto/ec/ecp_nistp224.c
	crypto/evp/evp.h
	ssl/d1_both.c
	ssl/ssl.h
	ssl/ssl_lib.c

Conflicts:
	crypto/bio/bss_file.c
	crypto/ec/ec_lcl.h
	crypto/evp/evp.h
	crypto/store/str_mem.c
	crypto/whrlpool/wp_block.c
	crypto/x509/x509_vfy.h
	ssl/ssl.h
	ssl/ssl3.h
	ssl/ssltest.c
	ssl/t1_lib.c
	ssl/tls1.h

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:50:57 +00:00
Andy Polyakov
9b8089bfea apps/speed.c: make it indent-friendly. 
Conflicts:
	apps/speed.c

Conflicts:
	apps/speed.c

Conflicts:
	apps/speed.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:50:09 +00:00
Matt Caswell
00ea17f9d7 Fix source where indent will not be able to cope 
Conflicts:
	apps/ciphers.c
	ssl/s3_pkt.c

Conflicts:
	crypto/ec/ec_curve.c

Conflicts:
	crypto/ec/ec_curve.c
	ssl/s3_clnt.c
	ssl/s3_srvr.c
	ssl/ssl_sess.c

Conflicts:
	apps/ciphers.c
	crypto/bn/bn.h
	crypto/ec/ec_curve.c
	ssl/t1_enc.c
	ssl/t1_lib.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:49:13 +00:00
Matt Caswell
3e8042c38f Additional comment changes for reformat of 0.9.8 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:49:06 +00:00
Matt Caswell
564ccc55d6 Further comment amendments to preserve formatting prior to source reformat 
(cherry picked from commit 4a7fa26ffd65bf36beb8d1cb8f29fc0ae203f5c5)

Conflicts:
	crypto/x509v3/pcy_tree.c

Conflicts:
	apps/apps.c
	ssl/ssltest.c

Conflicts:
	apps/apps.c
	crypto/ec/ec2_oct.c
	crypto/ec/ecp_nistp224.c
	crypto/ec/ecp_nistp256.c
	crypto/ec/ecp_nistp521.c
	ssl/s3_cbc.c
	ssl/ssl_sess.c
	ssl/t1_lib.c

Conflicts:
	crypto/bio/b_sock.c
	crypto/pem/pem.h
	crypto/x509/x509_vfy.c
	crypto/x509v3/pcy_tree.c
	ssl/s3_both.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:48:59 +00:00
Tim Hudson
b558c8d597 mark all block comments that need format preserving so that 
indent will not alter them when reformatting comments

(cherry picked from commit 1d97c8435171a7af575f73c526d79e1ef0ee5960)

Conflicts:
	crypto/bn/bn_lcl.h
	crypto/bn/bn_prime.c
	crypto/engine/eng_all.c
	crypto/rc4/rc4_utl.c
	crypto/sha/sha.h
	ssl/kssl.c
	ssl/t1_lib.c

Conflicts:
	crypto/rc4/rc4_enc.c
	crypto/x509v3/v3_scts.c
	crypto/x509v3/v3nametest.c
	ssl/d1_both.c
	ssl/s3_srvr.c
	ssl/ssl.h
	ssl/ssl_locl.h
	ssl/ssltest.c
	ssl/t1_lib.c

Conflicts:
	crypto/asn1/a_sign.c
	crypto/bn/bn_div.c
	crypto/dsa/dsa_asn1.c
	crypto/ec/ecp_nistp224.c
	crypto/ec/ecp_nistp256.c
	crypto/ec/ecp_nistp521.c
	crypto/ec/ecp_nistputil.c
	crypto/modes/gcm128.c
	crypto/opensslv.h
	ssl/d1_both.c
	ssl/heartbeat_test.c
	ssl/s3_clnt.c
	ssl/s3_srvr.c
	ssl/ssl_sess.c
	ssl/t1_lib.c
	test/testutil.h

