[openssl] master update

2019-10-11 Thread Matt Caswell
- commit 59d0e6c8964c07d7e46c9989735cd1486250b330 Author: Matt Caswell Date: Mon Oct 7 18:21:39 2019 +0100 Add a test for EVP_Digest[Sign|Verify]* with a BIO MD If an EVP_MD_CTX is initialised with EVP_DigestSignInit_ex

[openssl] master update

2019-10-07 Thread Matt Caswell
Date: Sun Oct 6 13:38:52 2019 -0400 Fix typo in flag name Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/10110) --- Summary of changes: doc

[openssl] master update

2019-10-07 Thread Matt Caswell
The branch master has been updated via 8e1a15822bcec6a1fb591f2d0ec4ce618d178926 (commit) from 37133290832ac2d1389926eba7325125fdacbe8d (commit) - Log - commit 8e1a15822bcec6a1fb591f2d0ec4ce618d178926 Author: Matt

[openssl] OpenSSL_1_1_1-stable update

2019-10-07 Thread Matt Caswell
Author: Matt Caswell Date: Fri Oct 4 14:01:21 2019 +0100 Send bad_record_mac instead of decryption_failed The decryption failed alert was deprecated a long time ago. It can provide an attacker too much information to be able to distinguish between MAC failures and decryption

[openssl] master update

2019-10-07 Thread Matt Caswell
The branch master has been updated via 37133290832ac2d1389926eba7325125fdacbe8d (commit) from a56f68adb7aaada4848d422125bee87ea6c3f483 (commit) - Log - commit 37133290832ac2d1389926eba7325125fdacbe8d Author: Matt

[openssl] master update

2019-10-03 Thread Matt Caswell
The branch master has been updated via 19cfe7847c17fb4d73c8b7267da841ec1a639dd3 (commit) from 85870311fd98acab2ee8a31a1ce17dc2db695989 (commit) - Log - commit 19cfe7847c17fb4d73c8b7267da841ec1a639dd3 Author: Matt

[openssl] master update

2019-10-03 Thread Matt Caswell
The branch master has been updated via 85870311fd98acab2ee8a31a1ce17dc2db695989 (commit) from 14bec2c4b4a74f7de3bdf4b3fff764d8842c27ab (commit) - Log - commit 85870311fd98acab2ee8a31a1ce17dc2db695989 Author: Matt

[openssl] master update

2019-10-03 Thread Matt Caswell
) - Log - commit 14bec2c4b4a74f7de3bdf4b3fff764d8842c27ab Author: Matt Caswell Date: Thu Sep 26 14:55:00 2019 +0100 Free a fetched digest during EVP_MD_CTX_reset() not EVP_MD_free() Otherwise a mem leak can occur since

[openssl] OpenSSL_1_1_1-stable update

2019-09-30 Thread Matt Caswell
Author: Matt Caswell Date: Fri Sep 27 11:24:26 2019 +0100 Correct the function names in SSL_CTX_set_stateless_cookie_generate_cb.pod Although the synopsis used the correct function names, the description did not. Also the description of the equivalent DTLSv1_listen() callbacks

[openssl] master update

2019-09-30 Thread Matt Caswell
The branch master has been updated via 84f471ecab76a16281a16c53d259bbcae358816f (commit) from 7e3ae24832e0705583b1471febf3dc0eb1cc021f (commit) - Log - commit 84f471ecab76a16281a16c53d259bbcae358816f Author: Matt

[openssl] master update

2019-09-25 Thread Matt Caswell
The branch master has been updated via e6879a31ef597f1b9608c7897087203d829d47c2 (commit) from 5a2a2f66c5e79895400c6e895ce7f8d48db96bb8 (commit) - Log - commit e6879a31ef597f1b9608c7897087203d829d47c2 Author: Matt

[openssl] master update

2019-09-23 Thread Matt Caswell
- commit f9e57a28886fe29bc49d3c89a1cc4e53ee4896d6 Author: raja-ashok Date: Thu Sep 19 16:42:42 2019 +0530 Update new TLS version options to s_time man page Reviewed-by: Paul Yang Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9947) commit

