| #
e077455e |
| 29-Sep-2022 |
Richard Levitte |
Stop raising ERR_R_MALLOC_FAILURE in most places
Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and
at least handle the file name and line number they are called from,
Stop raising ERR_R_MALLOC_FAILURE in most places
Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and
at least handle the file name and line number they are called from,
there's no need to report ERR_R_MALLOC_FAILURE where they are called
directly, or when SSLfatal() and RLAYERfatal() is used, the reason
`ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`.
There were a number of places where `ERR_R_MALLOC_FAILURE` was reported
even though it was a function from a different sub-system that was
called. Those places are changed to report ERR_R_{lib}_LIB, where
{lib} is the name of that sub-system.
Some of them are tricky to get right, as we have a lot of functions
that belong in the ASN1 sub-system, and all the `sk_` calls or from
the CRYPTO sub-system.
Some extra adaptation was necessary where there were custom OPENSSL_malloc()
wrappers, and some bugs are fixed alongside these changes.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19301)
show more ...
|
| #
26b3e44a |
| 31-May-2021 |
Pauli |
bn: remove TODOs
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
|
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
| #
8020d79b |
| 11-Mar-2021 |
Matt Caswell |
Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14512)
|
| #
2ad5bbe3 |
| 02-Mar-2021 |
Tomas Mraz |
bn_ctx.c: Remove TODO 3.0 related to tracing in FIPS module
We do not want tracing in the FIPS module.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com
bn_ctx.c: Remove TODO 3.0 related to tracing in FIPS module
We do not want tracing in the FIPS module.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)
show more ...
|
| #
94553e85 |
| 19-Feb-2021 |
Shane Lontis |
Fix external symbols for bn
Partial fix for #12964
This adds ossl_ names for symbols related to bn_*
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from htt
Fix external symbols for bn
Partial fix for #12964
This adds ossl_ names for symbols related to bn_*
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14296)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8 |
|
| #
9311d0c4 |
| 04-Nov-2020 |
Richard Levitte |
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call
This includes error reporting for libcrypto sub-libraries in surprising
places.
This was done using ut
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call
This includes error reporting for libcrypto sub-libraries in surprising
places.
This was done using util/err-to-raise
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13318)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha7 |
|
| #
a829b735 |
| 15-Oct-2020 |
Dr. Matthias St. Pierre |
Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx'
This change makes the naming more consistent, because three different terms
were used for the same thing. (The term
Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx'
This change makes the naming more consistent, because three different terms
were used for the same thing. (The term libctx was used by far most often.)
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12621)
show more ...
|
| #
b4250010 |
| 15-Oct-2020 |
Dr. Matthias St. Pierre |
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX
Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix,
e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX
Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix,
e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
The OPENSSL_CTX type stands out a little by using a different prefix.
For consistency reasons, this type is renamed to OSSL_LIB_CTX.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12621)
show more ...
|
|
Revision tags: OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2 |
|
| #
454afd98 |
| 15-May-2020 |
Matt Caswell |
Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11839)
|
|
Revision tags: openssl-3.0.0-alpha1, OpenSSL_1_1_1g |
|
| #
f844f9eb |
| 13-Apr-2020 |
Richard Levitte |
Rename FIPS_MODE to FIPS_MODULE
This macro is used to determine if certain pieces of code should
become part of the FIPS module or not. The old name was confusing.
Fixes #11538
Rename FIPS_MODE to FIPS_MODULE
This macro is used to determine if certain pieces of code should
become part of the FIPS module or not. The old name was confusing.
Fixes #11538
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11539)
show more ...
|
|
Revision tags: OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u |
|
| #
706457b7 |
| 27-Sep-2019 |
Dr. Matthias St. Pierre |
Reorganize local header files
Apart from public and internal header files, there is a third type called
local header files, which are located next to source files in the source
direc
Reorganize local header files
Apart from public and internal header files, there is a third type called
local header files, which are located next to source files in the source
directory. Currently, they have different suffixes like
'*_lcl.h', '*_local.h', or '*_int.h'
This commit changes the different suffixes to '*_local.h' uniformly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9333)
show more ...
|
|
Revision tags: OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d |
|
| #
2934be91 |
| 04-Jul-2019 |
Matt Caswell |
Make sure all BIGNUM operations work within the FIPS provider
The FIPS provider does not have a default OPENSSL_CTX so, where
necessary, we need to ensure we can always access an explici
Make sure all BIGNUM operations work within the FIPS provider
The FIPS provider does not have a default OPENSSL_CTX so, where
necessary, we need to ensure we can always access an explicit
OPENSSL_CTX. We remove functions from the FIPS provider that use
the default OPENSSL_CTX, and fixup some places which were using
those removed functions.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9310)
show more ...
|
| #
ee1d4f3d |
| 28-Jun-2019 |
Matt Caswell |
Make BIGNUM rand functions available within the FIPS module
The BIGNUM rand functions were previously disabled for the FIPS module.
