History log of /openssl/ (Results 10151 – 10175 of 36079)
Revision (<<< Hide revision tags) (Show revision tags >>>)Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
4f5e206d26-Apr-2020 Pauli

coverity 1462577: Incorrect expression

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11651)


test/param_build_test.c
92f0684d26-Apr-2020 Pauli

param bld: avoid freeing the param builder structure on error paths.

The param builder was recently modified so that it doesn't free the passed in
param builder structure. Some of the e

param bld: avoid freeing the param builder structure on error paths.

The param builder was recently modified so that it doesn't free the passed in
param builder structure. Some of the error paths didn't get synced up with this
change and resulted in double frees.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11651)

show more ...


crypto/param_build.c
bb4f391129-Apr-2020 Shane Lontis

Fix snprintf missing for windows build

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11675)


crypto/x509/v3_alt.c
588d5d0128-Apr-2020 Pauli

Undeprecate DH, DSA and RSA _bits() functions.

These were deemed information and useful and that they should not be
deprecated.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>

Undeprecate DH, DSA and RSA _bits() functions.

These were deemed information and useful and that they should not be
deprecated.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11669)

show more ...


CHANGES.md
doc/man3/DH_size.pod
doc/man3/DSA_size.pod
doc/man3/RSA_size.pod
include/openssl/dh.h
include/openssl/dsa.h
include/openssl/rsa.h
util/libcrypto.num
036ee37028-Apr-2020 Richard Levitte

EVP: Fix evp_keymgmt_util_copy() for to->keymgmt == NULL

evp_keymgmt_util_copy() didn't treat the case to->keymgmt correctly.
The proper change is to use from->keymgmt when to->keymgmt i

EVP: Fix evp_keymgmt_util_copy() for to->keymgmt == NULL

evp_keymgmt_util_copy() didn't treat the case to->keymgmt correctly.
The proper change is to use from->keymgmt when to->keymgmt is NULL.

Fixes coverity #1462553

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11668)

show more ...


crypto/evp/keymgmt_lib.c
a6ed19dc27-Apr-2020 Shourya Shukla

Amend references to "OpenSSL license"

A small number of files contain references to the "OpenSSL license"
which has been deprecated and replaced by the "Apache License 2.0".
Amend th

Amend references to "OpenSSL license"

A small number of files contain references to the "OpenSSL license"
which has been deprecated and replaced by the "Apache License 2.0".
Amend the occurences.

Fixes #11649

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11663)

show more ...


apps/include/apps_ui.h
apps/include/fmt.h
apps/include/opt.h
apps/kdf.c
apps/lib/apps_ui.c
apps/lib/fmt.c
apps/mac.c
crypto/bn/bn_rsa_fips186_4.c
crypto/modes/siv128.c
crypto/perlasm/s390x.pm
crypto/perlasm/x86_64-support.pl
crypto/rand/rand_vxworks.c
crypto/rsa/rsa_sp800_56b_check.c
crypto/rsa/rsa_sp800_56b_gen.c
doc/man1/openssl-fipsinstall.pod.in
doc/man1/openssl-kdf.pod.in
doc/man1/openssl-mac.pod.in
doc/man1/openssl-rehash.pod.in
doc/man3/SSL_set_async_callback.pod
doc/man7/EVP_KDF-KRB5KDF.pod
doc/man7/EVP_KDF-SSHKDF.pod
include/openssl/self_test.h
providers/fips/self_test.c
providers/fips/self_test.h
providers/fips/self_test_data.inc
providers/fips/self_test_kats.c
providers/implementations/kdfs/krb5kdf.c
providers/implementations/kdfs/sshkdf.c
test/bio_memleak_test.c
test/bn_internal_test.c
test/cmsapitest.c
test/drbg_extra_test.c
test/drbg_extra_test.h
test/recipes/03-test_internal_bn.t
test/recipes/03-test_internal_rsa_sp800_56b.t
test/recipes/20-test_kdf.t
test/recipes/20-test_mac.t
test/recipes/30-test_evp_data/evpaessiv.txt
test/recipes/90-test_bio_memleak.t
test/rsa_sp800_56b_test.c
test/ssl-tests/30-extended-master-secret.cnf.in
test/ssl_ctx_test.c
test/testutil/options.c
test/testutil/test_options.c
5e427a4327-Apr-2020 opensignature

