| 174f4a4d | 07-Jun-2020 |
Dr. David von Oheimb |
check-format.pl: Report empty lines only if -s (--sloppy-spc) is not used
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12270) |
| dc187815 | 07-Jun-2020 |
Dr. David von Oheimb |
check-format.pl: Add check for essentially empty line at beginning of file
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12270) |
| 43b2e9e0 | 06-Jun-2020 |
Dr. David von Oheimb |
check-format.pl: Add check for multiples essentially empty lines in a row
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12270) |
| a77571c3 | 07-Apr-2020 |
Dr. David von Oheimb |
check-format.pl: Allow comment start '/*' after opening '(','[','{'
On this occasion fix uses of the word 'nor'.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https
check-format.pl: Allow comment start '/*' after opening '(','[','{'
On this occasion fix uses of the word 'nor'.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12270)
show more ...
|
| 53043311 | 23-Jun-2020 |
Jean-Christophe Fillion-Robin |
Fix linking against non-system zlib on macOS
This commit ensures the -L/path/to/zlib flag associated with ldflags
property set in "Configurations/00-base-templates.conf" (under "BASE_uni
Fix linking against non-system zlib on macOS
This commit ensures the -L/path/to/zlib flag associated with ldflags
property set in "Configurations/00-base-templates.conf" (under "BASE_unix")
is inherited when defining "darwin-common" configuration.
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12238)
show more ...
|
| f64f17c3 | 15-Jul-2020 |
Shane Lontis |
Added missing ';' after methods in the synopsis section of pod files
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from
Added missing ';' after methods in the synopsis section of pod files
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12452)
show more ...
|
| 93e32043 | 15-Jul-2020 |
Richard Levitte |
util/find-doc-nits: relax some SYNOPSIS checks
- The check that disallowed space before the argument list in a
function typedef is tentatively removed, allowing this kind of
util/find-doc-nits: relax some SYNOPSIS checks
- The check that disallowed space before the argument list in a
function typedef is tentatively removed, allowing this kind of
construction:
typedef int (fantastically_long_name_breaks_80char_limit)
(fantastically_long_name_breaks_80char_limit *something);
- Accept the following style of function signature:
typedef TYPE (NAME)(args...)
- Accept space between '#' and 'defined' / 'undef'
- Accept other spaces than SPC in argument list comma check,
allowing declaration with line breaks.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12452)
show more ...
|
| d3cb5904 | 15-Jul-2020 |
Richard Levitte |
util/find-doc-nits: read full declarations as one line in name_synopsis()
name_synopsis was reading physical SYNOPSIS lines. This changes it to
consider a declaration at a time, so we t
util/find-doc-nits: read full declarations as one line in name_synopsis()
name_synopsis was reading physical SYNOPSIS lines. This changes it to
consider a declaration at a time, so we treat a C declaration that's
been broken up in several lines as one.
This makes it mandatory to end all C declarations in the SYNOPSIS with
a semicolon. Those can be detected in two ways:
1. Parsing an individual .pod file outputs this error:
doc/man3/SOMETHING.pod:1: Can't parse rest of synopsis:
int SOMETHING_status(SOMETHING *s)
int SOMETHING_start(SOMETHING *s)
(declarations not ending with a semicolon (;)?)
2. Errors like this:
doc/man3/SOMETHING.pod:1: SOMETHING_status missing from SYNOPSIS
doc/man3/SOMETHING.pod:1: SOMETHING_start missing from SYNOPSIS
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12452)
show more ...
|
| 43b3ab6f | 16-Jul-2020 |
Richard Levitte |
Fix typo for SSL_get_peer_certificate()
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12468) |
| 1bb78e72 | 16-Jul-2020 |
Richard Levitte |
Remove util/openssl-update-copyright
It was useful at the time for a one-time run. However, since it does
its work based on file modification time stamps, and those are
notoriously
Remove util/openssl-update-copyright
It was useful at the time for a one-time run. However, since it does
its work based on file modification time stamps, and those are
notoriously untrustable in a git checkout, it ends up being harmful.
There is a replacement in OpenSSL's tools repository, which relies on
git history.
Fixes #12462
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12466)
show more ...
|
| a85c9021 | 16-Jul-2020 |
Pauli |
mac: always pass a non-NULL output size pointer to providers.
The backend code varies for the different MACs and sometimes sets the output
length, sometimes checks the return pointer and
mac: always pass a non-NULL output size pointer to providers.
The backend code varies for the different MACs and sometimes sets the output
length, sometimes checks the return pointer and sometimes neither.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12458)
show more ...
|
| 3fc164e8 | 13-Jul-2020 |
Pauli |
doc: Fix documentation of EVP_EncryptUpdate().
