| 68072bc | Matt Caswell | 19 April 2016, 14:57:51 UTC | Prepare for 1.1.0-pre5 release Reviewed-by: Rich Salz <rsalz@openssl.org> | 19 April 2016, 14:57:51 UTC |
| 235f932 | Matt Caswell | 18 April 2016, 14:12:58 UTC | Unsigned chars can't be negative Fix a problem where an unsigned char was being checked to see if it was negative. Reviewed-by: Richard Levitte <levitte@openssl.org> | 18 April 2016, 14:12:58 UTC |
| 36c6f0a | Matt Caswell | 18 April 2016, 09:35:34 UTC | Fix PKCS7 memory leak Commit f0e0fd51f was a bit over-zealous in removing a call to X509_STORE_CTX_cleanup(). The call in question was in a loop and was required to cleanup resources used on each iteration of the loop. Removing this resulted in a memory leak. Reviewed-by: Richard Levitte <levitte@openssl.org> | 18 April 2016, 13:59:23 UTC |
| 14f051a | Rich Salz | 13 April 2016, 19:58:28 UTC | Make string_to_hex/hex_to_string public Give the API new names, document it. Reviewed-by: Richard Levitte <levitte@openssl.org> | 18 April 2016, 13:02:11 UTC |
| 9021a5d | Rich Salz | 18 April 2016, 11:43:54 UTC | Rename some lowercase API's Make OBJ_name_cmp internal Rename idea_xxx to IDEA_xxx Rename get_rfc_xxx to BN_get_rfc_xxx Rename v3_addr and v3_asid functions to X509v3_... Reviewed-by: Richard Levitte <levitte@openssl.org> | 18 April 2016, 12:22:00 UTC |
| 84f4f0b | Richard Levitte | 18 April 2016, 11:49:41 UTC | NOTES files will contain more requirements, make that explicit Reviewed-by: Rich Salz <rsalz@openssl.org> | 18 April 2016, 12:20:41 UTC |
| 2ca1e22 | Jérôme Duval | 17 April 2016, 14:36:30 UTC | Haiku x86-64 doesn't need RC4_CHAR. * add a comment about Haiku being built with no-asm. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> | 18 April 2016, 11:40:11 UTC |
| a97d19d | Ben Laurie | 16 April 2016, 04:37:04 UTC | Free methods on destroy. Reviewed-by: Matt Caswell <matt@openssl.org> | 18 April 2016, 09:21:56 UTC |
| 9139547 | Ben Laurie | 16 April 2016, 04:33:24 UTC | Free engine on error. Reviewed-by: Matt Caswell <matt@openssl.org> | 18 April 2016, 09:21:56 UTC |
| 0463052 | Ben Laurie | 15 April 2016, 08:45:47 UTC | Opacity. Reviewed-by: Matt Caswell <matt@openssl.org> | 18 April 2016, 09:21:56 UTC |
| 402ec2f | Ben Laurie | 15 April 2016, 08:45:25 UTC | Signed/unsigned compare. Reviewed-by: Matt Caswell <matt@openssl.org> | 18 April 2016, 09:21:56 UTC |
| d32f5d8 | Richard Levitte | 17 April 2016, 11:48:53 UTC | Restore OCSP_basic_verify() error return semantics Recently, OCSP_basic_verify() was changed to always return 0 on error, when it would previously return 0 on error and < 0 on fatal error. This restores the previous semantics back. Reviewed-by: Rich Salz <rsalz@openssl.org> | 17 April 2016, 21:22:45 UTC |
| 4e727a8 | Richard Levitte | 17 April 2016, 11:21:06 UTC | Remove declaration of function that isn't implemented Reviewed-by: Rich Salz <rsalz@openssl.org> | 17 April 2016, 21:22:29 UTC |
| 4dba585 | Dr. Stephen Henson | 16 April 2016, 17:23:19 UTC | Add X509_STORE_CTX_set0_untrusted function. Reviewed-by: Richard Levitte <levitte@openssl.org> | 16 April 2016, 17:26:19 UTC |
| 64a1385 | Richard Levitte | 16 April 2016, 10:57:09 UTC | Small OCSP fixup Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org> | 16 April 2016, 10:57:09 UTC |
| f0e0fd5 | Rich Salz | 15 April 2016, 03:59:26 UTC | Make many X509_xxx types opaque. Make X509_OBJECT, X509_STORE_CTX, X509_STORE, X509_LOOKUP, and X509_LOOKUP_METHOD opaque. Remove unused X509_CERT_FILE_CTX Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Dr. Stephen Henson <steve@openssl.org> | 15 April 2016, 17:21:43 UTC |
| 34da11b | Richard Levitte | 15 April 2016, 07:17:13 UTC | Don't use a default for --with-zlib-lib on Windows with option 'zlib' To begin with, the default should have been the import library, not the DLL itself. However, we don't know what directory it's installed in either way, so we may as well demand the full path from the user Reviewed-by: Matt Caswell <matt@openssl.org> | 15 April 2016, 07:17:13 UTC |
