root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
19,963 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

219 Commits

Author SHA1 Message Date
Matt Caswell 266483d2f5 RAND_bytes updates 
Ensure RAND_bytes return value is checked correctly, and that we no longer
use RAND_pseudo_bytes.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-03-25 12:38:07 +00:00
Rich Salz d64070838e free NULL cleanup 
Start ensuring all OpenSSL "free" routines allow NULL, and remove
any if check before calling them.
This gets DH_free, DSA_free, RSA_free

Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-03-24 23:17:16 -04:00
Rich Salz 7aa0b02246 Dead code cleanup: crypto/*.c, x509v3, demos 
Some of the #if 0 code in demo's was kept, but given helpful #ifdef
names, to show more sample code.

Reviewed-by: Andy Polyakov <appro@openssl.org>
 2015-02-02 11:08:16 -05:00
Matt Caswell e640fa0200 Harmonise use of EVP_CTRL_GET_TAG/EVP_CTRL_SET_TAG/EVP_CTRL_SET_IVLEN 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-28 10:39:01 +00:00
Rich Salz a2b18e657e ifdef cleanup, part 4a: '#ifdef undef' 
This removes all code surrounded by '#ifdef undef'
One case is left: memmove() replaced by open-coded for loop,
in crypto/stack/stack.c  That needs further review.

Also removed a couple of instances of /* dead code */ if I saw them
while doing the main removal.

Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-01-24 10:58:38 -05:00
Matt Caswell 35a1cc90bc More comment realignment 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:20:10 +00:00
Matt Caswell 0f113f3ee4 Run util/openssl-format-source -v -c . 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:20:09 +00:00
Matt Caswell 68d39f3ce6 Move more comments that confuse indent 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:20:09 +00:00
Matt Caswell dbd87ffc21 indent has problems with comments that are on the right hand side of a line. 
Sometimes it fails to format them very well, and sometimes it corrupts them!
This commit moves some particularly problematic ones.

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:20:08 +00:00
Matt Caswell e636e2acd7 Fix source where indent will not be able to cope 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:20:06 +00:00
Matt Caswell 28470b6095 Yet more comments 
Conflicts:
	crypto/dsa/dsa_asn1.c
	crypto/pem/pem_all.c
	fips/dh/dh_gen.c
	fips/dh/fips_dh_check.c
	fips/dh/fips_dh_gen.c
	ssl/ssl_ciph.c

Conflicts:
	ssl/d1_clnt.c

Conflicts:
	ssl/s2_pkt.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:20:06 +00:00
Matt Caswell 23a22b4cf7 More comments 
Conflicts:
	crypto/dsa/dsa_vrf.c
	crypto/ec/ec2_smpl.c
	crypto/ec/ecp_smpl.c

Conflicts:
	demos/bio/saccept.c
	ssl/d1_clnt.c

Conflicts:
	bugs/dggccbug.c
	demos/tunala/cb.c

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:20:06 +00:00
Matt Caswell c80fd6b215 Further comment changes for reformat (master) 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-01-22 09:19:59 +00:00
Rich Salz 6d23cf9744 RT3548: Remove unsupported platforms 
This last one for this ticket.  Removes WIN16.
So long, MS_CALLBACK and MS_FAR.  We won't miss you.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-01-12 17:30:54 -05:00
Tim Hudson 1d97c84351 mark all block comments that need format preserving so that 
indent will not alter them when reformatting comments

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2014-12-30 22:10:26 +00:00
Kurt Roeckx 45f55f6a5b Remove SSLv2 support 
The only support for SSLv2 left is receiving a SSLv2 compatible client hello.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2014-12-04 11:55:03 +01:00
Rich Salz 8cfe08b4ec Remove all .cvsignore files 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-11-28 18:32:43 -05:00
Rich Salz 5f855569c4 RT2600: Change Win line-endings to Unix. 
For consistency.

