summaryrefslogtreecommitdiffstats
path: root/crypto
AgeCommit message (Collapse)Author
2015-01-22Fix modes.h so that indent doesn't complainMatt Caswell
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Move more comments that confuse indentMatt Caswell
Conflicts: crypto/dsa/dsa.h demos/engines/ibmca/hw_ibmca.c ssl/ssl_locl.h Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22ec/ecp_nistz256.c: further harmonization with latest rules.Andy Polyakov
Conflicts: crypto/ec/ecp_nistz256.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Manually reformat aes_x86core.c and add it to the list of files skipped byMatt Caswell
openssl-format-source Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22crypto/ofb128.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22modes/ctr128.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22modes/cfb128.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22ec/ecp_nistz256.c: harmonize with latest indent script.Andy Polyakov
Conflicts: crypto/ec/ecp_nistz256.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Fix indent comment corruption issueMatt Caswell
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22bn/bn_const.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22bn/asm/x86_64-gcc.cL make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22bn/bn_asm.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22bn/bn_exp.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Manually reformat aes_core.cMatt Caswell
Add aes_core.c to the list of files not processed by openssl-format-source Conflicts: crypto/aes/aes_core.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Fix strange formatting by indentMatt Caswell
Conflicts: crypto/hmac/hmac.h Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22modes/modes_lcl.h: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22indent has problems with comments that are on the right hand side of a line.Matt Caswell
Sometimes it fails to format them very well, and sometimes it corrupts them! This commit moves some particularly problematic ones. Conflicts: crypto/bn/bn.h crypto/ec/ec_lcl.h crypto/rsa/rsa.h demos/engines/ibmca/hw_ibmca.c ssl/ssl.h ssl/ssl3.h Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22modes/gcm128.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22modes/cts128.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22crypto/mem_dbg.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22More indent fixes for STACK_OFMatt Caswell
Conflicts: ssl/s3_lib.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Fix indent issue with functions using STACK_OFMatt Caswell
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Fix indent issue with engine.hMatt Caswell
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22crypto/cryptlib.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22bn/bntest.c: make it indent-friendly.Andy Polyakov
Conflicts: crypto/bn/bntest.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22bn/bn_recp.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22bn/rsaz_exp.c: make it indent-friendly.Andy Polyakov
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Fix source where indent will not be able to copeMatt Caswell
Conflicts: apps/ciphers.c ssl/s3_pkt.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Additional comment changes for reformat of 1.0.2Matt Caswell
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22Further comment amendments to preserve formatting prior to source reformatMatt Caswell
(cherry picked from commit 4a7fa26ffd65bf36beb8d1cb8f29fc0ae203f5c5) Conflicts: crypto/x509v3/pcy_tree.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22mark all block comments that need format preserving so thatTim Hudson
indent will not alter them when reformatting comments (cherry picked from commit 1d97c8435171a7af575f73c526d79e1ef0ee5960) Conflicts: crypto/bn/bn_lcl.h crypto/bn/bn_prime.c crypto/engine/eng_all.c crypto/rc4/rc4_utl.c crypto/sha/sha.h ssl/kssl.c ssl/t1_lib.c Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-13Add Broadwell performance results.Andy Polyakov
Reviewed-by: Emilia Käsper <emilia@openssl.org> (cherry picked from commit b3d7294976c58e0e05d0ee44a0e7c9c3b8515e05)
2015-01-13Make output from openssl version -f consistent with previous versionsMatt Caswell
Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit 2d2671790ee12dedd92c97f35b6feb755b8d4374)
2015-01-13Fix warning where BIO_FLAGS_UPLINK was being redefined.Matt Caswell
This warning breaks the build in 1.0.0 and 0.9.8 Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit b1ffc6ca1c387efad0772c16dfe426afef45dc4f)
