Age | Commit message (Collapse) | Author |
|
Thanks to Hanno Böck for reporting this bug.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 39a43280316f1b9c45be5ac5b04f4f5c3f923686)
Conflicts:
crypto/pkcs12/p12_utl.c
|
|
RAND_pseudo_bytes() allows random data to be returned even in low entropy
conditions. Sometimes this is ok. Many times it is not. For the avoidance
of any doubt, replace existing usage of RAND_pseudo_bytes() with
RAND_bytes().
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
PR#4449
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit b1f8ba4dc7032a061d60b960c393178263e4a471)
|
|
PR#4466
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 06227924ad77fee9ead79189328aebf078c37add)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit c2319cf9fce87a2e82efb6e58ced11a85190dc3d)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 3f6c7691870d1cd2ad0e0c83638cef3f35a0b548)
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 3be39dc1e3378d79531e385a72051c4dc5c6b34d)
|
|
The NULL cipher case can't actually happen because we have no
EVP_PBE_CTL combinations where cipher_nid is -1 and keygen is
PKCS12_PBE_keyivgen. But make the code more obviously correct.
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 394f7b6fcc38132b8ccff0a3253b9dd15640cfc0)
|
|
PR#3923
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit ffbf304d4832bd51bb0618f8ca5b7c26647ee664)
|
|
Pointed out by Victor Vasiliev (vasilvv@mit.edu) via Adam Langley
(Google).
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 1e4a355dcabe2f75df5bb8b41b394d37037169d2)
(cherry picked from commit ac32a77cd69784568090e934a31622ddfee49ca7)
|
|
We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in. This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.
This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 0f539dc1a2f45580435c39dada44dd276e79cb88)
Conflicts:
Makefile.org
apps/Makefile
test/Makefile
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
PR#3278
(cherry picked from commit de56fe797081fc09ebd1add06d6e2df42a324fd5)
|
|
Use triple DES for certificate encryption if no-rc2 is
specified.
PR#3357
(cherry picked from commit 4689c08453e95eeefcc88c9f32dc6e509f95caff)
|
|
|
|
|
|
|
|
|
|
|
|
Submitted by: Remi Gacogne <rgacogne-bugs@coredump.fr>
Fix double free in PKCS12_parse if we run out of memory.
|
|
of assuming they will always suceed.
|
|
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve
OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.
|
|
Check return value if d2i_PBEPARAM().
|
|
|
|
|
|
about settings for local key id...
|
|
|
|
test for them!
|
|
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
supported encryption algorithm instead of a PBE NID then use that
algorithm with PBES2.
|
|
|
|
PR: 1170
Submitted by: Yair Elharrar
Reviewed and edited by: Nils Larsch
|
|
|
|
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
|
|
|
|
attribute in EVP_PKEY structure.
|
|
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
|
|
|
|
|
|
|
|
failure and freeing up memory if a failure occurs.
PR:620
|
|
|
|
if $(EXHEADER) is empty.
Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
|