| ef5b829 | Richard Levitte | 15 April 2016, 05:53:17 UTC | ex_libs settings have to be added to, not overriden, on Windows too Reviewed-by: Matt Caswell <matt@openssl.org> | 15 April 2016, 05:53:17 UTC |
| e951eca | Matt Caswell | 14 April 2016, 13:28:13 UTC | Update Travis and Appveyor for change to shared by default Update the Travis and Appveyor builds to explicitly state no-shared where applicable. Reviewed-by: Richard Levitte <levitte@openssl.org> | 14 April 2016, 21:23:12 UTC |
| ce94219 | Matt Caswell | 14 April 2016, 13:16:52 UTC | Make "shared" builds the default In most cases we expect that people will be using shared libraries not static ones, therefore we make that the default. Reviewed-by: Richard Levitte <levitte@openssl.org> | 14 April 2016, 21:23:12 UTC |
| 1ee7b8b | Matt Caswell | 14 April 2016, 20:28:54 UTC | Fix ex_data locks issue Travis identified a problem with freeing the ex_data locks which wasn't quite right in ff2344052. Trying to fix it identified a further problem: the ex_data locks are cleaned up by OPENSSL_cleanup(), which is called explicitly by CRYPTO_mem_leaks(), but then later the BIO passed to CRYPTO_mem_leaks() is freed. An attempt is then made to use the ex_data lock already freed. Reviewed-by: Tim Hudson <tjh@openssl.org> | 14 April 2016, 21:15:32 UTC |
| 6e08e9e | Jérôme Duval | 23 February 2016, 21:49:01 UTC | Add Haiku support. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> | 14 April 2016, 17:49:42 UTC |
| f2ead99 | Richard Levitte | 14 April 2016, 15:07:37 UTC | Fix installation on VMS for no-stdio and no-autoalginit Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> | 14 April 2016, 15:41:03 UTC |
| df65337 | Richard Levitte | 14 April 2016, 15:04:56 UTC | Fix installation for no-stdio and no-autoalginit Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> | 14 April 2016, 15:41:03 UTC |
| d90a6be | Matt Caswell | 14 April 2016, 12:44:15 UTC | Fix no-stdio and no-autoalginit no-stdio does not work with the apps. Since the tests also need the apps it doesn't support that either. Therefore we disable building of both. no-autoalginit is not compatible with the apps because it requires explicit loading of the algorithms, and the apps don't do that. Therefore we disable building the apps for this option. Similarly the tests depend on the apps so we also disable the tests. Finally the whole point about no-autoalginit is to avoid excessive executable sizes when doing static linking. Therefore we disable "shared" if this option is selected. Reviewed-by: Richard Levitte <levitte@openssl.org> | 14 April 2016, 15:41:03 UTC |
| c3a64b5 | Matt Caswell | 14 April 2016, 12:37:41 UTC | The err_cleanup() funtion is internal so shouldn't be exported Running a "make update" wanted to add err_cleanup to libcrypto.num which is wrong. Reviewed-by: Richard Levitte <levitte@openssl.org> | 14 April 2016, 12:50:36 UTC |
| cd1a88b | Rich Salz | 11 April 2016, 14:17:38 UTC | Write POD page. Reviewed-by: Richard Levitte <levitte@openssl.org> | 14 April 2016, 12:41:29 UTC |
| 4b6b848 | Lyon Chen | 11 April 2016, 14:08:00 UTC | Add SSL_SESSION_get0_hostname() Reviewed-by: Rich Salz <rsalz@openssl.org> | 14 April 2016, 12:41:29 UTC |
| ff23440 | Matt Caswell | 11 March 2016, 21:53:18 UTC | Ensure all locks are properly cleaned up Some locks were not being properly cleaned up during close down. Reviewed-by: Richard Levitte <levitte@openssl.org> | 14 April 2016, 12:19:04 UTC |
| 085b386 | Shlomi Fish | 13 April 2016, 20:43:07 UTC | Fix the spelling of "implement". Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> | 14 April 2016, 12:15:27 UTC |
