Skip to main content
swh:1:snp:dc2a5002442a00b1c0eda7c65d04ea7455e166cd
sort by:
RevisionAuthorDateMessageCommit Date
b2758a2 Matt Caswell02 November 2017, 14:29:01 UTCPrepare for 1.1.0g release Reviewed-by: Andy Polyakov <appro@openssl.org>02 November 2017, 14:29:01 UTC
6190960 Matt Caswell02 November 2017, 11:23:17 UTCUpdate CHANGES and NEWS for new release Reviewed-by: Andy Polyakov <appro@openssl.org>02 November 2017, 12:02:04 UTC
4443cf7 Andy Polyakov17 August 2017, 19:08:57 UTCbn/asm/x86_64-mont5.pl: fix carry bug in bn_sqrx8x_internal. Credit to OSS-Fuzz for finding this. CVE-2017-3736 Reviewed-by: Rich Salz <rsalz@openssl.org>02 November 2017, 11:05:15 UTC
b701fa8 Richard Levitte01 November 2017, 16:09:06 UTCFix small but important regression In OpenSSL pre 1.1.0, 'openssl x509 -CAkeyformat engine' was possible and supported. In 1.1.0, a small typo ('F' instead of 'f') removed that possibility. This restores the pre 1.1.0 behavior. Fixes #4366 Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4643) (cherry picked from commit bd6eba79d70677f891f1bb55b6f5bc5602c47cbc)02 November 2017, 10:56:11 UTC
ab91952 Pauli31 October 2017, 20:58:39 UTCAddress a timing side channel whereby it is possible to determine some information about the length of the scalar used in ECDSA operations from a large number (2^32) of signatures. This doesn't rate as a CVE because: * For the non-constant time code, there are easier ways to extract more information. * For the constant time code, it requires a significant number of signatures to leak a small amount of information. Thanks to Neals Fournaise, Eliane Jaulmes and Jean-Rene Reinhard for reporting this issue. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4576) (cherry picked from commit 4a089bbdf11f9e231cc68f42bba934c954d81a49)01 November 2017, 15:55:11 UTC
7184480 Pauli31 October 2017, 20:58:13 UTCAddress a timing side channel whereby it is possible to determine some information about the length of a value used in DSA operations from a large number of signatures. This doesn't rate as a CVE because: * For the non-constant time code, there are easier ways to extract more information. * For the constant time code, it requires a significant number of signatures to leak a small amount of information. Thanks to Neals Fournaise, Eliane Jaulmes and Jean-Rene Reinhard for reporting this issue. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4576) (cherry picked from commit c0caa945f6ef30363e0d01d75155f20248403df4)01 November 2017, 15:55:11 UTC
bb0c588 Richard Levitte31 October 2017, 10:42:40 UTCTravis: Add a docs checking job Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4631)31 October 2017, 11:31:41 UTC
df45d1a Richard Levitte31 October 2017, 11:13:45 UTCdocs: assign section 7 where appropriate Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4633)31 October 2017, 11:30:01 UTC
847685c Richard Levitte31 October 2017, 11:13:21 UTCdoc/crypto/OPENSSL_secure_malloc: add missing names Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4633)31 October 2017, 11:30:01 UTC
4401e28 Richard Levitte31 October 2017, 11:12:58 UTCdocs: fixup OpenSSL version style Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4633)31 October 2017, 11:30:01 UTC
41d74a5 Richard Levitte31 October 2017, 11:10:08 UTCAdapt util/find-doc-nits back to 1.1.0 This version was a direct port from 1.1.1-dev, which has a different source structure for the docs. Adjustment done. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4633)31 October 2017, 11:30:01 UTC
7fb4278 Richard Levitte31 October 2017, 10:33:14 UTCFix EVP_PKEY_ASN1_METHOD manual Missing names slipped through Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4630)31 October 2017, 10:33:14 UTC
0d9fece Baptiste Jonglez30 October 2017, 10:38:09 UTCafalg: Fix kernel version check The check should reject kernel versions < 4.1.0, not <= 4.1.0. The issue was spotted on OpenSUSE 42.1 Leap, since its linux/version.h header advertises 4.1.0. CLA: trivial Fixes: 7f458a48 ("ALG: Add AFALG engine") Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4618)31 October 2017, 10:22:06 UTC
a0c2626 Baptiste Jonglez30 October 2017, 13:38:19 UTCafalg: Use eventfd2 syscall instead of eventfd The eventfd syscall is deprecated and is not available on aarch64, causing build to fail: engines/e_afalg.c: In function 'eventfd': engines/e_afalg.c:108:20: error: '__NR_eventfd' undeclared (first use in this function) return syscall(__NR_eventfd, n); ^ Instead, switch to the newer eventfd2 syscall, which is supposed to be supported by all architectures. This kind of issues would be avoided by simply using the eventfd(2) wrapper from the libc, but there must be subtle reasons not to... Tested on a aarch64 system running OpenSUSE Leap 42.1 (gcc118 from https://cfarm.tetaneutral.net/machines/list/ ) and also cross-compiling for aarch64 with LEDE (kernel 4.9). This properly fixes #1685. CLA: trivial Fixes: 7f458a48 ("ALG: Add AFALG engine") Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4618)31 October 2017, 10:22:06 UTC