Reviewed-by: Bodo Moeller <bodo@openssl.org>
 2014-09-08 16:40:24 -04:00
Jeffrey Walton a520ae3628 RT3142: Extra initialization in state_machine 
Remove extra initialization calls in the sample program.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-21 13:32:17 -04:00
Martin Olsson 89fb142b49 RT2847: Don't "check" uninitialized memory 
Don't check err variable until after it's been set.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
 2014-08-19 12:47:02 -04:00
Jonas Maebe 94c0a987c7 engine_md_copy: check for NULL after allocating to_md->HashBuffer 
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2014-08-17 18:56:44 +02:00
Rich Salz f642ebc1e2 Undo a90081576c 
Undo unapproved commit that removed DJGPP and WATT32
 2014-08-09 08:02:20 -04:00
Rich Salz a90081576c Remove DJGPP (and therefore WATT32) #ifdef's. 
DJGPP is no longer a supported platform.  Remove all #ifdef, etc.,
cases that refer to it.  DJGPP also #define'd WATT32, so that
is now removed as well.
 2014-08-08 16:54:14 -04:00
Geoff Thorpe ceea4bf047 Remove demos/tunala 
This has been unmaintained for a long time. If it's still of interest
to anyone, it can be obtained easily enough by reverting this commit.
(It could join other demo code in some other repository, perhaps.) In
any case we don't want it taking up space in the baseline source
package, so <snip>.

