generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
12,433 Commits 16 Branches 258 Tags
ae4af7a067531245c20f032afe61a68d60d39d11
Commit Graph

12433 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dr. Stephen Henson
707b026d78 Remove serverinfo checks. 
Since sanity checks are performed for all custom extensions the
serverinfo checks are no longer needed.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2014-08-28 17:06:53 +01:00
Dr. Stephen Henson
28ea0a0c6a Add custom extension sanity checks. 
Reject attempts to use extensions handled internally.

Add flags to each extension structure to indicate if an extension
has been sent or received. Enforce RFC5246 compliance by rejecting
duplicate extensions and unsolicited extensions and only send a
server extension if we have sent the corresponding client extension.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2014-08-28 17:06:52 +01:00
Dr. Stephen Henson
ecf4d66090 Custom extension revision. 
Use the same structure for client and server custom extensions.

Add utility functions in new file t1_ext.c.
Use new utility functions to handle custom server and client extensions
and remove a lot of code duplication.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2014-08-28 17:06:52 +01:00
Dr. Stephen Henson
879bde123b fix warning 
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
 2014-08-28 17:06:52 +01:00
Emilia Kasper
5a3d21c058 Constant-time utilities 
Pull constant-time methods out to a separate header, add tests.

Reviewed-by: Bodo Moeller <bodo@openssl.org>
 2014-08-28 15:48:45 +02:00
Raphael Spreitzer
f9fb43e176 RT2400: ASN1_STRING_to_UTF8 missing initializer 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-27 22:59:05 -04:00
Rich Salz
506a3d1f9c Merge branch 'master' of git.openssl.org:openssl 
Gah, I hate when I forget to pull before merging.

Reviewed-by: rsalz
 2014-08-27 21:36:36 -04:00
Rich Salz
17e80c6bd0 RT2308: Add extern "C" { ... } wrapper 
Add the wrapper to all public header files (Configure
generates one).  Don't bother for those that are just
lists of #define's that do renaming.

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-27 21:35:32 -04:00
Emilia Kasper
f34a57202b Explicitly check for empty ASN.1 strings in d2i_ECPrivateKey 
The old code implicitly relies on the ASN.1 code returning a \0-prefixed buffer
when the buffer length is 0. Change this to verify explicitly that the ASN.1 string
has positive length.

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
 2014-08-27 19:49:35 +02:00
Matt Caswell
f063e30fe9 RT3065: automatically generate a missing EC public key 
When d2i_ECPrivateKey reads a private key with a missing (optional) public key,
generate one automatically from the group and private key.

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
 2014-08-27 19:49:35 +02:00
Adam Langley
0388ac4c99 RT3065: ec_private_key_dont_crash 
This change saves several EC routines from crashing when an EC_KEY is
missing a public key. The public key is optional in the EC private key
format and, without this patch, running the following through `openssl
ec` causes a crash:

-----BEGIN EC PRIVATE KEY-----
MBkCAQEECAECAwQFBgcIoAoGCCqGSM49AwEH
-----END EC PRIVATE KEY-----

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
 2014-08-27 19:49:34 +02:00
Mihai Militaru
7b3e11c544 RT2210: Add missing EVP_cleanup to example 
I also removed some trailing whitespace and cleaned
up the "see also" list.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-27 12:53:40 -04:00
Rich Salz
34ccd24d0e Add tags/TAGS target; rm tags/TAGS in clean 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-26 20:51:52 -04:00
Rich Salz
ed49eb4a48 Merge branch 'master' of git.openssl.org:openssl 
Stupid git tricks :(

Reviewed-by: rsalz
 2014-08-26 13:55:13 -04:00
David Gatwood
fa60b90950 RT1744: SSL_CTX_set_dump_dh() doc feedback 
The description of when the server creates a DH key is
confusing.  This cleans it up.
(rsalz: also removed trailing whitespace.)

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
 2014-08-26 13:47:23 -04:00
David Gatwood
a4d266b824 RT1744: SSL_CTX_set_dump_dh() doc feedback 
The description of when the server creates a DH key is
confusing.  This cleans it up.
(rsalz: also removed trailing whitespace.)

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
 2014-08-26 13:36:20 -04:00
Jan Schaumann
fd4592be3a RT1804: fix EXAMPLE in EVP_EncryptInit.pod 
The EXAMPLE that used FILE and RC2 doesn't compile due to a
few minor errors.  Tweak to use IDEA and AES-128. Remove
examples about RC2 and RC5.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-25 10:25:02 -04:00
Matt Caswell
2dd8cb3b95 Typo fixes to evp documentation. 
This patch was submitted by user "Kox" via the wiki

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-24 21:24:28 +01:00
Emilia Kasper
be0477a8e9 RT 3060: amend patch 
Use existing error code SSL_R_RECORD_TOO_SMALL for too many empty records.

For ease of backporting the patch to release branches.

Reviewed-by: Bodo Moeller <bodo@openssl.org>
 2014-08-22 15:35:42 +02:00
Emilia Kasper
bc46db60f1 RT3061: slightly amend patch 
Add an extra NULL dereference check

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
 2014-08-22 15:23:33 +02:00
Emilia Kasper
d64c533a20 Improve EVP_PKEY_sign documentation 
Clarify the intended use of EVP_PKEY_sign. Make the code example compile.

