#
26a7d938 |
| 17-Oct-2017 |
KaoruToda |
Remove parentheses of return. Since return is inconsistent, I removed unnecessary parentheses and unified them. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt
Remove parentheses of return. Since return is inconsistent, I removed unnecessary parentheses and unified them. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4541)
show more ...
|
#
32f3b98d |
| 08-Oct-2017 |
Andy Polyakov |
crypto/x509v3/v3_utl.c, ssl/ssl_cert.c: fix Coverity problems. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4492)
|
#
f32b0abe |
| 28-Sep-2017 |
Pauli |
Remove unnecessary #include <openssl/lhash.h> directives. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4431)
|
#
e431363f |
| 18-Sep-2017 |
Pauli |
Add stack space reservations. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4386)
|
#
07016a8a |
| 23-Aug-2017 |
Pauli |
Move e_os.h to be the very first include. cryptilib.h is the second. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged fro
Move e_os.h to be the very first include. cryptilib.h is the second. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4188)
show more ...
|
#
cd420b0b |
| 21-Aug-2017 |
Pauli |
Move the REF_PRINT support from e_os.h to internal/refcount.h. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://
Move the REF_PRINT support from e_os.h to internal/refcount.h. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4188)
show more ...
|
#
677963e5 |
| 18-Aug-2017 |
Pauli |
e_os.h removal from other headers and source files. Removed e_os.h from all bar three headers (apps/apps.h crypto/bio/bio_lcl.h and ssl/ssl_locl.h). Added e_os.h into the files
e_os.h removal from other headers and source files. Removed e_os.h from all bar three headers (apps/apps.h crypto/bio/bio_lcl.h and ssl/ssl_locl.h). Added e_os.h into the files that need it now. Directly reference internal/nelem.h when required. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4188)
show more ...
|
#
b379fe6c |
| 25-Aug-2017 |
Richard Levitte |
NO_SYS_TYPES_H isn't defined anywhere, stop using it as a guard This is a vestige from pre-1.1.0 OpenSSL Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.c
NO_SYS_TYPES_H isn't defined anywhere, stop using it as a guard This is a vestige from pre-1.1.0 OpenSSL Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4256)
show more ...
|
#
cd933ebd |
| 08-Jul-2017 |
Dr. Stephen Henson |
Move certificate table to header file so it can be tested. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3858)
|
#
c04cd728 |
| 28-Jun-2017 |
Dr. Stephen Henson |
Add certificate properties table. Add certificate table giving properties of each certificate index: specifically the NID associated with the index and the the auth mask value for an
Add certificate properties table. Add certificate table giving properties of each certificate index: specifically the NID associated with the index and the the auth mask value for any cipher the certificate can be used with. This will be used to generalise certificate handling instead of hard coding algorithm specific cases. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3858)
show more ...
|
#
aa8f3d76 |
| 15-Jun-2017 |
Rich Salz |
Modify Sun copyright to follow OpenSSL style Approved by Oracle. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/358
Modify Sun copyright to follow OpenSSL style Approved by Oracle. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/3585)
show more ...
|
Revision tags: OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16 |
|
#
c0452248 |
| 20-Apr-2017 |
Rich Salz |
Ignore dups in X509_STORE_add_* X509_STORE_add_cert and X509_STORE_add_crl are changed to return success if the object to be added was already found in the store, rather than returni
Ignore dups in X509_STORE_add_* X509_STORE_add_cert and X509_STORE_add_crl are changed to return success if the object to be added was already found in the store, rather than returning an error. Raise errors if empty or malformed files are read when loading certificates and CRLs. Remove NULL checks and allow a segv to occur. Add error handing for all calls to X509_STORE_add_c{ert|tl} Refactor these two routines into one. Bring the unit test for duplicate certificates up to date using the test framework. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2830)
show more ...
|
#
43ae5eed |
| 05-Apr-2017 |
Matt Caswell |
Implement a new custom extensions API The old custom extensions API was not TLSv1.3 aware. Extensions are used extensively in TLSv1.3 and they can appear in many different types of m
Implement a new custom extensions API The old custom extensions API was not TLSv1.3 aware. Extensions are used extensively in TLSv1.3 and they can appear in many different types of messages. Therefore we need a new API to be able to cope with that. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3139)
show more ...
