openssl - openssl

	Commit message (Collapse)	Author	Age	Files	Lines
*	Update copyright year	Matt Caswell	2021-04-08	3	-3/+3
\| \| \| \| \|	Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14801)
*	Add ossl_v3 symbols	Shane Lontis	2021-03-18	2	-2/+2
\| \| \| \| \| \| \|	Partial fix for #12964 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
*	misc: other init function param additions	Pauli	2021-03-11	1	-1/+1
\| \| \| \| \|	Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14383)
*	Update copyright year	Matt Caswell	2021-03-11	1	-1/+1
\| \| \| \| \|	Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512)
*	Reword repeated words.	Shane Lontis	2021-03-09	1	-1/+1
\| \| \| \| \| \| \| \| \| \|	A trivial PR to remove some commonly repeated words. It looks like this is not the first PR to do this. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14420)
*	Update copyright year	Matt Caswell	2021-02-18	1	-1/+1
\| \| \| \| \|	Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
*	Use ERR_R__LIB instead of ERR_LIB_ as reason code for sub-libraries	Richard Levitte	2021-02-12	1	-1/+1
\| \| \| \| \| \| \| \| \|	Using ERR_LIB_* causes the error output to say 'reason(n)' instead of the name of the sub-library in question. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14152)
*	Update copyright year	Richard Levitte	2021-01-28	1	-1/+1
\| \| \| \| \|	Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13999)
*	X509v3_get_ext_by_NID.pod: Add warning on counter-intuitive behavior of ↵	Dr. David von Oheimb	2021-01-20	1	-4/+1
\| \| \| \| \| \| \| \| \|	X509v3_delete_ext() etc. Also simplify two uses of these functions. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13711)
*	ERR: Rebuild all generated error headers and source files	Richard Levitte	2020-11-24	1	-6/+12
\| \| \| \| \| \| \|	This is the result of 'make errors ERROR_REBUILD=-rebuild' Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13390)
*	Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call	Richard Levitte	2020-11-13	7	-62/+62
\| \| \| \| \| \| \| \| \| \|	This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318)
*	Rename OPENSSL_CTX prefix to OSSL_LIB_CTX	Dr. Matthias St. Pierre	2020-10-15	5	-10/+10
\| \| \| \| \| \| \| \| \| \| \| \|	Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
*	Run the withlibctx.pl script	Matt Caswell	2020-10-01	4	-19/+17
\| \| \| \| \| \| \| \|	Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12970)
*	Fix safestack issues in ct.h	Matt Caswell	2020-09-13	5	-10/+0
\| \| \| \| \| \|	Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12781)
*	Add EVP signature with libctx methods.	Shane Lontis	2020-08-09	1	-2/+3
\| \| \| \| \| \| \| \| \|	-Added EVP_SignFinal_with_libctx() and EVP_VerifyFinal_with_libctx() -Renamed EVP_DigestSignInit_ex() and EVP_DigestVerifyInit_with_libctx() to EVP_DigestSignInit_with_libctx() and EVP_DigestVerifyInit_with_libctx() Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11884)
*	Update copyright year	Matt Caswell	2020-05-15	3	-3/+3
\| \| \| \| \|	Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11839)
*	coverity 1462541 Dereference after null check	Pauli	2020-04-30	1	-1/+3
\| \| \| \| \|	Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11651)
*	coverity 1462550 Resource leak	Pauli	2020-04-30	1	-0/+1
\| \| \| \| \|	Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11651)
*	In OpenSSL builds, declare STACK for datatypes ...	Rich Salz	2020-04-24	5	-0/+10
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	... and only define them in the source files that need them. Use DEFINE_OR_DECLARE which is set appropriately for internal builds and not non-deprecated builds. Deprecate stack-of-block Better documentation Move some ASN1 struct typedefs to types.h Update ParseC to handle this. Most of all, ParseC needed to be more consistent. The handlers are "recursive", in so far that they are called again and again until they terminate, which depends entirely on what the "massager" returns. There's a comment at the beginning of ParseC that explains how that works. {Richard Levtte} Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10669)
*	Update copyright year	Matt Caswell	2020-04-23	7	-7/+7
\| \| \| \| \|	Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
*	Make the CT code library context aware	Matt Caswell	2020-04-09	7	-30/+124
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Add the new functions CTLOG_STORE_new_with_libctx(), CTLOG_new_with_libctx() and CTLOG_new_from_base64_with_libctx() to pass in the library context/property query string to use a library context is to be used. We also add the function CT_POLICY_EVAL_CTX_new_with_libctx() to enable the creation of a CT_POLICY_EVAL_CTX to be associated with a libctx and property query string. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11483)
*	Deprecate the low level SHA functions.	Pauli	2020-01-19	1	-2/+2
\| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10791)
*	Replace BUF_ string function calls with OPENSSL_ ones	Rich Salz	2019-10-17	1	-3/+3
\| \| \| \| \| \| \| \|	Deprecate the BUF_ string macros Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10207)
*	Reorganize local header files	Dr. Matthias St. Pierre	2019-09-28	9	-8/+8
\| \| \| \| \| \| \| \| \| \| \| \| \|	Apart from public and internal header files, there is a third type called local header files, which are located next to source files in the source directory. Currently, they have different suffixes like '_lcl.h', '_local.h', or '_int.h' This commit changes the different suffixes to '_local.h' uniformly. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
*	util/mkerr.pl: make it not depend on the function code	Richard Levitte	2019-09-12	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The output C code was made to use ERR_func_error_string() to see if a string table was already loaded or not. Since this function returns NULL always, this check became useless. Change it to use ERR_reason_error_string() instead, as there's no reason to believe we will get rid of reason strings, ever. To top it off, we rebuild all affected C sources. Fixes #9756 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9756)