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
 2014-08-22 15:00:11 +02:00
Jeffrey Walton
a520ae3628 RT3142: Extra initialization in state_machine 
Remove extra initialization calls in the sample program.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-21 13:32:17 -04:00
Emilia Kasper
f511b25a73 define inline for Visual Studio 
In Visual Studio, inline is available in C++ only, however __inline is available for C, see
http://msdn.microsoft.com/en-us/library/z8y1yy88.aspx

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
 2014-08-21 15:56:58 +02:00
Emilia Kasper
da92be4d68 Fix build when BSAES_ASM is defined but VPAES_ASM is not 
Reviewed-by: Andy Polyakov <appro@openssl.org>
 2014-08-21 15:42:57 +02:00
Andy Polyakov
15735e4f0e bn/asm/rsaz-*.pl: allow spaces in Perl path name. 
RT: 2835

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-21 00:17:45 +02:00
Andy Polyakov
e608273a80 sha1-mb-x86_64.pl: add commentary. 
Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-21 00:15:40 +02:00
Laszlo Papp
09ec8c8e89 PR2490: Remove unused local variable bn ecp_nist.c 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-20 16:36:20 -04:00
Andy Polyakov
2893a302a9 crypto/evp/e_aes_cbc_hmac_sha[1|256].c: fix compiler warnings. 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-20 22:18:14 +02:00
Andy Polyakov
55eb14da20 sha1-mb-x86_64.pl: fix typo. 
Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-20 22:10:20 +02:00
Martin Olsson
89fb142b49 RT2847: Don't "check" uninitialized memory 
Don't check err variable until after it's been set.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-19 12:47:02 -04:00
Martin Olsson
96208cb182 RT2848: Remove extra NULL check 
Don't need to check auth for NULL since we did when we
assigned to it.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-19 12:43:58 -04:00
Martin Olsson
1afd7fa97c RT2513: Fix typo's paramter-->parameter 
I also found a couple of others (padlock and signinit)
and fixed them.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-19 11:09:33 -04:00
Rich Salz
0df043f608 Merge branch 'master' of git.openssl.org:openssl 2014-08-19 10:02:05 -04:00
Jeffrey Walton
76b10e13c2 PR2401: Typos in FAQ 
Also rewrite section on compiler bugs; Matt pointed out that
it has some grammatical issues.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-19 10:01:40 -04:00
Jeffrey Walton
bcd3e36c46 PR2401: Typos in FAQ 
Also rewrite section on compiler bugs; Matt pointed out that
it has some grammatical issues.
 2014-08-19 10:01:06 -04:00
John Fitzgibbon
3609b02305 RT2724: Remove extra declaration 
Extra SSL_get_selected_srtp_profile() declaration in ssl/srtp.h
causes -Werror builds to fail.

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-08-19 09:38:43 -04:00
Laszlo Papp
8b6e517e33 RT2492: Remove extra NULL check. 2014-08-18 17:41:24 -04:00
Laszlo Papp
ddc29125a1 RT2489: Remove extra "sig" local variable. 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-18 17:36:49 -04:00
John Gardiner Myers
fc979b93ee RT2942: CRYPTO_set_dynlock_create_callback doc fix 
The file param is "const char*" not "char*"

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-18 16:04:33 -04:00
Doug Goldstein
448155e9bb RT2163: Remove some unneeded #include's 
Several files #include stdio.h and don't need it.
Also, per tjh, remove BN_COUNT

Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-18 12:50:00 -04:00
Justin Blanchard
f756fb430e RT1815: More const'ness improvements 
Add a dozen more const declarations where appropriate.
These are from Justin; while adding his patch, I noticed
ASN1_BIT_STRING_check could be fixed, too.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-18 11:49:16 -04:00
Jonas Maebe
defe438d47 pub_decode_gost94, pub_decode_gost01: check for NULL after allocating databuf pub_encode_gost94, pub_encode_gost01: check for NULL after allocating databuf and octet 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:56:52 +02:00
Jonas Maebe
94c0a987c7 engine_md_copy: check for NULL after allocating to_md->HashBuffer 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:56:44 +02:00
Jonas Maebe
9f01a8acb3 process_pci_value: free (*policy)->data before setting to NULL after failed realloc 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:56:35 +02:00
Jonas Maebe
259ac68aeb do_ext_i2d: free ext_der or ext_oct on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:56:24 +02:00
Jonas Maebe
54298141d3 do_othername: check for NULL after allocating objtmp 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:56:05 +02:00
Jonas Maebe
f6983d0d76 NETSCAPE_SPKI_b64_encode: free der_spki and b64_str on error path 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-17 18:55:12 +02:00
Jonas Maebe
254f1c8019 get_cert_by_subject: check for NULL when allocating hent 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-17 18:55:01 +02:00
Jonas Maebe
fb7fbf28b3 UI_construct_prompt: check for NULL when allocating prompt 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-17 18:54:49 +02:00
Jonas Maebe
ba494ee593 hashbn: check for NULL result when allocating bin and return an error if it fails all (in)direct callers of hashbn: propagate potential error in hashbn 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-08-17 18:54:39 +02:00