Update EVP_PKEY_fromdata.pod

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1166

Update EVP_PKEY_fromdata.pod

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11660)

show more ...


doc/man3/EVP_PKEY_fromdata.pod
90a37ce327-Apr-2020 Richard Levitte

include/openssl/ts.h: clean away a misplaced EVP_MD stack definition

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from htt

include/openssl/ts.h: clean away a misplaced EVP_MD stack definition

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11655)

show more ...


include/openssl/ts.h
0165913527-Apr-2020 Richard Levitte

include/openssl/x509v3.h: restore previous stack definition arrangement

It turned out that configuration options may affect the definition and
use of diverse stacks and how they relate t

include/openssl/x509v3.h: restore previous stack definition arrangement

It turned out that configuration options may affect the definition and
use of diverse stacks and how they relate to the underlying types.
For example, the configuration option 'no-rfc3779' results in a build
error around STACK_OF(IPAddressFamily) and related stacks.

Previously, STACK_OF definitions were located near the definition of
the underlying type, which are also affected by configuration options,
which made this easier to maintain. We relocate the new stack
definitions back to those locations for that reason.

We apply the same type of relocation in other header files as well, following
the general rule that it's better to use DEFINE_OR_DECLARE_STACK_OF after the
type it defines a stack for has been defined.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11655)

show more ...


crypto/x509/x_x509.c
include/openssl/asn1.h
include/openssl/cmp.h
include/openssl/conf.h
include/openssl/crmf.h
include/openssl/ess.h
include/openssl/ocsp.h
include/openssl/pkcs12.h
include/openssl/srp.h
include/openssl/ssl.h
include/openssl/x509.h
include/openssl/x509v3.h
9df3dd6b27-Apr-2020 Matt Caswell

Update README.ssltests.md

The ssltest docs were out of date because gneerate_ssl_tests now needs
a provider to be specified on the command line.

Fixes #11639

Reviewed-b

Update README.ssltests.md

The ssltest docs were out of date because gneerate_ssl_tests now needs
a provider to be specified on the command line.

Fixes #11639

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11659)

show more ...


test/README.ssltest.md
f844f9eb13-Apr-2020 Richard Levitte

Rename FIPS_MODE to FIPS_MODULE

This macro is used to determine if certain pieces of code should
become part of the FIPS module or not. The old name was confusing.

Fixes #11538

Rename FIPS_MODE to FIPS_MODULE

This macro is used to determine if certain pieces of code should
become part of the FIPS module or not. The old name was confusing.

Fixes #11538

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11539)

show more ...