| 627537d | Matt Caswell | 13 April 2016, 22:26:56 UTC | Fix AFALG kernel and headers mismatch problem During Configure we attempt to check the kernel version of this platform to see whether we can compile the AFALG engine. If the kernel version looks recent enough then we enable AFALG. However when we compile e_afalg.c we check the version of the linux headers. If there is a mismatch between the linux headers and the currently running kernel then we don't compile the AFLAG engine and continue. This was causing a link error. Reviewed-by: Richard Levitte <levitte@openssl.org> | 14 April 2016, 09:09:31 UTC |
| bdcd660 | Viktor Dukhovni | 14 April 2016, 03:14:43 UTC | Bugfix: in asn1parse avoid erroneous len after a sub-sequence Introduced in: commit 79c7f74d6cefd5d32fa20e69195ad3de834ce065 Author: Ben Laurie <ben@links.org> Date: Tue Mar 29 19:37:57 2016 +0100 Fix buffer overrun in ASN1_parse(). Problem input: https://tools.ietf.org/html/draft-ietf-curdle-pkix-eddsa-00#section-8.1 -----BEGIN PUBLIC KEY----- MC0wCAYDK2VkCgECAyEAGb9ECWmEzf6FQbrBZ9w7lshQhqowtrbLDFw4rXAxZuE= -----END PUBLIC KEY----- Previously: 0:d=0 hl=2 l= 45 cons: SEQUENCE 2:d=1 hl=2 l= 8 cons: SEQUENCE 4:d=2 hl=2 l= 3 prim: OBJECT :1.3.101.100 9:d=2 hl=2 l= 1 prim: ENUMERATED :02 Error in encoding 140735164989440:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:../openssl/crypto/asn1/asn1_lib.c:148: Now: 0:d=0 hl=2 l= 45 cons: SEQUENCE 2:d=1 hl=2 l= 8 cons: SEQUENCE 4:d=2 hl=2 l= 3 prim: OBJECT :1.3.101.100 9:d=2 hl=2 l= 1 prim: ENUMERATED :02 12:d=1 hl=2 l= 33 prim: BIT STRING 0000 - 00 19 bf 44 09 69 84 cd-fe 85 41 ba c1 67 dc 3b ...D.i....A..g.; 0010 - 96 c8 50 86 aa 30 b6 b6-cb 0c 5c 38 ad 70 31 66 ..P..0....\8.p1f 0020 - e1 . Reviewed-by: Richard Levitte <levitte@openssl.org> | 14 April 2016, 06:41:30 UTC |
| 5968d11 | Viktor Dukhovni | 14 April 2016, 03:41:55 UTC | Don't use deprecated CONF_modules_free() in tests Reviewed-by: Richard Levitte <levitte@openssl.org> | 14 April 2016, 04:34:11 UTC |
| a50ad1d | Matt Caswell | 13 April 2016, 20:26:24 UTC | make update Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 20:28:17 UTC |
| 4f4d13b | Matt Caswell | 13 April 2016, 20:05:50 UTC | Add a CHANGES entry for removal of Configure options Document removal of no-aes, no-hmac, no-rsa, no-sha and no-md5. Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 20:28:17 UTC |
| 0532881 | Matt Caswell | 13 April 2016, 20:01:28 UTC | Update INSTALL file based on feedback Update the config options documentation based on feedback. Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 20:28:17 UTC |
| ecabf05 | Matt Caswell | 13 April 2016, 14:04:01 UTC | Update the INSTALL instructions with lots of options There were a lot of options missing from INSTALL. This adds descriptions for them. Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 20:25:24 UTC |
| a39a879 | Matt Caswell | 13 April 2016, 10:31:51 UTC | Remove OPENSSL_NO_HMAC no-hmac is no longer an option so remove OPENSSL_NO_HMAC guards. Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 20:25:24 UTC |
| d064e6a | Matt Caswell | 13 April 2016, 10:31:00 UTC | Remove OPENSSL_NO_SHA guards no-sha is no longer an option so remove OPENSSL_NO_SHA guards. Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 20:25:24 UTC |
| 5158c76 | Matt Caswell | 13 April 2016, 10:28:45 UTC | Remove OPENSSL_NO_AES guards no-aes is no longer a Configure option and therefore the OPENSSL_NO_AES guards can be removed. Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 20:25:24 UTC |
| 7ec8de1 | Matt Caswell | 13 April 2016, 09:46:15 UTC | Remove no-aes, no-rsa, no-sha, no-md5 and no-hmac These algorithms are fundamental and extensively used. The "no-" options do not work either in 1.1.0 or in other released branches. Therefore the ability to disable them should be removed. Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 20:25:24 UTC |
