| Age | Commit message (Collapse) | Author |
|---|
|
This line will allow use private keys, which created by Crypto Pro, to
sign with OpenSSL.
CLA: trivial
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4836)
(cherry picked from commit b35bb37a3d6ecf11b43ef8717600ab61718c3cc2)
|
|
This is especially harmful since OPENSSL_cleanup() has already called
the RAND cleanup function
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3137)
(cherry picked from commit 789a2b6250d5e05dfde6ce259e79ef8c172c9f3f)
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1584)
(cherry picked from commit a8a8a917c0c0d36162fdc0cbf84ab17282cef3e9)
|
|
Certain functions are automatically called during auto-deinit in order
to deallocate resources. However, if we have never entered a function which
marks lib crypto as inited then they never get called. This can happen if
the user only ever makes use of a small sub-set of functions that don't hit
the auto-init code.
This commit ensures all such resources deallocated by these functions also
init libcrypto when they are initially allocated.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Ben Laurie <ben@openssl.org>
(cherry picked from commit 135648bcd0e9db029582d3d7627a90a1b566c5d6)
|
|
extra spacing and 80 cols
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1366)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1301)
|
|
simplify and reindent some related code.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #1330
|
|
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
|
That way, we have a way to check if the init function was successful
or not.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
zapparams modification based on tip from Matt Caswell
RT#3198
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
ossl_hmac_cleanup, pkey_hmac_cleanup:
- allow to invoke with NULL data
- using EVP_PKEY_CTX_[get|set]_data
EVP_DigestInit_ex:
- remove additional check for ‘type’ and doing clear free instead of
free
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Add script to find unused err/reason codes
Remove unused reason codes.
Remove entries for unused functions
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Fix possible leak in danetest.c
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Document thread-safe lock creation
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Currently point to wrong address
Signed-off-by: Kirill Marinushkin <k.marinushkin@gmail.com>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/996)
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/952)
|
|
The Unix build was the last to retain the classic build scheme. The
new unified scheme has matured enough, even though some details may
need polishing.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Give the API new names, document it.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
There is a preference for suffixes to indicate that a function is internal
rather than prefixes. Note: the suffix is only required to disambiguate
internal functions and public symbols with the same name (but different
case)
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
There was a lot of naming inconsistency, so we try and standardise on
one form.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
ENGINE_cleanup() should not be called expicitly - we should leave
auto-deinit to clean this up instead.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
This reverts commit 620d540bd47a96fb6905fbbdd8ea5167a8841a3e.
It wasn't reviewed.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Numerous fixups based on feedback of the DSA opacity changes.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
|
|
Move the dsa_method structure out of the public header file, and provide
getter and setter functions for creating and modifying custom DSA_METHODs.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
|
|
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Misc fixes for no-dsa.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
This removes all scripts that deal with MINFO as well, since that's
only used by mk1mf.
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
Don't have #error statements in header files, but instead wrap
the contents of that file in #ifndef OPENSSL_NO_xxx
This means it is now always safe to include the header file.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Remove usage of CRYPTO_LOCK_ENGINE
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
With the new threads API, this is no longer needed.
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
The Engine API lost the setting of memory management hooks in
bind_engine. Here's putting that back.
EX_DATA and ERR functions need the same treatment.
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
We had the function EVP_CIPHER_CTX_cipher_data which is newly added for
1.1.0. As we now also need an EVP_CIPHER_CTX_set_cipher_data it makes
more sense for the former to be called EVP_CIPHER_CTX_get_cipher_data.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Simplifies calling code. Also fixed up any !ptr tests that were
nearby, turning them into NULL tests.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
This takes us away from the idea that we know exactly how our static
libraries are going to get used. Instead, we make them available to
build shareable things with, be it other shared libraries or DSOs.
On the other hand, we also have greater control of when the shared
library cflags. They will never be used with object files meant got
binaries, such as apps/openssl or test/test*.
With unified, we take this a bit further and prepare for having to
deal with extra cflags specifically to be used with DSOs (dynamic
engines), libraries and binaries (applications).
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
The engine DSOs were named as if they were shared libraries, and could
end up having all sorts of fancy names:
Cygwin: cygFOO.dll
Mingw: FOOeay32.dll
Unix: libFOO.so / libFOO.sl / libFOO.dylib / ...
This may be confusing, since they look like libraries one should link
with at link time, when they're just DSOs.
It's therefore time to rename them, and do it consistently on all
platforms:
Cygwin & Mingw: FOO.dll
Unix: FOO.{so,sl,dylib,...}
Interestingly enough, the MSVC and VMS builds always did it this way.
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
All those flags existed because we had all the dependencies versioned
in the repository, and wanted to have it be consistent, no matter what
the local configuration was. Now that the dependencies are gone from
the versioned Makefile.ins, it makes much more sense to use the exact
same flags as when compiling the object files.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
Add -DBIO_DEBUG to --strict-warnings.
Remove comments about outdated debugging ifdef guards.
Remove md_rand ifdef guarding an assert; it doesn't seem used.
Remove the conf guards in conf_api since we use OPENSSL_assert, not assert.
For pkcs12 stuff put OPENSSL_ in front of the macro name.
Merge TLS_DEBUG into SSL_DEBUG.
Various things just turned on/off asserts, mainly for checking non-NULL
arguments, which is now removed: camellia, bn_ctx, crypto/modes.
Remove some old debug code, that basically just printed things to stderr:
DEBUG_PRINT_UNKNOWN_CIPHERSUITES, DEBUG_ZLIB, OPENSSL_RI_DEBUG,
RL_DEBUG, RSA_DEBUG, SCRYPT_DEBUG.
Remove OPENSSL_SSL_DEBUG_BROKEN_PROTOCOL.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
