generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
11,115 Commits 16 Branches 258 Tags
Commit Graph

11115 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Viktor Dukhovni
e83c913723 Update API to use (char *) for email addresses and hostnames 
Reduces number of silly casts in OpenSSL code and likely most
applications.  Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().

(cherry picked from commit 297c67fcd817ea643de2fdeff4e434b050d571e2)
 2014-07-07 19:20:34 +10:00
Viktor Dukhovni
55fe56837a Set optional peername when X509_check_host() succeeds. 
Pass address of X509_VERIFY_PARAM_ID peername to X509_check_host().
Document modified interface.

(cherry picked from commit ced3d9158a7a8c676be504bb6cd3b5ffb7cc7f13)
 2014-07-07 19:20:34 +10:00
Viktor Dukhovni
1eb57ae2b7 New peername element in X509_VERIFY_PARAM_ID 
Declaration, memory management, accessor and documentation.

(cherry picked from commit 6e661d458f5aa8f52bf3d9098bd10025de5f08ea)
 2014-07-07 19:20:34 +10:00
Viktor Dukhovni
41e3ebd5ab One more typo when changing !result to result <= 0 
(cherry picked from commit eef1827f89ebb82d3bcb5391fa15e05061bab4b2)
 2014-07-07 19:19:13 +10:00
Viktor Dukhovni
9624b50d51 Fix typo in last commit 
(cherry picked from commit 90b70a6a6b4df267fea2724c7af37d93366a1fec)
 2014-07-07 19:19:13 +10:00
Viktor Dukhovni
449d864515 Multiple verifier reference identities. 
Implemented as STACK_OF(OPENSSL_STRING).

(cherry picked from commit 8abffa4a73fcbf6536e0a42d736ed9211a8204ea)
 2014-07-07 19:19:13 +10:00
Viktor Dukhovni
7f7e11ee5c Implement sk_deep_copy. 
(cherry picked from commit 66d884f06770f2daaee8016299ef7e1e3b91dfd1)
 2014-07-07 19:19:13 +10:00
Dr. Stephen Henson
43f534b986 Usage for -hack and -prexit -verify_return_error 
(cherry picked from commit ee724df75d9ad67fd954253ac514fddb46f1e3c6)
 2014-07-06 22:45:20 +01:00
Dr. Stephen Henson
fbe8ea3abe Document certificate status request options. 
(cherry picked from commit cba3f1c739f012aaadb85aaefaf8de424d2695e2)
 2014-07-06 22:45:20 +01:00
Dr. Stephen Henson
affc941ea6 s_server usage for certificate status requests 
(cherry picked from commit a44f219c009798054d6741e919cba5b2e656dbf4)
 2014-07-06 22:45:20 +01:00
Dr. Stephen Henson
012f7474f7 Update ticket callback docs. 
(cherry picked from commit a23a6e85d8dcd5733a343754f434201f3c9aa6f0)
 2014-07-06 12:40:16 +01:00
Dr. Stephen Henson
5c1b373be6 Sanity check keylength in PVK files. 
PR#2277
(cherry picked from commit 733a6c882e92f8221bd03a51643bb47f5f81bb81)
 2014-07-06 00:36:14 +01:00
Jeffrey Walton
648a9f7c2f Added reference to platform specific cryptographic acceleration such as AES-NI 2014-07-06 00:04:09 +01:00
Matt Caswell
623acb90cc Fixed error in pod files with latest versions of pod2man 
(cherry picked from commit 07255f0a76d9d349d915e14f969b9ff2ee0d1953)
 2014-07-06 00:04:09 +01:00
Andy Polyakov
6ce295a301 sha512-x86_64.pl: fix typo. 
PR: #3431
(cherry picked from commit 7eb9680ae1bf5dd9aeb61c401f2c3bd900ac9aeb)
 2014-07-06 00:00:34 +02:00
Andy Polyakov
0359ccfd8b s3_pkt.c: fix typo. 
(cherry picked from commit 0e7a32b55e8c5b1ec7c2bb755213d076390cc55e)
 2014-07-05 23:57:28 +02:00
Andy Polyakov
9c1cf94f34 apps/speed.c: add multi-block benchmark. 
(cherry picked from commit 375a64e3496c7576a7dbcfdf9a549bf2693506e8)
 2014-07-05 23:54:43 +02:00
Alan Hryngle
ff5b11f547 Return smaller of ret and f. 
PR#3418.
(cherry picked from commit fdea4fff8fb058be928980600b24cf4c62ef3630)
 2014-07-05 22:38:17 +01:00
Dr. Stephen Henson
8358302d47 Don't limit message sizes in ssl3_get_cert_verify. 
PR#319 (reoponed version).
(cherry picked from commit 7f6e9578648728478e84246fd3e64026b8b6a48e)
 2014-07-05 13:30:38 +01:00
Dr. Stephen Henson
534656a997 Add license info. 
(cherry picked from commit 55707a36cce3584457f687ff020842c079624ee8)
 2014-07-04 18:43:06 +01:00
Dr. Stephen Henson
2cfbec1cae typo 2014-07-04 13:50:26 +01:00
Dr. Stephen Henson
22db480daf Remove all RFC5878 code. 
Remove RFC5878 code. It is no longer needed for CT and has numerous bugs.
 2014-07-04 13:42:05 +01:00
Rich Salz
d107382214 Merge branch 'rsalz-docfixes' 2014-07-03 12:57:16 -04:00
Rich Salz
03ae3ca621 Close 3170, remove reference to Ariel Glenn's old 0.9.8 doc 
(cherry picked from commit f1112985e847286033ac573e70bdee752d26f46f)
 2014-07-03 12:54:31 -04:00
Andy Polyakov
61df34e924 e_os.h: limit _MSC_VER trickery to older compilers. 
PR: #3390
(cherry picked from commit aab3560b65b9254d17770bb6fe3ca7edd7451429)
 2014-07-02 22:34:02 +02:00
Andy Polyakov
47b9e06cfd bn_exp.c: fix x86_64-specific crash with one-word modulus. 
PR: #3397
(cherry picked from commit eca441b2b4d33d2a18d163ef9b4b3aff14251c73)
 2014-07-02 21:16:45 +02:00
Matt Smart
88822622a1 Fix doc typo. 
ERR_get_error(3) references the non-existent
ERR_get_last_error_line_data instead of the one that does exist,
ERR_peek_last_error_line_data.

