Commit Graph

1404 Commits

Author SHA1 Message Date
Matt Caswell
c3fd55d4a6 Add a test for fragmented alerts
The previous commit fixed a problem where fragmented alerts would cause an
infinite loop. This commit adds a test for these fragmented alerts.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-27 14:51:03 +01:00
Rich Salz
6f4a6a5cd4 RT4586: Remove RSA_memory_lock; unused, not needed
Reviewed-by: Ben Laurie <ben@openssl.org>
2016-06-27 07:39:53 -04:00
Matt Caswell
a6211814c4 Add a getter to obtain the HMAC_CTX md
As a result of opaque HMAC_CTX apps need a getter for the HMAC_CTX md.

GitHub Issue #1152

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-06-24 13:22:40 +01:00
Sebastian Andrzej Siewior
70a56b9147 utils/mkdir-p: check if dir exists also after mkdir failed
with "make install -j8" it happens very often that two or more make
instances are creating the same directory in parallel. As a result one
instace creates the directory and second mkdir fails because the
directory exists already (but it did not while testing for it earlier).

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1204)
2016-06-23 11:10:29 -04:00
Andy Polyakov
eeac54ef6d crypto/cryptlib.c: omit OPENSSL_ia32cap_loc().
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-22 20:20:37 +02:00
Rich Salz
c952780c25 More doc cleanup
Add missing entries to NAME section
Add SYNOPSIS lines, remove old NAME entries
Update find-doc-nits; better regexp's for parsing SYNOPSIS sections.
Rename a couple of files to have an API name.
Remove RSA_private_decrypt; it was duplicate content
Update for recent doc additions

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-21 07:03:34 -04:00
Rich Salz
d3b64b89ed Fix GCC build; make update; fix number re-use
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-16 15:48:03 -04:00
Nathaniel McCallum
ebad0b0beb Add EVP_PKEY_get0_hmac() function
Before the addition of this function, it was impossible to read the
symmetric key from an EVP_PKEY_HMAC type EVP_PKEY.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1217)
2016-06-16 13:33:47 -04:00
Matt Caswell
b02b574317 Skip the TLSProxy tests if environmental problems are an issue
On some platforms we can't startup the TLSProxy due to environmental
problems (e.g. network set up on the build machine). These aren't OpenSSL
problems so we shouldn't treat them as test failures. Just visibly
indicate that we are skipping the test.

We only skip the first time we attempt to start up the proxy. If that works
then everything else should do...if not we should probably investigate and
so report as a failure.

This also removes test_networking...there is a danger that this turns into
a test of user's environmental set up rather than OpenSSL.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-16 16:32:14 +01:00
Rich Salz
cda3ae5bd0 RT4562: Fix misleading doc on OPENSSL_config
Also changed the code to use "appname" not "filename"

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-14 12:30:37 -04:00
Matt Caswell
5ec84dd75f make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 00:16:04 +01:00
Rich Salz
6670d55a84 Make a2i_ipadd an internal function
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-09 17:15:42 -04:00
Rich Salz
8162f6f58a More API docs; small changes.
Also fix typo noted on GitHub.
Suppport typedef and #define to find-doc-nits

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-09 17:03:30 -04:00
Rich Salz
e417070c9f Add some accessor API's
GH1098: Add X509_get_pathlen() (and a test)
GH1097:  Add SSL_is_dtls() function.

Documented.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-08 11:37:06 -04:00
Rich Salz
4692340e31 Unify d2i/i2d documentation.
Make d2i_X509 a generic d2i/i2d manpage.
Pull common stuff out of other d2i/i2d docs.
Update find-doc-nits to know about "generic" manpages.
Cleanup some overlap.
Fix up a bunch of other references.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-07 15:49:08 -04:00
Rich Salz
fbba5d113f Nit about pod filenames
The asdf.pod filename must have asdf in its NAME section.
also check for names existing as a different filename (via Levitte)

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-06-07 14:46:33 -04:00
Rich Salz
35ea640a01 Add script to find undocumented API
Also tweaks to find-doc-nits, including name/synopsis checking.
Ironically, it also reports on duplicated doc names :)

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-07 10:05:06 -04:00
Rich Salz
bb9ad09e8e More doc nits
Update script to look for period or POD markup in NAME section, and
fix them.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-06-06 10:09:39 -04:00
Rich Salz
843666ffdc More utils cleanup.
Remove some unused files.
Rename doc-nit-check to be consistent.
Add check for multiple #include in synopsis.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-04 07:06:31 -04:00
Richard Levitte
ee2c1a253d perl: refactor .pod name section extractor into its own module
Adapt util/process_docs.pl