2015-01-13Avoid deprecation problems in Visual Studio 13Matt Caswell
Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit 86d21d0b9577322ac5da0114c5fac16eb49b4cef)
2015-01-12Allow multiple IDN xn-- indicatorsRich Salz
Update the X509v3 name parsing to allow multiple xn-- international domain name indicators in a name. Previously, only allowed one at the beginning of a name, which was wrong. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (cherry picked from commit 31d1d3741f16bd80ec25f72dcdbf6bbdc5664374)
2015-01-10Make build reproducibleKurt Roeckx
It contained a date on when it was build. Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-01-08Fix build failure on Windows due to undefined cflags identifierMatt Caswell
Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 5c5e7e1a7eb114cf136e1ae4b6a413bc48ba41eb)
2015-01-08Fix for CVE-2014-3570 (with minor bn_asm.c revamp).Andy Polyakov
Reviewed-by: Emilia Kasper <emilia@openssl.org> (cherry picked from commit 56df92efb6893abe323307939425957ce878c8f0)
2015-01-07Fix irix-cc build.Andy Polyakov
Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit e464403d0bda2f1f74eb68582e4988e591c32433)
2015-01-06use correct function nameDr. Stephen Henson
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit cb62ab4b17818fe66d2fed0a7fe71969131c811b)
2015-01-06RT3662: Allow leading . in nameConstraintsDr. Stephen Henson
Change by SteveH from original by John Denker (in the RT) Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 77ff1f3b8bfaa348956c5096a2b829f2e767b4f1)
2015-01-06Fix memory leak.Martin Brejcha
Fix memory leak by freeing up saved_message.data if it is not NULL. PR#3489 Reviewed-by: Stephen Henson <steve@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (cherry picked from commit 41cd41c4416f545a18ead37e09e437c75fa07c95)
2015-01-06Revert "CHANGES: mention "universal" ARM support."Andy Polyakov
This reverts commit caeed719fe3fd619415755f245ab8a904978d99d. Reviewed-by: Matt Caswell <matt@openssl.org>
2015-01-06CHANGES: mention "universal" ARM support.Andy Polyakov
Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit 4fec91506975f62a2f93be71a46acc7fae7eef45)
2015-01-06Remove inconsistency in ARM support.Andy Polyakov
This facilitates "universal" builds, ones that target multiple architectures, e.g. ARMv5 through ARMv7. See commentary in Configure for details. Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit c1669e1c205dc8e695fb0c10a655f434e758b9f7)
2015-01-05Constify ASN1_TYPE_cmp add X509_ALGOR_cmp.Dr. Stephen Henson
Reviewed-by: Emilia Käsper <emilia@openssl.org> (cherry picked from commit 4c52816d35681c0533c25fdd3abb4b7c6962302d)
2015-01-05Fix various certificate fingerprint issues.Dr. Stephen Henson
By using non-DER or invalid encodings outside the signed portion of a certificate the fingerprint can be changed without breaking the signature. Although no details of the signed portion of the certificate can be changed this can cause problems with some applications: e.g. those using the certificate fingerprint for blacklists. 1. Reject signatures with non zero unused bits. If the BIT STRING containing the signature has non zero unused bits reject the signature. All current signature algorithms require zero unused bits. 2. Check certificate algorithm consistency. Check the AlgorithmIdentifier inside TBS matches the one in the certificate signature. NB: this will result in signature failure errors for some broken certificates. 3. Check DSA/ECDSA signatures use DER. Reencode DSA/ECDSA signatures and compare with the original received signature. Return an error if there is a mismatch. This will reject various cases including garbage after signature (thanks to Antti Karjalainen and Tuomo Untinen from the Codenomicon CROSS program for discovering this case) and use of BER or invalid ASN.1 INTEGERs (negative or with leading zeroes). CVE-2014-8275 Reviewed-by: Emilia Käsper <emilia@openssl.org> (cherry picked from commit 684400ce192dac51df3d3e92b61830a6ef90be3e)
2015-01-04ecp_nistz256-x86_64.pl: fix occasional failures.Andy Polyakov
RT: 3607 Reviewed-by: Adam Langley <agl@google.com> Reviewed-by: Emilia Kasper <emilia@openssl.org> (cherry picked from commit 9e557ab2624d5c5e8d799c123f5e8211664d8845)
2015-01-04RT2914: NULL check missing in X509_name_canonRich Salz
Check for NULL return from X509_NAME_ENTRY_new() Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 2c60925d1ccc0b96287bdc9acb90198e7180d642)
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-12 07:58:36 +0000