oweals/openssl.git
10 years agoCHANGES: mention ECP_NISTZ256.
Andy Polyakov [Tue, 23 Sep 2014 12:54:04 +0000 (14:54 +0200)]
CHANGES: mention ECP_NISTZ256.

Reviewed-by: Bodo Moeller <bodo@openssl.org>
10 years agocrypto/rsa/rsa_chk.c: harmonize error codes.
Andy Polyakov [Sun, 21 Sep 2014 21:05:13 +0000 (23:05 +0200)]
crypto/rsa/rsa_chk.c: harmonize error codes.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agocrypto/ecp_nistz256.c: harmonize error codes.
Andy Polyakov [Sun, 21 Sep 2014 13:56:02 +0000 (15:56 +0200)]
crypto/ecp_nistz256.c: harmonize error codes.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoFixed error introduced in commit f2be92b94dad3c6cbdf79d99a324804094cf1617
Tim Hudson [Sun, 21 Sep 2014 11:54:31 +0000 (21:54 +1000)]
Fixed error introduced in commit f2be92b94dad3c6cbdf79d99a324804094cf1617
that fixed PR#3450 where an existing cast masked an issue when i was changed
from int to long in that commit

Picked up on z/linux (s390) where sizeof(int)!=sizeof(long)

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
10 years agoHarmonize Tru64 and Linux make rules.
Andy Polyakov [Sat, 20 Sep 2014 08:18:19 +0000 (10:18 +0200)]
Harmonize Tru64 and Linux make rules.

RT: 3333,3165
Reviewed-by: Rich Salz <rsalz@openssl.org>
10 years agoFix warning.
Dr. Stephen Henson [Fri, 19 Sep 2014 17:53:39 +0000 (18:53 +0100)]
Fix warning.

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoRT3291: Add -crl and -revoke options to CA.pl
Rich Salz [Fri, 19 Sep 2014 01:45:41 +0000 (21:45 -0400)]
RT3291: Add -crl and -revoke options to CA.pl

Document the new features

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoRT2301: GetDIBits, not GetBitmapBits in rand_win
Jake Goulding [Fri, 5 Sep 2014 15:13:23 +0000 (11:13 -0400)]
RT2301: GetDIBits, not GetBitmapBits in rand_win

GetDIBits has been around since Windows2000 and
BitBitmapBits is an old Win16 compatibility function
that is much slower.

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agocrypto/bn/asm/x86_64-mont*.pl: add missing clang detection.
Andy Polyakov [Thu, 11 Sep 2014 22:43:59 +0000 (00:43 +0200)]
crypto/bn/asm/x86_64-mont*.pl: add missing clang detection.

Reviewed-by: Rich Salz <rsalz@openssl.org>
10 years agoConfigure: engage ECP_NISTZ256.
Andy Polyakov [Thu, 11 Sep 2014 22:38:57 +0000 (00:38 +0200)]
Configure: engage ECP_NISTZ256.

RT: 3149

Reviewed-by: Rich Salz <rsalz@openssl.org>
10 years agoAdd ECP_NISTZ256 by Shay Gueron, Intel Corp.
Andy Polyakov [Thu, 11 Sep 2014 22:37:41 +0000 (00:37 +0200)]
Add ECP_NISTZ256 by Shay Gueron, Intel Corp.

RT: 3149

Reviewed-by: Rich Salz <rsalz@openssl.org>
10 years agoReserve option to use BN_mod_exp_mont_consttime in ECDSA.
Andy Polyakov [Thu, 11 Sep 2014 22:13:20 +0000 (00:13 +0200)]
Reserve option to use BN_mod_exp_mont_consttime in ECDSA.

Submitted by Shay Gueron, Intel Corp.
RT: 3149

Reviewed-by: Rich Salz <rsalz@openssl.org>
10 years agoperlasm/x86_64-xlate.pl: handle inter-bank movd.
Andy Polyakov [Thu, 11 Sep 2014 22:06:00 +0000 (00:06 +0200)]
perlasm/x86_64-xlate.pl: handle inter-bank movd.