[openssl] OpenSSL_1_1_1-stable update

2019-09-16 Thread Matt Caswell
Author: ManishPatidar1 Date: Mon Sep 9 19:02:56 2019 +0530 clearing the ecx private key memory Reviewed-by: Dmitry Belyavskiy Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9830) (cherry picked from commit

[openssl] master update

2019-09-16 Thread Matt Caswell
: ManishPatidar1 Date: Mon Sep 9 19:02:56 2019 +0530 clearing the ecx private key memory Reviewed-by: Dmitry Belyavskiy Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9830

[openssl] master update

2019-09-14 Thread Matt Caswell
Kretschmer Date: Thu Sep 5 13:21:03 2019 +0200 fix CRMF symmetric key handling Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9774) --- Summary

[openssl] master update

2019-09-12 Thread Matt Caswell
The branch master has been updated via 7eeceeaab24aea16027cdc1f9df92366094893b7 (commit) from 6b3d0423528b049d04b299a8588a32d5c1224717 (commit) - Log - commit 7eeceeaab24aea16027cdc1f9df92366094893b7 Author: Matt

[openssl] master update

2019-09-12 Thread Matt Caswell
The branch master has been updated via 6b3d0423528b049d04b299a8588a32d5c1224717 (commit) from 252a3665e4c24a387e86ff4e07159f8e846adebc (commit) - Log - commit 6b3d0423528b049d04b299a8588a32d5c1224717 Author: Matt

[openssl] master update

2019-09-12 Thread Matt Caswell
The branch master has been updated via 252a3665e4c24a387e86ff4e07159f8e846adebc (commit) from 8d0f8c818117132a38005a046f0daacd1219e217 (commit) - Log - commit 252a3665e4c24a387e86ff4e07159f8e846adebc Author: Matt

[openssl] master update

2019-09-12 Thread Matt Caswell
The branch master has been updated via 8d0f8c818117132a38005a046f0daacd1219e217 (commit) from 98b687f8d053662f8d7fee586d5a91d86fecdfee (commit) - Log - commit 8d0f8c818117132a38005a046f0daacd1219e217 Author: Matt

[openssl] OpenSSL_1_0_2-stable update

2019-09-11 Thread Matt Caswell
Author: Matt Caswell Date: Tue Sep 10 14:32:15 2019 +0100 Fix the NEWS file The NEWS file was missing an entry for 1.0.2s. This confuses the release scripts - so add an empty entry. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/9852

[web] master update

2019-09-11 Thread Matt Caswell
The branch master has been updated via 6239182447d80939a1e2170e4f7b79917561c165 (commit) from 81c6d01b55625c3071296caced494d5d61866083 (commit) - Log - commit 6239182447d80939a1e2170e4f7b79917561c165 Author: Matt

[openssl] OpenSSL_1_1_0-stable update

2019-09-11 Thread Matt Caswell
Author: Matt Caswell Date: Tue Sep 10 11:55:41 2019 +0100 Remove duplicate CHANGES entry (1.1.0) Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/9845

[openssl] OpenSSL_1_1_1-stable update

2019-09-11 Thread Matt Caswell
Author: Matt Caswell Date: Tue Sep 10 11:51:59 2019 +0100 Remove duplicate CHANGES entry Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/9844) --- Summary of changes: CHANGES

[openssl] OpenSSL_1_0_2-stable update

2019-09-11 Thread Matt Caswell
Author: Matt Caswell Date: Tue Sep 10 11:58:18 2019 +0100 Remove duplicate CHANGES entry Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/9846) --- Summary of changes: CHANGES

[openssl] OpenSSL_1_1_0-stable update

2019-09-11 Thread Matt Caswell
Author: Matt Caswell Date: Tue Sep 10 10:26:07 2019 +0100 Update CHANGES and NEWS for the new release Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/9842) --- Summary of changes

[openssl] OpenSSL_1_0_2-stable update

2019-09-11 Thread Matt Caswell
Author: Matt Caswell Date: Tue Sep 10 10:26:07 2019 +0100 Update CHANGES and NEWS for the new release Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/9843) --- Summary

