[openssl-commits] [openssl] master update
The branch master has been updated via 5378186199eec800e0508c5ac1c3545d072b8c31 (commit) via a470fdab6d04e4da68840e5324c1ac1d334f425f (commit) via a2074b92874aa5784874e75c969e95086010 (commit) via 913592d2c58571a39540d8e4aeb3ea3b4db6a9f0 (commit) via 43d956fa65c66629f335b7bb7d4e190da5e99da7 (commit) via 287d0b948d184dbba782de15a9895189c5e34854 (commit) via f33bad332182f401d0f8d68808df4ff4858e98df (commit) via 540912cd4b62470f611ba696c09058b11d274521 (commit) via 59b1696c0c752aeba67f40c91d6769afbc40469b (commit) from 4fae386cb0563a0c05c2817a5ccb3c18e6d62d8d (commit) - Log - commit 5378186199eec800e0508c5ac1c3545d072b8c31 Author: Dr. Stephen HensonDate: Tue Dec 22 15:16:56 2015 + make update Reviewed-by: Richard Levitte commit a470fdab6d04e4da68840e5324c1ac1d334f425f Author: Dr. Stephen Henson Date: Tue Dec 22 03:49:02 2015 + unload modules in ssltest Reviewed-by: Richard Levitte commit a2074b92874aa5784874e75c969e95086010 Author: Dr. Stephen Henson Date: Mon Dec 21 19:34:23 2015 + make errors Reviewed-by: Richard Levitte commit 913592d2c58571a39540d8e4aeb3ea3b4db6a9f0 Author: Dr. Stephen Henson Date: Thu Jul 9 18:43:30 2015 +0100 SSL configuration module docs Reviewed-by: Richard Levitte commit 43d956fa65c66629f335b7bb7d4e190da5e99da7 Author: Dr. Stephen Henson Date: Thu Jul 9 18:24:24 2015 +0100 Demo server using SSL_CTX_config Reviewed-by: Richard Levitte commit 287d0b948d184dbba782de15a9895189c5e34854 Author: Dr. Stephen Henson Date: Wed Jul 8 23:09:52 2015 +0100 Add ssl configuration support to s_server and s_client Reviewed-by: Richard Levitte commit f33bad332182f401d0f8d68808df4ff4858e98df Author: Dr. Stephen Henson Date: Thu Apr 23 21:03:44 2015 +0100 Load module in SSL_library_init Reviewed-by: Richard Levitte commit 540912cd4b62470f611ba696c09058b11d274521 Author: Dr. Stephen Henson Date: Sun Apr 19 13:14:40 2015 +0100 Add ssl_mcnf.c to Makefile Reviewed-by: Richard Levitte commit 59b1696c0c752aeba67f40c91d6769afbc40469b Author: Dr. Stephen Henson Date: Sat Mar 14 01:36:30 2015 + SSL library configuration module. This adds support for SSL/TLS configuration using configuration modules. Sets of command value pairs are store and can be replayed through an SSL_CTX or SSL structure using SSL_CTX_config or SSL_config. Reviewed-by: Richard Levitte --- Summary of changes: apps/openssl.c | 1 + apps/s_client.c| 16 ++- apps/s_server.c| 16 ++- demos/bio/cmod.cnf | 24 demos/bio/{saccept.c => server-cmod.c} | 56 +++- demos/bio/server-ec.pem| 17 +++ doc/apps/config.pod| 28 doc/ssl/SSL_CTX_config.pod | 84 +++ include/openssl/ssl.h | 15 +- ssl/Makefile | 24 +++- ssl/ssl_algs.c | 1 + ssl/ssl_err.c | 18 ++- ssl/ssl_mcnf.c | 248 + test/ssltest.c | 1 + util/ssleay.num| 3 + 15 files changed, 511 insertions(+), 41 deletions(-) create mode 100644 demos/bio/cmod.cnf copy demos/bio/{saccept.c => server-cmod.c} (68%) create mode 100644 demos/bio/server-ec.pem create mode 100644 doc/ssl/SSL_CTX_config.pod create mode 100644 ssl/ssl_mcnf.c diff --git a/apps/openssl.c b/apps/openssl.c index 5ce04ce..f2c7ccf 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -176,6 +176,7 @@ static int apps_startup() ERR_load_SSL_strings(); OPENSSL_load_builtin_modules(); +SSL_add_ssl_module(); #ifndef OPENSSL_NO_ENGINE ENGINE_load_builtin_engines(); #endif diff --git a/apps/s_client.c b/apps/s_client.c index dbeb770..2f98966 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -466,7 +466,7 @@ typedef enum OPTION_choice { OPT_MSG, OPT_MSGFILE, OPT_ENGINE, OPT_TRACE, OPT_SECURITY_DEBUG, OPT_SECURITY_DEBUG_VERBOSE, OPT_SHOWCERTS, OPT_NBIO_TEST, OPT_STATE, OPT_PSK_IDENTITY, OPT_PSK, OPT_SRPUSER, OPT_SRPPASS, OPT_SRP_STRENGTH, -OPT_SRP_LATEUSER, OPT_SRP_MOREGROUPS, OPT_SSL3, +OPT_SRP_LATEUSER, OPT_SRP_MOREGROUPS, OPT_SSL3, OPT_SSL_CONFIG,