Reviewed-by: Rich Salz <rsalz@openssl.org>
10 years agoRT2772 update: c_rehash was broken
Rich Salz [Thu, 11 Sep 2014 17:08:30 +0000 (13:08 -0400)]
RT2772 update: c_rehash was broken

Move the readdir() lines out of the if statement, so
that flist is available globally.

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoRT3271 update; extra; semi-colon; confuses; some;
Rich Salz [Wed, 10 Sep 2014 19:05:38 +0000 (15:05 -0400)]
RT3271 update; extra; semi-colon; confuses; some;

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
10 years agoRT2560: missing NULL check in ocsp_req_find_signer
Rich Salz [Wed, 10 Sep 2014 15:43:45 +0000 (11:43 -0400)]
RT2560: missing NULL check in ocsp_req_find_signer

If we don't find a signer in the internal list, then fall
through and look at the internal list; don't just return NULL.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoRT2196: Clear up some README wording
Rich Salz [Tue, 9 Sep 2014 21:41:46 +0000 (17:41 -0400)]
RT2196: Clear up some README wording

Say where to email bug reports.
Mention general RT tracker info in a separate paragraph.

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoRT3192: spurious error in DSA verify
Matt Caswell [Tue, 9 Sep 2014 20:50:06 +0000 (16:50 -0400)]
RT3192: spurious error in DSA verify

This is funny; Ben commented in the source, Matt opend a ticket,
and Rich is doing the submit.  Need more code-review? :)

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoMerge branch 'master' of git.openssl.org:openssl
Rich Salz [Tue, 9 Sep 2014 21:06:40 +0000 (17:06 -0400)]
Merge branch 'master' of git.openssl.org:openssl

Previous commit was reviewed by Geoff, not Stephen:
Reviewed-by: Geoff Thorpe <geoff@openssl.org>
10 years agoRT3271: Don't use "if !" in shell lines
Rich Salz [Tue, 9 Sep 2014 17:53:16 +0000 (13:53 -0400)]
RT3271: Don't use "if !" in shell lines

For portability don't use "if ! expr"

Reviewed-by: Geoff Thorpe <geoff@openssl.org>
10 years agoRT3271: Don't use "if !" in shell lines
Rich Salz [Tue, 9 Sep 2014 17:53:16 +0000 (13:53 -0400)]
RT3271: Don't use "if !" in shell lines

For portability don't use "if ! expr"

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoRT1909: Omit version for v1 certificates
Geoff Keating [Tue, 9 Sep 2014 18:28:54 +0000 (14:28 -0400)]
RT1909: Omit version for v1 certificates

When calling X509_set_version to set v1 certificate, that
should mean that the version number field is omitted.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoRT3506: typo's in ssltest
Kurt Cancemi [Tue, 9 Sep 2014 17:48:00 +0000 (13:48 -0400)]
RT3506: typo's in ssltest

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoRT2841: Extra return in check_issued
Paul Suhler [Mon, 8 Sep 2014 22:34:48 +0000 (18:34 -0400)]
RT2841: Extra return in check_issued

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoRT2626: Change default_bits from 1K to 2K
Kurt Roeckx [Mon, 8 Sep 2014 21:14:36 +0000 (17:14 -0400)]
RT2626: Change default_bits from 1K to 2K

This is a more comprehensive fix.  It changes all
keygen apps to use 2K keys. It also changes the
default to use SHA256 not SHA1.  This is from
Kurt's upstream Debian changes.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
10 years agoRT2600: Change Win line-endings to Unix.
Rich Salz [Mon, 8 Sep 2014 20:27:29 +0000 (16:27 -0400)]
RT2600: Change Win line-endings to Unix.

For consistency.

Reviewed-by: Bodo Moeller <bodo@openssl.org>
10 years agoRT2272: Add old-style hash to c_rehash
Matthias Andree [Sun, 7 Sep 2014 22:45:02 +0000 (18:45 -0400)]
RT2272: Add old-style hash to c_rehash

In addition to Matthias's change, I also added -n to
not remove links. And updated the manpage.