[openssl] OpenSSL_1_1_1-stable update

2019-09-11 Thread Matt Caswell
Author: Matt Caswell Date: Tue Sep 10 10:26:07 2019 +0100 Update CHANGES and NEWS for the new release Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/9841

[openssl] master update

2019-09-11 Thread Matt Caswell
of the decrypted key must be equal to the cipher default key length, in case the certifiate is not given and all recipientInfo are tried out. The old behaviour can be re-enabled in the CMS code by setting the CMS_DEBUG_DECRYPT flag. Reviewed-by: Matt Caswell (Merged

[openssl] OpenSSL_1_1_0-stable update

2019-09-11 Thread Matt Caswell
the length of the decrypted key must be equal to the cipher default key length, in case the certifiate is not given and all recipientInfo are tried out. The old behaviour can be re-enabled in the CMS code by setting the CMS_DEBUG_DECRYPT flag. Reviewed-by: Matt Caswell

[openssl] OpenSSL_1_1_1-stable update

2019-09-11 Thread Matt Caswell
the length of the decrypted key must be equal to the cipher default key length, in case the certifiate is not given and all recipientInfo are tried out. The old behaviour can be re-enabled in the CMS code by setting the CMS_DEBUG_DECRYPT flag. Reviewed-by: Matt Caswell

[openssl] OpenSSL_1_0_2-stable update

2019-09-11 Thread Matt Caswell
the length of the decrypted key must be equal to the cipher default key length, in case the certifiate is not given and all recipientInfo are tried out. The old behaviour can be re-enabled in the CMS code by setting the CMS_DEBUG_DECRYPT flag. Reviewed-by: Matt Caswell

[openssl] OpenSSL_1_1_1-stable update

2019-09-11 Thread Matt Caswell
Author: Matt Caswell Date: Tue Sep 10 13:56:40 2019 +0100 Update copyright year Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/9847) --- Summary of changes: apps/apps.h

[openssl] OpenSSL_1_0_2-stable update

2019-09-11 Thread Matt Caswell
Author: Matt Caswell Date: Tue Sep 10 14:01:06 2019 +0100 Update copyright year Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/9849) --- Summary of changes: crypto/cms

[openssl] OpenSSL_1_1_0-stable update

2019-09-11 Thread Matt Caswell
Author: Matt Caswell Date: Tue Sep 10 13:59:11 2019 +0100 Update copyright year Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/9848) --- Summary of changes: Configure

[web] master update

2019-09-11 Thread Matt Caswell
+ +This issue was reported by Matt Caswell. The fix was developed by Matthias +St. Pierre. It was reported to OpenSSL on 27th May 2019. + + +Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey (CVE-2019-1563) + + +Severity

[openssl] OpenSSL_1_1_1-stable update

2019-09-11 Thread Matt Caswell
- commit 5c184ff280ee042e3b7e07701b61adbcbe2958d7 Author: Matt Caswell Date: Tue Sep 10 14:14:31 2019 +0100 Prepare for 1.1.1e-dev Reviewed-by: Richard Levitte commit 894da2fb7ed5d314ee5c2fc9fd2d9b8b74111596 Author: Matt Caswell Date: Tue Sep 10 14:13:07 2019 +0100

[openssl] OpenSSL_1_0_2-stable update

2019-09-11 Thread Matt Caswell
) - Log - commit a1ff24ad2ced610716635b31c41aad0b11238e88 Author: Matt Caswell Date: Tue Sep 10 14:37:06 2019 +0100 Prepare for 1.0.2u-dev Reviewed-by: Richard Levitte commit cd7c7fc20b9feeb900632389401f514ac6b82f16

[openssl] OpenSSL_1_1_0-stable update

2019-09-11 Thread Matt Caswell
- commit 4eabf3d6541e83ae4443384ca3c4cf516930bfd8 Author: Matt Caswell Date: Tue Sep 10 14:17:46 2019 +0100 Prepare for 1.1.0m-dev Reviewed-by: Richard Levitte commit 7ea5bd2b52d0e81eaef3d109b3b12545306f201c Author: Matt Caswell Date: Tue Sep 10 14:16:54 2019 +0100

