We use the sysconf function to provide details about the page size in the
secure memory code. This function can return -1 on error so we should check
for this before proceeding.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
The problem remained unnoticed so far, because it's never called by default.
You have to craft OPENSSL_ppccap environment variable to trigger the problem.
Reviewed-by: Richard Levitte <levitte@openssl.org>
It was also found that stich performs suboptimally on AMD Jaguar, hence
execution is limited to XOP-capable and Intel processors.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Print certificate details using accessor functions.
Since X509_CERT_AUX_print is only used in one place and can't
be used by applications (it uses an internal X509_CERT_AUX structure)
this has been removed and replaced by a function X509_aux_print which
takes an X509 pointer instead.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Rebuild error source files: the new mkerr.pl functionality will now
pick up and translate static function names properly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
BIO_int_ctrl isn't made for the purpose BIO_get_conn_int_port used it
for.
This also changes BIO_C_GET_CONNECT to actually return the port
instead of assigning it to a pointer that was never returned back to
the caller.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Pull out the state machine into a separate sub directory. Also moved some
functions which were nothing to do with the state machine but were in state
machine files. Pulled all the SSL_METHOD definitions into one place...most
of those files had very little left in them any more.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Because the default error macro generator assumes the header file with
error macros is in include/openssl and therefore generates a C file
with error texts that include <openssl/{name}.h>, we need to generate
the error macros and texts for CT separately, since the CT module
doesn't follow the default criteria.
Reviewed-by: Matt Caswell <matt@openssl.org>
There are a number of engines in the OpenSSL source code which are now
obsolete. The following engines have been removed: 4758cca, aep, atalla,
cswift, nuron, sureware.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Don't mark a certificate as self signed if keyUsage is present and
certificate signing not asserted.
PR#3979
Reviewed-by: Matt Caswell <matt@openssl.org>
RFC5753 requires that we omit parameters for AES key wrap and set them
to NULL for 3DES wrap. OpenSSL decrypt uses the received algorithm
parameters so can transparently handle either form.
Reviewed-by: Andy Polyakov <appro@openssl.org>