|
#
86135bed |
| 31-Mar-2017 |
Dr. Stephen Henson |
Constify SSL_dup_CA_list() Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3015)
|
#
fa7c2637 |
| 13-Mar-2017 |
Dr. Stephen Henson |
New certificate_authorities functions Add functions to add/retrieve the certificate_authorities. The older client_CA functions mainly just call the new versions now. Rename fiel
New certificate_authorities functions Add functions to add/retrieve the certificate_authorities. The older client_CA functions mainly just call the new versions now. Rename fields sice new extension can be generated by client and server. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3015)
show more ...
|
#
f8f16d8e |
| 16-Mar-2017 |
Dr. Stephen Henson |
Remove obsolete version test when returning CA names. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2969)
|
#
75c13e78 |
| 23-Feb-2017 |
Dr. Stephen Henson |
Tidy up certificate type handling. The certificate types used to be held in a fixed length array or (if it was too long) a malloced buffer. This was done to retain binary compatibili
Tidy up certificate type handling. The certificate types used to be held in a fixed length array or (if it was too long) a malloced buffer. This was done to retain binary compatibility. The code can be simplified now SSL is opaque by always using a malloced buffer. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2733)
show more ...
|
Revision tags: OpenSSL_1_1_0e |
|
#
d0ff28f8 |
| 10-Feb-2017 |
Dr. Stephen Henson |
Replace SSL_PKEY_RSA_ENC, SSL_PKEY_RSA_SIGN The original intent of SSL_PKEY_RSA_SIGN and SSL_PKEY_RSA_ENC was to support two different keys for RSA signing and decrypt. However this
Replace SSL_PKEY_RSA_ENC, SSL_PKEY_RSA_SIGN The original intent of SSL_PKEY_RSA_SIGN and SSL_PKEY_RSA_ENC was to support two different keys for RSA signing and decrypt. However this was never implemented and we only ever set one key and the other was always NULL. Replace with single SSL_PKEY_RSA type. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2587)
show more ...
|
Revision tags: OpenSSL_1_0_2k, OpenSSL_1_1_0d |
|
#
703bcee0 |
| 14-Dec-2016 |
Matt Caswell |
Convert Sigalgs processing to use ints In TLSv1.2 an individual sig alg is represented by 1 byte for the hash and 1 byte for the signature. In TLSv1.3 each sig alg is represented by
Convert Sigalgs processing to use ints In TLSv1.2 an individual sig alg is represented by 1 byte for the hash and 1 byte for the signature. In TLSv1.3 each sig alg is represented by two bytes, where the two bytes together represent a single hash and signature combination. This converts the internal representation of sigalgs to use a single int for the pair, rather than a pair of bytes. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2157)
show more ...
|
#
e96e0f8e |
| 02-Dec-2016 |
Matt Caswell |
Create Certificate messages in TLS1.3 format Also updates TLSProxy to be able to understand the format and parse the contained extensions. Reviewed-by: Rich Salz <rsalz@openssl.
Create Certificate messages in TLS1.3 format Also updates TLSProxy to be able to understand the format and parse the contained extensions. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2020)
show more ...
|
Revision tags: OpenSSL-fips-2_0_15, OpenSSL-fips-2_0_14, OpenSSL_1_1_0c, OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a |
|
#
2f545ae4 |
| 27-Aug-2016 |
Kurt Roeckx |
Add support for reference counting using C11 atomics Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #1500
|
#
418a18a2 |
| 20-Sep-2016 |
Matt Caswell |
Style tweaks following review feedback Reviewed-by: Rich Salz <rsalz@openssl.org>
|
#
c49e1912 |
| 14-Sep-2016 |
Matt Caswell |
Convert Certificate message construction to WPACKET Reviewed-by: Rich Salz <rsalz@openssl.org>
|
Revision tags: OpenSSL_1_1_0 |
|
#
a230b26e |
| 05-Aug-2016 |
Emilia Kasper |
Indent ssl/ Run util/openssl-format-source on ssl/ Some comments and hand-formatted tables were fixed up manually by disabling auto-formatting. Reviewed-by: Rich Salz <
Indent ssl/ Run util/openssl-format-source on ssl/ Some comments and hand-formatted tables were fixed up manually by disabling auto-formatting. Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_1_0-pre6 |
|
#
c2e4e5d2 |
| 19-Jul-2016 |
Richard Levitte |
Change all our uses of CRYPTO_THREAD_run_once to use RUN_ONCE instead That way, we have a way to check if the init function was successful or not. Reviewed-by: Kurt Roeckx <kurt
Change all our uses of CRYPTO_THREAD_run_once to use RUN_ONCE instead That way, we have a way to check if the init function was successful or not. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
show more ...
|