mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-21 06:09:35 +08:00
Code Issues Packages Projects Releases Wiki Activity
31,015 Commits 34 Branches 385 Tags 517 MiB
c0b7dac66e
Commit Graph

31015 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dr. David von Oheimb
c30bc4e209 check-format.pl: Fix report on space before ';' and allow it after ')' 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17434)
 2022-01-09 13:19:52 +11:00
Dr. David von Oheimb
d45c0e1a5e check-format.pl: Fix report on missing space before +/-: allow, e.g., '1e-6' 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17434)
 2022-01-09 13:19:52 +11:00
Dr. David von Oheimb
15ae69fa7b check-format.pl: Fix report on constant on LHS of comparison/assignment 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17434)
 2022-01-09 13:19:52 +11:00
Dr. David von Oheimb
d8662f2f87 check_format.pl: Add checks for blank lines within/after local decls 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17434)
 2022-01-09 13:19:52 +11:00
yangyangtiantianlonglong
e1c122711e Delete unused param about get_construct_message_f 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17385)
 2022-01-09 13:16:48 +11:00
Bernd Edlinger
21095479c0 Add a test case for the short password 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17441)
 2022-01-08 13:02:05 +01:00
Kan
81b741f689 Update alert to common protocol 
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/17161)
 2022-01-08 10:18:26 +01:00
Dr. David von Oheimb
8cdb993d8b apps.c: fix various coding style nits found by check-format.pl 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17435)
 2022-01-08 10:17:16 +01:00
Peiwei Hu
10481d3384 Fix: some patches related to error exiting 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17417)
 2022-01-07 21:11:37 +11:00
Peiwei Hu
22778abad9 providers/implementations/keymgmt/rsa_kmgmt.c: refactor gen_init 
There is risk to pass the gctx with NULL value to rsa_gen_set_params
which dereference gctx directly.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17429)
 2022-01-07 21:08:13 +11:00
Dr. David von Oheimb
6e98b7f153 v2i_AUTHORITY_KEYID(): Improve error reporting on parsing config values/options 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16345)
 2022-01-07 10:45:49 +01:00
Dr. David von Oheimb
fd989c734d apps/cmp.c: fix coding style nits reported by check-format.pl 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17363)
 2022-01-07 10:42:44 +01:00
Dr. David von Oheimb
9944df112f asn1/x_algor.c: add internal ossl_X509_ALGOR_from_nid() simplifying code 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17363)
 2022-01-07 10:42:44 +01:00
Dr. David von Oheimb
6e2499474c APPS load_key_certs_crls(): Make file access errors much more readable 
This reverts part of commit ef0449135c using a less invasive suppression.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16452)
 2022-01-07 10:41:21 +01:00
Dr. David von Oheimb
7c64ca71c2 OSSL_STORE_open_ex(): Prevent spurious error: unregistered scheme=file 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16452)
 2022-01-07 10:40:44 +01:00
Tomas Mraz
d4d8f163db Test importing EC key parameters with a bad curve 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17411)
 2022-01-07 09:51:04 +01:00
Tomas Mraz
5b03b89f7f EVP_PKEY_fromdata(): Do not return newly allocated pkey on failure 
Fixes #17407

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17411)
 2022-01-07 09:51:04 +01:00
xkernel
7b1264baab fix the return check of EVP_PKEY_CTX_ctrl() in 5 spots 
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17413)
 2022-01-07 09:49:08 +01:00
xkernel
949e4f79d2 properly free the resource from EVP_MD_CTX_new() at ssl3_record.c:1413 
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17415)
 2022-01-07 09:47:59 +01:00
xkernel
1b87116a0c properly free the resource from CRYPTO_malloc 
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17412)
 2022-01-06 12:01:10 +01:00
Bernd Edlinger
fd84b9c3e9 Fix copyright year issues 
Fixes: #13765

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17427)
 2022-01-06 09:27:02 +01:00
Dr. David von Oheimb
da198adb9c OSSL_STORE: Prevent spurious error during loading private keys 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15283)
 2022-01-06 09:12:57 +01:00
Dimitris Apostolou
e304aa87b3 Fix typos 
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17392)
 2022-01-05 12:37:20 +01:00
Dmitry Belyavskiy
e66c41725f Run TLSfuzzer tests for CI 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17340)
 2022-01-05 11:24:51 +01:00
Dmitry Belyavskiy
db87f89b73 TLS Fuzzer: initial test infrastructure 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17340)
 2022-01-05 11:24:51 +01:00
Dmitry Belyavskiy
cccbb4fa60 TLSfuzzer: submodules 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17340)
 2022-01-05 11:24:51 +01:00
x2018
0da3b39af3 check the return value of OSSL_PARAM_BLD_new in dsa_kmgmt.c:195 
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17155)
 2022-01-05 10:17:26 +01:00
zhaozg
8582dccc4d sm2: fix {i2d,d2i}_PublicKey EC_KEY is EVP_PKEY_SM2 
CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17389)
 2022-01-05 10:07:48 +01:00
Peiwei Hu
ea4d16bc60 apps/passwd.c: free before error exiting 
use goto instead of returning directly while error handling