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoRT671: export(i2s|s2i|i2v|v2i)_ASN1_(IA5|BIT)STRING
Bjoern Zeeb [Fri, 15 Aug 2014 02:11:08 +0000 (22:11 -0400)]
RT671: export(i2s|s2i|i2v|v2i)_ASN1_(IA5|BIT)STRING

The EXT_BITSTRING and EXT_IA5STRING are defined in x509v3.h, but
the low-level functions are not public. They are useful, no need
to make them static. Note that BITSTRING already was exposed since
this RT was created, so now we just export IA5STRING functions.

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoRT468: SSL_CTX_sess_set_cache_size wrong
Rich Salz [Wed, 3 Sep 2014 16:02:13 +0000 (12:02 -0400)]
RT468: SSL_CTX_sess_set_cache_size wrong

The documentation is wrong about what happens when the
session cache fills up.

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoRT3301: Discard too-long heartbeat requests
Erik Auerswald [Wed, 27 Aug 2014 02:50:34 +0000 (22:50 -0400)]
RT3301: Discard too-long heartbeat requests

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoRT3291: Add -crl and -revoke options to CA.pl
Dario B [Thu, 4 Sep 2014 20:59:44 +0000 (16:59 -0400)]
RT3291: Add -crl and -revoke options to CA.pl

I added some error-checking while integrating this patch.

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoRT2518: fix pod2man errors
Scott Schaefer [Wed, 13 Aug 2014 18:42:23 +0000 (14:42 -0400)]
RT2518: fix pod2man errors

pod2man now complains when item tags are not sequential.
Also complains about missing =back and other tags.
Silence the warnings; most were already done.

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoRT992: RSA_check_key should have a callback arg
Rich Salz [Thu, 14 Aug 2014 20:47:13 +0000 (16:47 -0400)]
RT992: RSA_check_key should have a callback arg

The original RT request included a patch.  By the time
we got around to doing it, however, the callback scheme
had changed. So I wrote a new function RSA_check_key_ex()
that uses the BN_GENCB callback.  But thanks very much
to Vinet Sharma <vineet.sharma@gmail.com> for the
initial implementation.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoRT3108: OPENSSL_NO_SOCK should imply OPENSSL_NO_DGRAM
Rich Salz [Thu, 4 Sep 2014 21:15:42 +0000 (17:15 -0400)]
RT3108: OPENSSL_NO_SOCK should imply OPENSSL_NO_DGRAM

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoRT3031: Need to #undef some names for win32
Robin Lee [Thu, 4 Sep 2014 16:36:41 +0000 (12:36 -0400)]
RT3031: Need to #undef some names for win32

Copy the ifdef/undef stanza from x509.h to x509v3.h

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoRT2849: Redundant check of "dsa" variable.
Rich Salz [Thu, 4 Sep 2014 16:55:31 +0000 (12:55 -0400)]
RT2849: Redundant check of "dsa" variable.

In the current code, the check isn't redundant.
And in fact the REAL check was missing.
This avoids a NULL-deref crash.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoRT2843: Remove another spurious close-comment token
Martin Olsson [Thu, 4 Sep 2014 16:45:05 +0000 (12:45 -0400)]
RT2843: Remove another spurious close-comment token

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoRT2842: Remove spurious close-comment marker.
Martin Olsson [Thu, 4 Sep 2014 16:42:34 +0000 (12:42 -0400)]
RT2842: Remove spurious close-comment marker.

Also, I (rsalz) changed "#ifdef undef" to "#if 0"

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoMerge branch 'master' of git.openssl.org:openssl
Rich Salz [Mon, 8 Sep 2014 14:44:07 +0000 (10:44 -0400)]
Merge branch 'master' of git.openssl.org:openssl

empty merge; script hiccup.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoRT1834: Fix PKCS7_verify return value
Rich Salz [Fri, 5 Sep 2014 22:01:31 +0000 (18:01 -0400)]
RT1834: Fix PKCS7_verify return value

The function returns 0 or 1, only.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoRT1832: Fix PKCS7_verify return value
Rich Salz [Fri, 5 Sep 2014 22:01:31 +0000 (18:01 -0400)]
RT1832: Fix PKCS7_verify return value

The function returns 0 or 1, only.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoRT1771: Add string.h include.
Alon Bar-Lev [Fri, 5 Sep 2014 14:53:51 +0000 (10:53 -0400)]
RT1771: Add string.h include.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoRT1325,2973: Add more extensions to c_rehash
Viktor Dkhovni [Sun, 7 Sep 2014 22:22:33 +0000 (18:22 -0400)]
RT1325,2973: Add more extensions to c_rehash

Regexp was bracketed wrong.

