-
commit a9998e2f67046d3f778d3c9d578ea56e183a638b
Author: Matt Caswell <m...@openssl.org>
Date: Thu Feb 16 17:09:28 2017 +
Updates following review feedback
Reviewed-by: Rich Salz <rs...@openssl.org>
(Merged from https://github.com/ope
Kaduk <bka...@akamai.com>
Date: Thu Aug 18 15:47:04 2016 -0500
Sort %disabled in Configure
@disablables is sorted, but these were just added at the end of
%disabled in commits c2e27310 and 22e3dcb7.
Reviewed-by: Rich Salz <rs...@openssl.org>
Reviewed-by:
)
- Log -
commit 5802758eb480c5f14a768f6a061df1dd20aec8c4
Author: Matt Caswell <m...@openssl.org>
Date: Wed Aug 17 17:55:36 2016 +0100
Update function error code
A function error code needed updating due to merge
44efb88a21d464dba3ac5084c8d4553d696fab33 (commit)
from c35d339d98f969aa88b75124389ba86344eb7e2a (commit)
- Log -
commit bb982ce7532eb5f5f8d66211d556940a7f407496
Author: Matt Caswell <m...@openssl.org>
Date: Thu Aug 4 11
The branch master has been updated
via f9cf774cbd31c3498ade4574c3b0ae6cb9773e28 (commit)
from 0f022f5a2201a591da7d373ebeeb7d29bdcaf95a (commit)
- Log -
commit f9cf774cbd31c3498ade4574c3b0ae6cb9773e28
Author: Matt
32bit unsigned long on
x32 platform.
Reviewed-by: Tim Hudson <t...@openssl.org>
Reviewed-by: Matt Caswell <m...@openssl.org>
commit e7e5d608fb6cef9929a2cf56d72fa7e236ca7573
Author: Tomas Mraz <tm...@fedoraproject.org>
Date: Wed Aug 10 15:21:32 2016 +0200
Add
Yamaguchi <k...@rhe.jp>
Date: Mon Aug 22 02:36:36 2016 +0900
Fix overflow check in BN_bn2dec()
Fix an off by one error in the overflow check added by 07bed46f332fc
("Check for errors in BN_bn2dec()").
Reviewed-by: Stephen Henson <st...@openssl.org>
-
commit cfd40fd39e69f5e3c654ae8fbf9acb1d2a051144
Author: Matt Caswell <m...@openssl.org>
Date: Thu Jun 30 15:06:27 2016 +0100
Prevent DTLS Finished message injection
Follow on from CVE-2016-2179
The investigation and analysis of CVE-2016-2179 highlighted a r
The branch master has been updated
via 5dfd03812c54ca72d5e4f3d866f270257e6af082 (commit)
from 68a39960a7a46545419fa7447291fad2e4c483f2 (commit)
- Log -
commit 5dfd03812c54ca72d5e4f3d866f270257e6af082
Author: Matt
The branch master has been updated
via df15c84901b235233013105c5977074d68530852 (commit)
from 9d70ac97d9d8720e6ed280609c844da403b80440 (commit)
- Log -
commit df15c84901b235233013105c5977074d68530852
Author: Matt
The branch master has been updated
via 9e421962e1cd58e302ebd8aca5d5a44198194243 (commit)
from 44cb4f5b5f0cee7e177aa8fc214b992f016fa8f0 (commit)
- Log -
commit 9e421962e1cd58e302ebd8aca5d5a44198194243
Author: Andy
The branch master has been updated
via 44cb4f5b5f0cee7e177aa8fc214b992f016fa8f0 (commit)
from e97763c92c655dcf4af2860b3abd2bc4c8a267f9 (commit)
- Log -
commit 44cb4f5b5f0cee7e177aa8fc214b992f016fa8f0
Author: Matt
The branch master has been updated
via dfde4219fdebbb5a8a17602fea036f7690e517ea (commit)
via b62b2454fadfccaf5e055a1810d72174c2633b8f (commit)
from 9e421962e1cd58e302ebd8aca5d5a44198194243 (commit)
- Log -
The branch master has been updated
via c74aea8d6ccdf07ce826a9451887739b8aa64096 (commit)
via e3057a57caf4274ea1fb074518e4714059dfcabf (commit)
from dfde4219fdebbb5a8a17602fea036f7690e517ea (commit)
- Log -
Author: Matt Caswell <m...@openssl.org>
Date: Wed Aug 24 09:23:14 2016 +0100
Fix no-ec
Use a ciphersuite in dtlstest that is not affected by no-* options.
