mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-30 14:01:55 +08:00
Code Issues Packages Projects Releases Wiki Activity
29,599 Commits 34 Branches 385 Tags 448 MiB
f570d33b02
Commit Graph

29599 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matt Caswell
f570d33b02 Only call dtls1_start_timer() once 
The function dtls1_handle_timeout() calls dtls1_double_timeout() which
was calling dtls1_start_timer(). However dtls1_start_timer() is also
called directly by dtls1_handle_timeout(). We only need to start the timer
once.

Fixes #15561

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15595)
 2021-06-04 11:06:08 +10:00
Dr. David von Oheimb
d0196ddcba CI windows.yml: Silence 'nmake' builds except 'minimal'; ci.yml: make 'minimal' build verbose 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15594)
 2021-06-04 09:39:09 +10:00
Matt Caswell
376a8c3f46 Teach ASN1_item_verify_ctx() how to handle provided keys 
We need to special case RSA-PSS because that uses X509_ALGOR style
parameters and we have no support for this on the provider side at this
stage.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15527)
 2021-06-03 17:18:57 +01:00
Tomas Mraz
18d9c9bf96 openssl spkac: Fix reading SPKAC data from stdin 
Fixes #15367

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15593)
 2021-06-03 18:07:56 +02:00
Tomas Mraz
7d69c07ddf OPENSSL_init_crypto must return 0 when cleanup was done 
Fixes #15581

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15589)
 2021-06-03 17:42:21 +02:00
bonniegong
effb0dcf86 Check the return value of ASN1_STRING_length 
ASN1_STRING_length gets the field 'length' of msg, which
can be manipulated through a crafted input.
Add a check to avoid error execution of OPENSSL_malloc().

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15583)
 2021-06-03 17:09:02 +02:00
Jon Spillett
f6b6574cd7 80-test_cmp_http.t: Re-enable CMP tests for AIX, removing some inessential test cases 
Remove negative test cases which simulate an attempt to write file contents to a directory
using a path ending in '/' as this is not compatible with fopen on all platforms, e.g., AIX.

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15575)
 2021-06-03 16:14:15 +02:00
Richard Levitte
b7d2bd1219 Deprecate EVP_CIPHER_impl_ctx_size and EVP_CIPHER_CTX_buf_noconst 
Fixes #15519

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15584)
 2021-06-03 12:46:47 +02:00
Richard Levitte
17213b2ad0 Restore all the ? in util/libcrypto.num 
They will become numbers again when beta1 is actually released.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15578)
 2021-06-03 09:18:54 +02:00
Richard Levitte
cbba082fc0 util/mknum.pl: Really allow unset ordinals in development 
Any pre-release tag that includes '-dev' is development.  The ordinals
don't need to be finalized before '-dev' is removed (i.e. a release is
made).

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15578)
 2021-06-03 09:18:54 +02:00
Shane Lontis
ba3ea453b0 Fix errors found by parfait static analyser. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15579)
 2021-06-03 16:15:41 +10:00
Pauli
6436030486 rsa: make the maximum key strength check FIPS only. 
To be reverted once key generation checks are added everywhere and a way to
disable them implemented.

Fixes #15502

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15560)
 2021-06-03 15:32:38 +10:00
yuechen-chen
691c9cd16b Add an EVP demo for signatures using EC 
Fixes #14115

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15429)
 2021-06-03 15:21:17 +10:00
Pauli
74613e8c97 update checksums 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15574)
 2021-06-03 11:58:18 +10:00
Pauli
c912e0c616 util: update FIPS checksumming script to be more aggressive with whitespace 
Fixes #15562

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15574)
 2021-06-03 11:56:21 +10:00
Jon Spillett
8a5bd05da8 Add enable-fips to CI configuration 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15537)
 2021-06-03 07:33:13 +10:00
Jon Spillett
c29b71c367 Disable tracing within the FIPS module 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15537)
 2021-06-03 07:32:54 +10:00
Tomas Mraz
ea82158103 ed25519 and ed448: fix incorrect OSSL_PKEY_PARAM_MAX_SIZE 
Fixes #15552

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15566)
 2021-06-02 17:17:51 +02:00
Dr. David von Oheimb
4388417157 80-test_cms.t: Replace use of ee-self-signed.pem by more suitable smrsa1.pem 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15499)
 2021-06-02 14:49:13 +02:00
Dr. David von Oheimb
07e84e67a6 ee-self-signed.pem: Restore original version, adding -attime to 25-test_verify.t 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15499)
 2021-06-02 14:49:13 +02:00
Pauli
5bcbdee621 list: update to not use XXX_get_number() calls 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15564)
 2021-06-02 20:45:51 +10:00
Pauli
45e6e5073a store: include internal header 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15564)
 2021-06-02 20:45:51 +10:00
Pauli
d11e555082 doc: fix OSSL_(EN|DE)CODER_get0_name function names 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15564)
 2021-06-02 20:45:51 +10:00
Pauli
bcd5d3a22d libcrypto: make XXX_get_number() internal 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15564)
 2021-06-02 20:45:39 +10:00
Pauli
6ea964cd4a doc: make XXX_get_number() internal 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15564)
 2021-06-02 20:45:39 +10:00
Pauli
2e006ae77b Add internal get_number functions to internal headers 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15564)
 2021-06-02 20:45:39 +10:00
Pauli
f2e3584d10 add internal get_number functons to crypto/evp.h 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15564)
 2021-06-02 20:45:39 +10:00
Pauli
c768893e7d doc: move XXX_get_number() documentation to internal 
These functions are effectively useless for users outside of libcrypto.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15564)
 2021-06-02 20:45:39 +10:00
Pauli
4cedf30e99 utils: remove TODO 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
71653965b3 crypto: remove TODOs 
Fixes #15451

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
60e91cc409 http: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
4c3c2633b2 evp: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
3b90a847ec err: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
4656d9ecd1 ec: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
3dc12810fa dso: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
26b3e44a66 bn: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
79cabd7e27 rsa: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
c6472fec64 store: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
e73a08b400 pem: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
126e37716f ocsp: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
29cfba8599 ct: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
e0a7ef0b51 crmf: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
1486b1fbd3 comp: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
6f6c8b0e3c cms: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
75e1191f4d cmp: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
69e21cb648 x509: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
1c8c5d4755 bio: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
10dbfcc91e asn.1: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
0848b943a8 providers: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00
Pauli
407820c0e3 tls: remove TODOs 
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15539)
 2021-06-02 16:30:15 +10:00