The branch OpenSSL_1_0_2-stable has been updated
via 201015ee4f38e5d216a7625282c6b8a395b680b7 (commit)
from 178b9be8eccffca66434299bf986494c449b10ee (commit)
- Log -----------------------------------------------------------------
commit 201015ee4f38e5d216a7625282c6b8a395b680b7
Author: Pauli <paul.d...@oracle.com>
Date: Wed Mar 8 11:18:55 2017 +1000
Limit the output of the enc -ciphers command
to just the ciphers enc can
process. This means no AEAD ciphers and no XTS mode.
Reviewed-by: Richard Levitte <levi...@openssl.org>
Reviewed-by: Rich Salz <rs...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2876)
(cherry picked from commit 777f1708a88f85569304caeca197c96ef912b236)
(cherry picked from commit b97324dbcb12e8b509d513ded9ba3f71c14547d8)
-----------------------------------------------------------------------
Summary of changes:
apps/enc.c | 7 +++++++
crypto/include/internal/bn_conf.h | 28 ++++++++++++++++++++++++++++
crypto/include/internal/dso_conf.h | 16 ++++++++++++++++
doc-nits | 0
fuzz/asn1-test | Bin 0 -> 36892 bytes
fuzz/asn1parse-test | Bin 0 -> 18402 bytes
fuzz/bignum-test | Bin 0 -> 19593 bytes
fuzz/bndiv-test | Bin 0 -> 20310 bytes
fuzz/client-test | Bin 0 -> 20298 bytes
fuzz/cms-test | Bin 0 -> 18846 bytes
fuzz/conf-test | Bin 0 -> 19368 bytes
fuzz/crl-test | Bin 0 -> 18816 bytes
fuzz/ct-test | Bin 0 -> 18783 bytes
fuzz/server-test | Bin 0 -> 31129 bytes
fuzz/x509-test | Bin 0 -> 18793 bytes
test/ssltest_old | Bin 0 -> 114814 bytes
test/v3ext | Bin 0 -> 10543 bytes
test/x509aux | Bin 0 -> 21871 bytes
18 files changed, 51 insertions(+)
create mode 100644 crypto/include/internal/bn_conf.h
create mode 100644 crypto/include/internal/dso_conf.h
create mode 100644 doc-nits
create mode 100755 fuzz/asn1-test
create mode 100755 fuzz/asn1parse-test
create mode 100755 fuzz/bignum-test
create mode 100755 fuzz/bndiv-test
create mode 100755 fuzz/client-test
create mode 100755 fuzz/cms-test
create mode 100755 fuzz/conf-test
create mode 100755 fuzz/crl-test
create mode 100755 fuzz/ct-test
create mode 100755 fuzz/server-test
create mode 100755 fuzz/x509-test
create mode 100755 test/ssltest_old
create mode 100755 test/v3ext
create mode 100755 test/x509aux
diff --git a/apps/enc.c b/apps/enc.c
index 8c8f1ef..69fb3f9 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -89,6 +89,13 @@ static void show_ciphers(const OBJ_NAME *name, void *bio_)
if (!islower((unsigned char)*name->name))
return;
+ /* Filter out ciphers that we cannot use */
+ cipher = EVP_get_cipherbyname(name->name);
+ if (cipher == NULL ||
+ (EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) != 0 ||
+ EVP_CIPHER_mode(cipher) == EVP_CIPH_XTS_MODE)
+ return;
+
BIO_printf(bio, "-%-25s", name->name);
if (++n == 3) {
BIO_printf(bio, "\n");
diff --git a/crypto/include/internal/bn_conf.h
b/crypto/include/internal/bn_conf.h
new file mode 100644
index 0000000..34bd8b7
--- /dev/null
+++ b/crypto/include/internal/bn_conf.h
@@ -0,0 +1,28 @@
+/* WARNING: do not edit! */
+/* Generated by Makefile from crypto/include/internal/bn_conf.h.in */
+/*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_BN_CONF_H
+# define HEADER_BN_CONF_H
+
+/*
+ * The contents of this file are not used in the UEFI build, as
+ * both 32-bit and 64-bit builds are supported from a single run
+ * of the Configure script.
+ */
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+#define SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#undef THIRTY_TWO_BIT
+
+#endif
diff --git a/crypto/include/internal/dso_conf.h
b/crypto/include/internal/dso_conf.h
new file mode 100644
index 0000000..7a52dd1
--- /dev/null
+++ b/crypto/include/internal/dso_conf.h
@@ -0,0 +1,16 @@
+/* WARNING: do not edit! */
+/* Generated by Makefile from crypto/include/internal/dso_conf.h.in */
+/*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_DSO_CONF_H
+# define HEADER_DSO_CONF_H
+
+# define DSO_EXTENSION ".so"
+#endif
diff --git a/doc-nits b/doc-nits
new file mode 100644
index 0000000..e69de29
diff --git a/fuzz/asn1-test b/fuzz/asn1-test
new file mode 100755
index 0000000..213ae9b
Binary files /dev/null and b/fuzz/asn1-test differ
diff --git a/fuzz/asn1parse-test b/fuzz/asn1parse-test
new file mode 100755
index 0000000..8a09d26
Binary files /dev/null and b/fuzz/asn1parse-test differ
diff --git a/fuzz/bignum-test b/fuzz/bignum-test
new file mode 100755
index 0000000..9fdbae9
Binary files /dev/null and b/fuzz/bignum-test differ
diff --git a/fuzz/bndiv-test b/fuzz/bndiv-test
new file mode 100755
index 0000000..f3325e6
Binary files /dev/null and b/fuzz/bndiv-test differ
diff --git a/fuzz/client-test b/fuzz/client-test
new file mode 100755
index 0000000..fed6d93
Binary files /dev/null and b/fuzz/client-test differ
diff --git a/fuzz/cms-test b/fuzz/cms-test
new file mode 100755
index 0000000..a21e911
Binary files /dev/null and b/fuzz/cms-test differ
diff --git a/fuzz/conf-test b/fuzz/conf-test
new file mode 100755
index 0000000..99514e2
Binary files /dev/null and b/fuzz/conf-test differ
diff --git a/fuzz/crl-test b/fuzz/crl-test
new file mode 100755
index 0000000..857fc61
Binary files /dev/null and b/fuzz/crl-test differ
diff --git a/fuzz/ct-test b/fuzz/ct-test
new file mode 100755
index 0000000..ee3b2e2
Binary files /dev/null and b/fuzz/ct-test differ
diff --git a/fuzz/server-test b/fuzz/server-test
new file mode 100755
index 0000000..ee56e43
Binary files /dev/null and b/fuzz/server-test differ
diff --git a/fuzz/x509-test b/fuzz/x509-test
new file mode 100755
index 0000000..e7c90b2
Binary files /dev/null and b/fuzz/x509-test differ
diff --git a/test/ssltest_old b/test/ssltest_old
new file mode 100755
index 0000000..3e3a27d
Binary files /dev/null and b/test/ssltest_old differ
diff --git a/test/v3ext b/test/v3ext
new file mode 100755
index 0000000..09a0c3a
Binary files /dev/null and b/test/v3ext differ
diff --git a/test/x509aux b/test/x509aux
new file mode 100755
index 0000000..35378a8
Binary files /dev/null and b/test/x509aux differ
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