605fa68 Richard Levitte27 October 2017, 20:42:04 UTCEVP_PKEY_asn1_add0(): Check that this method isn't already registered No two public key ASN.1 methods with the same pkey_id can be registered at the same time. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4620)31 October 2017, 08:21:32 UTC
6088fb7 Richard Levitte26 October 2017, 22:11:11 UTCDocument EVP_PKEY_ASN1_METHOD and associated functions [skip ci] Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4620)31 October 2017, 08:21:32 UTC
5a3d24a Kurt Roeckx29 October 2017, 14:13:43 UTCOnly reset the ctx when a cipher is given This restores the 1.0.2 behaviour Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Benjamin Kaduk <bkaduk@akamai.com> GH: #4613 (cherry picked from commit ffd23209933ea0ad5543f15ca6303d63d8dac826)30 October 2017, 21:51:40 UTC
257a03c Rich Salz28 October 2017, 15:32:38 UTCAdd missing paren. Thanks to Remi Gacogne for pointing this out. Also indented the two macro bodies Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4608)28 October 2017, 15:32:38 UTC
f32a0a9 Andy Polyakov14 October 2017, 08:21:19 UTCx509v3/v3_utl.c: avoid double-free. Thanks to David Benjamin for spotting this. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4532) (cherry picked from commit 432f8688bb72e21939845ac7a69359ca718c6676) Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4514)27 October 2017, 09:26:12 UTC
a5034be Andy Polyakov08 October 2017, 18:10:13 UTCcrypto/x509v3/v3_utl.c: fix Coverity problems. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4492) (cherry picked from commit 32f3b98d1302d4c0950dc1bf94b50269b6edbd95) Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4514)27 October 2017, 09:24:40 UTC
6d2fbe9 Matt Caswell20 October 2017, 16:11:03 UTCDon't use strcasecmp and strncasecmp for IA5 strings The functions strcasecmp() and strncasecmp() will use locale specific rules when performing comparison. This could cause some problems in certain locales. For example in the Turkish locale an 'I' character is not the uppercase version of 'i'. However IA5 strings should not use locale specific rules, i.e. for an IA5 string 'I' is uppercase 'i' even if using the Turkish locale. This fixes a bug in name constraints checking reported by Thomas Pornin (NCCGroup). This is not considered a security issue because it would require both a Turkish locale (or other locale with similar issues) and malfeasance by a trusted name-constrained CA for a certificate to pass name constraints in error. The constraints also have to be for excluded sub-trees which are extremely rare. Failure to match permitted subtrees is a bug, not a vulnerability. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4569) (cherry picked from commit 9cde5f81222fd491d6d56eb8f37ab9c40a26f745)26 October 2017, 13:53:16 UTC
2e6d51d Paul Yang23 October 2017, 17:35:31 UTCFix doc-nits in doc/man3/DEFINE_STACK_OF.pod <compar> to <compare> to match the var name in function prototype Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4559) (cherry picked from commit d9c989fe3f137580ee627c91e01245e78b0b41ff)26 October 2017, 10:48:29 UTC
b8dc5f4 Richard Levitte25 October 2017, 21:53:50 UTCdoc/man3/d2i_X509.pod: add {d2i,i2d}_DSA_PUBKEY in NAME section Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4584) (cherry picked from commit 82d89ef72515ad3d78c0160641faf30b8b024dda)25 October 2017, 22:29:16 UTC
9d725c0 Richard Levitte24 October 2017, 16:32:22 UTCasn1_item_embed_new(): if locking failed, don't call asn1_item_embed_free() asn1_item_embed_free() will try unlocking and fail in this case, and since the new item was just allocated on the heap, free it directly with OPENSSL_free() instead. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4579) (cherry picked from commit fe6fcd31546db1ab019e55edd15c953c5b358559)24 October 2017, 18:53:04 UTC