[openssl-commits] [openssl] OpenSSL_1_0_1-stable update
The branch OpenSSL_1_0_1-stable has been updated via 1967199f9f8ed3faf376ddbb077f41551541f08a (commit) from 23a58779f53a9060c823d00d76b3070cad61d9a3 (commit) - Log - commit 1967199f9f8ed3faf376ddbb077f41551541f08a Author: David BenjaminDate: Thu Dec 17 20:11:11 2015 +0100 Fix memory leak in DSA redo case. Found by clang scan-build. Signed-off-by: Kurt Roeckx Reviewed-by: Richard Levitte RT: #4184, MR: #1496 (cherry picked from commit 679d87515d23ca31491effdc264edc81c695a72a) --- Summary of changes: crypto/dsa/dsa_ossl.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 6edb26d..9a3772e 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -187,9 +187,6 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) if (!BN_mod_mul(s, s, kinv, dsa->q, ctx)) goto err; -ret = DSA_SIG_new(); -if (ret == NULL) -goto err; /* * Redo if r or s is zero as required by FIPS 186-3: this is very * unlikely. @@ -201,11 +198,14 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) } goto redo; } +ret = DSA_SIG_new(); +if (ret == NULL) +goto err; ret->r = r; ret->s = s; err: -if (!ret) { +if (ret == NULL) { DSAerr(DSA_F_DSA_DO_SIGN, reason); BN_free(r); BN_free(s); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
The branch OpenSSL_1_0_2-stable has been updated via 1c7de36f621e753fd9e6b7a2342b95d0e2f52781 (commit) from 6656ba7152dfe4bba865e327dd362ea08544aa80 (commit) - Log - commit 1c7de36f621e753fd9e6b7a2342b95d0e2f52781 Author: David BenjaminDate: Thu Dec 17 20:11:11 2015 +0100 Fix memory leak in DSA redo case. Found by clang scan-build. Signed-off-by: Kurt Roeckx Reviewed-by: Richard Levitte RT: #4184, MR: #1496 (cherry picked from commit 679d87515d23ca31491effdc264edc81c695a72a) --- Summary of changes: crypto/dsa/dsa_ossl.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index f0ec8fa..efc4f1b 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -187,9 +187,6 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) if (!BN_mod_mul(s, s, kinv, dsa->q, ctx)) goto err; -ret = DSA_SIG_new(); -if (ret == NULL) -goto err; /* * Redo if r or s is zero as required by FIPS 186-3: this is very * unlikely. @@ -201,11 +198,14 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) } goto redo; } +ret = DSA_SIG_new(); +if (ret == NULL) +goto err; ret->r = r; ret->s = s; err: -if (!ret) { +if (ret == NULL) { DSAerr(DSA_F_DSA_DO_SIGN, reason); BN_free(r); BN_free(s); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 679d87515d23ca31491effdc264edc81c695a72a (commit) from 91cf7551a1dd4bc9a482c5577b5081adbae96ada (commit) - Log - commit 679d87515d23ca31491effdc264edc81c695a72a Author: David BenjaminDate: Thu Dec 17 20:11:11 2015 +0100 Fix memory leak in DSA redo case. Found by clang scan-build. Signed-off-by: Kurt Roeckx Reviewed-by: Richard Levitte RT: #4184, MR: #1496 --- Summary of changes: crypto/dsa/dsa_ossl.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 34b4a4e..b4bb254 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -191,9 +191,6 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) if (!BN_mod_mul(s, s, kinv, dsa->q, ctx)) goto err; -ret = DSA_SIG_new(); -if (ret == NULL) -goto err; /* * Redo if r or s is zero as required by FIPS 186-3: this is very * unlikely. @@ -205,11 +202,14 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) } goto redo; } +ret = DSA_SIG_new(); +if (ret == NULL) +goto err; ret->r = r; ret->s = s; err: -if (!ret) { +if (ret == NULL) { DSAerr(DSA_F_DSA_DO_SIGN, reason); BN_free(r); BN_free(s); _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 91cf7551a1dd4bc9a482c5577b5081adbae96ada (commit) via