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-02 15:38:16 +02:00
Rich Salz
ade82832cd Remove NOEXIST entries
checkpoint before release.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-01 13:08:03 -04:00
Rich Salz
b8a9af6881 Remove/rename some old files.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-01 11:29:57 -04:00
Rich Salz
44c8a5e2b9 Add final(?) set of copyrights.
Add copyright to missing assembler files.
Add copyrights to missing test/* files.
Add copyrights
Various source and misc files.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-01 11:27:25 -04:00
Matt Caswell
befe31cd38 make update
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-31 23:03:54 +01:00
Richard Levitte
23049aa52e perl: use the 'if' module to conditionally load File::Glob
Trying to use normal perl conditions to conditionally 'use' a perl
module didn't quite work.  Using the 'if' module to do so does work.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-05-30 11:55:46 +02:00
Joey Yandle
6378809b22 set RAND_event and RAND_screen to deprecated in 1.1.0 in librypto.num
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1079)
2016-05-29 13:36:59 -04:00
Andy Polyakov
9785555616 Configure,test/recipes: "pin" glob to File::Glob::glob.
As it turns out default glob's behaviour for quoted argument varies
from version to version, making it impossible to Configure or run
tests in some cases. The reason for quoting globs was to accommodate
source path with spaces in its name, which was treated by default glob
as multiple paths. File::Glob::glob on the other hand doesn't consider
spaces as delimiters and therefore works with unquoted patterns.

[Unfortunaltely File::Glob::glob, being too csh-ly, doesn't work
on VMS, hence the "pinning" is conditional.]

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-29 14:12:35 +02:00
Richard Levitte
da32e04b5e make update
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-05-28 02:15:04 +02:00
Richard Levitte
04b7805a86 perl glob: make sure to put quotes around the pattern, in case of spaces
RT#4486

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-27 17:41:32 +02:00
Rich Salz
0cd0a820ab Remove unused error/function codes.
Add script to find unused err/reason codes
Remove unused reason codes.
Remove entries for unused functions

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-23 15:04:23 -04:00
Dr. Stephen Henson
60980390b1 make update
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-23 16:41:35 +01:00
FdaSilvaYY
e5a5e3f3db Add checks on CRYPTO_set_ex_data return value
Fix possible leak in danetest.c

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-23 13:43:31 +01:00
Richard Levitte
398c1b773a util/process_docs.pl: Add more debugging output
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-23 00:45:44 +02:00
Richard Levitte
c4d598939a Improve the checking of pod sections
(i.e. remove some bugs)

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-23 00:45:44 +02:00
Richard Levitte
e4860d531d process_docs.pl: When starting to read a new head1 section, remove previous text
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-23 00:45:44 +02:00
Richard Levitte
169a8e391e Have doc-nit-check look for mandatory manual sections
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-22 01:26:45 +02:00
Rich Salz
6aa36e8e5a Add OpenSSL copyright to .pl files
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-21 08:23:39 -04:00
Rich Salz
05ea606a25 Doc nits cleanup, round 2
Fix some code examples, trailing whitespace
Fix TBA sections in verify, remove others.
Remove empty sections
Use Mixed Case not ALL CAPS in head2
Enhance doc-nits script.
Remove extra =cut line

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-20 20:54:00 -04:00
Rich Salz
739a1eb196 Rename lh_xxx,sk_xxx tp OPENSSL_{LH,SK}_xxx
Rename sk_xxx to OPENSSL_sk_xxx and _STACK to OPENSSL_STACK
Rename lh_xxx API to OPENSSL_LH_xxx and LHASH_NODE to OPENSSL_LH_NODE
Make lhash stuff opaque.
Use typedefs for function pointers; makes the code simpler.
Remove CHECKED_xxx macros.
Add documentation; remove old X509-oriented doc.
Add API-compat names for entire old API

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-05-20 10:48:29 -04:00
Rich Salz
1bc74519a2 Fix nits in pod files.
Add doc-nit-check to help find future issues.
Make podchecker be almost clean.
Remove trailing whitespace.
Tab expansion

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-20 08:11:46 -04:00
Richard Levitte
2bc57c88d8 Documentation processor in perl, for platforms that don't have sh
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-19 23:51:44 +02:00
Richard Levitte
291a4d91eb Small typo, a tab where there should have been a space
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-18 22:15:30 +02:00
Richard Levitte
97665e1c4f Fix util/mkerr.pl
- Adjust mkerr.pl to produce the line length we used for source
  reformating.

- Have mkerr.pl keep track of preprocessor directive indentation

  Among others, do not spuriously throw away a #endif at the end of
  header files.

- Make sure mkerr.pl specifies any header inclusion correctly

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-18 22:03:11 +02:00
Rich Salz
b6cff313cb Manual fixes after copyright consolidation
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 17:38:18 -04:00
Rich Salz
6ddbb4cd92 X509_STORE_CTX accessors.
Add some functions that were missing when a number of X509
objects became opaque (thanks, Roumen!)

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 16:06:09 -04:00
Matt Caswell
6ae5452481 Workaround an IO::Socket::IP bug
Workaround an apparent IO:Socket::IP bug where a seemingly valid
server socket is being returned even though a valid connection does not
exist. This causes the tests to intermittently hang. We additionally check
that the peerport looks ok to verify that the returned socket looks usable.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-16 17:19:55 +01:00
Viktor Dukhovni
5c4328f04f Fold threads.h into crypto.h making API public
Document thread-safe lock creation

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-16 12:16:26 -04:00
Alessandro Ghedini
6546e9b221 Add SSL_client_version() getter function
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-16 15:58:52 +01:00
Viktor Dukhovni
7ad5fb6267 Fix TLSProxy race by adding missing eval
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-11 18:43:07 -04:00
Richard Levitte
19252eef3e make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-11 22:12:57 +02:00