f7f1ac6 Richard Levitte24 October 2017, 11:39:04 UTCasn1_item_embed_new(): don't free an embedded item The previous change with this intention didn't quite do it. An embedded item must not be freed itself, but might potentially contain non-embedded elements, which must be freed. So instead of calling ASN1_item_ex_free(), where we can't pass the embed flag, we call asn1_item_embed_free() directly. This changes asn1_item_embed_free() from being a static function to being a private non-static function. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4579) (cherry picked from commit 03996c19c30575c48b254f10625d24f86058605b)24 October 2017, 18:53:03 UTC
b272c48 Matt Caswell18 October 2017, 13:07:57 UTCDon't make any changes to the lhash structure if we are going to fail The lhash expand() function can fail if realloc fails. The previous implementation made changes to the structure and then attempted to do a realloc. If the realloc failed then it attempted to undo the changes it had just made. Unfortunately changes to lh->p were not undone correctly, ultimately causing subsequent expand() calls to increment num_nodes to a value higher than num_alloc_nodes, which can cause out-of-bounds reads/ writes. This is not considered a security issue because an attacker cannot cause realloc to fail. This commit moves the realloc call to near the beginning of the function before any other changes are made to the lhash structure. That way if a failure occurs we can immediately fail without having to undo anything. Thanks to Pavel Kopyl (Samsung) for reporting this issue. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4550) (cherry picked from commit 4ce8bebcca90a1f8a3347be29df7a501043d4464)24 October 2017, 11:18:16 UTC
4ed22d6 Xiangyu Bu18 October 2017, 00:10:53 UTCFix memory leak in GENERAL_NAME_set0_othername. CLA: trivial Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4544) (cherry picked from commit 04761b557a53f026630dd5916b2b8522d94579db)24 October 2017, 08:40:18 UTC
ca80ba8 Richard Levitte23 October 2017, 14:41:06 UTCasn1_item_embed_new(): don't free an embedded item An embedded item wasn't allocated separately on the heap, so don't free it as if it was. Issue discovered by Pavel Kopyl Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4572) (cherry picked from commit 590bbdfdf43b97abf8817f506f8ab46687d1eadd)23 October 2017, 15:47:45 UTC
84a85b5 Matt Caswell18 October 2017, 09:23:33 UTCCorrect value for BN_security_bits() The function BN_security_bits() uses the values from SP800-57 to assign security bit values for different FF key sizes. However the value for 192 security bits is wrong. SP800-57 has it as 7680 but the code had it as 7690. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4546) (cherry picked from commit c9fe362303fc54ff19bde7511475f28663f7d554)23 October 2017, 13:01:12 UTC
8efce5b Patrick Steuer20 October 2017, 18:51:05 UTCs390x assembly pack: define OPENSSL_s390xcap_P in s390xcap.c Remove all .comm definitions from the asm modules. Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4563)22 October 2017, 19:20:00 UTC
e864383 Jakub Jelen20 October 2017, 13:41:43 UTCECDSA_* is deprecated. EC_KEY_* is used instead CLA: trivial Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Ben Laurie <ben@links.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4561) (cherry picked from commit 9b02dc97e4963969da69675a871dbe80e6d31cda)20 October 2017, 15:51:49 UTC
7626bd1 Rich Salz18 October 2017, 19:33:56 UTCAdditional name for all commands Add openssl-foo as a name for the openssl "foo" command. Addresses an issue found by a usability study to be published. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4553) (cherry picked from commit 3f2181e6fadea9e7ad8810b3f170fd0b2154e8b8)19 October 2017, 12:38:54 UTC
8456e4c Patrick Steuer30 January 2017, 11:50:54 UTCs390x assembly pack: remove capability double-checking. An instruction's QUERY function is executed at initialization, iff the required MSA level is installed. Therefore, it is sufficient to check the bits returned by the QUERY functions. The MSA level does not have to be checked at every function call. crypto/aes/asm/aes-s390x.pl: The AES key schedule must be computed if the required KM or KMC function codes are not available. Formally, the availability of a KMC function code does not imply the availability of the corresponding KM function code. Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4501) (cherry picked from commit af1d638730bdfad85a7fa8c3f157b2828eda7c1d)17 October 2017, 19:58:43 UTC
465766c Patrick Steuer27 January 2017, 08:47:48 UTCcrypto/aes/asm/aes-s390x.pl: fix $softonly=1 code path. Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4501) (cherry picked from commit 4c5100ce7d66ccff48d6435c1761b5e3281de61f)17 October 2017, 19:58:04 UTC
c290d61 Rich Salz16 October 2017, 16:10:45 UTCUpdate RAND_load_file return value. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4537) (cherry picked from commit fe7a4d7c4c8148f732bc47ef7585f4aa41b7391a)17 October 2017, 19:41:48 UTC