b859d70d4a04db2e3b39b5c86cb6750d3c5b9593 (commit) from cfe670732b63b875054aabd965a7bcecc6508657 (commit) - Log - commit 91cf7551a1dd4bc9a482c5577b5081adbae96ada Author: Andy PolyakovDate: Mon Dec 21 14:29:02 2015 +0100 Configure: refine 'reconf' logic. Reviewed-by: Rich Salz commit b859d70d4a04db2e3b39b5c86cb6750d3c5b9593 Author: Andy Polyakov Date: Mon Dec 21 14:26:12 2015 +0100 bn/asm/bn-c64xplus.asm: update commentary. Reviewed-by: Rich Salz --- Summary of changes: Configure | 2 +- crypto/bn/asm/bn-c64xplus.asm | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/Configure b/Configure index 84caaa3..ee8987e 100755 --- a/Configure +++ b/Configure @@ -1053,7 +1053,7 @@ PROCESS_ARGS: { $ENV{CROSS_COMPILE}=$1; } - elsif (/^CC=\s*(?:\$\(CROSS_COMPILE\))?(.*?)/) + elsif (/^CC=\s*(?:\$\(CROSS_COMPILE\))?(.*?)$/) { $ENV{CC}=$1; } diff --git a/crypto/bn/asm/bn-c64xplus.asm b/crypto/bn/asm/bn-c64xplus.asm index 7cd5881..7b72bff 100644 --- a/crypto/bn/asm/bn-c64xplus.asm +++ b/crypto/bn/asm/bn-c64xplus.asm @@ -284,8 +284,9 @@ _bn_mul_comba4: .if 0 BNOPsploopNxM?,3 ;; Above mentioned m*2*(n+1)+10 does not apply in n=m=4 case, - ;; because of read-after-write penalties, it's rather - ;; n*2*(n+3)+10, or 66 cycles [plus various overheads]... + ;; because of low-counter effect, when prologue phase finishes + ;; before SPKERNEL instruction is reached. As result it's 25% + ;; slower than expected... MVK 4,B0; N, RILC || MVK 4,A0; M, outer loop counter || MV ARG1,A5 ; copy ap _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via 0f6a2a97a55dfe383604b403cbae043391c1aac6 (commit) from e091c83e72d584e077526cac7972e83adc0c18ca (commit) - Log - commit 0f6a2a97a55dfe383604b403cbae043391c1aac6 Author: Dr. Stephen HensonDate: Tue Dec 22 16:52:27 2015 + In mkerr.pl look in directories under ssl/ Reviewed-by: Rich Salz --- Summary of changes: util/mkerr.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/util/mkerr.pl b/util/mkerr.pl index 95f2883..0ba6ec5 100644 --- a/util/mkerr.pl +++ b/util/mkerr.pl @@ -116,7 +116,7 @@ EOF } if($recurse) { - @source = ( , , ) + @source = ( , , , ) } else { @source = @ARGV; } _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
[openssl-commits] [openssl] master update
The branch master has been updated via e091c83e72d584e077526cac7972e83adc0c18ca (commit) from 5378186199eec800e0508c5ac1c3545d072b8c31 (commit) - Log - commit e091c83e72d584e077526cac7972e83adc0c18ca Author: Dr. Stephen HensonDate: Tue Dec 22 16:16:35 2015 + remove unused error code Reviewed-by: Kurt Roeckx Reviewed-by: Rich Salz --- Summary of changes: include/openssl/ssl.h | 1 - ssl/ssl_err.c | 1 - 2 files changed, 2 deletions(-) diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index f700828..119b50f 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -2176,7 +2176,6 @@ void ERR_load_SSL_strings(void); # define SSL_R_BAD_ECC_CERT 304 # define SSL_R_BAD_ECDSA_SIGNATURE305 # define SSL_R_BAD_ECPOINT306 -# define SSL_R_BAD_GOST_SIGNATURE 406 # define SSL_R_BAD_HANDSHAKE_LENGTH 332 # define SSL_R_BAD_HELLO_REQUEST 105 # define SSL_R_BAD_LENGTH 271 diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c index c29c36b..0c40b7b 100644 --- a/ssl/ssl_err.c +++ b/ssl/ssl_err.c @@ -434,7 +434,6 @@ static ERR_STRING_DATA SSL_str_reasons[] = { {ERR_REASON(SSL_R_BAD_ECC_CERT), "bad ecc cert"}, {ERR_REASON(SSL_R_BAD_ECDSA_SIGNATURE), "bad ecdsa signature"}, {ERR_REASON(SSL_R_BAD_ECPOINT), "bad ecpoint"}, -{ERR_REASON(SSL_R_BAD_GOST_SIGNATURE), "bad gost signature"}, {ERR_REASON(SSL_R_BAD_HANDSHAKE_LENGTH), "bad handshake length"}, {ERR_REASON(SSL_R_BAD_HELLO_REQUEST), "bad hello request"}, {ERR_REASON(SSL_R_BAD_LENGTH), "bad length"}, _ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits