summaryrefslogtreecommitdiffstats
path: root/crypto
AgeCommit message (Collapse)Author
2015-01-22Run util/openssl-format-source -v -c .Matt Caswell
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Fix modes.h so that indent doesn't complainMatt Caswell
Conflicts: crypto/modes/modes.h Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Move more comments that confuse indentMatt Caswell
Conflicts: crypto/dsa/dsa.h demos/engines/ibmca/hw_ibmca.c ssl/ssl_locl.h Conflicts: crypto/bn/rsaz_exp.c crypto/evp/e_aes_cbc_hmac_sha1.c crypto/evp/e_aes_cbc_hmac_sha256.c ssl/ssl_locl.h Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Manually reformat aes_x86core.c and add it to the list of files skipped byMatt Caswell
openssl-format-source Conflicts: crypto/aes/aes_x86core.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22crypto/ofb128.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22modes/ctr128.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22modes/cfb128.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Fix indent comment corruption issueMatt Caswell
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22bn/bn_const.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22bn/asm/x86_64-gcc.cL make it indent-friendly.Andy Polyakov
Conflicts: crypto/bn/asm/x86_64-gcc.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22bn/bn_asm.c: make it indent-friendly.Andy Polyakov
Conflicts: crypto/bn/bn_asm.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22bn/bn_exp.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Manually reformat aes_core.cMatt Caswell
Add aes_core.c to the list of files not processed by openssl-format-source Conflicts: crypto/aes/aes_core.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Fix strange formatting by indentMatt Caswell
Conflicts: crypto/hmac/hmac.h Conflicts: crypto/evp/e_aes_cbc_hmac_sha256.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22modes/modes_lcl.h: make it indent-friendly.Andy Polyakov
Conflicts: crypto/modes/modes_lcl.h Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22indent has problems with comments that are on the right hand side of a line.Matt Caswell
Sometimes it fails to format them very well, and sometimes it corrupts them! This commit moves some particularly problematic ones. Conflicts: crypto/bn/bn.h crypto/ec/ec_lcl.h crypto/rsa/rsa.h demos/engines/ibmca/hw_ibmca.c ssl/ssl.h ssl/ssl3.h Conflicts: crypto/ec/ec_lcl.h ssl/tls1.h Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22modes/gcm128.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22modes/cts128.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22crypto/mem_dbg.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22More indent fixes for STACK_OFMatt Caswell
Conflicts: ssl/s3_lib.c Conflicts: apps/cms.c crypto/x509/x509_lu.c crypto/x509/x509_vfy.h ssl/s3_lib.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Fix indent issue with functions using STACK_OFMatt Caswell
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Fix indent issue with engine.hMatt Caswell
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22crypto/cryptlib.c: make it indent-friendly.Andy Polyakov
Conflicts: crypto/cryptlib.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22bn/bntest.c: make it indent-friendly.Andy Polyakov
Conflicts: crypto/bn/bntest.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22bn/bn_recp.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Fix source where indent will not be able to copeMatt Caswell
Conflicts: apps/ciphers.c ssl/s3_pkt.c Conflicts: crypto/ec/ec_curve.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Additional comment changes for reformat of 1.0.1Matt Caswell
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Further comment changes for reformatMatt Caswell
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22mark all block comments that need format preserving so thatTim Hudson
indent will not alter them when reformatting comments (cherry picked from commit 1d97c8435171a7af575f73c526d79e1ef0ee5960) Conflicts: crypto/bn/bn_lcl.h crypto/bn/bn_prime.c crypto/engine/eng_all.c crypto/rc4/rc4_utl.c crypto/sha/sha.h ssl/kssl.c ssl/t1_lib.c Conflicts: crypto/rc4/rc4_enc.c crypto/x509v3/v3_scts.c crypto/x509v3/v3nametest.c ssl/d1_both.c ssl/s3_srvr.c ssl/ssl.h ssl/ssl_locl.h ssl/ssltest.c ssl/t1_lib.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-15Prepare for 1.0.1m-devOpenSSL_1_0_1-pre-reformatMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-01-15Prepare for 1.0.1l releaseOpenSSL_1_0_1lMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-01-15make updateMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-01-13Make output from openssl version -f consistent with previous versionsMatt Caswell
Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit 2d2671790ee12dedd92c97f35b6feb755b8d4374)
2015-01-13Fix warning where BIO_FLAGS_UPLINK was being redefined.Matt Caswell
This warning breaks the build in 1.0.0 and 0.9.8 Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit b1ffc6ca1c387efad0772c16dfe426afef45dc4f)
2015-01-13Avoid deprecation problems in Visual Studio 13Matt Caswell
Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit 86d21d0b9577322ac5da0114c5fac16eb49b4cef)
2015-01-10RT3662: Allow leading . in nameConstraintsDr. Stephen Henson
Change by SteveH from original by John Denker (in the RT) Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 77ff1f3b8bfaa348956c5096a2b829f2e767b4f1)
2015-01-08Fix build failure on Windows due to undefined cflags identifierMatt Caswell
Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 5c5e7e1a7eb114cf136e1ae4b6a413bc48ba41eb)
2015-01-08Prepare for 1.0.1l-devMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-01-08Prepare for 1.0.1k releaseOpenSSL_1_0_1kMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-01-08make updateMatt Caswell
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-01-08Fix for CVE-2014-3570.Andy Polyakov
Reviewed-by: Emilia Kasper <emilia@openssl.org> (cherry picked from commit e793809ba50c1e90ab592fb640a856168e50f3de) (with 1.0.1-specific addendum)
2015-01-07Fix irix-cc build.Andy Polyakov
Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit e464403d0bda2f1f74eb68582e4988e591c32433)
2015-01-06use correct function nameDr. Stephen Henson
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit cb62ab4b17818fe66d2fed0a7fe71969131c811b)
2015-01-06Fix memory leak.Martin Brejcha
Fix memory leak by freeing up saved_message.data if it is not NULL. PR#3489 Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 41cd41c4416f545a18ead37e09e437c75fa07c95)
2015-01-05Constify ASN1_TYPE_cmp add X509_ALGOR_cmp.Dr. Stephen Henson
Reviewed-by: Emilia Käsper <emilia@openssl.org> (cherry picked from commit 4c52816d35681c0533c25fdd3abb4b7c6962302d)
2015-01-05Fix various certificate fingerprint issues.Dr. Stephen Henson
By using non-DER or invalid encodings outside the signed portion of a certificate the fingerprint can be changed without breaking the signature. Although no details of the signed portion of the certificate can be changed this can cause problems with some applications: e.g. those using the certificate fingerprint for blacklists. 1. Reject signatures with non zero unused bits. If the BIT STRING containing the signature has non zero unused bits reject the signature. All current signature algorithms require zero unused bits. 2. Check certificate algorithm consistency. Check the AlgorithmIdentifier inside TBS matches the one in the certificate signature. NB: this will result in signature failure errors for some broken certificates. 3. Check DSA/ECDSA signatures use DER. Reencode DSA/ECDSA signatures and compare with the original received signature. Return an error if there is a mismatch. This will reject various cases including garbage after signature (thanks to Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS program for discovering this case) and use of BER or invalid ASN.1 INTEGERs (negative or with leading zeroes). CVE-2014-8275 Reviewed-by: Emilia Käsper <emilia@openssl.org> (cherry picked from commit 684400ce192dac51df3d3e92b61830a6ef90be3e)
2015-01-04RT2914: NULL check missing in X509_name_canonRich Salz
Check for NULL return from X509_NAME_ENTRY_new() Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 2c60925d1ccc0b96287bdc9acb90198e7180d642)
2014-12-30dlfcn: always define _GNU_SOURCEKurt Roeckx
We need this for the freebsd kernel with glibc as used in the Debian kfreebsd ports. There shouldn't be a problem defining this on systems not using glibc. Reviewed-by: Richard Levitte <levitte@openssl.org>
2014-12-20Fix incorrect OPENSSL_assert() usage.Michael Tuexen
Return an error code for I/O errors instead of an assertion failure. PR#3470 Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 2521fcd8527008ceb3e4748f95b0ed4e2d70cfef)
2014-12-19Fix a problem if CFLAGS is too long cversion.c fails to compile when configMatt Caswell
is run with --strict-warnings. Reviewed-by: Richard Levitte <levitte@openssl.org> (cherry picked from commit 488f16e31b8f5ec2513410929325d0830d76762d)
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-11 05:57:36 +0000