- 30 3月, 2018 2 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
The RAND_DRBG API was added in PR #5462 and modified by PR #5547. This commit adds the corresponding documention. Reviewed-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5461)
-
由 FdaSilvaYY 提交于
methods : - EVP_PBE_scrypt - EVP_PKEY_meth_add0 - EVP_PKEY_meth_new - EVP_PKEY_CTX_dup Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/5783)
-
- 29 3月, 2018 7 次提交
-
-
由 Benjamin Kaduk 提交于
Add some more exposition on why unlocked access to the global rand_fork_count is safe, and provide a comment for the struct rand_drbg_st fork_count field. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/4110)
-
由 Richard Levitte 提交于
The VMS C RTL has setbuf() working for short pointers only, probably the FILE pointer will always be in P0 (the lower 4GB). Fortunately, this only generates a warning about possible data loss (doesn't apply in this case) that we can simply turn off. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5789)
-
由 Patrick Steuer 提交于
... to compute s390x aes function code from keylength. Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5250)
-
由 Patrick Steuer 提交于
Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5250)
-
由 Patrick Steuer 提交于
Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5250)
-
由 Patrick Steuer 提交于
Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5250)
-
由 Patrick Steuer 提交于
Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5250)
-
- 28 3月, 2018 5 次提交
-
-
由 Matt Caswell 提交于
This commit removes the contribution of a user that we cannot trace to gain their consent for the licence change. After this commit the various IS_*() macros in the auto-generated file conf_def.h may incorrectly return true if the supplied character has its most significant bit set. The IS_*() macros should be able to correctly handle 8-bit characters. Note that UTF-8 support is not a requirement. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5767)
-
由 Rich Salz 提交于
Based on the description in https://github.com/openssl/openssl/pull/5757, this re-implements the "allow NULL to be passed" behavior of a number of xxx_free routines. I also fixed up some egregious formatting errors that were nearby. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5761)
-
由 Miroslav Suk 提交于
ts/ts_rsp_sign.c: change to OPENSSL_gmtime. Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5720)
-
由 Andy Polyakov 提交于
Apparently applications rely on RAND_load_file's ability to work with non-regular files, customarily with /dev/urandom, so that the ban was not exactly appropriate. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5737)
-
由 Matt Caswell 提交于
This removes some code because we cannot trace the original contributor to get their agreement for the licence change (original commit e03ddfae). After this change there will be numerous failures in the test cases until someone rewrites the missing code. All *_free functions should accept a NULL parameter. After this change the following *_free functions will fail if a NULL parameter is passed: BIO_ACCEPT_free() BIO_CONNECT_free() BN_BLINDING_free() BN_CTX_free() BN_MONT_CTX_free() BN_RECP_CTX_free() BUF_MEM_free() COMP_CTX_free() ERR_STATE_free() TXT_DB_free() X509_STORE_free() ssl3_free() ssl_cert_free() SSL_SESSION_free() SSL_free() [skip ci] Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5757)
-
- 27 3月, 2018 3 次提交
-
-
由 Matt Caswell 提交于
If we don't have OID data for an object then we should fail if we are asked to encode the ASN.1 for that OID. Fixes #5723 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5725)
-
由 Andy Polyakov 提交于
Comparison was effectively reduced to least significant bits. CVE-2018-0733 Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Matt Caswell 提交于
Constructed types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. Therefore we limit the stack depth. CVE-2018-0739 Credit to OSSFuzz for finding this issue. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 23 3月, 2018 2 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5733)
-
由 Richard Levitte 提交于
The macros resulting from the dso_scheme attribute were defined for libraries only, but there's a test program that uses the macros as well. The easier way is to move the handling of this macro to crypto/include/internal/dso_conf.h and having the modules that need it include it. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5733)
-
- 22 3月, 2018 5 次提交
-
-
由 Andy Polyakov 提交于
Some platforms, cough-DJGPP, fail to compile claiming that requested alignment is greater than maximum possible. Supposedly original alignment was result of an attempt to utilize AVX2... Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5708)
-
由 Andy Polyakov 提交于
In other words no-sock DJGPP build should suppress syslogging. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5708)
-
由 Andy Polyakov 提交于
At earlier point e_os.h was omitted from a number of headers (in order to emphasize OS neutrality), but this affected o_fopen.c, which is not OS-neutral, and contains some DJGPP-specific code. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5708)
-
由 Kurt Roeckx 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> GH: #5580
-
由 David Benjamin 提交于
In particular, x and y may be NULL, as used in ecdsa_ossl.c. Make use of this in ecdh_ossl.c as well, to save an otherwise unnecessary temporary. Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5532)
-
- 21 3月, 2018 3 次提交
-
-
由 Jack Bates 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2181)
-
由 Andy Polyakov 提交于
At earlier point e_os.h was omitted from a number of headers (in order to emphasize OS neutrality), but this affected o_fopen.c and randfile.c which are not OS-neutral, and contain some Win32-specific code. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5676)
-
由 Matthias Kraft 提交于
Although it deviates from the actual prototype of DSO_dsobyaddr(), this is now ISO C compliant and gcc -Wpedantic accepts the code. Added DATA segment checking to catch ptrgl virtual addresses. Avoid memleaks with every AIX/dladdr() call. Removed debug-fprintf()s. Added test case for DSO_dsobyaddr(), which will eventually call dladdr(). Removed unecessary AIX ifdefs again. The implementation can only lookup function symbols, no data symbols. Added PIC-flag to aix*-cc build targets. As AIX is missing a dladdr() implementation it is currently uncertain our exit()-handlers can still be called when the application exits. After dlclose() the whole library might have been unloaded already. Signed-off-by: NMatthias Kraft <makr@gmx.eu> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5668)
-
- 20 3月, 2018 5 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5689)
-
由 Richard Levitte 提交于
Without it, the RAND_POOL typedef is missing Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5685)
-
由 Todd Short 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5677)
-
由 Todd Short 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5677)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5673)
-
- 19 3月, 2018 8 次提交
-
-
由 Rich Salz 提交于
Use shorter names for some defines, so also had to change the .c file that used them. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5669)
-
由 Kurt Roeckx 提交于
Since the public and private DRBG are per thread we don't need one per ssl object anymore. It could also try to get entropy from a DRBG that's really from an other thread because the SSL object moved to an other thread. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/5547)
-
由 Kurt Roeckx 提交于
This avoids lock contention. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/5547)
-
由 Jack Lloyd 提交于
Without actually using EVP_PKEY_FLAG_AUTOARGLEN Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4793)
-
由 Jack Lloyd 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4793)
-
由 Jack Lloyd 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4793)
-
由 Andy Polyakov 提交于
Current endianness detection is somewhat opportunistic and can fail in cross-compile scenario. Since we are more likely to cross-compile for little-endian now, adjust the default accordingly. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5613)
-
由 Bernd Edlinger 提交于
Don't pass a pointer to uninitialized processed value for BIO_CB_READ and BIO_CB_WRITE Check the correct cmd code in BIO_callback_ctrl Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5516)
-