The documentation was off by one for the length this function could return.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Mer
doc: Fix documentation of EVP_EncryptUpdate().
The documentation was off by one for the length this function could return.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12435)
show more ...
|
| b99c463d | 01-Jul-2020 |
Pauli |
install: add notes about ignored seed sources in the FIPS provider.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12325) |
| 45554b5c | 30-Jun-2020 |
Pauli |
rand: detect if FIPS approved randomness sources are being used.
This boils down to the operating system sources and RDRAND.
All other sources are not available in the FIPS module.
rand: detect if FIPS approved randomness sources are being used.
This boils down to the operating system sources and RDRAND.
All other sources are not available in the FIPS module.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12325)
show more ...
|
| 8e78da06 | 15-Jul-2020 |
Shane Lontis |
Fix trailing whitespace mismatch error when running 02-test_errstr.
Fixes #12449
On a aix7_ppc32 machine the error was of the form
match 'Previous owner died ' (2147483743) with
Fix trailing whitespace mismatch error when running 02-test_errstr.
Fixes #12449
On a aix7_ppc32 machine the error was of the form
match 'Previous owner died ' (2147483743) with one of ( 'Previous owner died', 'reason(95)' )
Stripping the trailing whitespace from the system error will address this issue.
Suggested fix by @pauldale.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12451)
show more ...
|
| cb9bb735 | 03-Jul-2020 |
Dr. David von Oheimb |
99-test_fuzz.t: Clean up and re-organize such that sub-tests could be split easily
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull
99-test_fuzz.t: Clean up and re-organize such that sub-tests could be split easily
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12359)
show more ...
|
| 1e76cb00 | 02-Jul-2020 |
Dr. David von Oheimb |
test/run_tests.pl: In parallel runs, start those tests first that run longest
Also untabify the Perl source file.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from
test/run_tests.pl: In parallel runs, start those tests first that run longest
Also untabify the Perl source file.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12359)
show more ...
|
| 0b670a21 | 03-Jul-2020 |
Dr. David von Oheimb |
x509_vfy.c: Improve key usage checks in internal_verify() of cert chains
If a presumably self-signed cert is last in chain we verify its signature
only if X509_V_FLAG_CHECK_SS_SIGNATURE
x509_vfy.c: Improve key usage checks in internal_verify() of cert chains
If a presumably self-signed cert is last in chain we verify its signature
only if X509_V_FLAG_CHECK_SS_SIGNATURE is set. Upon this request we do the
signature verification, but not in case it is a (non-conforming) self-issued
CA certificate with a key usage extension that does not include keyCertSign.
Make clear when we must verify the signature of a certificate
and when we must adhere to key usage restrictions of the 'issuing' cert.
Add some comments for making internal_verify() easier to understand.
Update the documentation of X509_V_FLAG_CHECK_SS_SIGNATURE accordingly.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12375)
show more ...
|
| 1337a3a9 | 13-Jul-2020 |
Dr. David von Oheimb |
Constify X509_check_akid and prefer using X509_get0_serialNumber over X509_get_serialNumber
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/open
Constify X509_check_akid and prefer using X509_get0_serialNumber over X509_get_serialNumber
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12375)
show more ...
|
| 318565b7 | 16-Jul-2020 |
Richard Levitte |
Prepare for 3.0 alpha 6
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> |
| e70a2d9f | 16-Jul-2020 |
Richard Levitte |
Prepare for release of 3.0 alpha 5
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> |
| b013cf90 | 16-Jul-2020 |
Richard Levitte |
util/mktar.pl: Change 'VERSION' to 'VERSION.dat'
This was forgotten when that file changed name, and that unfortunately
disrupts releases.
Reviewed-by: Nicola Tuveri <nic.tuv@gm
util/mktar.pl: Change 'VERSION' to 'VERSION.dat'
This was forgotten when that file changed name, and that unfortunately
disrupts releases.
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12464)
show more ...
|
| e39e295e | 16-Jul-2020 |
Richard Levitte |
Update copyright year
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12463) |
| e4162f86 | 16-Jul-2020 |
Richard Levitte |
DRBG: Fix the renamed functions after the EVP_MAC name reversal
[extended tests]
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
DRBG: Fix the renamed functions after the EVP_MAC name reversal
[extended tests]
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12186)
show more ...
|
| 660c5344 | 18-Jun-2020 |
Matt Caswell |
Revert "kdf: make function naming consistent."
The commit claimed to make things more consistent. In fact it makes it
less so. Revert back to the previous namig convention.
This
Revert "kdf: make function naming consistent."
The commit claimed to make things more consistent. In fact it makes it
less so. Revert back to the previous namig convention.
This reverts commit 765d04c9460a304c8119f57941341a149498b9db.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12186)
show more ...
|
