| #
9311d0c4 |
| 04-Nov-2020 |
Richard Levitte |
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call
This includes error reporting for libcrypto sub-libraries in surprising
places.
This was done using ut
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call
This includes error reporting for libcrypto sub-libraries in surprising
places.
This was done using util/err-to-raise
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13318)
show more ...
|
| #
e6623cfb |
| 03-Sep-2020 |
Matt Caswell |
Fix safestack issues in x509.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/1
Fix safestack issues in x509.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
show more ...
|
| #
2aa91df4 |
| 02-Sep-2020 |
Dr. David von Oheimb |
X509_NAME_oneline(): Fix output of multi-valued RDNs, escaping '/' and '+' in values
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pul
X509_NAME_oneline(): Fix output of multi-valued RDNs, escaping '/' and '+' in values
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12769)
show more ...
|
| #
454afd98 |
| 15-May-2020 |
Matt Caswell |
Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11839)
|
|
Revision tags: OpenSSL_1_0_2u |
|
| #
852c2ed2 |
| 19-Dec-2019 |
Rich Salz |
In OpenSSL builds, declare STACK for datatypes ...
... and only *define* them in the source files that need them.
Use DEFINE_OR_DECLARE which is set appropriately for internal builds
In OpenSSL builds, declare STACK for datatypes ...
... and only *define* them in the source files that need them.
Use DEFINE_OR_DECLARE which is set appropriately for internal builds
and not non-deprecated builds.
Deprecate stack-of-block
Better documentation
Move some ASN1 struct typedefs to types.h
Update ParseC to handle this. Most of all, ParseC needed to be more
consistent. The handlers are "recursive", in so far that they are called
again and again until they terminate, which depends entirely on what the
"massager" returns. There's a comment at the beginning of ParseC that
explains how that works. {Richard Levtte}
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10669)
show more ...
|
| #
25f2138b |
| 27-Sep-2019 |
Dr. Matthias St. Pierre |
Reorganize private crypto header files
Currently, there are two different directories which contain internal
header files of libcrypto which are meant to be shared internally:
W
Reorganize private crypto header files
Currently, there are two different directories which contain internal
header files of libcrypto which are meant to be shared internally:
While header files in 'include/internal' are intended to be shared
between libcrypto and libssl, the files in 'crypto/include/internal'
are intended to be shared inside libcrypto only.
To make things complicated, the include search path is set up in such
a way that the directive #include "internal/file.h" could refer to
a file in either of these two directoroes. This makes it necessary
in some cases to add a '_int.h' suffix to some files to resolve this
ambiguity:
#include "internal/file.h" # located in 'include/internal'
#include "internal/file_int.h" # located in 'crypto/include/internal'
This commit moves the private crypto headers from
'crypto/include/internal' to 'include/crypto'
As a result, the include directives become unambiguous
#include "internal/file.h" # located in 'include/internal'
#include "crypto/file.h" # located in 'include/crypto'
hence the superfluous '_int.h' suffixes can be stripped.
The files 'store_int.h' and 'store.h' need to be treated specially;
they are joined into a single file.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9333)
show more ...
|
|
Revision tags: OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
| #
3e4b43b9 |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in crypto/x509/
[skip ci]
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull
Following the license change, modify the boilerplates in crypto/x509/
[skip ci]
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7824)
show more ...
|
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g |
|
| #
26a7d938 |
| 17-Oct-2017 |
KaoruToda |
Remove parentheses of return.
Since return is inconsistent, I removed unnecessary parentheses and
unified them.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt
Remove parentheses of return.
Since return is inconsistent, I removed unnecessary parentheses and
unified them.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4541)
show more ...
|
| #
f32b0abe |
| 28-Sep-2017 |
Pauli |
Remove unnecessary #include <openssl/lhash.h> directives.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4431)
|
|
Revision tags: OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16, OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d, OpenSSL-fips-2_0_15, OpenSSL-fips-2_0_14, OpenSSL_1_1_0c, OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a, OpenSSL_1_1_0, OpenSSL_1_1_0-pre6 |
|
| #
9f5466b9 |
| 07-Jul-2016 |
FdaSilvaYY |
Constify some X509_NAME, ASN1 printing code
ASN1_buf_print, asn1_print_*, X509_NAME_oneline, X509_NAME_print
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard L
Constify some X509_NAME, ASN1 printing code
ASN1_buf_print, asn1_print_*, X509_NAME_oneline, X509_NAME_print
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
| #
9d22666e |
| 28-Jun-2016 |
FdaSilvaYY |
Spelling
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/ope
Spelling
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1264)
show more ...