Signed-off-by: Peiwei Hu <jlu.hpw@foxmail.com>

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17404)
 2022-01-05 10:02:02 +01:00
fangming.fang
abc4345a19 fix building failure when using -Wconditional-uninitialized 
Use clang -Wconditional-uninitialized to build, the error "initialize
the variable 'buffer_size' to silence this warning" will be reported.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17375)
 2022-01-05 09:59:31 +01:00
Tomas Mraz
e06c0a2870 trace.c: Add missing trace category entry 
Fixes #17397

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17399)
 2022-01-05 09:57:39 +01:00
Dr. David von Oheimb
b971d4198d CMP mock server: add -ref_cert option and corresponding ossl_cmp_mock_srv_set1_refCert() 
Fixes #16041

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16050)
 2022-01-04 17:04:56 +01:00
Dr. David von Oheimb
acef3b2f84 X509_cmp.pod: Point out that the X509_NAME_cmp() arguments may be NULL 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16050)
 2022-01-04 17:04:44 +01:00
Dr. David von Oheimb
97b8c859c6 app_http_tls_cb: Fix double-free in case TLS not used 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17400)
 2022-01-04 17:02:06 +01:00
Dr. David von Oheimb
2e6afe1079 check-format.pl: Fix report on constant on LHS of comparison or assignment 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17396)
 2022-01-04 15:25:54 +01:00
Dr. David von Oheimb
068549f8db HTTP client: Work around HTTPS proxy use bug due to callback design flaw 
See discussion in #17088, where the real solution was postponed to 4.0.

This preliminarily fixes the issue that the HTTP(S) proxy environment vars
were neglected when determining whether a proxy should be used for HTTPS.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17310)
 2022-01-04 15:05:32 +01:00
fangming.fang
a8251a32a0 Fix compile error when building with no-asm 
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17376)
 2022-01-04 13:08:45 +01:00
x2018
04e3ab64d5 check the return value of EVP_MD_fetch in ecdh_exch.c:285 & dh_exch.c:347 
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17153)
 2022-01-04 12:30:12 +01:00
Sebastian Andrzej Siewior
d26b3766a0 Use USE_SWAPCONTEXT on IA64. 
On IA64 the use of setjmp()/ longjmp() does not properly save the
state of the register stack engine (RSE) and requires extra care.
The use of it in the async interface led to a failure in the
test_async.t test since its introduction in 1.1.0 series.

Instead of properly adding the needed assembly bits here use the
swapcontext() function which properly saves the whole context.

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17370)
 2022-01-04 12:14:19 +01:00
Matt Caswell
ee8a61e158 Validate the category in OSSL_trace_end() 
OSSL_trace_end() should validate that the category it has been passed
by the caler is valid, and return immediately if not.

Fixes #17353

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17371)
 2022-01-04 11:09:03 +11:00
Dr. David von Oheimb
0088ef48c3 Update troublesome copyright years of auto-generated files to 2022 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17398)
 2022-01-03 13:41:16 +01:00
Dr. David von Oheimb
b6144bb8c1 X509V3_set_ctx(): Improve documentation 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17358)
 2022-01-03 12:46:49 +01:00
Dr. David von Oheimb
1d8f18dce1 ec.h: Explain use of strstr() for EVP_EC_gen() and add #include <string.h> 
Fixes #17362

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17380)
 2022-01-03 12:43:19 +01:00
x2018
352a0bcaab Check the return value of ossl_bio_new_from_core_bio() 
There are missing checks of its return value in 8 different spots.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17154)
 2022-01-03 12:00:01 +01:00
Tomas Mraz
5bea0e2ee9 close_console: Always unlock as the lock is always held 
Fixes #17364

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17365)
 2022-01-03 10:57:39 +01:00
Tomas Mraz
da7db7ae6d try_pkcs12(): cleanse passphrase so it is not left on the stack 
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/17320)
 2022-01-03 10:35:36 +01:00
Tomas Mraz
1dfef929e4 try_pkcs12(): Correct handling of NUL termination of passphrases 
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/17320)
 2022-01-03 10:35:36 +01:00
Tomas Mraz
c7debe8111 Test that PEM_BUFSIZE is passed into pem_password_cb 
When pem_password_cb is used from SSL_CTX, its size
parameter should be equal to PEM_BUFSIZE.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/17320)
 2022-01-03 10:35:36 +01:00
Tomas Mraz
5b5342e04f pem_password_cb: Clarify the documentation on passphrases 
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/17320)
 2022-01-03 10:35:36 +01:00
Tomas Mraz
ef65bbb963 Compensate for UI method always adding NUL termination 
The UI method always adds NUL termination and we need to
compensate for that when using it from a pem_password_cb
because the buffer used in pem_password_cb does not account
for that and the returned password should be able fill the
whole buffer.

Fixes #16601

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/17320)
 2022-01-03 10:35:36 +01:00