crypto/bn/bn_conv.c
crypto/bn/bn_ctx.c
crypto/bn/bn_dh.c
crypto/bn/bn_prime.c
crypto/bn/bn_rand.c
crypto/context.c
crypto/core_namemap.c
crypto/dh/dh_check.c
crypto/dh/dh_gen.c
crypto/dh/dh_group_params.c
crypto/dh/dh_key.c
crypto/dh/dh_lib.c
crypto/dh/dh_local.h
crypto/dh/dh_pmeth.c
crypto/dsa/dsa_gen.c
crypto/dsa/dsa_key.c
crypto/dsa/dsa_lib.c
crypto/dsa/dsa_local.h
crypto/dsa/dsa_ossl.c
crypto/ec/ec2_oct.c
crypto/ec/ec2_smpl.c
crypto/ec/ec_asn1.c
crypto/ec/ec_check.c
crypto/ec/ec_ctrl.c
crypto/ec/ec_curve.c
crypto/ec/ec_key.c
crypto/ec/ec_kmeth.c
crypto/ec/ec_lib.c
crypto/ec/ec_local.h
crypto/ec/ec_mult.c
crypto/ec/ecp_nistp224.c
crypto/ec/ecp_nistp256.c
crypto/ec/ecp_nistp521.c
crypto/ec/ecp_oct.c
crypto/evp/digest.c
crypto/evp/e_aes.c
crypto/evp/evp_enc.c
crypto/evp/evp_fetch.c
crypto/evp/evp_lib.c
crypto/evp/exchange.c
crypto/evp/m_sigver.c
crypto/evp/p_lib.c
crypto/evp/pmeth_check.c
crypto/evp/pmeth_gn.c
crypto/evp/pmeth_lib.c
crypto/ffc/ffc_params.c
crypto/ffc/ffc_params_generate.c
crypto/initthread.c
crypto/mem.c
crypto/ppccap.c
crypto/property/property.c
crypto/provider_core.c
crypto/provider_predefined.c
crypto/rand/drbg_ctr.c
crypto/rand/drbg_lib.c
crypto/rand/rand_lib.c
crypto/rand/rand_local.h
crypto/rand/rand_unix.c
crypto/rand/rand_win.c
crypto/rsa/rsa_chk.c
crypto/rsa/rsa_gen.c
crypto/rsa/rsa_lib.c
crypto/rsa/rsa_local.h
crypto/rsa/rsa_mp_names.c
crypto/rsa/rsa_oaep.c
crypto/rsa/rsa_ossl.c
crypto/rsa/rsa_pk1.c
crypto/rsa/rsa_sign.c
crypto/rsa/rsa_sp800_56b_check.c
crypto/self_test_core.c
crypto/threads_pthread.c
include/crypto/evp.h
include/internal/ffc.h
include/internal/thread_once.h
providers/build.info
providers/common/der/der_rsa.c.in
providers/common/provider_util.c
providers/fips/fipsprov.c
providers/implementations/ciphers/cipher_aes_xts_fips.c
providers/implementations/exchange/ecdh_exch.c
providers/implementations/include/prov/implementations.h
providers/implementations/kdfs/pbkdf2_fips.c
providers/implementations/keymgmt/rsa_kmgmt.c
providers/implementations/signature/rsa.c
test/aesgcmtest.c
test/drbg_cavs_test.c
test/drbgtest.c
test/ecdsatest.c
test/evp_extra_test.c
cf86057a25-Apr-2020 Sebastian Andrzej Siewior

Configurations: Identify the shell variables around MANSUFFIX

With MANSUFFIX=A the statement '$$fn$(MANSUFFIX)' is reaplaces with
'$fnA' and left empty because the `fnA' variables is not

Configurations: Identify the shell variables around MANSUFFIX

With MANSUFFIX=A the statement '$$fn$(MANSUFFIX)' is reaplaces with
'$fnA' and left empty because the `fnA' variables is not recognized
within the shell.

With {} around fn it is then bocomes ${fn}A and works as expected.
While here, add the MANSUFFIX to the ECHO line so it is properly printed
during build.

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11643)

show more ...


Configurations/unix-Makefile.tmpl
c9c78d2722-Apr-2020 Nikolay Morozov

Fix GOST curve sec bits

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11637)


ssl/t1_lib.c
f828ba0327-Apr-2020 Richard Levitte

Configure: change all references to INSTALL to INSTALL.md

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11657)


Configure
cf076a3f27-Apr-2020 Richard Levitte

Configurations/unix-Makefile.tmpl: fix typo

PROCESSSOR => PROCESSOR

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11654)


Configurations/unix-Makefile.tmpl
fb12163101-Apr-2020 Benjamin Kaduk

sslapitest: only compile test when it will be used

The test_ccs_change_cipher() test routine is used only when TLS 1.2
is enabled; to fix the strict-warnings build we should not try to

sslapitest: only compile test when it will be used

The test_ccs_change_cipher() test routine is used only when TLS 1.2
is enabled; to fix the strict-warnings build we should not try to
compile it when TLS 1.2 is disabled, either.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11458)

show more ...


test/sslapitest.c
af0d413625-Apr-2020 Sebastian Andrzej Siewior

doc: Random spellchecking

A little spell checking.

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Revi

doc: Random spellchecking

A little spell checking.

