#
c7340583 |
| 23-Aug-2022 |
FdaSilvaYY |
crypto/*: Fix various typos, repeated words, align some spelling to LDP. partially revamped from #16712 - fall thru -> fall through - time stamp -> timestamp - host name -> hostname
crypto/*: Fix various typos, repeated words, align some spelling to LDP. partially revamped from #16712 - fall thru -> fall through - time stamp -> timestamp - host name -> hostname - ipv6 -> IPv6 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19059)
show more ...
|
#
e077455e |
| 29-Sep-2022 |
Richard Levitte |
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from,
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19301)
show more ...
|
#
cb0c36d1 |
| 23-May-2022 |
Bernd Edlinger |
Fix style nits in crl_set_issuers Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18385)
|
#
e9007e09 |
| 21-May-2022 |
Bernd Edlinger |
Fix a memory leak in crl_set_issuers This can be reproduced with my error injection patch. The test vector has been validated on the 1.1.1 branch but the issue is of course iden
Fix a memory leak in crl_set_issuers This can be reproduced with my error injection patch. The test vector has been validated on the 1.1.1 branch but the issue is of course identical in all branches. $ ERROR_INJECT=1653520461 ../util/shlib_wrap.sh ./cms-test ./corpora/cms/3eff1d2f1232bd66d5635db2c3f9e7f23830dfd1 log file: cms-3eff1d2f1232bd66d5635db2c3f9e7f23830dfd1-32454-test.out ERROR_INJECT=1653520461 #0 0x7fd5d8b8eeba in __sanitizer_print_stack_trace ../../../../gcc-trunk/libsanitizer/asan/asan_stack.cpp:87 #1 0x402fc4 in my_realloc fuzz/test-corpus.c:129 #2 0x7fd5d8893c49 in sk_reserve crypto/stack/stack.c:198 #3 0x7fd5d8893c49 in OPENSSL_sk_insert crypto/stack/stack.c:242 #4 0x7fd5d88d6d7f in sk_GENERAL_NAMES_push include/openssl/x509v3.h:168 #5 0x7fd5d88d6d7f in crl_set_issuers crypto/x509/x_crl.c:111 #6 0x7fd5d88d6d7f in crl_cb crypto/x509/x_crl.c:246 #7 0x7fd5d85dc032 in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:432 #8 0x7fd5d85dcaf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643 #9 0x7fd5d85dd288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518 #10 0x7fd5d85db2b5 in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:259 #11 0x7fd5d85dc813 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:611 #12 0x7fd5d85dd288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518 #13 0x7fd5d85db9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382 #14 0x7fd5d85dca28 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:633 #15 0x7fd5d85dd288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518 #16 0x7fd5d85db9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382 #17 0x7fd5d85dcaf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643 #18 0x7fd5d85dd7d3 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:494 #19 0x7fd5d85db9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382 #20 0x7fd5d85ddd1f in ASN1_item_ex_d2i crypto/asn1/tasn_dec.c:124 #21 0x7fd5d85dde35 in ASN1_item_d2i crypto/asn1/tasn_dec.c:114 #22 0x7fd5d85a77e0 in ASN1_item_d2i_bio crypto/asn1/a_d2i_fp.c:69 #23 0x402845 in FuzzerTestOneInput fuzz/cms.c:43 #24 0x402bbb in testfile fuzz/test-corpus.c:182 #25 0x402626 in main fuzz/test-corpus.c:226 #26 0x7fd5d7c81f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44) #27 0x402706 (/home/ed/OPC/openssl/fuzz/cms-test+0x402706) ================================================================= ==29625==ERROR: LeakSanitizer: detected memory leaks Direct leak of 32 byte(s) in 1 object(s) allocated from: #0 0x7fd5d8b8309f in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:69 #1 0x7fd5d87c2430 in CRYPTO_zalloc crypto/mem.c:230 #2 0x7fd5d889501f in OPENSSL_sk_new_reserve crypto/stack/stack.c:209 #3 0x7fd5d85dcbc3 in sk_ASN1_VALUE_new_null