| a48eaf7 | Rich Salz | 13 April 2016, 19:54:16 UTC | Need err_load_crypto_strings_int declared. Reviewed-by: Matt Caswell <matt@openssl.org> | 13 April 2016, 20:22:58 UTC |
| 37d0764 | Dr. Stephen Henson | 13 April 2016, 14:08:27 UTC | make update Reviewed-by: Matt Caswell <matt@openssl.org> | 13 April 2016, 14:08:27 UTC |
| a535fe1 | Dr. Stephen Henson | 13 April 2016, 11:11:59 UTC | Remove check_defer() The check_defer() function was used to ensure that EVP_cleanup() was always called before OBJ_cleanup(). The new cleanup code ensures this so it is no longer needed. Remove obj_cleanup() call in OID config module: it is not needed any more either. Reviewed-by: Matt Caswell <matt@openssl.org> | 13 April 2016, 14:05:07 UTC |
| 7e74eaa | Richard Levitte | 13 April 2016, 13:00:32 UTC | Rename internal symbol to follow internal naming pattern Reviewed-by: Matt Caswell <matt@openssl.org> | 13 April 2016, 13:23:47 UTC |
| 72d3bcd | Richard Levitte | 13 April 2016, 11:57:46 UTC | Cleanup libcrypto.num and make update Reviewed-by: Matt Caswell <matt@openssl.org> | 13 April 2016, 13:23:47 UTC |
| 13524b1 | Richard Levitte | 13 April 2016, 11:53:27 UTC | Move a declaration that's private to libcrypto Don't expose purely libcrypto internal symbols, even to libssl. Reviewed-by: Matt Caswell <matt@openssl.org> | 13 April 2016, 13:23:47 UTC |
| e0e5328 | Andy Polyakov | 11 April 2016, 22:09:47 UTC | PPC assebmly pack: initial POWER9 support tidbits. Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 10:09:46 UTC |
| b9077d8 | Andy Polyakov | 11 April 2016, 12:06:16 UTC | chacha/asm/chacha-armv8.pl: fix intermittent build failures. Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 10:07:31 UTC |
| 802d224 | Richard Levitte | 13 April 2016, 00:40:39 UTC | Don't use FORMAT_BASE64 format when compressing / decompressing When compressing, the output / input is a binary format, not a text format like BASE64. This is important on Windows, where a ^Z in a text file is seen as EOF, and there could be a ^Z somewhere in a compressed file, cutting it short as input. Reviewed-by: Matt Caswell <matt@openssl.org> | 13 April 2016, 09:36:46 UTC |
| da430a5 | Richard Levitte | 12 April 2016, 14:35:32 UTC | Fix the handling of --with-zlib-include The handling was Unix centric, already in Configure. Change that to just collect the value and let the build file templates figure out what to do with it. Reviewed-by: Matt Caswell <matt@openssl.org> | 13 April 2016, 09:36:46 UTC |
| 5a5c0b9 | Richard Levitte | 12 April 2016, 14:12:53 UTC | Remake the way dynamic zlib is loaded Instead of absolute hard coding of the libz library name, have it use the macro LIBZ, which is set to defaults we know in case it's undefined. This allows our configuration to set something that's sane on current or older platforms, and allows the user to override it by defining LIBZ themselves. Reviewed-by: Matt Caswell <matt@openssl.org> | 13 April 2016, 09:36:46 UTC |
| 0c9b153 | Richard Levitte | 12 April 2016, 14:03:02 UTC | Configuration: Simplify the way vms information is retrieved Reviewed-by: Matt Caswell <matt@openssl.org> | 13 April 2016, 09:36:46 UTC |
| 62890f4 | Richard Levitte | 12 April 2016, 13:28:06 UTC | Fix zlib configuration options. The macros ZLIB and ZLIB_SHARED weren't appropriately defined, deviating wrongly from how they worked in earlier OpenSSL versions. So, restore it so that ZLIB is defined if configured "enable-zlib" and so that ZLIB and ZLIB_SHARED are defined if configured "enable-zlib-dynamic". Additionally, correct the interpretation of the --with-zlib-lib value on Windows and VMS, where it's used to indicate the actual zlib zlib library file / logical name, as that can differ depending on zlib version and packaging on those platforms. Finally for Windows and VMS, we also define the macro LIBZ with that file name / logical name when configured "zlib-dynamic", so the compression unit can pick it up and use it. Reviewed-by: Matt Caswell <matt@openssl.org> | 13 April 2016, 09:36:46 UTC |