PR#3283
(cherry picked from commit 5cc99c6cf5e908df6b00b04af7f08e99c0698c7b)
 2014-07-02 03:45:01 +01:00
Thijs Alkemade
8f243ab6c1 Make disabling last cipher work. 
(cherry picked from commit 7cb472bd0d0fd9da3d42bed1acc56c3a79fc5328)
 2014-07-02 03:32:42 +01:00
Dr. Stephen Henson
9223a31eb7 ASN1 sanity check. 
Primitive encodings shouldn't use indefinite length constructed
form.

PR#2438 (partial).
(cherry picked from commit 398e99fe5e06edb11f55a39ce0883d9aa633ffa9)
 2014-07-02 00:59:44 +01:00
Dr. Stephen Henson
654ae3d6ad Accessor functions for app_data in ECDSA_METHOD 
(cherry picked from commit 387b844ffdc79b733be0b1dbaddd2ac64a6c1192)
 2014-07-02 00:59:43 +01:00
Ben Laurie
70c739b8db Fix possible buffer overrun. 
(cherry picked from commit 2db3ea29298bdc347f15fbfab6d5746022f05101)

Conflicts:
	ssl/ssl_locl.h
	ssl/t1_lib.c
 2014-07-02 00:09:39 +01:00
Andy Polyakov
daa96141d3 sha512-x86_64.pl: fix linking problem under Windows. 
(cherry picked from commit 29be3f6411774e10169e60e1507df3d7c2e589df)
 2014-07-01 17:12:41 +02:00
Dr. Stephen Henson
802fdcda1e Fix copy for CCM, GCM and XTS. 
Internal pointers in CCM, GCM and XTS contexts should either be
NULL or set to point to the appropriate key schedule. This needs
to be adjusted when copying contexts.
(cherry picked from commit c2fd5d79ffc4fc9d120a0faad579ce96473e6a2f)
 2014-06-30 13:59:38 +01:00
Dr. Stephen Henson
6006e352ad Make EVP_Digest* work again. 2014-06-30 13:59:29 +01:00
Dr. Stephen Henson
2af68ef774 Don't core dump when using CMAC with dgst. 
We can't unfortunately print the CMAC cipher used without extending the API.