|
|
Revision tags: OpenSSL-fips-2_0_13 |
|
| #
b1322259 |
| 17-May-2016 |
Rich Salz |
Copyright consolidation 09/10
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| #
2647e261 |
| 17-May-2016 |
Matt Caswell |
Remove repeated condition from if in X509_NAME_oneline
An if checks the value of |type| to see if it is V_ASN1_VISIBLESTRING
twice. We only need to do it once.
GitHub Issue #656
Remove repeated condition from if in X509_NAME_oneline
An if checks the value of |type| to see if it is V_ASN1_VISIBLESTRING
twice. We only need to do it once.
GitHub Issue #656
Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
|
Revision tags: OpenSSL_1_0_1t, OpenSSL_1_0_2h |
|
| #
ea96ad5a |
| 28-Apr-2016 |
Matt Caswell |
Prevent EBCDIC overread for very long strings
ASN1 Strings that are over 1024 bytes can cause an overread in
applications using the X509_NAME_oneline() function on EBCDIC systems.
Th
Prevent EBCDIC overread for very long strings
ASN1 Strings that are over 1024 bytes can cause an overread in
applications using the X509_NAME_oneline() function on EBCDIC systems.
This could result in arbitrary stack data being returned in the buffer.
Issue reported by Guido Vranken.
CVE-2016-2176
Reviewed-by: Andy Polyakov <appro@openssl.org>
show more ...
|
| #
77076dc9 |
| 28-Apr-2016 |
Dr. Stephen Henson |
Add checks to X509_NAME_oneline()
Sanity check field lengths and sums to avoid potential overflows and reject
excessively large X509_NAME structures.
Issue reported by Guido Vra
Add checks to X509_NAME_oneline()
Sanity check field lengths and sums to avoid potential overflows and reject
excessively large X509_NAME structures.
Issue reported by Guido Vranken.
Reviewed-by: Matt Caswell <matt@openssl.org>
show more ...
|
| #
b33d1141 |
| 28-Apr-2016 |
Dr. Stephen Henson |
Sanity check buffer length.
Reject zero length buffers passed to X509_NAME_onelne().
Issue reported by Guido Vranken.
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| #
4cd5c3f4 |
| 29-Apr-2016 |
Matt Caswell |
Fix a build error with strict-warnings and CHARSET_EBCDIC
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
Revision tags: OpenSSL_1_1_0-pre5, OpenSSL_1_1_0-pre4, OpenSSL_1_0_1s, OpenSSL_1_0_2g, OpenSSL_1_1_0-pre3, OpenSSL-fips-2_0_12, OpenSSL_1_0_1r, OpenSSL_1_0_2f, OpenSSL_1_1_0-pre2 |
|
| #
34980760 |
| 18-Dec-2015 |
Rich Salz |
Remove /* foo.c */ comments
This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1
Remove /* foo.c */ comments
This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1 && m@/\* .*\.[ch] \*/@;
close ARGV if eof; # Close file to reset $.
And then some hand-editing of other files.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
show more ...
|
|
Revision tags: OpenSSL_1_1_0-pre1, OpenSSL_0_9_8zh, OpenSSL_1_0_0t, OpenSSL_1_0_1q, OpenSSL_1_0_2e, OpenSSL_1_0_1p, OpenSSL_1_0_2d, OpenSSL-fips-2_0_11, OpenSSL_1_0_1o, OpenSSL_1_0_2c, OpenSSL_0_9_8zg, OpenSSL_1_0_0s, OpenSSL_1_0_1n, OpenSSL_1_0_2b |
|
| #
b39fc560 |
| 14-May-2015 |
Richard Levitte |
Identify and move common internal libcrypto header files
There are header files in crypto/ that are used by a number of crypto/
submodules. Move those to crypto/include/internal and ada
Identify and move common internal libcrypto header files
There are header files in crypto/ that are used by a number of crypto/
submodules. Move those to crypto/include/internal and adapt the
affected source code and Makefiles.
