Age | Commit message (Collapse) | Author |
|
In an earlier attempt to simplify the processing of disabled options,
'no-err' and 'no-async' stopped working properly. 'err' and 'async'
are directories under 'crypto/', but they are special insofar that
they can't be simply skipped, like all the algorithm directories can,
so they need special treatment among the disablable things.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
While we're at it, correct the fault in windows-makefile.tmpl
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
APP_INFO is currently a field of MEM struct.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1583)
|
|
Makes the logic a little bit clearer.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1571)
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
They are now relative paths as well
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
This reverts commit 77a6be4dfc2ecf406c2559a99bea51317ce0f533.
There were some unexpected side effects to this commit, e.g. in SSLv3 a
warning alert gets sent "no_certificate" if a client does not send a
Certificate during Client Auth. With the above commit this causes the
connection to abort, which is incorrect. There may be some other edge cases
like this so we need to have a rethink on this.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
This is needed, because on VMS, select() can only be used on sockets. being
able to use select() on all kinds of file descriptors is unique to Unix.
So, the solution for VMS is to create a layer that translates input from
standard input to socket communication.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Where -curves, etc., are defined: SSL_CONF_cmd
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
This is an amendment to the september 8 commit titled "VMS: Don't
force symbol mixed case when building DSOs"
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
RT#4674 issue 2
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Resolves GH1515 and GH1509.
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
An OCSP_RESPID in a status request extension has 2 bytes for the length
not 1.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
The internal SRP function t_fromb64() converts from base64 to binary. It
does not validate that the size of the destination is sufficiently large -
that is up to the callers. In some places there was such a check, but not
in others.
Add an argument to t_fromb64() to provide the size of the destination
buffer and validate that we don't write too much data. Also add some sanity
checks to the callers where appropriate.
With thanks to Shi Lei for reporting this issue.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Don't call WPACKET_sub_memcpy(), WPACKET_sub_allocation_bytes() and
WPACKET_start_sub_packet_len() directly.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Remove extra indentation at the start of an "if".
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Updated the construction code to use the new function. Also added some
convenience macros for WPACKET_sub_memcpy().
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Also, enlarge test group 20 to include openssl commands that aren't
tested otherwise
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
RT#4674
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Add comments, document -valid option.
Add some const qualifiers.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1560)
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
This flag got moved after -xarch=v9 in 1.1.0 and had the unexpected
side effect of the compiler building for 32-bit v8plusa instead of v9.
GH#1521
CLA: none; trivial
Signed-off-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1520)
|
|
it appears when using gcc/mingw:
```
apps/s_client.c:815:9: warning: variable 'at_eof' set but not used [-Wunused-but-set-variable]
int at_eof = 0;
^~~~~~
```
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1512)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Traditionally Configure passed $ENV{PERL} to Makefile. But this
resulted in ambiguilty as Configure script could be executed by
interpreter different from one executing remaining scripts. Since
we separate compile- and run-time interpreters with HASHBANGPERL
variable, there is no reason to segment the build procedure.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
A peer continually sending unrecognised warning alerts could mean that we
make no progress on a connection. We should abort rather than continuing if
we receive an unrecognised warning alert.
Thanks to Shi Lei for reporting this issue.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Addressing more feedback comments.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Two locations had the same loop for writing out a value. Pull it out into
a function.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
This is an internal API. Some of the tests were for programmer erorr and
"should not happen" situations, so a soft assert is reasonable.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
A few style tweaks here and there. The main change is that curr and
packet_len are now offsets into the buffer to account for the fact that
the pointers can change if the buffer grows. Also dropped support for the
WPACKET_set_packet_len() function. I thought that was going to be needed
but so far it hasn't been. It doesn't really work any more due to the
offsets change.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
The PACKET documentation is already in packet_locl.h so it makes sense to
have the WPACKET documentation there as well.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
The tests will only work in no-shared builds because WPACKET is an
internal only API that does not get exported by the shared library.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Otherwise a mem leak can occur.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Also added the WPACKET_cleanup() function to cleanup a WPACKET if we hit
an error.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|