include/openssl/asn1t.h:928 #4 0x7fd5d85dcbc3 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:577 #5 0x7fd5d85dd288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518 #6 0x7fd5d85db104 in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:178 #7 0x7fd5d85ddd1f in ASN1_item_ex_d2i crypto/asn1/tasn_dec.c:124 #8 0x7fd5d85dde35 in ASN1_item_d2i crypto/asn1/tasn_dec.c:114 #9 0x7fd5d88f86d9 in X509V3_EXT_d2i crypto/x509v3/v3_lib.c:142 #10 0x7fd5d88d6d3c in crl_set_issuers crypto/x509/x_crl.c:97 #11 0x7fd5d88d6d3c in crl_cb crypto/x509/x_crl.c:246 #12 0x7fd5d85dc032 in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:432 #13 0x7fd5d85dcaf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643 #14 0x7fd5d85dd288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518 #15 0x7fd5d85db2b5 in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:259 #16 0x7fd5d85dc813 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:611 #17 0x7fd5d85dd288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518 #18 0x7fd5d85db9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382 #19 0x7fd5d85dca28 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:633 #20 0x7fd5d85dd288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518 #21 0x7fd5d85db9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382 #22 0x7fd5d85dcaf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643 #23 0x7fd5d85dd7d3 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:494 #24 0x7fd5d85db9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382 #25 0x7fd5d85ddd1f in ASN1_item_ex_d2i crypto/asn1/tasn_dec.c:124 #26 0x7fd5d85dde35 in ASN1_item_d2i crypto/asn1/tasn_dec.c:114 #27 0x7fd5d85a77e0 in ASN1_item_d2i_bio crypto/asn1/a_d2i_fp.c:69 #28 0x402845 in FuzzerTestOneInput fuzz/cms.c:43 #29 0x402bbb in testfile fuzz/test-corpus.c:182 #30 0x402626 in main fuzz/test-corpus.c:226 #31 0x7fd5d7c81f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44) SUMMARY: AddressSanitizer: 32 byte(s) leaked in 1 allocation(s). Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18391)
show more ...
|
#
557825ac |
| 20-May-2022 |
Bernd Edlinger |
Fix a crash in asn1_item_embed_new This happens usually if an template object is created and there is an out of memory error before the ASN1_OP_NEW_POST method is called, but asn1_it
Fix a crash in asn1_item_embed_new This happens usually if an template object is created and there is an out of memory error before the ASN1_OP_NEW_POST method is called, but asn1_item_embed_free calls now the ASN1_OP_FREE_POST which may crash because the object is not properly initialized. Apparently that is only an issue with the ASN1_OP_FREE_POST handling of crypot/x509/x_crl.c, which ought to be tolerant to incomplete initialized objects. The error can be reproduced with the reproducible error injection patch: $ ERROR_INJECT=1652890550 ../util/shlib_wrap.sh ./asn1-test ./corpora/asn1/0ff17293911f54d1538b9896563a4048d67d9ee4 #0 0x7faae9dbeeba in __sanitizer_print_stack_trace ../../../../gcc-trunk/libsanitizer/asan/asan_stack.cpp:87 #1 0x408dc4 in my_malloc fuzz/test-corpus.c:114 #2 0x7faae99f2430 in CRYPTO_zalloc crypto/mem.c:230 #3 0x7faae97f09e5 in ASN1_STRING_type_new crypto/asn1/asn1_lib.c:341 #4 0x7faae98118f7 in asn1_primitive_new crypto/asn1/tasn_new.c:318 #5 0x7faae9812401 in asn1_item_embed_new crypto/asn1/tasn_new.c:78 #6 0x7faae9812401 in asn1_template_new crypto/asn1/tasn_new.c:240 #7 0x7faae9812315 in asn1_item_embed_new crypto/asn1/tasn_new.c:137 #8 0x7faae9812315 in asn1_template_new crypto/asn1/tasn_new.c:240 #9 0x7faae9812a54 in asn1_item_embed_new crypto/asn1/tasn_new.c:137 #10 0x7faae9812a54 in ASN1_item_ex_new crypto/asn1/tasn_new.c:39 #11 0x7faae980be51 in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:325 #12 0x7faae980c813 