20fe505 Dr. Stephen Henson12 October 2017, 00:05:24 UTCBackport key redirection test from master branch Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4520)13 October 2017, 22:07:49 UTC
f1597bb Ben Kaduk13 October 2017, 00:20:07 UTCSkip ssl-tests/19-mac-then-encrypt.conf for no-tls1_2 The second set of tests in that configuration uses the AES-SHA256 ciphers, which are only available for TLS 1.2. Thus, when TLS 1.2 is disabled, there are no ciphers available and the handshake fails with an internal error. Apply the same treatment as for 13-fragmentation.conf, which uses the same ciphers. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4526)13 October 2017, 00:22:16 UTC
aa09c24 Dr. Stephen Henson10 October 2017, 12:42:24 UTCDocument EVP_PKEY_set1_engine() Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4503) (cherry picked from commit 8e826a339f8cda20a4311fa88a1de782972cf40d)11 October 2017, 23:27:28 UTC
b30d184 Dr. Stephen Henson11 October 2017, 23:11:21 UTCmake update Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4503)11 October 2017, 23:27:12 UTC
aa4c32e Dr. Stephen Henson09 October 2017, 14:21:11 UTCAdd EVP_PKEY_set1_engine() function. Add an ENGINE to EVP_PKEY structure which can be used for cryptographic operations: this will typically be used by an HSM key to redirect calls to a custom EVP_PKEY_METHOD. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4503) (cherry picked from commit d19b01ad79f9e2aac5c87496b5ca5f80016daeb7)11 October 2017, 23:08:50 UTC
f042e93 Dr. Stephen Henson09 October 2017, 22:24:26 UTCFix memory leak on lookup failure Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4503) (cherry picked from commit 918a27facd3558444c69b1edbedb49478e82dff5)11 October 2017, 23:08:30 UTC
a5d0541 Dr. Stephen Henson09 October 2017, 13:37:21 UTCDon't ignore passed ENGINE. If we are passed an ENGINE to use in int_ctx_new e.g. via EVP_PKEY_CTX_new() use it instead of the default. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4503) (cherry picked from commit c2976edf4b22691d8bebb0e3ca2db18b3d0c71c6)11 October 2017, 23:08:09 UTC
0cf65a0 Matt Caswell27 September 2017, 10:13:47 UTCEnsure we test all parameters for BN_FLG_CONSTTIME RSA_setup_blinding() calls BN_BLINDING_create_param() which later calls BN_mod_exp() as follows: BN_mod_exp(ret->A, ret->A, ret->e, ret->mod, ctx) ret->mod will have BN_FLG_CONSTTIME set, but ret->e does not. In BN_mod_exp() we only test the third param for the existence of this flag. We should test all the inputs. Thanks to Samuel Weiser (samuel.weiser@iaik.tugraz.at) for reporting this issue. This typically only happens once at key load, so this is unlikely to be exploitable in any real scenario. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4477) (cherry picked from commit e913d11f444e0b46ec1ebbf3340813693f4d869d)11 October 2017, 15:01:13 UTC
24806f0 Richard Levitte09 October 2017, 15:58:50 UTCReduce the things we ignore in test/ Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4507) (cherry picked from commit d2068e34d1e6b19daa6aba32bc7c6393699c9371)09 October 2017, 19:22:21 UTC
6b3c5b8 Richard Levitte09 October 2017, 15:57:13 UTCUse the possibility to have test results in a different directory RESULT_D can be used to provide a separate directory for test results. Let's use that to separate them from other files. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4507) (cherry picked from commit 41f571e10c31cd58aada3cfde3be6a8a94cea64a)09 October 2017, 19:22:20 UTC
380ebcc Richard Levitte09 October 2017, 15:55:38 UTCFix util/perl/OpenSSL/Test.pm input variable overwrite Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4507) (cherry picked from commit 9b9a8a712d64e35a337b22869288f246b5580c73)09 October 2017, 19:22:16 UTC
8bd108a Mouse09 October 2017, 02:47:02 UTCFix parameter name, for common aesthetics and to silence IDE warnings. CLA: trivial Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4494)09 October 2017, 14:52:28 UTC
125993d Richard Levitte09 October 2017, 11:21:24 UTCFix util/find-doc-nits to correctly parse function signature typedefs Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4499) (cherry picked from commit 0ed78e78007bb74e48e6f59fa2388bb244153bf0)09 October 2017, 12:38:49 UTC
5c3f01f Richard Levitte09 October 2017, 10:55:27 UTCCorrect some typedef documentation Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4499) (cherry picked from commit 5bf6d418034a246bd3680d648c22e2c4500a3e0a)09 October 2017, 12:36:02 UTC
