Dr. Stephen Henson
68c12bfc66
Add X509_get0_serialNumber() and constify OCSP_cert_to_id()
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-19 12:47:31 +01:00
Dr. Stephen Henson
11222483d7
constify X509_REQ_get0_signature()
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-19 12:47:31 +01:00
Dr. Stephen Henson
60c2587369
constify i2o_ECPublicKey
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-19 12:44:18 +01:00
Benjamin Kaduk
a9c27fe19f
Sort %disabled in Configure
...
@disablables is sorted, but these were just added at the end of
%disabled in commits c2e27310
and 22e3dcb7
.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-19 10:51:21 +01:00
Viktor Dukhovni
bc87fb6bcd
Fix missing dane_tlsa_rrdata option error message
...
The error message said "dane_tlsa_rrset" instead of "dane_tlsa_rrdata".
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-18 17:04:45 -04:00
Dr. Stephen Henson
095d2f0f8a
Constify i2a*
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-18 17:20:36 +01:00
Richard Levitte
a3a0b41057
Simplify indentation of DECLARE_ and IMPLEMENT_ lines
...
There's no reason we should enumerate every type of IMPLEMENT_ and
DECLARE_ line (and forget the ones we add a little now and then).
They all start with the same first word, let's just take'm all.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-18 14:40:37 +02:00
Emilia Kasper
a230b26e09
Indent ssl/
...
Run util/openssl-format-source on ssl/
Some comments and hand-formatted tables were fixed up
manually by disabling auto-formatting.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-18 14:02:29 +02:00
Matt Caswell
604f6eff31
Convert X509_REVOKED* functions to use const getters
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-08-18 11:59:39 +01:00
Emilia Kasper
dd8e5a5732
Test that the peers send at most one fatal alert
...
Duplicate alerts have happened, see
70c22888c1
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-18 12:49:32 +02:00
Emilia Kasper
6dc9974547
Port multi-buffer tests
...
Make maximum fragment length configurable and add various fragmentation
tests, in addition to the existing multi-buffer tests.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-18 12:46:00 +02:00
Rich Salz
9d8c2dfe14
Fix some doc nits.
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-17 19:41:47 -04:00
Richard Levitte
8d00e30f96
Don't try to init dasync internally
...
Since dasync isn't installed, and is only ever used as a dynamic
engine, there's no reason to consider it for initialization when
building static engines.
Reviewed-by: Ben Laurie <ben@openssl.org>
2016-08-17 21:34:42 +02:00
Dr. Stephen Henson
67a014bfda
make update
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-17 17:48:44 +01:00
Dr. Stephen Henson
59b4da05b4
Constify X509_SIG.
...
Constify X509_SIG_get0() and order arguments to mactch new standard.
Add X509_SIG_get0_mutable() to support modification or initialisation
of an X509_SIG structure.
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-17 17:48:43 +01:00
FdaSilvaYY
d6073e27eb
Small nits and cleanups
...
using util/openssl-format-source on s_derver, s_client, ca.c, speed.c only...
Fix/merge some #ifndef
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-17 17:09:19 +01:00
FdaSilvaYY
cc69629626
Constify char* input parameters in apps code
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-17 17:09:19 +01:00
FdaSilvaYY
e7917e38be
Simplify and add help about OPT_PVK* options
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-17 17:09:19 +01:00
FdaSilvaYY
cfd451d47f
Improve error message
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-17 17:09:19 +01:00
FdaSilvaYY
54463e4f33
Relocalise some globals variables
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-17 17:09:19 +01:00
Dr. Stephen Henson
2e5ead831b
Constify ssl_cert_type()
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17 15:49:44 +01:00
Dr. Stephen Henson
5ebd2fcbc7
Constify X509_certificate_type()
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17 14:59:54 +01:00
Dr. Stephen Henson
8adc1cb851
Constify X509_get0_signature()
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17 14:12:55 +01:00
Dr. Stephen Henson
8900f3e398
Convert X509* functions to use const getters
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17 13:59:04 +01:00
Matt Caswell
5e6089f0eb
Convert X509_CRL* functions to use const getters
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-08-17 13:38:03 +01:00
Matt Caswell
6eabcc839f
Make X509_NAME_get0_der() conform to OpenSSL style
...