[openssl] OpenSSL_1_1_1d create

2019-09-11 Thread Matt Caswell
The annotated tag OpenSSL_1_1_1d has been created at 150886311c80c1d06786d152039650ecb6ff6746 (tag) tagging 894da2fb7ed5d314ee5c2fc9fd2d9b8b74111596 (commit) replaces OpenSSL_1_1_1c tagged by Matt Caswell on Tue Sep 10 14:13:07 2019 +0100 - Log

[openssl] OpenSSL_1_0_2t create

2019-09-11 Thread Matt Caswell
The annotated tag OpenSSL_1_0_2t has been created at 61d3564aa3f1633d76c64d67a5e6cc1ebbd79e4b (tag) tagging cd7c7fc20b9feeb900632389401f514ac6b82f16 (commit) replaces OpenSSL_1_0_2s tagged by Matt Caswell on Tue Sep 10 14:36:07 2019 +0100 - Log

[openssl] OpenSSL_1_1_0l create

2019-09-11 Thread Matt Caswell
The annotated tag OpenSSL_1_1_0l has been created at 76ad5a6b6e65ecda9b9002a0caeb8a776e4fb44c (tag) tagging 7ea5bd2b52d0e81eaef3d109b3b12545306f201c (commit) replaces OpenSSL_1_1_0k tagged by Matt Caswell on Tue Sep 10 14:16:54 2019 +0100 - Log

[openssl] OpenSSL_1_1_1-stable update

2019-09-11 Thread Matt Caswell
The branch OpenSSL_1_1_1-stable has been updated via 79f5e2f4b9d9886d1b0da09c2eb3e397bcf82876 (commit) via 1d36536457c14c92a2e728e8499260f396bd4657 (commit) from 63180182ecfe6474fbc50bc4021e558d11414e88 (commit) - Log

[openssl] master update

2019-09-11 Thread Matt Caswell
The branch master has been updated via fa3eb248e29ca8031e6a14e8a2c6f3cd58b5450e (commit) via e301c147a763f67dcc5ba63eb7e2ae40d83a68aa (commit) from 1d3cd983f56e0a580ee4216692ee3c9c7bf14de9 (commit) - Log -

[openssl] OpenSSL_1_1_1-stable update

2019-09-09 Thread Matt Caswell
DRBG's complete state, we just add the DRBG's address in memory, thereby providing some distinction between the different DRBG instances. Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9802) commit

[openssl] OpenSSL_1_0_2-stable update

2019-09-09 Thread Matt Caswell
Pull Requests. ___ Co-authored-by: Shane Lontis (Backport from https://github.com/openssl/openssl/pull/9808) Reviewed-by: Matt Caswell (Merged from https://github.com/openssl

[openssl] master update

2019-09-09 Thread Matt Caswell
) from 2b95e8efcf8b99892106070d9ac745a0a369f503 (commit) - Log - commit 20bf3d8b22f8c1a3529034007d3618fd1fc4fa16 Author: Matt Caswell Date: Thu Sep 5 14:57:06 2019 +0100 Use simple names in core_names.h Reviewed

[openssl] OpenSSL_1_0_2-stable update

2019-09-09 Thread Matt Caswell
scalar multiplication code is known to be vulnerable to local uarch attacks, outside of the OpenSSL threat model. New results suggest the code path is also vulnerable to traditional wall clock timing attacks. CVE-2019-1547 Reviewed-by: Nicola Tuveri Reviewed-by: Matt

[openssl] OpenSSL_1_0_2-stable update

2019-09-09 Thread Matt Caswell
variable-time functions. This issue was discovered and reported by the NISEC group at TAU Finland. Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9785

[openssl] OpenSSL_1_1_1-stable update

2019-09-07 Thread Matt Caswell
- commit 1bb2acb9987cc9d7f638b066ef396ca7f3243955 Author: Cesar Pereida Garcia Date: Fri Sep 6 10:48:00 2019 +0300 [crypto/rsa] Set the constant-time flag in multi-prime RSA too Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com

[openssl] master update

2019-09-07 Thread Matt Caswell
- commit d2baf88c43e5a40cfc3bcd4ca35cbae53161941c Author: Cesar Pereida Garcia Date: Fri Sep 6 10:48:00 2019 +0300 [crypto/rsa] Set the constant-time flag in multi-prime RSA too Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl