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agomake update
Emilia Kasper [Fri, 5 Sep 2014 15:19:36 +0000 (17:19 +0200)]
make update

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
10 years agoAdd i2d_re_X509_tbs
Emilia Kasper [Fri, 5 Sep 2014 13:25:57 +0000 (15:25 +0200)]
Add i2d_re_X509_tbs

i2d_re_X509_tbs re-encodes the TBS portion of the certificate.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr Stephen Henson <steve@openssl.org>
10 years agoAdd CHANGES entry for SCT viewer code.
Dr. Stephen Henson [Fri, 5 Sep 2014 12:39:39 +0000 (13:39 +0100)]
Add CHANGES entry for SCT viewer code.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
10 years agosync ordinals with 1.0.2
Dr. Stephen Henson [Thu, 28 Aug 2014 17:39:03 +0000 (18:39 +0100)]
sync ordinals with 1.0.2

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agopsk_client_callback, 128-byte id bug.
Adam Langley [Fri, 20 Jun 2014 19:00:00 +0000 (12:00 -0700)]
psk_client_callback, 128-byte id bug.

Fix a bug in handling of 128 byte long PSK identity in
psk_client_callback.

OpenSSL supports PSK identities of up to (and including) 128 bytes in
length. PSK identity is obtained via the psk_client_callback,
implementors of which are expected to provide a NULL-terminated
identity. However, the callback is invoked with only 128 bytes of
storage thus making it impossible to return a 128 byte long identity and
the required additional NULL byte.

This CL fixes the issue by passing in a 129 byte long buffer into the
psk_client_callback. As a safety precaution, this CL also zeroes out the
buffer before passing it into the callback, uses strnlen for obtaining
the length of the identity returned by the callback, and aborts the
handshake if the identity (without the NULL terminator) is longer than
128 bytes.

(Original patch amended to achieve strnlen in a different way.)

Reviewed-by: Rich Salz <rsalz@openssl.org>
10 years agoFollowup on RT3334 fix: make sure that a directory that's the empty
Richard Levitte [Thu, 14 Aug 2014 23:24:34 +0000 (01:24 +0200)]
Followup on RT3334 fix: make sure that a directory that's the empty
string returns 0 with errno = ENOENT.

Reviewed-by: Andy Polyakov <appro@openssl.org>
10 years agoRT3334: Fix crypto/LPdir_win.c
Phil Mesnier [Thu, 14 Aug 2014 17:35:07 +0000 (19:35 +0200)]
RT3334: Fix crypto/LPdir_win.c

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
10 years agoRT3140: Possibly-unit variable in pem_lib.c
Clang via Jeffrey Walton [Tue, 2 Sep 2014 21:04:53 +0000 (17:04 -0400)]
RT3140: Possibly-unit variable in pem_lib.c

Can't really happen, but the flow of control isn't obvious.
Add an initializer.

Reviewed-by: Matt Caswell <matt@openssl.org>
10 years agoMake the inline const-time functions static.
Emilia Kasper [Thu, 28 Aug 2014 17:45:55 +0000 (19:45 +0200)]
Make the inline const-time functions static.

"inline" without static is not correct as the compiler may choose to ignore it
and will then either emit an external definition, or expect one.