The header files that got moved are:
crypto/cryptolib.h
crypto/md32_common.h
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
|
Revision tags: OpenSSL-fips-2_0_10 |
|
| #
25aaa98a |
| 01-May-2015 |
Rich Salz |
free NULL cleanup -- coda
After the finale, the "real" final part. :) Do a recursive grep with
"-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are
an "if NULL" che
free NULL cleanup -- coda
After the finale, the "real" final part. :) Do a recursive grep with
"-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are
an "if NULL" check that can be removed.
Reviewed-by: Tim Hudson <tjh@openssl.org>
show more ...
|
|
Revision tags: OpenSSL_0_9_8zf, OpenSSL_1_0_0r, OpenSSL_1_0_1m, OpenSSL_1_0_2a |
|
| #
2743e38c |
| 16-Mar-2015 |
Dr. Stephen Henson |
make X509_NAME opaque
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Revision tags: OpenSSL_1_0_2, master-post-auto-reformat |
|
| #
0f113f3e |
| 22-Jan-2015 |
Matt Caswell |
Run util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Revision tags: OpenSSL_1_0_2-post-auto-reformat, OpenSSL_0_9_8-post-auto-reformat, OpenSSL_0_9_8-pre-auto-reformat, OpenSSL_1_0_0-post-auto-reformat, OpenSSL_1_0_0-pre-auto-reformat, OpenSSL_1_0_1-post-auto-reformat, OpenSSL_1_0_1-pre-auto-reformat, master-post-reformat, OpenSSL_0_9_8-pre-reformat, OpenSSL_0_9_8ze, OpenSSL_1_0_0-pre-reformat, OpenSSL_1_0_0q, OpenSSL_1_0_1-pre-reformat, OpenSSL_1_0_1l, master-pre-reformat, OpenSSL_1_0_2-pre-reformat, OpenSSL_0_9_8zd, OpenSSL_1_0_0p, OpenSSL_1_0_1k, OpenSSL_0_9_8-post-reformat, OpenSSL-fips-2_0_9, OpenSSL_1_0_1j, OpenSSL_1_0_0o, OpenSSL_0_9_8zc, OpenSSL_1_0_2-beta3, OpenSSL_0_9_8zb, OpenSSL_1_0_0n, OpenSSL_1_0_1i, OpenSSL_1_0_2-beta2, OpenSSL-fips-2_0_8, OpenSSL_1_0_1h, OpenSSL_1_0_0m, OpenSSL_0_9_8za, OpenSSL-fips-2_0_7, OpenSSL_1_0_1g, OpenSSL_1_0_2-beta1, OpenSSL_1_0_0l, OpenSSL_1_0_1f, OpenSSL-fips-2_0_6, OpenSSL-fips-2_0_5, OpenSSL-fips-2_0_4, OpenSSL-fips-2_0_3, OpenSSL_1_0_1e, OpenSSL_0_9_8y, OpenSSL_1_0_0k, OpenSSL_1_0_1d, OpenSSL-fips-2_0-pl1, OpenSSL-fips-2_0_2, OpenSSL-fips-2_0_1, OpenSSL_1_0_1c, OpenSSL_1_0_0j, OpenSSL_0_9_8x, OpenSSL_1_0_1b, OpenSSL_0_9_8w, OpenSSL_1_0_1a, OpenSSL_0_9_8v, OpenSSL_1_0_0i, OpenSSL_1_0_1, OpenSSL_1_0_0h, OpenSSL_0_9_8u, OpenSSL_1_0_1-beta3, OpenSSL_1_0_1-beta2, OpenSSL-fips-2_0, OpenSSL_1_0_0g, OpenSSL_0_9_8t, OpenSSL_0_9_8s, OpenSSL_1_0_0f, OpenSSL-fips-2_0-rc8, OpenSSL_1_0_1-beta1, OpenSSL-fips-2_0-rc7, OpenSSL-fips-2_0-rc6, OpenSSL-fips-2_0-rc5, OpenSSL-fips-2_0-rc4, OpenSSL-fips-2_0-rc3, OpenSSL-fips-2_0-rc2, OpenSSL-fips-2_0-rc1, OpenSSL-fips-1_2_3, OpenSSL-fips-1_2_2, OpenSSL-fips-1_2_1, OpenSSL_1_0_0e, OpenSSL_1_0_0d, OpenSSL_0_9_8r, OpenSSL_0_9_8q, OpenSSL_1_0_0c, OpenSSL_0_9_8p, OpenSSL_1_0_0b, OpenSSL_0_9_8o, OpenSSL_1_0_0a, OpenSSL_1_0_0, OpenSSL_0_9_8n, OpenSSL_0_9_8m, OpenSSL_0_9_8m-beta1, OpenSSL_1_0_0-beta5, OpenSSL_1_0_0-beta4, OpenSSL_0_9_8l, OpenSSL_1_0_0-beta3, OpenSSL_1_0_0-beta2, OpenSSL_1_0_0-beta1, OpenSSL_0_9_8k, OpenSSL_0_9_8j, OpenSSL_0_9_8i, OpenSSL_0_9_8h, OpenSSL_0_9_8g |
|
| #
ebc06fba |
| 13-Oct-2007 |
Andy Polyakov |
Bunch of constifications.