| 36d70ed | Matt Caswell | 12 April 2016, 07:53:31 UTC | Fix no-tls1_1 and no-tls1_2 The above config options were failing in test_ssl_old. Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 08:03:56 UTC |
| b3599db | Matt Caswell | 12 April 2016, 11:20:16 UTC | Rename int_*() functions to *_int() There is a preference for suffixes to indicate that a function is internal rather than prefixes. Note: the suffix is only required to disambiguate internal functions and public symbols with the same name (but different case) Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:59:03 UTC |
| 974eeb9 | Matt Caswell | 12 April 2016, 10:49:40 UTC | Tweak to documentation Tweak to documentation following feedback Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:59:03 UTC |
| 1d5099d | Matt Caswell | 06 April 2016, 10:13:25 UTC | Misc fix ups to deprecate explicit de-init documentation Documentation fix ups as a result of feedback received. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:59:03 UTC |
| 6457615 | Matt Caswell | 06 April 2016, 10:12:12 UTC | Fix explicit de-init macros The no-op de-init macros may fail because of extraneous ";", so we use a slightly different construct instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:59:03 UTC |
| 20c5635 | Matt Caswell | 06 April 2016, 09:50:05 UTC | Fix symbols missing from shared build libssl needs to have access to some internal libcrypto symbols. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:58:59 UTC |
| 342c21c | Matt Caswell | 06 April 2016, 09:39:00 UTC | Rename lots of *_intern or *_internal function to int_* There was a lot of naming inconsistency, so we try and standardise on one form. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:52:34 UTC |
| 5eb8f71 | Matt Caswell | 04 April 2016, 16:12:58 UTC | Add a CHANGES entry for the deprecated cleanup functions Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:52:34 UTC |
| e6216fe | Matt Caswell | 04 April 2016, 16:05:21 UTC | make update Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:52:33 UTC |
| cbf6959 | Matt Caswell | 04 April 2016, 16:00:04 UTC | Deprecate CONF_modules_free() and make it a no-op CONF_modules_free() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:52:33 UTC |
| 6d4fb1d | Matt Caswell | 04 April 2016, 15:12:39 UTC | Deprecate ENGINE_cleanup() and make it a no-op ENGINE_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:52:33 UTC |
| 7b8cc9b | Matt Caswell | 04 April 2016, 14:49:21 UTC | Deprecate OBJ_cleanup() and make it a no-op OBJ_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:52:33 UTC |
| 22c84af | Matt Caswell | 04 April 2016, 14:28:58 UTC | Deprecate EVP_cleanup() and make it a no-op EVP_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:52:33 UTC |
| 62d876a | Matt Caswell | 04 April 2016, 13:53:37 UTC | Deprecate BIO_sock_cleanup() and make it a no-op BIO_sock_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:52:33 UTC |
| a5e3ac1 | Matt Caswell | 04 April 2016, 13:38:45 UTC | Deprecate CRYPTO_cleanup_all_ex_data() and make it a no-op CRYPTO_cleanup_all_ex_data() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:52:33 UTC |
| f3cd81d | Matt Caswell | 06 April 2016, 10:19:55 UTC | Deprecate RAND_cleanup() and make it a no-op RAND_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:52:33 UTC |
| b22234d | Matt Caswell | 06 April 2016, 10:17:44 UTC | Fix conditional compile logic in speed.c The conditional compile logic wasn't quite right in speed.c for when both OPENSSL_NO_DSA and OPENSSL_NO_EC are defined. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:52:33 UTC |