[openssl] OpenSSL_1_1_0-stable update

2019-09-07 Thread Matt Caswell
variable-time functions. This issue was discovered and reported by the NISEC group at TAU Finland. Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9779) (cherry picked from commit

[openssl] master update

2019-09-07 Thread Matt Caswell
- commit dc5bcb88d819de55eb37460c122e02fec91c6d86 Author: Matt Caswell Date: Thu Sep 5 16:21:56 2019 +0100 Teach TLSProxy how to parse CertificateRequest messages We also use this in test_tls13messages to check that the extensions we expect to see in a CertificateRequest

[openssl] OpenSSL_1_1_1-stable update

2019-09-07 Thread Matt Caswell
- commit 6f34a16ea9a4d37e11a26dd4c3694ea5b107e53f Author: Matt Caswell Date: Thu Sep 5 16:21:56 2019 +0100 Teach TLSProxy how to parse CertificateRequest messages We also use this in test_tls13messages to check that the extensions we expect to see

[openssl] master update

2019-09-05 Thread Matt Caswell
- commit 6b4152f1896e07ed94dc82663846ae9d38d4ca42 Author: Billy Brumley Date: Mon Sep 2 15:03:26 2019 +0300 [test] computing ECC cofactors: regression test Reviewed-by: Nicola Tuveri Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9827) commit

[openssl] master update

2019-08-30 Thread Matt Caswell
The branch master has been updated via 5ffc33244cd4d66e47dfa66ce89cb38d0f3074cc (commit) from 280cc0180862ae6664b88d5ea12cb5f599000d36 (commit) - Log - commit 5ffc33244cd4d66e47dfa66ce89cb38d0f3074cc Author: Matt

[openssl] master update

2019-08-29 Thread Matt Caswell
The branch master has been updated via 632f112cf730b4b1e2cdeea07a5c51fa8da9bba4 (commit) from 2d9007587c5072a513c84f22db7be55767b4c63d (commit) - Log - commit 632f112cf730b4b1e2cdeea07a5c51fa8da9bba4 Author: Matt

[openssl] master update

2019-08-29 Thread Matt Caswell
The branch master has been updated via 2d9007587c5072a513c84f22db7be55767b4c63d (commit) from cb1548bc5f207978f6ba287040eaea25c34b5786 (commit) - Log - commit 2d9007587c5072a513c84f22db7be55767b4c63d Author: Matt

[tools] master update

2019-08-29 Thread Matt Caswell
The branch master has been updated via 571c0af75c9dc840757b5478c83a14d49af84bee (commit) from fe185a2b8f12669f7a9a88582cb63ad316cd2382 (commit) - Log - commit 571c0af75c9dc840757b5478c83a14d49af84bee Author: Matt

[openssl] master update

2019-08-29 Thread Matt Caswell
The branch master has been updated via cb1548bc5f207978f6ba287040eaea25c34b5786 (commit) from deaaac2c017491006e7dbbf3d3555fadcefda032 (commit) - Log - commit cb1548bc5f207978f6ba287040eaea25c34b5786 Author: Matt

[openssl] master update

2019-08-29 Thread Matt Caswell
The branch master has been updated via bad41b689fd67fa44efbe6488c1c0b9d6e14c139 (commit) from 7f6b035b523898cf5318d023d50cb3665a67d686 (commit) - Log - commit bad41b689fd67fa44efbe6488c1c0b9d6e14c139 Author: Matt

[openssl] master update

2019-08-29 Thread Matt Caswell
The branch master has been updated via deaaac2c017491006e7dbbf3d3555fadcefda032 (commit) from ed71e917e9fb763adfb36a9cee0e0935aee898e2 (commit) - Log - commit deaaac2c017491006e7dbbf3d3555fadcefda032 Author: Matt

[openssl] master update

2019-08-29 Thread Matt Caswell
- commit ed71e917e9fb763adfb36a9cee0e0935aee898e2 Author: Matt Caswell Date: Wed Aug 14 18:09:28 2019 +0100 Fix data races in EVP_CIPHER_fetch and EVP_MD_fetch Don't modify the cipher/md we just fetched - it could be shared