9689510 Rich Salz08 October 2017, 14:50:38 UTCFix doc for i2d/d2i private/public key Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4491) (cherry picked from commit 24b0be11b061f36d30ccccdf9d34edf270be4c2f)08 October 2017, 20:34:12 UTC
3892f94 Richard Levitte06 October 2017, 05:44:27 UTCdoc/apps/openssl.pod: Add missing commands and links Fixes #4471 and more Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4473)06 October 2017, 08:54:05 UTC
c5e8bd1 Emilia Kasper25 November 2016, 16:05:30 UTCTest mac-then-encrypt Verify that the encrypt-then-mac negotiation is handled correctly. Additionally, when compiled with no-asm, this test ensures coverage for the constant-time MAC copying code in ssl3_cbc_copy_mac. The proxy-based CBC padding test covers that as well but it's nevertheless better to have an explicit handshake test for mac-then-encrypt. Reviewed-by: Andy Polyakov <appro@openssl.org> (cherry picked from commit b3618f44a7b8504bfb0a64e8a33e6b8e56d4d516)05 October 2017, 07:29:28 UTC
619c589 David Woodhouse13 October 2016, 23:26:38 UTCAdd SSL_OP_NO_ENCRYPT_THEN_MAC Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (cherry picked from commit cde6145ba19a2fce039cf054a89e49f67c623c59)05 October 2017, 07:29:28 UTC
6717d1c Matt Caswell03 October 2017, 13:15:16 UTCRemove an incorrect comment Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4456) (cherry picked from commit 786b4df402ce57e375012401a02ad7a6696b90c2)04 October 2017, 14:58:08 UTC
6f50830 Richard Levitte04 October 2017, 07:42:23 UTCConfigurations/windows-makefile.tmpl: canonicalise configured paths This avoids issues that can come with an ending backslash, among other. Fixes #4458 Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4461) (cherry picked from commit dc6a62d5d5de905776433ab8ab6b1b2fffaae1ea)04 October 2017, 13:20:45 UTC
87fde17 Bernd Edlinger02 October 2017, 15:24:17 UTCFix the return type of felem_is_zero_int which should be int. Change argument type of xxxelem_is_zero_int to const void* to avoid the need of type casts. Fixes #4413 Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4450) (cherry picked from commit c55b786a8911cef41f890735ba5fde79e116e055)02 October 2017, 15:27:03 UTC
7f2be2f Andy Polyakov26 September 2017, 20:38:57 UTCrecipes/25-test_verify.t: reformat. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4411)30 September 2017, 20:17:51 UTC
329a004 David Benjamin18 September 2017, 20:51:56 UTCGuard against DoS in name constraints handling. This guards against the name constraints check consuming large amounts of CPU time when certificates in the presented chain contain an excessive number of names (specifically subject email names or subject alternative DNS names) and/or name constraints. Name constraints checking compares the names presented in a certificate against the name constraints included in a certificate higher up in the chain using two nested for loops. Move the name constraints check so that it happens after signature verification so peers cannot exploit this using a chain with invalid signatures. Also impose a hard limit on the number of name constraints check loop iterations to further mitigate the issue. Thanks to NCC for finding this issue. Fix written by Martin Kreichgauer. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4411) (cherry picked from commit 8545051c3652bce7bb962afcb6879c4a6288bc67) Resolved conflicts: crypto/x509v3/v3_ncons.c test/recipes/25-test_verify.t30 September 2017, 20:17:36 UTC
15ab321 Samuel Weiser29 September 2017, 11:29:25 UTCAdded const-time flag to DSA key decoding to avoid potential leak of privkey Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4440) (cherry picked from commit 6364475a990449ef33fc270ac00472f7210220f2)29 September 2017, 17:52:05 UTC
6787c60 Hubert Kario29 September 2017, 13:36:01 UTCdoc: note that the BN_new() initialises the BIGNUM BN_new() and BN_secure_new() not only allocate memory, but also initialise it to deterministic value - 0. Document that behaviour to make it explicit backport from #4438 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4442)29 September 2017, 13:36:01 UTC