| 03b0e73 | Matt Caswell | 04 April 2016, 12:53:35 UTC | Deprecate SSL_COMP_free_compression_methods() and make it a no-op SSL_COMP_free_compression_methods() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:52:33 UTC |
| 6827cb3 | Matt Caswell | 04 April 2016, 12:43:58 UTC | Deprecate ERR_free_strings() and make it a no-op ERR_free_strings() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:52:33 UTC |
| 02a247e | Matt Caswell | 04 April 2016, 16:19:06 UTC | Deprecate COMP_zlib_cleanup() and make it a no-op COMP_zlib_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> | 13 April 2016, 07:52:33 UTC |
| 01d358a | Dr. Stephen Henson | 23 March 2016, 00:07:52 UTC | X509_PUBKEY docs Reviewed-by: Viktor Dukhovni <viktor@openssl.org> | 13 April 2016, 01:18:30 UTC |
| 7a82f77 | Richard Levitte | 13 April 2016, 00:43:45 UTC | Fix setting of debug callback in apps/enc.c Setting the debug callback on the in and out BIOs were done too early. No debug callback was set on the zlib filter BIO. Reviewed-by: Tim Hudson <tjh@openssl.org> | 13 April 2016, 00:43:45 UTC |
| 9d5ac95 | Kazuki Yamaguchi | 10 April 2016, 04:18:50 UTC | Add SSL_CTX_get_ciphers() Add an accessor for SSL_CTX. Since libssl was made opaque, there is no way for users to access the cipher_list, while users can set the cipher_list by SSL_CTX_set_cipher_list(). Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> | 11 April 2016, 13:59:04 UTC |
| 3012e65 | Matt Caswell | 11 April 2016, 12:59:31 UTC | Fix the no-posix-io option Fix a compile failure with no-posix-io Reviewed-by: Tim Hudson <tjh@openssl.org> | 11 April 2016, 13:33:44 UTC |
| f8c3f2b | Matt Caswell | 11 April 2016, 12:46:11 UTC | Remove an unused function The function pqueue_print is not exported and is never called. Therefore we should delete it. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> | 11 April 2016, 13:31:26 UTC |
| 2af22b7 | Matt Caswell | 11 April 2016, 12:39:45 UTC | Fix the no-tls option The no-tls option was failing in the tests. This fixes it. Reviewed-by: Richard Levitte <levitte@openssl.org> | 11 April 2016, 13:29:02 UTC |
| 1595ca0 | Matt Caswell | 11 April 2016, 10:41:19 UTC | Fix the no-nextprotoneg option Misc fixes to get no-nextprotoneg config option working again. Reviewed-by: Rich Salz <rsalz@openssl.org> | 11 April 2016, 13:22:43 UTC |
| 2d897ae | Richard Levitte | 08 April 2016, 18:15:15 UTC | BIO: respect opening in text mode When a file is opened with BIO_new_file(), make sure that the internal mode TEXT vs BINARY setting reflects what's given in the mode string. Reviewed-by: Andy Polyakov <appro@openssl.org> | 11 April 2016, 12:57:34 UTC |
| cdbf577 | Emilia Kasper | 08 April 2016, 16:55:28 UTC | Disable some sanitizer checks without PEDANTIC Code without PEDANTIC has intentional "undefined" behaviour. To get best coverage for both PEDANTIC and non-PEDANTIC codepaths, run the sanitizer builds in two different configurations: 1) Without PEDANTIC but with alignment checks disabled. 2) With PEDANTIC. To not overload Travis too much, run one build with clang and the other with gcc (chosen at random). Also remove a micro-optimization in CAST code to be able to -fsanitize=shift. Whether shift sanitization is meaningful for crypto or an obstacle is debatable but since this appears to be the only offender, we might as well keep the check for now. Reviewed-by: Richard Levitte <levitte@openssl.org> | 09 April 2016, 23:50:45 UTC |
| 50eadf2 | Emilia Kasper | 08 April 2016, 14:19:00 UTC | Fix warnings exposed by clang-3.8 Reviewed-by: Richard Levitte <levitte@openssl.org> | 09 April 2016, 23:50:32 UTC |
| b591470 | Emilia Kasper | 05 April 2016, 13:11:02 UTC | Adjust --strict-warnings builds in Travis In Travis, do --strict-warnings on BUILDONLY configurations. This ensures that the tests run even if --strict-warnings fail, and avoids hiding unrelated test failures. Reviewed-by: Richard Levitte <levitte@openssl.org> | 09 April 2016, 23:50:16 UTC |