[openssl] master update

2019-08-29 Thread Matt Caswell
- commit 9a7846dfe512baa55ad0485b67ffdbb2cb3a5cc3 Author: Matt Caswell Date: Thu Aug 29 11:55:57 2019 +0100 Use ENGINE_get_id() instead of ENGINE_get_name() ENGINE_get_name() actually returns more of a long description of the engine, whilst ENGINE_get_id() returns a shorter id

[openssl] master update

2019-08-29 Thread Matt Caswell
The branch master has been updated via 7f6b035b523898cf5318d023d50cb3665a67d686 (commit) from 632f112cf730b4b1e2cdeea07a5c51fa8da9bba4 (commit) - Log - commit 7f6b035b523898cf5318d023d50cb3665a67d686 Author: Matt

[openssl] master update

2019-08-28 Thread Matt Caswell
hopefully have prevented the mistake. Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9672) --- Summary of changes: ssl/t1_

[openssl] OpenSSL_1_0_2-stable update

2019-08-28 Thread Matt Caswell
using a constant-time exponentiation function. This issue was discovered and reported by the NISEC group at TAU Finland. Reviewed-by: Nicola Tuveri Reviewed-by: Bernd Edlinger Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9638

[openssl] master update

2019-08-28 Thread Matt Caswell
-time exponentiation function. This issue was discovered and reported by the NISEC group at TAU Finland. Reviewed-by: Nicola Tuveri Reviewed-by: Bernd Edlinger Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl

[openssl] OpenSSL_1_1_1-stable update

2019-08-28 Thread Matt Caswell
using a constant-time exponentiation function. This issue was discovered and reported by the NISEC group at TAU Finland. Reviewed-by: Nicola Tuveri Reviewed-by: Bernd Edlinger Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com

[openssl] OpenSSL_1_1_0-stable update

2019-08-28 Thread Matt Caswell
using a constant-time exponentiation function. This issue was discovered and reported by the NISEC group at TAU Finland. Reviewed-by: Nicola Tuveri Reviewed-by: Bernd Edlinger Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com

[openssl] master update

2019-08-15 Thread Matt Caswell
- commit 5bf2eade559a0d3081013048b1373da460701ba5 Author: raja-ashok Date: Fri May 31 08:50:54 2019 +0530 Test SSL_set_ciphersuites Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9079) commit

[openssl] OpenSSL_1_1_1-stable update

2019-08-14 Thread Matt Caswell
- commit 57a3af94a7ccff2efa99c26b2e842f520e4a731c Author: Matt Caswell Date: Tue Jul 23 17:10:05 2019 +0100 Extend tests of SSL_check_chain() Actually supply a chain and then test: 1) A successful check of both the ee and chain certs 2) A failure to check the ee

[openssl] master update

2019-08-14 Thread Matt Caswell
The branch master has been updated via d95422761116791966dcd0dd7035b46795482482 (commit) from 48102247ff513d4c57b40b19c1d432f37b9e4b02 (commit) - Log - commit d95422761116791966dcd0dd7035b46795482482 Author: Matt

[openssl] OpenSSL_1_1_1-stable update

2019-08-14 Thread Matt Caswell
Author: opensslonzos-github Date: Thu Aug 8 14:11:38 2019 -0400 Add missing EBCDIC strings Fix a few places where calling ossl_isdigit does the wrong thing on EBCDIC based systems. Replaced with ascii_isdigit. Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell

[openssl] master update

2019-08-14 Thread Matt Caswell
: opensslonzos-github Date: Thu Aug 8 14:11:38 2019 -0400 Add missing EBCDIC strings Fix a few places where calling ossl_isdigit does the wrong thing on EBCDIC based systems. Replaced with ascii_isdigit. Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell (Merged from

[openssl] master update

2019-08-09 Thread Matt Caswell
20946b94658416d2fed0b9d9c7adfbe4b7d70515 (commit) - Log - commit 1a2a3a420609c2d540b544e5ae829a3cb468a6e3 Author: Matt Caswell Date: Tue Jul 23 17:10:05 2019 +0100 Extend tests of SSL_check_chain() Actually supply