Reviewed-by: Geoff Thorpe <geoff@openssl.org>
10 years agoRT3508: Remove unused variable introduced by b09eb24
Kurt Cancemi [Sun, 31 Aug 2014 22:18:21 +0000 (18:18 -0400)]
RT3508: Remove unused variable introduced by b09eb24

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoRT3511: doc fix; req default serial is random
Adam Williamson [Sun, 31 Aug 2014 22:22:09 +0000 (18:22 -0400)]
RT3511: doc fix; req default serial is random

RT842, closed back in 2004, changed the default serial number
to be a random number rather than zero.  Finally time to update
the doc

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoAdd explanatory note to crypto/store/README
Rich Salz [Sun, 31 Aug 2014 19:27:17 +0000 (15:27 -0400)]
Add explanatory note to crypto/store/README

Reviewed-by: Richard Levitte <levitte@openssl.org>
10 years agoRT1325,2973: Add more extensions to c_rehash
TANABE Hiroyasu [Sat, 30 Aug 2014 21:56:31 +0000 (17:56 -0400)]
RT1325,2973: Add more extensions to c_rehash

Add .crt/.cer/.crl to the filenames parsed.

I also updated the podpage (since it didn't exist when
this ticket was first created, nor when it was re-created
seven years later).

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoConfigure: add configuration for crypto/ec/asm extensions.
Andy Polyakov [Sat, 30 Aug 2014 17:22:51 +0000 (19:22 +0200)]
Configure: add configuration for crypto/ec/asm extensions.

Reviewed-by: Rich Salz <rsalz@openssl.org>
10 years agomd5-x86_64.pl: work around warning.
Andy Polyakov [Sat, 30 Aug 2014 17:17:09 +0000 (19:17 +0200)]
md5-x86_64.pl: work around warning.

Reviewed-by: Rich Salz <rsalz@openssl.org>
10 years agox86[_64] assembly pack: add Silvermont performance data.
Andy Polyakov [Sat, 30 Aug 2014 17:13:49 +0000 (19:13 +0200)]
x86[_64] assembly pack: add Silvermont performance data.

Reviewed-by: Rich Salz <rsalz@openssl.org>
10 years agoRemove some outdated README files, to avoid confusing people.
Rich Salz [Sat, 30 Aug 2014 14:29:35 +0000 (10:29 -0400)]
Remove some outdated README files, to avoid confusing people.

Reviewed-by: Andy Polyakov <appro@openssl.org>
10 years agoRT2820: case-insensitive filenames on Darwin
Rich Salz [Sat, 30 Aug 2014 14:18:51 +0000 (10:18 -0400)]
RT2820: case-insensitive filenames on Darwin

Andy pointed out there is also darwin64, so tweak the pattern.

Reviewed-by: Andy Polyakov <appro@openssl.org>
10 years agoRT2119,3407: Updated to dgst.pod
Rich Salz [Thu, 28 Aug 2014 23:11:42 +0000 (19:11 -0400)]
RT2119,3407: Updated to dgst.pod

Re-order algorithm list.
Be consistent in command synopsis.
Add content about signing.
Add EXAMPLE section
Add some missing options: -r, -fips-fingerprint -non-fips-allow
Various other fixes.

Reviewed-by: Andy Polyakov <appro@openssl.org>
10 years agoRT2379: Additional typo fix
Rich Salz [Sat, 30 Aug 2014 13:54:49 +0000 (09:54 -0400)]
RT2379: Additional typo fix

Andy found an additional typo "can be can be".
Now I have that silly "Que sera sera" song stuck in my head.

Reviewed-by: Andy Polyakov <appro@openssl.org>
10 years agoRT1941: c_rehash.pod is missing
James Westby [Thu, 14 Aug 2014 14:14:35 +0000 (10:14 -0400)]
RT1941: c_rehash.pod is missing

Add the file written by James Westby, graciously contributed
under the terms of the OpenSSL license.

Reviewed-by: Andy Polyakov <appro@openssl.org>
10 years agoapps/speed.c: add -misalign command-line argument.
Andy Polyakov [Sat, 30 Aug 2014 08:25:32 +0000 (10:25 +0200)]
apps/speed.c: add -misalign command-line argument.

New option allows to perform benchmarks on misaligned data.

