Dr. Stephen Henson
e0fc7961c4
Add conditional unit testing interface.
...
Don't call internal functions directly call them through
SSL_test_functions(). This also makes unit testing work on
Windows and platforms that don't export internal functions
from shared libraries.
By default unit testing is not enabled: it requires the compile
time option "enable-unit-test".
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
2014-07-24 19:41:29 +01:00
Dr. Stephen Henson
8e55e6de45
Don't call setenv in gost2814789t.c
...
The call to setenv in gost2814789t.c is not portable and may
not reflect the location of the GOST ENGINE on all platforms anyway.
Instead set OPENSSL_ENGINES in test/Makefile
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
2014-07-24 18:18:54 +01:00
Geoff Thorpe
ceea4bf047
Remove demos/tunala
...
This has been unmaintained for a long time. If it's still of interest
to anyone, it can be obtained easily enough by reverting this commit.
(It could join other demo code in some other repository, perhaps.) In
any case we don't want it taking up space in the baseline source
package, so <snip>.
Signed-off-by: Geoff Thorpe <geoff@openssl.org>
2014-07-22 15:16:30 -04:00
Andy Polyakov
7a2b54509c
CHANGES: mention new platforms.
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-07-22 20:19:37 +02:00
Billy Brumley
cba11f57ce
"EC_POINT_invert" was checking "dbl" function pointer instead of "invert".
...
PR#2569
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-07-21 22:18:40 +01:00
Tim Hudson
62352b8138
Remove old unused and unmaintained demonstration code.
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-07-22 05:26:17 +10:00
Andy Polyakov
5c3598307e
sha1-ppc.pl: shave off one cycle from BODY_20_39
...
and improve performance by 10% on POWER[78].
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2014-07-21 15:29:09 +02:00
Tim Hudson
c8d133e4b6
Minor documentation update removing "really" and a
...
statement of opinion rather than a fact.
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-07-21 20:03:50 +10:00
Dr. Stephen Henson
841072ef65
Add test header, sync ordinals with 1.0.2
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-20 20:51:06 +01:00
Andy Polyakov
0e716d9207
Engage GHASH for PowerISA 2.0.7.
...
[and split ppccap.c to ppccap.c and ppc_arch.h]
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-20 14:16:31 +02:00
Andy Polyakov
f5b798f50c
Add GHASH for PowerISA 2.0.7.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-20 14:14:26 +02:00
Dr. Stephen Henson
03c075e572
Windows build fixes.
...
Add cmac.h to mkdef.pl
Remove ENGINE_load_rsax from engine.h: no longer built.
Update ordinals
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-19 22:57:37 +01:00
Dr. Stephen Henson
f8c03d4dbf
Fix documentation for RSA_set_method(3)
...
PR#1675
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-07-19 22:57:37 +01:00
Mike Bland
b2e50bcd0e
Check the test registry size during add_test()
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-19 19:24:36 +01:00
Mike Bland
50bba6852d
Update heartbeat_test #includes
...
ssl/ssl_locl.h now comes first to ensure that it will compile standalone.
test/testutil.h is considered to be in the same directory as the test file,
since the test file will be linked into test/ and built there.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-19 19:24:35 +01:00
Mike Bland
6017a55143
Use testutil registry in heartbeat_test
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-19 19:24:35 +01:00
Mike Bland
5e3de8e609
test/testutil.c test registry functions.
...
These help standardize the structure of main() and result reporting.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-19 19:24:35 +01:00
Dr. Stephen Henson
d31fed73e2
RFC 5649 support.
...
Add support for RFC5649 key wrapping with padding.
Add RFC5649 tests to evptests.txt
Based on PR#3434 contribution by Petr Spacek <pspacek@redhat.com>.
EVP support and minor changes added by Stephen Henson.
Doxygen comment block updates by Tim Hudson.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-18 21:37:13 +01:00
Dr. Stephen Henson
58f4698f67
Make *Final work for key wrap again.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-17 23:29:14 +01:00
Dr. Stephen Henson
d12eef1501
Sanity check lengths for AES wrap algorithm.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-17 12:57:40 +01:00
Jeffrey Walton
d48e78f0cf
Fix typo, add reference.
...
PR#3456
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-07-17 12:07:37 +01:00
Matt Caswell
2097a17c57
Disabled XTS mode in enc utility as it is not supported
...
PR#3442
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-07-16 20:59:35 +01:00
Andy Polyakov
e91718e80d
Revert "Add GHASH for PowerISA 2.07."
...
This reverts commit 927f2e5dea
.
2014-07-16 13:38:15 +02:00
Andy Polyakov
6cd13f70bb
Revert "Engage GHASH for PowerISA 2.07."
...
This reverts commit 14aaf883d9
.