Backport of commit fe34735c19.
Reviewed-by: Richard Levitte <levi...@op
Levitte <levi...@openssl.org>
Date: Thu Aug 25 10:06:55 2016 +0200
NEWS: add a number of the types that were made opaque
Reviewed-by: Matt Caswell <m...@openssl.org>
---
Summary of changes:
NEWS | 10 +
The branch master has been updated
via cc069067075d77c7a61e44a253aec917d0b6a2f5 (commit)
from 5105ba5bec773883e86d8c026d1eac1f1c970669 (commit)
- Log -
commit cc069067075d77c7a61e44a253aec917d0b6a2f5
Author: Matt
The branch master has been updated
via fb5d9f1db5552facbc5269bc2856b58f5e4e2d13 (commit)
from 647ac8d3d7143e3721d55e1f57730b6f26e72fc9 (commit)
- Log -
commit fb5d9f1db5552facbc5269bc2856b58f5e4e2d13
Author: Andy
The branch master has been updated
via eedb9db9afd531e9dc69a33b73c7e1cd27153b0b (commit)
from fb5d9f1db5552facbc5269bc2856b58f5e4e2d13 (commit)
- Log -
commit eedb9db9afd531e9dc69a33b73c7e1cd27153b0b
Author: Andy
The branch master has been updated
via bee5ee5f0649da8a2496227aa4d149d902543be6 (commit)
from eedb9db9afd531e9dc69a33b73c7e1cd27153b0b (commit)
- Log -
commit bee5ee5f0649da8a2496227aa4d149d902543be6
Author: Matt
Author: Matt Caswell <m...@openssl.org>
Date: Fri Sep 2 10:42:36 2016 +0100
Ensure trace recognises X25519
Using the -trace option to s_server or s_client was incorrectly printing
UNKNOWN for the X25519 curve.
Reviewed-by: Rich Salz <rs...@openssl.org>
(c
The branch master has been updated
via 2d11f5b2ca863d4bd9e20b224932b247ed85842b (commit)
from 4e3997293b3825ed19de20d5484f8c0f66fce534 (commit)
- Log -
commit 2d11f5b2ca863d4bd9e20b224932b247ed85842b
Author: Matt
The branch master has been updated
via 135648bcd0e9db029582d3d7627a90a1b566c5d6 (commit)
from 2d11f5b2ca863d4bd9e20b224932b247ed85842b (commit)
- Log -
commit 135648bcd0e9db029582d3d7627a90a1b566c5d6
Author: Matt
Author: Matt Caswell <m...@openssl.org>
Date: Mon Sep 5 14:12:58 2016 +0100
Fix mem leaks during auto-deinit
Certain functions are automatically called during auto-deinit in order
to deallocate resources. However, if we have never entered a function which
marks lib
Author: Matt Caswell <m...@openssl.org>
Date: Tue Aug 30 15:06:01 2016 +0100
Ensure the CertStatus message adds a DTLS message header where needed
The function tls_construct_cert_status() is called by both TLS and DTLS
code. However it only ever constructed a TLS message
-
commit 767ccc3b77cde82c46ab4af541663f6c80e538d3
Author: Matt Caswell <m...@openssl.org>
Date: Tue Aug 30 14:20:18 2016 +0100
Add some CertStatus tests
The previous commit revealed a long standing problem where CertStatus
processing was broken in DTLS. This would have been re
497f3bf9a75a2917e50b16b7985e87c89b86a39b (commit)
- Log -
commit 869d0a37cfa7cfdbd42026d2b75d14cdc64e81e0
Author: Matt Caswell <m...@openssl.org>
Date: Tue Sep 13 15:42:12 2016 +0100
Encourage use of the macros for the v
The branch master has been updated
via 58c57b7facce86de54a6ced83d660846b8df253f (commit)