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11644)

show more ...


doc/man1/openssl-s_client.pod.in
doc/man1/openssl-s_time.pod.in
doc/man1/openssl.pod
doc/man3/SSL_CTX_set_tlsext_servername_callback.pod
doc/man3/X509_STORE_CTX_get_error.pod
doc/man3/X509_load_http.pod
doc/man3/s2i_ASN1_IA5STRING.pod
doc/man7/provider-signature.pod
60ebc0ca25-Apr-2020 Richard Levitte

fuzz/asn1.c: Add missing #include

<openssl/dsa.h> gets included via ts.h... except when 'no-ts' has been
configured.

Fixes #11597

Reviewed-by: Paul Dale <paul.dale@ora

fuzz/asn1.c: Add missing #include

<openssl/dsa.h> gets included via ts.h... except when 'no-ts' has been
configured.

Fixes #11597

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11640)

show more ...


fuzz/asn1.c
80b94a5a22-Mar-2020 Christian Hohnstaedt

i2b_PVK_bio: don't set PEM_R_BIO_WRITE_FAILURE in case of success

but in case of an error

CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: B

i2b_PVK_bio: don't set PEM_R_BIO_WRITE_FAILURE in case of success

but in case of an error

CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11380)

show more ...


crypto/pem/pvkfmt.c
7ffce85223-Apr-2020 Arne Schwabe

Fix type cast in SSL_CTX_set1_groups macro

The macro casts the glist parameter to char*
instead of (int *) like the documentation of the function suggest.

Also the function tls1

Fix type cast in SSL_CTX_set1_groups macro

The macro casts the glist parameter to char*
instead of (int *) like the documentation of the function suggest.

Also the function tls1_set_groups that is called from SSL_CTX_ctrl
takes an int * argument. This looks like a copy&paste error from
SSL_CTX_set1_groups_list function.

CLA: trivial
Signed-off-by: Arne Schwabe <arne@rfc2549.org>

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11614)

show more ...


include/openssl/ssl.h
d0bcad7327-Apr-2020 Richard Levitte

crypto/x509/v3_alt.c: make 'othername' a bit bigger

We want to fill 'othername' with the contents of 'oline' (256 bytes)
plus some additional text. We need to ensure that 'othername' is

crypto/x509/v3_alt.c: make 'othername' a bit bigger

We want to fill 'othername' with the contents of 'oline' (256 bytes)
plus some additional text. We need to ensure that 'othername' is
large enough to contain this.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11656)

show more ...


crypto/x509/v3_alt.c
ee6c7cde24-Apr-2020 Nicola Tuveri

Fix links in CONTRIBUTING.md

CHANGES and NEWS were renamed into CHANGES.md and NEWS.md; this commit
updates the references inside CONTRIBUTING.md to fix broken links.

Reviewed-b

Fix links in CONTRIBUTING.md

CHANGES and NEWS were renamed into CHANGES.md and NEWS.md; this commit
updates the references inside CONTRIBUTING.md to fix broken links.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11634)

show more ...


CONTRIBUTING.md
70411a5024-Apr-2020 Richard Levitte

Configurations/windows-makefile.tmpl: Fix template code for INSTALL_MODULES

Fixes #11623

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/ope

Configurations/windows-makefile.tmpl: Fix template code for INSTALL_MODULES

Fixes #11623

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11629)

show more ...


Configurations/windows-makefile.tmpl
47f387e921-Apr-2020 Dirk-Willem van Gulik

Add support for unusal 'othername' subjectAltNames

Increasingly certificates seem to have special things in the subjectAltName that have arbitrary strings in them.

E.g. some (now) c

Add support for unusal 'othername' subjectAltNames

Increasingly certificates seem to have special things in the subjectAltName that have arbitrary strings in them.

E.g. some (now) common in EU export certificates and, for a few years now, certificates issued to medical doctors (in for example the netherlands, the full spec is https://www.uziregister.nl/Media/Default/PDF/20200325%20CA%20model%20pasmodel%20certificaatprofielen%20v10_0.pdf, section 4.8, page 16 for an example of one country).

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11599)

show more ...


crypto/x509/v3_alt.c
test/certs/fake-gp.pem
test/recipes/25-test_x509.t
a3ab4d6322-Apr-2020 Pauli

travis: remove GENERATE=yes from some non no-deprecated builds

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11607)


.travis.yml

1...<<401402403404405406407408409410>>...1444