| 578a000 | Richard Levitte | 09 April 2016, 09:15:16 UTC | Don't check the generated ssl-tests configs on VMS The simple reason is that the pre-generated files are mainly for Unix. The VMS variants look slightly different, so comparing will always fail. Reviewed-by: Emilia Käsper <emilia@openssl.org> | 09 April 2016, 19:44:35 UTC |
| 842a206 | Richard Levitte | 09 April 2016, 09:13:00 UTC | VMS doesn't have directory separators in the same sense as Unix Don't add / in file specs on VMS. The directory "separator" is part of the directory spec. Reviewed-by: Emilia Käsper <emilia@openssl.org> | 09 April 2016, 19:44:35 UTC |
| a6eef4c | Beat Bolli | 07 April 2016, 21:32:59 UTC | RSA: the docs still talk about RSA_PKCS1_SSLeay Rename the function to RSA_PKCS1_OpenSSL. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> | 09 April 2016, 11:50:12 UTC |
| 6a47c39 | Matt Caswell | 07 April 2016, 14:47:28 UTC | Add CHANGES entry for DH and DH_METHOD opacity Reviewed-by: Richard Levitte <levitte@openssl.org> | 09 April 2016, 09:10:55 UTC |
| 0263b99 | Matt Caswell | 07 April 2016, 14:24:23 UTC | Add documentation for following DH and DH_METHOD opacity A number of new functions have been added following the DH and DH_METHOD opacity commits. This commit provides documentation for those functions. Reviewed-by: Richard Levitte <levitte@openssl.org> | 09 April 2016, 09:10:55 UTC |
| 998f2cb | Matt Caswell | 07 April 2016, 13:08:52 UTC | Fix double free bug in error path Reviewed-by: Richard Levitte <levitte@openssl.org> | 09 April 2016, 09:10:55 UTC |
| cf430d0 | Matt Caswell | 07 April 2016, 12:48:03 UTC | make update Reviewed-by: Richard Levitte <levitte@openssl.org> | 09 April 2016, 09:10:55 UTC |
| 17e01ab | Matt Caswell | 07 April 2016, 12:47:20 UTC | Make DH_METHOD opaque Move the dh_method structure into an internal header file and provide relevant accessors for the internal fields. Reviewed-by: Richard Levitte <levitte@openssl.org> | 09 April 2016, 09:10:55 UTC |
| 32bf92f | Matt Caswell | 06 April 2016, 16:50:22 UTC | make update Reviewed-by: Richard Levitte <levitte@openssl.org> | 09 April 2016, 09:10:55 UTC |
| 0aeddcf | Matt Caswell | 06 April 2016, 16:49:48 UTC | Make DH opaque Move the dh_st structure into an internal header file and provide relevant accessors for the internal fields. Reviewed-by: Richard Levitte <levitte@openssl.org> | 09 April 2016, 09:10:55 UTC |
| b9aec69 | Rich Salz | 08 April 2016, 13:10:06 UTC | Add SSL_DANE typedef for consistency. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> | 08 April 2016, 13:30:23 UTC |
| 506e28b | Rich Salz | 08 April 2016, 12:02:41 UTC | Add OCSP to mkdef Reviewed-by: Richard Levitte <levitte@openssl.org> | 08 April 2016, 12:02:41 UTC |
| 20b88bb | Andy Polyakov | 31 March 2016, 16:47:17 UTC | PPC assembly pack: remove branch hints. As it turns out branch hints grew as kind of a misconception. In addition their interpretation by GNU assembler is affected by assembler flags and can end up with opposite meaning on different processors. As we have to loose quite a lot on misinterprerations, especially on newer processors, we just omit them altogether. Reviewed-by: Tim Hudson <tjh@openssl.org> | 07 April 2016, 19:27:24 UTC |
| 463a7b8 | Andy Polyakov | 06 April 2016, 10:47:35 UTC | Clean-up *_DEBUG options. Since NDEBUG is defined unconditionally on command line for release builds, we can omit *_DEBUG options in favour of effective "all-on" in debug builds exercised though CI. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org> | 07 April 2016, 19:18:00 UTC |
| c32cbe9 | Andy Polyakov | 06 April 2016, 15:33:03 UTC | Configurations/10-main.conf: omit now redundant -D_WINDLL. ... and refine /MT vs. /MD flag handling. Reviewed-by: Richard Levitte <levitte@openssl.org> | 07 April 2016, 19:13:02 UTC |