*	Regenerate mkerr files	Rich Salz	2019-07-16	1	-43/+2
\| \| \| \| \| \|	Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9058)
*	Following the license change, modify the boilerplates in crypto/ct/	Richard Levitte	2018-12-06	11	-11/+11
\| \| \| \| \| \| \|	[skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7786)
*	Use secure_getenv(3) when available.	Pauli	2018-09-24	1	-1/+1
\| \| \| \| \| \| \| \| \| \| \| \| \|	Change all calls to getenv() inside libcrypto to use a new wrapper function that use secure_getenv() if available and an issetugid then getenv if not. CPU processor override flags are unchanged. Extra checks for OPENSSL_issetugid() have been removed in favour of the safe getenv. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/7047)
*	Add -Wstrict-prototypes option to --strict-warnings	Bernd Edlinger	2018-06-21	1	-1/+1
\| \| \| \| \| \| \| \|	[extended tests] Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6542)
*	Update copyright year	Matt Caswell	2018-05-29	1	-1/+1
\| \| \| \| \|	Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6371)
*	Use void in all function definitions that do not take any arguments	Kurt Roeckx	2018-05-11	1	-1/+1
\| \| \| \| \|	Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #6208
*	Null pointer used.	Pauli	2017-09-17	1	-1/+1
\| \| \| \| \| \| \|	Address coverity report of null pointer being dereferenced. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4381)
*	Add checks for alloc failing.	Rich Salz	2017-09-06	1	-0/+2
\| \| \| \| \|	Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4341)
*	Fix memory leaks in CTLOG_new_from_base64	Benjamin Kaduk	2017-06-09	1	-4/+8
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Move the call to ct_base64_decode(), which allocates, until after the check for NULL output parameter. Also place a cap on the number of padding characters used to decrement the output length -- any more than two '='s is not permitted in a well-formed base64 text. Prior to this change, ct_base64_decode() would return a length of -1 along with allocated storage for an input of "====". Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3379)
*	make error tables const and separate header file	Rich Salz	2017-06-07	1	-58/+67
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Run perltidy on util/mkerr Change some mkerr flags, write some doc comments Make generated tables "const" when genearting lib-internal ones. Add "state" file for mkerr Renerate error tables and headers Rationalize declaration of ERR_load_XXX_strings Fix out-of-tree build Add -static; sort flags/vars for options. Also tweak code output Moved engines/afalg to engines (from master) Use -static flag Standard engine #include's of errors Don't linewrap err string tables unless necessary Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3392)
*	Newlines!	Alex Gaynor	2017-05-22	1	-0/+4
\| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3149)
*	Style fixes and use the source parameter so the OCSP path works	Alex Gaynor	2017-05-22	1	-5/+7
\| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3149)
*	This is an int	Alex Gaynor	2017-05-22	1	-1/+1
\| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3149)
*	Don't use a for-loop decleration	Alex Gaynor	2017-05-22	1	-1/+2
\| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3149)
*	Fixed #3020 -- set entry type on SCTs from X.509 and OCSP extensions	Alex Gaynor	2017-05-22	1	-2/+39
\| \| \| \| \|	Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3149)
*	Fix faulty free	Richard Levitte	2017-01-29	1	-6/+6
\| \| \| \| \| \| \| \| \| \| \| \|	On error, i2o_SCT_signature() and i2o_SCT() free a pointer that may have wandered off from the start of the allocated block (not currently true for i2o_SCT_signature(), but has that potential as the code may change. To avoid this, save away the start of the allocated block and free that instead. Thanks to Guido Vranken for reporting this issue. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2323)
*	Move SCT_LIST_free definition into a more logical place	Rob Percival	2016-11-16	2	-5/+5
\| \| \| \| \| \| \|	This reflects its position in include/openssl/ct.h. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1548)
*	Pass a temporary pointer to o2i_SCT_signature from SCT_new_from_base64	Rob Percival	2016-11-16	1	-1/+4
\| \| \| \| \| \| \| \|	Otherwise, \|dec\| gets moved past the end of the signature by o2i_SCT_signature and then can't be correctly freed afterwards. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1548)
*	Subtract padding from outlen in ct_base64_decode	Rob Percival	2016-11-16	1	-0/+5
\| \| \| \| \|	Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1548)
*	Convert C++ comments to C-style comments	Rob Percival	2016-11-15	1	-5/+7
\| \| \| \| \|	Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1554)
*	Cast time_t to uint64_t before converting to milliseconds in ct_policy.c	Rob Percival	2016-11-15	1	-1/+3
\| \| \| \| \|	Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1554)
*	By default, allow SCT timestamps to be up to 5 minutes in the future	Rob Percival	2016-11-15	1	-1/+7
\| \| \| \| \| \| \| \|	As requested in https://github.com/openssl/openssl/pull/1554#issuecomment-246371575. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1554)
*	Don't check for time() failing in CT_POLICY_EVAL_CTX_new	Rob Percival	2016-11-15	1	-6/+2
\| \| \| \| \| \| \|	See https://github.com/openssl/openssl/pull/1554#issuecomment-246354677. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1554)
*	Default CT_POLICY_EVAL_CTX.epoch_time_in_ms to time()	Rob Percival	2016-11-15	1	-0/+7
\| \| \| \| \|	Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1554)
*	Reword documentation for {SCT_CTX/CT_POLICY_EVAL_CTX}_set_time	Rob Percival	2016-11-15	1	-4/+5
\| \| \| \| \| \| \| \| \|	Do not call the time "current", as a different time can be provided. For example, a time slightly in the future, to provide tolerance for CT logs with a clock that is running fast. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1554)