2014-07-16 13:37:37 +02:00
Andy Polyakov
14aaf883d9
Engage GHASH for PowerISA 2.07.
2014-07-16 08:03:34 +02:00
Andy Polyakov
927f2e5dea
Add GHASH for PowerISA 2.07.
2014-07-16 08:01:41 +02:00
Matt Caswell
3bd548192a
Add Matt Caswell's fingerprint, and general update on the fingerprints file to bring it up to date
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-15 23:13:37 +01:00
Dr. Stephen Henson
ca2015a617
Clarify -Verify and PSK.
...
PR#3452
2014-07-15 20:22:39 +01:00
Dr. Stephen Henson
c8d710dc5f
Fix DTLS certificate requesting code.
...
Use same logic when determining when to expect a client
certificate for both TLS and DTLS.
PR#3452
2014-07-15 18:23:13 +01:00
Dr. Stephen Henson
199772e534
Don't allow -www etc options with DTLS.
...
The options which emulate a web server don't make sense when doing DTLS.
Exit with an error if an attempt is made to use them.
PR#3453
2014-07-15 12:32:41 +01:00
Rich Salz
6c0a1e2f8c
Merge branch 'master' of git.openssl.org:openssl
2014-07-15 00:05:43 -04:00
Dr. Stephen Henson
1c3e9a7c67
Use case insensitive compare for servername.
...
PR#3445
2014-07-14 23:59:13 +01:00
Hubert Kario
7efd0e777e
document -nextprotoneg option in man pages
...
Add description of the option to advertise support of
Next Protocol Negotiation extension (-nextprotoneg) to
man pages of s_client and s_server.
PR#3444
2014-07-14 23:42:59 +01:00
Dr. Stephen Henson
ec5a992cde
Use more common name for GOST key exchange.
2014-07-14 18:31:55 +01:00
Dr. Stephen Henson
aa224e9719
Fix typo.
2014-07-14 18:31:55 +01:00
Rich Salz
9d6253cfd3
Add tags/TAGS; approved by tjh
2014-07-14 11:27:16 -04:00
Matt Caswell
f8571ce822
Fixed valgrind complaint due to BN_consttime_swap reading uninitialised data.
...
This is actually ok for this function, but initialised to zero anyway if
PURIFY defined.
This does have the impact of masking any *real* unitialised data reads in bn though.
Patch based on approach suggested by Rich Salz.
PR#3415
2014-07-13 22:17:39 +01:00
Peter Mosmans
924e5eda2c
Add names of GOST algorithms.
...
PR#3440
2014-07-13 18:30:07 +01:00
Richard Levitte
8b5dd34091
* crypto/ui/ui_lib.c: misplaced brace in switch statement.
...
Detected by dcruette@qualitesys.com
2014-07-13 19:11:46 +02:00
Ben Laurie
c1d1b0114e
Don't clean up uninitialised EVP_CIPHER_CTX on error (CID 483259).
2014-07-10 17:49:02 +01:00
Matt Caswell
66816c53be
Fix memory leak in BIO_free if there is no destroy function.
...
Based on an original patch by Neitrino Photonov <neitrinoph@gmail.com>
PR#3439
2014-07-09 23:29:17 +01:00
Andy Polyakov
1b0fe79f3e
x86_64 assembly pack: improve masm support.
2014-07-09 20:08:01 +02:00
Andy Polyakov
d11c70b2c2
Please Clang's sanitizer, addendum.
2014-07-08 23:06:59 +02:00
Andy Polyakov
021e5043e5
Please Clang's sanitizer.
...
PR: #3424,#3423,#3422
2014-07-08 22:24:44 +02:00
Andy Polyakov
c4f8efab34
apps/speed.c: fix compiler warnings in multiblock_speed().
2014-07-07 17:02:26 +02:00
Andy Polyakov
07b635cceb
sha[1|512]-x86_64.pl: fix logical errors with $shaext=0.
2014-07-07 17:01:07 +02:00
David Lloyd
9d23f422a3
Prevent infinite loop loading config files.
...
PR#2985
2014-07-07 13:19:57 +01:00
Viktor Dukhovni
b73ac02735
Improve X509_check_host() documentation.
...
Based on feedback from Jeffrey Walton.
2014-07-07 20:34:06 +10:00
Viktor Dukhovni
297c67fcd8
Update API to use (char *) for email addresses and hostnames
...
Reduces number of silly casts in OpenSSL code and likely most
applications. Consistent with (char *) for "peername" value from
X509_check_host() and X509_VERIFY_PARAM_get0_peername().
2014-07-07 19:11:38 +10:00
Dr. Stephen Henson
ee724df75d
Usage for -hack and -prexit -verify_return_error
2014-07-06 22:42:50 +01:00