effdcf6 David Benjamin18 September 2017, 15:58:24 UTCAllow DH_set0_key with only private key. The pub_key field for DH isn't actually used in DH_compute_key at all. (Note the peer public key is passed in as as BIGNUM.) It's mostly there so the caller may extract it from DH_generate_key. It doesn't particularly need to be present if filling in a DH from external parameters. The check in DH_set0_key conflicts with adding OpenSSL 1.1.0 to Node. Their public API is a thin wrapper over the old OpenSSL one: https://nodejs.org/api/crypto.html#crypto_class_diffiehellman They have separate setPrivateKey and setPublicKey methods, so the public key may be set last or not at all. In 1.0.2, either worked fine since operations on DH objects generally didn't use the public key. (Like with OpenSSL, Node's setPublicKey method is also largely a no-op, but so it goes.) In 1.1.0, DH_set0_key prevents create a private-key-only DH object. (cherry picked from commit d58ad9a2a287d1c0bc99ba63c997eed88cc161b5) Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4425)27 September 2017, 15:28:24 UTC
a8e047a Samuel Weiser16 September 2017, 14:52:44 UTCBN_copy now propagates BN_FLG_CONSTTIME Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4377) (cherry picked from commit 9f9442918aeaed5dc2442d81ab8d29fe3e1fb906)27 September 2017, 09:09:39 UTC
d32bf54 Samuel Weiser15 September 2017, 20:12:53 UTCFixed error in propagating BN_FLG_CONSTTIME flag through BN_MONT_CTX_set, which could lead to information disclosure on RSA primes p and q. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4377) (cherry picked from commit 3de81a5912041a70884cf4e52e7213f3b5dfa747)27 September 2017, 09:09:38 UTC
64aa3d0 Richard Levitte26 September 2017, 08:46:10 UTCMake sure that a cert with extensions gets version number 2 (v3) Fixes #4419 Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4420) (cherry picked from commit 4881d849da23528e19b7312f963d28916d9804b1)26 September 2017, 09:06:39 UTC
4c9a6a3 Pichulin Dmitrii22 September 2017, 08:41:04 UTCFix 'key' option in s_server can be in ENGINE keyform Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Stephen Henson <steve@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4405) (cherry picked from commit 75c445e49bb3d22afe72b28ae67945a9f67091f6)23 September 2017, 12:46:58 UTC
32ef82a Dr. Stephen Henson23 September 2017, 12:39:54 UTCRemove dhparam from SSL_CONF list. Avoid duplicate assertion by removing dhparam from SSL_CONF parameter list: dhparam is handled manually by s_server. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4408)23 September 2017, 12:39:54 UTC
ae386c9 Benjamin Kaduk21 September 2017, 12:18:10 UTCReenable s_server -dhparam option This option was lost when converting to a table-driven option parser in commit 7e1b7485706c2b11091b5fa897fe496a2faa56cc. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4398) (cherry picked from commit 51ac82702dc91cabd3dbf890d8f65b285282c0ce)21 September 2017, 18:50:12 UTC
22e311c David Benjamin18 September 2017, 19:58:41 UTCFix overflow in c2i_ASN1_BIT_STRING. c2i_ASN1_BIT_STRING takes length as a long but uses it as an int. Check bounds before doing so. Previously, excessively large inputs to the function could write a single byte outside the target buffer. (This is unreachable as asn1_ex_c2i already uses int for the length.) Thanks to NCC for finding this issue. Fix written by Martin Kreichgauer. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4385) (cherry picked from commit 6b1c8204b33aaedb7df7a009c241412839aaf950)19 September 2017, 19:32:58 UTC
de6db95 Pauli17 September 2017, 20:52:13 UTCNull pointer used. Address coverity report of null pointer being dereferenced. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4381) (cherry picked from commit 9be34ee5c8576539a929d5b396ad071aed525f43)17 September 2017, 22:13:49 UTC
af51a74 Christian Heimes14 September 2017, 07:28:39 UTCProvide getters for min/max proto version OpenSSL 1.1.0 made SSL_CTX and SSL structs opaque and introduced a new API to set the minimum and maximum protocol version for SSL_CTX with TLS_method(). Add getters to introspect the configured versions: int SSL_CTX_get_min_proto_version(SSL_CTX *ctx); int SSL_CTX_get_max_proto_version(SSL_CTX *ctx); int SSL_get_min_proto_version(SSL *ssl); int SSL_get_max_proto_version(SSL *ssl); NOTE: The getters do not resolv the version in case when the minimum or maxium version are configured as '0' (meaning auto-select lowest and highst version number). Signed-off-by: Christian Heimes <christian@python.org> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (cherry picked from commit 3edabd3ccb7aac89af5a63cfb2378e33a8be05d7) Updated for new manual page location and TLS 1.3. (Merged from https://github.com/openssl/openssl/pull/4376)15 September 2017, 15:31:54 UTC