Conflicts:
	apps/openssl.c
	apps/ts.c
	apps/vms_decc_init.c
	crypto/aes/aes_core.c
	crypto/aes/aes_x86core.c
	crypto/dsa/dsa_ameth.c
	crypto/ec/ec2_mult.c
	crypto/evp/evp.h
	crypto/objects/objects.h
	crypto/rsa/rsa_pss.c
	crypto/stack/safestack.h
	crypto/ts/ts.h
	crypto/ts/ts_rsp_verify.c
	crypto/whrlpool/wp_dgst.c
	crypto/x509v3/v3_ncons.c
	e_os2.h
	engines/ccgost/gost89.c
	engines/ccgost/gost_ctl.c
	engines/ccgost/gost_keywrap.c
	engines/ccgost/gost_keywrap.h
	engines/ccgost/gost_sign.c
	ssl/kssl.c
	ssl/s3_srvr.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:48:44 +00:00
Bodo Moeller
3f4d81e88b Add TLS_FALLBACK_SCSV documentation, and move s_client -fallback_scsv 
handling out of #ifndef OPENSSL_NO_DTLS1 section.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-10-15 11:15:58 +02:00
Bodo Moeller
c6a876473c Support TLS_FALLBACK_SCSV. 
Reviewed-by: Stephen Henson <steve@openssl.org>
 2014-10-15 04:18:29 +02:00
Dr. Stephen Henson
5021f6314e fix warn_unused_result warnings 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-06 21:59:15 +01:00
Dr. Stephen Henson
21d24dd38a Fix warnings about ignored return values. 
(cherry picked from commit 27131fe8f7418bf22b1e3000ea6a5d7b1ec8ebd4)
Reviewed-by: Matt Caswell <matt@openssl.org>
 2014-08-06 21:58:25 +01:00
Dr. Stephen Henson
a214feb26b Don't allow -www etc options with DTLS. 
The options which emulate a web server don't make sense when doing DTLS.
Exit with an error if an attempt is made to use them.

PR#3453
(cherry picked from commit 58a2aaeade8bdecd0f9f0df41927f7cff3012547)
 2014-07-15 12:27:29 +01:00
Dr. Stephen Henson
7a3a82dbbd Use case insensitive compare for servername. 
PR#3445
(cherry picked from commit 1c3e9a7c67ccdc5e770829fe951e5832e600d377)
 2014-07-15 00:00:39 +01:00
Dr. Stephen Henson
2daec41e25 Show errors on CSR verification failure. 
If CSR verify fails in ca utility print out error messages.
Otherwise some errors give misleading output: for example
if the key size exceeds the library limit.

PR#2875
(cherry picked from commit a30bdb55d1361b9926eef8127debfc2e1bb8c484)
 2014-06-29 13:35:18 +01:00
Dr. Stephen Henson
8519635923 Typo. 
PR#3107
(cherry picked from commit 7c206db9280865ae4af352dbc14e9019a6c4795d)
 2014-06-28 12:43:50 +01:00
Dr. Stephen Henson
9fb10cfe6b Memory leak and NULL dereference fixes. 
PR#3403
(cherry picked from commit d2aea038297e0c64ca66e6844cbb37377365885e)

Conflicts:

	apps/crl2p7.c
	crypto/asn1/a_utctm.c
	crypto/asn1/ameth_lib.c
	crypto/asn1/bio_asn1.c
 2014-06-27 15:33:18 +01:00
Dr. Stephen Henson
ee14e33c35 Change default cipher in smime app to des3. 
PR#3357
(cherry picked from commit ca3ffd9670f2b589bf8cc04923f953e06d6fbc58)

Conflicts:

	doc/apps/smime.pod
 2014-05-21 11:21:12 +01:00
Viktor Dukhovni
afa2ea204e Fix infinite loop. PR#3347 2014-05-11 21:20:00 +01:00
Dr. Stephen Henson
c61f0cbffb Fix free errors in ocsp utility. 
Keep copy of any host, path and port values allocated by
OCSP_parse_url and free as necessary.
(cherry picked from commit 5219d3dd350cc74498dd49daef5e6ee8c34d9857)
 2014-04-09 15:45:56 +01:00
Dr. Stephen Henson
e56334998c Use correct length when prompting for password. 
Use bufsiz - 1 not BUFSIZ - 1 when prompting for a password in
the openssl utility.

Thanks to Rob Mackinnon, Leviathan Security for reporting this issue.
(cherry picked from commit 7ba08a4d73c1bdfd3aced09a628b1d7d7747cdca)
 2014-04-04 13:09:05 +01:00
mancha
a375025e4d Fix alert handling. 
Fix OpenSSL 0.9.8 alert handling.