[openssl] OpenSSL_1_1_1-stable update

2019-08-09 Thread Matt Caswell
) - Log - commit 59d846ffb13d36d8a8caad09f43bcc968b21cf74 Author: Matt Caswell Date: Thu Aug 8 11:41:18 2019 +0100 Add TLS tests for RSA-PSS Restricted certificates Reviewed-by: Paul Dale (Merged from https

[openssl] master update

2019-08-09 Thread Matt Caswell
- commit 20946b94658416d2fed0b9d9c7adfbe4b7d70515 Author: Matt Caswell Date: Thu Aug 8 11:41:18 2019 +0100 Add TLS tests for RSA-PSS Restricted certificates Reviewed-by: Paul Dale (Merged from https://github.com/openssl

[openssl] master update

2019-08-09 Thread Matt Caswell
Kotal Date: Fri Jun 21 10:31:05 2019 +0200 use native atomic increment function on Solaris Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9215

[openssl] master update

2019-08-09 Thread Matt Caswell
Kotal Date: Fri Jul 19 16:01:13 2019 +0200 mention what happens if OPENSSL_NO_RC2 is defined Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9415

[openssl] OpenSSL_1_1_1-stable update

2019-08-09 Thread Matt Caswell
Author: Vladimir Kotal Date: Fri Jul 19 16:01:13 2019 +0200 mention what happens if OPENSSL_NO_RC2 is defined Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9415) (cherry picked from commit

[openssl] master update

2019-08-09 Thread Matt Caswell
-ashok Date: Sat Jul 6 21:57:53 2019 +0530 Restrict usage of bio_dgram_sctp_data only to DGRAM SCTP methods Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9216

[openssl] OpenSSL_1_1_1-stable update

2019-08-09 Thread Matt Caswell
Author: Vladimir Kotal Date: Tue Jun 11 16:21:00 2019 +0200 make ecp_nistz256_point_add_vis3() local fixes #8936 Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9132) (cherry picked from commit

[openssl] master update

2019-08-09 Thread Matt Caswell
Kotal Date: Tue Jun 11 16:21:00 2019 +0200 make ecp_nistz256_point_add_vis3() local fixes #8936 Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9132

[openssl] master update

2019-08-08 Thread Matt Caswell
. This used to be the problem also in the verify application documentation, but was fixed on 2010-02-23 in 7d3d178. Reviewed-by: Shane Lontis Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9529

[openssl] OpenSSL_1_1_1-stable update

2019-08-08 Thread Matt Caswell
. This used to be the problem also in the verify application documentation, but was fixed on 2010-02-23 in 7d3d178. Reviewed-by: Shane Lontis Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/9529) (cherry picked from commit

[openssl] master update

2019-08-08 Thread Matt Caswell
The branch master has been updated via 7c03bb9fff02b7f08d4654f51f8667584a92cf72 (commit) from 5c5cdcd8157c0ce0fdf3793217883c435cdf57bb (commit) - Log - commit 7c03bb9fff02b7f08d4654f51f8667584a92cf72 Author: Matt

[openssl] OpenSSL_1_1_1-stable update

2019-08-08 Thread Matt Caswell
Author: Matt Caswell Date: Fri Jun 28 12:07:55 2019 +0100 Clarify the INSTALL instructions Ensure users understand that they need to have appropriate permissions to write to the install location. Reviewed-by: Matthias St. Pierre Reviewed-by: Paul Dale (Merged

[openssl] master update

2019-08-08 Thread Matt Caswell
The branch master has been updated via 5c5cdcd8157c0ce0fdf3793217883c435cdf57bb (commit) from b9a758060dfe8f1bd11265b1c1550a27cd2c0783 (commit) - Log - commit 5c5cdcd8157c0ce0fdf3793217883c435cdf57bb Author: Matt

[openssl] master update

2019-08-08 Thread Matt Caswell
The branch master has been updated via b9a758060dfe8f1bd11265b1c1550a27cd2c0783 (commit) from f92e0815b873758582f9c280df0d9ce9a6600197 (commit) - Log - commit b9a758060dfe8f1bd11265b1c1550a27cd2c0783 Author: Matt