Reviewed-by: Rich Salz <rsalz@openssl.org>
10 years agoRT2379: Bug in BIO_set_accept_port.pod
Rich Salz [Mon, 18 Aug 2014 17:00:51 +0000 (13:00 -0400)]
RT2379: Bug in BIO_set_accept_port.pod

The doc says that port can be "*" to mean any port.
That's wrong.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoFixed double inclusion of string.h
Matt Caswell [Fri, 29 Aug 2014 20:25:42 +0000 (21:25 +0100)]
Fixed double inclusion of string.h

PR2693

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoRT2880: HFS is case-insensitive filenames
Jim Reid [Fri, 29 Aug 2014 16:07:42 +0000 (12:07 -0400)]
RT2880: HFS is case-insensitive filenames

Add Darwin to list of case-insensitive filenames when
installing manapges.  When doing this, I noticed that
we weren't setting "filecase" for the HTML doc install.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agoRT3246: req command prints version number wrong
Rich Salz [Wed, 27 Aug 2014 02:31:11 +0000 (22:31 -0400)]
RT3246: req command prints version number wrong

Make X509_REQ_print_ex do the same thing that
X509_REQ_print does.

Reviewed-by: Matt Caswell <matt@openssl.org>
10 years agoRT1665,2300: Crypto doc cleanups
Rich Salz [Thu, 14 Aug 2014 14:50:26 +0000 (10:50 -0400)]
RT1665,2300: Crypto doc cleanups

RT1665: aes documentation.

Paul Green wrote a nice aes.pod file.
But we now encourage the EVP interface.
So I took his RT item and used it as impetus to add
the AES modes to EVP_EncryptInit.pod
I also noticed that rc4.pod has spurious references to some other
cipher pages, so I removed them.

RT2300: Clean up MD history (merged into RT1665)

Put HISTORY section only in EVP_DigestInit.pod. Also add words
to discourage use of older cipher-specific API, and remove SEE ALSO
links that point to them.

Make sure digest pages have a NOTE that says use EVP_DigestInit.

Review feedback:
More cleanup in EVP_EncryptInit.pod
Fixed SEE ALSO links in ripemd160.pod, sha.pod, mdc2.pod, blowfish.pod,
rc4.d, and des.pod.  Re-order sections in des.pod for consistency

Reviewed-by: Matt Caswell <matt@openssl.org>
10 years agoRT2193: #ifdef errors in bss_dgram.c
l.montecchiani@gmail.com [Wed, 27 Aug 2014 03:11:01 +0000 (23:11 -0400)]
RT2193: #ifdef errors in bss_dgram.c

Problem with #ifdef in the BIO_CTRL_DGRAM_MTU_DISCOVER case that
is different from the BIO_CTRL_DGRAM_QUERY_MTU one which seems
correct.

Reviewed-by: Matt Caswell <matt@openssl.org>
10 years agoRT3102: Document -verify_error_return flag
Rich Salz [Wed, 27 Aug 2014 18:23:39 +0000 (14:23 -0400)]
RT3102: Document -verify_error_return flag

Also moved some options around so all the "verify" options.
are clumped together.

Reviewed-by: Matt Caswell <matt@openssl.org>
10 years agoFix comments, add new test.
Dr. Stephen Henson [Tue, 26 Aug 2014 00:20:26 +0000 (01:20 +0100)]
Fix comments, add new test.

Fix comments in ssltest.c: return value of 0 now means extension is
omitted and add_cb is not called for servers if the corresponding
extension is absent in ClientHello.

Test add_cb is not called if extension is not received.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
10 years agoCustom extension documentation.
Dr. Stephen Henson [Mon, 18 Aug 2014 01:56:13 +0000 (02:56 +0100)]
Custom extension documentation.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
10 years agoRename some callbacks, fix alignment.
Dr. Stephen Henson [Tue, 19 Aug 2014 13:02:50 +0000 (14:02 +0100)]
Rename some callbacks, fix alignment.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
10 years agoUse consistent function naming.
Dr. Stephen Henson [Tue, 19 Aug 2014 12:54:38 +0000 (13:54 +0100)]
Use consistent function naming.

Instead of SSL_CTX_set_custom_cli_ext and SSL_CTX_set_custom_srv_ext
use SSL_CTX_add_client_custom_ext and SSL_CTX_add_server_custom_ext.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
10 years agoNew function SSL_extension_supported().
Dr. Stephen Henson [Tue, 19 Aug 2014 12:33:51 +0000 (13:33 +0100)]
New function SSL_extension_supported().

