#
e077455e |
| 29-Sep-2022 |
Richard Levitte |
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from,
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19301)
show more ...
|
#
1287dabd |
| 26-Oct-2021 |
x2018 |
fix some code with obvious wrong coding style Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org
fix some code with obvious wrong coding style Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16918)
show more ...
|
Revision tags: openssl-3.0.0-alpha17 |
|
#
0789c7d8 |
| 20-May-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15381)
|
#
cad4f3fa |
| 18-May-2021 |
Jake Cooke |
Add bounds checking to length returned by wcslen in wide_to_asc conversion to resolve integer overflow flaw Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@op
Add bounds checking to length returned by wcslen in wide_to_asc conversion to resolve integer overflow flaw Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15316)
show more ...
|
Revision tags: openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8 |
|
#
b9b2135d |
| 04-Nov-2020 |
Matt Caswell |
Don't clear the whole error stack when loading engines Loading the various built-in engines was unconditionally clearing the whole error stack. During config file processing processing a
Don't clear the whole error stack when loading engines Loading the various built-in engines was unconditionally clearing the whole error stack. During config file processing processing a .include directive which fails results in errors being added to the stack - but we carry on anyway. These errors were then later being removed by the engine loading code, meaning that problems with the .include directive never get shown. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13311)
show more ...
|
Revision tags: openssl-3.0.0-alpha7, OpenSSL_1_1_1h |
|
#
e6623cfb |
| 03-Sep-2020 |
Matt Caswell |
Fix safestack issues in x509.h Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/1
Fix safestack issues in x509.h Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12781)
show more ...
|
Revision tags: openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1 |
|
#
77ae4f6f |
| 22-Apr-2020 |
Pauli |
engines: fixed to work with EVP_*_meth calls deprecated Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11082)
|
#
cf8e8cba |
| 13-Jul-2020 |
Pauli |
deprecate engines Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12226)
|
#
454afd98 |
| 15-May-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11839)
|
Revision tags: OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u |
|
#
852c2ed2 |
| 19-Dec-2019 |
Rich Salz |
In OpenSSL builds, declare STACK for datatypes ... ... and only *define* them in the source files that need them. Use DEFINE_OR_DECLARE which is set appropriately for internal builds
In OpenSSL builds, declare STACK for datatypes ... ... and only *define* them in the source files that need them. Use DEFINE_OR_DECLARE which is set appropriately for internal builds and not non-deprecated builds. Deprecate stack-of-block Better documentation Move some ASN1 struct typedefs to types.h Update ParseC to handle this. Most of all, ParseC needed to be more consistent. The handlers are "recursive", in so far that they are called again and again until they terminate, which depends entirely on what the "massager" returns. There's a comment at the beginning of ParseC that explains how that works. {Richard Levtte} Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10669)
show more ...
|
#
12a765a5 |
| 16-Sep-2019 |
Rich Salz |
Explicitly test against NULL; do not use !p or similar Also added blanks lines after declarations in a couple of places. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Review
Explicitly test against NULL; do not use !p or similar Also added blanks lines after declarations in a couple of places. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9916)
show more ...
|
Revision tags: OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
#
ab3fa1c0 |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in engines/ [skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/783
Following the license change, modify the boilerplates in engines/ [skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7832)
show more ...
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1 |
|
#
37f49287 |
| 11-Sep-2018 |
Richard Levitte |
CAPI engine: add support for RSA_NO_PADDING Since the SSL code started using RSA_NO_PADDING, the CAPI engine became unusable. This change fixes that. Fixes #7131 Revie
CAPI engine: add support for RSA_NO_PADDING Since the SSL code started using RSA_NO_PADDING, the CAPI engine became unusable. This change fixes that. Fixes #7131 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7174)
show more ...
|
Revision tags: OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6 |
|
#
6ec5fce2 |
| 01-May-2018 |
Matt Caswell |
Update copyright year Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6145)
|
#
32c69853 |
| 26-Apr-2018 |
Dr. Matthias St. Pierre |
Fix mixed indentation (and other whitespace issues) Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6094)
|
Revision tags: OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g, OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16 |
|
#
8ab9af5e |
| 26-Mar-2017 |
Andy Polyakov |
engines/e_capi.c: slip in PROV_RSA_AES for interchangable CSP only. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https:/
engines/e_capi.c: slip in PROV_RSA_AES for interchangable CSP only. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3034)
show more ...
|
#
3a5b64b2 |
| 26-Mar-2017 |
Andy Polyakov |
engines/e_capi.c: adhere to CryptAcquireContextW unconditionally. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
|
#
8f0e5888 |
| 26-Mar-2017 |
Andy Polyakov |
engine/e_capi.c: more formatting and styling fixes. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
|
#
e08b444a |
| 24-Mar-2017 |
Andy Polyakov |
engines/e_capi.c: formatting and styling fixes. Reviewed-by: Richard Levitte <levitte@openssl.org>
|
Revision tags: OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d, OpenSSL-fips-2_0_15, OpenSSL-fips-2_0_14, OpenSSL_1_1_0c, OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a, OpenSSL_1_1_0, OpenSSL_1_1_0-pre6 |
|
#
f1f5ee17 |
| 26-Jun-2016 |
Andy Polyakov |
include/openssl: don't include <windows.h> in public headers. If application uses any of Windows-specific interfaces, make it application developer's respondibility to include <windows.h
include/openssl: don't include <windows.h> in public headers. If application uses any of Windows-specific interfaces, make it application developer's respondibility to include <windows.h>. Rationale is that <windows.h> is quite "toxic" and is sensitive to inclusion order (most notably in relation to <winsock2.h>). It's only natural to give complete control to the application developer. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
show more ...
|
#
7a533600 |
| 26-Jun-2016 |
Andy Polyakov |
engines/e_capi.c: accommodate recent DSA_SIG_[get|set]0 changes. Reviewed-by: Rich Salz <rsalz@openssl.org>
|
Revision tags: OpenSSL-fips-2_0_13 |
|
#
690b4621 |
| 04-May-2016 |
Matt Caswell |
Add some check for malloc failure in the CAPI engine In the CAPI engine there were some unchecked calls to OPENSSL_strdup(). GH Issue #830 Reviewed-by: Richard Levitte <lev
Add some check for malloc failure in the CAPI engine In the CAPI engine there were some unchecked calls to OPENSSL_strdup(). GH Issue #830 Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
#
440e5d80 |
| 17-May-2016 |
Rich Salz |
Copyright consolidation 02/10 Reviewed-by: Richard Levitte <levitte@openssl.org>
|
Revision tags: OpenSSL_1_0_1t, OpenSSL_1_0_2h |
|
#
f0483bf7 |
| 22-Apr-2016 |
Matt Caswell |
Fix capi engine for no-dsa The capi engine was failing to compile on Windows if the no-dsa option was selected. Reviewed-by: Richard Levitte <levitte@openssl.org>
|
Revision tags: OpenSSL_1_1_0-pre5 |
|
#
7e74eaa6 |
| 13-Apr-2016 |
Richard Levitte |
Rename internal symbol to follow internal naming pattern Reviewed-by: Matt Caswell <matt@openssl.org>
|