[openssl] master update

2019-08-08 Thread Matt Caswell
The branch master has been updated via f92e0815b873758582f9c280df0d9ce9a6600197 (commit) from 3505d70badb341e018a039434636d9b12f537e1e (commit) - Log - commit f92e0815b873758582f9c280df0d9ce9a6600197 Author: Matt

[openssl] master update

2019-08-07 Thread Matt Caswell
The branch master has been updated via a6482df03accc6cdcbd1298d593508825a5902e6 (commit) from c50fd0f959de5b256d8eefb8ad2a82fcdcb899c3 (commit) - Log - commit a6482df03accc6cdcbd1298d593508825a5902e6 Author: Matt

[openssl] master update

2019-08-07 Thread Matt Caswell
The branch master has been updated via c50fd0f959de5b256d8eefb8ad2a82fcdcb899c3 (commit) from f305ecdac0b7048e7ef38a7196f4393fa7ceff38 (commit) - Log - commit c50fd0f959de5b256d8eefb8ad2a82fcdcb899c3 Author: Matt

[openssl] master update

2019-08-07 Thread Matt Caswell
- commit f305ecdac0b7048e7ef38a7196f4393fa7ceff38 Author: Matt Caswell Date: Mon Aug 5 13:38:25 2019 +0100 Run evp_test in FIPS mode We run the cipher and digest evp_test test files in FIPS mode. Some ciphers/digests aren't available in FIPS mode so we mark those as only being

[openssl] master update

2019-08-06 Thread Matt Caswell
- commit 88f19d86d9fb2d50b5a80b6cad0a6b38dfc2bf12 Author: raja-ashok Date: Mon Jul 8 18:13:24 2019 +0530 Update man page for new API SSL_get_negotiated_group() Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged

[openssl] OpenSSL_1_1_1-stable update

2019-08-06 Thread Matt Caswell
Author: Matt Caswell Date: Mon Aug 5 16:13:24 2019 +0100 Fix ECDSA_SIG docs They incorrectly said that i2d_ECDSA_SIG returns 0 on error. In fact it returns a negative value on error. We fix this by moving the i2d_ECDSA_SIG/d2i_ECDSA_SIG docs onto the same page as all

[openssl] master update

2019-08-06 Thread Matt Caswell
The branch master has been updated via bbda79976b5c5095c5e6557311c86c623ba335f1 (commit) from f585cefc046409d04f26b73307e677625be26e5a (commit) - Log - commit bbda79976b5c5095c5e6557311c86c623ba335f1 Author: Matt

[openssl] master update

2019-08-06 Thread Matt Caswell
- commit f585cefc046409d04f26b73307e677625be26e5a Author: Matt Caswell Date: Mon Jul 15 15:54:08 2019 +0100 Add documentation for new EC functions Document the new EC functions that are OPENSSL_CTX aware. Reviewed

[openssl] OpenSSL_1_1_1-stable update

2019-08-06 Thread Matt Caswell
Author: Matt Caswell Date: Mon Jul 22 11:02:46 2019 +0100 Correct the Extended Master Secret string for EBCDIC The macro TLS_MD_MASTER_SECRET_CONST is supposed to hold the ascii string "extended master secret". On EBCDIC machines it actually contained the value "

[openssl] master update

2019-08-06 Thread Matt Caswell
een an EBCDIC system and a non-EBCDIC system that + negotiate EMS will fail. Unfortunately this also means that TLS connections + between EBCDIC systems with this fix, and EBCDIC systems without this + fix will fail if they negotiate EMS. + [Matt Caswell] + *) Changed the libra

[openssl] OpenSSL_1_1_1-stable update

2019-08-05 Thread Matt Caswell
Author: Matt Caswell Date: Thu Aug 1 14:55:25 2019 +0100 Fix SSL_MODE_RELEASE_BUFFERS functionality At some point in the past do_ssl3_write() used to return the number of bytes written, or a value <= 0 on error. It now just returns a success/ error code and writes the num

  1   2   3   4   5   6   7   8   9   10   >