Reviewed-by: Emilia Käsper <emilia@openssl.org>
10 years agoNew extension callback features.
Dr. Stephen Henson [Sat, 16 Aug 2014 17:16:26 +0000 (18:16 +0100)]
New extension callback features.

Support separate parse and add callback arguments.
Add new callback so an application can free extension data.
Change return value for send functions so < 0 is an error 0
omits extension and > 0 includes it. This is more consistent
with the behaviour of other functions in OpenSSL.

Modify parse_cb handling so <= 0 is an error.

Make SSL_CTX_set_custom_cli_ext and SSL_CTX_set_custom_cli_ext argument
order consistent.

NOTE: these changes WILL break existing code.

Remove (now inaccurate) in line documentation.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
10 years agoCallback revision.
Dr. Stephen Henson [Thu, 14 Aug 2014 12:25:50 +0000 (13:25 +0100)]
Callback revision.

Use "parse" and "add" for function and callback names instead of
"first" and "second".

Change arguments to callback so the extension type is unsigned int
and the buffer length is size_t. Note: this *will* break existing code.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
10 years agoRemove serverinfo checks.
Dr. Stephen Henson [Tue, 12 Aug 2014 15:18:55 +0000 (16:18 +0100)]
Remove serverinfo checks.

Since sanity checks are performed for all custom extensions the
serverinfo checks are no longer needed.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
10 years agoAdd custom extension sanity checks.
Dr. Stephen Henson [Tue, 12 Aug 2014 13:25:49 +0000 (14:25 +0100)]
Add custom extension sanity checks.

Reject attempts to use extensions handled internally.

Add flags to each extension structure to indicate if an extension
has been sent or received. Enforce RFC5246 compliance by rejecting
duplicate extensions and unsolicited extensions and only send a
server extension if we have sent the corresponding client extension.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
10 years agoCustom extension revision.
Dr. Stephen Henson [Sun, 10 Aug 2014 11:08:08 +0000 (12:08 +0100)]
Custom extension revision.

Use the same structure for client and server custom extensions.

Add utility functions in new file t1_ext.c.
Use new utility functions to handle custom server and client extensions
and remove a lot of code duplication.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
10 years agofix warning
Dr. Stephen Henson [Tue, 26 Aug 2014 00:07:57 +0000 (01:07 +0100)]
fix warning

Reviewed-by: Geoff Thorpe <geoff@openssl.org>
10 years agoConstant-time utilities
Emilia Kasper [Thu, 28 Aug 2014 13:33:34 +0000 (15:33 +0200)]
Constant-time utilities

Pull constant-time methods out to a separate header, add tests.

Reviewed-by: Bodo Moeller <bodo@openssl.org>
10 years agoRT2400: ASN1_STRING_to_UTF8 missing initializer
Raphael Spreitzer [Thu, 28 Aug 2014 02:53:10 +0000 (22:53 -0400)]
RT2400: ASN1_STRING_to_UTF8 missing initializer

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoMerge branch 'master' of git.openssl.org:openssl
Rich Salz [Thu, 28 Aug 2014 01:36:04 +0000 (21:36 -0400)]
Merge branch 'master' of git.openssl.org:openssl

Gah, I hate when I forget to pull before merging.

Reviewed-by: rsalz
10 years agoRT2308: Add extern "C" { ... } wrapper
Rich Salz [Wed, 27 Aug 2014 19:28:08 +0000 (15:28 -0400)]
RT2308: Add extern "C" { ... } wrapper

Add the wrapper to all public header files (Configure
generates one).  Don't bother for those that are just
lists of #define's that do renaming.

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoExplicitly check for empty ASN.1 strings in d2i_ECPrivateKey
Emilia Kasper [Mon, 25 Aug 2014 10:38:16 +0000 (12:38 +0200)]
Explicitly check for empty ASN.1 strings in d2i_ECPrivateKey

The old code implicitly relies on the ASN.1 code returning a \0-prefixed buffer
when the buffer length is 0. Change this to verify explicitly that the ASN.1 string
has positive length.

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
10 years agoRT3065: automatically generate a missing EC public key
Matt Caswell [Fri, 22 Aug 2014 16:04:19 +0000 (18:04 +0200)]
RT3065: automatically generate a missing EC public key

When d2i_ECPrivateKey reads a private key with a missing (optional) public key,
generate one automatically from the group and private key.