Put the main object first in the params list.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-08-17 13:03:04 +01:00
Dr. Stephen Henson
a0754084f8
Corrupt signature in place.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17 12:34:22 +01:00
Matt Caswell
79613ea844
Convert OCSP* functions to use const getters
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-08-17 12:29:03 +01:00
Dr. Stephen Henson
245c6bc33b
Constify private key decode.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17 12:01:29 +01:00
Dr. Stephen Henson
ac4e257747
constify X509_ALGOR_get0()
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17 12:01:29 +01:00
Dr. Stephen Henson
0c8006480f
Constify ASN1_item_unpack().
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17 12:01:29 +01:00
Remi Gacogne
fddfc0afc8
Add missing session id and tlsext_status accessors
...
* SSL_SESSION_set1_id()
* SSL_SESSION_get0_id_context()
* SSL_CTX_get_tlsext_status_cb()
* SSL_CTX_get_tlsext_status_arg()
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-17 10:38:20 +01:00
Richard Levitte
46117d31fe
dasync is an internal testing engine, so don't install it
...
Unfortunately, it means that the VMS IVP gets a bit crippled. This
will be fixed later on.
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-17 10:50:31 +02:00
Richard Levitte
2238119751
VMS: no ENDIF on one line IF statements, in config.com
...
Correct small error from last config.com change
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-17 10:48:43 +02:00
Matt Caswell
48593cb12a
Convert SSL_SESSION* functions to use const getters
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-08-16 23:36:28 +01:00
Matt Caswell
b2e57e094d
Convert PKCS8* functions to use const getters
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-08-16 23:36:27 +01:00
Matt Caswell
bb2f62baba
Convert TS_STATUS_INFO* functions to use const getters
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-08-16 23:36:27 +01:00
FdaSilvaYY
69b86d4b98
two typo fixes
...
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1461 )
2016-08-16 15:51:58 -04:00
Gergely Nagy
1bb7310bf8
Fix compilation when using MASM on x86
...
The generated asm code from x86cpuid.pl contains CMOVE instructions
which are only available on i686 and later CPUs.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1459 )
2016-08-16 14:46:55 -04:00
Matt Caswell
2ecb9f2d18
Provide compat macros for SSL_CTX_set_ecdh_auto() and SSL_set_ecdh_auto()
...
These functions are no longer relevant to 1.1.0 (we always have auto ecdh
on) - but no reason to break old code that tries to call it. The macros will
only return a dummy "success" result if the app was trying to enable ecdh.
Disabling can't be done in quite this way any more.
Fixes Github Issue #1437
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-08-16 17:11:43 +01:00
Matt Caswell
f9cf774cbd
Ensure we unpad in constant time for read pipelining
...
The read pipelining code broke constant time unpadding. See GitHub
issue #1438
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 16:53:17 +01:00
Dr. Stephen Henson
0f022f5a22
Corrupt signature earlier.
...
If -badsig is selected corrupt the signature before printing out
any details so the output reflects the modified signature.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 16:05:36 +01:00
Dr. Stephen Henson
34d4d74575
make update
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 16:05:36 +01:00
Dr. Stephen Henson
17ebf85abd
Add ASN1_STRING_get0_data(), deprecate ASN1_STRING_data().
...
Deprecate the function ASN1_STRING_data() and replace with a new function
ASN1_STRING_get0_data() which returns a constant pointer. Update library
to use new function.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 16:05:35 +01:00
Richard Levitte
1940aa6e6b
Remove duplicate ordinals
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 14:16:53 +02:00
Andy Polyakov
05ef4d1980
ARMv8 assembly pack: add Samsung Mongoose results.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-16 12:47:49 +02:00
Andy Polyakov
9d46752dfe
Configure: recognize -static as link option and disable incompatible options.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 12:45:51 +02:00
Andy Polyakov
f4941736a9
test/ssl_test.tmpl: make it work with elderly perl.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 12:43:44 +02:00
David Woodhouse
31c34a3e2f
Fix satsub64be() to unconditionally use 64-bit integers
...
Now we support (u)int64_t this can be very much simpler.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-16 10:24:57 +01:00
Emilia Kasper
e0421bd8b2
SSL tests: send some application data
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 11:00:15 +02:00