from 18aa2f8a7aa09fa3654db8b8f9e2cbba09851ebf (commit)
- Log -
commit 58c57b7facce86de54a6ced83d660846b8df253f
Author: Matt
The branch master has been updated
via 5587c46721853723471058cb8bb13e287b3f83e0 (commit)
from 978e985e20a2971aebbef7263d4b2c432a90d018 (commit)
- Log -
commit 5587c46721853723471058cb8bb13e287b3f83e0
Author: Matt
The branch master has been updated
via 978e985e20a2971aebbef7263d4b2c432a90d018 (commit)
from 58c57b7facce86de54a6ced83d660846b8df253f (commit)
- Log -
commit 978e985e20a2971aebbef7263d4b2c432a90d018
Author: Matt
Author: Matt Caswell <m...@openssl.org>
Date: Thu Sep 8 14:32:27 2016 +0100
Add some sanity checks around usage of t_fromb64()
The internal SRP function t_fromb64() converts from base64 to binary. It
does not validate that the size of the destination is sufficiently
The branch master has been updated
via 73f0df8331910d6726d45ecaab12bd93cc48b4e2 (commit)
from 869d0a37cfa7cfdbd42026d2b75d14cdc64e81e0 (commit)
- Log -
commit 73f0df8331910d6726d45ecaab12bd93cc48b4e2
Author: Matt
Author: Matt Caswell <m...@openssl.org>
Date: Thu Sep 8 14:32:27 2016 +0100
Add some sanity checks around usage of t_fromb64()
The internal SRP function t_fromb64() converts from base64 to binary. It
does not validate that the size of the destination is sufficiently
The branch master has been updated
via dd8710dc54f5123d0fa54b5c90fc2c3a9dae43fe (commit)
from 73f0df8331910d6726d45ecaab12bd93cc48b4e2 (commit)
- Log -
commit dd8710dc54f5123d0fa54b5c90fc2c3a9dae43fe
Author: Matt
(commit)
via b7273855acd7ec2d1e7a4ba626ed538808fc7517 (commit)
from cdbbf9900253e8006868eba948248b1092a057de (commit)
- Log -
commit c0f9e23c6b8d1076796987d5a84557d410682d85
Author: Matt Caswell <m...@openssl.org>
Author: Matt Caswell <m...@openssl.org>
Date: Mon Sep 12 11:04:51 2016 +0100
Abort on unrecognised warning alerts
A peer continually sending unrecognised warning alerts could mean that we
make no progress on a connection. We should abort rather than continuing if
we r
-
commit 44c9339ca802746ac01c8144fb963beb1ed8c837
Author: Matt Caswell <m...@openssl.org>
Date: Sun Sep 11 12:47:39 2016 -0400
util/shlib_wrap.sh is now auto-generated so tell git to ignore it
Signed-off-by: Rich Salz <rs...@openssl.org>
Reviewed-by: Ric
The branch master has been updated
via 77a6be4dfc2ecf406c2559a99bea51317ce0f533 (commit)
from c0f9e23c6b8d1076796987d5a84557d410682d85 (commit)
- Log -
commit 77a6be4dfc2ecf406c2559a99bea51317ce0f533
Author: Matt
Author: Matt Caswell <m...@openssl.org>
Date: Thu Sep 15 20:53:09 2016 +0100
Revert "Abort on unrecognised warning alerts"
This reverts commit 15d81749322c3498027105f8ee44e8c25479d475.
There were some unexpected side effects to this commit, e.g. in SSLv3 a
Author: Matt Caswell <m...@openssl.org>
Date: Mon Sep 26 12:04:23 2016 +0100
Fix some mem leaks in sslapitest
A mem leak could occur on an error path. Also the mempacket BIO_METHOD
needs to be cleaned up, because of the newly added DTLS test.