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
10 years agoRT3065: ec_private_key_dont_crash
Adam Langley [Tue, 23 Apr 2013 19:12:36 +0000 (15:12 -0400)]
RT3065: ec_private_key_dont_crash

This change saves several EC routines from crashing when an EC_KEY is
missing a public key. The public key is optional in the EC private key
format and, without this patch, running the following through `openssl
ec` causes a crash:

-----BEGIN EC PRIVATE KEY-----
MBkCAQEECAECAwQFBgcIoAoGCCqGSM49AwEH
-----END EC PRIVATE KEY-----

Reviewed-by: Dr Stephen Henson <steve@openssl.org>
10 years agoRT2210: Add missing EVP_cleanup to example
Mihai Militaru [Tue, 26 Aug 2014 16:35:54 +0000 (12:35 -0400)]
RT2210: Add missing EVP_cleanup to example

I also removed some trailing whitespace and cleaned
up the "see also" list.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
10 years agoAdd tags/TAGS target; rm tags/TAGS in clean
Rich Salz [Wed, 27 Aug 2014 00:51:52 +0000 (20:51 -0400)]
Add tags/TAGS target; rm tags/TAGS in clean

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoMerge branch 'master' of git.openssl.org:openssl
Rich Salz [Tue, 26 Aug 2014 17:54:21 +0000 (13:54 -0400)]
Merge branch 'master' of git.openssl.org:openssl

Stupid git tricks :(

Reviewed-by: rsalz
10 years agoRT1744: SSL_CTX_set_dump_dh() doc feedback
David Gatwood [Tue, 26 Aug 2014 17:02:03 +0000 (13:02 -0400)]
RT1744: SSL_CTX_set_dump_dh() doc feedback

The description of when the server creates a DH key is
confusing.  This cleans it up.
(rsalz: also removed trailing whitespace.)

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
10 years agoRT1744: SSL_CTX_set_dump_dh() doc feedback
David Gatwood [Tue, 26 Aug 2014 17:02:03 +0000 (13:02 -0400)]
RT1744: SSL_CTX_set_dump_dh() doc feedback

The description of when the server creates a DH key is
confusing.  This cleans it up.
(rsalz: also removed trailing whitespace.)

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
10 years agoRT1804: fix EXAMPLE in EVP_EncryptInit.pod
Jan Schaumann [Fri, 15 Aug 2014 03:00:44 +0000 (23:00 -0400)]
RT1804: fix EXAMPLE in EVP_EncryptInit.pod

The EXAMPLE that used FILE and RC2 doesn't compile due to a
few minor errors.  Tweak to use IDEA and AES-128. Remove
examples about RC2 and RC5.

Reviewed-by: Emilia Kasper <emilia@openssl.org>
10 years agoTypo fixes to evp documentation.
Matt Caswell [Thu, 24 Jul 2014 05:00:11 +0000 (01:00 -0400)]
Typo fixes to evp documentation.

This patch was submitted by user "Kox" via the wiki

Reviewed-by: Tim Hudson <tjh@openssl.org>
10 years agoRT 3060: amend patch
Emilia Kasper [Thu, 21 Aug 2014 15:34:05 +0000 (17:34 +0200)]
RT 3060: amend patch

Use existing error code SSL_R_RECORD_TOO_SMALL for too many empty records.

For ease of backporting the patch to release branches.

Reviewed-by: Bodo Moeller <bodo@openssl.org>
10 years agoRT3061: slightly amend patch
Emilia Kasper [Fri, 22 Aug 2014 13:16:00 +0000 (15:16 +0200)]
RT3061: slightly amend patch

Add an extra NULL dereference check

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
10 years agoImprove EVP_PKEY_sign documentation
Emilia Kasper [Fri, 22 Aug 2014 11:16:55 +0000 (13:16 +0200)]
Improve EVP_PKEY_sign documentation

Clarify the intended use of EVP_PKEY_sign. Make the code example compile.

Reviewed-by: Dr Stephen Henson <steve@openssl.org>