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:611 #13 0x7faae980d288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518 #14 0x7faae980b9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382 #15 0x7faae980caf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643 #16 0x7faae980d7d3 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:494 #17 0x7faae980b9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382 #18 0x7faae980dd1f in ASN1_item_ex_d2i crypto/asn1/tasn_dec.c:124 #19 0x7faae980de35 in ASN1_item_d2i crypto/asn1/tasn_dec.c:114 #20 0x40712c in FuzzerTestOneInput fuzz/asn1.c:301 #21 0x40893b in testfile fuzz/test-corpus.c:182 #22 0x406b86 in main fuzz/test-corpus.c:226 #23 0x7faae8eb1f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44) AddressSanitizer:DEADLYSIGNAL ================================================================= ==1194==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000010 (pc 0x7faae9b0625f bp 0x7fffffe41a00 sp 0x7fffffe41920 T0) ==1194==The signal is caused by a READ memory access. ==1194==Hint: address points to the zero page. #0 0x7faae9b0625f in crl_cb crypto/x509/x_crl.c:258 #1 0x7faae9811255 in asn1_item_embed_free crypto/asn1/tasn_fre.c:113 #2 0x7faae9812a65 in asn1_item_embed_new crypto/asn1/tasn_new.c:150 #3 0x7faae9812a65 in ASN1_item_ex_new crypto/asn1/tasn_new.c:39 #4 0x7faae980be51 in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:325 #5 0x7faae980c813 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:611 #6 0x7faae980d288 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:518 #7 0x7faae980b9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382 #8 0x7faae980caf5 in asn1_template_noexp_d2i crypto/asn1/tasn_dec.c:643 #9 0x7faae980d7d3 in asn1_template_ex_d2i crypto/asn1/tasn_dec.c:494 #10 0x7faae980b9ce in asn1_item_embed_d2i crypto/asn1/tasn_dec.c:382 #11 0x7faae980dd1f in ASN1_item_ex_d2i crypto/asn1/tasn_dec.c:124 #12 0x7faae980de35 in ASN1_item_d2i crypto/asn1/tasn_dec.c:114 #13 0x40712c in FuzzerTestOneInput fuzz/asn1.c:301 #14 0x40893b in testfile fuzz/test-corpus.c:182 #15 0x406b86 in main fuzz/test-corpus.c:226 #16 0x7faae8eb1f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV crypto/x509/x_crl.c:258 in crl_cb ==1194==ABORTING Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18360)
show more ...
|
#
1287dabd |
| 26-Oct-2021 |
x2018 |
fix some code with obvious wrong coding style Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org
fix some code with obvious wrong coding style Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16918)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15 |
|
#
5c107243 |
| 12-Apr-2021 |
Shane Lontis |
Add some additional NULL checks to prevent segfaults. Fixes #14809 PR #14752 attempted to pass the libctx, propq in a few places related to X509 signing. There were a few places
Add some additional NULL checks to prevent segfaults. Fixes #14809 PR #14752 attempted to pass the libctx, propq in a few places related to X509 signing. There were a few places that needed additional NULL checks so that they behavethe same as they did before. OCSP_basic_sign() was changed to call EVP_DigestSignInit_ex() which passed the parameter EVP_MD_name(dgst). Since dgst can be NULL EVP_MD_name() was segfaulting. Adding an additional NULL check EVP_MD_name() resolves this issue. The other NULL checks are required to produce errors rather than segfaults if the certificate is NULL. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14826)
show more ...
|
Revision tags: openssl-3.0.0-alpha14 |
|
#
e6c2f964 |
| 31-Mar-2021 |
Shane Lontis |
Fix more certificate related lib_ctx settings. Fixes #13732 Fix a few places that were not using the '_ex' variants of ASN1_item_sign/verify. Added X509_CRL_new_ex().
Fix more certificate related lib_ctx settings. Fixes #13732 Fix a few places that were not using the '_ex' variants of ASN1_item_sign/verify. Added X509_CRL_new_ex(). Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14752)
show more ...
|
Revision tags: OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
#
4669015d |
| 09-Mar-2021 |
Shane Lontis |
Add ossl_ x509 symbols Partial fix for #12964 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
|
#
cd3f8c1b |
| 18-Feb-2021 |
Rich Salz |
Always check CRYPTO_LOCK_{read,write}_lock Some functions that lock things are void, so we just return early. Also make ossl_namemap_empty return 0 on error. Updated the docs, and
Always check CRYPTO_LOCK_{read,write}_lock Some functions that lock things are void, so we just return early. Also make ossl_namemap_empty return 0 on error. Updated the docs, and added some code to ossl_namemap_stored() to handle the failure, and updated the tests to allow for failure. Fixes: #14230 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14238)
show more ...
|
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11 |
|
#
4333b89f |
| 28-Jan-2021 |
Richard Levitte |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13999)
|
Revision tags: openssl-3.0.0-alpha10 |
|
#
f2a04587 |
| 30-Dec-2020 |
Dr. David von Oheimb |
X509_cmp(): Fix comparison in case x509v3_cache_extensions() failed to due to invalid cert This is the upstream fix for #13698 reported for v1.1.1 Reviewed-by: Tomas Mraz <tmraz@fed
X509_cmp(): Fix comparison in case x509v3_cache_extensions() failed to due to invalid cert This is the upstream fix for #13698 reported for v1.1.1 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13755)
show more ...
|
Revision tags: OpenSSL_1_1_1i |
|
#
c22139a7 |
| 02-Dec-2020 |
Shane Lontis |
Fix x509_crl propq so that it uses a copy Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/opens
Fix x509_crl propq so that it uses a copy Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12700)
show more ...
|
Revision tags: openssl-3.0.0-alpha9, openssl-3.0.0-alpha8 |
|
#
9311d0c4 |
| 04-Nov-2020 |
Richard Levitte |
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call This includes error reporting for libcrypto sub-libraries in surprising places. This was done using ut
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318)
show more ...
|
Revision tags: openssl-3.0.0-alpha7 |
|
#
b4250010 |
| 15-Oct-2020 |
Dr. Matthias St. Pierre |
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
show more ...
|
Revision tags: OpenSSL_1_1_1h |
|
#
e144fd36 |
| 03-Sep-2020 |
Matt Caswell |
Fix safestack issues in x509v3.h Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull
Fix safestack issues in x509v3.h Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12781)
show more ...
|
#
e6623cfb |
| 03-Sep-2020 |
Matt Caswell |
Fix safestack issues in x509.h Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/1
Fix safestack issues in x509.h Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12781)
show more ...
|
Revision tags: openssl-3.0.0-alpha6 |
|
#
34b80d06 |
| 22-Jul-2020 |
Richard Levitte |
STORE: Modify to support loading with provider based loaders This adds the needed code to make the OSSL_STORE API functions handle provided STORE implementations. This also modi
STORE: Modify to support loading with provider based loaders This adds the needed code to make the OSSL_STORE API functions handle provided STORE implementations. This also modifies OSSL_STORE_attach() for have the URI, the library context and the properties in the same order as OSSL_STORE_open_with_libctx(). The most notable change, though, is how this creates a division of labor between libcrypto and any storemgmt implementation that wants to pass X.509, X.509 CRL, etc structures back to libcrypto. Since those structures aren't directly supported in the libcrypto <-> provider interface (asymmetric keys being the only exception so far), we resort to a libcrypto object callback that can handle passed data in DER form and does its part of figuring out what the DER content actually is. This also adds the internal x509_crl_set0_libctx(), which works just like x509_set0_libctx(), but for X509_CRL. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12512)
show more ...
|
Revision tags: openssl-3.0.0-alpha5 |
|
#
1337a3a9 |
| 13-Jul-2020 |
Dr. David von Oheimb |
Constify X509_check_akid and prefer using X509_get0_serialNumber over X509_get_serialNumber Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/open
Constify X509_check_akid and prefer using X509_get0_serialNumber over X509_get_serialNumber Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12375)
show more ...