Also fixed a double semi
The branch master has been updated
via fa454945cf2855fed452ff9bdb1876096bc07beb (commit)
from 8ff70f3326983360c6f6306a1cd2238ef92d1f26 (commit)
- Log -
commit fa454945cf2855fed452ff9bdb1876096bc07beb
Author: Matt
-
commit ac8cc3efb26fa91c4f29463044cfe9e7070ebc14
Author: Matt Caswell <m...@openssl.org>
Date: Thu Sep 29 14:26:36 2016 +0100
Remove tls12_copy_sigalgs_old()
This was a temporary function needed during the conversion to WPACKET. All
callers have now been converted to the n
The branch master has been updated
via e4e1aa903e624044d3319622fc50222f1b2c7328 (commit)
from 0023baffb8f648c22d397bfa5e1cc8749749bd29 (commit)
- Log -
commit e4e1aa903e624044d3319622fc50222f1b2c7328
Author: Matt
1ff8434040b35f35c27f77ef064481622490bba9 (commit)
from ac8cc3efb26fa91c4f29463044cfe9e7070ebc14 (commit)
- Log -
commit 0023baffb8f648c22d397bfa5e1cc8749749bd29
Author: Matt Caswell <m...@openssl.org>
Date: Thu Sep 29 14
-
commit cc59ad1073c49cbb173708d7377df06ad3786f4c
Author: Matt Caswell <m...@openssl.org>
Date: Thu Sep 29 16:40:13 2016 +0100
Convert CertStatus message construction to WPACKET
Reviewed-by: Rich Salz <rs...@op
The branch master has been updated
via 83ae4661315d3d0ad52ddaa8fa5c8f1055c6c6f6 (commit)
from e4e1aa903e624044d3319622fc50222f1b2c7328 (commit)
- Log -
commit 83ae4661315d3d0ad52ddaa8fa5c8f1055c6c6f6
Author: Matt
Author: Matt Caswell <m...@openssl.org>
Date: Thu Sep 29 15:38:44 2016 +0100
Fix missing NULL checks in NewSessionTicket construction
Reviewed-by: Rich Salz <rs...@openssl.org>
(cherry picked from commit 83ae4661315d3d0ad52ddaa8fa5c
e from the
+ https://www.openssl.org/community/team.html;>team page.
+ Current team members that sign releases include Richard Levitte,
Stephen
+ Henson and Matt Caswell.
+
Each day we make a snapshot of each development branch.
They can
-
commit 08029dfa03c0ee3a50f373017143aaae5f87d17f
Author: Matt Caswell <m...@openssl.org>
Date: Tue Sep 20 14:47:44 2016 +0100
Convert WPACKET_put_bytes to use convenience macros
All the other functions that take an ar
Author: Matt Caswell <m...@openssl.org>
Date: Wed Sep 14 13:27:59 2016 +0100
Fix a missing NULL check in dsa_builtin_paramgen
We should check the last BN_CTX_get() call to ensure that it isn't NULL
before we try and use any of the allocated BIGNUMs.
Issue reported
Author: Matt Caswell <m...@openssl.org>
Date: Wed Sep 14 13:27:59 2016 +0100
Fix a missing NULL check in dsa_builtin_paramgen
We should check the last BN_CTX_get() call to ensure that it isn't NULL
before we try and use any of the allocated BIGNUMs.
Issue reported
The branch master has been updated
via 1ff7425d6130380bb00d3e64739633a4b21b11a3 (commit)
from f3ff481f318b10a223d6157bde9645e1797487c5 (commit)
- Log -
commit 1ff7425d6130380bb00d3e64739633a4b21b11a3
Author: Matt
The branch master has been updated
via 3c106325292d30fad32b0dd4cdf2f2ec613461b1 (commit)
from 1ff7425d6130380bb00d3e64739633a4b21b11a3 (commit)
- Log -
commit 3c106325292d30fad32b0dd4cdf2f2ec613461b1
Author: Matt
The branch master has been updated
via af58be768ebb690f78530f796e92b8ae5c9a4401 (commit)
from 7dc0ad4d6dca81a003be7fa1fbd58a55f4be8646 (commit)
- Log -
commit af58be768ebb690f78530f796e92b8ae5c9a4401
Author: Matt
Author: Matt Caswell <m...@openssl.org>
Date: Wed Sep 21 14:48:16 2016 +0100
Don't allow too many consecutive warning alerts
Certain warning alerts are ignored if they are received. This can mean that
no progress will be made if one peer continually sends those warning
Author: Matt Caswell <m...@openssl.org>
Date: Wed Sep 21 14:07:31 2016 +0100
Don't allow too many consecutive warning alerts
Certain warning alerts are ignored if they are received. This can mean that
no progress will be made if one peer continually sends those warning
-
commit 48c054fec3506417b2598837b8062aae7114c200
Author: Matt Caswell <m...@openssl.org>
Date: Mon Sep 19 11:57:07 2016 +0100
Excessive allocation of memory in dtls1_preprocess_fragment()
This issue is very similar to CVE-2016-6307 described in the previous
commit. The unde
The branch master has been updated
via 41bff723c6784cc846054a4fd4add6dbec8c2c64 (commit)
from af58be768ebb690f78530f796e92b8ae5c9a4401 (commit)
- Log -
commit 41bff723c6784cc846054a4fd4add6dbec8c2c64
Author: Matt
Author: Matt Caswell <m...@openssl.org>
Date: Wed Sep 21 15:49:28 2016 +0100
Don't leak on an OPENSSL_realloc() failure
If OPENSSL_sk_insert() calls OPENSSL_realloc() and it fails, it was leaking
the originally allocated memory.