Signed-off-by: Geoff Thorpe <geoff@openssl.org>
 2014-07-22 15:16:30 -04:00
Tim Hudson 62352b8138 Remove old unused and unmaintained demonstration code. 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2014-07-22 05:26:17 +10:00
Dr. Stephen Henson 0f78819c8c New ctrl to set current certificate. 
New ctrl sets current certificate based on certain criteria. Currently
two options: set the first valid certificate as current and set the
next valid certificate as current. Using these an application can
iterate over all certificates in an SSL_CTX or SSL structure.
 2014-02-02 22:58:19 +00:00
Dr. Stephen Henson 9f9ab1dc66 Demo of use of errors in applications. 2014-02-02 22:58:19 +00:00
Dr. Stephen Henson cb2182676b typo 2014-01-28 15:35:16 +00:00
Dr. Stephen Henson 717cc85895 Fix demo comment: 0.9.9 never released. 2014-01-28 15:15:26 +00:00
Dr. Stephen Henson 88c21c47a3 Update demo. 2013-12-18 13:28:44 +00:00
Dr. Stephen Henson ea131a0644 Update demos/bio/README 2013-10-21 03:51:44 +01:00
Dr. Stephen Henson f3efeaad54 Fix various typos. 2013-10-20 22:31:00 +01:00
Dr. Stephen Henson d80b0eeee5 Modify sample accept.cnf 2013-10-20 22:21:52 +01:00
Dr. Stephen Henson ebd14bfce9 Add demo for SSL server using SSL_CONF. 2013-10-20 22:21:52 +01:00
Veres Lajos 478b50cf67 misspellings fixes by https://github.com/vlajos/misspell_fixer 2013-09-05 21:39:42 +01:00
Dr. Stephen Henson e24fd37cda Typo. 
(cherry picked from commit 1546fb780b)
 2013-03-18 14:00:39 +00:00
Dr. Stephen Henson bcb157f07f typo 2013-03-05 21:20:00 +00:00
Dr. Stephen Henson e942c15451 Initial CCM code. 
Simple example of CCM code use: translated from the FIPS self tests.
 2013-03-05 18:30:53 +00:00
Dr. Stephen Henson 3646578ae7 Demo code for SSL_CONF API 
Two example programs one for command line argument processing and
one for configuration file processing.
 2013-02-26 16:33:05 +00:00
Dr. Stephen Henson 92821996de oops, revert, committed in error 2012-12-14 23:29:58 +00:00
Dr. Stephen Henson 11e2957d5f apps/ocsp.c 2012-12-14 23:28:19 +00:00
Dr. Stephen Henson 24f77b34d5 remove redundant code from demo 2012-11-18 14:47:25 +00:00
Dr. Stephen Henson 226afe4956 typo 2012-10-27 18:05:56 +00:00
Dr. Stephen Henson 07a4ff79d2 add simple AES GCM code example 2012-10-16 23:03:45 +00:00
Dr. Stephen Henson 61d24f102d update README 2012-09-09 20:47:36 +00:00
Dr. Stephen Henson 79b184fb4b Extend certificate creation examples to include CRL generation and sample 
scripts running the test OCSP responder.
 2012-09-09 20:43:49 +00:00
Dr. Stephen Henson ef6b34bec2 make EC test certificates usable for ECDH 2012-08-31 11:15:44 +00:00
Dr. Stephen Henson 18d7158809 Add certificate callback. If set this is called whenever a certificate 
is required by client or server. An application can decide which
certificate chain to present based on arbitrary criteria: for example
supported signature algorithms. Add very simple example to s_server.
This fixes many of the problems and restrictions of the existing client
certificate callback: for example you can now clear existing certificates
and specify the whole chain.
 2012-06-29 14:24:42 +00:00
Dr. Stephen Henson 57559471bf oops, revert unrelated changes 2012-02-09 15:43:58 +00:00
Dr. Stephen Henson f4e1169341 Modify client hello version when renegotiating to enhance interop with 
some servers.
 2012-02-09 15:42:10 +00:00
Dr. Stephen Henson ccd395cbcc add example for DH certificate generation 2012-01-25 16:33:39 +00:00
Dr. Stephen Henson 1bfdb34f70 Add private keys and generation scripts for test certificates in apps 
directory.
 2011-12-14 22:14:47 +00:00
Dr. Stephen Henson b6df360b9e Simple automated certificate creation demo. 2011-06-01 18:36:49 +00:00
Dr. Stephen Henson 55f39a199d fix comments 2010-01-21 01:17:17 +00:00
Dr. Stephen Henson 3ec5f38b47 Update demo 2010-01-20 14:06:21 +00:00
Dr. Stephen Henson 98c08a6312 Use SHA1 and not deprecated MD5 in demos. 2009-08-15 11:01:09 +00:00
Richard Levitte cc8cc9a3a1 Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda). 
Thank you\!
(note: not tested for now, a few nightly builds should give indications though)
 2009-05-15 16:36:56 +00:00
Dr. Stephen Henson 14023fe352 Merge from 1.0.0-stable branch. 2009-04-03 11:45:19 +00:00
Dr. Stephen Henson 2e5975285e Update obsolete email address... 2008-11-05 18:39:08 +00:00
Lutz Jänicke 0f401ff08b Add missing 'extern "C" {' to some _err.h files in crypto/engines/ 
PR: 1609
 2008-04-18 07:43:26 +00:00
Dr. Stephen Henson 1728756255 Detached encrypt/decrypt example, fix decrypt sample. 2008-04-11 23:52:26 +00:00
Dr. Stephen Henson f3eba36c4c Fix comments. 2008-04-11 17:50:20 +00:00
Dr. Stephen Henson 47a6d388c7 CMS compressed data examples. 2008-04-11 17:33:29 +00:00
Dr. Stephen Henson c02b6b6b21 Fix for compression and updated CMS_final(). 2008-04-11 17:07:01 +00:00
Dr. Stephen Henson 3b28bc9910 PKCS#7 examples converted to CMS. 2008-04-11 16:52:45 +00:00
Geoff Thorpe eb77ebe26c Update tunala so it builds ok with OPENSSL_NO_DEPRECATED, and improve the 
autoungunk.sh logic (autobits have grown since I last tried this...).
 2008-03-28 01:56:08 +00:00
Dr. Stephen Henson be3b365a34 Sample text files for S/MIME test programs. 2007-04-13 20:41:42 +00:00
Dr. Stephen Henson b2b2dafc28 Add a bunch of S/MIME sample programs and data. 2007-04-13 20:40:47 +00:00
Nils Larsch 90076b96df fix typos 
PR: 1280
 2006-02-15 19:42:22 +00:00
Bodo Möller d56349a2aa update TLS-ECC code 
Submitted by: Douglas Stebila
 2005-12-13 07:33:35 +00:00
Richard Levitte 37e27219f2 From branch OpenSSL_0_9_7-stable, 2002-11-13 15:30: 
The loading functions should be static if we build a dynamic
engine.
 2005-04-30 14:34:28 +00:00
Richard Levitte 4bb61becbb Add emacs cache files to .cvsignore. 2005-04-11 14:17:07 +00:00
Richard Levitte b94f886b22 Stupid casts... 2004-08-11 17:41:15 +00:00
Bodo Möller 968766cad8 updates for draft-ietf-tls-ecc-03.txt 
Submitted by: Douglas Stebila
Reviewed by: Bodo Moeller
 2003-07-22 12:34:21 +00:00
Richard Levitte c14b337570 Typo. 
PR: 593
 2003-06-11 22:45:53 +00:00
Richard Levitte 0b13e9f055 Add the possibility to build without the ENGINE framework. 
PR: 287
 2003-01-30 17:39:26 +00:00
Geoff Thorpe e5a08ce44d Make 'tunala' link with zlib if possible (so it works if openssl was 
configured with zlib support).
 2002-12-11 19:07:03 +00:00
Richard Levitte 8d6e60486f Fix to build better with DJGPP. 
PR: 338

Here's the description, submitted by Gisle Vanem <giva@bgnett.no>:

1. sock_init() renamed to ssl_sock_init() in ./apps/s_socket.c due
   to name-clash with Watt-32.

