This project is mirrored from https://github.com/openssl/openssl.git.
Pull mirroring failed .
Last successful update .
Last successful update .
- 14 Mar, 2021 7 commits
-
-
Tomas Mraz authored
The first TODO 3.0 is not really a TODO, just a comment. The second one is something that is needed for compatibility with existing applications. There is no major reason in trying to change this behavior right now. Fixes #14400 Reviewed-by:
Shane Lontis <shane.lontis@oracle.com> Reviewed-by:
Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14534)
-
Tobias Nießen authored
Refs: https://github.com/openssl/openssl/pull/4930Reviewed-by:
Tomas Mraz <tomas@openssl.org> Reviewed-by:
-
Matt Caswell authored
The TODO is describing something that would be nice to fix. In fact the problem exists even in 1.1.1. It would be nice to fix it, but it does not need to be done in the 3.0 timeframe. Fixes #14376 Reviewed-by:
-
Matt Caswell authored
There is nothing to be done here for the time being. If at some point we make the async code libctx aware then we might need to make a change but there are no plans to do that at the moment. Fixes #14402 Reviewed-by:
-
Shane Lontis authored
Fixes #14390 The only caller of this function tests EVP_KEYMGMT_is_a() beforehand which will fail if the RSA key types do not match. So the test is not necessary. The assert has been removed when it does the test. Reviewed-by:
-
Shane Lontis authored
Fixes #14330 Reviewed-by:
-
Rich Salz authored
Some functions that lock things are void, so we just return early. Also make ossl_namemap_empty return 0 on error. Updated the docs, and added some code to ossl_namemap_stored() to handle the failure, and updated the tests to allow for failure. Fixes: #14230 Reviewed-by:
-
- 13 Mar, 2021 3 commits
-
-
Dr. David von Oheimb authored
This requires moving generally useful functions from apps/cmp.c to apps/lib/apps.c Reviewed-by:
-
Dr. David von Oheimb authored
Reviewed-by:
-
Pauli authored
Fixes #14519 Reviewed-by:
Tim Hudson <tjh@openssl.org> Reviewed-by:
-
- 12 Mar, 2021 4 commits
-
-
Tomas Mraz authored
There might be more because internal instances of the DRBG might be initialized for the first time and thus self-tested as well. Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14497)
-
Tomas Mraz authored
It is not needed anymore and it causes leaks because it is called when the FIPS provider libctx is not yet properly set up. Reviewed-by:
-
Tomas Mraz authored
Calling OPENSSL_init_crypto(0, NULL) is a no-op and will not properly initialize thread local handling. Only the calls that are needed to initialize thread locals are kept, the rest of the no-op calls are removed. Reviewed-by:
-
Jakub Zelenka authored
Reviewed-by:
-
- 11 Mar, 2021 26 commits
-
-
Pauli authored
Reviewed-by:
-
Pauli authored
Also correct an incorrect statement about non-activated providers. Reviewed-by:
-
Pauli authored
To avoid recursive lock issues, a copy is taken of the provider list and the callbacks are made without holding the store lock. Fixes #14251 Reviewed-by:
-
Matt Caswell authored
All pkeyopt's must have a ":" and a value for the option. Not supplying one can cause a crash Fixes #14494 Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Reviewed-by:
-