|
Revision tags: openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u |
|
#
852c2ed2 |
| 19-Dec-2019 |
Rich Salz |
In OpenSSL builds, declare STACK for datatypes ... ... and only *define* them in the source files that need them. Use DEFINE_OR_DECLARE which is set appropriately for internal builds
In OpenSSL builds, declare STACK for datatypes ... ... and only *define* them in the source files that need them. Use DEFINE_OR_DECLARE which is set appropriately for internal builds and not non-deprecated builds. Deprecate stack-of-block Better documentation Move some ASN1 struct typedefs to types.h Update ParseC to handle this. Most of all, ParseC needed to be more consistent. The handlers are "recursive", in so far that they are called again and again until they terminate, which depends entirely on what the "massager" returns. There's a comment at the beginning of ParseC that explains how that works. {Richard Levtte} Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10669)
show more ...
|
#
8cc86b81 |
| 23-Mar-2020 |
Dr. David von Oheimb |
Constify various mostly X509-related parameter types in crypto/ and apps/ in particular X509_NAME*, X509_STORE{,_CTX}*, and ASN1_INTEGER *, also some result types of new functions, which
Constify various mostly X509-related parameter types in crypto/ and apps/ in particular X509_NAME*, X509_STORE{,_CTX}*, and ASN1_INTEGER *, also some result types of new functions, which does not break compatibility Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/10504)
show more ...
|
#
7e06a675 |
| 04-Jan-2020 |
Bernd Edlinger |
Fix error handling in x509v3_cache_extensions and related functions Basically we use EXFLAG_INVALID for all kinds of out of memory and all kinds of parse errors in x509v3_cache_extension
Fix error handling in x509v3_cache_extensions and related functions Basically we use EXFLAG_INVALID for all kinds of out of memory and all kinds of parse errors in x509v3_cache_extensions. [extended tests] Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10755)
show more ...
|
#
706457b7 |
| 27-Sep-2019 |
Dr. Matthias St. Pierre |
Reorganize local header files Apart from public and internal header files, there is a third type called local header files, which are located next to source files in the source direc
Reorganize local header files Apart from public and internal header files, there is a third type called local header files, which are located next to source files in the source directory. Currently, they have different suffixes like '*_lcl.h', '*_local.h', or '*_int.h' This commit changes the different suffixes to '*_local.h' uniformly. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
show more ...
|
#
25f2138b |
| 27-Sep-2019 |
Dr. Matthias St. Pierre |
Reorganize private crypto header files Currently, there are two different directories which contain internal header files of libcrypto which are meant to be shared internally: W
Reorganize private crypto header files Currently, there are two different directories which contain internal header files of libcrypto which are meant to be shared internally: While header files in 'include/internal' are intended to be shared between libcrypto and libssl, the files in 'crypto/include/internal' are intended to be shared inside libcrypto only. To make things complicated, the include search path is set up in such a way that the directive #include "internal/file.h" could refer to a file in either of these two directoroes. This makes it necessary in some cases to add a '_int.h' suffix to some files to resolve this ambiguity: #include "internal/file.h" # located in 'include/internal' #include "internal/file_int.h" # located in 'crypto/include/internal' This commit moves the private crypto headers from 'crypto/include/internal' to 'include/crypto' As a result, the include directives become unambiguous #include "internal/file.h" # located in 'include/internal' #include "crypto/file.h" # located in 'include/crypto' hence the superfluous '_int.h' suffixes can be stripped. The files 'store_int.h' and 'store.h' need to be treated specially; they are joined into a single file. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
show more ...
|
Revision tags: OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
#
a7276279 |
| 29-Jan-2019 |
Bernd Edlinger |
Fix a memory leak with di2_X509_CRL reuse Additionally avoid undefined behavior with in-place memcpy in X509_CRL_digest. Fixes #8099 Reviewed-by: Matt Caswell <matt@ope
Fix a memory leak with di2_X509_CRL reuse Additionally avoid undefined behavior with in-place memcpy in X509_CRL_digest. Fixes #8099 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8112)
show more ...
|