2. rand() renamed to Rand() in ./crypto/bn/divtest.c due to name-clash
   with <stdlib.h>

3. Added calls to dbug_init()/sock_init() in some demo programs.

4. Changed cflags/lflags in configure. Watt-32 install root now taken
   from $WATT_ROOT.
 2002-11-14 11:22:01 +00:00
Ben Laurie 54a656ef08 Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
Richard Levitte c0d64de660 Make internal functions static. 2002-11-13 14:34:53 +00:00
Richard Levitte c1ce8cf3b8 Name the flag files correctly. 2002-11-13 14:31:34 +00:00
Richard Levitte bd1fb77245 There's a name clash between OpenSSL and RSAref. Since this engine handles 
RSAref data, pretend we don't care for OpenSSL's MD2 and MD5 structures or
implementation.
Remove all kinds of silly warning
 2002-10-24 17:02:27 +00:00
Dr. Stephen Henson 5aa3429c5d Typo: v3 is represented by 2. 2002-10-21 00:10:10 +00:00
Richard Levitte fa4bde98d2 Add a few more target platforms, to see how well the shared library 
linking works on them.
 2002-10-10 12:46:05 +00:00
Richard Levitte 27bad5ad3d Don't fuss with the demo binaries 2002-10-09 13:57:55 +00:00
Bodo Möller 7cc6ec7af7 add URL for Internet Draft 2002-09-16 13:45:14 +00:00
Bodo Möller c2bbf275b2 1. switch from "-newkey ecdsa:..." to "-newkey ec:..." 
2. automatically create required sub-directories

Submitted by: Vipul Gupta <Vipul.Gupta@sun.com>
 2002-09-10 07:36:52 +00:00
Richard Levitte 629d860cbc Some files deserve to be ignored 2002-08-13 22:41:18 +00:00
Richard Levitte 056cc163f5 Merge in demo engines from 0.9.7-stable. 2002-08-13 12:30:27 +00:00
Bodo Möller 18a31aa861 Scripts for testing ECC ciphersuites. 
Submitted by: Sun Microsystems Labs
 2002-08-12 15:18:48 +00:00
Richard Levitte a7535a2727 Add the CBC flag for cbc ciphers 2002-08-01 19:32:48 +00:00
Richard Levitte d16e1131b4 Allow longer program names (VMS allows up to 39 characters). 
Submitted by Compaq.
 2002-04-06 20:22:48 +00:00
Lutz Jänicke 7e58aa7d71 Fix buggy if-condition (thomas poindessous <poinde_t@epita.fr>). 2002-03-21 19:16:02 +00:00
Bodo Möller 93683c3cf8 '#if OPENSSL_VERSION_NUMBER >= ...' to document the recent change 2002-03-05 09:07:16 +00:00
Bodo Möller 023ec151df Add 'void *' argument to app_verify_callback. 
Submitted by: D. K. Smetters <smetters@parc.xerox.com>
Reviewed by: Bodo Moeller
 2002-02-28 10:52:56 +00:00
Geoff Thorpe 877b2fbd3c A rough little self-test for tunala. This runs through all cipher-suite / 
SSL/TLS version combinations looking for mishaps.
 2002-02-20 05:12:45 +00:00
Geoff Thorpe afeab58a3c Make the "ungunk" logic a little more robust. 2002-02-20 05:09:22 +00:00
Geoff Thorpe 744c49a81b - Add support for cipher suites that require a temporary RSA key for 
key-agreement.
- Tolerate signal interruptions of select().
 2002-02-20 05:02:50 +00:00
Geoff Thorpe 062d3e39e7 Correct for the recent prototype changes. 2002-01-17 01:51:37 +00:00
Geoff Thorpe 1b58b616e3 Produce less confusing statistics when "-out_totals" is used. 2002-01-16 05:31:02 +00:00