a8b85c5 Benjamin Kaduk09 May 2017, 23:39:50 UTCError out when forcing an unsupported TLS version If the result of a SSL_{CTX_,}set_{min,max}_proto_version() call leaves the min and max version identical, and support for that version is compiled out of the library, return an error. Such an object has no hope of successfully completing a handshake, and this error may be easier to decipher than the resulting handshake failure. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit c8feba723a33e15201009d716d9ead02e653dfe6) Updated the cherry-pick to not reference TLS1_3_VERSION, which does not exist on this branch. (Merged from https://github.com/openssl/openssl/pull/4376)15 September 2017, 15:24:50 UTC
583d8f6 Richard Levitte12 September 2017, 05:47:05 UTCDisable the EGD seeding meachanism when stdio is disabled crypto/rand/rand_egd.c makes extensive use of stdio functions. When they are disabled, it makes sense to disable egd as well. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4358) (cherry picked from commit 15a1bd0ab2950671686cea51f4218c8f3d92fad9)12 September 2017, 06:04:04 UTC
93687bd multics10 September 2017, 13:02:07 UTCUpdate rsautl.pod for typo Fixes the typo CLA: trivial Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4354) (cherry picked from commit f70c22eb23763c6dce050293cc1b9a0a234d72b2)11 September 2017, 13:33:43 UTC
389058f Matt Caswell04 September 2017, 10:20:27 UTCAllow an endpoint to read the alert data before closing the socket If an alert gets sent and then we close the connection immediately with data still in the input buffer then a TCP-RST gets sent. Some OSs immediately abandon data in their input buffer if a TCP-RST is received - meaning the alert data itself gets ditched. Sending a TCP-FIN before the TCP-RST seems to avoid this. This was causing test failures in MSYS2 builds. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4333) (cherry picked from commit bac6abe18d28373e0d2d0666c411020404197337)08 September 2017, 12:18:45 UTC
4ea5f53 Rich Salz03 September 2017, 15:33:34 UTCFix error handling/cleanup Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4326) (cherry picked from commit 180794c54e98ae467c4ebced3737e1ede03e320a)07 September 2017, 20:12:00 UTC
7dd13ab Rich Salz05 September 2017, 21:21:38 UTCAdd checks for alloc failing. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4341) (cherry picked from commit d3c3dfc5778ab2cca0d25c5959c8b814a334addb)06 September 2017, 14:01:34 UTC
90507fb Richard Levitte01 September 2017, 20:15:13 UTCFix OpenSSL::Test::Utils::config to actualy load the config data Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4319) (cherry picked from commit 607f4d564f9540cda6cf5b127f2414625a11741a)01 September 2017, 20:53:16 UTC
3daecf1 Andy Polyakov30 August 2017, 14:28:16 UTCConfigure: base compiler-specific decisions on pre-defines. The commit subject is a bit misleading in sense that decisions affect only gcc and gcc-alikes, like clang, recent icc... This is back-port of 54cf3b981afcbbd3754c8ba1114ab6a658d86c08, GH#4281. Reviewed-by: Rich Salz <rsalz@openssl.org>01 September 2017, 06:56:26 UTC
d020a65 Andy Polyakov30 August 2017, 23:09:48 UTCcrypto/cryptlib.c: mask more capability bits upon FXSR bit flip. OPENSSL_ia32cap.pod discusses possibility to disable operations on XMM register bank. This formally means that this flag has to be checked in combination with other flags. But it customarily isn't. But instead of chasing all the cases we can flip more bits together with FXSR one. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4303) (cherry picked from commit 6e5a853bda24e8aece325ecf5aa68b8ea832e414)01 September 2017, 06:50:49 UTC
0d13ed3 Richard Levitte31 August 2017, 09:35:25 UTCutil/mkdef.pl: handle line terminators correctly When parsing the header files, mkdef.pl didn't clear the line terminator properly. In most cases, this didn't matter, but there were moments when this caused parsing errors (such as CRLFs in certain cases). Fixes #4267 Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4304) (cherry picked from commit e66b62b86e7725bdace0f24a76baa61db9c763f8)31 August 2017, 17:21:15 UTC
03b4e1c Zhu Qun-Ying30 August 2017, 21:52:50 UTCFixed address family test error for AF_UNIX in BIO_ADDR_make CLA: trivial Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4298) (cherry picked from commit 177503752b24299cc97ccf07062a3b79c4f28899)31 August 2017, 09:45:55 UTC
068b963 Rich Salz22 August 2017, 15:44:41 UTCAvoid out-of-bounds read Fixes CVE 2017-3735 Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4276) (cherry picked from commit b23171744b01e473ebbfd6edad70c1c3825ffbcd)28 August 2017, 17:33:54 UTC
7c188d4 Rich Salz25 August 2017, 13:11:09 UTCRemove NO_DIRENT; it isn't used anywhere Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4261) (cherry picked from commit 32c1356302e74dfa5e8bd2d7002c18d91a323b70)26 August 2017, 00:08:38 UTC