Reviewed-by: Rich Salz <rs...@op
-
commit df6b5e29ffea2d5a3e08de92fb765fdb21c7a21e
Author: Matt Caswell <m...@openssl.org>
Date: Mon Sep 19 11:57:07 2016 +0100
Excessive allocation of memory in dtls1_preprocess_fragment()
This issue is very similar to CVE-2016-6307 described in the previous
Author: Matt Caswell <m...@openssl.org>
Date: Thu Sep 15 20:43:16 2016 +0100
Revert "Abort on unrecognised warning alerts"
This reverts commit 77a6be4dfc2ecf406c2559a99bea51317ce0f533.
There were some unexpected side effects to this commit, e.g. in SSLv3 a
The branch master has been updated
via 3c0c68ae460e947aaae5702bda6258fb812e1029 (commit)
from d602c2b680aefd3e0d00d090783ef5f912caf06a (commit)
- Log -
commit 3c0c68ae460e947aaae5702bda6258fb812e1029
Author: Matt
28aef3d9558dc2e11ba56576b3a4d3faaef8a9d3 (commit)
- Log -
commit 418a18a2deddc0b0d6181de0008219c899ca6ddf
Author: Matt Caswell <m...@openssl.org>
Date: Tue Sep 20 10:16:15 2016 +0100
Style tweaks following review fe
-
commit c536b6be1a72aefd632d5530106a67c516cb9f4b
Author: Matt Caswell <m...@openssl.org>
Date: Wed Sep 21 11:26:47 2016 +0100
Convert HelloVerifyRequest construction to WPACKET
We actually construct a HelloVerifyRequest in two places with common code
pulled into a single fu
Author: Richard Levitte <levi...@openssl.org>
Date: Thu Sep 22 10:01:38 2016 +0200
mk1mf.pl: check for no-tls1 here as well
Reviewed-by: Matt Caswell <m...@openssl.org>
---
Summary of changes:
util/mk1mf.
me way in this program.
Reviewed-by: Matt Caswell <m...@openssl.org>
(cherry picked from commit 780bbb96bf514f0b4013e9c5725614ba5153c497)
---
Summary of changes:
test/x509aux.c | 17 +++--
1 file
Author: Richard Levitte <levi...@openssl.org>
Date: Thu Sep 22 10:15:02 2016 +0200
Fix error message typo, wrong function code
Reviewed-by: Matt Caswell <m...@openssl.org>
(cherry picked from commit a449b47c7d8e20efc8cc524ed695
The annotated tag OpenSSL_1_0_2i has been created
at c3b111de3699ae812738e61c6b01101ea6a12b74 (tag)
tagging 32c130160f7dac2cef5d0e30d94b335e4a87104d (commit)
replaces OpenSSL_1_0_2h
tagged by Matt Caswell
on Thu Sep 22 11:24:53 2016 +0100
- Log
The annotated tag OpenSSL_1_0_1u has been created
at 1883c9e66f488b03bacf2fb634ae0cda438352b1 (tag)
tagging 888759a1d38197f29de7227876c3b58fbff8549f (commit)
replaces OpenSSL_1_0_1t
tagged by Matt Caswell
on Thu Sep 22 11:30:27 2016 +0100
- Log
(commit)
via a59ab1c4dd27a4c7c6e88f3c33747532fd144412 (commit)
from d8e94b0d8fe412c19bc230593a960b7db73a8e7b (commit)
- Log -
commit 5fe5914d3068128cdc6b08fe72746bb516a30b8a
Author: Matt Caswell <m...@openssl.org>
)
via 2c0d295e26306e15a92eb23a84a1802005c1c137 (commit)
from 151adf2e5cc23284a059e0f155505006a1c9fad9 (commit)
- Log -
commit 52a69c480d243f727c8393fb42b9ff9da742c143
Author: Matt Caswell <m...@openssl.org>
Date: T
Levitte <levi...@openssl.org>
Date: Thu Sep 22 10:15:02 2016 +0200
Fix error message typo, wrong function code
Reviewed-by: Matt Caswell <m...@openssl.org>
---
Summary of changes:
ssl/statem/statem.c |
9d264d11a93413d2724b7c8c873e56b2ddd8c53f
Author: Matt Caswell <m...@openssl.org>
Date: Thu Sep 22 11:25:49 2016 +0100
Prepare for 1.0.2j-dev
Reviewed-by: Richard Levitte <levi...@openssl.org>
commit 32c130160f7dac2cef5d0e30d94b335e4a87104d
Author: Matt Caswell <m...@openssl.org>
Date: Thu Se
)
- Log -
commit 39c136cc53d7b6fafdd1a0b52c035fd24358e01c
Author: Matt Caswell <m...@openssl.org>
Date: Wed Sep 21 21:59:49 2016 +0100
Updates CHANGES and NEWS for new release
Reviewed-by: Richard Levitte <levi...@op
ited by a malicious peer in a Denial Of
Service
+attack.