PR#3038
 2014-03-27 00:54:16 +00:00
Dr. Stephen Henson
430b637bd5 make update 2013-02-05 16:50:36 +00:00
Dr. Stephen Henson
bb152dae8f check mval for NULL too 2012-12-04 17:26:36 +00:00
Dr. Stephen Henson
c42ab44087 fix leak 2012-12-03 16:33:54 +00:00
Dr. Stephen Henson
c571a3e984 PR: 2908 
Submitted by: Dmitry Belyavsky <beldmit@gmail.com>

Fix DH double free if parameter generation fails.
 2012-11-21 14:01:38 +00:00
Dr. Stephen Henson
92e5882aca fix memory leak 2012-09-11 13:45:42 +00:00
Dr. Stephen Henson
a9101cdcaa Always use SSLv23_{client,server}_method in s_client.c and s_server.c, 
the old code came from SSLeay days before TLS was even supported.
 2012-03-18 18:18:30 +00:00
Dr. Stephen Henson
4f2fc3c2dd Fix for CMS/PKCS7 MMA. If RSA decryption fails use a random key and 
continue with symmetric decryption process to avoid leaking timing
information to an attacker.

Thanks to Ivan Nestlerode <inestlerode@us.ibm.com> for discovering
this issue. (CVE-2012-0884)
 2012-03-12 14:51:45 +00:00
Bodo Möller
bf240f063a Fix usage indentation 2012-01-05 13:15:29 +00:00
Dr. Stephen Henson
7183aa6b9d make update 2012-01-04 19:12:39 +00:00
Dr. Stephen Henson
24f441e0bb The default CN prompt message can be confusing when often the CN needs to 
be the server FQDN: change it.
[Reported by PSW Group]
 2011-12-06 00:01:09 +00:00
Dr. Stephen Henson
91a1d08a4c use keyformat for -x509toreq, don't hard code PEM 2011-09-23 21:49:08 +00:00
Dr. Stephen Henson
6ec9ff83f3 PR: 2347 
Submitted by: Tomas Mraz <tmraz@redhat.com>
Reviewed by: steve

Fix usage message.
 2011-09-23 13:13:02 +00:00
Dr. Stephen Henson
03e3fbb702 PR: 2527 
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve

Set cnf to NULL to avoid possible double free.
 2011-05-25 15:06:32 +00:00
Dr. Stephen Henson
32cd1da62e PR: 2469 
Submitted by: Jim Studt <jim@studt.net>
Reviewed by: steve

Check mac is present before trying to retrieve mac iteration count.
 2011-03-13 18:23:24 +00:00
Dr. Stephen Henson
50fb940f05 make WIN32 compile work again 2010-07-08 01:23:25 +00:00
Ben Laurie
d886975835 Fix gcc 4.6 warnings. Check TLS server hello extension length. 2010-06-12 13:18:58 +00:00
Dr. Stephen Henson
c1f1a03d0c PR: 2262 
Submitted By: Victor Wagner <vitus@cryptocom.ru>

Fix error reporting in load_key function.
 2010-05-27 14:09:22 +00:00
Dr. Stephen Henson
cf6a1dea19 PR: 2202 (partial) 
Submitted by: Steven M. Schweda <sms@antinode.info>

VMS fixes:
	Reduce copying into .apps and .test in makevms.com
	Don't try to use blank CA certificate in CA.com
	Allow use of C files from original directories in maketests.com
 2010-03-25 12:29:56 +00:00
Dr. Stephen Henson
4610d8dc00 don't leave bogus errors in the queue 2010-03-10 13:48:35 +00:00
Dr. Stephen Henson
b7c114f044 PR: 2183 
PR#1999 broke fork detection by assuming HAVE_FORK was set for all platforms.
Include original HAVE_FORK detection logic while allowing it to be
overridden on specific platforms with -DHAVE_FORK=1 or -DHAVE_FORK=0
 2010-03-03 19:56:00 +00:00
Richard Levitte
53b5d04715 Apply changes from the 1.0.0 branch. 2010-02-23 07:51:39 +00:00
Dr. Stephen Henson
162f1e08f8 make no-rsa no-dsa compile again 2010-02-02 14:03:07 +00:00
Dr. Stephen Henson
714044cc03 oops revert test code from previous commit 2010-01-24 13:52:38 +00:00
Dr. Stephen Henson
5598b99fb3 The fix for PR#1949 unfortunately broke cases where the BIO_CTRL_WPENDING 
ctrl is incorrectly implemented (e.g. some versions of Apache). As a workaround
call both BIO_CTRL_INFO and BIO_CTRL_WPENDING if it returns zero. This should
both address the original bug and retain compatibility with the old behaviour.
 2010-01-24 13:50:57 +00:00
Dr. Stephen Henson
444ff35029 revert patch 2010-01-19 19:10:53 +00:00