- 22 4月, 2021 6 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14986)
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14983)
-
由 Matt Caswell 提交于
We just detect this at compile time instead. This avoids cross-compilation problems where the host platform supports 128-bit ints, but the target platform does not (or vice versa). This was causing a problem on some platforms where, dependent on the CFLAGS, 128 bit ints were either supported or not. Fixes #14804 Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14941)
-
由 MichaM 提交于
CLA: trivial Signed-off-by: NMichaM <contact-micha+github@posteo.de> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14879)
-
由 Nicola Tuveri 提交于
For some reason `keymgmt_gettable_params` and `keymgmt_settable_params` seem to be the only prototypes in `core_dispatch.h` without named arguments. This is annoying if `core_dispatch.h` is being parsed to extract information and also for developers who would like the header to be self-contained, without having to refer to the documentation every time to check what is supposed to be passed. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14950)
-
- 21 4月, 2021 22 次提交
-
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14357)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14357)
-
由 Dr. David von Oheimb 提交于
Fixes #14855 Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14937)
-
由 Rich Salz 提交于
If configured with no-cms, handle it in build.info like the other options. I guess I missed doing this file in PR #11250 Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14918)
-
由 Richard Levitte 提交于
The error report filter was fragile, as it could potentially have to be updated when other parts of libcrypto got updated, making a goose chase and a maintenance problem. We change this to regard d2i errors as something we don't care so much about, since they are mainly part of the guessing mechanism. The success of the ossl_store_handle_load_result() call is based on whether an object was actually created or not anyway. Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14834)
-
由 Richard Levitte 提交于
The EVP test didn't recognise ERR_R_UNSUPPORTED, now does Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14834)
-
由 Richard Levitte 提交于
This includes the special decoder used in our STOREMGMT 'file:' implementation Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14834)
-
由 Richard Levitte 提交于
So far, decoder implementations would return true (1) for a successful decode all the way, including what the callback it called returned, and false (0) in all other cases. This construction didn't allow to stop to decoding process on fatal errors, nor to choose what to report in the provider code. This is now changed so that decoders implementations are made to return false only on errors that should stop the decoding process from carrying on with other implementations, and return true for all other cases, even if that didn't result in a constructed object (EVP_PKEY for example), essentially making it OK to return "empty handed". The success of the decoding process is now all about successfully constructing the final object, rather than about the return value of the decoding chain. If no construction is attempted, the central decoding processing code concludes that whatever the input consisted of, it's not supported by the available decoder implementations. Fixes #14423 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14834)
-
由 Petr Gotthard 提交于
The propq is strdup'ed in X509_REQ_new_ex, but never freed. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14907)
-
由 Dr. David von Oheimb 提交于
Fixes #14910 Also slightly improve further error handling of setup_request_ctx(). Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14929)
-
由 Pauli 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14881)
-
由 Pauli 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14881)
-
由 Pauli 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14881)
-
由 Pauli 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14881)
-
由 Pauli 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14881)
-
由 Pauli 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14881)
-
由 Pauli 提交于
Fixes #14387 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14881)
-
由 Pauli 提交于
In function test_EVP_PKEY_ffc_priv_pub, params is freed via OSSL_PARAM_free() at line 577. If the condition at line 581 is true, the execution will goto err, and params will be freed again at line 630. The same problem also happens at line 593 and line 609, which causes two double free bugs. Bugs reported by @Yunlongs Fixes 14916 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14921)
-
由 Pauli 提交于
In function try_decode_PKCS8Encrypted, p8 is freed via X509_SIG_free() at line 481. If function new_EMBEDDED() returns a null pointer at line 483, the execution will goto nop8. In the nop8 branch, p8 is freed again at line 491. Bug reported by @Yunlongs Fixes #14915 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14921)
-
由 Pauli 提交于
In function int_ts_RESP_verify_token, if (flags & TS_VFY_DATA) is true, function ts_compute_imprint() will be called at line 299. In the implementation of ts_compute_imprint, it allocates md_alg at line 406. But after the allocation, if the execution goto err, then md_alg will be freed in the first time by X509_ALGOR_free at line 439. After that, ts_compute_imprint returns 0 and the execution goto err branch of int_ts_RESP_verify_token. In the err branch, md_alg will be freed in the second time at line 320. Bug reported by @Yunlongs Fixes #14914 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14921)
-
由 Pauli 提交于
In function SRP_create_verifier_ex, it calls SRP_create_verifier_BN_ex(..., &v, ..) at line 653. In the implementation of SRP_create_verifier_BN_ex(), *verify (which is the paremeter of v) is allocated a pointer via BN_new() at line 738. And *verify is freed via BN_clear_free() at line 743, and return 0. Then the execution continues up to goto err at line 655, and the freed v is freed again at line 687. Bug reported by @Yunlongs Fixes #14913 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14921)
-
由 Pauli 提交于
The end of loop test allows the index to go one step too far to be able to terminate the param array but the end of list record is still added. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14922)
-
- 20 4月, 2021 7 次提交
-
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14128)
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/14219)
-
由 Rich Salz 提交于
This causes tests to break. Pushing it to help others debug. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/14219)
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/14219)
-
由 Juergen Christ 提交于
Commit f6c95e46 added an "origin" field to EVP_CIPHER and EVP_MD structures but did not update the s390 specific implementations. Update these to fix compile errors on s390. Signed-off-by: NJuergen Christ <jchrist@linux.ibm.com> Reviewed-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14926)
-
由 Rich Salz 提交于
Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14903)
-
由 Tomas Mraz 提交于
Fixes #14902 Also add workaround of `sudo hostname localhost` for the intermittent test failures seen in CI. Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/14872)
-
- 19 4月, 2021 5 次提交
-
-
由 Dr. David von Oheimb 提交于
Fixes #14790 Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14891)
-
由 Matt Caswell 提交于
Also includes testing for OSSL_LIB_CTX_get0_global_default(). Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14890)
-
由 Matt Caswell 提交于
An API function for obtaining the global default lib ctx. Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14890)
-
由 Matt Caswell 提交于
Change things so that passing NULL to OSSL_LIB_CTX_set0_default() means keep the current library context unchanged. This has the advantage of simplifying error handling, e.g. you can call OSSL_LIB_CTX_set0_default in an error/finalisation block safe in the knowledge the if the "prevctx" was never set then it will be a no-op (like calling a "free" function with NULL). Fixes #14593 Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14890)
-
由 Matt Caswell 提交于
The TODO suggest a possible refactoring. The refactoring doesn't seem necessary at this stage. If it is required later it can be done without affecting external APIs - so just remove the TODO. Fixes #14397 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14888)
-