f444552 Bernd Edlinger24 August 2017, 05:53:13 UTCClear secret stack values after use in curve25519.c Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4242) (cherry picked from commit 78f1e4d0b063e17c9700f2aceecaca03bfa434f3)25 August 2017, 14:38:29 UTC
568a521 Richard Levitte25 August 2017, 12:51:45 UTCNO_SYS_TYPES_H isn't defined anywhere, stop using it as a guard This is a vestige from pre-1.1.0 OpenSSL Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4256) (cherry picked from commit b379fe6cd046b9dd8a62309dcbaded763e2d4187)25 August 2017, 13:51:40 UTC
3bd605f Matt Caswell25 August 2017, 13:16:20 UTCFix description of how to report a bug in INSTALL Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4259) (cherry picked from commit 0a8ddc17f57691c8e2e2446c4126fb4133d07d21)25 August 2017, 13:35:57 UTC
5a4bb0d Matt Caswell25 August 2017, 13:14:27 UTCClarify the meaning of no-stdio in INSTALL Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4259) (cherry picked from commit 219b4643e40ada993730c55ae2c09815f89b4a2d)25 August 2017, 13:35:56 UTC
b9377bd Matt Caswell21 August 2017, 07:44:14 UTCAdd documentation for SRTP functions Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4205) (cherry picked from commit 3733ce61a2a0933bf7b04d9a14bfe3ac22bb8a0d)24 August 2017, 08:37:13 UTC
9807f03 Dr. Stephen Henson23 August 2017, 22:58:04 UTCCorrect GCM docs. Fix GCM documentation: the tag does not have to be supplied before decrypting any data any more. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4231)23 August 2017, 22:58:04 UTC
e09cfa4 Rich Salz23 August 2017, 16:06:41 UTCTweak wording to be more clear. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4234) (cherry picked from commit a130950df92abf7dd787b000403da02af8f41c2d)23 August 2017, 21:35:39 UTC
603e517 Pauli20 August 2017, 21:36:23 UTCFix ctype arguments. Cast arguments to the various ctype functions to unsigned char to match their documentation. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4203) (cherry picked from commit 00dfbaad88a69ed8294d6039bf5f7d722f72bf39)21 August 2017, 21:44:24 UTC
c3154d7 Nicola Tuveri18 April 2017, 16:37:31 UTCevp_test.c: Add PrivPubKeyPair negative tests Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3246)21 August 2017, 10:19:17 UTC
7b39931 Nicola Tuveri18 April 2017, 16:37:01 UTCevp_test.c: Add PrivPubKeyPair test Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3246)21 August 2017, 10:19:16 UTC
36097bd Balaji Marisetti01 August 2017, 11:24:13 UTCAddressed build failure because of missing #ifdef AF_UNIX guard CLA: trivial Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4067) (cherry picked from commit 326eaa941e03a8922a3789ccab0d134c63d05c92)18 August 2017, 13:44:44 UTC
f48e792 Richard Levitte17 August 2017, 12:08:43 UTCAdd a comment on expectations in the "tar" target Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4179) (cherry picked from commit 77a9c26e03ccfec8d16985bce79e95eb6dc2dd2e)18 August 2017, 13:37:15 UTC
70c0b54 Richard Levitte17 August 2017, 12:04:36 UTCPrepare tarball in dist directory We changed directory to the wrong directory. This change also separates the preparation phase from the tarball building phase. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4179) (cherry picked from commit 17c84aa763b1d69c5446542bf9b4e2f642c570f2)18 August 2017, 13:37:14 UTC
a50c4aa Richard Levitte17 August 2017, 12:04:18 UTCTurn on error sensitivity in the "tar" target Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4179) (cherry picked from commit 34a5b7d727204eb990acd44899d457245ac94d7c)18 August 2017, 13:18:52 UTC
5dd8e67 Andy Polyakov16 August 2017, 21:06:57 UTCerr/err.c: fix "wraparound" bug in ERR_set_error_data. Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit d3d880ce01cfaf0091f46a2f6b5bd146d47a93e7)18 August 2017, 07:26:48 UTC
5c26dd5 Bernd Edlinger12 August 2017, 08:11:09 UTCClear outputs in PKCS12_parse error handling. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4145) (cherry picked from commit 524fdd515569e12047ddb29ba4c7f19706aacc98)17 August 2017, 16:01:20 UTC
bfb10f9 David von Oheimb16 August 2017, 18:00:05 UTCFix OCSP_basic_verify() cert chain construction in case bs->certs is NULL Now the certs arg is not any more neglected when building the signer cert chain. Added case to test/recipes/80-test_ocsp.t proving fix for 3-level CA hierarchy. See also http://rt.openssl.org/Ticket/Display.html?id=4620 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4124) (cherry picked from commit 121738d1cbfffa704eef4073510f13b419e6f08d)16 August 2017, 18:36:48 UTC
back to top