|
|
Revision tags: OpenSSL_0_9_8f, FIPS_098_TEST_8, FIPS_098_TEST_7, FIPS_098_TEST_6, FIPS_098_TEST_5, FIPS_098_TEST_4, FIPS_098_TEST_3, FIPS_098_TEST_2, FIPS_098_TEST_1, OpenSSL_0_9_7m, OpenSSL_0_9_8e, OpenSSL_0_9_7l, OpenSSL_0_9_8d, OpenSSL_0_9_8c, OpenSSL_0_9_7k, OpenSSL_0_9_7j, OpenSSL_0_9_8b, OpenSSL_FIPS_1_0, OpenSSL_0_9_7i, OpenSSL_0_9_8a, OpenSSL_0_9_7h, OpenSSL_0_9_8, FIPS_TEST_10, OpenSSL_0_9_8-beta6, OpenSSL_0_9_8-beta5, FIPS_TEST_9, OpenSSL_0_9_8-beta4, OpenSSL_0_9_8-beta3, BEN_FIPS_TEST_8, OpenSSL_0_9_8-beta2, OpenSSL_0_9_8-beta1, OpenSSL_0_9_7g, OpenSSL_0_9_7f, BEN_FIPS_TEST_7, BEN_FIPS_TEST_6, OpenSSL_0_9_7e, OpenSSL_0_9_7d, OpenSSL-engine-0_9_6m, OpenSSL_0_9_6m, LEVITTE_after_const, LEVITTE_before_const, BEN_FIPS_TEST_5, BEN_FIPS_TEST_4, OpenSSL-engine-0_9_6l, OpenSSL_0_9_6l, BEN_FIPS_TEST_3, BEN_FIPS_TEST_2, BEN_FIPS_TEST_1, OpenSSL-engine-0_9_6k, OpenSSL_0_9_6k, OpenSSL_0_9_7c, OpenSSL-engine-0_9_6j, OpenSSL_0_9_7b, OpenSSL_0_9_6j, OpenSSL-engine-0_9_6i, OpenSSL_0_9_6i, OpenSSL_0_9_7a, OpenSSL_0_9_7, OpenSSL_0_9_7-beta6, STATE_after_zlib, STATE_before_zlib, OpenSSL_0_9_7-beta5, OpenSSL-engine-0_9_6h, OpenSSL_0_9_6h, OpenSSL_0_9_7-beta4, OpenSSL-engine-0_9_6g, OpenSSL_0_9_6g, OpenSSL-engine-0_9_6f, OpenSSL_0_9_6f, OpenSSL_0_9_7-beta3, OpenSSL-engine-0_9_6e, OpenSSL_0_9_6e, OpenSSL_0_9_7-beta2, OpenSSL_0_9_7-beta1, AFTER_COMPAQ_PATCH, BEFORE_COMPAQ_PATCH, OpenSSL-engine-0_9_6d, OpenSSL_0_9_6d, OpenSSL-engine-0_9_6d-beta1, OpenSSL_0_9_6d-beta1 |
|
| #
26414ee0 |
| 28-Feb-2002 |
Richard Levitte |
Increase internal security when using strncpy, by making sure the resulting string is NUL-terminated
|
|
Revision tags: OpenSSL-engine-0_9_6c, OpenSSL_0_9_6c, OpenSSL-engine-0_9_6b, OpenSSL_0_9_6b |
|
| #
1e325f61 |
| 26-Jun-2001 |
Dr. Stephen Henson |
Handle empty X509_NAME in printing routines.
|