+
+OpenSSL 1.1.0 users should upgrade to 1.1.0a
+
+This issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The
+fix was developed by Matt Caswell of the OpenSSL development team.
+
+SWEET32 Mitiga
-
commit 9205ebeb8e448b2d6948b9e5d78ecf309c0ed33c
Author: Matt Caswell <m...@openssl.org>
Date: Thu Sep 8 11:06:29 2016 +0100
Convert num_alloc to a size_t in stack.c and tweak style
We were casting num_alloc to size_t in lots of places, or just using it in
a context where
The branch master has been updated
via 9483f83786104d833b5798269fac45f6fd44 (commit)
from d7e5276647afb3018be67193c29f8f476fffe1d8 (commit)
- Log -
commit 9483f83786104d833b5798269fac45f6fd44
Author: Matt
dified for 1.0.2 by adding selected PACKET_xx() functions and PRF, and
subsequent cleanup from commit eb633d03fe2db3666840dee8d0a2dbe491672dfc)
Reviewed-by: Rich Salz <rs...@openssl.org>
Reviewed-by: Matt Caswell <m...@openssl.org>
(cherry
The branch master has been updated
via bbf73f84fc42628cb619f9e8e02691530cfeb08e (commit)
from 156e34f21d15ba5dbf0995ab57bc7214ba291b05 (commit)
- Log -
commit bbf73f84fc42628cb619f9e8e02691530cfeb08e
Author: Matt
Author: Matt Caswell <m...@openssl.org>
Date: Thu Aug 25 21:55:02 2016 +0100
Remove note from CHANGES about EC DRBG
EC DRBG support was added in 7fdcb457 in 2011 and then later removed.
However the CHANGES entry for its original addition was left behind.
This just r
enssl.org>
Reviewed-by: Matt Caswell <m...@openssl.org>
---
Summary of changes:
apps/ca.c | 1 +
crypto/x509/x509_r2x.c | 14 +-
2 files changed, 10 insertions(+), 5 deletions(-)
diff --git a/app
Author: Todd Short <tsh...@akamai.com>
Date: Thu May 26 13:49:36 2016 -0400
Always use session_ctx when removing a session
Sessions are stored on the session_ctx, which doesn't change after
SSL_set_SSL_CTX().
Reviewed-by: Rich Salz <rs...@openssl.org>
Revie
SCTP connections, if
SSL_export_keying_material() fails. Which it does, for DTLS1_BAD_VER.
Apply the trivial fix to make it succeed, since there's no real reason
why it shouldn't even though we never need it.
Reviewed-by: Rich Salz <rs...@openssl.org>
Reviewed-by: Matt Caswell <m...
Author: Matt Caswell <m...@openssl.org>
Date: Fri Aug 26 15:14:24 2016 +0100
SRP_create_verifier does not check for NULL before OPENSSL_cleanse
OPENSSL_cleanse() does not validate its input parameter for NULL so
SRP_create_verifier() should do so instead. Otherwise a se
out of the public API.
SCT_verify_v1 is redundant, since SCT_validate does the same verification
(by calling SCT_verify) and more. The API is less confusing with a single
verification function (SCT_validate).
Reviewed-by: Rich Salz <rs...@openssl.org>
Reviewed-by: Mat
0.101 and not 0.1001. The divisions actually
correspond to 0.101 which is fine. The third line also dropped a factor
of three.
The actual code appears to be fine. Just the comments are wrong.
Reviewed-by: Rich Salz <rs...@openssl.org>
Reviewed-by: Matt Caswell <m
ership was not transferred when CTLOG_new returned NULL).