PR#2579
(cherry picked from commit 79e31a2842e10271581cbfdaae0145dd4bd35107)
 2014-06-29 23:44:44 +01:00
Dr. Stephen Henson
df401f4796 Make CMAC work with EVP_PKEY. 
Add patch originally accidentally omitted to allow CMAC to work with
EVP_PKEY APIs.
 2014-06-29 23:44:44 +01:00
Jeffrey Walton
3875ee59ba Clarified that the signature's buffer size, s, is not used as an 
IN parameter.

Under the old docs, the only thing stated was "at most
EVP_PKEY_size(pkey) bytes will be written". It was kind of misleading
since it appears EVP_PKEY_size(pkey) WILL be written regardless of the
signature's buffer size.

(cherry picked from commit 6e6ba36d980f67b6e5c7b139f78da7acbbf8ec76)
 2014-06-29 23:36:22 +01:00
ZNV
14183e50e7 Make EVP_CIPHER_CTX_copy work in GCM mode. 
PR#3272
(cherry picked from commit 370bf1d708e6d7af42e1752fb078d0822c9bc73d)
 2014-06-29 22:02:23 +01:00
Dr. Stephen Henson
15de0f609c Fix memory leak. 
PR#2531
(cherry picked from commit 44724beeadf95712a42a8b21dc71bf110e89a262)
 2014-06-29 13:51:57 +01:00
Ken Ballou
4824e7d6e9 Typo. 
PR#3173
(cherry picked from commit 76ed5a42ea68dd08bba44e4003b7e638e5d8a4a3)
 2014-06-29 13:39:20 +01:00
Dr. Stephen Henson
a3b8cd242a Show errors on CSR verification failure. 
If CSR verify fails in ca utility print out error messages.
Otherwise some errors give misleading output: for example
if the key size exceeds the library limit.

PR#2875
(cherry picked from commit a30bdb55d1361b9926eef8127debfc2e1bb8c484)
 2014-06-29 13:34:25 +01:00
Dr. Stephen Henson
d1cc95f781 Make no-ssl3 no-ssl2 do more sensible things. 
(cherry picked from commit 7ae6a4b659facfd7ad8131238aa1d349cb3fc951)
 2014-06-29 03:05:21 +01:00
Dr. Stephen Henson
6d02baf6ab Clarify protocols supported. 
Update protocols supported and note that SSLv2 is effectively disabled
by default.

PR#3184
(cherry picked from commit 1b13a4f38dfc385d5e776f6b3e06c5795874cf9b)
 2014-06-29 00:07:07 +01:00
Andy Polyakov
377551b9c4 x86_64 assembly pack: refine clang detection. 
(cherry picked from commit a356e488ad50ca9de3fc4955839441c5aff11ed3)

Resolved conflicts:

	crypto/bn/asm/rsaz-avx2.pl
 2014-06-28 17:26:03 +02:00
Dr. Stephen Henson
361fd136e9 Typo. 
PR#3107
(cherry picked from commit 7c206db9280865ae4af352dbc14e9019a6c4795d)
 2014-06-28 12:42:59 +01:00
Dr. Stephen Henson
4950a528ce Don't disable state strings with no-ssl2 
Some state strings were erronously not compiled when no-ssl2
was set.

PR#3295
(cherry picked from commit 0518a3e19e18cfc441cab261b28441b8c8bd77bf)
 2014-06-28 00:56:27 +01:00
yogesh nagarkar
00ab230a3f Fix compilation with -DSSL_DEBUG -DTLS_DEBUG -DKSSL_DEBUG 
PR#3141
(cherry picked from commit d183545d4589f1e7a40190400b8b99ea3d1f7f97)
 2014-06-28 00:41:31 +01:00
Andreas Westfeld
e99980e8fd Fix typo in ideatest.c 
(cherry picked from commit d1d4382dcb3fdcad4758ef7e7dd7b61dbf5abbfe)
 2014-06-28 00:06:32 +01:00
Ken Ballou
ec77f276e1 Remove redundant check. 
PR#3174
(cherry picked from commit fd331c0bb9b557903dd2ce88398570a3327b5ef0)
 2014-06-27 23:19:37 +01:00
Dr. Stephen Henson
d0ba994483 Fix for EVP_PBE_alg_add(). 
In EVP_PBE_alg_add don't use the underlying NID for the cipher
as it may have a non-standard key size.

PR#3206
(cherry picked from commit efb7caef637a1de8468ca109efd355a9d0e73a45)
 2014-06-27 23:19:37 +01:00