We can now re-enable them.
Reviewed-by: Matth
Make BIGNUM rand functions available within the FIPS module
The BIGNUM rand functions were previously disabled for the FIPS module.
We can now re-enable them.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9193)
show more ...
|
| #
aff96597 |
| 14-Jun-2019 |
Matt Caswell |
Fix building with enable-trace
Tracing doesn't work in the FIPS module. Ensure we switch it off there.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lont
Fix building with enable-trace
Tracing doesn't work in the FIPS module. Ensure we switch it off there.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9159)
show more ...
|
| #
636b087e |
| 29-May-2019 |
Matt Caswell |
Make BIGNUM code available from within the FIPS module
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://git
Make BIGNUM code available from within the FIPS module
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9130)
show more ...
|
| #
7bc081dd |
| 29-May-2019 |
Matt Caswell |
Create BN_CTX_new_ex() and BN_CTX_secure_new_ex()
These variants of BN_CTX_new() and BN_CTX_secure_new() enable passing
an OPENSSL_CTX so that we can access this where needed throughout
Create BN_CTX_new_ex() and BN_CTX_secure_new_ex()
These variants of BN_CTX_new() and BN_CTX_secure_new() enable passing
an OPENSSL_CTX so that we can access this where needed throughout the
BIGNUM sub library.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9130)
show more ...
|
|
Revision tags: OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s |
|
| #
ce1415ed |
| 18-Mar-2019 |
Shane Lontis |
Added NULL check to BN_clear() & BN_CTX_end()
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl
Added NULL check to BN_clear() & BN_CTX_end()
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8518)
show more ...
|
|
Revision tags: OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
| #
6e810f2d |
| 13-Dec-2018 |
Richard Levitte |
Adapt BN_CTX_DEBUG to the new generic trace API
Co-authored-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from
Adapt BN_CTX_DEBUG to the new generic trace API
Co-authored-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8198)
show more ...
|
| #
c8147d37 |
| 08-Feb-2019 |
Nicola Tuveri |
Clear BN_FLG_CONSTTIME on BN_CTX_get()
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8253)
|
| #
df443918 |
| 31-Jan-2019 |
Sam Roberts |
Remove unnecessary trailing whitespace
Trim trailing whitespace. It doesn't match OpenSSL coding standards,
AFAICT, and it can cause problems with git tooling.
Trailing whitespa
Remove unnecessary trailing whitespace
Trim trailing whitespace. It doesn't match OpenSSL coding standards,
AFAICT, and it can cause problems with git tooling.
Trailing whitespace remains in test data and external source.
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8092)
show more ...
|
| #
367ace68 |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in crypto/bn/
[skip ci]
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7
Following the license change, modify the boilerplates in crypto/bn/
[skip ci]
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7777)
show more ...
|
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5 |
|
| #
28428130 |
| 17-Apr-2018 |
Richard Levitte |
Update copyright year
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5990)
|
| #
cdb10bae |
| 03-Apr-2018 |
Rich Salz |
Set error code on alloc failures
Almost all *alloc failures now set an error code.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.co
Set error code on alloc failures
Almost all *alloc failures now set an error code.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5842)
show more ...
|
|
Revision tags: OpenSSL_1_1_1-pre4 |
|
| #
e6e9170d |
| 27-Mar-2018 |
Rich Salz |
Allow NULL for some _free routines.
Based on the description in https://github.com/openssl/openssl/pull/5757,
this re-implements the "allow NULL to be passed" behavior of a number of
Allow NULL for some _free routines.
Based on the description in https://github.com/openssl/openssl/pull/5757,
this re-implements the "allow NULL to be passed" behavior of a number of
xxx_free routines. I also fixed up some egregious formatting errors
that were nearby.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5761)
show more ...
|
|
Revision tags: OpenSSL_1_0_2o, OpenSSL_1_1_0h |
|
| #
320a8127 |
| 26-Mar-2018 |
Matt Caswell |
Remove some code for a contributor that we cannot find
This removes some code because we cannot trace the original contributor
to get their agreement for the licence change (original com
Remove some code for a contributor that we cannot find
This removes some code because we cannot trace the original contributor
to get their agreement for the licence change (original commit e03ddfae).
After this change there will be numerous failures in the test cases until
someone rewrites the missing code.
All *_free functions should accept a NULL parameter. After this change
the following *_free functions will fail if a NULL parameter is passed:
BIO_ACCEPT_free()
BIO_CONNECT_free()
BN_BLINDING_free()
BN_CTX_free()
BN_MONT_CTX_free()
BN_RECP_CTX_free()
BUF_MEM_free()
COMP_CTX_free()
ERR_STATE_free()
TXT_DB_free()
X509_STORE_free()
ssl3_free()
ssl_cert_free()
SSL_SESSION_free()
SSL_free()
[skip ci]
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5757)
show more ...
|