Reviewed-by: Rich Salz <rs...@openssl.org>
Reviewed-by: Matt Caswell <m...@openssl.org>
---
Summary of changes:
crypto/ct/ct_log.c | 2 +-
-
commit eb96e8b5fd1ad4eeae0b0330ca465ca462e0f6c1
Author: Rob Percival <robperci...@google.com>
Date: Tue Aug 23 17:35:14 2016 +0100
Document that o2i_SCT_signature can leave the SCT in an inconsistent state
Reviewed-by: Rich Salz <rs...@openssl.org>
Reviewed-by: Mat
8b7c51a0e4a03895a657cf2eb8d5c2aa1ca3586f
Author: Matt Caswell <m...@openssl.org>
Date: Tue Aug 23 00:01:57 2016 +0100
Add some sanity checks when checking CRL scores
Reviewed-by: Tim Hudson <t...@openssl.org>
commit c6231e9c7baec688792e043d12508e608545fffb
Author: Matt Caswell <m...@openssl.org>
Date:
d MSYS...
Reviewed-by: Matt Caswell <m...@openssl.org>
---
Summary of changes:
test/recipes/80-test_pkcs12.t | 30 --
1 file changed, 20 insertions(+), 10 deletions(-)
diff --git a/tes
The branch OpenSSL_1_0_2-stable has been updated
via baaabfd8fdcec04a691695fad9a664bea43202b6 (commit)
from 3cb28d188803c7768f767f0da40bbea61449521c (commit)
- Log -
commit baaabfd8fdcec04a691695fad9a664bea43202b6
The branch master has been updated
via e97763c92c655dcf4af2860b3abd2bc4c8a267f9 (commit)
from 652c52a602b4c88cfadb99e85ef175441b7f5d18 (commit)
- Log -
commit e97763c92c655dcf4af2860b3abd2bc4c8a267f9
Author: Dr.
The branch OpenSSL_1_0_1-stable has been updated
via 1bbe48ab149893a78bf99c8eb8895c928900a16f (commit)
from 3612ff6fcec0e3d1f2a598135fe12177c0419582 (commit)
- Log -
commit 1bbe48ab149893a78bf99c8eb8895c928900a16f
Percival <robperci...@google.com>
Date: Tue Aug 23 18:31:16 2016 +0100
SCT_set_source resets validation_status
This makes it consistent with all of the other SCT setters.
Reviewed-by: Rich Salz <rs...@openssl.org>
Reviewed-by: Matt Caswell <m
The branch master has been updated
via 61884b8140893cb75c62f7303df67291ada360fe (commit)
from 8b7c51a0e4a03895a657cf2eb8d5c2aa1ca3586f (commit)
- Log -
commit 61884b8140893cb75c62f7303df67291ada360fe
Author: Matt
The branch OpenSSL_1_1_0-stable has been created
at dcb36a995edc387a30bbd7dae4d0199db34557d1 (commit)
- Log -
commit dcb36a995edc387a30bbd7dae4d0199db34557d1
Author: Matt Caswell <m...@openssl.org>
Date: Thu Aug 25
The annotated tag OpenSSL_1_1_0 has been created
at 4d051092ff66736bba2676763a1b49fe8dadc39a (tag)
tagging abd30777cc72029e8a44e4b67201cae8ed3d19c1 (commit)
replaces OpenSSL_1_1_0-pre6
tagged by Matt Caswell
on Thu Aug 25 16:29:18 2016 +0100
- Log
Polyakov <ap...@openssl.org>
Date: Wed Aug 24 17:13:09 2016 +0200
ec/asm/ecp_nistz256-x86_64.pl: /cmovb/cmovc/ as nasm doesn't recognize
cmovb.
Reviewed-by: Richard Levitte <levi...@openssl.org>
Reviewed-by: Matt Caswell <m
The branch master has been updated
via ef28891bab7054667f2f6739f6d376c38b3ca1cc (commit)
via d33726b92e09605a088369d0e01c99d138c0524f (commit)
from cfd20f64cc4bd440cfc8fe59f2daaa575015af3d (commit)
- Log -
The branch master has been updated
via 4a7b3a7b4d01ce1208bc4465a4e7bd5be9401ad0 (commit)
from 3188c9509e1775f15ffd42ccfffd0e6ea1929923 (commit)
- Log -
commit 4a7b3a7b4d01ce1208bc4465a4e7bd5be9401ad0
Author: Viktor
401 - 500 of 2436 matches
Mail list logo
